ca: Make renewal ignore pending CSR count limit.

Also, makes them not count against the maximum number of auto-emitted certificates.

ca: Make renewal ignore pending CSR count limit.
Also, makes them not count against the maximum number of auto-emitted certificates.
f6661875 · Vincent Pelletier · c1967ccd · f6661875 · f6661875
Commit f6661875 authored Nov 03, 2017 by Vincent Pelletier
Show whitespace changes
Inline Side-by-side

Showing with 6 additions and 7 deletions

caucase/ca.py caucase/ca.py +4 -1

caucase/test.py caucase/test.py +2 -6

No files found.
--- a/caucase/ca.py
+++ b/caucase/ca.py
@@ -689,7 +689,10 @@ class CertificateAuthority(object):
      ),
    )
    return self._createCertificate(
-      csr_id=self.appendCertificateSigningRequest(csr_pem),
+      csr_id=self.appendCertificateSigningRequest(
+        csr_pem,
+        override_limits=True,
+      ),
      auto_signed=_AUTO_SIGNED_PASSTHROUGH,
      # Do a dummy signature, just so we get a usable
      # x509.CertificateSigningRequest instance. Use latest CA private key just

--- a/caucase/test.py
+++ b/caucase/test.py
@@ -1441,7 +1441,7 @@ class CaucaseTest(unittest.TestCase):
    CRL_INSERT = 'INSERT INTO "caucrl" '
    CRT_INSERT = 'INSERT INTO "caucrt" '
    REV_INSERT = 'INSERT INTO "caurevoked" '
-    def filterBackup(backup, received_csr, expect_rev):
+    def filterBackup(backup, expect_rev):
      """
      Remove all lines which are know to differ between original batabase and
      post-restoration database, so the rest (which must be the majority of the
@@ -1451,9 +1451,7 @@ class CaucaseTest(unittest.TestCase):
      new_backup = []
      crt_list = []
      for row in backup:
-        if (
-          row == received_csr
-        ) or row.startswith(CRL_INSERT):
+        if row.startswith(CRL_INSERT):
          continue
        if row.startswith(CRT_INSERT):
          crt_list.append(row)
@@ -1467,12 +1465,10 @@ class CaucaseTest(unittest.TestCase):

    before_backup, before_crt_list = filterBackup(
      before_backup,
-      'INSERT INTO "caucounter" VALUES(\'received_csr\',2);\x00',
      False,
    )
    after_restore, after_crt_list = filterBackup(
      after_restore,
-      'INSERT INTO "caucounter" VALUES(\'received_csr\',3);\x00',
      True,
    )
    self.assertEqual(