def test_clear_both(self):
# setup
repoid = 'repo1'
self.test_repo_first_time(repoid)
ca = None
client = None
cf = CertFiles(TEST_CERT_ROOT_DIR, repoid)
cf.update(ca, client)
capath, clientpath = cf.apply()
#verify
rootdir = os.path.join(TEST_CERT_ROOT_DIR, repoid)
self.assertFalse(os.path.exists(rootdir))
def test_clear_client(self):
# setup
repoid = 'repo1'
self.test_repo_first_time(repoid)
ca = 'MY-NEW-CA-CERT'
client = None
cf = CertFiles(TEST_CERT_ROOT_DIR, repoid)
cf.update(ca, client)
capath, clientpath = cf.apply()
#verify
rootdir = os.path.join(TEST_CERT_ROOT_DIR, repoid)
self.assertTrue(os.path.exists(rootdir))
self.assertEqual(capath, os.path.join(rootdir, CertFiles.CA))
self.assertEqual(len(os.listdir(rootdir)), 1)
f = open(capath)
pem = f.read()
f.close()
self.assertEqual(pem, ca)
def test_repo_first_time(self, repoid='repo1'):
# setup
repoid = 'repo1'
ca = 'MY-CA-CERT'
client = 'MY-CLIENT-KEY_AND_CERT'
cf = CertFiles(TEST_CERT_ROOT_DIR, repoid)
cf.update(ca, client)
capath, clientpath = cf.apply()
#verify
rootdir = os.path.join(TEST_CERT_ROOT_DIR, repoid)
self.assertTrue(os.path.exists(rootdir))
self.assertEqual(capath, os.path.join(rootdir, CertFiles.CA))
self.assertEqual(clientpath, os.path.join(rootdir, CertFiles.CLIENT))
for path, content in ((capath, ca),(clientpath, client)):
f = open(path)
pem = f.read()
f.close()
self.assertEqual(pem, content)
def _handle_certs(repo, rootdir, cacert, clientcert):
"""
Handle x.509 certificates that were specified with the repo.
The cert files will be written to disk, deleting any existing
files that were there. The repo object will be updated with any
values related to the stored certificates.
"""
certificates = CertFiles(rootdir, repo.id)
certificates.update(cacert, clientcert)
capath, clientpath = certificates.apply()
# CA certificate
if cacert:
repo['sslcacert'] = capath
repo['sslverify'] = '1'
else:
repo['sslverify'] = '0'
# client certificate
if clientcert:
repo['sslclientcert'] = clientpath
