mirror of
https://github.com/laurivosandi/certidude
synced 2025-01-09 07:37:36 +00:00
Attempt to fix tests
This commit is contained in:
parent
06010ceaf3
commit
7eb8378562
@ -1052,7 +1052,8 @@ def certidude_cron():
|
||||
@click.command("serve", help="Run server")
|
||||
@click.option("-p", "--port", default=8080 if os.getuid() else 80, help="Listen port")
|
||||
@click.option("-l", "--listen", default="0.0.0.0", help="Listen address")
|
||||
def certidude_serve(port, listen):
|
||||
@click.option("-f", "--fork", default=False, is_flag=True, help="Fork to background")
|
||||
def certidude_serve(port, listen, fork):
|
||||
from certidude.signer import SignServer
|
||||
from certidude import const
|
||||
click.echo("Using configuration from: %s" % const.CONFIG_PATH)
|
||||
@ -1189,14 +1190,14 @@ def certidude_serve(port, listen):
|
||||
for handler in log_handlers:
|
||||
logger.addHandler(handler)
|
||||
|
||||
import atexit
|
||||
|
||||
def exit_handler():
|
||||
logging.getLogger("cli").debug("Shutting down Certidude")
|
||||
|
||||
import atexit
|
||||
atexit.register(exit_handler)
|
||||
|
||||
logging.getLogger("cli").debug("Started Certidude at %s", const.FQDN)
|
||||
|
||||
if not fork or not os.fork():
|
||||
httpd.serve_forever()
|
||||
|
||||
@click.group("strongswan", help="strongSwan helpers")
|
||||
|
@ -107,10 +107,14 @@ renewal allowed = false
|
||||
|
||||
[push]
|
||||
event source token = {{ push_token }}
|
||||
event source subscribe = {{ push_server }}/ev/sub/%s
|
||||
event source publish = {{ push_server }}/ev/pub/%s
|
||||
long poll subscribe = {{ push_server }}/lp/sub/%s
|
||||
long poll publish = {{ push_server }}/lp/pub/%s
|
||||
event source subscribe =
|
||||
;event source subscribe = {{ push_server }}/ev/sub/%s
|
||||
event source publish =
|
||||
;event source publish = {{ push_server }}/ev/pub/%s
|
||||
long poll subscribe =
|
||||
;long poll subscribe = {{ push_server }}/lp/sub/%s
|
||||
long poll publish =
|
||||
;long poll publish = {{ push_server }}/lp/pub/%s
|
||||
|
||||
[authority]
|
||||
# Present form for CSR submission for logged in users
|
||||
@ -141,7 +145,8 @@ signed dir = {{ directory }}/signed/
|
||||
revoked dir = {{ directory }}/revoked/
|
||||
expired dir = {{ directory }}/expired/
|
||||
|
||||
outbox uri = {{ outbox }}
|
||||
outbox uri =
|
||||
;outbox uri = {{ outbox }}
|
||||
outbox sender name = Certificate management
|
||||
outbox sender address = certificates@example.com
|
||||
|
||||
|
@ -1,25 +1,43 @@
|
||||
import os
|
||||
from click.testing import CliRunner
|
||||
from certidude.cli import entry_point as cli
|
||||
from datetime import datetime, timedelta
|
||||
from cryptography.hazmat.primitives import hashes, serialization
|
||||
from cryptography.x509.oid import NameOID
|
||||
|
||||
runner = CliRunner()
|
||||
|
||||
def test_cli_setup_authority():
|
||||
# Authority setup
|
||||
# TODO: parent, common-name, country, state, locality
|
||||
# {authority,certificate,revocation-list}-lifetime
|
||||
# organization, organizational-unit
|
||||
# pkcs11
|
||||
# {crl-distribution,ocsp-responder}-url
|
||||
# email-address
|
||||
# inbox, outbox
|
||||
|
||||
result = runner.invoke(cli, ['setup', 'authority'])
|
||||
assert not result.exception
|
||||
from certidude import const, config
|
||||
|
||||
from certidude import authority
|
||||
assert authority.certificate.serial_number == '0000000000000000000000000000000000000001'
|
||||
assert authority.certificate.signed < datetime.now()
|
||||
assert authority.certificate.expires > datetime.now() + timedelta(days=7000)
|
||||
assert authority.ca_cert.serial_number == 1
|
||||
assert authority.ca_cert.not_valid_before < datetime.now()
|
||||
assert authority.ca_cert.not_valid_after > datetime.now() + timedelta(days=7000)
|
||||
|
||||
result = runner.invoke(cli, ['serve', '-f', '-p', '8080'])
|
||||
assert not result.exception
|
||||
|
||||
|
||||
from cryptography import x509
|
||||
from cryptography.hazmat.primitives.asymmetric import rsa, padding
|
||||
from cryptography.hazmat.backends import default_backend
|
||||
key = rsa.generate_private_key(
|
||||
public_exponent=65537,
|
||||
key_size=4096,
|
||||
backend=default_backend()
|
||||
)
|
||||
|
||||
csr = x509.CertificateSigningRequestBuilder(
|
||||
).subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, u"test")]))
|
||||
|
||||
with open(os.path.join(config.REQUESTS_DIR, "test.pem"), "w") as f:
|
||||
f.write(csr.sign(key, hashes.SHA256(), default_backend()).public_bytes(serialization.Encoding.PEM))
|
||||
|
||||
result = runner.invoke(cli, ['sign', 'test', '-o'])
|
||||
assert not result.exception
|
||||
|
||||
result = runner.invoke(cli, ['revoke', 'test'])
|
||||
assert not result.exception
|
||||
|
Loading…
Reference in New Issue
Block a user