diff options
Diffstat (limited to 'branding/scripts')
-rwxr-xr-x | branding/scripts/check-ca-crt.py | 26 | ||||
-rwxr-xr-x | branding/scripts/vendorize.py | 24 |
2 files changed, 39 insertions, 11 deletions
diff --git a/branding/scripts/check-ca-crt.py b/branding/scripts/check-ca-crt.py index 6462467..431d059 100755 --- a/branding/scripts/check-ca-crt.py +++ b/branding/scripts/check-ca-crt.py @@ -1,29 +1,37 @@ #!/usr/bin/env python3 import re import sys +import configparser import urllib.request SCRIPT_NAME = 'check-ca-crt.py' USAGE = '''Check that the stored provider CA matches the one announced online. -Usage: {name} <provider> <uri> +Usage: {name} <provider> <config> -Example: {name} riseup black.riseup.net'''.format(name=SCRIPT_NAME) +Example: {name} riseup branding/config/vendor.conf'''.format(name=SCRIPT_NAME) def getLocalCert(provider): sanitized = re.sub(r'[^\w\s-]', '', provider).strip().lower() - with open('config/{provider}-ca.crt'.format(provider=sanitized)) as crt: + with open('branding/config/' + '{provider}-ca.crt'.format(provider=sanitized)) as crt: return crt.read().strip() def getRemoteCert(uri): - fp = urllib.request.urlopen('https://' + uri + '/ca.crt') + fp = urllib.request.urlopen(uri) remote_cert = fp.read().decode('utf-8').strip() fp.close() return remote_cert +def getUriForProvider(provider, configfile): + c = configparser.ConfigParser() + c.read(configfile) + return c[provider]['caURL'] + + if __name__ == '__main__': if len(sys.argv) != 3: @@ -32,7 +40,13 @@ if __name__ == '__main__': sys.exit(1) provider = sys.argv[1] - uri = sys.argv[2] + config = sys.argv[2] + + try: + uri = getUriForProvider(provider, config) + except IndexError: + print('[!] Misconfigured provider') + sys.exit(1) local = getLocalCert(provider) remote = getRemoteCert(uri) @@ -43,4 +57,4 @@ if __name__ == '__main__': print('[!] ERROR: remote and local CA certs do not match') sys.exit(1) else: - print('OK') + print('OK: local CA matches what provider announces') diff --git a/branding/scripts/vendorize.py b/branding/scripts/vendorize.py index 46cc1e6..c600967 100755 --- a/branding/scripts/vendorize.py +++ b/branding/scripts/vendorize.py @@ -1,5 +1,6 @@ #!/usr/bin/env python3 +import datetime import os import sys @@ -12,11 +13,20 @@ CONFIGFILE = 'config/vendor.conf' SCRIPT_NAME = 'vendorize' -def getProviderData(config): - default = config['default']['provider'] - print("[+] Configured provider:", default) +def getDefaultProvider(config): + provider = os.environ.get('PROVIDER') + if provider: + print('[+] Got provider {} from environemnt'.format(provider)) + else: + print('[+] Using default provider from config file') + provider = config['default']['provider'] + return provider + - c = config[default] +def getProviderData(provider, config): + print("[+] Configured provider:", provider) + + c = config[provider] d = dict() keys = ('name', 'applicationName', 'binaryName', @@ -26,6 +36,9 @@ def getProviderData(config): for value in keys: d[value] = c.get(value) + d['timeStamp'] = '{:%Y-%m-%d %H:%M:%S}'.format( + datetime.datetime.now()) + return d @@ -90,7 +103,8 @@ if __name__ == "__main__": config = configparser.ConfigParser() config.read(configfile) - data = getProviderData(config) + provider = getDefaultProvider(config) + data = getProviderData(provider, config) addCaData(data, configfile) writeOutput(data, infile, outfile) |