Attempt to fix tests

2025-10-31 17:39:12 +00:00 · 2017-03-13 17:20:41 +02:00
parent 06010ceaf3
commit 7eb8378562
3 changed files with 47 additions and 23 deletions
--- a/certidude/cli.py
+++ b/certidude/cli.py
@@ -1052,7 +1052,8 @@ def certidude_cron():
@click.command("serve", help="Run server")
@click.option("-p", "--port", default=8080 if os.getuid() else 80, help="Listen port")
@click.option("-l", "--listen", default="0.0.0.0", help="Listen address")
-def certidude_serve(port, listen):
+@click.option("-f", "--fork", default=False, is_flag=True, help="Fork to background")
+def certidude_serve(port, listen, fork):
    from certidude.signer import SignServer
    from certidude import const
    click.echo("Using configuration from: %s" % const.CONFIG_PATH)
@@ -1189,15 +1190,15 @@ def certidude_serve(port, listen):
        for handler in log_handlers:
            logger.addHandler(handler)

-    import atexit

    def exit_handler():
        logging.getLogger("cli").debug("Shutting down Certidude")
-
+    import atexit
    atexit.register(exit_handler)
-
    logging.getLogger("cli").debug("Started Certidude at %s", const.FQDN)
-    httpd.serve_forever()
+
+    if not fork or not os.fork():
+        httpd.serve_forever()

@click.group("strongswan", help="strongSwan helpers")
 def certidude_setup_strongswan(): pass
--- a/certidude/templates/certidude-server.conf
+++ b/certidude/templates/certidude-server.conf
@@ -107,10 +107,14 @@ renewal allowed = false

 [push]
 event source token = {{ push_token }}
-event source subscribe = {{ push_server }}/ev/sub/%s
-event source publish = {{ push_server }}/ev/pub/%s
-long poll subscribe = {{ push_server }}/lp/sub/%s
-long poll publish = {{ push_server }}/lp/pub/%s
+event source subscribe =
+;event source subscribe = {{ push_server }}/ev/sub/%s
+event source publish =
+;event source publish = {{ push_server }}/ev/pub/%s
+long poll subscribe =
+;long poll subscribe = {{ push_server }}/lp/sub/%s
+long poll publish =
+;long poll publish = {{ push_server }}/lp/pub/%s

 [authority]
 # Present form for CSR submission for logged in users
@@ -141,7 +145,8 @@ signed dir = {{ directory }}/signed/
 revoked dir = {{ directory }}/revoked/
 expired dir = {{ directory }}/expired/

-outbox uri = {{ outbox }}
+outbox uri =
+;outbox uri = {{ outbox }}
 outbox sender name = Certificate management
 outbox sender address = certificates@example.com

--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@@ -1,25 +1,43 @@
+import os
 from click.testing import CliRunner
 from certidude.cli import entry_point as cli
 from datetime import datetime, timedelta
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.x509.oid import NameOID

 runner = CliRunner()

 def test_cli_setup_authority():
-    # Authority setup
-    # TODO: parent, common-name, country, state, locality
-    # {authority,certificate,revocation-list}-lifetime
-    # organization, organizational-unit
-    # pkcs11
-    # {crl-distribution,ocsp-responder}-url
-    # email-address
-    # inbox, outbox
-
    result = runner.invoke(cli, ['setup', 'authority'])
    assert not result.exception
+    from certidude import const, config

    from certidude import authority
-    assert authority.certificate.serial_number == '0000000000000000000000000000000000000001'
-    assert authority.certificate.signed < datetime.now()
-    assert authority.certificate.expires > datetime.now() + timedelta(days=7000)
+    assert authority.ca_cert.serial_number == 1
+    assert authority.ca_cert.not_valid_before < datetime.now()
+    assert authority.ca_cert.not_valid_after > datetime.now() + timedelta(days=7000)

-        
+    result = runner.invoke(cli, ['serve', '-f', '-p', '8080'])
+    assert not result.exception
+
+
+    from cryptography import x509
+    from cryptography.hazmat.primitives.asymmetric import rsa, padding
+    from cryptography.hazmat.backends import default_backend
+    key = rsa.generate_private_key(
+        public_exponent=65537,
+        key_size=4096,
+        backend=default_backend()
+    )
+
+    csr = x509.CertificateSigningRequestBuilder(
+        ).subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, u"test")]))
+
+    with open(os.path.join(config.REQUESTS_DIR, "test.pem"), "w") as f:
+        f.write(csr.sign(key, hashes.SHA256(), default_backend()).public_bytes(serialization.Encoding.PEM))
+
+    result = runner.invoke(cli, ['sign', 'test', '-o'])
+    assert not result.exception
+
+    result = runner.invoke(cli, ['revoke', 'test'])
+    assert not result.exception