X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=blobdiff_plain;f=certmaster%2Fconfig.py;h=bf9b87bad2a47f83266a75bfe5147e83b707a828;hp=c6e917482e1eae7a938be3e0ef26254d40662799;hb=8c1e7ce1f1b146ba794779ccad8816baea16d64a;hpb=67e8a55e10f81105cb76e7c1ff9d0615cf97dff5 diff --git a/certmaster/config.py b/certmaster/config.py index c6e9174..bf9b87b 100644 --- a/certmaster/config.py +++ b/certmaster/config.py @@ -22,6 +22,7 @@ import urlparse from ConfigParser import NoSectionError, NoOptionError, ConfigParser from ConfigParser import ParsingError import exceptions +import warnings CONFIG_FILE = "/etc/certmaster/certmaster.conf" @@ -480,28 +481,18 @@ def read_config(config_file, BaseConfigDerived): ## Add the default items when just using a single ca opts.ca[''] = BaseConfigDerived() - opts.ca[''].hash_function = None + opts.ca[''].hash_function = "sha256" opts.ca[''].populate(confparser,'main') - if opts.ca[''].hash_function == 'sha1': - log.warning('hash_function value of sha1 is deprecated', DeprecationWarning) - elif opts.ca[''].hash_function == 'md5': - print >> sys.stderr, "Error: hash_function of md5 is not supported" - ## Add additonal ca sections sections = confparser.sections() for a_section in sections: if a_section.startswith('ca:'): ca_name = a_section[3:] opts.ca[ca_name] = BaseConfigDerived() - opts.ca[ca_name].hash_function = None + opts.ca[ca_name].hash_function = "sha256" opts.ca[ca_name].populate(confparser,a_section) opts.ca[ca_name].cakey = None opts.ca[ca_name].cacert = None - - if opts.ca[ca_name].hash_function == 'sha1': - warnings.warn('hash_function value of sha1 is deprecated in ca:%s section' % ca_name, DeprecationWarning) - elif opts.ca[ca_name].hash_function == 'md5': - print >> sys.stderr, "Error: hash_function of md5 is not supported in ca:% section" % ca_name return opts