Ajout d'objets certifcats comme enfant des objets machine

objets.py

@@ -297,7 +297,10 @@ class CransLdapObject(object):
             # On nettoie les locks
             for key, values in self._modifs.to_ldif().iteritems():
                 for value in values:
-                    self.conn.lockholder.removelock(key, value)
+                    try:
+                        self.conn.lockholder.removelock(key, value)
+                    except:
+                        pass
             self.conn.lockholder.purge(id(self))
 
         # Services à relancer
@@ -705,6 +708,7 @@ class machine(CransLdapObject):
     def __init__(self, conn, dn, mode='ro', ldif = None):
         super(machine, self).__init__(conn, dn, mode, ldif)
         self._proprio = None
+        self._certificats = None
 
     def proprio(self, mode=None):
         u"""Renvoie le propriétaire de la machine"""
@@ -713,6 +717,14 @@ class machine(CransLdapObject):
             self._proprio = new_cransldapobject(self.conn, parent_dn, self.mode if mode is None else mode)
         return self._proprio
 
+    def certificats(self):
+        """Renvoie la liste des certificats de la machine"""
+        if self._certificats is None:
+            self._certificats = self.conn.search(u'xid=*', dn = self.dn, scope = 1, mode=self.mode)
+            for m in self._certificats:
+                m._machine = self
+        return self._certificats
+
     def blacklist_actif(self, excepts=[]):
         u"""Renvoie la liste des blacklistes actives sur la machine et le proprio"""
         black=self.proprio().blacklist_actif(excepts)
@@ -954,6 +966,10 @@ class machineMulticast(machine):
         pass
     def ressuscite(self, comm, login):
         pass
+    def proprio(self, mode=None):
+        return None
+    def certificats(self):
+        return []
 
 @crans_object
 class machineWifi(machine):
@@ -1048,6 +1064,52 @@ class facture(CransLdapObject):
             self._proprio = new_cransldapobject(self.conn, parent_dn, self.mode)
         return self._proprio
 
+@crans_object
+class baseCert(CransLdapObject):
+    can_be_by = { variables.created: [attributs.nounou, attributs.bureau],
+            variables.modified: [attributs.nounou, attributs.bureau],
+            variables.deleted: [attributs.nounou, attributs.bureau],
+    }
+    attribs = [ attributs.xid, attributs.certificat, attributs.hostCert, attributs.historique]
+
+    tlsa_attribs = [ attributs.certificatUsage, attributs.selector, attributs.matchingType,
+                              attributs.portTCPin, attributs.portUDPin]
+    x509_attribs = [ attributs.issuerCN, attributs.start, attributs.end,
+                attributs.crlUrl, attributs.revocked, attributs.serialNumber ]
+
+    ldap_name = "baseCert"
+
+    _machine = None
+
+    def __init__(self, conn, dn, mode='ro', ldif=None):
+        super(baseCert, self).__init__(conn, dn, mode, ldif)
+        if "TLSACert" in self['objectClass']:
+            self.attribs.extend(self.tlsa_attribs)
+        if 'x509Cert' in self['objectClass']:
+            self.attribs.extend(self.x509_attribs)
+
+    def tlsa(self, certificatUsage, matchingType):
+        if not self.mode in ['w', 'rw']:
+            return
+        if u"TLSACert" in self['objectClass']:
+            return
+        self._modifs['objectClass'].append(u"TLSACert")
+        self.attribs.extend(self.tlsa_attribs)
+        self['certificatUsage']=certificatUsage
+        self['matchingType']=matchingType
+        self['selector']=0
+
+    def x509(issuerCN, start, end, serialNumber, crlUrl=None):
+        pass
+
+    def machine(self):
+        u"""Renvoie la machine du certificat"""
+        parent_dn = self.dn.split(',', 1)[1]
+        if not self._machine:
+            self._machine = new_cransldapobject(self.conn, parent_dn, self.mode)
+        return self._machine
+
+
 @crans_object
 class service(CransLdapObject):
     ldap_name = "service"