cwinfo/powerdns-admin
4
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2025-07-04 05:07:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1188 from corubba/bugfix/pyOpenSSL

Browse Source 
Small bugfixes
This commit is contained in:
jbe-dw
2022-05-23 13:59:18 +02:00
committed by GitHub
parent 83ed5cfb28 564ec6086d
commit e81453c5e3
5 changed files with 51 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
migrations/versions/1274ed462010_remove_all_settings_in_the_db.py → migrations/versions/31a4ed468b18_remove_all_settings_in_the_db.py
View File

86
powerdnsadmin/lib/certutil.py
View File

@ -1,48 +1,58 @@
from OpenSSL import crypto import datetime
from datetime import datetime
import pytz
import os import os
from cryptography import x509
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.x509.oid import NameOID
CRYPT_PATH = os.path.abspath(os.path.dirname(os.path.realpath(__file__)) + "/../../") CRYPT_PATH = os.path.abspath(os.path.dirname(os.path.realpath(__file__)) + "/../../")
CERT_FILE = CRYPT_PATH + "/saml_cert.crt" CERT_FILE = CRYPT_PATH + "/saml_cert.crt"
KEY_FILE = CRYPT_PATH + "/saml_cert.key" KEY_FILE = CRYPT_PATH + "/saml_cert.key"
def check_certificate():
if not os.path.isfile(CERT_FILE):
return False
st_cert = open(CERT_FILE, 'rt').read()
cert = crypto.load_certificate(crypto.FILETYPE_PEM, st_cert)
now = datetime.now(pytz.utc)
begin = datetime.strptime(cert.get_notBefore(), "%Y%m%d%H%M%SZ").replace(tzinfo=pytz.UTC)
begin_ok = begin < now
end = datetime.strptime(cert.get_notAfter(), "%Y%m%d%H%M%SZ").replace(tzinfo=pytz.UTC)
end_ok = end > now
if begin_ok and end_ok:
return True
return False
def create_self_signed_cert(): def create_self_signed_cert():
""" Generate a new self-signed RSA-2048-SHA256 x509 certificate. """
# Generate our key
key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
)
# create a key pair # Write our key to disk for safe keeping
k = crypto.PKey() with open(KEY_FILE, "wb") as key_file:
k.generate_key(crypto.TYPE_RSA, 2048) key_file.write(key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption(),
))
# create a self-signed cert # Various details about who we are. For a self-signed certificate the
cert = crypto.X509() # subject and issuer are always the same.
cert.get_subject().C = "DE" subject = issuer = x509.Name([
cert.get_subject().ST = "NRW" x509.NameAttribute(NameOID.COUNTRY_NAME, "DE"),
cert.get_subject().L = "Dortmund" x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "NRW"),
cert.get_subject().O = "Dummy Company Ltd" x509.NameAttribute(NameOID.LOCALITY_NAME, "Dortmund"),
cert.get_subject().OU = "Dummy Company Ltd" x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Dummy Company Ltd"),
cert.get_subject().CN = "PowerDNS-Admin" x509.NameAttribute(NameOID.ORGANIZATIONAL_UNIT_NAME, "Dummy Company Ltd"),
cert.set_serial_number(1000) x509.NameAttribute(NameOID.COMMON_NAME, "PowerDNS-Admin"),
cert.gmtime_adj_notBefore(0) ])
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(k)
cert.sign(k, 'sha256')
open(CERT_FILE, "bw").write( cert = x509.CertificateBuilder().subject_name(
crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) subject
open(KEY_FILE, "bw").write( ).issuer_name(
crypto.dump_privatekey(crypto.FILETYPE_PEM, k)) issuer
).public_key(
key.public_key()
).serial_number(
x509.random_serial_number()
).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10*365)
).sign(key, hashes.SHA256())
# Write our certificate out to disk.
with open(CERT_FILE, "wb") as cert_file:
cert_file.write(cert.public_bytes(serialization.Encoding.PEM))

5
powerdnsadmin/models/user.py
View File

@ -83,10 +83,7 @@ class User(db.Model):
return False return False
def get_id(self): def get_id(self):
try: return str(self.id)
return unicode(self.id) # python 2
except NameError:
return str(self.id) # python 3
def __repr__(self): def __repr__(self):
return '<User {0}>'.format(self.username) return '<User {0}>'.format(self.username)

2
powerdnsadmin/templates/domain.html
View File

@ -60,6 +60,7 @@
{% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %} {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
<th >Changelog</th> <th >Changelog</th>
{% endif %} {% endif %}
<th>Invisible Sorting Column</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
@ -104,7 +105,6 @@
<button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button> <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
</td> </td>
{% endif %} {% endif %}
</td>
{% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %} {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
<td width="6%"> <td width="6%">
<button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-flat btn-primary">&nbsp;&nbsp; <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-flat btn-primary">&nbsp;&nbsp;

1
requirements.txt
View File

@ -14,7 +14,6 @@ qrcode==6.1
dnspython>=1.16.0 dnspython>=1.16.0
gunicorn==20.0.4 gunicorn==20.0.4
python3-saml python3-saml
pyOpenSSL==19.1.0
pytz==2020.1 pytz==2020.1
cssmin==0.2.0 cssmin==0.2.0
jsmin==3.0.0 jsmin==3.0.0