diff options
author | Ruben Pollan <meskio@sindominio.net> | 2016-09-27 15:48:29 -0500 |
---|---|---|
committer | Ruben Pollan <meskio@sindominio.net> | 2016-09-27 21:40:28 -0500 |
commit | 0a0bdc9abbca1d07c1af781567e3a51c529c0447 (patch) | |
tree | 883b70f8ebc5825fe1cad7a865d5ab0f0845149d /src/leap/bitmask/core/mail_services.py | |
parent | 125c711cd5b6faa4e6d62d18dde61dac90471f39 (diff) |
[feat] Fetch smtp cert automatically if missing
It's missing dealing with expired certs.
I remove get_smtp_certificate core command.
- Closes: #8486
Diffstat (limited to 'src/leap/bitmask/core/mail_services.py')
-rw-r--r-- | src/leap/bitmask/core/mail_services.py | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/src/leap/bitmask/core/mail_services.py b/src/leap/bitmask/core/mail_services.py index a3cf692e..91d8fcaa 100644 --- a/src/leap/bitmask/core/mail_services.py +++ b/src/leap/bitmask/core/mail_services.py @@ -35,6 +35,7 @@ from twisted.python import log # TODO move to bitmask.common from leap.common.service_hooks import HookableService +from leap.common.files import check_and_fix_urw_only from leap.bitmask.bonafide import config from leap.bitmask.keymanager import KeyManager from leap.bitmask.keymanager.errors import KeyNotFound @@ -488,6 +489,26 @@ class StandardMailService(service.MultiService, HookableService): # TODO --- only start instance if "autostart" is True. self.startInstance(userid, soledad, keymanager) + @defer.inlineCallbacks + def hook_on_bonafide_auth(self, **kw): + # TODO: if it's expired we should renew it + userid = kw['username'] + username, provider = userid.split('@') + cert_path = _get_smtp_client_cert_path(self._basedir, provider, + username) + if os.path.exists(cert_path): + return + + bonafide = self.parent.getServiceNamed("bonafide") + _, cert_str = yield bonafide.do_get_smtp_cert(userid) + + cert_dir = os.path.dirname(cert_path) + if not os.path.exists(cert_dir): + os.makedirs(cert_dir, mode=0700) + with open(cert_path, 'w') as outf: + outf.write(cert_str) + check_and_fix_urw_only(cert_path) + # commands def do_status(self): @@ -501,10 +522,6 @@ class StandardMailService(service.MultiService, HookableService): token = self._service_tokens.get(active_user) return defer.succeed({'user': active_user, 'token': token}) - def do_get_smtp_cert_path(self, userid): - username, provider = userid.split('@') - return _get_smtp_client_cert_path(self._basedir, provider, username) - # access to containers def get_soledad_session(self, userid): |