boulder

Commit Graph

Author	SHA1	Message	Date
Brad	03c2ef6a69	Add/clean up admin tool audit lines (#7376 ) Before this PR, this is what example output of using the admin tool would look like for an example command (in this case, certificate revocation): ``` $ sudo /vagrant/admin -config /etc/boulder/config/admin.json revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321 20:22:05.682795 6 admin qK_A7gU Debug server listening on :8000 20:22:05.682908 6 admin ts7-5Ag Versions: admin=(Unspecified Unspecified) Golang=(go1.21.8) BuildHost=(Unspecified) 20:22:05.689743 6 admin 6MX16g0 Found 1 certificates to revoke 20:22:05.691842 6 admin 1b3FsgU dry-run: &proto.AdministrativelyRevokeCertificateRequest{state:impl.MessageState{NoUnkeyedLiterals:pragma.NoUnkeyedLiterals{}, DoNotCompare:pragma.DoNotCompare{}, DoNotCopy:pragma.DoNotCopy{}, atomicMessageInfo:(*impl.MessageInfo)(nil)}, sizeCache:0, unknownFields:[]uint8(nil), Cert:[]uint8(nil), Serial:"2a13699017c283dea4d6ac5ac6d40caa3321", Code:0, AdminName:"root", SkipBlockKey:false, Malformed:false} 20:22:05.691901 6 admin 7tT7rAY Dry run complete. Pass -dry-run=false to mutate the database. ``` after this change the output looks like this: ``` $ sudo /vagrant/admin -config /etc/boulder/config/admin.json revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321 21:22:13.769728 6 admin qK_A7gU Debug server listening on :8000 21:22:13.770156 6 admin ts7-5Ag Versions: admin=(Unspecified Unspecified) Golang=(go1.21.8) BuildHost=(Unspecified) 21:22:13.779291 6 admin xNuU_gY [AUDIT] admin tool executing a dry-run with the following arguments: revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321 21:22:13.779534 6 admin 6MX16g0 Found 1 certificates to revoke 21:22:13.784524 6 admin yvHv9AM dry-run: "serial:\"2a13699017c283dea4d6ac5ac6d40caa3321\" adminName:\"root\"" 21:22:13.786379 6 admin nKfNswk [AUDIT] admin tool has successfully completed executing a dry-run with the following arguments: revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321 21:22:13.786951 6 admin 7tT7rAY Dry run complete. Pass -dry-run=false to mutate the database. ``` and with `-dry-run=false`: ``` $ sudo /vagrant/admin -config /etc/boulder/config/admin.json -dry-run=false revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321 21:23:19.080073 6 admin qK_A7gU Debug server listening on :8000 21:23:19.080510 6 admin ts7-5Ag Versions: admin=(Unspecified Unspecified) Golang=(go1.21.8) BuildHost=(Unspecified) 21:23:19.089588 6 admin iKnckQ0 [AUDIT] admin tool executing with the following arguments: revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321 21:23:19.089625 6 admin 6MX16g0 Found 1 certificates to revoke 21:23:19.169317 6 admin 9oyv3QY [AUDIT] admin tool has successfully completed executing with the following arguments: revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321 ``` Fixes #7358	2024-03-08 14:38:21 -08:00
Aaron Gable	10e894a172	Create new admin tool (#7276 ) Create a new administration tool "bin/admin" as a successor to and replacement of "admin-revoker". This new tool supports all the same fundamental capabilities as the old admin-revoker, including: - Revoking by serial, by batch of serials, by incident table, and by private key - Blocking a key to let bad-key-revoker take care of revocation - Clearing email addresses from all accounts that use them Improvements over the old admin-revoker include: - All commands run in "dry-run" mode by default, to prevent accidental executions - All revocation mechanisms allow setting the revocation reason, skipping blocking the key, indicating that the certificate is malformed, and controlling the number of parallel workers conducting revocation - All revocation mechanisms do not parse the cert in question, leaving that to the RA - Autogenerated usage information for all subcommands - A much more modular structure to simplify adding more capabilities in the future - Significantly simplified tests with smaller mocks The new tool has analogues of all of admin-revokers unit tests, and all integration tests have been updated to use the new tool instead. A future PR will remove admin-revoker, once we're sure SRE has had time to update all of their playbooks. Fixes https://github.com/letsencrypt/boulder/issues/7135 Fixes https://github.com/letsencrypt/boulder/issues/7269 Fixes https://github.com/letsencrypt/boulder/issues/7268 Fixes https://github.com/letsencrypt/boulder/issues/6927 Part of https://github.com/letsencrypt/boulder/issues/6840	2024-02-07 09:35:18 -08:00

Author

SHA1

Message

Date

Brad

03c2ef6a69

Add/clean up admin tool audit lines (#7376 )

Before this PR, this is what example output of using the admin tool
would look like for an example command (in this case, certificate
revocation):
```
$ sudo /vagrant/admin -config /etc/boulder/config/admin.json revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321
20:22:05.682795 6 admin qK_A7gU Debug server listening on :8000
20:22:05.682908 6 admin ts7-5Ag Versions: admin=(Unspecified Unspecified) Golang=(go1.21.8) BuildHost=(Unspecified)
20:22:05.689743 6 admin 6MX16g0 Found 1 certificates to revoke
20:22:05.691842 6 admin 1b3FsgU dry-run: &proto.AdministrativelyRevokeCertificateRequest{state:impl.MessageState{NoUnkeyedLiterals:pragma.NoUnkeyedLiterals{}, DoNotCompare:pragma.DoNotCompare{}, DoNotCopy:pragma.DoNotCopy{}, atomicMessageInfo:(*impl.MessageInfo)(nil)}, sizeCache:0, unknownFields:[]uint8(nil), Cert:[]uint8(nil), Serial:"2a13699017c283dea4d6ac5ac6d40caa3321", Code:0, AdminName:"root", SkipBlockKey:false, Malformed:false}
20:22:05.691901 6 admin 7tT7rAY Dry run complete. Pass -dry-run=false to mutate the database.
```
after this change the output looks like this:
```
$ sudo /vagrant/admin -config /etc/boulder/config/admin.json revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321
21:22:13.769728 6 admin qK_A7gU Debug server listening on :8000
21:22:13.770156 6 admin ts7-5Ag Versions: admin=(Unspecified Unspecified) Golang=(go1.21.8) BuildHost=(Unspecified)
21:22:13.779291 6 admin xNuU_gY [AUDIT] admin tool executing a dry-run with the following arguments: revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321
21:22:13.779534 6 admin 6MX16g0 Found 1 certificates to revoke
21:22:13.784524 6 admin yvHv9AM dry-run: "serial:\"2a13699017c283dea4d6ac5ac6d40caa3321\" adminName:\"root\""
21:22:13.786379 6 admin nKfNswk [AUDIT] admin tool has successfully completed executing a dry-run with the following arguments: revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321
21:22:13.786951 6 admin 7tT7rAY Dry run complete. Pass -dry-run=false to mutate the database.
```
and with `-dry-run=false`:
```
$ sudo /vagrant/admin -config /etc/boulder/config/admin.json -dry-run=false revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321
21:23:19.080073 6 admin qK_A7gU Debug server listening on :8000
21:23:19.080510 6 admin ts7-5Ag Versions: admin=(Unspecified Unspecified) Golang=(go1.21.8) BuildHost=(Unspecified)
21:23:19.089588 6 admin iKnckQ0 [AUDIT] admin tool executing with the following arguments: revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321
21:23:19.089625 6 admin 6MX16g0 Found 1 certificates to revoke
21:23:19.169317 6 admin 9oyv3QY [AUDIT] admin tool has successfully completed executing with the following arguments: revoke-cert -serial 2a13699017c283dea4d6ac5ac6d40caa3321
```

Fixes #7358

2024-03-08 14:38:21 -08:00

Aaron Gable

10e894a172

Create new admin tool (#7276 )

Create a new administration tool "bin/admin" as a successor to and
replacement of "admin-revoker".

This new tool supports all the same fundamental capabilities as the old
admin-revoker, including:
- Revoking by serial, by batch of serials, by incident table, and by
private key
- Blocking a key to let bad-key-revoker take care of revocation
- Clearing email addresses from all accounts that use them

Improvements over the old admin-revoker include:
- All commands run in "dry-run" mode by default, to prevent accidental
executions
- All revocation mechanisms allow setting the revocation reason,
skipping blocking the key, indicating that the certificate is malformed,
and controlling the number of parallel workers conducting revocation
- All revocation mechanisms do not parse the cert in question, leaving
that to the RA
- Autogenerated usage information for all subcommands
- A much more modular structure to simplify adding more capabilities in
the future
- Significantly simplified tests with smaller mocks

The new tool has analogues of all of admin-revokers unit tests, and all
integration tests have been updated to use the new tool instead. A
future PR will remove admin-revoker, once we're sure SRE has had time to
update all of their playbooks.

Fixes https://github.com/letsencrypt/boulder/issues/7135
Fixes https://github.com/letsencrypt/boulder/issues/7269
Fixes https://github.com/letsencrypt/boulder/issues/7268
Fixes https://github.com/letsencrypt/boulder/issues/6927
Part of https://github.com/letsencrypt/boulder/issues/6840

2024-02-07 09:35:18 -08:00

2 Commits