예제 #1
0
 def test_getAgentCrtReqName(self, hostname_mock):
     hostname_mock.return_value = "dummy.hostname"
     self.config.set('security', 'keysdir', '/dummy-keysdir')
     man = CertificateManager(self.config, "active_server")
     res = man.getAgentCrtReqName()
     self.assertEquals(res,
                       os.path.abspath("/dummy-keysdir/dummy.hostname.csr"))
예제 #2
0
class TestCertGeneration(TestCase):
    @patch.object(OSCheck,
                  "os_distribution",
                  new=MagicMock(return_value=os_distro_value))
    def setUp(self):
        self.tmpdir = tempfile.mkdtemp()
        config = AmbariConfig.AmbariConfig()
        #config.add_section('server')
        config.set('server', 'hostname', 'example.com')
        config.set('server', 'url_port', '777')
        #config.add_section('security')
        config.set('security', 'keysdir', self.tmpdir)
        config.set('security', 'server_crt', 'ca.crt')
        server_hostname = config.get('server', 'hostname')
        self.certMan = CertificateManager(config, server_hostname)

    @patch.object(os, "chmod")
    def test_generation(self, chmod_mock):
        self.certMan.genAgentCrtReq('/dummy_dir/hostname.key')
        self.assertTrue(chmod_mock.called)
        self.assertTrue(os.path.exists(self.certMan.getAgentKeyName()))
        self.assertTrue(os.path.exists(self.certMan.getAgentCrtReqName()))

    def tearDown(self):
        shutil.rmtree(self.tmpdir)
예제 #3
0
 def test_genAgentCrtReq(self, communicate_mock, popen_mock):
     man = CertificateManager(self.config)
     p = MagicMock(spec=subprocess.Popen)
     p.communicate = communicate_mock
     popen_mock.return_value = p
     man.genAgentCrtReq()
     self.assertTrue(popen_mock.called)
     self.assertTrue(communicate_mock.called)
 def test_genAgentCrtReq(self, communicate_mock, popen_mock):
   man = CertificateManager(self.config)
   p = MagicMock(spec=subprocess.Popen)
   p.communicate = communicate_mock
   popen_mock.return_value = p
   man.genAgentCrtReq()
   self.assertTrue(popen_mock.called)
   self.assertTrue(communicate_mock.called)
예제 #5
0
 def setUp(self):
     self.tmpdir = tempfile.mkdtemp()
     config = AmbariConfig.AmbariConfig()
     config.set('server', 'hostname', 'example.com')
     config.set('server', 'url_port', '777')
     config.set('security', 'keysdir', self.tmpdir)
     config.set('security', 'server_crt', 'ca.crt')
     server_hostname = config.get('server', 'hostname')
     self.certMan = CertificateManager(config, server_hostname)
예제 #6
0
 def test_genAgentCrtReq(self, chmod_mock, communicate_mock, popen_mock):
   man = CertificateManager(self.config, "active_server")
   p = MagicMock(spec=subprocess32.Popen)
   p.communicate = communicate_mock
   popen_mock.return_value = p
   man.genAgentCrtReq('/dummy-keysdir/hostname.key')
   self.assertTrue(chmod_mock.called)
   self.assertTrue(popen_mock.called)
   self.assertTrue(communicate_mock.called)
  def test_loadSrvrCrt(self, getSrvrCrtName_mock, urlopen_mock):
    read_mock = MagicMock(create=True)
    read_mock.read.return_value = "dummy_cert"
    urlopen_mock.return_value = read_mock
    _, tmpoutfile = tempfile.mkstemp()
    getSrvrCrtName_mock.return_value = tmpoutfile

    man = CertificateManager(self.config)
    man.loadSrvrCrt()

    # Checking file contents
    saved = open(tmpoutfile, 'r').read()
    self.assertEqual(saved, read_mock.read.return_value)

    os.unlink(tmpoutfile)
예제 #8
0
    def test_loadSrvrCrt(self, getSrvrCrtName_mock, urlopen_mock):
        read_mock = MagicMock(create=True)
        read_mock.read.return_value = "dummy_cert"
        urlopen_mock.return_value = read_mock
        _, tmpoutfile = tempfile.mkstemp()
        getSrvrCrtName_mock.return_value = tmpoutfile

        man = CertificateManager(self.config)
        man.loadSrvrCrt()

        # Checking file contents
        saved = open(tmpoutfile, 'r').read()
        self.assertEqual(saved, read_mock.read.return_value)

        os.unlink(tmpoutfile)
예제 #9
0
 def setUp(self):
   self.tmpdir = tempfile.mkdtemp()
   config = AmbariConfig.AmbariConfig()
   config.set('server', 'hostname', 'example.com')
   config.set('server', 'url_port', '777')
   config.set('security', 'keysdir', self.tmpdir)
   config.set('security', 'server_crt', 'ca.crt')
   server_hostname = config.get('server', 'hostname')
   self.certMan = CertificateManager(config, server_hostname)
예제 #10
0
class TestCertGeneration(TestCase):
  @patch.object(OSCheck, "os_distribution", new = MagicMock(return_value = os_distro_value))
  def setUp(self):
    self.tmpdir = tempfile.mkdtemp()
    config = AmbariConfig.AmbariConfig()
    config.set('server', 'hostname', 'example.com')
    config.set('server', 'url_port', '777')
    config.set('security', 'keysdir', self.tmpdir)
    config.set('security', 'server_crt', 'ca.crt')
    server_hostname = config.get('server', 'hostname')
    self.certMan = CertificateManager(config, server_hostname)

  @patch.object(os, "chmod")
  def test_generation(self, chmod_mock):
    self.certMan.genAgentCrtReq('/dummy_dir/hostname.key')
    self.assertTrue(chmod_mock.called)
    self.assertTrue(os.path.exists(self.certMan.getAgentKeyName()))
    self.assertTrue(os.path.exists(self.certMan.getAgentCrtReqName()))
  def tearDown(self):
    shutil.rmtree(self.tmpdir)
예제 #11
0
    def test_reqSignCrt_malformedJson(self, urlopen_mock, open_mock,
                                      hostname_mock):
        hostname_mock.return_value = "dummy-hostname"
        open_mock.return_value.read.return_value = "dummy_request"
        self.config.set('security', 'keysdir', '/dummy-keysdir')
        self.config.set('security', 'passphrase_env_var_name',
                        'DUMMY_PASSPHRASE')
        man = CertificateManager(self.config, "active_server")

        # test valid JSON response
        urlopen_mock.return_value.read.return_value = '{"result": "OK", "signedCa":"dummy"}'
        try:
            man.reqSignCrt()
        except ssl.SSLError:
            self.fail("Unexpected exception!")
        open_mock.return_value.write.assert_called_with(u'dummy')

        # test malformed JSON response
        open_mock.return_value.write.reset_mock()
        urlopen_mock.return_value.read.return_value = '{malformed_object}'
        try:
            man.reqSignCrt()
            self.fail("Expected exception!")
        except ssl.SSLError:
            pass
        self.assertFalse(open_mock.return_value.write.called)
예제 #12
0
  def test_reqSignCrt(self, loads_mock, urlopen_mock, request_mock, dumps_mock, open_mock, hostname_mock):
    self.config.set('security', 'keysdir', '/dummy-keysdir')
    self.config.set('security', 'passphrase_env_var_name', 'DUMMY_PASSPHRASE')
    man = CertificateManager(self.config, "active_server")
    hostname_mock.return_value = "dummy-hostname"

    open_mock.return_value.read.return_value = "dummy_request"
    urlopen_mock.return_value.read.return_value = "dummy_server_request"
    loads_mock.return_value = {
      'result': 'OK',
      'signedCa': 'dummy-crt'
    }

    # Test normal server interaction
    man.reqSignCrt()

    self.assertEqual(dumps_mock.call_args[0][0], {
      'csr'       : 'dummy_request',
      'passphrase' : 'dummy-passphrase'
    })
    self.assertEqual(open_mock.return_value.write.call_args[0][0], 'dummy-crt')

    # Test negative server reply
    dumps_mock.reset_mock()
    open_mock.return_value.write.reset_mock()
    loads_mock.return_value = {
      'result': 'FAIL',
      'signedCa': 'fail-crt'
    }

    # If certificate signing failed, then exception must be raised
    try:
      man.reqSignCrt()
      self.fail()
    except ssl.SSLError:
      pass
    self.assertFalse(open_mock.return_value.write.called)

    # Test connection fail
    dumps_mock.reset_mock()
    open_mock.return_value.write.reset_mock()

    try:
      man.reqSignCrt()
      self.fail("Expected exception here")
    except Exception, err:
      # expected
      pass
예제 #13
0
  def test_checkCertExists(self, reqSignCrt_mock, getAgentCrtName_mock,
                           genAgentCrtReq_mock, getAgentKeyName_mock,
                           loadSrvrCrt_mock, exists_mock):
    self.config.set('security', 'keysdir', '/dummy-keysdir')
    getAgentKeyName_mock.return_value = "dummy AgentKeyName"
    getAgentCrtName_mock.return_value = "dummy AgentCrtName"
    man = CertificateManager(self.config, "active_server")

    # Case when all files exist
    exists_mock.side_effect = [True, True, True]
    man.checkCertExists()
    self.assertFalse(loadSrvrCrt_mock.called)
    self.assertFalse(genAgentCrtReq_mock.called)
    self.assertFalse(reqSignCrt_mock.called)

    # Absent server cert
    exists_mock.side_effect = [False, True, True]
    man.checkCertExists()
    self.assertTrue(loadSrvrCrt_mock.called)
    self.assertFalse(genAgentCrtReq_mock.called)
    self.assertFalse(reqSignCrt_mock.called)
    loadSrvrCrt_mock.reset_mock()

    # Absent agent key
    exists_mock.side_effect = [True, False, True]
    man.checkCertExists()
    self.assertFalse(loadSrvrCrt_mock.called)
    self.assertTrue(genAgentCrtReq_mock.called)
    self.assertFalse(reqSignCrt_mock.called)
    genAgentCrtReq_mock.reset_mock()

    # Absent agent cert
    exists_mock.side_effect = [True, True, False]
    man.checkCertExists()
    self.assertFalse(loadSrvrCrt_mock.called)
    self.assertFalse(genAgentCrtReq_mock.called)
    self.assertTrue(reqSignCrt_mock.called)
    reqSignCrt_mock.reset_mock()
예제 #14
0
  def test_reqSignCrt_malformedJson(self, urlopen_mock, open_mock, hostname_mock):
    hostname_mock.return_value = "dummy-hostname"
    open_mock.return_value.read.return_value = "dummy_request"
    self.config.set('security', 'keysdir', '/dummy-keysdir')
    self.config.set('security', 'passphrase_env_var_name', 'DUMMY_PASSPHRASE')
    man = CertificateManager(self.config)

    # test valid JSON response
    urlopen_mock.return_value.read.return_value = '{"result": "OK", "signedCa":"dummy"}'
    try:
      man.reqSignCrt()
    except ssl.SSLError:
      self.fail("Unexpected exception!")
    open_mock.return_value.write.assert_called_with(u'dummy')

    # test malformed JSON response
    open_mock.return_value.write.reset_mock()
    urlopen_mock.return_value.read.return_value = '{malformed_object}'
    try:
      man.reqSignCrt()
      self.fail("Expected exception!")
    except ssl.SSLError:
      pass
    self.assertFalse(open_mock.return_value.write.called)
  def test_reqSignCrt(self, loads_mock, urlopen_mock, request_mock, dumps_mock, open_mock, hostname_mock):
    self.config.set('security', 'keysdir', '/dummy-keysdir')
    self.config.set('security', 'passphrase_env_var_name', 'DUMMY_PASSPHRASE')
    man = CertificateManager(self.config)
    hostname_mock.return_value = "dummy-hostname"

    open_mock.return_value.__exit__ = mock.mock.Mock(return_value = True)
    open_mock.return_value.__enter__.return_value = open_mock.return_value
    open_mock.return_value.read.return_value = "dummy_request"
    urlopen_mock.return_value.read.return_value = "dummy_server_request"
    loads_mock.return_value = {
      'result': 'OK',
      'signedCa': 'dummy-crt'
    }

    # Test normal server interaction
    man.reqSignCrt()

    self.assertEqual(dumps_mock.call_args[0][0], {
      'csr'       : 'dummy_request',
      'passphrase' : 'dummy-passphrase'
    })
    self.assertEqual(open_mock.return_value.write.call_args[0][0], 'dummy-crt')

    # Test negative server reply
    dumps_mock.reset_mock()
    open_mock.return_value.write.reset_mock()
    loads_mock.return_value = {
      'result': 'FAIL',
      'signedCa': 'fail-crt'
    }

    # If certificate signing failed, then exception must be raised
    try:
      man.reqSignCrt()
      self.fail()
    except ssl.SSLError:
      pass
    self.assertFalse(open_mock.return_value.write.called)

    # Test connection fail
    dumps_mock.reset_mock()
    open_mock.return_value.write.reset_mock()

    try:
      man.reqSignCrt()
      self.fail("Expected exception here")
    except Exception, err:
      # expected
      pass
  def test_checkCertExists(self, reqSignCrt_mock, getAgentCrtName_mock,
                           genAgentCrtReq_mock, getAgentKeyName_mock,
                           loadSrvrCrt_mock, exists_mock):
    self.config.set('security', 'keysdir', '/dummy-keysdir')
    getAgentKeyName_mock.return_value = "dummy AgentKeyName"
    getAgentCrtName_mock.return_value = "dummy AgentCrtName"
    man = CertificateManager(self.config)

    # Case when all files exist
    exists_mock.side_effect = [True, True, True]
    man.checkCertExists()
    self.assertFalse(loadSrvrCrt_mock.called)
    self.assertFalse(genAgentCrtReq_mock.called)
    self.assertFalse(reqSignCrt_mock.called)

    # Absent server cert
    exists_mock.side_effect = [False, True, True]
    man.checkCertExists()
    self.assertTrue(loadSrvrCrt_mock.called)
    self.assertFalse(genAgentCrtReq_mock.called)
    self.assertFalse(reqSignCrt_mock.called)
    loadSrvrCrt_mock.reset_mock()

    # Absent agent key
    exists_mock.side_effect = [True, False, True]
    man.checkCertExists()
    self.assertFalse(loadSrvrCrt_mock.called)
    self.assertTrue(genAgentCrtReq_mock.called)
    self.assertFalse(reqSignCrt_mock.called)
    genAgentCrtReq_mock.reset_mock()

    # Absent agent cert
    exists_mock.side_effect = [True, True, False]
    man.checkCertExists()
    self.assertFalse(loadSrvrCrt_mock.called)
    self.assertFalse(genAgentCrtReq_mock.called)
    self.assertTrue(reqSignCrt_mock.called)
    reqSignCrt_mock.reset_mock()
예제 #17
0
 def test_getAgentCrtName(self, hostname_mock):
     hostname_mock.return_value = "dummy.hostname"
     self.config.set('security', 'keysdir', '/dummy-keysdir')
     man = CertificateManager(self.config)
     res = man.getAgentCrtName()
     self.assertEquals(res, "/dummy-keysdir/dummy.hostname.crt")
예제 #18
0
 def test_initSecurity(self, checkCertExists_method):
   man = CertificateManager(self.config, "active_server")
   man.initSecurity()
   self.assertTrue(checkCertExists_method.called)
예제 #19
0
 def test_getAgentKeyName(self, hostname_mock):
   hostname_mock.return_value = "dummy.hostname"
   self.config.set('security', 'keysdir', '/dummy-keysdir')
   man = CertificateManager(self.config)
   res = man.getAgentKeyName()
   self.assertEquals(res, os.path.abspath("/dummy-keysdir/dummy.hostname.key"))
예제 #20
0
 def test_getSrvrCrtName(self):
   self.config.set('security', 'keysdir', '/dummy-keysdir')
   man = CertificateManager(self.config, "active_server")
   res = man.getSrvrCrtName()
   self.assertEquals(res, os.path.abspath("/dummy-keysdir/ca.crt"))
 def test_getAgentCrtReqName(self, hostname_mock):
   hostname_mock.return_value = "dummy.hostname"
   self.config.set('security', 'keysdir', '/dummy-keysdir')
   man = CertificateManager(self.config)
   res = man.getAgentCrtReqName()
   self.assertEquals(res, "/dummy-keysdir/dummy.hostname.csr")
 def test_getSrvrCrtName(self):
   self.config.set('security', 'keysdir', '/dummy-keysdir')
   man = CertificateManager(self.config)
   res = man.getSrvrCrtName()
   self.assertEquals(res, "/dummy-keysdir/ca.crt")
예제 #23
0
 def test_getSrvrCrtName(self):
     self.config.set('security', 'keysdir', '/dummy-keysdir')
     man = CertificateManager(self.config)
     res = man.getSrvrCrtName()
     self.assertEquals(res, "/dummy-keysdir/ca.crt")
 def test_initSecurity(self, checkCertExists_method):
   man = CertificateManager(self.config)
   man.initSecurity()
   self.assertTrue(checkCertExists_method.called)