- 01 Feb, 2021 7 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Revocation lists must be signed by the authority which signed the certificate being revoked. TODO: Test. Coverage.
-
Vincent Pelletier authored
If a CRL is stored and contains bogus data (like a missing extension), it is hard to trigger its renewal in a timely fashion. And because CRLs are checked as often as possible, a bogus CRL can cause many operations types to fail. As caucased is not expected to be restarted very often, the extra CRL generation on every start should not make a difference. This uncovers an original breakage in caucase's CRL handling, with one test failing. The fix will come in another commit.
-
Vincent Pelletier authored
python2.7 with pylint 1.9.5 python3.9 with pylint 2.6.0 Also, reduce the script of unused argument silencing.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
It is redundant, but regular runner output does not display the test class.
-
Vincent Pelletier authored
Thanks, modern pylint !
-
- 29 Jan, 2021 2 commits
-
-
Vincent Pelletier authored
Otherwise, client certificates issued before a new CA is used get rejected once the new CA becomes current.
-
Vincent Pelletier authored
This extension is required by rfc5280 (see section 5.2.1) but was overlooked.
-
- 25 Nov, 2020 6 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
The result only changes when CA certificates are reloaded, so prepare this valuein _loadCAKeyPairList.
-
Vincent Pelletier authored
"expires" takes an absolute date, "max-age" takes a number of seconds until expiration. So switch to "max-age": according to Mozilla Developer Network, it is supported by all major browsers, and by IE since version 8.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
- 29 Jun, 2020 1 commit
-
-
Vincent Pelletier authored
-
- 27 Jun, 2020 4 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
- 26 Jun, 2020 9 commits
-
-
Vincent Pelletier authored
4 branches depend on how tests are written, and are indeed not currently used. 1 branch depend on test process environment.
-
Vincent Pelletier authored
caucase.http will be re-generating its https certificate, so it can be slower than a normal non-initial start.
-
Vincent Pelletier authored
It would be the sign of a inconsistency in the dispatcher dict. Do not transform it into a user error (404).
-
Vincent Pelletier authored
Not all programs support having multiple CA certificates per file, so add support for creating and maintaining certificate directories containing a single certificate each.
-
Vincent Pelletier authored
Reference machine: Raspberry Pi 1 B+. caucased can take around 40s to start (CA generation, ...).
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
wsgi.input is specified to be a bytes object, not a string object.
-
Vincent Pelletier authored
-
- 25 Jun, 2020 9 commits
-
-
Vincent Pelletier authored
So caucase.sh gets some regular exercise.
-
Vincent Pelletier authored
Otherwise, this will trigger if a test takes more than 10s to run, causing caucased to exit prematurely, as only _stopServer triggers this event.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Also, encode/decode json in utf-8, not ascii, as per standard.
-
Vincent Pelletier authored
Consistently with how doBackup encodes the result of json.dumps .
-
Vincent Pelletier authored
-
Vincent Pelletier authored
Avoid repeating function name in these.
-
Vincent Pelletier authored
Get an auto-issued user certificate and use it to exercise an authenticated action.
-
Vincent Pelletier authored
Should have been part of: commit 17325dc0 Author: Vincent Pelletier <plr.vincent@gmail.com> Date: Sat Jul 14 18:40:41 2018 +0900 all: Make caucased https certificate independent from CAS. Also, remove CURL, PUT and PUTNoOut aliases. They are replaced with private function with a naming consistent with the rest of this script.
-
- 24 Jun, 2020 2 commits
-
-
Vincent Pelletier authored
Is no value is provided to a return statement, the status of the last command ran is returned, making "$?" superfluous.
-
Vincent Pelletier authored
If there is no return statement, shell functions return the status of the last command they ran. So "return $?" as last function statement is superfluous.
-