make_ssl_certs: make it possible to pass in expiration dates from command line

kanavin · kanavin · commit 0fcc8a2d08d5 · 2024-05-23T11:59:01.000+02:00
Note that the defaults are same as they were, so if nothing is
specified, the script works exactly as before.

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
diff --git a/Lib/test/certdata/make_ssl_certs.py b/Lib/test/certdata/make_ssl_certs.py
@@ -1,14 +1,18 @@
 """Make the custom certificate and private key files used by test_ssl
 and friends."""
 
+import argparse
 import os
 import pprint
 import shutil
 import tempfile
 from subprocess import *
 
 startdate = "20180829142316Z"
-enddate = "20371028142316Z"
+enddate_default = "20371028142316Z"
+days_default = "7000"
+
+cmdlineargs = None
 
 req_template = """
     [ default ]
@@ -79,8 +83,8 @@
     default_startdate = {startdate}
     enddate = {enddate}
     default_enddate = {enddate}
-    default_days = 7000
-    default_crl_days = 7000
+    default_days = {days}
+    default_crl_days = {days}
     certificate = pycacert.pem
     private_key = pycakey.pem
     serial    = $dir/serial
@@ -130,11 +134,12 @@ def make_cert_key(hostname, sign=False, extra_san='',
             hostname=hostname,
             extra_san=extra_san,
             startdate=startdate,
-            enddate=enddate
+            enddate=cmdlineargs.enddate,
+            days=cmdlineargs.days
         )
         with open(req_file, 'w') as f:
             f.write(req)
-        args = ['req', '-new', '-nodes', '-days', '7000',
+        args = ['req', '-new', '-nodes', '-days', cmdlineargs.days,
                 '-newkey', key, '-keyout', key_file,
                 '-extensions', ext,
                 '-config', req_file]
@@ -192,7 +197,8 @@ def make_ca():
             hostname='our-ca-server',
             extra_san='',
             startdate=startdate,
-            enddate=enddate
+            enddate=cmdlineargs.enddate,
+            days=cmdlineargs.days
         )
         t.write(req)
         t.flush()
@@ -228,6 +234,11 @@ def write_cert_reference(path):
 
 
 if __name__ == '__main__':
+    parser = argparse.ArgumentParser(description='Make the custom certificate and private key files used by test_ssl and friends.')
+    parser.add_argument('--days', default=days_default)
+    parser.add_argument('--enddate', default=enddate_default)
+    cmdlineargs = parser.parse_args()
+
     os.chdir(here)
     cert, key = make_cert_key('localhost', ext='req_x509_extensions_simple')
     with open('ssl_cert.pem', 'w') as f:
