summaryrefslogtreecommitdiff
path: root/branding/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'branding/scripts')
-rwxr-xr-xbranding/scripts/check-ca-crt.py26
-rwxr-xr-xbranding/scripts/vendorize.py24
2 files changed, 39 insertions, 11 deletions
diff --git a/branding/scripts/check-ca-crt.py b/branding/scripts/check-ca-crt.py
index 6462467..431d059 100755
--- a/branding/scripts/check-ca-crt.py
+++ b/branding/scripts/check-ca-crt.py
@@ -1,29 +1,37 @@
#!/usr/bin/env python3
import re
import sys
+import configparser
import urllib.request
SCRIPT_NAME = 'check-ca-crt.py'
USAGE = '''Check that the stored provider CA matches the one announced online.
-Usage: {name} <provider> <uri>
+Usage: {name} <provider> <config>
-Example: {name} riseup black.riseup.net'''.format(name=SCRIPT_NAME)
+Example: {name} riseup branding/config/vendor.conf'''.format(name=SCRIPT_NAME)
def getLocalCert(provider):
sanitized = re.sub(r'[^\w\s-]', '', provider).strip().lower()
- with open('config/{provider}-ca.crt'.format(provider=sanitized)) as crt:
+ with open('branding/config/'
+ '{provider}-ca.crt'.format(provider=sanitized)) as crt:
return crt.read().strip()
def getRemoteCert(uri):
- fp = urllib.request.urlopen('https://' + uri + '/ca.crt')
+ fp = urllib.request.urlopen(uri)
remote_cert = fp.read().decode('utf-8').strip()
fp.close()
return remote_cert
+def getUriForProvider(provider, configfile):
+ c = configparser.ConfigParser()
+ c.read(configfile)
+ return c[provider]['caURL']
+
+
if __name__ == '__main__':
if len(sys.argv) != 3:
@@ -32,7 +40,13 @@ if __name__ == '__main__':
sys.exit(1)
provider = sys.argv[1]
- uri = sys.argv[2]
+ config = sys.argv[2]
+
+ try:
+ uri = getUriForProvider(provider, config)
+ except IndexError:
+ print('[!] Misconfigured provider')
+ sys.exit(1)
local = getLocalCert(provider)
remote = getRemoteCert(uri)
@@ -43,4 +57,4 @@ if __name__ == '__main__':
print('[!] ERROR: remote and local CA certs do not match')
sys.exit(1)
else:
- print('OK')
+ print('OK: local CA matches what provider announces')
diff --git a/branding/scripts/vendorize.py b/branding/scripts/vendorize.py
index 46cc1e6..c600967 100755
--- a/branding/scripts/vendorize.py
+++ b/branding/scripts/vendorize.py
@@ -1,5 +1,6 @@
#!/usr/bin/env python3
+import datetime
import os
import sys
@@ -12,11 +13,20 @@ CONFIGFILE = 'config/vendor.conf'
SCRIPT_NAME = 'vendorize'
-def getProviderData(config):
- default = config['default']['provider']
- print("[+] Configured provider:", default)
+def getDefaultProvider(config):
+ provider = os.environ.get('PROVIDER')
+ if provider:
+ print('[+] Got provider {} from environemnt'.format(provider))
+ else:
+ print('[+] Using default provider from config file')
+ provider = config['default']['provider']
+ return provider
+
- c = config[default]
+def getProviderData(provider, config):
+ print("[+] Configured provider:", provider)
+
+ c = config[provider]
d = dict()
keys = ('name', 'applicationName', 'binaryName',
@@ -26,6 +36,9 @@ def getProviderData(config):
for value in keys:
d[value] = c.get(value)
+ d['timeStamp'] = '{:%Y-%m-%d %H:%M:%S}'.format(
+ datetime.datetime.now())
+
return d
@@ -90,7 +103,8 @@ if __name__ == "__main__":
config = configparser.ConfigParser()
config.read(configfile)
- data = getProviderData(config)
+ provider = getDefaultProvider(config)
+ data = getProviderData(provider, config)
addCaData(data, configfile)
writeOutput(data, infile, outfile)