def test_cert_with_carriage_returns(self): # make sure it can parse a cert where the "-----" etc. lines end with # "\r\n" instead of just "\n". Failure to parse in this case was # discovered when trying to parse an employee-sku cert that jbowes # emailed to mhrivnak. the origin of the offending carriage returns is # unknown. crcert = certdata.ENTITLEMENT_CERT_V3_0.replace('-\n', '-\r\n') create_from_pem(crcert)
def _check_extensions(self, cert_pem, dest, log_func): """ Checks the requested destination path against the entitlement cert. :param cert_pem: certificate as PEM :type cert_pem: str :param dest: path of desired destination :type dest: str :param log_func: function used for logging :type log_func: callable taking 1 argument of type basestring :return: True iff request is authorized, else False :rtype: bool """ cert = certificate.create_from_pem(cert_pem) # Extract the repo portion of the URL repo_dest = dest[dest.find(RELATIVE_URL) + len(RELATIVE_URL):] try: valid = cert.check_path(repo_dest) except AttributeError: # not an entitlement certificate, so no entitlements valid = False if not valid: log_func('Request denied to destination [%s]' % dest) return valid
def _is_valid(cert_pem): ''' validates the cert's common name as being pulp's identity :param cert_pem: PEM encoded client certificate sent with the request :type cert_pem: string ''' cert = certificate.create_from_pem(cert_pem) cn = cert.subject()['CN'] return cn == IDENTITY_CN
def setUp(self): self.prod_cert = create_from_pem(certdata.PRODUCT_CERT_V1_0) self.ent_cert = create_from_pem(certdata.ENTITLEMENT_CERT_V1_0)
def test_default_version(self): id_cert = create_from_pem(certdata.IDENTITY_CERT) self.assertTrue(isinstance(id_cert, IdentityCertificate)) self.assertEquals('1.0', str(id_cert.version))
def test_creation(self): id_cert = create_from_pem(certdata.IDENTITY_CERT) self.assertTrue(isinstance(id_cert, IdentityCertificate)) self.assertEquals("DirName:/CN=redhat.local.rm-rf.ca", id_cert.alt_name) self.assertEquals("eaadd6ea-852d-4430-94a7-73d5887d48e8", id_cert.subject['CN']) self.assertFalse(hasattr(id_cert, 'products'))
def test_factory_method_without_ent_data(self): data = certdata.ENTITLEMENT_CERT_V3_0.split('-----BEGIN ENTITLEMENT DATA-----')[0] cert = create_from_pem(data) self.assertTrue(cert.content is None) self.assertTrue(cert.order is None) self.assertEqual(cert.products, [])
def setUp(self): self.ent_cert = create_from_pem(certdata.ENTITLEMENT_CERT_V3_0)