Skip to content

Commit af87200

Browse files
ligangtyligangty
committed
Add ssl enable condition in RadasConfig
1 parent 3aa77c7 commit af87200

File tree

3 files changed

+23
-18
lines changed

3 files changed

+23
-18
lines changed

charon/cmd/cmd_sign.py

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -109,8 +109,6 @@ def sign(
109109
try:
110110
current = datetime.datetime.now().strftime("%Y%m%d%I%M")
111111
_decide_mode("radas_sign", current, is_quiet=quiet, is_debug=debug)
112-
if dryrun:
113-
logger.info("Running in dry-run mode, no files will signed.")
114112
conf = get_config(config)
115113
if not conf:
116114
logger.error("The charon configuration is not valid!")

charon/config.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,9 @@ def client_key_password(self) -> str:
102102
def root_ca(self) -> str:
103103
return self.__root_ca.strip()
104104

105+
def ssl_enabled(self) -> bool:
106+
return bool(self.__client_ca and self.__client_key and self.__root_ca)
107+
105108
def quay_radas_registry_config(self) -> Optional[str]:
106109
if self.__quay_radas_registry_config:
107110
return self.__quay_radas_registry_config.strip()

charon/pkgs/radas_sign.py

Lines changed: 20 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -60,14 +60,16 @@ def __init__(self, sign_result_loc: str, request_id: str, rconf: RadasConfig) ->
6060
self.rconf = rconf
6161
self.start_time = 0.0
6262
self.timeout_check_delay = 30.0
63-
self.ssl = SSLDomain(SSLDomain.MODE_CLIENT)
64-
self.ssl.set_trusted_ca_db(self.rconf.root_ca())
65-
self.ssl.set_peer_authentication(SSLDomain.VERIFY_PEER)
66-
self.ssl.set_credentials(
67-
self.rconf.client_ca(),
68-
self.rconf.client_key(),
69-
self.rconf.client_key_password()
70-
)
63+
self.ssl: Optional[SSLDomain] = None
64+
if rconf.ssl_enabled():
65+
self.ssl = SSLDomain(SSLDomain.MODE_CLIENT)
66+
self.ssl.set_trusted_ca_db(self.rconf.root_ca())
67+
self.ssl.set_peer_authentication(SSLDomain.VERIFY_PEER)
68+
self.ssl.set_credentials(
69+
self.rconf.client_ca(),
70+
self.rconf.client_key(),
71+
self.rconf.client_key_password()
72+
)
7173
self.log = logging.getLogger("charon.pkgs.radas_sign.RadasReceiver")
7274

7375
def on_start(self, event: Event) -> None:
@@ -183,14 +185,16 @@ def __init__(self, payload: Any, rconf: RadasConfig):
183185
self.message: Optional[Message] = None
184186
self.container: Optional[Container] = None
185187
self.sender: Optional[Sender] = None
186-
self.ssl = SSLDomain(SSLDomain.MODE_CLIENT)
187-
self.ssl.set_trusted_ca_db(self.rconf.root_ca())
188-
self.ssl.set_peer_authentication(SSLDomain.VERIFY_PEER)
189-
self.ssl.set_credentials(
190-
self.rconf.client_ca(),
191-
self.rconf.client_key(),
192-
self.rconf.client_key_password()
193-
)
188+
self.ssl: Optional[SSLDomain] = None
189+
if self.rconf.ssl_enabled():
190+
self.ssl = SSLDomain(SSLDomain.MODE_CLIENT)
191+
self.ssl.set_trusted_ca_db(self.rconf.root_ca())
192+
self.ssl.set_peer_authentication(SSLDomain.VERIFY_PEER)
193+
self.ssl.set_credentials(
194+
self.rconf.client_ca(),
195+
self.rconf.client_key(),
196+
self.rconf.client_key_password()
197+
)
194198
self.log = logging.getLogger("charon.pkgs.radas_sign.RadasSender")
195199

196200
def on_start(self, event):

0 commit comments

Comments
 (0)