-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
FEATURE: Use ArduPilot SSL certificates
- Loading branch information
1 parent
a84e852
commit a2d8933
Showing
1 changed file
with
60 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| #!/usr/bin/env python3 | ||
|
|
||
| ''' | ||
| This file is part of Ardupilot methodic configurator. https://github.com/ArduPilot/MethodicConfigurator | ||
| This script is designed to fetch, validate, and save SSL certificates for a specified host. | ||
| It utilizes the Python standard libraries ssl and socket to establish a secure connection | ||
| and retrieve the certificate, which is then saved in PEM format. | ||
| Additional functionality is provided to validate the certificate using OpenSSL to ensure | ||
| its authenticity and integrity. | ||
| SPDX-FileCopyrightText: 2024 Amilcar do Carmo Lucas <[email protected]> | ||
| SPDX-License-Identifier: GPL-3.0-or-later | ||
| ''' | ||
|
|
||
| #import OpenSSL | ||
| import ssl | ||
| import socket | ||
| import logging | ||
| import os | ||
|
|
||
| # Set up logging | ||
| logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s') | ||
|
|
||
| def fetch_ssl_certificate(host, port=443, timeout=10): | ||
| context = ssl.create_default_context() | ||
| try: | ||
| with socket.create_connection((host, port), timeout=timeout) as sock: | ||
| with context.wrap_socket(sock, server_hostname=host) as ssock: | ||
| # Get the certificate in DER format and decode it to PEM | ||
| der_cert = ssock.getpeercert(binary_form=True) | ||
| pem_cert = ssl.DER_cert_to_PEM_cert(der_cert) | ||
| return pem_cert | ||
| except socket.gaierror as e: | ||
| logging.error(f"Address-related error connecting to server: {e}") | ||
| raise | ||
| except socket.error as e: | ||
| logging.error(f"Connection error: {e}") | ||
| raise | ||
|
|
||
| def save_certificate(certificate, filename): | ||
| # Save the certificate to a file | ||
| with open(filename, 'w') as cert_file: | ||
| cert_file.write(certificate) | ||
| logging.info(f"Certificate saved to {filename}") | ||
|
|
||
| def main(): | ||
| host = 'autotest.ardupilot.org' | ||
| filename = 'autotest_ardupilot_org.crt' | ||
| logging.info(os.environ['HTTP_PROXY']) | ||
| logging.info(os.environ['HTTPS_PROXY']) | ||
| try: | ||
| certificate = fetch_ssl_certificate(host) | ||
| save_certificate(certificate, filename) | ||
| except Exception as e: | ||
| logging.error(f"An error occurred: {e}") | ||
|
|
||
| if __name__ == "__main__": | ||
| main() |