pool/cepces
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f2d75510ac
cepces/0001-Allow-overriding-of-server-auth-from-the-command-lin.patch
Neal Gompa 5d40dff8d5 Accepting request 903556 from home:dmulder:certmonger 
This is a dependency of Samba's Certificate Auto Enrollment. It extends certmonger to support auto enrollment to a Microsoft CA.

OBS-URL: https://build.opensuse.org/request/show/903556
OBS-URL: https://build.opensuse.org/package/show/security:idm/cepces?expand=0&rev=1
2021-07-02 10:43:16 +00:00

85 lines
2.9 KiB
Diff
Raw Blame History

From 2a14f639aa32948a505c0829344bfef65b8bf9b0 Mon Sep 17 00:00:00 2001
From: David Mulder <dmulder@suse.com>
Date: Wed, 30 Jun 2021 09:47:29 -0600
Subject: [PATCH] Allow overriding of server/auth from the command line
Allowing the overriding of the auth and server
parameters from the command line makes it
possible to enroll with multiple CAs.
---
bin/cepces-submit | 20 +++++++++++++++++---
cepces/config.py | 6 +++++-
2 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/bin/cepces-submit b/bin/cepces-submit
index 1fd7b4b..6614db8 100755
--- a/bin/cepces-submit
+++ b/bin/cepces-submit
@@ -27,9 +27,10 @@ from cepces.certmonger.operation import Operation
from cepces.config import Configuration
from cepces.core import Service
from cepces.log import init_logging
+import argparse
-def main():
+def main(global_overrides):
"""Main function."""
# Initialize logging.
init_logging()
@@ -58,7 +59,7 @@ def main():
else:
try:
# Load the configuration and instantiate a service.
- config = Configuration.load()
+ config = Configuration.load(global_overrides=global_overrides)
service = Service(config)
# Call the operation.
@@ -71,4 +72,17 @@ def main():
if __name__ == '__main__':
- main()
+ parser = argparse.ArgumentParser(description='cepces submission helper for certmonger')
+ parser.add_argument('--server', help='Hostname of the issuing certification authority')
+ parser.add_argument('--auth', help='Authentication mechanism used for connecting to the service',
+ choices=['Anonymous', 'Kerberos', 'UsernamePassword', 'Certificate'],
+ default='Kerberos')
+ args = parser.parse_args()
+ if args.server is not None:
+ global_overrides = args.__dict__
+ endpoint = 'https://%s/ADPolicyProvider_CEP_%s/service.svc/CEP' % (args.server, args.auth)
+ global_overrides['endpoint'] = endpoint
+ else:
+ global_overrides = {}
+
+ main(global_overrides)
diff --git a/cepces/config.py b/cepces/config.py
index 427f38f..acecb6f 100644
--- a/cepces/config.py
+++ b/cepces/config.py
@@ -84,7 +84,7 @@ class Configuration(Base):
return self._auth
@classmethod
- def load(cls, files=None, dirs=None):
+ def load(cls, files=None, dirs=None, global_overrides={}):
"""Load configuration files and directories and instantiate a new
Configuration."""
name = '{}.{}'.format(
@@ -128,6 +128,10 @@ class Configuration(Base):
logger.debug('Reading: {0:s}'.format(path.__str__()))
config.read(path)
+ # Override globals set from the command line
+ for key, val in global_overrides.items():
+ config['global'][key] = val
+
return Configuration.from_parser(config)
@classmethod
--
2.31.1
Reference in New Issue View Git Blame Copy Permalink