def test_apache_ssl_context_ssl_not_master(self, mock_ensure_permissions,
mock_get_ca, mock_mkdir):
context.ApacheSSLContext().configure_cert('foo')
context.ApacheSSLContext().configure_ca()
self.assertTrue(mock_mkdir.called)
self.assertTrue(mock_ensure_permissions.called)
self.assertFalse(mock_get_ca.called)
def test_apache_ssl_context_ssl_not_master(
self, mock_log, mock_is_ssl_enabled, mock_is_ssl_cert_master,
mock_determine_ports, mock_ensure_permissions, mock_get_ca,
mock_mkdir, mock_cert_provided_in_config):
mock_cert_provided_in_config.return_value = False
mock_is_ssl_enabled.return_value = True
mock_is_ssl_cert_master.return_value = False
context.ApacheSSLContext().configure_cert('foo')
context.ApacheSSLContext().configure_ca()
self.assertTrue(mock_mkdir.called)
self.assertTrue(mock_ensure_permissions.called)
self.assertFalse(mock_get_ca.called)
def test_apache_ssl_context_service_enabled(
self, mock_https, mock_unit_get, mock_determine_api_port,
mock_determine_apache_port, mock_is_clustered, mock_config,
mock_is_ssl_enabled, mock_is_ssl_cert_master,
mock_determine_ports):
mock_is_ssl_enabled.return_value = True
mock_is_ssl_cert_master.return_value = True
mock_https.return_value = True
mock_unit_get.return_value = '1.2.3.4'
mock_determine_api_port.return_value = '12'
mock_determine_apache_port.return_value = '34'
mock_is_clustered.return_value = False
mock_config.return_value = None
mock_determine_ports.return_value = ['12']
ctxt = context.ApacheSSLContext()
ctxt.enable_modules = MagicMock()
ctxt.configure_cert = MagicMock()
ctxt.configure_ca = MagicMock()
ctxt.canonical_names = MagicMock()
self.assertEquals(
ctxt(), {
'endpoints': [('1.2.3.4', '1.2.3.4', 34, 12)],
'namespace': 'keystone',
'ext_ports': [34]
})
self.assertTrue(mock_https.called)
mock_unit_get.assert_called_with('private-address')
def test_apache_ssl_context_ssl_configure_ca(self, mock_b64decode,
mock_install_ca_cert,
mock_ensure_permissions):
config = {'ssl_cert': 'somecert', 'ssl_key': 'greatkey'}
def fake_config(key):
return config.get(key)
self.config.side_effect = fake_config
context.ApacheSSLContext().configure_ca()
self.assertFalse(mock_b64decode.called)
self.assertFalse(mock_install_ca_cert.called)
self.assertFalse(mock_ensure_permissions.called)
config['ssl_ca'] = 'foofoofalalala'
context.ApacheSSLContext().configure_ca()
self.assertTrue(mock_b64decode.called)
self.assertTrue(mock_install_ca_cert.called)
self.assertTrue(mock_ensure_permissions.called)
def test_canonical_names_without_network_splits(self, mock_get_address,
mock_is_clustered,
mock_unit_get, mock_config,
mock_log):
NET_CONFIG = {
'vip': '10.0.3.1 10.0.3.2',
'os-internal-network': None,
'os-admin-network': None,
'os-public-network': None
}
mock_unit_get.return_value = '10.0.3.10'
mock_is_clustered.return_value = True
config = {}
config.update(NET_CONFIG)
mock_config.side_effect = lambda key: config[key]
apache = context.ApacheSSLContext()
apache.canonical_names()
msg = "Multiple networks configured but net_type" \
" is None (os-public-network)."
mock_log.assert_called_with(msg, level="WARNING")
