Example #1
0
    def test_whitelist_names_full_ipid_match(self):
        csr = x509_csr.X509Csr()
        ext = x509_ext.X509ExtensionSubjectAltName()
        ext.add_ip(netaddr.IPAddress('1.2.3.4'))
        csr.add_extension(ext)

        custom.whitelist_names(csr=csr, allow_ip_id=True, names=['1.2.3.4'])
Example #2
0
    def test_whitelist_names_full_ipid_match(self):
        csr = x509_csr.X509Csr()
        ext = x509_ext.X509ExtensionSubjectAltName()
        ext.add_ip(netaddr.IPAddress('1.2.3.4'))
        csr.add_extension(ext)

        custom.whitelist_names(csr=csr, allow_ip_id=True, names=['1.2.3.4'])
Example #3
0
 def test_whitelist_names_cn_not_allowed(self):
     csr = self._csr_with_cn("bad.example.com")
     with self.assertRaises(errors.ValidationError):
         custom.whitelist_names(
             csr=csr,
             names=[],
         )
Example #4
0
    def test_whitelist_names_full_ipid_fail(self):
        csr = x509_csr.X509Csr()
        ext = x509_ext.X509ExtensionSubjectAltName()
        ext.add_ip(netaddr.IPAddress('4.3.2.1'))
        csr.add_extension(ext)

        with self.assertRaises(errors.ValidationError):
            custom.whitelist_names(csr=csr, allow_ip_id=True,
                                   names=['1.2.3.4'])
Example #5
0
    def test_whitelist_names_empty_list(self):
        # empty whitelist should block everything
        csr = self._csr_with_san_dns('example.com')

        with self.assertRaises(errors.ValidationError):
            custom.whitelist_names(
                csr=csr,
                domains=[],
            )
Example #6
0
    def test_whitelist_names_full_ipid_fail(self):
        csr = x509_csr.X509Csr()
        ext = x509_ext.X509ExtensionSubjectAltName()
        ext.add_ip(netaddr.IPAddress('4.3.2.1'))
        csr.add_extension(ext)

        with self.assertRaises(errors.ValidationError):
            custom.whitelist_names(csr=csr,
                                   allow_ip_id=True,
                                   names=['1.2.3.4'])
Example #7
0
 def test_whitelist_names_full_dnsid_fail(self):
     csr = self._csr_with_san_dns('bad.example.com')
     with self.assertRaises(errors.ValidationError):
         custom.whitelist_names(csr=csr, allow_dns_id=True,
                                names=['good.example.com'])
Example #8
0
 def test_whitelist_names_partial_dnsid_match(self):
     csr = self._csr_with_san_dns('good-123.example.com')
     custom.whitelist_names(csr=csr, allow_dns_id=True,
                            names=['good-%.example.com'])
Example #9
0
 def test_whitelist_names_full_dnsid_match(self):
     csr = self._csr_with_san_dns('example.com')
     custom.whitelist_names(csr=csr, allow_dns_id=True,
                            names=['example.com'])
Example #10
0
 def test_whitelist_names_full_dnsid_match(self):
     csr = self._csr_with_san_dns('example.com')
     custom.whitelist_names(csr=csr,
                            allow_dns_id=True,
                            names=['example.com'])
Example #11
0
 def test_whitelist_names_cn_partial_name_fail(self):
     csr = self._csr_with_cn("bad.example.com")
     with self.assertRaises(errors.ValidationError):
         custom.whitelist_names(csr=csr, allow_cn_id=True,
                                names=[".good.example.com"])
Example #12
0
 def test_whitelist_names_cn_ip_net_fail(self):
     csr = self._csr_with_cn("4.3.2.1")
     with self.assertRaises(errors.ValidationError):
         custom.whitelist_names(csr=csr, allow_cn_id=True, names=["1/8"])
Example #13
0
 def test_whitelist_names_cn_ip_net_match(self):
     csr = self._csr_with_cn("1.2.3.4")
     custom.whitelist_names(csr=csr, allow_cn_id=True, names=["1/8"])
Example #14
0
 def test_whitelist_names_cn_ip_net_fail(self):
     csr = self._csr_with_cn("4.3.2.1")
     with self.assertRaises(errors.ValidationError):
         custom.whitelist_names(csr=csr, allow_cn_id=True, names=["1/8"])
Example #15
0
 def test_whitelist_names_full_dnsid_fail(self):
     csr = self._csr_with_san_dns('bad.example.com')
     with self.assertRaises(errors.ValidationError):
         custom.whitelist_names(csr=csr,
                                allow_dns_id=True,
                                names=['good.example.com'])
Example #16
0
 def test_whitelist_names_partial_dnsid_match(self):
     csr = self._csr_with_san_dns('good-123.example.com')
     custom.whitelist_names(csr=csr,
                            allow_dns_id=True,
                            names=['good-%.example.com'])
Example #17
0
 def test_whitelist_names_cn_not_allowed(self):
     csr = self._csr_with_cn("bad.example.com")
     with self.assertRaises(errors.ValidationError):
         custom.whitelist_names(csr=csr, names=[],)
Example #18
0
 def test_whitelist_names_cn_partial_name_fail(self):
     csr = self._csr_with_cn("bad.example.com")
     with self.assertRaises(errors.ValidationError):
         custom.whitelist_names(csr=csr,
                                allow_cn_id=True,
                                names=[".good.example.com"])
Example #19
0
 def test_whitelist_names_cn_ip_net_match(self):
     csr = self._csr_with_cn("1.2.3.4")
     custom.whitelist_names(csr=csr, allow_cn_id=True, names=["1/8"])
Example #20
0
 def test_whitelist_names_cn_partial_name_match(self):
     csr = self._csr_with_cn("good.example.com")
     custom.whitelist_names(csr=csr,
                            allow_cn_id=True,
                            names=["%.example.com"])
Example #21
0
 def test_whitelist_names_cn_partial_name_match(self):
     csr = self._csr_with_cn("good.example.com")
     custom.whitelist_names(csr=csr, allow_cn_id=True,
                            names=["%.example.com"])
Example #22
0
    def test_whitelist_names_empty_list(self):
        # empty whitelist should block everything
        csr = self._csr_with_san_dns('example.com')

        with self.assertRaises(errors.ValidationError):
            custom.whitelist_names(csr=csr, domains=[],)