コード例 #1
0
 def setUp(self):
   testutils.GanetiTestCase.setUp(self)
   # certificate file that contains the certificate only
   self._certfilename1 = testutils.TestDataFilename("cert1.pem")
   # (different) certificate file that contains both, certificate
   # and private key
   self._certfilename2 = testutils.TestDataFilename("cert2.pem")
コード例 #2
0
    def testMismatchInNodeCert(self):
        cert1_path = testutils.TestDataFilename("cert1.pem")
        cert2_path = testutils.TestDataFilename("cert2.pem")
        tmpfile = utils.PathJoin(self.tmpdir, "cert")

        # Extract certificate
        cert1 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                                utils.ReadFile(cert1_path))
        cert1_pem = OpenSSL.crypto.dump_certificate(
            OpenSSL.crypto.FILETYPE_PEM, cert1)

        # Extract mismatching key
        key2 = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM,
                                              utils.ReadFile(cert2_path))
        key2_pem = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM,
                                                  key2)

        # Write to file
        utils.WriteFile(tmpfile, data=cert1_pem + key2_pem)

        try:
            utils.CheckNodeCertificate(cert1, _noded_cert_file=tmpfile)
        except errors.X509CertError, err:
            self.assertEqual(
                err.args,
                (tmpfile, "Certificate does not match with private key"))
コード例 #3
0
class TestCgroupReadData(LXCHypervisorTestCase):
    cgroot = os.path.abspath(testutils.TestDataFilename("cgroup_root"))

    @patch_object(LXCHypervisor, "_CGROUP_ROOT_DIR", cgroot)
    def testGetCgroupMountPoint(self):
        self.assertEqual(self.hv._GetCgroupMountPoint(), self.cgroot)

    @patch_object(LXCHypervisor, "_PROC_SELF_CGROUP_FILE",
                  testutils.TestDataFilename("proc_cgroup.txt"))
    def testGetCurrentCgroupSubsysGroups(self):
        expected_groups = {
            "memory": "",  # root
            "cpuset": "some_group",
            "devices": "some_group",
        }
        self.assertEqual(self.hv._GetCurrentCgroupSubsysGroups(),
                         expected_groups)

    @patch_object(LXCHypervisor, "_GetOrPrepareCgroupSubsysMountPoint")
    @patch_object(LXCHypervisor, "_GetCurrentCgroupSubsysGroups")
    def testGetCgroupSubsysDir(self, getcgg_mock, getmp_mock):
        getmp_mock.return_value = "/cg"
        getcgg_mock.return_value = {"cpuset": "grp"}
        self.assertEqual(self.hv._GetCgroupSubsysDir("memory"), "/cg/lxc")
        self.assertEqual(self.hv._GetCgroupSubsysDir("cpuset"), "/cg/grp/lxc")

    @patch_object(LXCHypervisor, "_GetOrPrepareCgroupSubsysMountPoint")
    @patch_object(LXCHypervisor, "_GetCurrentCgroupSubsysGroups")
    def testGetCgroupParamPath(self, getcgg_mock, getmp_mock):
        getmp_mock.return_value = "/cg"
        getcgg_mock.return_value = {"cpuset": "grp"}
        self.assertEqual(
            self.hv._GetCgroupParamPath("memory.memsw.limit_in_bytes",
                                        instance_name="instance1"),
            "/cg/lxc/instance1/memory.memsw.limit_in_bytes")
        self.assertEqual(self.hv._GetCgroupParamPath("cpuset.cpus"),
                         "/cg/grp/lxc/cpuset.cpus")

    @patch_object(LXCHypervisor, "_GetCgroupSubsysDir")
    def testGetCgroupInstanceValue(self, getdir_mock):
        getdir_mock.return_value = utils.PathJoin(self.cgroot, "memory", "lxc")
        self.assertEqual(
            self.hv._GetCgroupInstanceValue("instance1",
                                            "memory.limit_in_bytes"), "128")
        getdir_mock.return_value = utils.PathJoin(self.cgroot, "cpuset",
                                                  "some_group", "lxc")
        self.assertEqual(
            self.hv._GetCgroupInstanceValue("instance1", "cpuset.cpus"), "0-1")

    @patch_object(LXCHypervisor, "_GetCgroupInstanceValue")
    def testGetCgroupCpuList(self, getval_mock):
        getval_mock.return_value = "0-1"
        self.assertEqual(self.hv._GetCgroupCpuList("instance1"), [0, 1])

    @patch_object(LXCHypervisor, "_GetCgroupInstanceValue")
    def testGetCgroupMemoryLimit(self, getval_mock):
        getval_mock.return_value = "128"
        self.assertEqual(self.hv._GetCgroupMemoryLimit("instance1"), 128)
コード例 #4
0
    def setUp(self):
        """Read in txt data"""
        testutils.GanetiTestCase.setUp(self)
        proc_data = testutils.TestDataFilename("proc_drbd8.txt")
        proc80e_data = testutils.TestDataFilename("proc_drbd80-emptyline.txt")
        proc83_data = testutils.TestDataFilename("proc_drbd83.txt")
        proc83_sync_data = testutils.TestDataFilename("proc_drbd83_sync.txt")
        proc83_sync_krnl_data = \
          testutils.TestDataFilename("proc_drbd83_sync_krnl2.6.39.txt")
        proc84_data = testutils.TestDataFilename("proc_drbd84.txt")
        proc84_sync_data = testutils.TestDataFilename("proc_drbd84_sync.txt")
        proc84_emptyfirst_data = \
          testutils.TestDataFilename("proc_drbd84_emptyfirst.txt")

        self.proc80ev_data = \
          testutils.TestDataFilename("proc_drbd80-emptyversion.txt")

        self.drbd_info = drbd.DRBD8Info.CreateFromFile(filename=proc_data)
        self.drbd_info80e = drbd.DRBD8Info.CreateFromFile(
            filename=proc80e_data)
        self.drbd_info83 = drbd.DRBD8Info.CreateFromFile(filename=proc83_data)
        self.drbd_info83_sync = \
          drbd.DRBD8Info.CreateFromFile(filename=proc83_sync_data)
        self.drbd_info83_sync_krnl = \
          drbd.DRBD8Info.CreateFromFile(filename=proc83_sync_krnl_data)
        self.drbd_info84 = drbd.DRBD8Info.CreateFromFile(filename=proc84_data)
        self.drbd_info84_sync = \
          drbd.DRBD8Info.CreateFromFile(filename=proc84_sync_data)
        self.drbd_info84_emptyfirst = \
          drbd.DRBD8Info.CreateFromFile(filename=proc84_emptyfirst_data)
コード例 #5
0
    def testGetLinuxNodeInfo(self):
        meminfo = testutils.TestDataFilename("proc_meminfo.txt")
        cpuinfo = testutils.TestDataFilename("proc_cpuinfo.txt")
        result = hv_base.BaseHypervisor.GetLinuxNodeInfo(meminfo, cpuinfo)

        self.assertEqual(result["memory_total"], 7686)
        self.assertEqual(result["memory_free"], 6272)
        self.assertEqual(result["memory_dom0"], 2722)
        self.assertEqual(result["cpu_total"], 4)
        self.assertEqual(result["cpu_nodes"], 1)
        self.assertEqual(result["cpu_sockets"], 1)
コード例 #6
0
  def testVerifyCertificate(self):
    security.VerifyCertificate(testutils.TestDataFilename("cert1.pem"))

    nonexist_filename = os.path.join(self.tmpdir, "does-not-exist")

    (errcode, msg) = security.VerifyCertificate(nonexist_filename)
    self.assertEqual(errcode, constants.CV_ERROR)

    # Try to load non-certificate file
    invalid_cert = testutils.TestDataFilename("bdev-net.txt")
    (errcode, msg) = security.VerifyCertificate(invalid_cert)
    self.assertEqual(errcode, constants.CV_ERROR)
コード例 #7
0
    def testMismatchingKey(self):
        other_cert = testutils.TestDataFilename("cert1.pem")
        node_cert = testutils.TestDataFilename("cert2.pem")

        cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                               utils.ReadFile(other_cert))

        try:
            utils.CheckNodeCertificate(cert, _noded_cert_file=node_cert)
        except errors.GenericError, err:
            self.assertEqual(
                str(err), "Given cluster certificate does not match local key")
コード例 #8
0
  def testNoPrivateKey(self):
    cert_filename = testutils.TestDataFilename("cert1.pem")
    cert_pem = utils.ReadFile(cert_filename)

    self.assertRaises(self.MyException,
                      common._VerifyCertificateStrong,
                      cert_pem, self.MyException, _check_fn=NotImplemented)
コード例 #9
0
  def testNoPrivateKey(self):
    cert_filename = testutils.TestDataFilename("cert1.pem")
    cert_pem = utils.ReadFile(cert_filename)

    self.assertRaises(errors.X509CertError,
                      node_daemon_setup._VerifyCertificate,
                      cert_pem, _check_fn=NotImplemented)
コード例 #10
0
 def testVerifyClientCertificateFailed(self, verif_cert):
   expected_errcode = 666
   verif_cert.return_value = (expected_errcode,
                              "The devil created this certificate.")
   cert_file = testutils.TestDataFilename("cert2.pem")
   (errcode, digest) = backend._VerifyClientCertificate(cert_file=cert_file)
   self.assertEqual(expected_errcode, errcode)
コード例 #11
0
  def testInputFileHandle(self):
    testfile = testutils.TestDataFilename("cert1.pem")

    result = utils.RunCmd(["cat"], input_fd=open(testfile, "r"))
    self.assertFalse(result.failed)
    self.assertEqual(result.stdout, utils.ReadFile(testfile))
    self.assertEqual(result.stderr, "")
コード例 #12
0
  def testReadAll(self):
    data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"))
    self.assertEqual(len(data), 814)

    h = compat.md5_hash()
    h.update(data)
    self.assertEqual(h.hexdigest(), "a491efb3efe56a0535f924d5f8680fd4")
コード例 #13
0
    def testCallback(self):
        def _Cb(fh):
            self.assertEqual(fh.tell(), 0)

        data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"),
                              preread=_Cb)
        self.assertEqual(len(data), 1229)
コード例 #14
0
    def testReadAll(self):
        data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"))
        self.assertEqual(len(data), 1229)

        h = compat.md5_hash()
        h.update(data)
        self.assertEqual(h.hexdigest(), "a02be485db0d82b70c0ae7913b26894e")
コード例 #15
0
 def testVerifyClientCertificateSuccess(self, verif_cert):
   # mock the underlying x509 verification because the test cert is expired
   verif_cert.return_value = (None, None)
   cert_file = testutils.TestDataFilename("cert2.pem")
   (errcode, digest) = backend._VerifyClientCertificate(cert_file=cert_file)
   self.assertEqual(None, errcode)
   self.assertTrue(isinstance(digest, str))
コード例 #16
0
  def testNoInputRead(self):
    testfile = testutils.TestDataFilename("cert1.pem")

    result = utils.RunCmd(["cat"], timeout=10.0)
    self.assertFalse(result.failed)
    self.assertEqual(result.stderr, "")
    self.assertEqual(result.stdout, "")
コード例 #17
0
    def testMissingFile(self):
        cert_path = testutils.TestDataFilename("cert1.pem")
        nodecert = utils.PathJoin(self.tmpdir, "does-not-exist")

        utils.CheckNodeCertificate(NotImplemented, _noded_cert_file=nodecert)

        self.assertFalse(os.path.exists(nodecert))
コード例 #18
0
    def testReadSize(self):
        data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"),
                              size=100)
        self.assertEqual(len(data), 100)

        h = compat.md5_hash()
        h.update(data)
        self.assertEqual(h.hexdigest(), "256d28505448898d4741b10c5f5dbc12")
    def testGivenPrivateKey(self):
        cert_filename = testutils.TestDataFilename("cert2.pem")
        cert_pem = utils.ReadFile(cert_filename)

        self.assertRaises(_JoinError,
                          prepare_node_join._VerifyCertificate,
                          cert_pem,
                          _check_fn=NotImplemented)
コード例 #20
0
  def testReadSize(self):
    data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"),
                          size=100)
    self.assertEqual(len(data), 100)

    h = compat.md5_hash()
    h.update(data)
    self.assertEqual(h.hexdigest(), "893772354e4e690b9efd073eed433ce7")
コード例 #21
0
    def testMatchingKey(self):
        cert_filename = testutils.TestDataFilename("cert2.pem")

        # Extract certificate
        cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                               utils.ReadFile(cert_filename))
        cert_pem = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                                   cert)

        utils.CheckNodeCertificate(cert, _noded_cert_file=cert_filename)
コード例 #22
0
    def setUp(self):
        """Read in txt data"""
        testutils.GanetiTestCase.setUp(self)
        self.proc80_info = \
          drbd_info.DRBD8Info.CreateFromFile(
            filename=testutils.TestDataFilename("proc_drbd8.txt"))
        self.proc83_info = \
          drbd_info.DRBD8Info.CreateFromFile(
            filename=testutils.TestDataFilename("proc_drbd83.txt"))
        self.proc84_info = \
          drbd_info.DRBD8Info.CreateFromFile(
            filename=testutils.TestDataFilename("proc_drbd84.txt"))

        self.test_unique_id = ("hosta.com", 123, "host2.com", 123, 0, "secret")
        self.test_dyn_params = {
            constants.DDP_LOCAL_IP: "192.0.2.1",
            constants.DDP_LOCAL_MINOR: 0,
            constants.DDP_REMOTE_IP: "192.0.2.2",
            constants.DDP_REMOTE_MINOR: 0,
        }
コード例 #23
0
  def testSuccessfulCheck(self):
    cert_filename = testutils.TestDataFilename("cert2.pem")
    cert_pem = utils.ReadFile(cert_filename)
    result = \
      node_daemon_setup._VerifyCertificate(cert_pem, _check_fn=self._Check)

    cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, result)
    self.assertTrue(cert)

    key = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, result)
    self.assertTrue(key)
コード例 #24
0
  def testInputNumericFileDescriptor(self):
    testfile = testutils.TestDataFilename("cert2.pem")

    fh = open(testfile, "r")
    try:
      result = utils.RunCmd(["cat"], input_fd=fh.fileno())
    finally:
      fh.close()

    self.assertFalse(result.failed)
    self.assertEqual(result.stdout, utils.ReadFile(testfile))
    self.assertEqual(result.stderr, "")
コード例 #25
0
  def testMismatchingKey(self):
    cert1_path = testutils.TestDataFilename("cert1.pem")
    cert2_path = testutils.TestDataFilename("cert2.pem")

    # Extract certificate
    cert1 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                            utils.ReadFile(cert1_path))
    cert1_pem = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                                cert1)

    # Extract mismatching key
    key2 = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM,
                                          utils.ReadFile(cert2_path))
    key2_pem = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM,
                                              key2)

    try:
      common._VerifyCertificateStrong(cert1_pem + key2_pem, self.MyException,
                                      _check_fn=NotImplemented)
    except self.MyException, err:
      self.assertTrue("not signed with given key" in str(err))
コード例 #26
0
  def testMismatchingKey(self):
    cert1_path = testutils.TestDataFilename("cert1.pem")
    cert2_path = testutils.TestDataFilename("cert2.pem")

    # Extract certificate
    cert1 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                            utils.ReadFile(cert1_path))
    cert1_pem = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                                cert1)

    # Extract mismatching key
    key2 = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM,
                                          utils.ReadFile(cert2_path))
    key2_pem = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM,
                                              key2)

    try:
      node_daemon_setup._VerifyCertificate(cert1_pem + key2_pem,
                                           _check_fn=NotImplemented)
    except errors.X509CertError, err:
      self.assertEqual(err.args,
                       ("(stdin)", "Certificate is not signed with given key"))
コード例 #27
0
  def testInputWithCloseFds(self):
    testfile = testutils.TestDataFilename("cert1.pem")

    temp = open(self.fname, "r+")
    try:
      temp.write("test283523367")
      temp.seek(0)

      result = utils.RunCmd(["/bin/bash", "-c",
                             ("cat && read -u %s; echo $REPLY" %
                              temp.fileno())],
                            input_fd=open(testfile, "r"),
                            noclose_fds=[temp.fileno()])
      self.assertFalse(result.failed)
      self.assertEqual(result.stdout.strip(),
                       utils.ReadFile(testfile) + "test283523367")
      self.assertEqual(result.stderr, "")
    finally:
      temp.close()
コード例 #28
0
  def setUp(self):
    """Set up test data"""
    testutils.GanetiTestCase.setUp(self)
    self.proc84_info = \
      drbd_info.DRBD8Info.CreateFromFile(
        filename=testutils.TestDataFilename("proc_drbd84.txt"))

    self.test_unique_id = ("hosta.com", 123, "host2.com", 123, 0,
                           serializer.Private("secret"))
    self.test_dyn_params = {
      constants.DDP_LOCAL_IP: "192.0.2.1",
      constants.DDP_LOCAL_MINOR: 0,
      constants.DDP_REMOTE_IP: "192.0.2.2",
      constants.DDP_REMOTE_MINOR: 0,
    }

    fake_child_1 = self.fake_disk("/dev/sda5")
    fake_child_2 = self.fake_disk("/dev/sda6")
    self.children = [fake_child_1, fake_child_2]
コード例 #29
0
 def testNotStrict(self):
     data = utils.ReadOneLineFile(testutils.TestDataFilename("cert1.pem"),
                                  strict=False)
     self.assertEqual(len(data), 27)
     self.assertEqual(data, "-----BEGIN CERTIFICATE-----")
コード例 #30
0
 def testStrictFailure(self):
     self.assertRaises(errors.GenericError,
                       utils.ReadOneLineFile,
                       testutils.TestDataFilename("cert1.pem"),
                       strict=True)