websms/freeipa
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Imported Debian patch 4.0.5-6~numeezy

Browse Source
This commit is contained in:
Alexandre Ellert
2016-02-17 15:07:45 +01:00
committed by Mario Fetka
parent c44de33144
commit 10dfc9587b
1203 changed files with 53869 additions and 241462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
ipatests/test_ipapython/test_cookie.py
View File

@@ -24,10 +24,6 @@ import email.utils
import calendar
from ipapython.cookie import Cookie
import pytest
pytestmark = pytest.mark.tier0
class TestParse(unittest.TestCase):
def test_parse(self):
@@ -51,22 +47,6 @@ class TestParse(unittest.TestCase):
with self.assertRaises(ValueError):
cookies = Cookie.parse(s)
# 1 cookie with empty value
s = 'color='
cookies = Cookie.parse(s)
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
self.assertEqual(cookie.key, 'color')
self.assertEqual(cookie.value, '')
self.assertEqual(cookie.domain, None)
self.assertEqual(cookie.path, None)
self.assertEqual(cookie.max_age, None)
self.assertEqual(cookie.expires, None)
self.assertEqual(cookie.secure, None)
self.assertEqual(cookie.httponly, None)
self.assertEqual(str(cookie), "color=")
self.assertEqual(cookie.http_cookie(), "color=;")
# 1 cookie with name/value
s = 'color=blue'
cookies = Cookie.parse(s)

2422
ipatests/test_ipapython/test_dn.py
View File

File diff suppressed because it is too large Load Diff

277
ipatests/test_ipapython/test_ipap11helper.py
View File

@@ -1,277 +0,0 @@
# -*- coding: utf-8 -*-
#
# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
#
"""
Test the `ipapython/ipap11helper/p11helper.c` module.
"""
from binascii import hexlify
import os
import os.path
import logging
import subprocess
import tempfile
import pytest
from ipaplatform.paths import paths
from ipapython import p11helper as _ipap11helper
pytestmark = pytest.mark.tier0
CONFIG_DATA = """
# SoftHSM v2 configuration file
directories.tokendir = %s/tokens
objectstore.backend = file
"""
LIBSOFTHSM = paths.LIBSOFTHSM2_SO
SOFTHSM2_UTIL = paths.SOFTHSM2_UTIL
logging.basicConfig(level=logging.INFO)
log = logging.getLogger('t')
master_key_label = u"master-ž" # random non-ascii character to test unicode
master_key_id = "m"
replica1_key_label = u"replica1"
replica1_key_id = "id1"
replica1_import_label = u"replica1-import"
replica1_import_id = "id1-import"
replica1_new_label = u"replica1-new-label-ž"
replica2_key_label = u"replica2"
replica2_key_id = "id2"
replica_non_existent_label = u"replica-nonexistent"
@pytest.fixture(scope="module")
def p11(request):
token_path = tempfile.mkdtemp(prefix='pytest_', suffix='_pkcs11')
os.chdir(token_path)
os.mkdir('tokens')
with open('softhsm2.conf', 'w') as cfg:
cfg.write(CONFIG_DATA % token_path)
os.environ['SOFTHSM2_CONF'] = os.path.join(token_path, 'softhsm2.conf')
subprocess.check_call([SOFTHSM2_UTIL, '--init-token', '--slot', '0',
'--label', 'test', '--pin', '1234', '--so-pin',
'1234'])
try:
p11 = _ipap11helper.P11_Helper(0, "1234", LIBSOFTHSM)
except _ipap11helper.Error:
pytest.fail('Failed to initialize the helper object.', pytrace=False)
def fin():
try:
p11.finalize()
except _ipap11helper.Error:
pytest.fail('Failed to finalize the helper object.', pytrace=False)
finally:
del os.environ['SOFTHSM2_CONF']
request.addfinalizer(fin)
return p11
class test_p11helper(object):
def test_generate_master_key(self, p11):
assert p11.generate_master_key(master_key_label, master_key_id,
key_length=16, cka_wrap=True,
cka_unwrap=True)
def test_search_for_master_key(self, p11):
master_key = p11.find_keys(_ipap11helper.KEY_CLASS_SECRET_KEY,
label=master_key_label, id=master_key_id)
assert len(master_key) == 1, "The master key should exist."
def test_generate_replica_key_pair(self, p11):
assert p11.generate_replica_key_pair(replica1_key_label,
replica1_key_id,
pub_cka_wrap=True,
priv_cka_unwrap=True)
def test_find_key(self, p11):
rep1_pub = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica1_key_label, cka_wrap=True)
assert len(rep1_pub) == 1, ("replica key pair has to contain "
"1 pub key instead of %s" % len(rep1_pub))
rep1_priv = p11.find_keys(_ipap11helper.KEY_CLASS_PRIVATE_KEY,
label=replica1_key_label, cka_unwrap=True)
assert len(rep1_priv) == 1, ("replica key pair has to contain 1 "
"private key instead of %s" %
len(rep1_priv))
def test_find_key_by_uri(self, p11):
rep1_pub = p11.find_keys(uri="pkcs11:object=replica1;objecttype=public")
assert len(rep1_pub) == 1, ("replica key pair has to contain 1 pub "
"key instead of %s" % len(rep1_pub))
def test_get_attribute_from_object(self, p11):
rep1_pub = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica1_key_label, cka_wrap=True)[0]
iswrap = p11.get_attribute(rep1_pub, _ipap11helper.CKA_WRAP)
assert iswrap is True, "replica public key has to have CKA_WRAP = TRUE"
def test_generate_replica_keypair_with_extractable_private_key(self, p11):
assert p11.generate_replica_key_pair(replica2_key_label,
replica2_key_id,
pub_cka_wrap=True,
priv_cka_unwrap=True,
priv_cka_extractable=True)
def test_find_key_on_nonexistent_key_pair(self, p11):
test_list = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica_non_existent_label)
assert len(test_list) == 0, ("list should be empty because label "
"'%s' should not exist" %
replica_non_existent_label)
def test_export_import_of_public_key(self, p11):
rep1_pub = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica1_key_label, cka_wrap=True)[0]
pub = p11.export_public_key(rep1_pub)
log.debug("Exported public key %s", hexlify(pub))
with open("public_key.asn1.der", "wb") as f:
f.write(pub)
rep1_pub_import = p11.import_public_key(replica1_import_label,
replica1_import_id,
pub,
cka_wrap=True)
log.debug('imported replica 1 public key: %s', rep1_pub_import)
# test public key import
rep1_modulus_orig = p11.get_attribute(rep1_pub,
_ipap11helper.CKA_MODULUS)
rep1_modulus_import = p11.get_attribute(rep1_pub_import,
_ipap11helper.CKA_MODULUS)
log.debug('rep1_modulus_orig = 0x%s', hexlify(rep1_modulus_orig))
log.debug('rep1_modulus_import = 0x%s', hexlify(rep1_modulus_import))
assert rep1_modulus_import == rep1_modulus_orig
rep1_pub_exp_orig = p11.get_attribute(
rep1_pub, _ipap11helper.CKA_PUBLIC_EXPONENT)
rep1_pub_exp_import = p11.get_attribute(
rep1_pub_import, _ipap11helper.CKA_PUBLIC_EXPONENT)
log.debug('rep1_pub_exp_orig = 0x%s', hexlify(rep1_pub_exp_orig))
log.debug('rep1_pub_exp_import = 0x%s', hexlify(rep1_pub_exp_import))
assert rep1_pub_exp_import == rep1_pub_exp_orig
def test_wrap_unwrap_key_by_master_key_with_AES(self, p11):
master_key = p11.find_keys(_ipap11helper.KEY_CLASS_SECRET_KEY,
label=master_key_label, id=master_key_id)[0]
rep2_priv = p11.find_keys(_ipap11helper.KEY_CLASS_PRIVATE_KEY,
label=replica2_key_label, cka_unwrap=True)[0]
log.debug("wrapping dnssec priv key by master key")
wrapped_priv = p11.export_wrapped_key(
rep2_priv, master_key, _ipap11helper.MECH_AES_KEY_WRAP_PAD
)
assert wrapped_priv
log.debug("wrapped_dnssec priv key: %s", hexlify(wrapped_priv))
with open("wrapped_priv.der", "wb") as f:
f.write(wrapped_priv)
assert p11.import_wrapped_private_key(
u'test_import_wrapped_priv',
'1',
wrapped_priv,
master_key,
_ipap11helper.MECH_AES_KEY_WRAP_PAD,
_ipap11helper.KEY_TYPE_RSA
)
def test_wrap_unwrap_key_by_master_key_with_RSA_PKCS(self, p11):
master_key = p11.find_keys(_ipap11helper.KEY_CLASS_SECRET_KEY,
label=master_key_label, id=master_key_id)[0]
rep2_pub = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica2_key_label, cka_wrap=True)[0]
rep2_priv = p11.find_keys(_ipap11helper.KEY_CLASS_PRIVATE_KEY,
label=replica2_key_label, cka_unwrap=True)[0]
wrapped = p11.export_wrapped_key(master_key,
rep2_pub,
_ipap11helper.MECH_RSA_PKCS)
assert wrapped
log.debug("wrapped key MECH_RSA_PKCS (secret master wrapped by pub "
"key): %s", hexlify(wrapped))
assert p11.import_wrapped_secret_key(u'test_import_wrapped',
'2',
wrapped,
rep2_priv,
_ipap11helper.MECH_RSA_PKCS,
_ipap11helper.KEY_TYPE_AES)
def test_wrap_unwrap_by_master_key_with_RSA_PKCS_OAEP(self, p11):
master_key = p11.find_keys(_ipap11helper.KEY_CLASS_SECRET_KEY,
label=master_key_label, id=master_key_id)[0]
rep2_pub = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica2_key_label, cka_wrap=True)[0]
rep2_priv = p11.find_keys(_ipap11helper.KEY_CLASS_PRIVATE_KEY,
label=replica2_key_label, cka_unwrap=True)[0]
wrapped = p11.export_wrapped_key(master_key,
rep2_pub,
_ipap11helper.MECH_RSA_PKCS_OAEP)
assert wrapped
log.debug("wrapped key MECH_RSA_PKCS_OAEP (secret master wrapped by "
"pub key): %s", hexlify(wrapped))
assert p11.import_wrapped_secret_key(u'test_import_wrapped',
'3',
wrapped,
rep2_priv,
_ipap11helper.MECH_RSA_PKCS_OAEP,
_ipap11helper.KEY_TYPE_AES)
def test_set_attribute_on_object(self, p11):
rep1_pub = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica1_key_label, cka_wrap=True)[0]
test_label = replica1_new_label
p11.set_attribute(rep1_pub, _ipap11helper.CKA_LABEL, test_label)
assert p11.get_attribute(rep1_pub, _ipap11helper.CKA_LABEL) \
== test_label, "The labels do not match."
def test_do_not_generate_identical_master_keys(self, p11):
with pytest.raises(_ipap11helper.DuplicationError):
p11.generate_master_key(master_key_label, master_key_id,
key_length=16)
master_key = p11.find_keys(_ipap11helper.KEY_CLASS_SECRET_KEY,
label=master_key_label)
assert len(master_key) == 1, ("There shouldn't be multiple keys "
"with the same label.")
def test_delete_key(self, p11):
master_key = p11.find_keys(_ipap11helper.KEY_CLASS_SECRET_KEY,
label=master_key_label, id=master_key_id)[0]
rep1_pub = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica1_new_label, cka_wrap=True)[0]
rep2_priv = p11.find_keys(_ipap11helper.KEY_CLASS_PRIVATE_KEY,
label=replica2_key_label, cka_unwrap=True)[0]
for key in (rep1_pub, rep2_priv, master_key):
p11.delete_key(key)
master_key = p11.find_keys(_ipap11helper.KEY_CLASS_SECRET_KEY,
label=master_key_label, id=master_key_id)
assert len(master_key) == 0, "The master key should be deleted."
rep1_pub = p11.find_keys(_ipap11helper.KEY_CLASS_PUBLIC_KEY,
label=replica1_new_label, cka_wrap=True)
assert len(rep1_pub) == 0, ("The public key of replica1 pair should "
"be deleted.")
rep2_priv = p11.find_keys(_ipap11helper.KEY_CLASS_PRIVATE_KEY,
label=replica2_key_label, cka_unwrap=True)
assert len(rep2_priv) == 0, ("The private key of replica2 pair should"
" be deleted.")

142
ipatests/test_ipapython/test_ipautil.py
View File

@@ -1,5 +1,3 @@
# encoding: utf-8
# Authors:
# Jan Cholasta <jcholast@redhat.com>
#
@@ -22,29 +20,20 @@
Test the `ipapython/ipautil.py` module.
"""
import sys
import nose
import pytest
import six
from ipapython import ipautil
import pytest
class CheckIPAddress:
def __init__(self, addr):
self.description = "Test IP address parsing and verification (%s)" % addr
pytestmark = pytest.mark.tier0
def make_ipaddress_checker(addr, words=None, prefixlen=None):
def check_ipaddress():
def __call__(self, addr, words=None, prefixlen=None):
try:
ip = ipautil.CheckedIPAddress(addr, match_local=False)
assert ip.words == words and ip.prefixlen == prefixlen
except:
assert words is None and prefixlen is None
check_ipaddress.description = "Test IP address parsing and verification (%s)" % addr
return check_ipaddress
def test_ip_address():
addrs = [
@@ -77,7 +66,7 @@ def test_ip_address():
]
for addr in addrs:
yield make_ipaddress_checker(*addr)
yield (CheckIPAddress(addr[0]),) + addr
class TestCIDict(object):
@@ -126,37 +115,27 @@ class TestCIDict(object):
nose.tools.assert_equal("newval4", self.cidict["key4"])
def test_del(self):
assert "Key1" in self.cidict
assert self.cidict.has_key("Key1")
del(self.cidict["Key1"])
assert "Key1" not in self.cidict
assert not self.cidict.has_key("Key1")
assert "key2" in self.cidict
assert self.cidict.has_key("key2")
del(self.cidict["KEY2"])
assert "key2" not in self.cidict
assert not self.cidict.has_key("key2")
def test_clear(self):
nose.tools.assert_equal(3, len(self.cidict))
self.cidict.clear()
nose.tools.assert_equal(0, len(self.cidict))
assert self.cidict == {}
assert list(self.cidict) == []
assert list(self.cidict.values()) == []
assert list(self.cidict.items()) == []
if six.PY2:
assert self.cidict.keys() == []
assert self.cidict.values() == []
assert self.cidict.items() == []
assert self.cidict._keys == {}
def test_copy(self):
copy = self.cidict.copy()
assert copy == self.cidict
nose.tools.assert_equal(3, len(copy))
assert "Key1" in copy
assert "key1" in copy
assert copy.has_key("Key1")
assert copy.has_key("key1")
nose.tools.assert_equal("val1", copy["Key1"])
@pytest.mark.skipif(not six.PY2, reason="Python 2 only")
def test_haskey(self):
assert self.cidict.has_key("KEY1")
assert self.cidict.has_key("key2")
@@ -172,15 +151,15 @@ class TestCIDict(object):
assert "Key4" not in self.cidict
def test_items(self):
items = list(self.cidict.items())
items = self.cidict.items()
nose.tools.assert_equal(3, len(items))
items_set = set(items)
assert ("Key1", "val1") in items_set
assert ("key2", "val2") in items_set
assert ("KEY3", "VAL3") in items_set
assert list(self.cidict.items()) == list(self.cidict.iteritems()) == list(zip(
self.cidict.keys(), self.cidict.values()))
assert self.cidict.items() == list(self.cidict.iteritems()) == zip(
self.cidict.iterkeys(), self.cidict.itervalues())
def test_iter(self):
items = []
@@ -218,24 +197,24 @@ class TestCIDict(object):
assert "VAL3" in values_set
def test_keys(self):
keys = list(self.cidict.keys())
keys = self.cidict.keys()
nose.tools.assert_equal(3, len(keys))
keys_set = set(keys)
assert "Key1" in keys_set
assert "key2" in keys_set
assert "KEY3" in keys_set
assert list(self.cidict.keys()) == list(self.cidict.iterkeys())
assert self.cidict.keys() == list(self.cidict.iterkeys())
def test_values(self):
values = list(self.cidict.values())
values = self.cidict.values()
nose.tools.assert_equal(3, len(values))
values_set = set(values)
assert "val1" in values_set
assert "val2" in values_set
assert "VAL3" in values_set
assert list(self.cidict.values()) == list(self.cidict.itervalues())
assert self.cidict.values() == list(self.cidict.itervalues())
def test_update(self):
newdict = { "KEY2": "newval2",
@@ -243,7 +222,7 @@ class TestCIDict(object):
self.cidict.update(newdict)
nose.tools.assert_equal(4, len(self.cidict))
items = list(self.cidict.items())
items = self.cidict.items()
nose.tools.assert_equal(4, len(items))
items_set = set(items)
assert ("Key1", "val1") in items_set
@@ -284,22 +263,22 @@ class TestCIDict(object):
def test_setdefault(self):
nose.tools.assert_equal("val1", self.cidict.setdefault("KEY1", "default"))
assert "KEY4" not in self.cidict
assert not self.cidict.has_key("KEY4")
nose.tools.assert_equal("default", self.cidict.setdefault("KEY4", "default"))
assert "KEY4" in self.cidict
assert self.cidict.has_key("KEY4")
nose.tools.assert_equal("default", self.cidict["key4"])
assert "KEY5" not in self.cidict
assert not self.cidict.has_key("KEY5")
nose.tools.assert_equal(None, self.cidict.setdefault("KEY5"))
assert "KEY5" in self.cidict
assert self.cidict.has_key("KEY5")
nose.tools.assert_equal(None, self.cidict["key5"])
def test_pop(self):
nose.tools.assert_equal("val1", self.cidict.pop("KEY1", "default"))
assert "key1" not in self.cidict
assert not self.cidict.has_key("key1")
nose.tools.assert_equal("val2", self.cidict.pop("KEY2"))
assert "key2" not in self.cidict
assert not self.cidict.has_key("key2")
nose.tools.assert_equal("default", self.cidict.pop("key4", "default"))
with nose.tools.assert_raises(KeyError):
@@ -327,7 +306,15 @@ class TestCIDict(object):
def test_fromkeys(self):
dct = ipautil.CIDict.fromkeys(('A', 'b', 'C'))
assert sorted(dct.keys()) == sorted(['A', 'b', 'C'])
assert list(dct.values()) == [None] * 3
assert sorted(dct.values()) == [None] * 3
def test_clear(self):
self.cidict.clear()
assert self.cidict == {}
assert self.cidict.keys() == []
assert self.cidict.values() == []
assert self.cidict.items() == []
assert self.cidict._keys == {}
class TestTimeParser(object):
@@ -386,8 +373,6 @@ class TestTimeParser(object):
nose.tools.assert_equal(800000, time.microsecond)
def test_time_zones(self):
# pylint: disable=no-member
timestr = "20051213141205Z"
time = ipautil.parse_generalized_time(timestr)
@@ -421,62 +406,3 @@ class TestTimeParser(object):
nose.tools.assert_equal(-30, time.tzinfo.minoffset)
offset = time.tzinfo.utcoffset(time.tzinfo.dst())
nose.tools.assert_equal(((24 - 9) * 60 * 60) - (30 * 60), offset.seconds)
def test_run():
result = ipautil.run(['echo', 'foo\x02bar'],
capture_output=True,
capture_error=True)
assert result.returncode == 0
assert result.output == 'foo\x02bar\n'
assert result.raw_output == b'foo\x02bar\n'
assert result.error_output == ''
assert result.raw_error_output == b''
def test_run_no_capture_output():
result = ipautil.run(['echo', 'foo\x02bar'])
assert result.returncode == 0
assert result.output is None
assert result.raw_output == b'foo\x02bar\n'
assert result.error_output is None
assert result.raw_error_output == b''
def test_run_bytes():
result = ipautil.run(['echo', b'\x01\x02'], capture_output=True)
assert result.returncode == 0
assert result.raw_output == b'\x01\x02\n'
def test_run_decode():
result = ipautil.run(['echo', u'á'.encode('utf-8')],
encoding='utf-8', capture_output=True)
assert result.returncode == 0
if six.PY3:
assert result.output == 'á\n'
else:
assert result.output == 'á\n'.encode('utf-8')
def test_run_decode_bad():
if six.PY3:
with pytest.raises(UnicodeDecodeError):
ipautil.run(['echo', b'\xa0\xa1'],
capture_output=True,
encoding='utf-8')
else:
result = ipautil.run(['echo', '\xa0\xa1'],
capture_output=True,
encoding='utf-8')
assert result.returncode == 0
assert result.output == '\xa0\xa1\n'
def test_backcompat():
result = out, err, rc = ipautil.run(['echo', 'foo\x02bar'],
capture_output=True,
capture_error=True)
assert rc is result.returncode
assert out is result.output
assert err is result.error_output

9
ipatests/test_ipapython/test_ipavalidate.py
View File

@@ -21,13 +21,16 @@ import sys
sys.path.insert(0, ".")
import unittest
import pytest
from ipapython import ipavalidate
pytestmark = pytest.mark.tier0
class TestValidate(unittest.TestCase):
def setUp(self):
pass
def tearDown(self):
pass
def test_validEmail(self):
self.assertEqual(True, ipavalidate.Email("test@freeipa.org"))
self.assertEqual(True, ipavalidate.Email("", notEmpty=False))

29
ipatests/test_ipapython/test_keyring.py
View File

@@ -23,13 +23,9 @@ Test the `kernel_keyring.py` module.
from nose.tools import raises, assert_raises # pylint: disable=E0611
from ipapython import kernel_keyring
import pytest
pytestmark = pytest.mark.tier0
TEST_KEY = 'ipa_test'
TEST_VALUE = b'abc123'
UPDATE_VALUE = b'123abc'
TEST_VALUE = 'abc123'
UPDATE_VALUE = '123abc'
SIZE_256 = 'abcdefgh' * 32
SIZE_512 = 'abcdefgh' * 64
@@ -40,7 +36,7 @@ class test_keyring(object):
Test the kernel keyring interface
"""
def setup(self):
def setUp(self):
try:
kernel_keyring.del_key(TEST_KEY)
except ValueError:
@@ -63,8 +59,8 @@ class test_keyring(object):
# Make sure it is gone
try:
result = kernel_keyring.read_key(TEST_KEY)
except ValueError as e:
assert str(e) == 'key %s not found' % TEST_KEY
except ValueError, e:
assert e.message == 'key %s not found' % TEST_KEY
def test_02(self):
"""
@@ -93,11 +89,10 @@ class test_keyring(object):
assert(result == UPDATE_VALUE)
# Now update it 10 times
for i in range(10):
value = ('test %d' % i).encode('ascii')
kernel_keyring.update_key(TEST_KEY, value)
for i in xrange(10):
kernel_keyring.update_key(TEST_KEY, 'test %d' % i)
result = kernel_keyring.read_key(TEST_KEY)
assert(result == value)
assert(result == 'test %d' % i)
kernel_keyring.del_key(TEST_KEY)
@@ -135,9 +130,9 @@ class test_keyring(object):
"""
Test 512-bytes of data
"""
kernel_keyring.add_key(TEST_KEY, SIZE_512.encode('ascii'))
kernel_keyring.add_key(TEST_KEY, SIZE_512)
result = kernel_keyring.read_key(TEST_KEY)
assert(result == SIZE_512.encode('ascii'))
assert(result == SIZE_512)
kernel_keyring.del_key(TEST_KEY)
@@ -145,8 +140,8 @@ class test_keyring(object):
"""
Test 1k bytes of data
"""
kernel_keyring.add_key(TEST_KEY, SIZE_1024.encode('ascii'))
kernel_keyring.add_key(TEST_KEY, SIZE_1024)
result = kernel_keyring.read_key(TEST_KEY)
assert(result == SIZE_1024.encode('ascii'))
assert(result == SIZE_1024)
kernel_keyring.del_key(TEST_KEY)

55
ipatests/test_ipapython/test_secrets.py
View File

@@ -1,55 +0,0 @@
# Copyright (C) 2015 FreeIPA Project Contributors - see LICENSE file
from __future__ import print_function
from ipapython.secrets.store import iSecStore, NAME_DB_MAP, NSSCertDB
import os
import shutil
import subprocess
import unittest
def _test_password_callback():
with open('test-ipa-sec-store/pwfile') as f:
password = f.read()
return password
class TestiSecStore(unittest.TestCase):
@classmethod
def setUpClass(cls):
try:
shutil.rmtree('test-ipa-sec-store')
except Exception: # pylint: disable=broad-except
pass
testdir = 'test-ipa-sec-store'
pwfile = os.path.join(testdir, 'pwfile')
os.mkdir(testdir)
with open(pwfile, 'w') as f:
f.write('testpw')
cls.certdb = os.path.join(testdir, 'certdb')
os.mkdir(cls.certdb)
cls.cert2db = os.path.join(testdir, 'cert2db')
os.mkdir(cls.cert2db)
seedfile = os.path.join(testdir, 'seedfile')
with open(seedfile, 'wb') as f:
seed = os.urandom(1024)
f.write(seed)
subprocess.call(['certutil', '-d', cls.certdb, '-N', '-f', pwfile])
subprocess.call(['certutil', '-d', cls.cert2db, '-N', '-f', pwfile])
subprocess.call(['certutil', '-d', cls.certdb, '-S', '-f', pwfile,
'-s', 'CN=testCA', '-n', 'testCACert', '-x',
'-t', 'CT,C,C', '-m', '1', '-z', seedfile])
def test_iSecStore(self):
iss = iSecStore({})
NAME_DB_MAP['test'] = {
'type': 'NSSDB',
'path': self.certdb,
'handler': NSSCertDB,
'pwcallback': _test_password_callback,
}
value = iss.get('keys/test/testCACert')
NAME_DB_MAP['test']['path'] = self.cert2db
iss.set('keys/test/testCACert', value)

41
ipatests/test_ipapython/test_ssh.py
View File

@@ -21,28 +21,20 @@ Test the `ipapython/ssh.py` module.
"""
import base64
import six
import nose
import pytest
from ipapython import ssh
if six.PY3:
unicode = str
class CheckPublicKey:
def __init__(self, pk):
self.description = "Test SSH public key parsing (%s)" % repr(pk)
pytestmark = pytest.mark.tier0
def make_public_key_checker(pk, out):
def check_public_key():
def __call__(self, pk, out):
try:
parsed = ssh.SSHPublicKey(pk)
assert parsed.openssh() == out
except Exception as e:
except Exception, e:
assert type(e) is out
check_public_key.description = "Test SSH public key parsing (%s)" % repr(pk)
return check_public_key
def test_public_key_parsing():
b64 = 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDGAX3xAeLeaJggwTqMjxNwa6XHBUAikXPGMzEpVrlLDCZtv00djsFTBi38PkgxBJVkgRWMrcBsr/35lq7P6w8KGIwA8GI48Z0qBS2NBMJ2u9WQ2hjLN6GdMlo77O0uJY3251p12pCVIS/bHRSq8kHO2No8g7KA9fGGcagPfQH+ee3t7HUkpbQkFTmbPPN++r3V8oVUk5LxbryB3UIIVzNmcSIn3JrXynlvui4MixvrtX6zx+O/bBo68o8/eZD26QrahVbA09fivrn/4h3TM019Eu/c2jOdckfU3cHUV/3Tno5d6JicibyaoDDK7S/yjdn5jhaz8MSEayQvFkZkiF0L'
@@ -50,32 +42,23 @@ def test_public_key_parsing():
openssh = 'ssh-rsa %s' % b64
pks = [
(b'\xff', UnicodeDecodeError),
(u'\xff', ValueError),
('\xff', UnicodeDecodeError),
(raw, openssh),
(b'\0\0\0\x04none', u'none AAAABG5vbmU='),
(b'\0\0\0', ValueError),
(b'\0\0\0\0', ValueError),
(b'\0\0\0\x01', ValueError),
(b'\0\0\0\x01\xff', ValueError),
(u'\0\0\0\x04none', ValueError),
(u'\0\0\0', ValueError),
(u'\0\0\0\0', ValueError),
(u'\0\0\0\x01', ValueError),
(u'\0\0\0\x01\xff', ValueError),
('\0\0\0\x04none', u'none AAAABG5vbmU='),
('\0\0\0', ValueError),
('\0\0\0\0', ValueError),
('\0\0\0\x01', ValueError),
('\0\0\0\x01\xff', ValueError),
(b64, openssh),
(unicode(b64), openssh),
(b64.encode('ascii'), openssh),
(u'\n%s\n\n' % b64, openssh),
(u'AAAABG5vbmU=', u'none AAAABG5vbmU='),
(u'AAAAB', ValueError),
(openssh, openssh),
(unicode(openssh), openssh),
(openssh.encode('ascii'), openssh),
(u'none AAAABG5vbmU=', u'none AAAABG5vbmU='),
(u'\t \t ssh-rsa \t \t%s\t \tthis is a comment\t \t ' % b64,
u'%s this is a comment' % openssh),
@@ -90,4 +73,4 @@ def test_public_key_parsing():
]
for pk in pks:
yield make_public_key_checker(*pk)
yield (CheckPublicKey(pk[0]),) + pk