ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity

expose subject_strict and issuer_strict to users (#34090)

Browse source
This commit is contained in:
MarkusTeufelberger 2018-01-04 10:43:37 +01:00 committed by ansibot
parent 6c97c340ea
commit 10b3431990
1 changed files with 18 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
lib/ansible/modules/crypto/openssl_certificate.py
View file

@ -112,11 +112,25 @@ options:
- Key/value pairs that must be present in the issuer name field of the certificate. - Key/value pairs that must be present in the issuer name field of the certificate.
If you need to specify more than one value with the same key, use a list as value. If you need to specify more than one value with the same key, use a list as value.
issuer_strict:
default: False
type: bool
description:
- If set to True, the I(issuer) field must contain only these values.
version_added: "2.5"
subject: subject:
description: description:
- Key/value pairs that must be present in the subject name field of the certificate. - Key/value pairs that must be present in the subject name field of the certificate.
If you need to specify more than one value with the same key, use a list as value. If you need to specify more than one value with the same key, use a list as value.
subject_strict:
default: False
type: bool
description:
- If set to True, the I(subject) field must contain only these values.
version_added: "2.5"
has_expired: has_expired:
default: False default: False
type: bool type: bool
@ -479,12 +493,12 @@ class AssertOnlyCertificate(Certificate):
self.subject = crypto_utils.parse_name_field(module.params['subject']) self.subject = crypto_utils.parse_name_field(module.params['subject'])
else: else:
self.subject = [] self.subject = []
self.subject_strict = False self.subject_strict = module.params['subject_strict']
if module.params['issuer']: if module.params['issuer']:
self.issuer = crypto_utils.parse_name_field(module.params['issuer']) self.issuer = crypto_utils.parse_name_field(module.params['issuer'])
else: else:
self.issuer = [] self.issuer = []
self.issuer_strict = False self.issuer_strict = module.params['issuer_strict']
self.has_expired = module.params['has_expired'] self.has_expired = module.params['has_expired']
self.version = module.params['version'] self.version = module.params['version']
self.keyUsage = module.params['keyUsage'] self.keyUsage = module.params['keyUsage']
@ -776,7 +790,9 @@ def main():
privatekey_passphrase=dict(type='path', no_log=True), privatekey_passphrase=dict(type='path', no_log=True),
signature_algorithms=dict(type='list'), signature_algorithms=dict(type='list'),
subject=dict(type='dict'), subject=dict(type='dict'),
subject_strict=dict(type='bool', default=False),
issuer=dict(type='dict'), issuer=dict(type='dict'),
issuer_strict=dict(type='bool', default=False),
has_expired=dict(type='bool', default=False), has_expired=dict(type='bool', default=False),
version=dict(type='int'), version=dict(type='int'),
keyUsage=dict(type='list', aliases=['key_usage']), keyUsage=dict(type='list', aliases=['key_usage']),