def test_client_cert_key_no_pass(self): instance = {'tls_cert': 'foo', 'tls_private_key': 'bar'} check = AgentCheck('test', {}, [instance]) with patch('ssl.SSLContext'): context = check.get_tls_context() # type: MagicMock context.load_cert_chain.assert_called_with('foo', keyfile='bar', password=None)
def test_ca_cert_dir(self): with patch('ssl.SSLContext'), TempDir("test_ca_cert_file") as tmp_dir: instance = {'tls_ca_cert': tmp_dir} check = AgentCheck('test', {}, [instance]) context = check.get_tls_context() # type: MagicMock context.load_verify_locations.assert_called_with(cafile=None, capath=tmp_dir, cadata=None)
def test_ca_cert_expand_user(self): instance = {'tls_ca_cert': '~/foo'} check = AgentCheck('test', {}, [instance]) with patch('ssl.SSLContext'), patch('os.path') as mock_path: check.get_tls_context() mock_path.expanduser.assert_called_with('~/foo')
def test_verify_ssl_with_hostname(self): instance = {'tls_verify': True, 'tls_validate_hostname': True} check = AgentCheck('test', {}, [instance]) context = check.get_tls_context() assert context.verify_mode == ssl.CERT_REQUIRED assert context.check_hostname is True
def test_no_ca_certs_default(self): check = AgentCheck('test', {}, [{}]) with patch('ssl.SSLContext'): context = check.get_tls_context() # type: MagicMock context.load_default_certs.assert_called_with(ssl.Purpose.SERVER_AUTH)
def test_unverified_tls(self): instance = {'tls_verify': False} check = AgentCheck('test', {}, [instance]) assert check.get_tls_context().verify_mode == ssl.CERT_NONE
def test_refresh(self): check = AgentCheck('test', {}, [{}]) context = check.get_tls_context() assert context == check.get_tls_context() assert context != check.get_tls_context(refresh=True)
def test_activate(self): check = AgentCheck('test', {}, [{}]) context = check.get_tls_context() assert context == check._tls_context_wrapper.tls_context assert isinstance(context, SSLContext)
def test_no_ca_certs_no_default(self): instance = {'tls_load_default_certs': False} check = AgentCheck('test', {}, [instance]) context = check.get_tls_context() assert len(context.get_ca_certs()) == 0
def test_verify_ssl_false_with_hostname(self, instance): check = AgentCheck('test', {}, [instance]) context = check.get_tls_context() assert context.verify_mode == ssl.CERT_NONE assert context.check_hostname is False