lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2025-10-31 09:29:13 +00:00
Code Issues Activity

Attempt to fix tests

Browse Source
This commit is contained in:
Lauri Võsandi
2017-03-13 17:20:41 +02:00
parent 06010ceaf3
commit 7eb8378562
3 changed files with 47 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
certidude/cli.py
View File

@@ -1052,7 +1052,8 @@ def certidude_cron():
@click.command("serve", help="Run server") @click.command("serve", help="Run server")
@click.option("-p", "--port", default=8080 if os.getuid() else 80, help="Listen port") @click.option("-p", "--port", default=8080 if os.getuid() else 80, help="Listen port")
@click.option("-l", "--listen", default="0.0.0.0", help="Listen address") @click.option("-l", "--listen", default="0.0.0.0", help="Listen address")
def certidude_serve(port, listen): @click.option("-f", "--fork", default=False, is_flag=True, help="Fork to background")
def certidude_serve(port, listen, fork):
from certidude.signer import SignServer from certidude.signer import SignServer
from certidude import const from certidude import const
click.echo("Using configuration from: %s" % const.CONFIG_PATH) click.echo("Using configuration from: %s" % const.CONFIG_PATH)
@@ -1189,14 +1190,14 @@ def certidude_serve(port, listen):
for handler in log_handlers: for handler in log_handlers:
logger.addHandler(handler) logger.addHandler(handler)
import atexit
def exit_handler(): def exit_handler():
logging.getLogger("cli").debug("Shutting down Certidude") logging.getLogger("cli").debug("Shutting down Certidude")
import atexit
atexit.register(exit_handler) atexit.register(exit_handler)
logging.getLogger("cli").debug("Started Certidude at %s", const.FQDN) logging.getLogger("cli").debug("Started Certidude at %s", const.FQDN)
if not fork or not os.fork():
httpd.serve_forever() httpd.serve_forever()
@click.group("strongswan", help="strongSwan helpers") @click.group("strongswan", help="strongSwan helpers")

15
certidude/templates/certidude-server.conf
View File

@@ -107,10 +107,14 @@ renewal allowed = false
[push] [push]
event source token = {{ push_token }} event source token = {{ push_token }}
event source subscribe = {{ push_server }}/ev/sub/%s event source subscribe =
event source publish = {{ push_server }}/ev/pub/%s ;event source subscribe = {{ push_server }}/ev/sub/%s
long poll subscribe = {{ push_server }}/lp/sub/%s event source publish =
long poll publish = {{ push_server }}/lp/pub/%s ;event source publish = {{ push_server }}/ev/pub/%s
long poll subscribe =
;long poll subscribe = {{ push_server }}/lp/sub/%s
long poll publish =
;long poll publish = {{ push_server }}/lp/pub/%s
[authority] [authority]
# Present form for CSR submission for logged in users # Present form for CSR submission for logged in users
@@ -141,7 +145,8 @@ signed dir = {{ directory }}/signed/
revoked dir = {{ directory }}/revoked/ revoked dir = {{ directory }}/revoked/
expired dir = {{ directory }}/expired/ expired dir = {{ directory }}/expired/
outbox uri = {{ outbox }} outbox uri =
;outbox uri = {{ outbox }}
outbox sender name = Certificate management outbox sender name = Certificate management
outbox sender address = certificates@example.com outbox sender address = certificates@example.com

42
tests/test_cli.py
View File

@@ -1,25 +1,43 @@
import os
from click.testing import CliRunner from click.testing import CliRunner
from certidude.cli import entry_point as cli from certidude.cli import entry_point as cli
from datetime import datetime, timedelta from datetime import datetime, timedelta
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.x509.oid import NameOID
runner = CliRunner() runner = CliRunner()
def test_cli_setup_authority(): def test_cli_setup_authority():
# Authority setup
# TODO: parent, common-name, country, state, locality
# {authority,certificate,revocation-list}-lifetime
# organization, organizational-unit
# pkcs11
# {crl-distribution,ocsp-responder}-url
# email-address
# inbox, outbox
result = runner.invoke(cli, ['setup', 'authority']) result = runner.invoke(cli, ['setup', 'authority'])
assert not result.exception assert not result.exception
from certidude import const, config
from certidude import authority from certidude import authority
assert authority.certificate.serial_number == '0000000000000000000000000000000000000001' assert authority.ca_cert.serial_number == 1
assert authority.certificate.signed < datetime.now() assert authority.ca_cert.not_valid_before < datetime.now()
assert authority.certificate.expires > datetime.now() + timedelta(days=7000) assert authority.ca_cert.not_valid_after > datetime.now() + timedelta(days=7000)
result = runner.invoke(cli, ['serve', '-f', '-p', '8080'])
assert not result.exception
from cryptography import x509
from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.backends import default_backend
key = rsa.generate_private_key(
public_exponent=65537,
key_size=4096,
backend=default_backend()
)
csr = x509.CertificateSigningRequestBuilder(
).subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, u"test")]))
with open(os.path.join(config.REQUESTS_DIR, "test.pem"), "w") as f:
f.write(csr.sign(key, hashes.SHA256(), default_backend()).public_bytes(serialization.Encoding.PEM))
result = runner.invoke(cli, ['sign', 'test', '-o'])
assert not result.exception
result = runner.invoke(cli, ['revoke', 'test'])
assert not result.exception