Parse certificate signing request for domains
()
| 168 | |
| 169 | |
| 170 | def parse_csr(): |
| 171 | """ |
| 172 | Parse certificate signing request for domains |
| 173 | """ |
| 174 | LOGGER.info("Parsing CSR...") |
| 175 | cmd = [ |
| 176 | "openssl", |
| 177 | "req", |
| 178 | "-in", |
| 179 | os.path.join(gettempdir(), "domain.csr"), |
| 180 | "-noout", |
| 181 | "-text", |
| 182 | ] |
| 183 | devnull = open(os.devnull, "wb") |
| 184 | out = subprocess.check_output(cmd, stderr=devnull) |
| 185 | domains = set([]) |
| 186 | common_name = re.search(r"Subject:.*? CN\s?=\s?([^\s,;/]+)", out.decode("utf8")) |
| 187 | if common_name is not None: |
| 188 | domains.add(common_name.group(1)) |
| 189 | subject_alt_names = re.search( |
| 190 | r"X509v3 Subject Alternative Name: \n +([^\n]+)\n", |
| 191 | out.decode("utf8"), |
| 192 | re.MULTILINE | re.DOTALL, |
| 193 | ) |
| 194 | if subject_alt_names is not None: |
| 195 | for san in subject_alt_names.group(1).split(", "): |
| 196 | if san.startswith("DNS:"): |
| 197 | domains.add(san[4:]) |
| 198 | |
| 199 | return domains |
| 200 | |
| 201 | |
| 202 | def get_boulder_header(key_bytes): |