Mercurial > libervia-backend
comparison sat/tools/common/tls.py @ 4037:524856bd7b19
massive refactoring to switch from camelCase to snake_case:
historically, Libervia (SàT before) was using camelCase as allowed by PEP8 when using a
pre-PEP8 code, to use the same coding style as in Twisted.
However, snake_case is more readable and it's better to follow PEP8 best practices, so it
has been decided to move on full snake_case. Because Libervia has a huge codebase, this
ended with a ugly mix of camelCase and snake_case.
To fix that, this patch does a big refactoring by renaming every function and method
(including bridge) that are not coming from Twisted or Wokkel, to use fully snake_case.
This is a massive change, and may result in some bugs.
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sat, 08 Apr 2023 13:54:42 +0200 |
| parents | 7550ae9cfbac |
| children |
comparison
equal
deleted
inserted
replaced
| 4036:c4464d7ae97b | 4037:524856bd7b19 |
|---|---|
| 31 | 31 |
| 32 | 32 |
| 33 log = getLogger(__name__) | 33 log = getLogger(__name__) |
| 34 | 34 |
| 35 | 35 |
| 36 def getOptionsFromConfig(config, section=""): | 36 def get_options_from_config(config, section=""): |
| 37 options = {} | 37 options = {} |
| 38 for option in ('tls_certificate', 'tls_private_key', 'tls_chain'): | 38 for option in ('tls_certificate', 'tls_private_key', 'tls_chain'): |
| 39 options[option] = tools_config.getConfig(config, section, option) | 39 options[option] = tools_config.config_get(config, section, option) |
| 40 return options | 40 return options |
| 41 | 41 |
| 42 | 42 |
| 43 def TLSOptionsCheck(options): | 43 def tls_options_check(options): |
| 44 """Check options coherence if TLS is activated, and update missing values | 44 """Check options coherence if TLS is activated, and update missing values |
| 45 | 45 |
| 46 Must be called only if TLS is activated | 46 Must be called only if TLS is activated |
| 47 """ | 47 """ |
| 48 if not options["tls_certificate"]: | 48 if not options["tls_certificate"]: |
| 50 "a TLS certificate is needed to activate HTTPS connection") | 50 "a TLS certificate is needed to activate HTTPS connection") |
| 51 if not options["tls_private_key"]: | 51 if not options["tls_private_key"]: |
| 52 options["tls_private_key"] = options["tls_certificate"] | 52 options["tls_private_key"] = options["tls_certificate"] |
| 53 | 53 |
| 54 | 54 |
| 55 def loadCertificates(f): | 55 def load_certificates(f): |
| 56 """Read a .pem file with a list of certificates | 56 """Read a .pem file with a list of certificates |
| 57 | 57 |
| 58 @param f (file): file obj (opened .pem file) | 58 @param f (file): file obj (opened .pem file) |
| 59 @return (list[OpenSSL.crypto.X509]): list of certificates | 59 @return (list[OpenSSL.crypto.X509]): list of certificates |
| 60 @raise OpenSSL.crypto.Error: error while parsing the file | 60 @raise OpenSSL.crypto.Error: error while parsing the file |
| 76 elif not line: | 76 elif not line: |
| 77 log.debug(f"{len(certificates)} certificate(s) found") | 77 log.debug(f"{len(certificates)} certificate(s) found") |
| 78 return certificates | 78 return certificates |
| 79 | 79 |
| 80 | 80 |
| 81 def loadPKey(f): | 81 def load_p_key(f): |
| 82 """Read a private key from a .pem file | 82 """Read a private key from a .pem file |
| 83 | 83 |
| 84 @param f (file): file obj (opened .pem file) | 84 @param f (file): file obj (opened .pem file) |
| 85 @return (list[OpenSSL.crypto.PKey]): private key object | 85 @return (list[OpenSSL.crypto.PKey]): private key object |
| 86 @raise OpenSSL.crypto.Error: error while parsing the file | 86 @raise OpenSSL.crypto.Error: error while parsing the file |
| 87 """ | 87 """ |
| 88 return OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, f.read()) | 88 return OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, f.read()) |
| 89 | 89 |
| 90 | 90 |
| 91 def loadCertificate(f): | 91 def load_certificate(f): |
| 92 """Read a public certificate from a .pem file | 92 """Read a public certificate from a .pem file |
| 93 | 93 |
| 94 @param f (file): file obj (opened .pem file) | 94 @param f (file): file obj (opened .pem file) |
| 95 @return (list[OpenSSL.crypto.X509]): public certificate | 95 @return (list[OpenSSL.crypto.X509]): public certificate |
| 96 @raise OpenSSL.crypto.Error: error while parsing the file | 96 @raise OpenSSL.crypto.Error: error while parsing the file |
| 97 """ | 97 """ |
| 98 return OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, f.read()) | 98 return OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, f.read()) |
| 99 | 99 |
| 100 | 100 |
| 101 def getTLSContextFactory(options): | 101 def get_tls_context_factory(options): |
| 102 """Load TLS certificate and build the context factory needed for listenSSL""" | 102 """Load TLS certificate and build the context factory needed for listenSSL""" |
| 103 if ssl is None: | 103 if ssl is None: |
| 104 raise ImportError("Python module pyOpenSSL is not installed!") | 104 raise ImportError("Python module pyOpenSSL is not installed!") |
| 105 | 105 |
| 106 cert_options = {} | 106 cert_options = {} |
| 107 | 107 |
| 108 for name, option, method in [ | 108 for name, option, method in [ |
| 109 ("privateKey", "tls_private_key", loadPKey), | 109 ("privateKey", "tls_private_key", load_p_key), |
| 110 ("certificate", "tls_certificate", loadCertificate), | 110 ("certificate", "tls_certificate", load_certificate), |
| 111 ("extraCertChain", "tls_chain", loadCertificates), | 111 ("extraCertChain", "tls_chain", load_certificates), |
| 112 ]: | 112 ]: |
| 113 path = options[option] | 113 path = options[option] |
| 114 if not path: | 114 if not path: |
| 115 assert option == "tls_chain" | 115 assert option == "tls_chain" |
| 116 continue | 116 continue |