ó ßüÚ\c @sòdZddlZddlZddlZddlZdZejjejje ƒƒZ e d„Z dZ d„Zd„Zedkrîeje ƒe d ƒ\ZZed d ƒZejeƒWdQXed d ƒZejeƒWdQXeƒed dƒZejƒZWdQXe d deƒ\ZZedd ƒZejeƒWdQXedd ƒ!ZejeƒejeƒWdQXedd ƒZejeƒWdQXedd ƒ!ZejeƒejeƒWdQXeƒndS(s‰Make the custom certificate and private key files used by TLS tests. Code heavily borrowed from Lib/tests/make_ssl_certs.py in CPython. iÿÿÿÿNs‡ [req] distinguished_name = req_distinguished_name x509_extensions = req_x509_extensions prompt = no [req_distinguished_name] C = XY L = Dask-distributed O = Dask CN = {hostname} [req_x509_extensions] subjectAltName = @san [san] DNS.1 = {hostname} [ca] default_ca = CA_default [CA_default] dir = cadir database = $dir/index.txt crlnumber = $dir/crl.txt default_md = sha256 default_days = 3600 default_crl_days = 3600 certificate = tls-ca-cert.pem private_key = tls-ca-key.pem serial = $dir/serial RANDFILE = $dir/.rand policy = policy_match [policy_match] countryName = match stateOrProvinceName = optional organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [policy_anything] countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional commonName = supplied emailAddress = optional [v3_ca] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer basicConstraints = CA:true cCsõd|GHg}x?tdƒD]1}tjdtƒ}|j|jƒWdQXqW|\}}}zotjd|ƒ}t|dƒ}|j |ƒWdQXdddd d d d d |d|g } |rtjdtƒ }|j|jƒ|j} WdQX| d| g7} n| dd|g7} t j dg| ƒ|r|dd|d|dddddd| g } t j dg| ƒnt|dƒ}|j ƒ} WdQXt|dƒ}|j ƒ} WdQX| | fSWdx|D]} t j| ƒqÙWXdS(Nscreating cert for itdeletethostnametwtreqs-news-dayst3650s-nodess-newkeysrsa:2048s-keyouts-configs-outs-x509topenssltcas-outdirtcadirs-policytpolicy_anythings-batchs-infilestr(trangettempfiletNamedTemporaryFiletFalsetappendtnamet req_templatetformattopentwritet subprocesst check_calltreadtostremove(Rtsignt tempnamestitftreq_filet cert_filetkey_fileRtargstreqfiletcerttkeyR((s?lib/python2.7/site-packages/distributed/tests/make_tls_certs.pyt make_cert_keyHsb    RcCstjtƒdS(N(tshutiltrmtreet TMP_CADIR(((s?lib/python2.7/site-packages/distributed/tests/make_tls_certs.pyt unmake_caˆscCs\tjtƒttjjddƒdƒ}WdQXttjjddƒdƒ}|jdƒWdQXtjdƒß}|jt j dd ƒƒ|j ƒtjƒ§}d d d d dddddddd|j ddg}t jdg|ƒdd|j dddddtddd d d ddd!|j g}t jdg|ƒWdQXWdQXdS("NRs index.txtsa+sindex.txt.attrsw+sunique_subject = noRRs our-ca-serverRs-news-daysRs -extensionstv3_cas-nodess-newkeysrsa:2048s-keyoutstls-ca-key.pems-outs-subjs3/C=XY/L=Dask-distributed/O=Dask CA/CN=our-ca-serverRRs-configs-create_serialstls-ca-cert.pems-batchs-outdirs-keyfiles -selfsigns-infiles(RtmkdirR'RtpathtjoinRR R RRtflushRRR(RttR ((s?lib/python2.7/site-packages/distributed/tests/make_tls_certs.pytmake_caŒsX !!   t__main__t localhoststls-self-signed-cert.pemRstls-self-signed-key.pemstls-ca-cert.pemR Rs tls-cert.pemstls-cert-chain.pems tls-key.pemstls-key-cert.pem(t__doc__RR%R RRR+tabspathtdirnamet__file__thereR R$R'R(R/t__name__tchdirR"R#RRRRtca_certtTrue(((s?lib/python2.7/site-packages/distributed/tests/make_tls_certs.pyts@    : =  8