From 162d5ccb62d9dbd0fbd9f5510f456be39233051d Mon Sep 17 00:00:00 2001 From: Nevins Date: Tue, 24 Jan 2017 16:48:53 -0500 Subject: [PATCH] Gracefully handle importing certificates with missing data (#674) * fixing index out of range issue * catching exceptions is common values aren't set * fixing lint errors * fixing unrelated lint/import error --- lemur/certificates/verify.py | 1 + lemur/common/defaults.py | 54 ++++++++++++++++++++++++------------ 2 files changed, 37 insertions(+), 18 deletions(-) diff --git a/lemur/certificates/verify.py b/lemur/certificates/verify.py index c1b2aa1e..15ada881 100644 --- a/lemur/certificates/verify.py +++ b/lemur/certificates/verify.py @@ -7,6 +7,7 @@ """ import requests import subprocess +from requests.exceptions import ConnectionError from cryptography import x509 from cryptography.hazmat.backends import default_backend diff --git a/lemur/common/defaults.py b/lemur/common/defaults.py index 97073a29..764071e0 100644 --- a/lemur/common/defaults.py +++ b/lemur/common/defaults.py @@ -53,9 +53,12 @@ def common_name(cert): :param cert: :return: Common name or None """ - return cert.subject.get_attributes_for_oid( - x509.OID_COMMON_NAME - )[0].value.strip() + try: + return cert.subject.get_attributes_for_oid( + x509.OID_COMMON_NAME + )[0].value.strip() + except Exception as e: + current_app.logger.error("Unable to get common name! {0}".format(e)) def organization(cert): @@ -64,9 +67,12 @@ def organization(cert): :param cert: :return: """ - return cert.subject.get_attributes_for_oid( - x509.OID_ORGANIZATION_NAME - )[0].value.strip() + try: + return cert.subject.get_attributes_for_oid( + x509.OID_ORGANIZATION_NAME + )[0].value.strip() + except Exception as e: + current_app.logger.error("Unable to get organization! {0}".format(e)) def organizational_unit(cert): @@ -75,9 +81,12 @@ def organizational_unit(cert): :param cert: :return: """ - return cert.subject.get_attributes_for_oid( - x509.OID_ORGANIZATIONAL_UNIT_NAME - )[0].value.strip() + try: + return cert.subject.get_attributes_for_oid( + x509.OID_ORGANIZATIONAL_UNIT_NAME + )[0].value.strip() + except Exception as e: + current_app.logger.error("Unable to get organizational unit! {0}".format(e)) def country(cert): @@ -86,9 +95,12 @@ def country(cert): :param cert: :return: """ - return cert.subject.get_attributes_for_oid( - x509.OID_COUNTRY_NAME - )[0].value.strip() + try: + return cert.subject.get_attributes_for_oid( + x509.OID_COUNTRY_NAME + )[0].value.strip() + except Exception as e: + current_app.logger.error("Unable to get country! {0}".format(e)) def state(cert): @@ -97,9 +109,12 @@ def state(cert): :param cert: :return: """ - return cert.subject.get_attributes_for_oid( - x509.OID_STATE_OR_PROVINCE_NAME - )[0].value.strip() + try: + return cert.subject.get_attributes_for_oid( + x509.OID_STATE_OR_PROVINCE_NAME + )[0].value.strip() + except Exception as e: + current_app.logger.error("Unable to get state! {0}".format(e)) def location(cert): @@ -108,9 +123,12 @@ def location(cert): :param cert: :return: """ - return cert.subject.get_attributes_for_oid( - x509.OID_LOCALITY_NAME - )[0].value.strip() + try: + return cert.subject.get_attributes_for_oid( + x509.OID_LOCALITY_NAME + )[0].value.strip() + except Exception as e: + current_app.logger.error("Unable to get location! {0}".format(e)) def domains(cert):