- 25 Jun, 2020 2 commits
-
-
Vincent Pelletier authored
Get an auto-issued user certificate and use it to exercise an authenticated action.
-
Vincent Pelletier authored
Should have been part of: commit 17325dc0 Author: Vincent Pelletier <plr.vincent@gmail.com> Date: Sat Jul 14 18:40:41 2018 +0900 all: Make caucased https certificate independent from CAS. Also, remove CURL, PUT and PUTNoOut aliases. They are replaced with private function with a naming consistent with the rest of this script.
-
- 24 Jun, 2020 5 commits
-
-
Vincent Pelletier authored
Is no value is provided to a return statement, the status of the last command ran is returned, making "$?" superfluous.
-
Vincent Pelletier authored
If there is no return statement, shell functions return the status of the last command they ran. So "return $?" as last function statement is superfluous.
-
Vincent Pelletier authored
Simplify code a bit. Change directory when starting caucased, so all files are stored inside test's temporary directory (and not just the database). Tolerate caucased not immediately starting. Fix CA presence tests (well this is embarrassing). List test directory content when failing, as it will get deleted shortly after.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
In shell/caucase.sh line 1134: trap "kill \"$caucased_pid\"; wait; rm -rf \"$tmp_dir\"" EXIT ^-----------^ SC2064: Use single quotes, otherwise this expands now rather than when signalled. ^------^ SC2064: Use single quotes, otherwise this expands now rather than when signalled. These variables are local, so immediate expantion is expected.
-
- 23 Jun, 2020 5 commits
-
-
Vincent Pelletier authored
Basically, wrap stdout and stderr whenever they do not have an encoding with an ascii-encoding writer, and write unicode to stdout & stderr. wsgi.errors is defined in the reference implementation as being a StringIO, so follow that. Stop using argparse.FileType to get rid of python3 "file not closed" errors. Also, fix setup access to CHANGES.txt . Also, fix 2to3 involvement. Also, replace test.captureStdout with extra tool arguments.
-
Vincent Pelletier authored
Make coverage tests tolerate the no-op code path where the backup ends right on a block boundary not being exercised.
-
Vincent Pelletier authored
Test backup chunk boundaries. Test absence of a backup before the first user is created.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
- 22 Jun, 2020 2 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Resolve deprecation warnings in tests: caucase/ca.py:548: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. critical=False, caucase/ca.py:326: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. x509.SubjectKeyIdentifier, caucase/test.py:422: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. critical=False,
-
- 15 Jun, 2020 1 commit
-
-
Vincent Pelletier authored
-
- 06 Jun, 2020 1 commit
-
-
Vincent Pelletier authored
Always wait at least 60 seconds between consecutive wake-ups. Avoids spamming server and local logs with attempts in case of temporary issues (ex: network).
-
- 04 Jun, 2020 3 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Load CRL expiration date even when it has not just been renewed. Also, request a newer CRL before local one expires (7 days by default).
-
Vincent Pelletier authored
Allowing clients to have a period of CRL validity overlap.
-
- 06 May, 2020 2 commits
-
-
Kirill Smelkov authored
Rerun with updated nxd-relicense. This actually changes license text in every file. Before: W: caucase/__init__.py: cannot find license start W: caucase/_version.py: no copyright W: caucase/ca.py: cannot find license start W: caucase/cli.py: cannot find license start W: caucase/client.py: cannot find license start W: caucase/exceptions.py: cannot find license start W: caucase/http.py: cannot find license start W: caucase/http_wsgibase.py: cannot find license start W: caucase/storage.py: cannot find license start W: caucase/test.py: cannot find license start W: caucase/utils.py: cannot find license start W: caucase/version.py: cannot find license start W: caucase/wsgi.py: cannot find license start W: setup.py: cannot find license start W: shell/caucase.sh: cannot find license start W: versioneer.py: no copyright After: W: caucase/_version.py: no copyright W: versioneer.py: no copyright
-
Vincent Pelletier authored
Add FOSS licence exception. Fix copyright holder name.
-
- 31 Jan, 2020 1 commit
-
-
Łukasz Nowak authored
Since "ca: Do not use a 128bits OID arc for caucase internal use" new OIDs are used, but the migration was not tested, so it's added here.
-
- 22 Jan, 2020 1 commit
-
-
Ivan Tyagov authored
@jerome @vpelletier , Tests do pass at https://nexedi.erp5.net/test_result_module/20200122-713A91C9/view?ignore_layout:int=1 /reviewed-on nexedi/caucase!12
-
- 27 May, 2019 3 commits
-
-
Vincent Pelletier authored
-
Łukasz Nowak authored
Many software packages do not support 128 bits arcs in OIDs (see https://misc.daniel-marschall.de/asn.1/oid_facts.html#chap4), use a registered OID instead. Certificates emitted using the legacy OID are migrated to the new OID on renewal. Mix of work by Vincent Pelletier <vincent@nexedi.com> and Thomas Gambier <thomas.gambier@nexedi.com> finished by Lukasz Nowak <luke@nexedi.com>
-
Łukasz Nowak authored
-
- 01 Apr, 2019 1 commit
-
-
Vincent Pelletier authored
-
- 25 Jan, 2019 1 commit
-
-
Łukasz Nowak authored
Just like other places in caucase-updater, print the next time of wake up. This information is useful in logs, for debugging caucase-updater problems. /reviewed-on !6
-
- 24 Jan, 2019 2 commits
-
-
Vincent Pelletier authored
-
Łukasz Nowak authored
Timedeltas between utcnow() and now() depend on system timezone, so they can last many hours when a few seconds is intended. The now() here was entered by mistake. /reviewed-on !5
-
- 05 Jan, 2019 1 commit
-
-
Vincent Pelletier authored
-
- 03 Jan, 2019 9 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Reduces backslash-doubling crazyness.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
...when connection is used as a context manager (which is the expected coding style anyway). If silently ignored, rollback may be incomplete if a subtransaction already committed. And if commit only happen at outmost transaction, no-undo changes could come undone if outer transaction aborts. This is currently observed in the code, so no other change is needed.
-
Vincent Pelletier authored
-