Commit 27e0c20d authored by HgO's avatar HgO

add an option to provide target directory; change debug option from -d to -v

parent 14fae668
......@@ -27,15 +27,21 @@ python3 renew.py <login>
```
This will prompt you to enter your password for the Neutrinet's VPN.
The script will then generate the certificate files in a folder named like that:
```
certs_2016-06-07_13:51:08
```
where the date and time correspond to the moment at which you ran the script.
**Important**: This folder will contain your private key, so be carefull when storing it!
You can also provide the folder with:
```
python3 renew.py <login> -d <path/to/your/certs>
```
**Important**: This folder will contain your private key, so be careful when storing it!
You can also choose to directly provide the password with:
You can choose to directly provide the password with:
```bash
python3 renew.py <login> -p <password>
```
......@@ -43,12 +49,12 @@ python3 renew.py <login> -p <password>
Finally, you can provide the public part of your certificate.
The script will then check the expiration date before trying to renew it:
```bash
python3 renew.py <login> <path/to/client.crt>
python3 renew.py <login> -c <path/to/client.crt>
```
### Debugging
## Debugging
You can enter debug mode with:
You can display debug messages with:
```bash
python3 renew.py <login> -d
python3 renew.py <login> -v
```
......@@ -40,12 +40,22 @@ def retry_session(
return session
def renew(login, password, client_cert_filename = None, log_level=logging.INFO):
def renew(login, password, client_cert_filename=None, working_dir=None, log_level=logging.INFO):
logging.basicConfig(stream=sys.stdout, level=log_level, format="%(levelname)s:%(message)s")
working_dir = "certs_{:%F_%X}".format(datetime.today())
if client_cert_filename and os.path.isfile(client_cert_filename):
logging.debug("Checking expiration date for {}".format(client_cert_filename))
with open(client_cert_filename, 'r') as ifd:
client_cert = ifd.read()
if not check_expiration_date(client_cert):
logging.info("The certificate doesn't need to be renewed. Leaving...")
return
if not working_dir:
working_dir = "certs_{:%Y-%m-%d_%H:%M:%S}".format(datetime.today())
os.makedirs(working_dir)
with retry_session() as session:
logging.debug("Sending client's credentials")
response = session.post("https://api.neutrinet.be/api/user/login",
......@@ -62,14 +72,6 @@ def renew(login, password, client_cert_filename = None, log_level=logging.INFO):
response.raise_for_status()
client = response.json()[0]
if client_cert_filename and os.path.isfile(client_cert_filename):
logging.debug("Checking expiration date for {}".format(client_cert_filename))
with open(client_cert_filename, 'r') as ifd:
client_cert = ifd.read()
if not check_expiration_date(client_cert):
logging.info("The certificate doesn't need to be renewed. Leaving...")
return
logging.debug("Generating new certificate using OpenSSL")
csr, client_key = create_csr(login)
......@@ -147,22 +149,30 @@ def main():
import argparse
parser = argparse.ArgumentParser(description="Renew certificates for the Neutrinet VPN.")
parser.add_argument("login", help="User login for the Neutrinet VPN")
parser.add_argument("-p", "--password", help="User password for the Neutrinet VPN")
parser.add_argument("-d", "--debug", action="store_true", help="Print debug messages.")
parser.add_argument("-c", "--cert", help="Public part of the client certificate. This forces the script to check if the certificate is expired before renewing it")
parser.add_argument("login",
help="User login for the Neutrinet VPN.")
parser.add_argument("-p", "--password",
help="User password for the Neutrinet VPN.")
parser.add_argument("-v", "--verbose", action="store_true",
help="Increase verbosity and display debug messages.")
parser.add_argument("-c", "--cert",
help="Public part of the client certificate. \
This forces the script to check if the certificate is expired before renewing it.")
parser.add_argument("-d", "--directory",
help="Output directory where to store the newly generated certificates. \
By default, everything is stored in a randomly generated directory.")
args = parser.parse_args()
if not args.password:
args.password = getpass()
if args.debug:
if args.verbose:
log_level = logging.DEBUG
else:
log_level = logging.INFO
renew(args.login, args.password, client_cert_filename=args.cert, log_level=log_level)
renew(args.login, args.password, client_cert_filename=args.cert,
working_dir=args.directory, log_level=log_level)
if __name__ == "__main__":
main()
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment