Commit f6661875 authored by Vincent Pelletier's avatar Vincent Pelletier

ca: Make renewal ignore pending CSR count limit.

Also, makes them not count against the maximum number of auto-emitted
certificates.
parent c1967ccd
......@@ -689,7 +689,10 @@ class CertificateAuthority(object):
),
)
return self._createCertificate(
csr_id=self.appendCertificateSigningRequest(csr_pem),
csr_id=self.appendCertificateSigningRequest(
csr_pem,
override_limits=True,
),
auto_signed=_AUTO_SIGNED_PASSTHROUGH,
# Do a dummy signature, just so we get a usable
# x509.CertificateSigningRequest instance. Use latest CA private key just
......
......@@ -1441,7 +1441,7 @@ class CaucaseTest(unittest.TestCase):
CRL_INSERT = 'INSERT INTO "caucrl" '
CRT_INSERT = 'INSERT INTO "caucrt" '
REV_INSERT = 'INSERT INTO "caurevoked" '
def filterBackup(backup, received_csr, expect_rev):
def filterBackup(backup, expect_rev):
"""
Remove all lines which are know to differ between original batabase and
post-restoration database, so the rest (which must be the majority of the
......@@ -1451,9 +1451,7 @@ class CaucaseTest(unittest.TestCase):
new_backup = []
crt_list = []
for row in backup:
if (
row == received_csr
) or row.startswith(CRL_INSERT):
if row.startswith(CRL_INSERT):
continue
if row.startswith(CRT_INSERT):
crt_list.append(row)
......@@ -1467,12 +1465,10 @@ class CaucaseTest(unittest.TestCase):
before_backup, before_crt_list = filterBackup(
before_backup,
'INSERT INTO "caucounter" VALUES(\'received_csr\',2);\x00',
False,
)
after_restore, after_crt_list = filterBackup(
after_restore,
'INSERT INTO "caucounter" VALUES(\'received_csr\',3);\x00',
True,
)
self.assertEqual(
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment