Compare commits
8 Commits
Author | SHA1 | Date |
---|---|---|
Benjamin Dauvergne | 5a93ab71f0 | |
Pierre Cros | 08c7e6e1c3 | |
Benjamin Dauvergne | b241e6dfdc | |
Benjamin Dauvergne | cbb1e30389 | |
Benjamin Dauvergne | 3c8a3fdc58 | |
Benjamin Dauvergne | 0123c4e678 | |
Benjamin Dauvergne | db02708d44 | |
Benjamin Dauvergne | c3b2d05505 |
|
@ -1,29 +1,63 @@
|
||||||
import rfc3161
|
import rfc3161
|
||||||
import os.path
|
import os.path
|
||||||
|
import hashlib
|
||||||
|
import datetime
|
||||||
|
|
||||||
from django.utils import simplejson
|
from django.utils import simplejson
|
||||||
|
from django.core import signing
|
||||||
|
|
||||||
__certificate_path = os.path.join(os.path.dirname(__file__), 'certum_certificate.crt')
|
__certificate_path = os.path.join(os.path.dirname(__file__), 'certum_certificate.crt')
|
||||||
|
|
||||||
__timestamper = rfc3161.RemoteTimestamper('http://time.certum.pl',
|
__timestamper = rfc3161.RemoteTimestamper('http://time.certum.pl',
|
||||||
certificate=open(__certificate_path).read())
|
certificate=open(__certificate_path).read())
|
||||||
|
__timestamper = None
|
||||||
|
|
||||||
def timestamp(content):
|
def timestamp(content):
|
||||||
return __timestamper(data=content)
|
return __timestamper(data=content)
|
||||||
|
|
||||||
def timestamp_json(json_dict):
|
def timestamp_json(json_dict):
|
||||||
|
if __timestamper:
|
||||||
|
return timestamp_json_rfc3161(json_dict)
|
||||||
|
else:
|
||||||
|
return timestamp_json_local(json_dict)
|
||||||
|
|
||||||
|
def timestamp_json_local(json_dict):
|
||||||
s = simplejson.dumps(json_dict)
|
s = simplejson.dumps(json_dict)
|
||||||
if s[-1] != '}':
|
if s[-1] != '}':
|
||||||
raise ValueError("timestamp_json takes a dictionnary as argument: %s" % s)
|
raise ValueError("timestamp_json takes a dictionnary as argument: %s" % s)
|
||||||
tst, error = timestamp(s)
|
signer = signing.Signer()
|
||||||
|
signed_string = signer.sign('{0}:{1}'.format(hashlib.sha1(s).hexdigest(), datetime.datetime.utcnow().isoformat()))
|
||||||
|
return s[:-1] + ',"timestamp": "%s"}' % signed_string
|
||||||
|
|
||||||
|
def timestamp_json_rfc3161(json_dict):
|
||||||
|
s = simplejson.dumps(json_dict)
|
||||||
|
if s[-1] != '}':
|
||||||
|
raise ValueError("timestamp_json takes a dictionnary as argument: %s" % s)
|
||||||
|
try:
|
||||||
|
tst, error = timestamp(s)
|
||||||
|
except Exception, e:
|
||||||
|
raise RuntimeError("unable to communicate with timestamping service", e)
|
||||||
if tst:
|
if tst:
|
||||||
return s[:-1] + ',"timestamp": "%s"}' % tst.encode('base64').strip()
|
return s[:-1] + ',"timestamp": "%s"}' % tst.encode('base64').strip()
|
||||||
else:
|
else:
|
||||||
return ValueError(error)
|
return ValueError(error)
|
||||||
|
|
||||||
def check_timestamp_json(content, certificate):
|
def check_timestamp_json_rfc3161(content, certificate):
|
||||||
content, tst = content.rsplit(',"timestamp": "', 1)
|
content, tst = content.rsplit(',"timestamp": "', 1)
|
||||||
content += '}'
|
content += '}'
|
||||||
tst = tst[:-2].decode('base64')
|
tst = tst[:-2].decode('base64')
|
||||||
return rfc3161.check_timestamp(tst, certificate, data=content)
|
return rfc3161.check_timestamp(tst, certificate, data=content)
|
||||||
|
|
||||||
|
def check_timestamp_json_local(content):
|
||||||
|
content, tst = content.rsplit(',"timestamp": "', 1)
|
||||||
|
content += '}'
|
||||||
|
tst = tst[:-2]
|
||||||
|
signer = signing.Signer()
|
||||||
|
try:
|
||||||
|
signed_string = signer.unsign(tst)
|
||||||
|
except signing.BadSignature:
|
||||||
|
return False
|
||||||
|
digest, tst = signed_string.split(':', 1)
|
||||||
|
if digest != hashlib.sha1(content).hexdigest():
|
||||||
|
return False
|
||||||
|
return datetime.datetime.strptime(tst, '%Y-%m-%dT%H:%M:%S.%f')
|
||||||
|
|
|
@ -229,7 +229,10 @@ def send_file(request):
|
||||||
'have been informed.'))
|
'have been informed.'))
|
||||||
else:
|
else:
|
||||||
blob = new_send.timestamp_blob()
|
blob = new_send.timestamp_blob()
|
||||||
tst = timestamp.timestamp_json(blob)
|
try:
|
||||||
|
tst = timestamp.timestamp_json(blob)
|
||||||
|
except (ValueError, RuntimeError), e:
|
||||||
|
tst = "Error: %r" % str(e)
|
||||||
logger.info('sent %s, timestamp %s' % (new_send, tst))
|
logger.info('sent %s, timestamp %s' % (new_send, tst))
|
||||||
msg = ungettext(
|
msg = ungettext(
|
||||||
'New document sent to %d recipient.',
|
'New document sent to %d recipient.',
|
||||||
|
|
|
@ -11,6 +11,8 @@ ADMINS = (
|
||||||
|
|
||||||
MANAGERS = ADMINS
|
MANAGERS = ADMINS
|
||||||
|
|
||||||
|
SEND_BROKEN_LINK_EMAILS=False
|
||||||
|
|
||||||
# List of callables that know how to import templates from various sources.
|
# List of callables that know how to import templates from various sources.
|
||||||
TEMPLATE_LOADERS = (
|
TEMPLATE_LOADERS = (
|
||||||
('django.template.loaders.cached.Loader', (
|
('django.template.loaders.cached.Loader', (
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
pip install --upgrade pip
|
||||||
|
pip install --upgrade pylint
|
||||||
|
pip install --upgrade -v -r requirements.txt
|
||||||
|
./docbow_project/manage.py syncdb --noinput
|
||||||
|
./docbow_project/manage.py migrate
|
||||||
|
./docbow_project/manage.py validate
|
||||||
|
(pylint -f parseable --rcfile /var/lib/jenkins/pylint.django.rc docbow_project/ | tee pylint.out) || /bin/true
|
|
@ -32,7 +32,7 @@ DAEMON_ARGS="-D docbow_project.settings.courrier -p $PIDFILE \
|
||||||
SCRIPTNAME=/etc/init.d/$NAME
|
SCRIPTNAME=/etc/init.d/$NAME
|
||||||
START_STOP_OPTIONS="--chuid docbow --group docbow"
|
START_STOP_OPTIONS="--chuid docbow --group docbow"
|
||||||
export PYTHONPATH=/home/docbow/source/
|
export PYTHONPATH=/home/docbow/source/
|
||||||
export LANG=fr_FR.UTF-8
|
export LANG=fr_FR.UTF-8 LC_ALL=fr_FR.UTF-8
|
||||||
|
|
||||||
if [ -f /etc/gunicorn/$NAME.py ]; then
|
if [ -f /etc/gunicorn/$NAME.py ]; then
|
||||||
DAEMON_ARGS="$DAEMON_ARGS -c /etc/gunicorn/$NAME.py"
|
DAEMON_ARGS="$DAEMON_ARGS -c /etc/gunicorn/$NAME.py"
|
||||||
|
|
Loading…
Reference in New Issue