From e5ea902edbb7ae965b3cf29cfabc799aa14ea569 Mon Sep 17 00:00:00 2001 From: Robert Kisteleki Date: Tue, 4 Apr 2017 11:53:05 +0200 Subject: [PATCH] Changed a few bits following dquinn's recommendations --- docs/installation.rst | 3 +++ ripe/atlas/sagan/ssl.py | 24 +++++++++++++++--------- setup.py | 1 - 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/docs/installation.rst b/docs/installation.rst index e45c66c..8b1104a 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -79,6 +79,8 @@ to use sagan to say, parse traceroute or DNS results, then you can do the follow $ SAGAN_WITHOUT_SSL=1 pip install ripe.atlas.sagan +More information can also be found `here`_. + If you *do* care about SSL and have to use a Mac, then `this issue`_ will likely be of assistance. Essentially, you will need to uninstall Xcode (if it's installed already), then attempt to use ``gcc``. This will trigger the OS to @@ -87,4 +89,5 @@ when that's finished, install Sagan with this command: $ CFLAGS="-I/usr/include" pip install ripe.atlas.sagan +.. _here: https://cryptography.io/en/latest/installation/ .. _this issue: https://github.com/RIPE-NCC/ripe.atlas.sagan/issues/52 diff --git a/ripe/atlas/sagan/ssl.py b/ripe/atlas/sagan/ssl.py index 2682aac..c281127 100644 --- a/ripe/atlas/sagan/ssl.py +++ b/ripe/atlas/sagan/ssl.py @@ -32,6 +32,12 @@ from .base import Result, ResultParseError, ParsingDict +OID_COUNTRY = "2.5.4.6" +OID_ORG = "2.5.4.10" +OID_COMMON_NAME = "2.5.4.3" +EXT_SAN = "subjectAltName" + + class Certificate(ParsingDict): def __init__(self, data, **kwargs): @@ -57,7 +63,7 @@ def __init__(self, data, **kwargs): self.extensions = {} - cert = x509.load_pem_x509_certificate(data.encode('ascii'), openssl.backend) + cert = x509.load_pem_x509_certificate(data.encode("ascii"), openssl.backend) if cert: self.checksum_md5 = self._colonify(cert.fingerprint(hashes.MD5())) @@ -81,15 +87,15 @@ def __init__(self, data, **kwargs): def _add_extensions(self, cert): for ext in cert.extensions: - if ext.oid._name == 'subjectAltName': - self.extensions['subjectAltName'] = [] + if ext.oid._name == EXT_SAN: + self.extensions[EXT_SAN] = [] for san in ext.value: - self.extensions['subjectAltName'].append(san.value) + self.extensions[EXT_SAN].append(san.value) @staticmethod def _colonify(bytes): - hex = codecs.getencoder('hex_codec')(bytes)[0].decode('ascii').upper() - return ':'.join(a+b for a,b in zip(hex[::2], hex[1::2])) + hex = codecs.getencoder("hex_codec")(bytes)[0].decode("ascii").upper() + return ":".join(a+b for a,b in zip(hex[::2], hex[1::2])) @staticmethod def _parse_x509_name(name): @@ -97,11 +103,11 @@ def _parse_x509_name(name): o = None c = None for attr in name: - if attr.oid.dotted_string == '2.5.4.6': # country + if attr.oid.dotted_string == OID_COUNTRY: c = attr.value - elif attr.oid.dotted_string == '2.5.4.10': # organisation + elif attr.oid.dotted_string == OID_ORG: o = attr.value - elif attr.oid.dotted_string == '2.5.4.3': # common name + elif attr.oid.dotted_string == OID_COMMON_NAME: cn = attr.value return cn, o, c diff --git a/setup.py b/setup.py index 1fb80bd..3b90db4 100644 --- a/setup.py +++ b/setup.py @@ -6,7 +6,6 @@ name = "ripe.atlas.sagan" install_requires = [ - "IPy", "python-dateutil", "pytz", ]