Esempio n. 1
0
    def test_transform_error(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.return_value = self.mock_tmpfile
        self.mock_runner.run.return_value = ("stdout", "tool output error", 1)

        assert_raise_library_error(
            lambda: lib.client_cert_request_to_pk12(
                self.mock_runner, "certificate request"
            ),
            (
                severity.ERROR,
                report_codes.QDEVICE_CERTIFICATE_IMPORT_ERROR,
                {
                    "reason": "tool output error\nstdout",
                },
            ),
        )

        mock_tmp_store.assert_called_once_with(
            "certificate request",
            reports.messages.QdeviceCertificateImportError,
        )
        self.mock_runner.run.assert_called_once_with(
            [_client_cert_tool, "-M", "-c", self.mock_tmpfile.name]
        )
        mock_get_cert.assert_not_called()
Esempio n. 2
0
    def test_transform_error(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.return_value = self.mock_tmpfile
        self.mock_runner.run.return_value = ("stdout", "tool output error", 1)

        assert_raise_library_error(
            lambda: lib.client_cert_request_to_pk12(
                self.mock_runner,
                "certificate request"
            ),
            (
                severity.ERROR,
                report_codes.QDEVICE_CERTIFICATE_IMPORT_ERROR,
                {
                    "reason": "tool output error\nstdout",
                }
            )
        )

        mock_tmp_store.assert_called_once_with(
            "certificate request",
            reports.qdevice_certificate_import_error
        )
        self.mock_runner.run.assert_called_once_with([
            _client_cert_tool, "-M", "-c", self.mock_tmpfile.name
        ])
        mock_get_cert.assert_not_called()
Esempio n. 3
0
 def test_not_initialized(self, mock_tmp_store, mock_get_cert):
     assert_raise_library_error(
         lambda: lib.client_cert_request_to_pk12(self.mock_runner,
                                                 "certificate request"),
         (severity.ERROR, report_codes.QDEVICE_NOT_INITIALIZED, {
             "model": "net",
         }))
     mock_tmp_store.assert_not_called()
     self.mock_runner.run.assert_not_called()
     mock_get_cert.assert_not_called()
Esempio n. 4
0
    def test_input_write_error(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.side_effect = LibraryError

        self.assertRaises(
            LibraryError, lambda: lib.client_cert_request_to_pk12(
                self.mock_runner, "certificate request"))

        mock_tmp_store.assert_called_once_with(
            "certificate request", reports.qdevice_certificate_import_error)
        self.mock_runner.run.assert_not_called()
        mock_get_cert.assert_not_called()
Esempio n. 5
0
def _add_device_model_net(
    lib_env, qnetd_host, cluster_name, cluster_nodes, skip_offline_nodes
):
    """
    setup cluster nodes for using qdevice model net
    string qnetd_host address of qdevice provider (qnetd host)
    string cluster_name name of the cluster to which qdevice is being added
    NodeAddressesList cluster_nodes list of cluster nodes addresses
    bool skip_offline_nodes continue even if not all nodes are accessible
    """
    runner = lib_env.cmd_runner()
    reporter = lib_env.report_processor
    target_factory = lib_env.get_node_target_factory()
    qnetd_target = target_factory.get_target_from_hostname(qnetd_host)
    target_list = target_factory.get_target_list(cluster_nodes)

    reporter.process(
        reports.qdevice_certificate_distribution_started()
    )
    # get qnetd CA certificate
    com_cmd = qdevice_net_com.GetCaCert(reporter)
    com_cmd.set_targets([qnetd_target])
    qnetd_ca_cert = run_and_raise(
        lib_env.get_node_communicator(), com_cmd
    )[0][1]
    # init certificate storage on all nodes
    com_cmd = qdevice_net_com.ClientSetup(
        reporter, qnetd_ca_cert, skip_offline_nodes
    )
    com_cmd.set_targets(target_list)
    run_and_raise(lib_env.get_node_communicator(), com_cmd)
    # create client certificate request
    cert_request = qdevice_net.client_generate_certificate_request(
        runner,
        cluster_name
    )
    # sign the request on qnetd host
    com_cmd = qdevice_net_com.SignCertificate(reporter)
    com_cmd.add_request(qnetd_target, cert_request, cluster_name)
    signed_certificate = run_and_raise(
        lib_env.get_node_communicator(), com_cmd
    )[0][1]
    # transform the signed certificate to pk12 format which can sent to nodes
    pk12 = qdevice_net.client_cert_request_to_pk12(runner, signed_certificate)
    # distribute final certificate to nodes
    com_cmd = qdevice_net_com.ClientImportCertificateAndKey(
        reporter, pk12, skip_offline_nodes
    )
    com_cmd.set_targets(target_list)
    run_and_raise(lib_env.get_node_communicator(), com_cmd)
Esempio n. 6
0
    def test_output_read_error(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.return_value = self.mock_tmpfile
        self.mock_runner.run.return_value = ("tool output", "", 0)
        mock_get_cert.side_effect = LibraryError

        self.assertRaises(
            LibraryError, lambda: lib.client_cert_request_to_pk12(
                self.mock_runner, "certificate request"))

        mock_tmp_store.assert_called_once_with(
            "certificate request", reports.qdevice_certificate_import_error)
        self.mock_runner.run.assert_called_once_with(
            [_client_cert_tool, "-M", "-c", self.mock_tmpfile.name])
        mock_get_cert.assert_called_once_with(
            "tool output", reports.qdevice_certificate_import_error)
Esempio n. 7
0
    def test_success(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.return_value = self.mock_tmpfile
        self.mock_runner.run.return_value = ("tool output", "", 0)
        mock_get_cert.return_value = "new certificate".encode("utf-8")

        result = lib.client_cert_request_to_pk12(self.mock_runner,
                                                 "certificate request")
        self.assertEqual(result, mock_get_cert.return_value)

        mock_tmp_store.assert_called_once_with(
            "certificate request", reports.qdevice_certificate_import_error)
        self.mock_runner.run.assert_called_once_with(
            [_client_cert_tool, "-M", "-c", self.mock_tmpfile.name])
        mock_get_cert.assert_called_once_with(
            "tool output", reports.qdevice_certificate_import_error)
Esempio n. 8
0
def _add_device_model_net(lib_env, qnetd_host, cluster_name, cluster_nodes,
                          skip_offline_nodes):
    """
    setup cluster nodes for using qdevice model net
    string qnetd_host address of qdevice provider (qnetd host)
    string cluster_name name of the cluster to which qdevice is being added
    NodeAddressesList cluster_nodes list of cluster nodes addresses
    bool skip_offline_nodes continue even if not all nodes are accessible
    """
    communicator = lib_env.node_communicator()
    runner = lib_env.cmd_runner()
    reporter = lib_env.report_processor

    reporter.process(reports.qdevice_certificate_distribution_started())
    # get qnetd CA certificate
    try:
        qnetd_ca_cert = qdevice_net.remote_qdevice_get_ca_certificate(
            communicator, qnetd_host)
    except NodeCommunicationException as e:
        raise LibraryError(node_communicator_exception_to_report_item(e))
    # init certificate storage on all nodes
    parallel_nodes_communication_helper(
        qdevice_net.remote_client_setup,
        [((communicator, node, qnetd_ca_cert), {})
         for node in cluster_nodes], reporter, skip_offline_nodes)
    # create client certificate request
    cert_request = qdevice_net.client_generate_certificate_request(
        runner, cluster_name)
    # sign the request on qnetd host
    try:
        signed_certificate = qdevice_net.remote_sign_certificate_request(
            communicator, qnetd_host, cert_request, cluster_name)
    except NodeCommunicationException as e:
        raise LibraryError(node_communicator_exception_to_report_item(e))
    # transform the signed certificate to pk12 format which can sent to nodes
    pk12 = qdevice_net.client_cert_request_to_pk12(runner, signed_certificate)

    # distribute final certificate to nodes
    def do_and_report(reporter, communicator, node, pk12):
        qdevice_net.remote_client_import_certificate_and_key(
            communicator, node, pk12)
        reporter.process(
            reports.qdevice_certificate_accepted_by_node(node.label))

    parallel_nodes_communication_helper(
        do_and_report, [((reporter, communicator, node, pk12), {})
                        for node in cluster_nodes], reporter,
        skip_offline_nodes)
Esempio n. 9
0
    def test_input_write_error(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.side_effect = LibraryError

        self.assertRaises(
            LibraryError,
            lambda: lib.client_cert_request_to_pk12(
                self.mock_runner,
                "certificate request"
            )
        )

        mock_tmp_store.assert_called_once_with(
            "certificate request",
            reports.qdevice_certificate_import_error
        )
        self.mock_runner.run.assert_not_called()
        mock_get_cert.assert_not_called()
Esempio n. 10
0
 def test_not_initialized(self, mock_tmp_store, mock_get_cert):
     assert_raise_library_error(
         lambda: lib.client_cert_request_to_pk12(
             self.mock_runner,
             "certificate request"
         ),
         (
             severity.ERROR,
             report_codes.QDEVICE_NOT_INITIALIZED,
             {
                 "model": "net",
             }
         )
     )
     mock_tmp_store.assert_not_called()
     self.mock_runner.run.assert_not_called()
     mock_get_cert.assert_not_called()
Esempio n. 11
0
    def test_success(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.return_value = self.mock_tmpfile
        self.mock_runner.run.return_value = ("tool output", "", 0)
        mock_get_cert.return_value = "new certificate".encode("utf-8")

        result = lib.client_cert_request_to_pk12(
            self.mock_runner,
            "certificate request"
        )
        self.assertEqual(result, mock_get_cert.return_value)

        mock_tmp_store.assert_called_once_with(
            "certificate request",
            reports.qdevice_certificate_import_error
        )
        self.mock_runner.run.assert_called_once_with([
            _client_cert_tool, "-M", "-c", self.mock_tmpfile.name
        ])
        mock_get_cert.assert_called_once_with(
            "tool output",
            reports.qdevice_certificate_import_error
        )
Esempio n. 12
0
    def test_output_read_error(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.return_value = self.mock_tmpfile
        self.mock_runner.run.return_value = ("tool output", "", 0)
        mock_get_cert.side_effect = LibraryError

        self.assertRaises(
            LibraryError,
            lambda: lib.client_cert_request_to_pk12(self.mock_runner,
                                                    "certificate request"),
        )

        mock_tmp_store.assert_called_once_with(
            "certificate request",
            reports.messages.QdeviceCertificateImportError,
        )
        self.mock_runner.run.assert_called_once_with(
            [_client_cert_tool, "-M", "-c", self.mock_tmpfile.name])
        self.assertEqual("tool output", mock_get_cert.call_args[0][0])
        self.assertEqual(
            reports.messages.QdeviceCertificateImportError("tool output"),
            mock_get_cert.call_args[0][1]("tool output"),
        )
Esempio n. 13
0
    def test_output_read_error(self, mock_tmp_store, mock_get_cert):
        mock_tmp_store.return_value = self.mock_tmpfile
        self.mock_runner.run.return_value = ("tool output", "", 0)
        mock_get_cert.side_effect = LibraryError

        self.assertRaises(
            LibraryError,
            lambda: lib.client_cert_request_to_pk12(
                self.mock_runner,
                "certificate request"
            )
        )

        mock_tmp_store.assert_called_once_with(
            "certificate request",
            reports.qdevice_certificate_import_error
        )
        self.mock_runner.run.assert_called_once_with([
            _client_cert_tool, "-M", "-c", self.mock_tmpfile.name
        ])
        mock_get_cert.assert_called_once_with(
            "tool output",
            reports.qdevice_certificate_import_error
        )
Esempio n. 14
0
def _add_device_model_net(
    lib_env, qnetd_host, cluster_name, cluster_nodes, skip_offline_nodes
):
    """
    setup cluster nodes for using qdevice model net
    string qnetd_host address of qdevice provider (qnetd host)
    string cluster_name name of the cluster to which qdevice is being added
    NodeAddressesList cluster_nodes list of cluster nodes addresses
    bool skip_offline_nodes continue even if not all nodes are accessible
    """
    communicator = lib_env.node_communicator()
    runner = lib_env.cmd_runner()
    reporter = lib_env.report_processor

    reporter.process(
        reports.qdevice_certificate_distribution_started()
    )
    # get qnetd CA certificate
    try:
        qnetd_ca_cert = qdevice_net.remote_qdevice_get_ca_certificate(
            communicator,
            qnetd_host
        )
    except NodeCommunicationException as e:
        raise LibraryError(
            node_communicator_exception_to_report_item(e)
        )
    # init certificate storage on all nodes
    parallel_nodes_communication_helper(
        qdevice_net.remote_client_setup,
        [
            ((communicator, node, qnetd_ca_cert), {})
            for node in cluster_nodes
        ],
        reporter,
        skip_offline_nodes
    )
    # create client certificate request
    cert_request = qdevice_net.client_generate_certificate_request(
        runner,
        cluster_name
    )
    # sign the request on qnetd host
    try:
        signed_certificate = qdevice_net.remote_sign_certificate_request(
            communicator,
            qnetd_host,
            cert_request,
            cluster_name
        )
    except NodeCommunicationException as e:
        raise LibraryError(
            node_communicator_exception_to_report_item(e)
        )
    # transform the signed certificate to pk12 format which can sent to nodes
    pk12 = qdevice_net.client_cert_request_to_pk12(runner, signed_certificate)
    # distribute final certificate to nodes
    def do_and_report(reporter, communicator, node, pk12):
        qdevice_net.remote_client_import_certificate_and_key(
            communicator, node, pk12
        )
        reporter.process(
            reports.qdevice_certificate_accepted_by_node(node.label)
        )
    parallel_nodes_communication_helper(
        do_and_report,
        [
            ((reporter, communicator, node, pk12), {})
            for node in cluster_nodes
        ],
        reporter,
        skip_offline_nodes
    )