Révision 0ae9ecd6
Ajouté par Thomas Noël il y a presque 10 ans
calebasse/facturation/transmission_utils.py | ||
---|---|---|
15 | 15 |
MODE_COMPRESS = True |
16 | 16 |
MODE_ENCRYPT = True |
17 | 17 |
|
18 |
LDAP_HOST = 'ldap://annuaire.gip-cps.fr' |
|
18 |
LDAP_HOST = 'ldap://annuaire.sesam-vitale.fr' |
|
19 |
|
|
20 |
LDAP_BASEDN_O = 'o=sesam-vitale,c=fr' |
|
21 |
LDAP_BASEDN = 'ou=AC-FACTURATION,ou=AC-SESAM-VITALE-2034,' + LDAP_BASEDN_O |
|
22 |
CAPATH = '/var/lib/calebasse/sesam-vitale.capath/' |
|
19 | 23 |
|
20 |
if MODE_TEST: |
|
21 |
LDAP_BASEDN = 'o=gip-cps-test,c=fr' |
|
22 |
CAPATH = '/var/lib/calebasse/test-gip-cps.capath/' |
|
23 |
else: |
|
24 |
# production |
|
25 |
LDAP_BASEDN = 'o=gip-cps,c=fr' |
|
26 |
CAPATH = '/var/lib/calebasse/gip-cps.capath/' |
|
27 |
|
|
28 |
LDAP_BASEDN_RSS = 'ou=339172288100045,l=Sarthe (72),' + LDAP_BASEDN |
|
29 | 24 |
LDAP_X509_ATTR = 'userCertificate;binary' |
30 | 25 |
LDAP_CA_ATTRS = { |
31 | 26 |
'cert': ('cACertificate;binary', 'CERTIFICATE'), |
... | ... | |
35 | 30 |
|
36 | 31 |
RANDFILE = '/var/tmp/randpool.dat' |
37 | 32 |
|
33 |
MAILPATH = '/var/lib/calebasse/mail.out/' |
|
34 |
MESSAGE_ID_RIGHT = 'teletransmission.aps42.org' |
|
35 |
|
|
38 | 36 |
if MODE_TEST: |
37 |
LDAP_BASEDN = 'ou=AC-FACTURATION-TEST,ou=AC-SESAM-VITALE-TEST-2034,' + LDAP_BASEDN_O |
|
38 |
CAPATH = '/var/lib/calebasse/sesam-vitale-test.capath/' |
|
39 | 39 |
MAILPATH = '/var/lib/calebasse/test-mail.out/' |
40 | 40 |
MESSAGE_ID_RIGHT = 'teletransmission-test.aps42.org' |
41 |
else: |
|
42 |
# production |
|
43 |
MAILPATH = '/var/lib/calebasse/mail.out/' |
|
44 |
MESSAGE_ID_RIGHT = 'teletransmission.aps42.org' |
|
41 |
|
|
45 | 42 |
SENDER = 'teletransmission@aps42.org' |
46 | 43 |
VVVVVV = '100500' # ETS-DT-001-TransportsFlux_SpecsTechCommune_v1.1.pdf |
47 | 44 |
NUMERO_EMETTEUR = '00000420788606' |
48 | 45 |
EXERCICE = NUMERO_EMETTEUR |
49 | 46 |
|
50 | 47 |
# |
51 |
# get a certificate from gip-cps LDAP
|
|
48 |
# get a certificate from LDAP |
|
52 | 49 |
# |
53 | 50 |
|
54 | 51 |
def get_certificate(large_regime, dest_organism): |
... | ... | |
62 | 59 |
""" |
63 | 60 |
l = ldap.initialize(LDAP_HOST) |
64 | 61 |
cn = large_regime + dest_organism + '@' + dest_organism + '.' + large_regime + '.rss.fr' |
65 |
results = l.search_s(LDAP_BASEDN_RSS, ldap.SCOPE_SUBTREE, '(cn=' + cn + ')')
|
|
62 |
results = l.search_s(LDAP_BASEDN, ldap.SCOPE_SUBTREE, '(cn=' + cn + ')') |
|
66 | 63 |
if len(results) > 1: |
67 | 64 |
raise LookupError("non unique result for cn=%s" % cn) |
68 | 65 |
if len(results) < 1: |
... | ... | |
180 | 177 |
|
181 | 178 |
def build_capath(path=CAPATH): |
182 | 179 |
""" |
183 |
get all pkiCA from the gip-cps.fr ldap, store them in path
|
|
184 |
note: the gip-cps.fr ldap is limited to 10 objects in a response... by chance, there is less than 10 pkiCA ;)
|
|
180 |
get all pkiCA from the ldap, store them in path |
|
181 |
note: the sesam-vitale ldap is limited to 10 objects in a response... by chance, there is less than 10 pkiCA ;)
|
|
185 | 182 |
""" |
186 | 183 |
l = ldap.initialize(LDAP_HOST) |
187 |
results = l.search_s(LDAP_BASEDN,ldap.SCOPE_SUBTREE,'(objectclass=pkiCA)')
|
|
184 |
results = l.search_s(LDAP_BASEDN, ldap.SCOPE_SUBTREE, '(objectclass=pkiCA)')
|
|
188 | 185 |
for ca in results: |
189 | 186 |
dn = ca[0] |
190 | 187 |
for attr in LDAP_CA_ATTRS: |
Formats disponibles : Unified diff
facturation: use new PKI from annuaire.sesam-vitale.fr