From e4a36fb7028156d715281203c95377e229ed2fcd Mon Sep 17 00:00:00 2001 From: Valentin Samir Date: Fri, 30 Oct 2015 17:07:08 +0100 Subject: [PATCH] =?UTF-8?q?[gen=5Fconf/bind]=20Pas=20d'enregistrement=20TL?= =?UTF-8?q?SA=20si=20le=20certificat=20est=20marqu=C3=A9=20comme=20r=C3=A9?= =?UTF-8?q?voqu=C3=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- gestion/gen_confs/bind.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/gestion/gen_confs/bind.py b/gestion/gen_confs/bind.py index c8c80da5..e9ca53a4 100755 --- a/gestion/gen_confs/bind.py +++ b/gestion/gen_confs/bind.py @@ -398,13 +398,14 @@ class Zone(ZoneBase): def add_tlsa_record(self, cert): """Ajout d'un certif dans le DNS""" if 'TLSACert' in cert['objectClass']: - for host in cert['hostCert']: - nom = self.get_name(host) - if nom is None: continue - for port in cert['portTCPin']: - self.add(TLSA(nom, port, 'tcp', cert['certificat'][0], cert['certificatUsage'][0], cert['matchingType'][0], cert['selector'][0], r_format='der')) - for port in cert['portUDPin']: - self.add(TLSA(nom, port, 'udp', cert['certificat'][0], cert['certificatUsage'][0], cert['matchingType'][0], cert['selector'][0], r_format='der')) + if not cert.get('revocked', [False])[0]: + for host in cert['hostCert']: + nom = self.get_name(host) + if nom is None: continue + for port in cert['portTCPin']: + self.add(TLSA(nom, port, 'tcp', cert['certificat'][0], cert['certificatUsage'][0], cert['matchingType'][0], cert['selector'][0], r_format='der')) + for port in cert['portUDPin']: + self.add(TLSA(nom, port, 'udp', cert['certificat'][0], cert['certificatUsage'][0], cert['matchingType'][0], cert['selector'][0], r_format='der')) def add_machine(self, machine): """Ajout d'une machine, à savoir chaînage d'ajout