SLFO-pool/salt
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
salt/remove-deprecated-code-from-x509.certificate_managed.patch

90 lines
3.5 KiB
Diff
Raw Permalink Blame History

From c30729e034e0f0291d6748806a30874f55c7560c Mon Sep 17 00:00:00 2001
From: Flex Liu <fliu@suse.com>
Date: Mon, 10 Mar 2025 19:59:46 +0800
Subject: [PATCH] Remove deprecated code from x509.certificate_managed
test mode
---
salt/states/x509.py | 65 +--------------------------------------------
1 file changed, 1 insertion(+), 64 deletions(-)
diff --git a/salt/states/x509.py b/salt/states/x509.py
index f9cbec87f9..788e827192 100644
--- a/salt/states/x509.py
+++ b/salt/states/x509.py
@@ -705,70 +705,7 @@ def certificate_managed(name, days_remaining=90, append_certs=None, **kwargs):
"Old": invalid_reason,
"New": "Certificate will be valid and up to date",
}
- private_key_args.update(managed_private_key)
- kwargs["public_key_passphrase"] = private_key_args["passphrase"]
-
- if private_key_args["new"]:
- rotate_private_key = True
- private_key_args["new"] = False
-
- if _check_private_key(
- private_key_args["name"],
- bits=private_key_args["bits"],
- passphrase=private_key_args["passphrase"],
- new=private_key_args["new"],
- overwrite=private_key_args["overwrite"],
- ):
- private_key = __salt__["x509.get_pem_entry"](
- private_key_args["name"], pem_type="RSA PRIVATE KEY"
- )
- else:
- new_private_key = True
- private_key = __salt__["x509.create_private_key"](
- text=True,
- bits=private_key_args["bits"],
- passphrase=private_key_args["passphrase"],
- cipher=private_key_args["cipher"],
- verbose=private_key_args["verbose"],
- )
-
- kwargs["public_key"] = private_key
-
- current_days_remaining = 0
- current_comp = {}
-
- if os.path.isfile(name):
- try:
- current = __salt__["x509.read_certificate"](certificate=name)
- current_comp = copy.deepcopy(current)
- if "serial_number" not in kwargs:
- current_comp.pop("Serial Number")
- if "signing_cert" not in kwargs:
- try:
- current_comp["X509v3 Extensions"][
- "authorityKeyIdentifier"
- ] = re.sub(
- r"serial:([0-9A-F]{2}:)*[0-9A-F]{2}",
- "serial:--",
- current_comp["X509v3 Extensions"]["authorityKeyIdentifier"],
- )
- except KeyError:
- pass
- current_comp.pop("Not Before")
- current_comp.pop("MD5 Finger Print")
- current_comp.pop("SHA1 Finger Print")
- current_comp.pop("SHA-256 Finger Print")
- current_notafter = current_comp.pop("Not After")
- current_days_remaining = (
- datetime.datetime.strptime(current_notafter, "%Y-%m-%d %H:%M:%S")
- - datetime.datetime.now()
- ).days
- if days_remaining == 0:
- days_remaining = current_days_remaining - 1
- except salt.exceptions.SaltInvocationError:
- current = "{} is not a valid Certificate.".format(name)
- else:
- current = "{} does not exist.".format(name)
+ return ret
contents = __salt__["x509.create_certificate"](text=True, **kwargs)
# Check the module actually returned a cert and not an error message as a string
--
2.48.1
Reference in New Issue View Git Blame Copy Permalink