cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2025-05-09 11:37:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request from corubba/bugfix/pyOpenSSL

Browse Source 
Small bugfixes
This commit is contained in:
jbe-dw 2022-05-23 13:59:18 +02:00 committed by GitHub
commit e81453c5e3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 51 additions and 45 deletions

0
migrations/versions/1274ed462010_remove_all_settings_in_the_db.py → migrations/versions/31a4ed468b18_remove_all_settings_in_the_db.py

86
powerdnsadmin/lib/certutil.py

@ -1,48 +1,58 @@
from OpenSSL import crypto import datetime
from datetime import datetime
import pytz
import os import os
from cryptography import x509
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.x509.oid import NameOID
CRYPT_PATH = os.path.abspath(os.path.dirname(os.path.realpath(__file__)) + "/../../") CRYPT_PATH = os.path.abspath(os.path.dirname(os.path.realpath(__file__)) + "/../../")
CERT_FILE = CRYPT_PATH + "/saml_cert.crt" CERT_FILE = CRYPT_PATH + "/saml_cert.crt"
KEY_FILE = CRYPT_PATH + "/saml_cert.key" KEY_FILE = CRYPT_PATH + "/saml_cert.key"
def check_certificate():
if not os.path.isfile(CERT_FILE):
return False
st_cert = open(CERT_FILE, 'rt').read()
cert = crypto.load_certificate(crypto.FILETYPE_PEM, st_cert)
now = datetime.now(pytz.utc)
begin = datetime.strptime(cert.get_notBefore(), "%Y%m%d%H%M%SZ").replace(tzinfo=pytz.UTC)
begin_ok = begin < now
end = datetime.strptime(cert.get_notAfter(), "%Y%m%d%H%M%SZ").replace(tzinfo=pytz.UTC)
end_ok = end > now
if begin_ok and end_ok:
return True
return False
def create_self_signed_cert(): def create_self_signed_cert():
""" Generate a new self-signed RSA-2048-SHA256 x509 certificate. """
# Generate our key
key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
)
# create a key pair # Write our key to disk for safe keeping
k = crypto.PKey() with open(KEY_FILE, "wb") as key_file:
k.generate_key(crypto.TYPE_RSA, 2048) key_file.write(key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption(),
))
# create a self-signed cert # Various details about who we are. For a self-signed certificate the
cert = crypto.X509() # subject and issuer are always the same.
cert.get_subject().C = "DE" subject = issuer = x509.Name([
cert.get_subject().ST = "NRW" x509.NameAttribute(NameOID.COUNTRY_NAME, "DE"),
cert.get_subject().L = "Dortmund" x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "NRW"),
cert.get_subject().O = "Dummy Company Ltd" x509.NameAttribute(NameOID.LOCALITY_NAME, "Dortmund"),
cert.get_subject().OU = "Dummy Company Ltd" x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Dummy Company Ltd"),
cert.get_subject().CN = "PowerDNS-Admin" x509.NameAttribute(NameOID.ORGANIZATIONAL_UNIT_NAME, "Dummy Company Ltd"),
cert.set_serial_number(1000) x509.NameAttribute(NameOID.COMMON_NAME, "PowerDNS-Admin"),
cert.gmtime_adj_notBefore(0) ])
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(k)
cert.sign(k, 'sha256')
open(CERT_FILE, "bw").write( cert = x509.CertificateBuilder().subject_name(
crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) subject
open(KEY_FILE, "bw").write( ).issuer_name(
crypto.dump_privatekey(crypto.FILETYPE_PEM, k)) issuer
).public_key(
key.public_key()
).serial_number(
x509.random_serial_number()
).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10*365)
).sign(key, hashes.SHA256())
# Write our certificate out to disk.
with open(CERT_FILE, "wb") as cert_file:
cert_file.write(cert.public_bytes(serialization.Encoding.PEM))

5
powerdnsadmin/models/user.py

@ -83,10 +83,7 @@ class User(db.Model):
return False return False
def get_id(self): def get_id(self):
try: return str(self.id)
return unicode(self.id) # python 2
except NameError:
return str(self.id) # python 3
def __repr__(self): def __repr__(self):
return '<User {0}>'.format(self.username) return '<User {0}>'.format(self.username)

2
powerdnsadmin/templates/domain.html

@ -60,6 +60,7 @@
{% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %} {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
<th >Changelog</th> <th >Changelog</th>
{% endif %} {% endif %}
<th>Invisible Sorting Column</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
@ -104,7 +105,6 @@
<button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button> <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
</td> </td>
{% endif %} {% endif %}
</td>
{% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %} {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
<td width="6%"> <td width="6%">
<button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-flat btn-primary">&nbsp;&nbsp; <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-flat btn-primary">&nbsp;&nbsp;

1
requirements.txt

@ -14,7 +14,6 @@ qrcode==6.1
dnspython>=1.16.0 dnspython>=1.16.0
gunicorn==20.0.4 gunicorn==20.0.4
python3-saml python3-saml
pyOpenSSL==19.1.0
pytz==2020.1 pytz==2020.1
cssmin==0.2.0 cssmin==0.2.0
jsmin==3.0.0 jsmin==3.0.0