diff options
author | Folker Bernitt <fbernitt@thoughtworks.com> | 2015-03-30 13:18:02 +0200 |
---|---|---|
committer | Folker Bernitt <fbernitt@thoughtworks.com> | 2015-03-30 13:18:02 +0200 |
commit | f73a010925338f149410172c33df113947c371fc (patch) | |
tree | 71ab71a12ecc8eaf74ab09cb95adffa9b0541363 /service/pixelated/bitmask_libraries | |
parent | 2ec7bcfd32c2151e2e42ae7b19631dcc4018f93e (diff) |
Auto refresh provider certificate on start.
- Issue #333
Diffstat (limited to 'service/pixelated/bitmask_libraries')
-rw-r--r-- | service/pixelated/bitmask_libraries/certs.py | 15 | ||||
-rw-r--r-- | service/pixelated/bitmask_libraries/session.py | 2 |
2 files changed, 15 insertions, 2 deletions
diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index bafc809d..6b12bce4 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -36,6 +36,10 @@ def which_bootstrap_bundle(provider): return str(LeapCertificate(provider).auto_detect_bootstrap_ca_bundle()) +def refresh_ca_bundle(provider): + LeapCertificate(provider).refresh_ca_bundle() + + class LeapCertificate(object): def __init__(self, provider): self._config = provider.config @@ -57,14 +61,21 @@ class LeapCertificate(object): if self._provider.config.ca_cert_bundle: return self._provider.config.ca_cert_bundle - certs_root = self._provider_certs_root_path() - cert_file = os.path.join(certs_root, 'provider.pem') + cert_file = self._provider_cert_file() if not os.path.isfile(cert_file): self._download_server_cert(cert_file) return cert_file + def refresh_ca_bundle(self): + cert_file = self._provider_cert_file() + self._download_server_cert(cert_file) + + def _provider_cert_file(self): + certs_root = self._provider_certs_root_path() + return os.path.join(certs_root, 'provider.pem') + def _provider_certs_root_path(self): path = os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client') if not os.path.isdir(path): diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index b23d964f..c0c8f712 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -24,6 +24,7 @@ from leap.mail.imap.memorystore import MemoryStore from leap.mail.imap.soledadstore import SoledadStore from pixelated.bitmask_libraries.config import LeapConfig from pixelated.bitmask_libraries.provider import LeapProvider +from pixelated.bitmask_libraries.certs import refresh_ca_bundle from twisted.internet import reactor from .nicknym import NickNym from .auth import LeapAuthenticator, LeapCredentials @@ -40,6 +41,7 @@ def open(username, password, server_name, leap_home=DEFAULT_LEAP_HOME): config = LeapConfig(leap_home=leap_home, certs_home=certs_home) provider = LeapProvider(server_name, config) + refresh_ca_bundle(provider) session = LeapSessionFactory(provider).create(LeapCredentials(username, password)) return session |