Skip to content

Commit dec2bbe

Browse files
drGrovedrGrove
committed
Make State, Country and Locality non-compulsory
1 parent 860d8b4 commit dec2bbe

File tree

2 files changed

+73
-26
lines changed

2 files changed

+73
-26
lines changed

mtls/mtls.py

Lines changed: 20 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -723,31 +723,29 @@ def generate_csr(self, key):
723723
"Generating CSR for {server}".format(server=self.server),
724724
fg="yellow",
725725
)
726-
country = self.config.get(self.server, "country")
727-
state = self.config.get(self.server, "state")
728-
locality = self.config.get(self.server, "locality")
726+
country = self.config.get(self.server, "country", fallback=None)
727+
state = self.config.get(self.server, "state", fallback=None)
728+
locality = self.config.get(self.server, "locality", fallback=None)
729729
organization_name = self.config.get(self.server, "organization_name")
730730
email = self.config.get(self.server, "email")
731+
csr_subject_arr = [
732+
x509.NameAttribute(
733+
NameOID.ORGANIZATION_NAME, organization_name
734+
),
735+
x509.NameAttribute(
736+
NameOID.COMMON_NAME, self.friendly_name
737+
),
738+
x509.NameAttribute(NameOID.EMAIL_ADDRESS, email),
739+
]
740+
if state:
741+
csr_subject_arr.append(x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, state))
742+
if country:
743+
csr_subject_arr.append(x509.NameAttribute(NameOID.COUNTRY_NAME, country))
744+
if locality:
745+
csr_subject_arr.append(x509.NameAttribute(NameOID.LOCALITY_NAME, locality))
731746
csr = (
732747
x509.CertificateSigningRequestBuilder()
733-
.subject_name(
734-
x509.Name(
735-
[
736-
x509.NameAttribute(NameOID.COUNTRY_NAME, country),
737-
x509.NameAttribute(
738-
NameOID.STATE_OR_PROVINCE_NAME, state
739-
),
740-
x509.NameAttribute(NameOID.LOCALITY_NAME, locality),
741-
x509.NameAttribute(
742-
NameOID.ORGANIZATION_NAME, organization_name
743-
),
744-
x509.NameAttribute(
745-
NameOID.COMMON_NAME, self.friendly_name
746-
),
747-
x509.NameAttribute(NameOID.EMAIL_ADDRESS, email),
748-
]
749-
)
750-
)
748+
.subject_name(x509.Name(csr_subject_arr))
751749
.sign(key, hashes.SHA256(), default_backend())
752750
)
753751
csr_fname = "{}.csr.asc".format(self.server)
@@ -847,6 +845,7 @@ def sign_and_send_to_server(self, csr):
847845
response = response.json()
848846
except Exception as e:
849847
click.secho("Error handling response from server. Bailing", fg="red")
848+
print(response.text)
850849
sys.exit(-1)
851850
if response.get("error", False):
852851
click.echo(response.get("msg"))

test/test_cli.py

Lines changed: 53 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
import docker
2020
import gnupg
2121
import tempfile
22+
import requests
2223

2324
from mtls.cli import cli
2425

@@ -36,12 +37,13 @@ def getListOfFiles(dirName):
3637

3738

3839
logging.disable(logging.CRITICAL)
39-
MTLS_SERVER_VERSION = os.environ.get("MTLS_SERVER_VERSION") or "v0.16.2"
40+
MTLS_SERVER_VERSION = os.environ.get("MTLS_SERVER_VERSION") or "v0.16.3"
41+
MTLS_IMAGE = os.environ.get("MTLS_IMAGE") or "drgrove/mtls-server"
4042

4143

4244
def generate_key():
4345
return rsa.generate_private_key(
44-
public_exponent=65537, key_size=4096, backend=default_backend()
46+
public_exponent=65537, key_size=1024, backend=default_backend()
4547
)
4648

4749

@@ -79,7 +81,7 @@ def generate_csr(key, common_name, email):
7981

8082

8183
def gen_pgp_key(email, password, gpg):
82-
input_data = gpg.gen_key_input(name_email=email, passphrase=password)
84+
input_data = gpg.gen_key_input(name_email=email, passphrase=password, key_type="RSA", key_length=1024)
8385
return gpg.gen_key(input_data)
8486

8587

@@ -199,14 +201,19 @@ def setUpClass(cls):
199201
"mode": "rw",
200202
}
201203
cls.server = cls.docker.containers.run(
202-
"drgrove/mtls-server:{version}".format(
203-
version=MTLS_SERVER_VERSION
204+
"{image}:{version}".format(
205+
version=MTLS_SERVER_VERSION,
206+
image=MTLS_IMAGE
204207
),
205208
detach=True,
206209
volumes=volumes,
207210
remove=True,
208211
ports={"4000/tcp": 4000},
209212
)
213+
while True:
214+
resp = requests.get("http://localhost:4000/version")
215+
if resp.status_code == 200:
216+
break;
210217
cls.HOME = tempfile.TemporaryDirectory(dir=TMPDIR_PREFIX)
211218
cls.env = {
212219
"GNUPGHOME": cls.ADMIN_GNUPGHOME.name,
@@ -1091,3 +1098,44 @@ def test_set_user_config(self):
10911098
self.assertEqual(
10921099
config.get("DEFAULT", "organization_name"), "My New Org"
10931100
)
1101+
1102+
class TestCliOptionalConfigItems(TestCliBase):
1103+
@classmethod
1104+
def setUpClass(cls):
1105+
super().setUpClass()
1106+
cls.env = {
1107+
"GNUPGHOME": cls.USER_GNUPGHOME.name,
1108+
"HOME": cls.HOME.name,
1109+
"USER": "test",
1110+
"HOST": str(platform.uname()[1]),
1111+
}
1112+
cls.runner = CliRunner(env=cls.env)
1113+
cls.config = ConfigParser()
1114+
cls.config["DEFAULT"] = {
1115+
"name": "John Doe",
1116+
"email": "[email protected]",
1117+
"fingerprint": cls.user.pgp_key.fingerprint,
1118+
"organization_name": "My Org",
1119+
}
1120+
cls.config["test"] = {"lifetime": 60, "url": "http://localhost:4000"}
1121+
cls.config_path = os.path.join(cls.HOME.name, "config.ini")
1122+
with open(cls.config_path, "w") as configfile:
1123+
cls.config.write(configfile)
1124+
1125+
def test_create_certificate(self):
1126+
result = self.runner.invoke(
1127+
cli,
1128+
[
1129+
"-c",
1130+
self.config_path,
1131+
"-s",
1132+
"test",
1133+
"--gpg-password",
1134+
self.user.password,
1135+
"certificate",
1136+
"create",
1137+
],
1138+
)
1139+
if result.exception:
1140+
traceback.print_exception(*result.exc_info)
1141+
self.assertEqual(result.exit_code, 0, msg=result.exc_info)

0 commit comments

Comments
 (0)