def test_dsrc_saslmech(): write_inf(""" [localhost] uri = ldaps://localhost:636 saslmech = INVALID_MECH """) # Parse it and assert the content with pytest.raises(Exception): i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) write_inf(""" [localhost] uri = ldaps://localhost:636 saslmech = EXTERNAL """) # Parse it and assert the content i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) assert (i['saslmech'] == 'EXTERNAL') write_inf(""" [localhost] uri = ldaps://localhost:636 saslmech = PLAIN """) # Parse it and assert the content i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) assert (i['saslmech'] == 'PLAIN')
def health_check_run(inst, log, args): """Connect to the local server using LDAPI, and perform various health checks """ if args.list_errors: _list_errors(log) return # update the args for connect_instance() args.basedn = None args.binddn = None args.bindpw = None args.starttls = None args.pwdfile = None args.prompt = False dsrc_inst = dsrc_to_ldap(DSRC_HOME, args.instance, log.getChild('dsrc')) dsrc_inst = dsrc_arg_concat(args, dsrc_inst) try: inst = connect_instance(dsrc_inst=dsrc_inst, verbose=args.verbose, args=args) except Exception as e: raise ValueError('Failed to connect to Directory Server instance: ' + str(e)) checks = args.check or dict(_list_targets(inst)).keys() if args.list_checks or args.dry_run: _print_checks(inst, log, checks) return _run(inst, log, args, _list_checks(inst, checks)) disconnect_instance(inst)
def test_dsrc_single_section(): # Write out inf. write_inf(""" [localhost] """) # Parse it and assert the content with pytest.raises(configparser.NoOptionError): i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) write_inf(""" [localhost] uri = ldaps://localhost:636 """) # Parse it and assert the content i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) assert (i == { 'uri': 'ldaps://localhost:636', 'basedn': None, 'binddn': None, 'saslmech': None, 'tls_cacertdir': None, 'tls_cert': None, 'tls_key': None, 'tls_reqcert': ldap.OPT_X_TLS_HARD, 'starttls': False }) write_inf(""" [localhost] uri = ldaps://localhost:636 basedn = dc=example,dc=com binddn = cn=Directory Manager starttls = true """) # Parse it and assert the content i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) assert (i == { 'uri': 'ldaps://localhost:636', 'basedn': 'dc=example,dc=com', 'binddn': 'cn=Directory Manager', 'saslmech': None, 'tls_cacertdir': None, 'tls_cert': None, 'tls_key': None, 'tls_reqcert': ldap.OPT_X_TLS_HARD, 'starttls': True })
def test_dsrc_two_section(): write_inf(""" [localhost] uri = ldaps://localhost:636 [localhost2] uri = ldaps://localhost:6362 """) # Parse it and assert the content i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) assert (i == { 'uri': 'ldaps://localhost:636', 'basedn': None, 'binddn': None, 'saslmech': None, 'tls_cacertdir': None, 'tls_cert': None, 'tls_key': None, 'tls_reqcert': ldap.OPT_X_TLS_HARD, 'starttls': False }) i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost2', log) assert (i == { 'uri': 'ldaps://localhost:6362', 'basedn': None, 'binddn': None, 'saslmech': None, 'tls_cacertdir': None, 'tls_cert': None, 'tls_key': None, 'tls_reqcert': ldap.OPT_X_TLS_HARD, 'starttls': False }) # Section doesn't exist i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost3', log) assert (i is None)
def test_dsrc_reqcert(): write_inf(""" [localhost] uri = ldaps://localhost:636 tls_reqcert = invalid """) # Parse it and assert the content with pytest.raises(Exception): i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) write_inf(""" [localhost] uri = ldaps://localhost:636 tls_reqcert = hard """) # Parse it and assert the content i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) assert (i['tls_reqcert'] == ldap.OPT_X_TLS_HARD) write_inf(""" [localhost] uri = ldaps://localhost:636 tls_reqcert = allow """) # Parse it and assert the content i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) assert (i['tls_reqcert'] == ldap.OPT_X_TLS_ALLOW) write_inf(""" [localhost] uri = ldaps://localhost:636 tls_reqcert = never """) # Parse it and assert the content i = dsrc_to_ldap('/tmp/dsrc_test.inf', 'localhost', log) assert (i['tls_reqcert'] == ldap.OPT_X_TLS_NEVER)