letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix admin-revoker argument check (#4693) 

Fixes a check for the number of arguments that was incorrect in #4692.
This commit is contained in:
Roland Bracewell Shoemaker 2020-03-03 13:22:46 -08:00 committed by GitHub
parent b58a28031f
commit 9232f0e9a4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/admin-revoker/main.go
View File

@ -30,13 +30,13 @@ import (
const usageString = `
usage:
admin-revoker serial-revoke --config <path> <serial> <reason-code>
admin-revoker batch-serial-revoke --config <path> <serial-file-path> <reason-code> <parallelism>
admin-revoker batched-serial-revoke --config <path> <serial-file-path> <reason-code> <parallelism>
admin-revoker reg-revoke --config <path> <registration-id> <reason-code>
admin-revoker list-reasons --config <path>
command descriptions:
serial-revoke Revoke a single certificate by the hex serial number
batch-serial-revoke Revokes all certificates contained in a file of hex serial numbers
batched-serial-revoke Revokes all certificates contained in a file of hex serial numbers
reg-revoke Revoke all certificates associated with a registration ID
list-reasons List all revocation reason codes
@ -145,7 +145,7 @@ func revokeBatch(rac core.RegistrationAuthority, logger blog.Logger, dbMap *db.W
if serial == "" {
continue
}
err = revokeBySerial(context.Background(), serial, revocation.Reason(reasonCode), rac, logger, dbMap)
err := revokeBySerial(context.Background(), serial, reasonCode, rac, logger, dbMap)
if err != nil {
logger.Errf("failed to revoke %q: %s", serial, err)
}
@ -199,7 +199,7 @@ func main() {
ctx := context.Background()
args := flagSet.Args()
switch {
case command == "batched-serial-revoke" && len(args) == 2:
case command == "batched-serial-revoke" && len(args) == 3:
// 1: serial file path, 2: reasonCode, 3: parallelism
serialPath := args[0]
reasonCode, err := strconv.Atoi(args[1])

22
test/v1_integration.py
View File

@ -586,6 +586,28 @@ def test_admin_revoker_cert():
verify_ocsp(cert_file_pem, "test/test-ca2.pem", ee_ocsp_url, "revoked")
verify_akamai_purge()
def test_admin_revoker_batched():
certs = []
serials = []
serialFile = os.path.join(tempdir, "serials.hex")
f = open(serialFile, "w")
for x in range(3):
cert_file_pem = os.path.join(tempdir, "ar-cert-%d.pem" % x)
certs.append(cert_file_pem)
cert, _ = auth_and_issue([random_domain()], cert_output=cert_file_pem)
serial = "%x" % cert.body.get_serial_number()
f.write("%s\n" % serial)
f.close()
reset_akamai_purges()
run("./bin/admin-revoker batched-serial-revoke --config %s/admin-revoker.json %s %d %d" % (
config_dir, serialFile, 0, 2))
ee_ocsp_url = "http://localhost:4002"
for cert in certs:
verify_ocsp(cert, "test/test-ca2.pem", ee_ocsp_url, "revoked")
def test_sct_embedding():
certr, authzs = auth_and_issue([random_domain()])
certBytes = requests.get(certr.uri).content