- 26 Jun, 2020 6 commits
-
-
Vincent Pelletier authored
Not all programs support having multiple CA certificates per file, so add support for creating and maintaining certificate directories containing a single certificate each.
-
Vincent Pelletier authored
Reference machine: Raspberry Pi 1 B+. caucased can take around 40s to start (CA generation, ...).
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
wsgi.input is specified to be a bytes object, not a string object.
-
Vincent Pelletier authored
-
- 25 Jun, 2020 9 commits
-
-
Vincent Pelletier authored
So caucase.sh gets some regular exercise.
-
Vincent Pelletier authored
Otherwise, this will trigger if a test takes more than 10s to run, causing caucased to exit prematurely, as only _stopServer triggers this event.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Also, encode/decode json in utf-8, not ascii, as per standard.
-
Vincent Pelletier authored
Consistently with how doBackup encodes the result of json.dumps .
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Avoid repeating function name in these.
-
Vincent Pelletier authored
Get an auto-issued user certificate and use it to exercise an authenticated action.
-
Vincent Pelletier authored
Should have been part of: commit 17325dc0 Author: Vincent Pelletier <plr.vincent@gmail.com> Date: Sat Jul 14 18:40:41 2018 +0900 all: Make caucased https certificate independent from CAS. Also, remove CURL, PUT and PUTNoOut aliases. They are replaced with private function with a naming consistent with the rest of this script.
-
- 24 Jun, 2020 5 commits
-
-
Vincent Pelletier authored
Is no value is provided to a return statement, the status of the last command ran is returned, making "$?" superfluous.
-
Vincent Pelletier authored
If there is no return statement, shell functions return the status of the last command they ran. So "return $?" as last function statement is superfluous.
-
Vincent Pelletier authored
Simplify code a bit. Change directory when starting caucased, so all files are stored inside test's temporary directory (and not just the database). Tolerate caucased not immediately starting. Fix CA presence tests (well this is embarrassing). List test directory content when failing, as it will get deleted shortly after.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
In shell/caucase.sh line 1134: trap "kill \"$caucased_pid\"; wait; rm -rf \"$tmp_dir\"" EXIT ^-----------^ SC2064: Use single quotes, otherwise this expands now rather than when signalled. ^------^ SC2064: Use single quotes, otherwise this expands now rather than when signalled. These variables are local, so immediate expantion is expected.
-
- 23 Jun, 2020 5 commits
-
-
Vincent Pelletier authored
Basically, wrap stdout and stderr whenever they do not have an encoding with an ascii-encoding writer, and write unicode to stdout & stderr. wsgi.errors is defined in the reference implementation as being a StringIO, so follow that. Stop using argparse.FileType to get rid of python3 "file not closed" errors. Also, fix setup access to CHANGES.txt . Also, fix 2to3 involvement. Also, replace test.captureStdout with extra tool arguments.
-
Vincent Pelletier authored
Make coverage tests tolerate the no-op code path where the backup ends right on a block boundary not being exercised.
-
Vincent Pelletier authored
Test backup chunk boundaries. Test absence of a backup before the first user is created.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
- 22 Jun, 2020 2 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Resolve deprecation warnings in tests: caucase/ca.py:548: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. critical=False, caucase/ca.py:326: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. x509.SubjectKeyIdentifier, caucase/test.py:422: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. critical=False,
-
- 15 Jun, 2020 1 commit
-
-
Vincent Pelletier authored
-
- 06 Jun, 2020 1 commit
-
-
Vincent Pelletier authored
Always wait at least 60 seconds between consecutive wake-ups. Avoids spamming server and local logs with attempts in case of temporary issues (ex: network).
-
- 04 Jun, 2020 3 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Load CRL expiration date even when it has not just been renewed. Also, request a newer CRL before local one expires (7 days by default).
-
Vincent Pelletier authored
Allowing clients to have a period of CRL validity overlap.
-
- 06 May, 2020 2 commits
-
-
Kirill Smelkov authored
Rerun with updated nxd-relicense. This actually changes license text in every file. Before: W: caucase/__init__.py: cannot find license start W: caucase/_version.py: no copyright W: caucase/ca.py: cannot find license start W: caucase/cli.py: cannot find license start W: caucase/client.py: cannot find license start W: caucase/exceptions.py: cannot find license start W: caucase/http.py: cannot find license start W: caucase/http_wsgibase.py: cannot find license start W: caucase/storage.py: cannot find license start W: caucase/test.py: cannot find license start W: caucase/utils.py: cannot find license start W: caucase/version.py: cannot find license start W: caucase/wsgi.py: cannot find license start W: setup.py: cannot find license start W: shell/caucase.sh: cannot find license start W: versioneer.py: no copyright After: W: caucase/_version.py: no copyright W: versioneer.py: no copyright
-
Vincent Pelletier authored
Add FOSS licence exception. Fix copyright holder name.
-
- 31 Jan, 2020 1 commit
-
-
Łukasz Nowak authored
Since "ca: Do not use a 128bits OID arc for caucase internal use" new OIDs are used, but the migration was not tested, so it's added here.
-
- 22 Jan, 2020 1 commit
-
-
Ivan Tyagov authored
@jerome @vpelletier , Tests do pass at https://nexedi.erp5.net/test_result_module/20200122-713A91C9/view?ignore_layout:int=1 /reviewed-on nexedi/caucase!12
-
- 27 May, 2019 3 commits
-
-
Vincent Pelletier authored
-
Łukasz Nowak authored
Many software packages do not support 128 bits arcs in OIDs (see https://misc.daniel-marschall.de/asn.1/oid_facts.html#chap4), use a registered OID instead. Certificates emitted using the legacy OID are migrated to the new OID on renewal. Mix of work by Vincent Pelletier <vincent@nexedi.com> and Thomas Gambier <thomas.gambier@nexedi.com> finished by Lukasz Nowak <luke@nexedi.com>
-
Łukasz Nowak authored
-
- 01 Apr, 2019 1 commit
-
-
Vincent Pelletier authored
-