def test_put_certificate_fail(self):
mock_connectionection = Mock()
mock_connectionection.call.return_value = {
'ET_BAPIRET2': [{
'TYPE': 'E',
'MESSAGE': 'Put has failed'
}]
}
ssl_storage = SSLCertStorage(mock_connectionection, 'PUTERR', 'TEST')
with self.assertRaises(PutCertificateError) as cm:
ssl_storage.put_certificate('plain old data')
self.assertEquals(mock_connectionection.call.call_args_list, [
mock.call('SSFR_PUT_CERTIFICATE',
IS_STRUST_IDENTITY={
'PSE_CONTEXT': 'PUTERR',
'PSE_APPLIC': 'TEST'
},
IV_CERTIFICATE=u'plain old data')
])
self.assertEquals(
str(cm.exception),
'Failed to put the CERT to the SSL Storage PUTERR/TEST: '
'Put has failed')
def test_put_certificate_fail_and_return_msg(self):
mock_connectionection = Mock()
mock_connectionection.call.return_value = {
'ET_BAPIRET2': [{
'TYPE': 'E',
'NUMBER': '522',
'MESSAGE': 'Put has failed'
}]
}
ssl_storage = SSLCertStorage(mock_connectionection, 'PUTERR', 'TEST')
result = ssl_storage.put_certificate('plain old data')
self.assertEqual(result,
'SSFR_PUT_CERTIFICATE reported Error 522 - ' \
'probably already exists (check manually): Put has failed'
)
self.assertEqual(mock_connectionection.call.call_args_list, [
mock.call('SSFR_PUT_CERTIFICATE',
IS_STRUST_IDENTITY={
'PSE_CONTEXT': 'PUTERR',
'PSE_APPLIC': 'TEST'
},
IV_CERTIFICATE=u'plain old data')
])
def putcertificate(connection, args):
"""Uploads X.509 Base64 certificates into SAP to enable SSL peer verification
of remote servers
Exceptions:
- SAPCliError:
- when the given storage does not belong to the storage white list
- when identity argument has invalid format
"""
identities = []
for storage in args.storage:
if storage in (CLIENT_ANONYMOUS, CLIENT_STANDART):
identities.append(IDENTITY_MAPPING[storage])
else:
raise SAPCliError(f'Unknown storage: {storage}')
for identity in args.identity:
try:
identities.append(Identity(*identity.split('/')))
except (ValueError, TypeError):
# pylint: disable=raise-missing-from
raise SAPCliError('Invalid identity format')
ssl_storages = []
for identity in identities:
ssl_storage = SSLCertStorage(connection, identity.pse_context, identity.pse_applic)
if not ssl_storage.exists():
ssl_storage.create(
alg=args.algorithm,
keylen=args.key_length,
dn=args.dn
)
logging.debug('SSL Storage is OK: %s', ssl_storage)
ssl_storages.append(ssl_storage)
for file_path in args.paths:
logging.info('Processing the file: %s', file_path)
with open(file_path, 'rb') as cert_file:
cert_contents = cert_file.read()
for ssl_storage in ssl_storages:
logging.info('Adding the file: %s to %s', file_path, ssl_storage)
logging.info(ssl_storage.put_certificate(cert_contents))
logging.info('Notifying ICM ... ')
notify_icm_changed_pse(connection)
for updated_storage in ssl_storages:
logging.info('Certificates of %s:', str(updated_storage))
for cert in iter_storage_certificates(updated_storage):
logging.info('* %s', cert['EV_SUBJECT'])
def test_put_certificate(self):
mock_connectionection = Mock()
mock_connectionection.call.return_value = {'ET_BAPIRET2': []}
ssl_storage = SSLCertStorage(mock_connectionection, 'PUTOK', 'TEST')
result = ssl_storage.put_certificate('plain old data')
self.assertEqual(result, 'OK')
self.assertEqual(mock_connectionection.call.call_args_list, [
mock.call('SSFR_PUT_CERTIFICATE',
IS_STRUST_IDENTITY={
'PSE_CONTEXT': 'PUTOK',
'PSE_APPLIC': 'TEST'
},
IV_CERTIFICATE=u'plain old data')
])