diff --git a/lemur/certificates/cli.py b/lemur/certificates/cli.py index 013a4cb1..7a46138c 100644 --- a/lemur/certificates/cli.py +++ b/lemur/certificates/cli.py @@ -238,7 +238,17 @@ def reissue(old_certificate_name, commit): if not old_cert: for certificate in get_all_pending_reissue(): - request_reissue(certificate, commit) + try: + request_reissue(certificate, commit) + except Exception as e: + sentry.captureException() + current_app.logger.exception( + "Error reissuing certificate: {}".format(certificate.name), exc_info=True) + print( + "[!] Failed to reissue certificates. Reason: {}".format( + e + ) + ) else: request_reissue(old_cert, commit) diff --git a/lemur/common/celery.py b/lemur/common/celery.py index c12c6f06..1711b452 100644 --- a/lemur/common/celery.py +++ b/lemur/common/celery.py @@ -210,4 +210,4 @@ def sync_source(source): :return: """ current_app.logger.debug("Syncing source {}".format(source)) - sync([source], True) + sync([source]) diff --git a/lemur/pending_certificates/models.py b/lemur/pending_certificates/models.py index 1261177d..7dc8e602 100644 --- a/lemur/pending_certificates/models.py +++ b/lemur/pending_certificates/models.py @@ -10,7 +10,7 @@ from sqlalchemy.orm import relationship from sqlalchemy_utils import JSONType from sqlalchemy_utils.types.arrow import ArrowType -from lemur.certificates.models import get_or_increase_name +from lemur.certificates.models import get_sequence from lemur.common import defaults, utils from lemur.database import db from lemur.models import pending_cert_source_associations, \ @@ -19,6 +19,28 @@ from lemur.models import pending_cert_source_associations, \ from lemur.utils import Vault +def get_or_increase_name(name, serial): + certificates = PendingCertificate.query.filter(PendingCertificate.name.ilike('{0}%'.format(name))).all() + + if not certificates: + return name + + serial_name = '{0}-{1}'.format(name, hex(int(serial))[2:].upper()) + certificates = PendingCertificate.query.filter(PendingCertificate.name.ilike('{0}%'.format(serial_name))).all() + + if not certificates: + return serial_name + + ends = [0] + root, end = get_sequence(serial_name) + for cert in certificates: + root, end = get_sequence(cert.name) + if end: + ends.append(end) + + return '{0}-{1}'.format(root, max(ends) + 1) + + class PendingCertificate(db.Model): __tablename__ = 'pending_certs' id = Column(Integer, primary_key=True)