Merge branch 'master' into destination-tpl-fix

2018-12-18 12:27:35 -08:00 · 2018-12-18 12:27:35 -08:00 · 425a07e988
parent 437d918cf7 388699be7c
commit 425a07e988
2 changed files with 21 additions and 32 deletions
--- a/lemur/certificates/cli.py
+++ b/lemur/certificates/cli.py
@ -238,17 +238,7 @@ def reissue(old_certificate_name, commit):

        if not old_cert:
            for certificate in get_all_pending_reissue():
-                try:
-                    request_reissue(certificate, commit)
-                except Exception as e:
-                    sentry.captureException()
-                    current_app.logger.exception(
-                        "Error reissuing certificate: {}".format(certificate.name), exc_info=True)
-                    print(
-                        "[!] Failed to reissue certificates. Reason: {}".format(
-                            e
-                        )
-                    )
+                request_reissue(certificate, commit)
        else:
            request_reissue(old_cert, commit)

@ -275,30 +265,31 @@ def query(fqdns, issuer, owner, expired):
    table = []

    q = database.session_query(Certificate)
+    if issuer:
+        sub_query = database.session_query(Authority.id) \
+            .filter(Authority.name.ilike('%{0}%'.format(issuer))) \
+            .subquery()

-    sub_query = database.session_query(Authority.id) \
-        .filter(Authority.name.ilike('%{0}%'.format(issuer))) \
-        .subquery()
-
-    q = q.filter(
-        or_(
-            Certificate.issuer.ilike('%{0}%'.format(issuer)),
-            Certificate.authority_id.in_(sub_query)
+        q = q.filter(
+            or_(
+                Certificate.issuer.ilike('%{0}%'.format(issuer)),
+                Certificate.authority_id.in_(sub_query)
+            )
        )
-    )
-
-    q = q.filter(Certificate.owner.ilike('%{0}%'.format(owner)))
+    if owner:
+        q = q.filter(Certificate.owner.ilike('%{0}%'.format(owner)))

    if not expired:
        q = q.filter(Certificate.expired == False)  # noqa

-    for f in fqdns.split(','):
-        q = q.filter(
-            or_(
-                Certificate.cn.ilike('%{0}%'.format(f)),
-                Certificate.domains.any(Domain.name.ilike('%{0}%'.format(f)))
+    if fqdns:
+        for f in fqdns.split(','):
+            q = q.filter(
+                or_(
+                    Certificate.cn.ilike('%{0}%'.format(f)),
+                    Certificate.domains.any(Domain.name.ilike('%{0}%'.format(f)))
+                )
            )
-        )

    for c in q.all():
        table.append([c.id, c.name, c.owner, c.issuer])
@ -373,10 +364,7 @@ def check_revoked():
            else:
                status = verify_string(cert.body, "")

-            if status is None:
-                cert.status = 'unknown'
-            else:
-                cert.status = 'valid' if status else 'revoked'
+            cert.status = 'valid' if status else 'revoked'

        except Exception as e:
            sentry.captureException()
--- a/lemur/common/fields.py
+++ b/lemur/common/fields.py
@ -350,6 +350,7 @@ class SubjectAlternativeNameExtension(Field):
                    value = value.dotted_string
                else:
                    current_app.logger.warning('Unknown SubAltName type: {name}'.format(name=name))
+                    continue

                general_names.append({'nameType': name_type, 'value': value})