def test_alternative_names_bad_domain(self):
csr = x509_csr.X509Csr()
ext = x509_ext.X509ExtensionSubjectAltName()
ext.add_dns_id('test.baddomain.com')
csr.add_extension(ext)
with self.assertRaises(validators.ValidationError) as e:
validators.alternative_names(
csr=csr,
allowed_domains=['.test.com'])
self.assertEqual("Domain 'test.baddomain.com' not allowed (doesn't "
"match known domains)", str(e.exception))
def test_alternative_names_bad_domain(self):
csr = x509_csr.X509Csr()
ext = x509_ext.X509ExtensionSubjectAltName()
ext.add_dns_id('test.baddomain.com')
csr.add_extension(ext)
with self.assertRaises(validators.ValidationError) as e:
validators.alternative_names(csr=csr,
allowed_domains=['.test.com'])
self.assertEqual(
"Domain 'test.baddomain.com' not allowed (doesn't "
"match known domains)", str(e.exception))
def test_alternative_names_ext(self):
ext_mock = mock.MagicMock()
ext_mock.get_value.return_value = 'BAD,10.1.1.1'
ext_mock.get_name.return_value = 'subjectAltName'
csr_mock = mock.MagicMock()
csr_mock.get_extensions.return_value = [ext_mock]
with self.assertRaises(validators.ValidationError) as e:
validators.alternative_names(
csr=csr_mock,
allowed_domains=['.test.com'])
self.assertEqual("Alt name should have 2 parts, but found: 'BAD'",
str(e.exception))
def test_alternative_names_bad_domain(self, gethostbyname_ex):
gethostbyname_ex.return_value = ('master.test.com', [], ['10.0.0.1'])
ext_mock = mock.MagicMock()
ext_mock.get_value.return_value = 'DNS:test.baddomain.com'
ext_mock.get_name.return_value = 'subjectAltName'
csr_mock = mock.MagicMock()
csr_mock.get_extensions.return_value = [ext_mock]
with self.assertRaises(validators.ValidationError) as e:
validators.alternative_names(
csr=csr_mock,
allowed_domains=['.test.com'])
self.assertEqual("Domain 'test.baddomain.com' not allowed (doesn't "
"match known domains or networks)", str(e.exception))
def test_alternative_names_good_domain(self):
csr = x509_csr.X509Csr()
ext = x509_ext.X509ExtensionSubjectAltName()
ext.add_dns_id('master.test.com')
csr.add_extension(ext)
self.assertEqual(
None,
validators.alternative_names(
csr=csr,
allowed_domains=['.test.com'],
))
def test_alternative_names_good_domain(self):
csr = x509_csr.X509Csr()
ext = x509_ext.X509ExtensionSubjectAltName()
ext.add_dns_id('master.test.com')
csr.add_extension(ext)
self.assertEqual(
None,
validators.alternative_names(
csr=csr,
allowed_domains=['.test.com'],
)
)
def test_alternative_names_good_domain(self, gethostbyname_ex):
gethostbyname_ex.return_value = ('master.test.com', [], ['10.0.0.1'])
ext_mock = mock.MagicMock()
ext_mock.get_value.return_value = 'DNS:master.test.com'
ext_mock.get_name.return_value = 'subjectAltName'
csr_mock = mock.MagicMock()
csr_mock.get_extensions.return_value = [ext_mock]
self.assertEqual(
None,
validators.alternative_names(
csr=csr_mock,
allowed_domains=['.test.com'],
)
)
