Commit 0f4953dd authored by Adrien Dorsaz's avatar Adrien Dorsaz

Merge branch 'merge-fix-log-and-contacts' into 'master'

Fix log issue at end of the script and allow empty contacts

See merge request !14
parents 66478531 98f99fa9
Pipeline #233 passed with stage
in 8 minutes and 10 seconds
...@@ -128,7 +128,7 @@ def get_crt(config, log=LOGGER): ...@@ -128,7 +128,7 @@ def get_crt(config, log=LOGGER):
account_request["termsOfServiceAgreed"] = True account_request["termsOfServiceAgreed"] = True
log.warning("Terms of service exists and will be automatically agreed, please read them: {0}".format(terms_service)) log.warning("Terms of service exists and will be automatically agreed, please read them: {0}".format(terms_service))
account_request["contact"] = config["acmednstiny"].get("Contacts", "").split(';') account_request["contact"] = config["acmednstiny"].get("Contacts", "").split(';')
if account_request["contact"] == "": if account_request["contact"] == [""]:
del account_request["contact"] del account_request["contact"]
http_response, account_info = _send_signed_request(acme_config["newAccount"], account_request) http_response, account_info = _send_signed_request(acme_config["newAccount"], account_request)
...@@ -144,7 +144,7 @@ def get_crt(config, log=LOGGER): ...@@ -144,7 +144,7 @@ def get_crt(config, log=LOGGER):
raise ValueError("Error registering account: {0} {1}".format(http_response.status_code, account_info)) raise ValueError("Error registering account: {0} {1}".format(http_response.status_code, account_info))
log.info("Update contact information if needed.") log.info("Update contact information if needed.")
if (set(account_request["contact"]) != set(account_info["contact"])): if ("contact" in account_request and set(account_request["contact"]) != set(account_info["contact"])):
http_response, result = _send_signed_request(jws_header["kid"], account_request) http_response, result = _send_signed_request(jws_header["kid"], account_request)
if http_response.status_code == 200: if http_response.status_code == 200:
log.debug(" - Account updated with latest contact informations.") log.debug(" - Account updated with latest contact informations.")
...@@ -257,14 +257,14 @@ def get_crt(config, log=LOGGER): ...@@ -257,14 +257,14 @@ def get_crt(config, log=LOGGER):
else: else:
raise ValueError("Finalizing order {0} got errors: {1}".format( raise ValueError("Finalizing order {0} got errors: {1}".format(
domain, order)) domain, order))
joseheaders['Accept'] = config["acmednstiny"].get("CertificateFormat", 'application/pem-certificate-chain') joseheaders['Accept'] = config["acmednstiny"].get("CertificateFormat", 'application/pem-certificate-chain')
http_response, result = _send_signed_request(order["certificate"], "") http_response, result = _send_signed_request(order["certificate"], "")
if http_response.status_code != 200: if http_response.status_code != 200:
raise ValueError("Finalizing order {0} got errors: {1}".format(http_response.status_code, result)) raise ValueError("Finalizing order {0} got errors: {1}".format(http_response.status_code, result))
if 'link' in http_response.headers: if 'link' in http_response.headers:
log.info(" - Certificate links given by server: {0}", http_response.headers['link']) log.info(" - Certificate links given by server: {0}".format(http_response.headers['link']))
log.info("Certificate signed and chain received: {0}".format(order["certificate"])) log.info("Certificate signed and chain received: {0}".format(order["certificate"]))
return http_response.text return http_response.text
......
FROM debian:jessie-backports
RUN apt-get update
RUN apt-get upgrade -y
# Minimal tools required by acme-dns-tiny CI
RUN apt-get install -y \
python3-coverage \
python3-pip
RUN apt-get install -y \
-t jessie-backports \
python3-configargparse \
python3-dnspython
# Allows run python3-coverage with same command than manual install by pip
RUN update-alternatives --install \
/usr/bin/coverage \
coverage \
/usr/bin/python3-coverage \
1
FROM debian:jessie FROM debian:jessie-slim
RUN apt-get update RUN apt-get update
RUN apt-get upgrade -y RUN apt-get upgrade -y
# Minimal tools required by acme-dns-tiny CI # Minimal tools required by acme-dns-tiny CI
RUN apt-get install -y \ RUN apt-get install -y --no-install-recommends \
python3-dnspython \ python3-dnspython \
python3-coverage \ python3-coverage \
python3-pip python3-pip
......
FROM debian:stretch FROM debian:stretch-slim
RUN apt-get update RUN apt-get update
RUN apt-get upgrade -y RUN apt-get upgrade -y
# Minimal tools required by acme-dns-tiny CI # Minimal tools required by acme-dns-tiny CI
RUN apt-get install -y \ RUN apt-get install -y --no-install-recommends \
python3-dnspython \ python3-dnspython \
python3-coverage \ python3-coverage \
python3-configargparse \ python3-configargparse \
......
jessie: jessie:
image: adt-jessie_dnspython3_1.11 image: adt-jessie
before_script:
- pip3 install --upgrade -r tests/requirements.txt
script:
- coverage run --source ./ -m unittest -v tests.test_acme_dns_tiny tests.test_acme_account_rollover tests.test_acme_account_deactivate
- coverage report --include=acme_dns_tiny.py,tools/acme_account_rollover.py,tools/acme_account_deactivate.py
- coverage html
jessie_backport:
image: adt-jessie_dnspython3_1.15-bpo
before_script: before_script:
- pip3 install --upgrade -r tests/requirements.txt - pip3 install --upgrade -r tests/requirements.txt
script: script:
...@@ -17,7 +8,7 @@ jessie_backport: ...@@ -17,7 +8,7 @@ jessie_backport:
- coverage html - coverage html
stretch: stretch:
image: adt-stretch_dnspython3_1.15 image: adt-stretch
before_script: before_script:
- pip3 install --upgrade -r tests/requirements.txt - pip3 install --upgrade -r tests/requirements.txt
script: script:
......
...@@ -58,6 +58,16 @@ def generate_acme_dns_tiny_config(): ...@@ -58,6 +58,16 @@ def generate_acme_dns_tiny_config():
with open(goodCName.name, 'w') as configfile: with open(goodCName.name, 'w') as configfile:
config.write(configfile) config.write(configfile)
# Simple configuration with good options, without contacts field
account_key, domain_key, domain_csr, config = generate_config();
os.remove(domain_key)
config.remove_option("acmednstiny", "Contacts")
goodCNameWithoutContacts = NamedTemporaryFile(delete=False)
with open(goodCNameWithoutContacts.name, 'w') as configfile:
config.write(configfile)
# Simple configuration without CSR in configuration (will be passed as argument) # Simple configuration without CSR in configuration (will be passed as argument)
account_key, domain_key, domain_csr, config = generate_config(); account_key, domain_key, domain_csr, config = generate_config();
os.remove(domain_key) os.remove(domain_key)
...@@ -170,6 +180,7 @@ def generate_acme_dns_tiny_config(): ...@@ -170,6 +180,7 @@ def generate_acme_dns_tiny_config():
return { return {
# configs # configs
"goodCName": goodCName.name, "goodCName": goodCName.name,
"goodCNameWithoutContacts": goodCNameWithoutContacts.name,
"goodCNameWithoutCSR": goodCNameWithoutCSR.name, "goodCNameWithoutCSR": goodCNameWithoutCSR.name,
"wildCName": wildCName.name, "wildCName": wildCName.name,
"dnsHostIP": dnsHostIP.name, "dnsHostIP": dnsHostIP.name,
......
...@@ -71,6 +71,19 @@ class TestACMEDNSTiny(unittest.TestCase): ...@@ -71,6 +71,19 @@ class TestACMEDNSTiny(unittest.TestCase):
self.assertCertificateChain(certchain) self.assertCertificateChain(certchain)
def test_success_cn_without_contacts(self):
""" Successfully issue a certificate via CN, but without Contacts field """
old_stdout = sys.stdout
sys.stdout = StringIO()
acme_dns_tiny.main([self.configs['goodCNameWithoutContacts'], "--verbose"])
certchain = sys.stdout.getvalue()
sys.stdout.close()
sys.stdout = old_stdout
self.assertCertificateChain(certchain)
def test_success_cn_with_csr_option(self): def test_success_cn_with_csr_option(self):
""" Successfully issue a certificate using CSR option outside from the config file""" """ Successfully issue a certificate using CSR option outside from the config file"""
old_stdout = sys.stdout old_stdout = sys.stdout
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment