/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to bad-cert.pem

  • Committer: Teddy Hogeborn
  • Date: 2008-07-19 18:43:24 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080719184324-iwhoa5in75xa0u2u
* mandos-clients.conf ([foo]/dn, [foo]/password, [braxen_client]/dn,
                       [braxen_client]/password): Removed.
  ([foo]/fingerprint, [braxen_client]/fingerprint): New.
  ([foo]/checker): New.
  ([foo]/secfile): New.
  ([braxen_client]/secret): New.

* server.py: New "--debug" option to set debug flag.  Removed "cert",
             "key", "ca", "crl", and "cred" variables.  Added default
             value for "checker" config file setting.  Do not pass
             credentials to IPv6_TCPServer constructor.
  (debug): New global debug flag.  Used by most debugging output code.
  (Client.__init__): Keyword argument "dn" replaced by "fingerprint",
                     "password" renamed to "secret", and "passfile"
                     renamed to "secfile".  New keyword argument
                     "checker". All callers changed.
  (Client.dn): Removed.
  (Client.fingerprint): New.
  (Client.password): Renamed to "secret"; all users changed.
  (Client.passfile): Renamed to "secfile"; all users changed.
  (Client.timeout, Client.interval): Changed to be properties; now
                                     automatically updates the
                                     "_timeout_milliseconds" and
                                     "_interval_milliseconds" values.
  (Client.timeout_milliseconds): Renamed to "_timeout_milliseconds".
  (Client.interval_milliseconds): Renamed to "_interval_milliseconds".
  (Client.check_command): New.
  (Client.start_checker): Use the new "check_command" attribute.
  (peer_certificate, fingerprint): New functions.

  (tcp_handler.handle): Use ClientSession with empty credentials
                        object instead of ServerSession.  Set gnutls
                        priority string.  Do not verify peer.  Use
                        fingerprint instead of DN when searching for
                        clients.  Bug fix: Loop sending data so even large
                        secret data strings are sent.
  (IPv6_TCPServer.credentials): Removed.
  (if_nametoindex): Do not import ctypes since that is now imported
                    globally.

Show diffs side-by-side

added added

removed removed

Lines of Context:
bad-cert.pem
1
 
-----BEGIN CERTIFICATE-----
2
 
MIIG/zCCBOegAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCU0Ux
3
 
CzAJBgNVBAgTAkJMMRMwEQYDVQQHEwpLYXJsc2tyb25hMRUwEwYDVQQKEwxFdmls
4
 
IG1vbmtleXMxFDASBgNVBAsTC0V2aWwgd2UgYXJlMRMwEQYDVQQDEwppbnZhbGlk
5
 
IENBMRwwGgYJKoZIhvcNAQkBFg1ldmlsQGNlcnQuYmFkMB4XDTA3MTAxNjE0NDQ1
6
 
NVoXDTA4MTAxNTE0NDQ1NVowgYoxCzAJBgNVBAYTAlNFMQswCQYDVQQIEwJCTDET
7
 
MBEGA1UEBxMKS2FybHNrcm9uYTEVMBMGA1UEChMMRXZpbCBtb25rZXlzMRQwEgYD
8
 
VQQLEwtFdmlsIHdlIGFyZTEQMA4GA1UEAxQHYmFkX3NydjEaMBgGCSqGSIb3DQEJ
9
 
ARYLYmFkQHNydi5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCr
10
 
wxupCaTuPevXGPEKtAyOR/TGlWC8rlEhKCUCaYGiXZdXBQRkBIdhGxIysp4Klz3h
11
 
eXGOf8+z3RvTGyfLm93xYjx+t6c6UaTRUwb7blRHZS7ps+LmjbfyrPoPHMzZaoP+
12
 
iUmA4xsJQMqJyco9nKRdsXDOfGyaSrf0gzXqns2J1bpwZ1cuAT/PRiucK8Ka8ELv
13
 
gucCoTfSs2YYxLAV7eP791+YilxCt9BEXnDrQQln9u6YKB4qZ/sH5UPN6meKN35q
14
 
Q7y/QseqHG9Ha9xxlj7+UjrbDRFyw62Usi2AujJ93LDAalQYC5Ap4QKF/SzyOvLP
15
 
4eKCYVukuB+dZ5VNcT1swcJe0GIDxw/S1PGqa4RLTeGkDCZJMbzmOl7I8Pp/2A2r
16
 
IGQjAsr71e3dSInkw20LF1XbYbCYF1JCuwMw/y4MFddfV6ndxs3wBOMhFNPucqio
17
 
gw8FYK92I8AAerFltCqcmyt8Ni5ykOxrrF5lf5a3oq4rM/7nLwcoROLggcCBWg54
18
 
uhuqII3v7X5mIOUg1H041l/dc1lqFqPHy3faXuWnBU0WyFiWKNoHNxG94tHhf/RD
19
 
uw+Ts9x3gasQFdlEy4ltTUHhfmw+hM3WLJ7N7+LYFs242+u6WnKjBQLU3oeQMPxp
20
 
xPFVnVhT/3awHIxzCeKaTZMwk3XVykQ4vHtavu6tGwIDAQABo4IBZzCCAWMwCQYD
21
 
VR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwKwYJYIZIAYb4QgENBB4WHFRpbnlD
22
 
QSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIu8dJhoq/SqEs/TLbGg
23
 
KNP7l/NFMIHEBgNVHSMEgbwwgbmAFK8KbheHSW5w43daoqsIrWis2zwqoYGVpIGS
24
 
MIGPMQswCQYDVQQGEwJTRTELMAkGA1UECBMCQkwxEzARBgNVBAcTCkthcmxza3Jv
25
 
bmExFTATBgNVBAoTDEV2aWwgbW9ua2V5czEUMBIGA1UECxMLRXZpbCB3ZSBhcmUx
26
 
EzARBgNVBAMTCmludmFsaWQgQ0ExHDAaBgkqhkiG9w0BCQEWDWV2aWxAY2VydC5i
27
 
YWSCCQDgnmkfONM/bTAYBgNVHRIEETAPgQ1ldmlsQGNlcnQuYmFkMBYGA1UdEQQP
28
 
MA2BC2JhZEBzcnYuY29tMA0GCSqGSIb3DQEBBQUAA4ICAQA9nM7aQHtkx0ykgW1U
29
 
yJOzB/oEnUfM4NBl8oTicMv+tao8bobohCRBED6yEyjj9TUyqpJzB++fqkyj3sTM
30
 
+lTAPyco3Ptt41qP80xoRVUU9THeRIW7/1PKmuZvi0MUoqJ7KHtwQYRVWzIdCgR1
31
 
CTSlCHPKG2PoCkzFMZq+j7f1z4voXDCaC1QJ2ArjNWZUII3SW+WEhEMjiPQEVSNv
32
 
ngPpZRQ9atoVI8MvVeAoKDCFYd7lAM8cUN1BaHejOpHawgPp73nSFHMC7Xm7roVI
33
 
8KecZHsoPskhS1jB3+TZTIMLyVQTADmqZ/yLTIYbl4/24NvTkWSYvKvuLcZn0m3a
34
 
xTmW6VeXsHlQxKkevh9Y61zB0aBnA2NaWW+/cKODEbZytjEee5yG6ZF1KriS2wCx
35
 
6hREiOlZ7ad8iX/b/SNgtZQyhZe9adotRX3+q2Uini9pRYILrQzDkq+xkzMZam+G
36
 
Hcdsc9y7JAmz69nDdD7mYR+I7lf3H23IDlma64KC5U5JnCxVoUVHZw7BemeM1E1D
37
 
v2vUH9SSbi9tu58wjEYTMOkk+qtDcUR7Ju4aCUJFeG9SXCQSPX+PrMZByGODlEEx
38
 
Vl8eDAShiUt2yUwg4wzIpH94K0df+TC0PfYmr6goim7ewIhcUzb2SPkN5X+VDkKA
39
 
EHN2JwZCBCN2fo+4r+CfOZm23g==
40
 
-----END CERTIFICATE-----