Mercurial > libervia-backend
comparison sat/tools/common/tls.py @ 4037:524856bd7b19
massive refactoring to switch from camelCase to snake_case:
historically, Libervia (SàT before) was using camelCase as allowed by PEP8 when using a
pre-PEP8 code, to use the same coding style as in Twisted.
However, snake_case is more readable and it's better to follow PEP8 best practices, so it
has been decided to move on full snake_case. Because Libervia has a huge codebase, this
ended with a ugly mix of camelCase and snake_case.
To fix that, this patch does a big refactoring by renaming every function and method
(including bridge) that are not coming from Twisted or Wokkel, to use fully snake_case.
This is a massive change, and may result in some bugs.
author | Goffi <goffi@goffi.org> |
---|---|
date | Sat, 08 Apr 2023 13:54:42 +0200 |
parents | 7550ae9cfbac |
children |
comparison
equal
deleted
inserted
replaced
4036:c4464d7ae97b | 4037:524856bd7b19 |
---|---|
31 | 31 |
32 | 32 |
33 log = getLogger(__name__) | 33 log = getLogger(__name__) |
34 | 34 |
35 | 35 |
36 def getOptionsFromConfig(config, section=""): | 36 def get_options_from_config(config, section=""): |
37 options = {} | 37 options = {} |
38 for option in ('tls_certificate', 'tls_private_key', 'tls_chain'): | 38 for option in ('tls_certificate', 'tls_private_key', 'tls_chain'): |
39 options[option] = tools_config.getConfig(config, section, option) | 39 options[option] = tools_config.config_get(config, section, option) |
40 return options | 40 return options |
41 | 41 |
42 | 42 |
43 def TLSOptionsCheck(options): | 43 def tls_options_check(options): |
44 """Check options coherence if TLS is activated, and update missing values | 44 """Check options coherence if TLS is activated, and update missing values |
45 | 45 |
46 Must be called only if TLS is activated | 46 Must be called only if TLS is activated |
47 """ | 47 """ |
48 if not options["tls_certificate"]: | 48 if not options["tls_certificate"]: |
50 "a TLS certificate is needed to activate HTTPS connection") | 50 "a TLS certificate is needed to activate HTTPS connection") |
51 if not options["tls_private_key"]: | 51 if not options["tls_private_key"]: |
52 options["tls_private_key"] = options["tls_certificate"] | 52 options["tls_private_key"] = options["tls_certificate"] |
53 | 53 |
54 | 54 |
55 def loadCertificates(f): | 55 def load_certificates(f): |
56 """Read a .pem file with a list of certificates | 56 """Read a .pem file with a list of certificates |
57 | 57 |
58 @param f (file): file obj (opened .pem file) | 58 @param f (file): file obj (opened .pem file) |
59 @return (list[OpenSSL.crypto.X509]): list of certificates | 59 @return (list[OpenSSL.crypto.X509]): list of certificates |
60 @raise OpenSSL.crypto.Error: error while parsing the file | 60 @raise OpenSSL.crypto.Error: error while parsing the file |
76 elif not line: | 76 elif not line: |
77 log.debug(f"{len(certificates)} certificate(s) found") | 77 log.debug(f"{len(certificates)} certificate(s) found") |
78 return certificates | 78 return certificates |
79 | 79 |
80 | 80 |
81 def loadPKey(f): | 81 def load_p_key(f): |
82 """Read a private key from a .pem file | 82 """Read a private key from a .pem file |
83 | 83 |
84 @param f (file): file obj (opened .pem file) | 84 @param f (file): file obj (opened .pem file) |
85 @return (list[OpenSSL.crypto.PKey]): private key object | 85 @return (list[OpenSSL.crypto.PKey]): private key object |
86 @raise OpenSSL.crypto.Error: error while parsing the file | 86 @raise OpenSSL.crypto.Error: error while parsing the file |
87 """ | 87 """ |
88 return OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, f.read()) | 88 return OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, f.read()) |
89 | 89 |
90 | 90 |
91 def loadCertificate(f): | 91 def load_certificate(f): |
92 """Read a public certificate from a .pem file | 92 """Read a public certificate from a .pem file |
93 | 93 |
94 @param f (file): file obj (opened .pem file) | 94 @param f (file): file obj (opened .pem file) |
95 @return (list[OpenSSL.crypto.X509]): public certificate | 95 @return (list[OpenSSL.crypto.X509]): public certificate |
96 @raise OpenSSL.crypto.Error: error while parsing the file | 96 @raise OpenSSL.crypto.Error: error while parsing the file |
97 """ | 97 """ |
98 return OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, f.read()) | 98 return OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, f.read()) |
99 | 99 |
100 | 100 |
101 def getTLSContextFactory(options): | 101 def get_tls_context_factory(options): |
102 """Load TLS certificate and build the context factory needed for listenSSL""" | 102 """Load TLS certificate and build the context factory needed for listenSSL""" |
103 if ssl is None: | 103 if ssl is None: |
104 raise ImportError("Python module pyOpenSSL is not installed!") | 104 raise ImportError("Python module pyOpenSSL is not installed!") |
105 | 105 |
106 cert_options = {} | 106 cert_options = {} |
107 | 107 |
108 for name, option, method in [ | 108 for name, option, method in [ |
109 ("privateKey", "tls_private_key", loadPKey), | 109 ("privateKey", "tls_private_key", load_p_key), |
110 ("certificate", "tls_certificate", loadCertificate), | 110 ("certificate", "tls_certificate", load_certificate), |
111 ("extraCertChain", "tls_chain", loadCertificates), | 111 ("extraCertChain", "tls_chain", load_certificates), |
112 ]: | 112 ]: |
113 path = options[option] | 113 path = options[option] |
114 if not path: | 114 if not path: |
115 assert option == "tls_chain" | 115 assert option == "tls_chain" |
116 continue | 116 continue |