Revert "Captures PFWB en remplacement des captures PW"

This reverts commit 08c7e6e1c3 which was
targeted for the pfwb branch.

docbow_project/docbow/timestamp.py

@@ -1,29 +1,63 @@
 import rfc3161
 import os.path
+import hashlib
+import datetime
 
 from django.utils import simplejson
+from django.core import signing
 
 __certificate_path = os.path.join(os.path.dirname(__file__), 'certum_certificate.crt')
 
 __timestamper = rfc3161.RemoteTimestamper('http://time.certum.pl',
         certificate=open(__certificate_path).read())
+__timestamper = None
 
 def timestamp(content):
     return __timestamper(data=content)
 
 def timestamp_json(json_dict):
+    if __timestamper:
+        return timestamp_json_rfc3161(json_dict)
+    else:
+        return timestamp_json_local(json_dict)
+
+def timestamp_json_local(json_dict):
     s = simplejson.dumps(json_dict)
     if s[-1] != '}':
         raise ValueError("timestamp_json takes a dictionnary as argument: %s" % s)
-    tst, error = timestamp(s)
+    signer = signing.Signer()
+    signed_string = signer.sign('{0}:{1}'.format(hashlib.sha1(s).hexdigest(), datetime.datetime.utcnow().isoformat()))
+    return s[:-1] + ',"timestamp": "%s"}' % signed_string
+
+def timestamp_json_rfc3161(json_dict):
+    s = simplejson.dumps(json_dict)
+    if s[-1] != '}':
+        raise ValueError("timestamp_json takes a dictionnary as argument: %s" % s)
+    try:
+        tst, error = timestamp(s)
+    except Exception, e:
+        raise RuntimeError("unable to communicate with timestamping service", e)
     if tst:
         return s[:-1] + ',"timestamp": "%s"}' % tst.encode('base64').strip()
     else:
         return ValueError(error)
 
-def check_timestamp_json(content, certificate):
+def check_timestamp_json_rfc3161(content, certificate):
     content, tst = content.rsplit(',"timestamp": "', 1)
     content += '}'
     tst = tst[:-2].decode('base64')
     return rfc3161.check_timestamp(tst, certificate, data=content)
 
+def check_timestamp_json_local(content):
+    content, tst = content.rsplit(',"timestamp": "', 1)
+    content += '}'
+    tst = tst[:-2]
+    signer = signing.Signer()
+    try:
+        signed_string = signer.unsign(tst)
+    except signing.BadSignature:
+        return False
+    digest, tst = signed_string.split(':', 1)
+    if digest != hashlib.sha1(content).hexdigest():
+        return False
+    return datetime.datetime.strptime(tst, '%Y-%m-%dT%H:%M:%S.%f')

docbow_project/docbow/views.py

@@ -229,7 +229,10 @@ def send_file(request):
                         'have been informed.'))
                 else:
                     blob = new_send.timestamp_blob()
-                    tst = timestamp.timestamp_json(blob)
+                    try:
+                        tst = timestamp.timestamp_json(blob)
+                    except (ValueError, RuntimeError), e:
+                        tst = "Error: %r" % str(e)
                     logger.info('sent %s, timestamp %s' % (new_send, tst))
                     msg = ungettext(
                             'New document sent to %d recipient.',

docbow_project/settings/prod.py

@@ -11,6 +11,8 @@ ADMINS = (
 
 MANAGERS = ADMINS
 
+SEND_BROKEN_LINK_EMAILS=False
+
 # List of callables that know how to import templates from various sources.
 TEMPLATE_LOADERS = (
     ('django.template.loaders.cached.Loader', (

jenkins.sh

@@ -0,0 +1,7 @@
+pip install --upgrade pip
+pip install --upgrade pylint
+pip install --upgrade -v -r requirements.txt
+./docbow_project/manage.py syncdb --noinput
+./docbow_project/manage.py migrate
+./docbow_project/manage.py validate
+(pylint -f parseable --rcfile /var/lib/jenkins/pylint.django.rc docbow_project/ | tee pylint.out) || /bin/true

tools/docbow.init

@@ -32,7 +32,7 @@ DAEMON_ARGS="-D docbow_project.settings.courrier -p $PIDFILE \
 SCRIPTNAME=/etc/init.d/$NAME
 START_STOP_OPTIONS="--chuid docbow --group docbow"
 export PYTHONPATH=/home/docbow/source/
-export LANG=fr_FR.UTF-8
+export LANG=fr_FR.UTF-8 LC_ALL=fr_FR.UTF-8
 
 if [ -f /etc/gunicorn/$NAME.py ]; then
        DAEMON_ARGS="$DAEMON_ARGS -c /etc/gunicorn/$NAME.py"