Exemplo n.º 1
0
    def test_with_broken_fixup(self):
        """Ensure broken fixups stop processing."""

        self.sample_conf_ra["default_ra"]["fixups"] = {"broken": {}}
        data = self.sample_conf

        config = "anchor.jsonloader.conf._config"
        mock_noop = mock.MagicMock()
        mock_noop.name = "broken"
        mock_noop.plugin.side_effects = Exception("BOOM")

        jsonloader.conf._fixups = jsonloader.conf._fixups.make_test_instance([mock_noop], "anchor.fixups")

        with mock.patch.dict(config, data):
            with self.assertRaises(webob.exc.WSGIHTTPException):
                certificate_ops.fixup_csr("default_ra", self.csr, None)
Exemplo n.º 2
0
    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        try:
            auth_result = auth.validate(ra_name,
                                        pecan.request.POST.get('user'),
                                        pecan.request.POST.get('secret'))
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  auth_result)
        except http_status.HTTPUnauthorized:
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  None)
            raise

        try:
            csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                            pecan.request.POST.get('encoding'))
            certificate_ops.validate_csr(ra_name, auth_result, csr,
                                         pecan.request)
            csr = certificate_ops.fixup_csr(ra_name, csr, pecan.request)

            cert, fingerprint = certificate_ops.dispatch_sign(ra_name, csr)
            audit.emit_signing_event(ra_name,
                                     pecan.request.POST.get('user'),
                                     auth_result,
                                     fingerprint=fingerprint)
        except Exception:
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result)
            raise
        return cert
Exemplo n.º 3
0
    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        try:
            auth_result = auth.validate(ra_name,
                                        pecan.request.POST.get('user'),
                                        pecan.request.POST.get('secret'))
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  auth_result)
        except http_status.HTTPUnauthorized:
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  None)
            raise

        try:
            csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                            pecan.request.POST.get('encoding'))
            certificate_ops.validate_csr(ra_name, auth_result, csr,
                                         pecan.request)
            csr = certificate_ops.fixup_csr(ra_name, csr, pecan.request)

            cert, fingerprint = certificate_ops.dispatch_sign(ra_name, csr)
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result, fingerprint=fingerprint)
        except Exception:
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result)
            raise
        return cert
Exemplo n.º 4
0
    def test_with_noop(self):
        """Ensure single fixup is processed."""

        self.sample_conf_ra["default_ra"]["fixups"] = {"noop": {}}
        data = self.sample_conf

        config = "anchor.jsonloader.conf._config"
        mock_noop = mock.MagicMock()
        mock_noop.name = "noop"
        mock_noop.plugin.return_value = self.csr

        jsonloader.conf._fixups = jsonloader.conf._fixups.make_test_instance([mock_noop], "anchor.fixups")

        with mock.patch.dict(config, data):
            certificate_ops.fixup_csr("default_ra", self.csr, None)

        mock_noop.plugin.assert_called_with(csr=self.csr, conf=self.sample_conf_ra["default_ra"], request=None)
Exemplo n.º 5
0
    def test_with_broken_fixup(self):
        """Ensure broken fixups stop processing."""

        self.sample_conf_ra['default_ra']['fixups'] = {'broken': {}}
        data = self.sample_conf

        config = "anchor.jsonloader.conf._config"
        mock_noop = mock.MagicMock()
        mock_noop.name = "broken"
        mock_noop.plugin.side_effects = Exception("BOOM")

        jsonloader.conf._fixups = jsonloader.conf._fixups.make_test_instance(
            [mock_noop], 'anchor.fixups')

        with mock.patch.dict(config, data):
            with self.assertRaises(webob.exc.WSGIHTTPException):
                certificate_ops.fixup_csr('default_ra', self.csr, None)
Exemplo n.º 6
0
    def test_with_no_fixups(self):
        """Ensure no fixups is ok."""

        self.sample_conf_ra["default_ra"]["fixups"] = {}
        data = self.sample_conf

        config = "anchor.jsonloader.conf._config"
        with mock.patch.dict(config, data):
            res = certificate_ops.fixup_csr("default_ra", self.csr, None)
        self.assertIs(res, self.csr)
Exemplo n.º 7
0
    def test_with_no_fixups(self):
        """Ensure no fixups is ok."""

        self.sample_conf_ra['default_ra']['fixups'] = {}
        data = self.sample_conf

        config = "anchor.jsonloader.conf._config"
        with mock.patch.dict(config, data):
            res = certificate_ops.fixup_csr('default_ra', self.csr, None)
        self.assertIs(res, self.csr)
Exemplo n.º 8
0
    def test_with_noop(self):
        """Ensure single fixup is processed."""

        self.sample_conf_ra['default_ra']['fixups'] = {'noop': {}}
        data = self.sample_conf

        config = "anchor.jsonloader.conf._config"
        mock_noop = mock.MagicMock()
        mock_noop.name = "noop"
        mock_noop.plugin.return_value = self.csr

        jsonloader.conf._fixups = jsonloader.conf._fixups.make_test_instance(
            [mock_noop], 'anchor.fixups')

        with mock.patch.dict(config, data):
            certificate_ops.fixup_csr('default_ra', self.csr, None)

        mock_noop.plugin.assert_called_with(
            csr=self.csr, conf=self.sample_conf_ra['default_ra'], request=None)