uyuni/salt
SHA256
6
0
Fork 0
forked from pool/salt
Code Pull Requests Activity
Files
factory
salt/remove-deprecated-code-from-x509.certificate_managed.patch
Pablo Suárez Hernández ba0303f989 Accepting request 1251822 from home:vizhestkov:branches:systemsmanagement:saltstack 
- Detect openEuler as RedHat family OS
- Ensure the correct crypt module is loaded
- Implement multiple inventory for ansible.targets
- Make x509 module compatible with M2Crypto 0.44.0
- Remove deprecated code from x509.certificate_managed test mode
- Move logrotate config to /usr/etc/logrotate.d where possible
- Added:
  * detect-openeuler-as-redhat-family-os.patch
  * ensure-the-correct-crypt-module-is-loaded.patch
  * implement-multiple-inventory-for-ansible.targets.patch
  * make-x509-module-compatible-with-m2crypto-0.44.0.patch
  * remove-deprecated-code-from-x509.certificate_managed.patch

OBS-URL: https://build.opensuse.org/request/show/1251822
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=276
2025-03-10 15:05:42 +00:00

90 lines
3.5 KiB
Diff
Raw Permalink Blame History

From c30729e034e0f0291d6748806a30874f55c7560c Mon Sep 17 00:00:00 2001
From: Flex Liu <fliu@suse.com>
Date: Mon, 10 Mar 2025 19:59:46 +0800
Subject: [PATCH] Remove deprecated code from x509.certificate_managed
test mode
---
salt/states/x509.py | 65 +--------------------------------------------
1 file changed, 1 insertion(+), 64 deletions(-)
diff --git a/salt/states/x509.py b/salt/states/x509.py
index f9cbec87f9..788e827192 100644
--- a/salt/states/x509.py
+++ b/salt/states/x509.py
@@ -705,70 +705,7 @@ def certificate_managed(name, days_remaining=90, append_certs=None, **kwargs):
"Old": invalid_reason,
"New": "Certificate will be valid and up to date",
}
- private_key_args.update(managed_private_key)
- kwargs["public_key_passphrase"] = private_key_args["passphrase"]
-
- if private_key_args["new"]:
- rotate_private_key = True
- private_key_args["new"] = False
-
- if _check_private_key(
- private_key_args["name"],
- bits=private_key_args["bits"],
- passphrase=private_key_args["passphrase"],
- new=private_key_args["new"],
- overwrite=private_key_args["overwrite"],
- ):
- private_key = __salt__["x509.get_pem_entry"](
- private_key_args["name"], pem_type="RSA PRIVATE KEY"
- )
- else:
- new_private_key = True
- private_key = __salt__["x509.create_private_key"](
- text=True,
- bits=private_key_args["bits"],
- passphrase=private_key_args["passphrase"],
- cipher=private_key_args["cipher"],
- verbose=private_key_args["verbose"],
- )
-
- kwargs["public_key"] = private_key
-
- current_days_remaining = 0
- current_comp = {}
-
- if os.path.isfile(name):
- try:
- current = __salt__["x509.read_certificate"](certificate=name)
- current_comp = copy.deepcopy(current)
- if "serial_number" not in kwargs:
- current_comp.pop("Serial Number")
- if "signing_cert" not in kwargs:
- try:
- current_comp["X509v3 Extensions"][
- "authorityKeyIdentifier"
- ] = re.sub(
- r"serial:([0-9A-F]{2}:)*[0-9A-F]{2}",
- "serial:--",
- current_comp["X509v3 Extensions"]["authorityKeyIdentifier"],
- )
- except KeyError:
- pass
- current_comp.pop("Not Before")
- current_comp.pop("MD5 Finger Print")
- current_comp.pop("SHA1 Finger Print")
- current_comp.pop("SHA-256 Finger Print")
- current_notafter = current_comp.pop("Not After")
- current_days_remaining = (
- datetime.datetime.strptime(current_notafter, "%Y-%m-%d %H:%M:%S")
- - datetime.datetime.now()
- ).days
- if days_remaining == 0:
- days_remaining = current_days_remaining - 1
- except salt.exceptions.SaltInvocationError:
- current = "{} is not a valid Certificate.".format(name)
- else:
- current = "{} does not exist.".format(name)
+ return ret
contents = __salt__["x509.create_certificate"](text=True, **kwargs)
# Check the module actually returned a cert and not an error message as a string
--
2.48.1
View Git Blame Copy Permalink