[bind/TLSA] Mise dans ldap (avec gest_crans_lc) des certificat du crans et des propriété de TLSA

du coup, on enlève le hack dégeux qui récupérait en tcp le certificat pour TLSA
2014-03-18 22:51:10 +01:00 · 2014-03-18 22:51:10 +01:00 · 52cddb38c4
commit 52cddb38c4
parent 9311f2abcf
1 changed files with 1 additions and 31 deletions
--- a/gestion/gen_confs/bind.py
+++ b/gestion/gen_confs/bind.py
@ -476,37 +476,7 @@ class dns(gen_config) :
        restart_cmd = '/etc/init.d/bind9 reload'

    def __init__(self, *args, **kwargs):
-        xmpp_cert = ssl.get_server_certificate(('xmpp.crans.org', 443), ca_certs='/etc/ssl/certs/ca-certificates.crt')
-        self.EXTRAS = {
-        'crans.org' : [
-             TLSA('crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('www.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('cas.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('wiki.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('perso.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('intranet.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('intranet2.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('webmail.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('horde.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('roundcube.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('sogo.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('git.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('nagios.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('pad.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('news.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('lists.crans.org.', 443, 'tcp', None, 3, 2),
-             TLSA('asterisk.crans.org.', 5061, 'tcp', None, 3, 2),
-             TLSA('smtp.crans.org.', 465, 'tcp', None, 3, 2),
-             TLSA('imap.crans.org.', 993, 'tcp', None, 3, 2),
-             TLSA('xmpp', 5222, 'tcp', xmpp_cert, 3, 2),
-             TLSA('xmpp', 5269, 'tcp', xmpp_cert, 3, 2),
-             TLSA('xmpp', 443, 'tcp', xmpp_cert, 3, 2),
-             TLSA('jabber', 443, 'tcp', xmpp_cert, 3, 2),
-        ],
-        'wifi.crans.org' : [
-             TLSA('wifi.crans.org.', 443, 'tcp', None, 3, 2),
-        ],
-        }
+        self.EXTRAS = {}
        super(dns, self).__init__(*args, **kwargs)

    def gen_soa(self, ns_list, serial, ttl):