tests: Cleanups

2024-12-22 16:25:17 +00:00 · 2017-05-01 22:32:55 +00:00 · 2017-05-01 22:32:55 +00:00 · 58491e7933
commit 58491e7933
parent 3c8aef4fd2
8 changed files with 44 additions and 44 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -9,7 +9,7 @@ virtualenv:
  system_site_packages: true
 install:
  - echo "127.0.0.1 localhost" | sudo tee /etc/hosts
-  - echo "127.0.0.1 ca.example.lan ca" | sudo tee -a /etc/hosts
+  - echo "127.0.1.1 ca.example.lan ca" | sudo tee -a /etc/hosts
  - echo "127.0.0.1 vpn.koodur.lan" | sudo tee -a /etc/hosts
  - sudo mkdir -p /etc/systemd/system
  - sudo pip install -r requirements.txt
--- a/MANIFEST.in
+++ b/MANIFEST.in
@ -7,6 +7,8 @@ include certidude/templates/*.ini
 include certidude/templates/mail/*.md
 include certidude/templates/client/*.timer
 include certidude/templates/client/*.service
+include certidude/templates/server/*.service
+include certidude/templates/server/*.conf
 include certidude/static/js/*.js
 include certidude/static/css/*.css
 include certidude/static/fonts/*.woff2
--- a/certidude/authority.py
+++ b/certidude/authority.py
@ -204,11 +204,11 @@ def delete_request(common_name):

 def generate_ovpn_bundle(common_name, owner=None):
    # Construct private key
-    click.echo("Generating 4096-bit RSA key...")
+    click.echo("Generating %d-bit RSA key..." % const.KEY_SIZE)

    key = rsa.generate_private_key(
        public_exponent=65537,
-        key_size=4096,
+        key_size=const.KEY_SIZE,
        backend=default_backend()
    )

@ -234,17 +234,17 @@ def generate_ovpn_bundle(common_name, owner=None):
        servers = list_server_names())
    return bundle, cert

-def generate_pkcs12_bundle(common_name, key_size=4096, owner=None):
+def generate_pkcs12_bundle(common_name, owner=None):
    """
    Generate private key, sign certificate and return PKCS#12 bundle
    """

    # Construct private key
-    click.echo("Generating %d-bit RSA key..." % key_size)
+    click.echo("Generating %d-bit RSA key..." % const.KEY_SIZE)

    key = rsa.generate_private_key(
        public_exponent=65537,
-        key_size=4096,
+        key_size=const.KEY_SIZE,
        backend=default_backend()
    )

--- a/certidude/cli.py
+++ b/certidude/cli.py
@ -921,11 +921,11 @@ def certidude_setup_authority(username, kerberos_keytab, nginx_config, country,
    else:
        click.echo("CA configuration files are saved to: {}".format(directory))

-        click.echo("Generating 4096-bit RSA key...")
+        click.echo("Generating %d-bit RSA key..." % const.KEY_SIZE)

        key = rsa.generate_private_key(
            public_exponent=65537,
-            key_size=4096,
+            key_size=const.KEY_SIZE,
            backend=default_backend()
        )

@ -1145,7 +1145,7 @@ def certidude_cron():
            click.echo("Moved %s to %s" % (path, expired_path))

@click.command("serve", help="Run server")
-@click.option("-p", "--port", default=8080 if os.getuid() else 80, help="Listen port")
+@click.option("-p", "--port", default=80, help="Listen port")
@click.option("-l", "--listen", default="0.0.0.0", help="Listen address")
@click.option("-f", "--fork", default=False, is_flag=True, help="Fork to background")
 def certidude_serve(port, listen, fork):
@ -1158,8 +1158,6 @@ def certidude_serve(port, listen, fork):

    from certidude import config

-    # Fetch UID, GID of certidude user
-    if os.getuid() == 0:
    # Process directories
    if not os.path.exists(const.RUN_DIR):
        click.echo("Creating: %s" % const.RUN_DIR)
--- a/certidude/const.py
+++ b/certidude/const.py
@ -4,6 +4,7 @@ import os
 import socket
 import sys

+KEY_SIZE = 1024 if os.getenv("TRAVIS") else 4096
 RUN_DIR = "/run/certidude"
 CONFIG_DIR = os.path.expanduser("~/.certidude") if os.getuid() else "/etc/certidude"
 CONFIG_PATH = os.path.join(CONFIG_DIR, "server.conf")
--- a/certidude/helpers.py
+++ b/certidude/helpers.py
@ -134,10 +134,10 @@ def certidude_request_certificate(server, system_keytab_required, key_path, requ
    except EnvironmentError:

        # Construct private key
-        click.echo("Generating 4096-bit RSA key...")
+        click.echo("Generating %d-bit RSA key..." % const.KEY_SIZE)
        key = rsa.generate_private_key(
            public_exponent=65537,
-            key_size=4096,
+            key_size=const.KEY_SIZE,
            backend=default_backend()
        )

--- a/certidude/relational.py
+++ b/certidude/relational.py
@ -16,24 +16,11 @@ class RelationalMixin(object):

    def __init__(self, uri):
        self.uri = urlparse(uri)
-        if self.SQL_CREATE_TABLES and self.SQL_CREATE_TABLES not in SCRIPTS:
-            conn = self.sql_connect()
-            cur = conn.cursor()
-            with open(self.sql_resolve_script(self.SQL_CREATE_TABLES)) as fh:
-                click.echo("Executing: %s" % fh.name)
-                if self.uri.scheme == "sqlite":
-                    cur.executescript(fh.read())
-                else:
-                    cur.execute(fh.read(), multi=True)
-            conn.commit()
-            cur.close()
-            conn.close()
-

    def sql_connect(self):
        if self.uri.scheme == "mysql":
            import mysql.connector
-            return mysql.connector.connect(
+            conn = mysql.connector.connect(
                user=self.uri.username,
                password=self.uri.password,
                host=self.uri.hostname,
@ -42,10 +29,21 @@ class RelationalMixin(object):
            if self.uri.netloc:
                raise ValueError("Malformed database URI %s" % self.uri)
            import sqlite3
-            return sqlite3.connect(self.uri.path)
+            conn = sqlite3.connect(self.uri.path)
        else:
            raise NotImplementedError("Unsupported database scheme %s, currently only mysql://user:pass@host/database or sqlite:///path/to/database.sqlite is supported" % o.scheme)

+        if self.SQL_CREATE_TABLES and self.SQL_CREATE_TABLES not in SCRIPTS:
+            cur = conn.cursor()
+            buf, path = self.sql_load(self.SQL_CREATE_TABLES)
+            click.echo("Executing: %s" % path)
+            if self.uri.scheme == "sqlite":
+                cur.executescript(buf)
+            else:
+                cur.execute(buf, multi=True)
+            conn.commit()
+            cur.close()
+        return conn

    def sql_resolve_script(self, filename):
        return os.path.realpath(os.path.join(os.path.dirname(__file__),
@ -59,16 +57,17 @@ class RelationalMixin(object):
        fh = open(self.sql_resolve_script(filename))
        click.echo("Caching SQL script: %s" % fh.name)
        buf = re.sub("\s*\n\s*", " ", fh.read())
-        SCRIPTS[filename] = buf
+        SCRIPTS[filename] = buf, fh.name
        fh.close()
-        return buf
+        return buf, fh.name


    def sql_execute(self, script, *args):
        conn = self.sql_connect()
        cursor = conn.cursor()
        click.echo("Executing %s with %s" % (script, args))
-        cursor.execute(self.sql_load(script), args)
+        buf, path = self.sql_load(script)
+        cursor.execute(buf, args)
        rowid = cursor.lastrowid
        conn.commit()
        cursor.close()
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@ -78,7 +78,7 @@ def test_cli_setup_authority():
    assert authority.ca_cert.not_valid_after > datetime.now() + timedelta(days=7000)

    # Start server before any signing operations are performed
-    result = runner.invoke(cli, ['serve', '-f'])
+    result = runner.invoke(cli, ['serve', '-f', '-p', '80', '-l', '127.0.1.1'])
    assert not result.exception, result.output

    import requests