Code Review / AGL / meta-agl-demo.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Upgrade KUKSA.val components to 0.4.2 release
[AGL/meta-agl-demo.git] / recipes-connectivity / kuksa-val / kuksa-client / 0002-kuksa-client-Add-external-certificates-support.patch
1 From 3f3dbe36b4adcdd7c3cef41980058331e79ce620 Mon Sep 17 00:00:00 2001
2 From: Scott Murray <scott.murray@konsulko.com>
3 Date: Sat, 5 Aug 2023 13:27:44 -0400
4 Subject: [PATCH 2/2] kuksa_viss_client: Add external certificates support
5
6 Tweak the definition of __certificate_dir__ in the kuksa_certificates
7 package, and certificate location logic in the client library to allow
8 picking up alternative certificates from /etc/kuksa-certificates or
9 /etc/kuksa-val before falling back to the shipped defaults.  The
10 intent is to allow packagers to more straighhtforwardly use their own
11 certificates with both the server and clients.
12
13 Upstream-Status: pending
14
15 Signed-off-by: Scott Murray <scott.murray@konsulko.com>
16 ---
17  kuksa-client/kuksa_client/cli_backend/__init__.py | 2 +-
18  kuksa-client/kuksa_client/kuksa_server_certificates/__init__.py | 7 ++++++-
19  2 files changed, 7 insertions(+), 2 deletions(-)
20
21 diff --git a/kuksa-client/kuksa_client/cli_backend/__init__.py b/kuksa-client/kuksa_client/cli_backend/__init__.py
22 index 2cfe51e..96d94f2 100644
23 --- a/kuksa-client/kuksa_client/cli_backend/__init__.py
24 +++ b/kuksa-client/kuksa_client/cli_backend/__init__.py
25 @@ -28,7 +28,7 @@ class Backend:
26              self.insecure = config.getboolean('insecure', False)
27          except AttributeError:
28              self.insecure = config.get('insecure', False)
29 -        self.default_cert_path = pathlib.Path(kuksa_server_certificates.__path__[0])
30 +        self.default_cert_path = pathlib.Path(kuksa_server_certificates.__certificate_dir__)
31          self.cacertificate = config.get(
32              'cacertificate', str(self.default_cert_path / 'CA.pem'))
33          self.certificate = config.get('certificate', str(
34 diff --git a/kuksa-client/kuksa_client/kuksa_server_certificates/__init__.py b/kuksa-client/kuksa_client/kuksa_server_certificates/__init__.py
35 index 22ccd3f..8323868 100644
36 --- a/kuksa-client/kuksa_client/kuksa_server_certificates/__init__.py
37 +++ b/kuksa-client/kuksa_client/kuksa_server_certificates/__init__.py
38 @@ -2,4 +2,9 @@ import os
39  
40  from kuksa_client._metadata import *
41  
42 -__certificate_dir__= os.path.dirname(os.path.realpath(__file__))
43 +if os.path.isdir("/etc/kuksa-certificates"):
44 +    __certificate_dir__= "/etc/kuksa-certificates"
45 +elif os.path.isdir("/etc/kuksa-val"):
46 +    __certificate_dir__= "/etc/kuksa-val"
47 +else:
48 +    __certificate_dir__= os.path.dirname(os.path.realpath(__file__))
49 -- 
50 2.41.0
51
meta-agl-demo layer (demo/staging/"one-shot")