|
@ -2,6 +2,7 @@ use crate::command_runner::CommandRunner; |
|
|
use crate::symbols::Symbol;
|
|
|
use crate::symbols::Symbol;
|
|
|
use async_trait::async_trait;
|
|
|
use async_trait::async_trait;
|
|
|
use std::borrow::Borrow;
|
|
|
use std::borrow::Borrow;
|
|
|
|
|
|
use std::convert::AsRef;
|
|
|
use std::error::Error;
|
|
|
use std::error::Error;
|
|
|
use std::path::Path;
|
|
|
use std::path::Path;
|
|
|
|
|
|
|
|
@ -25,11 +26,9 @@ impl<C, D, K, P> Csr<C, D, K, P> { |
|
|
}
|
|
|
}
|
|
|
|
|
|
|
|
|
#[async_trait(?Send)]
|
|
|
#[async_trait(?Send)]
|
|
|
impl<C: CommandRunner, D: Borrow<str>, K: Borrow<Path>, P: Borrow<Path>> Symbol
|
|
|
|
|
|
for Csr<C, D, K, P>
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
impl<C: CommandRunner, D: Borrow<str>, K: AsRef<Path>, P: AsRef<Path>> Symbol for Csr<C, D, K, P> {
|
|
|
async fn target_reached(&self) -> Result<bool, Box<dyn Error>> {
|
|
|
async fn target_reached(&self) -> Result<bool, Box<dyn Error>> {
|
|
|
if !self.csr_path.borrow().exists() {
|
|
|
|
|
|
|
|
|
if !self.csr_path.as_ref().exists() {
|
|
|
return Ok(false);
|
|
|
return Ok(false);
|
|
|
}
|
|
|
}
|
|
|
|
|
|
|
|
@ -37,10 +36,10 @@ impl<C: CommandRunner, D: Borrow<str>, K: Borrow<Path>, P: Borrow<Path>> Symbol |
|
|
.command_runner
|
|
|
.command_runner
|
|
|
.get_stderr(
|
|
|
.get_stderr(
|
|
|
"openssl",
|
|
|
"openssl",
|
|
|
args!["req", "-in", self.csr_path.borrow(), "-noout", "-verify",],
|
|
|
|
|
|
|
|
|
args!["req", "-in", self.csr_path.as_ref(), "-noout", "-verify",],
|
|
|
)
|
|
|
)
|
|
|
.await?;
|
|
|
.await?;
|
|
|
Ok(output == b"verify OK\n")
|
|
|
|
|
|
|
|
|
Ok(output == b"verify OK\n" || output == b"Certificate request self-signature verify OK\n")
|
|
|
}
|
|
|
}
|
|
|
|
|
|
|
|
|
async fn execute(&self) -> Result<(), Box<dyn Error>> {
|
|
|
async fn execute(&self) -> Result<(), Box<dyn Error>> {
|
|
@ -53,9 +52,9 @@ impl<C: CommandRunner, D: Borrow<str>, K: Borrow<Path>, P: Borrow<Path>> Symbol |
|
|
"-new",
|
|
|
"-new",
|
|
|
"-sha256",
|
|
|
"-sha256",
|
|
|
"-key",
|
|
|
"-key",
|
|
|
self.key_path.borrow(),
|
|
|
|
|
|
|
|
|
self.key_path.as_ref(),
|
|
|
"-out",
|
|
|
"-out",
|
|
|
self.csr_path.borrow(),
|
|
|
|
|
|
|
|
|
self.csr_path.as_ref(),
|
|
|
"-subj",
|
|
|
"-subj",
|
|
|
format!("/CN={}", self.domain.borrow()),
|
|
|
format!("/CN={}", self.domain.borrow()),
|
|
|
],
|
|
|
],
|
|
@ -65,4 +64,68 @@ impl<C: CommandRunner, D: Borrow<str>, K: Borrow<Path>, P: Borrow<Path>> Symbol |
|
|
}
|
|
|
}
|
|
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
#[cfg(test)]
|
|
|
mod test {}
|
|
|
|
|
|
|
|
|
mod test {
|
|
|
|
|
|
use super::{Csr, Symbol};
|
|
|
|
|
|
use crate::async_utils::run;
|
|
|
|
|
|
use crate::command_runner::MockCommandRunner;
|
|
|
|
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
|
|
fn test_bookworm_success() {
|
|
|
|
|
|
let mut command_runner = MockCommandRunner::new();
|
|
|
|
|
|
command_runner
|
|
|
|
|
|
.expect_get_stderr()
|
|
|
|
|
|
.times(1)
|
|
|
|
|
|
.returning(|_, _| Ok("Certificate request self-signature verify OK\n".into()));
|
|
|
|
|
|
let symbol = Csr::new(command_runner, "", "/nonexisting", "/"); // FIXME: Csr path has to be an existing file
|
|
|
|
|
|
run(async {
|
|
|
|
|
|
assert_eq!(symbol.target_reached().await.unwrap(), true);
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
|
|
fn test_bookworm_invalid() {
|
|
|
|
|
|
let mut command_runner = MockCommandRunner::new();
|
|
|
|
|
|
command_runner
|
|
|
|
|
|
.expect_get_stderr()
|
|
|
|
|
|
.times(1)
|
|
|
|
|
|
.returning(|_, _| {
|
|
|
|
|
|
Ok("Unable to load X509 request
|
|
|
|
|
|
40F746B61E7F0000:error:0480006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:763:Expecting: CERTIFICATE REQUEST
|
|
|
|
|
|
" .into())
|
|
|
|
|
|
});
|
|
|
|
|
|
let symbol = Csr::new(command_runner, "", "/nonexisting", "/"); // FIXME: Csr path has to be an existing file
|
|
|
|
|
|
run(async {
|
|
|
|
|
|
assert_eq!(symbol.target_reached().await.unwrap(), false);
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
|
|
fn test_bullseye_success() {
|
|
|
|
|
|
let mut command_runner = MockCommandRunner::new();
|
|
|
|
|
|
command_runner
|
|
|
|
|
|
.expect_get_stderr()
|
|
|
|
|
|
.times(1)
|
|
|
|
|
|
.returning(|_, _| Ok("verify OK\n".into()));
|
|
|
|
|
|
let symbol = Csr::new(command_runner, "", "/nonexisting", "/"); // FIXME: Csr path has to be an existing file
|
|
|
|
|
|
run(async {
|
|
|
|
|
|
assert_eq!(symbol.target_reached().await.unwrap(), true);
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
|
|
fn test_bullseye_invalid() {
|
|
|
|
|
|
let mut command_runner = MockCommandRunner::new();
|
|
|
|
|
|
command_runner
|
|
|
|
|
|
.expect_get_stderr()
|
|
|
|
|
|
.times(1)
|
|
|
|
|
|
.returning(|_, _| {
|
|
|
|
|
|
Ok("unable to load X509 request
|
|
|
|
|
|
140032085857600:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: CERTIFICATE REQUEST
|
|
|
|
|
|
" .into())
|
|
|
|
|
|
});
|
|
|
|
|
|
let symbol = Csr::new(command_runner, "", "/nonexisting", "/"); // FIXME: Csr path has to be an existing file
|
|
|
|
|
|
run(async {
|
|
|
|
|
|
assert_eq!(symbol.target_reached().await.unwrap(), false);
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|