Révision 0ae9ecd6
Ajouté par Thomas Noël il y a plus de 9 ans
| calebasse/facturation/transmission_utils.py | ||
|---|---|---|
| 15 | 15 |
MODE_COMPRESS = True |
| 16 | 16 |
MODE_ENCRYPT = True |
| 17 | 17 |
|
| 18 |
LDAP_HOST = 'ldap://annuaire.gip-cps.fr' |
|
| 18 |
LDAP_HOST = 'ldap://annuaire.sesam-vitale.fr' |
|
| 19 |
|
|
| 20 |
LDAP_BASEDN_O = 'o=sesam-vitale,c=fr' |
|
| 21 |
LDAP_BASEDN = 'ou=AC-FACTURATION,ou=AC-SESAM-VITALE-2034,' + LDAP_BASEDN_O |
|
| 22 |
CAPATH = '/var/lib/calebasse/sesam-vitale.capath/' |
|
| 19 | 23 |
|
| 20 |
if MODE_TEST: |
|
| 21 |
LDAP_BASEDN = 'o=gip-cps-test,c=fr' |
|
| 22 |
CAPATH = '/var/lib/calebasse/test-gip-cps.capath/' |
|
| 23 |
else: |
|
| 24 |
# production |
|
| 25 |
LDAP_BASEDN = 'o=gip-cps,c=fr' |
|
| 26 |
CAPATH = '/var/lib/calebasse/gip-cps.capath/' |
|
| 27 |
|
|
| 28 |
LDAP_BASEDN_RSS = 'ou=339172288100045,l=Sarthe (72),' + LDAP_BASEDN |
|
| 29 | 24 |
LDAP_X509_ATTR = 'userCertificate;binary' |
| 30 | 25 |
LDAP_CA_ATTRS = {
|
| 31 | 26 |
'cert': ('cACertificate;binary', 'CERTIFICATE'),
|
| ... | ... | |
| 35 | 30 |
|
| 36 | 31 |
RANDFILE = '/var/tmp/randpool.dat' |
| 37 | 32 |
|
| 33 |
MAILPATH = '/var/lib/calebasse/mail.out/' |
|
| 34 |
MESSAGE_ID_RIGHT = 'teletransmission.aps42.org' |
|
| 35 |
|
|
| 38 | 36 |
if MODE_TEST: |
| 37 |
LDAP_BASEDN = 'ou=AC-FACTURATION-TEST,ou=AC-SESAM-VITALE-TEST-2034,' + LDAP_BASEDN_O |
|
| 38 |
CAPATH = '/var/lib/calebasse/sesam-vitale-test.capath/' |
|
| 39 | 39 |
MAILPATH = '/var/lib/calebasse/test-mail.out/' |
| 40 | 40 |
MESSAGE_ID_RIGHT = 'teletransmission-test.aps42.org' |
| 41 |
else: |
|
| 42 |
# production |
|
| 43 |
MAILPATH = '/var/lib/calebasse/mail.out/' |
|
| 44 |
MESSAGE_ID_RIGHT = 'teletransmission.aps42.org' |
|
| 41 |
|
|
| 45 | 42 |
SENDER = 'teletransmission@aps42.org' |
| 46 | 43 |
VVVVVV = '100500' # ETS-DT-001-TransportsFlux_SpecsTechCommune_v1.1.pdf |
| 47 | 44 |
NUMERO_EMETTEUR = '00000420788606' |
| 48 | 45 |
EXERCICE = NUMERO_EMETTEUR |
| 49 | 46 |
|
| 50 | 47 |
# |
| 51 |
# get a certificate from gip-cps LDAP
|
|
| 48 |
# get a certificate from LDAP |
|
| 52 | 49 |
# |
| 53 | 50 |
|
| 54 | 51 |
def get_certificate(large_regime, dest_organism): |
| ... | ... | |
| 62 | 59 |
""" |
| 63 | 60 |
l = ldap.initialize(LDAP_HOST) |
| 64 | 61 |
cn = large_regime + dest_organism + '@' + dest_organism + '.' + large_regime + '.rss.fr' |
| 65 |
results = l.search_s(LDAP_BASEDN_RSS, ldap.SCOPE_SUBTREE, '(cn=' + cn + ')')
|
|
| 62 |
results = l.search_s(LDAP_BASEDN, ldap.SCOPE_SUBTREE, '(cn=' + cn + ')') |
|
| 66 | 63 |
if len(results) > 1: |
| 67 | 64 |
raise LookupError("non unique result for cn=%s" % cn)
|
| 68 | 65 |
if len(results) < 1: |
| ... | ... | |
| 180 | 177 |
|
| 181 | 178 |
def build_capath(path=CAPATH): |
| 182 | 179 |
""" |
| 183 |
get all pkiCA from the gip-cps.fr ldap, store them in path
|
|
| 184 |
note: the gip-cps.fr ldap is limited to 10 objects in a response... by chance, there is less than 10 pkiCA ;)
|
|
| 180 |
get all pkiCA from the ldap, store them in path |
|
| 181 |
note: the sesam-vitale ldap is limited to 10 objects in a response... by chance, there is less than 10 pkiCA ;)
|
|
| 185 | 182 |
""" |
| 186 | 183 |
l = ldap.initialize(LDAP_HOST) |
| 187 |
results = l.search_s(LDAP_BASEDN,ldap.SCOPE_SUBTREE,'(objectclass=pkiCA)')
|
|
| 184 |
results = l.search_s(LDAP_BASEDN, ldap.SCOPE_SUBTREE, '(objectclass=pkiCA)')
|
|
| 188 | 185 |
for ca in results: |
| 189 | 186 |
dn = ca[0] |
| 190 | 187 |
for attr in LDAP_CA_ATTRS: |
Formats disponibles : Unified diff
facturation: use new PKI from annuaire.sesam-vitale.fr