def test_create_self_signed_cert_permissions_on_csr_cert_and_key( tmpdir, tls_test_data): ca_name = "test_ca" certp = (tmpdir.join(ca_name).join("certs").join("{}.crt".format( tls_test_data["create_ca"]["CN"])).strpath) keyp = (tmpdir.join(ca_name).join("certs").join("{}.key".format( tls_test_data["create_ca"]["CN"])).strpath) mock_opt = MagicMock(return_value=tmpdir) mock_ret = MagicMock(return_value=0) mock_pgt = MagicMock(return_value=False) with patch.dict( tls.__salt__, { "config.option": mock_opt, "cmd.retcode": mock_ret, "pillar.get": mock_pgt }, ), patch.dict(tls.__opts__, { "hash_type": "sha256", "cachedir": tmpdir }): tls.create_self_signed_cert(ca_name, days=365, **tls_test_data["create_ca"]) certp_mode = os.stat(certp).st_mode & 0o7777 keyp_mode = os.stat(keyp).st_mode & 0o7777 assert 0o644 == certp_mode assert 0o600 == keyp_mode
def test_create_self_signed_cert_permissions_on_csr_cert_and_key( tmp_path, tls_test_data): ca_name = "test_ca" certp = (tmp_path / ca_name / "certs" / "{}.crt".format(tls_test_data["create_ca"]["CN"])) keyp = (tmp_path / ca_name / "certs" / "{}.key".format(tls_test_data["create_ca"]["CN"])) mock_opt = MagicMock(return_value=str(tmp_path)) mock_ret = MagicMock(return_value=0) mock_pgt = MagicMock(return_value=False) with patch.dict( tls.__salt__, { "config.option": mock_opt, "cmd.retcode": mock_ret, "pillar.get": mock_pgt }, ), patch.dict(tls.__opts__, { "hash_type": "sha256", "cachedir": str(tmp_path) }): tls.create_self_signed_cert(ca_name, days=365, **tls_test_data["create_ca"]) assert certp.stat().st_mode & 0o7777 == 0o644 assert keyp.stat().st_mode & 0o7777 == 0o600
def test_recreate_self_signed_cert(self): ''' Test creating self signed certificate when one already exists ''' ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR) try: tls_dir = 'test_tls' certp = '{0}/{1}/certs/{2}.crt'.format( ca_path, tls_dir, _TLS_TEST_DATA['create_ca']['CN']) certk = '{0}/{1}/certs/{2}.key'.format( ca_path, tls_dir, _TLS_TEST_DATA['create_ca']['CN']) ret = ('Created Private Key: "{0}." ' 'Created Certificate: "{1}."').format(certk, certp) mock_opt = MagicMock(return_value=ca_path) with patch.dict(tls.__salt__, {'config.option': mock_opt}): with patch.dict(tls.__opts__, { 'hash_type': 'sha256', 'cachedir': ca_path }): self.assertEqual( tls.create_self_signed_cert( tls_dir=tls_dir, days=365, **_TLS_TEST_DATA['create_ca']), ret) finally: if os.path.isdir(ca_path): shutil.rmtree(ca_path)
def test_create_self_signed_cert(self): ''' Test creating self signed certificate ''' ca_path = tempfile.mkdtemp(dir=TMP) try: tls_dir = 'test_tls' certp = '{0}/{1}/certs/{2}.crt'.format( ca_path, tls_dir, _TLS_TEST_DATA['create_ca']['CN']) certk = '{0}/{1}/certs/{2}.key'.format( ca_path, tls_dir, _TLS_TEST_DATA['create_ca']['CN']) ret = ('Created Private Key: "{0}." ' 'Created Certificate: "{1}."').format(certk, certp) mock_opt = MagicMock(return_value=ca_path) with patch.dict(tls.__salt__, {'config.option': mock_opt}), \ patch.dict(tls.__opts__, {'hash_type': 'sha256', 'cachedir': ca_path}), \ patch('salt.modules.tls.maybe_fix_ssl_version', MagicMock(return_value=True)): self.assertEqual( tls.create_self_signed_cert(tls_dir=tls_dir, days=365, **_TLS_TEST_DATA['create_ca']), ret) finally: if os.path.isdir(ca_path): shutil.rmtree(ca_path)
def test_recreate_self_signed_cert(self, ca_path): ''' Test creating self signed certificate when one already exists ''' tls_dir = 'test_tls' certp = '{0}/{1}/certs/{2}.crt'.format( ca_path, tls_dir, _TLS_TEST_DATA['create_ca']['CN']) certk = '{0}/{1}/certs/{2}.key'.format( ca_path, tls_dir, _TLS_TEST_DATA['create_ca']['CN']) ret = ('Created Private Key: "{0}." ' 'Created Certificate: "{1}."').format( certk, certp) mock_opt = MagicMock(return_value=ca_path) with patch.dict(tls.__salt__, {'config.option': mock_opt}), \ patch.dict(tls.__opts__, {'hash_type': 'sha256', 'cachedir': ca_path}), \ patch('salt.modules.tls.maybe_fix_ssl_version', MagicMock(return_value=True)): self.assertEqual( tls.create_self_signed_cert( tls_dir=tls_dir, days=365, **_TLS_TEST_DATA['create_ca']), ret)
def test_recreate_self_signed_cert(self, ca_path): """ Test creating self signed certificate when one already exists """ tls_dir = "test_tls" certp = "{}/{}/certs/{}.crt".format( ca_path, tls_dir, _TLS_TEST_DATA["create_ca"]["CN"] ) certk = "{}/{}/certs/{}.key".format( ca_path, tls_dir, _TLS_TEST_DATA["create_ca"]["CN"] ) ret = 'Created Private Key: "{}." Created Certificate: "{}."'.format( certk, certp ) mock_opt = MagicMock(return_value=ca_path) with patch.dict(tls.__salt__, {"config.option": mock_opt}), patch.dict( tls.__opts__, {"hash_type": "sha256", "cachedir": ca_path} ), patch( "salt.modules.tls.maybe_fix_ssl_version", MagicMock(return_value=True) ): self.assertEqual( tls.create_self_signed_cert( tls_dir=tls_dir, days=365, **_TLS_TEST_DATA["create_ca"] ), ret, )
def test_recreate_self_signed_cert(self): ''' Test creating self signed certificate when one already exists ''' ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR) try: tls_dir = 'test_tls' certp = '{0}/{1}/certs/{2}.crt'.format( ca_path, tls_dir, _TLS_TEST_DATA['create_ca']['CN']) certk = '{0}/{1}/certs/{2}.key'.format( ca_path, tls_dir, _TLS_TEST_DATA['create_ca']['CN']) ret = ('Created Private Key: "{0}." ' 'Created Certificate: "{1}."').format( certk, certp) mock_opt = MagicMock(return_value=ca_path) with patch.dict(tls.__salt__, {'config.option': mock_opt}): with patch.dict(tls.__opts__, {'hash_type': 'sha256', 'cachedir': ca_path}): self.assertEqual( tls.create_self_signed_cert( tls_dir=tls_dir, days=365, **_TLS_TEST_DATA['create_ca']), ret) finally: if os.path.isdir(ca_path): shutil.rmtree(ca_path)