1 files changed, 92 insertions, 0 deletions

diff --git a/base/server/python/pki/server/ca.py b/base/server/python/pki/server/ca.py
new file mode 100644
index 000000000..70ebf4dd1
--- /dev/null
+++ b/base/server/python/pki/server/ca.py
@@ -0,0 +1,92 @@
+#!/usr/bin/python
+# Authors:
+#     Endi S. Dewata <edewata@redhat.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2015 Red Hat, Inc.
+# All rights reserved.
+#
+
+from __future__ import absolute_import
+import ldap
+import ldap.filter
+
+import pki
+import pki.server
+
+
+class CASubsystem(pki.server.PKISubsystem):
+
+    def __init__(self, instance):
+        super(CASubsystem, self).__init__(instance, 'ca')
+
+    def find_cert_requests(self, cert=None):
+
+        base_dn = self.config['internaldb.basedn']
+
+        if cert:
+            escaped_value = ldap.filter.escape_filter_chars(cert)
+            search_filter = '(extdata-req--005fissued--005fcert=%s)' % escaped_value
+
+        else:
+            search_filter = '(objectClass=*)'
+
+        con = self.open_database()
+
+        entries = con.search_s(
+            'ou=ca,ou=requests,%s' % base_dn,
+            ldap.SCOPE_ONELEVEL,
+            search_filter,
+            None)
+
+        con.unbind_s()
+
+        requests = []
+        for entry in entries:
+            requests.append(self.create_request_object(entry))
+
+        return requests
+
+    def get_cert_requests(self, request_id):
+
+        base_dn = self.config['internaldb.basedn']
+
+        con = self.open_database()
+
+        entries = con.search_s(
+            'cn=%s,ou=ca,ou=requests,%s' % (request_id, base_dn),
+            ldap.SCOPE_BASE,
+            '(objectClass=*)',
+            None)
+
+        con.unbind_s()
+
+        entry = entries[0]
+        return self.create_request_object(entry)
+
+    def create_request_object(self, entry):
+
+        attrs = entry[1]
+
+        request = {}
+        request['id'] = attrs['cn'][0]
+        request['type'] = attrs['requestType'][0]
+        request['status'] = attrs['requestState'][0]
+        request['request'] = attrs['extdata-cert--005frequest'][0]
+
+        return request
+
+
+pki.server.SUBSYSTEM_CLASSES['ca'] = CASubsystem