"Fossies" - the Fresh Open Source Software Archive

Member "salt-3002.2/tests/pytests/unit/modules/test_tls.py" (18 Nov 2020, 3602 Bytes) of package /linux/misc/salt-3002.2.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "test_tls.py": 3002.1_vs_3002.2.

    1 import os
    2 
    3 import pytest
    4 import salt.modules.tls as tls
    5 from tests.support.mock import MagicMock, patch
    6 
    7 
    8 @pytest.fixture(scope="module")
    9 def tls_test_data():
   10     return {
   11         "create_ca": {
   12             "bits": 2048,
   13             "CN": "localhost",
   14             "C": "US",
   15             "ST": "Utah",
   16             "L": "Salt Lake City",
   17             "O": "SaltStack",
   18             "OU": "Test Unit",
   19             "emailAddress": "xyz@pdq.net",
   20             "digest": "sha256",
   21             "replace": False,
   22         }
   23     }
   24 
   25 
   26 @pytest.fixture(autouse=True)
   27 def setup_loader():
   28     setup_loader_modules = {tls: {}}
   29     with pytest.helpers.loader_mock(setup_loader_modules) as loader_mock:
   30         yield loader_mock
   31 
   32 
   33 def test_create_ca_permissions_on_cert_and_key(tmpdir, tls_test_data):
   34     ca_name = "test_ca"
   35     certp = tmpdir.join(ca_name).join("{}_ca_cert.crt".format(ca_name)).strpath
   36     certk = tmpdir.join(ca_name).join("{}_ca_cert.key".format(ca_name)).strpath
   37     mock_opt = MagicMock(return_value=tmpdir)
   38     mock_ret = MagicMock(return_value=0)
   39 
   40     print(tls_test_data)
   41 
   42     with patch.dict(
   43         tls.__salt__, {"config.option": mock_opt, "cmd.retcode": mock_ret}
   44     ), patch.dict(tls.__opts__, {"hash_type": "sha256", "cachedir": str(tmpdir)}):
   45         tls.create_ca(ca_name, days=365, fixmode=False, **tls_test_data["create_ca"])
   46         certp_mode = os.stat(certp).st_mode & 0o7777
   47         certk_mode = os.stat(certk).st_mode & 0o7777
   48 
   49         assert 0o644 == certp_mode
   50         assert 0o600 == certk_mode
   51 
   52 
   53 def test_create_csr_permissions_on_csr_and_key(tmpdir, tls_test_data):
   54     ca_name = "test_ca"
   55     csrp = (
   56         tmpdir.join(ca_name)
   57         .join("certs")
   58         .join("{}.csr".format(tls_test_data["create_ca"]["CN"]))
   59         .strpath
   60     )
   61     keyp = (
   62         tmpdir.join(ca_name)
   63         .join("certs")
   64         .join("{}.key".format(tls_test_data["create_ca"]["CN"]))
   65         .strpath
   66     )
   67 
   68     mock_opt = MagicMock(return_value=tmpdir)
   69     mock_ret = MagicMock(return_value=0)
   70     mock_pgt = MagicMock(return_value=False)
   71 
   72     with patch.dict(
   73         tls.__salt__,
   74         {"config.option": mock_opt, "cmd.retcode": mock_ret, "pillar.get": mock_pgt},
   75     ), patch.dict(tls.__opts__, {"hash_type": "sha256", "cachedir": str(tmpdir)}):
   76         tls.create_ca(ca_name, days=365, **tls_test_data["create_ca"])
   77         tls.create_csr(ca_name, **tls_test_data["create_ca"])
   78 
   79         csrp_mode = os.stat(csrp).st_mode & 0o7777
   80         keyp_mode = os.stat(keyp).st_mode & 0o7777
   81 
   82         assert 0o644 == csrp_mode
   83         assert 0o600 == keyp_mode
   84 
   85 
   86 def test_create_self_signed_cert_permissions_on_csr_cert_and_key(tmpdir, tls_test_data):
   87     ca_name = "test_ca"
   88     certp = (
   89         tmpdir.join(ca_name)
   90         .join("certs")
   91         .join("{}.crt".format(tls_test_data["create_ca"]["CN"]))
   92         .strpath
   93     )
   94     keyp = (
   95         tmpdir.join(ca_name)
   96         .join("certs")
   97         .join("{}.key".format(tls_test_data["create_ca"]["CN"]))
   98         .strpath
   99     )
  100 
  101     mock_opt = MagicMock(return_value=tmpdir)
  102     mock_ret = MagicMock(return_value=0)
  103     mock_pgt = MagicMock(return_value=False)
  104 
  105     with patch.dict(
  106         tls.__salt__,
  107         {"config.option": mock_opt, "cmd.retcode": mock_ret, "pillar.get": mock_pgt},
  108     ), patch.dict(tls.__opts__, {"hash_type": "sha256", "cachedir": str(tmpdir)}):
  109         tls.create_self_signed_cert(ca_name, days=365, **tls_test_data["create_ca"])
  110 
  111         certp_mode = os.stat(certp).st_mode & 0o7777
  112         keyp_mode = os.stat(keyp).st_mode & 0o7777
  113 
  114         assert 0o644 == certp_mode
  115         assert 0o600 == keyp_mode