Merge branch 'master' into up-reqs-12182018
This commit is contained in:
commit
d01e9f21f9
|
@ -238,17 +238,7 @@ def reissue(old_certificate_name, commit):
|
||||||
|
|
||||||
if not old_cert:
|
if not old_cert:
|
||||||
for certificate in get_all_pending_reissue():
|
for certificate in get_all_pending_reissue():
|
||||||
try:
|
request_reissue(certificate, commit)
|
||||||
request_reissue(certificate, commit)
|
|
||||||
except Exception as e:
|
|
||||||
sentry.captureException()
|
|
||||||
current_app.logger.exception(
|
|
||||||
"Error reissuing certificate: {}".format(certificate.name), exc_info=True)
|
|
||||||
print(
|
|
||||||
"[!] Failed to reissue certificates. Reason: {}".format(
|
|
||||||
e
|
|
||||||
)
|
|
||||||
)
|
|
||||||
else:
|
else:
|
||||||
request_reissue(old_cert, commit)
|
request_reissue(old_cert, commit)
|
||||||
|
|
||||||
|
@ -275,30 +265,31 @@ def query(fqdns, issuer, owner, expired):
|
||||||
table = []
|
table = []
|
||||||
|
|
||||||
q = database.session_query(Certificate)
|
q = database.session_query(Certificate)
|
||||||
|
if issuer:
|
||||||
|
sub_query = database.session_query(Authority.id) \
|
||||||
|
.filter(Authority.name.ilike('%{0}%'.format(issuer))) \
|
||||||
|
.subquery()
|
||||||
|
|
||||||
sub_query = database.session_query(Authority.id) \
|
q = q.filter(
|
||||||
.filter(Authority.name.ilike('%{0}%'.format(issuer))) \
|
or_(
|
||||||
.subquery()
|
Certificate.issuer.ilike('%{0}%'.format(issuer)),
|
||||||
|
Certificate.authority_id.in_(sub_query)
|
||||||
q = q.filter(
|
)
|
||||||
or_(
|
|
||||||
Certificate.issuer.ilike('%{0}%'.format(issuer)),
|
|
||||||
Certificate.authority_id.in_(sub_query)
|
|
||||||
)
|
)
|
||||||
)
|
if owner:
|
||||||
|
q = q.filter(Certificate.owner.ilike('%{0}%'.format(owner)))
|
||||||
q = q.filter(Certificate.owner.ilike('%{0}%'.format(owner)))
|
|
||||||
|
|
||||||
if not expired:
|
if not expired:
|
||||||
q = q.filter(Certificate.expired == False) # noqa
|
q = q.filter(Certificate.expired == False) # noqa
|
||||||
|
|
||||||
for f in fqdns.split(','):
|
if fqdns:
|
||||||
q = q.filter(
|
for f in fqdns.split(','):
|
||||||
or_(
|
q = q.filter(
|
||||||
Certificate.cn.ilike('%{0}%'.format(f)),
|
or_(
|
||||||
Certificate.domains.any(Domain.name.ilike('%{0}%'.format(f)))
|
Certificate.cn.ilike('%{0}%'.format(f)),
|
||||||
|
Certificate.domains.any(Domain.name.ilike('%{0}%'.format(f)))
|
||||||
|
)
|
||||||
)
|
)
|
||||||
)
|
|
||||||
|
|
||||||
for c in q.all():
|
for c in q.all():
|
||||||
table.append([c.id, c.name, c.owner, c.issuer])
|
table.append([c.id, c.name, c.owner, c.issuer])
|
||||||
|
@ -373,10 +364,7 @@ def check_revoked():
|
||||||
else:
|
else:
|
||||||
status = verify_string(cert.body, "")
|
status = verify_string(cert.body, "")
|
||||||
|
|
||||||
if status is None:
|
cert.status = 'valid' if status else 'revoked'
|
||||||
cert.status = 'unknown'
|
|
||||||
else:
|
|
||||||
cert.status = 'valid' if status else 'revoked'
|
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
sentry.captureException()
|
sentry.captureException()
|
||||||
|
|
|
@ -350,6 +350,7 @@ class SubjectAlternativeNameExtension(Field):
|
||||||
value = value.dotted_string
|
value = value.dotted_string
|
||||||
else:
|
else:
|
||||||
current_app.logger.warning('Unknown SubAltName type: {name}'.format(name=name))
|
current_app.logger.warning('Unknown SubAltName type: {name}'.format(name=name))
|
||||||
|
continue
|
||||||
|
|
||||||
general_names.append({'nameType': name_type, 'value': value})
|
general_names.append({'nameType': name_type, 'value': value})
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue