def test_blacklist_names_bad_cn(self): csr = x509_csr.X509Csr() name = csr.get_subject() name.add_name_entry(x509_name.OID_commonName, "blah.bad") with self.assertRaises(validators.ValidationError): validators.blacklist_names( csr=csr, domains=['.bad'], )
def test_blacklist_names_bad(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionSubjectAltName() ext.add_dns_id('blah.bad') csr.add_extension(ext) with self.assertRaises(validators.ValidationError): validators.blacklist_names( csr=csr, domains=['.bad'], )
def test_blacklist_names_bad(self): ext_mock = mock.MagicMock() ext_mock.get_value.return_value = 'DNS:blah.bad' ext_mock.get_name.return_value = 'subjectAltName' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] with self.assertRaises(validators.ValidationError): validators.blacklist_names( csr=csr_mock, domains=['.bad'], )
def test_blacklist_names_bad_cn(self): cn_mock = mock.MagicMock() cn_mock.get_value.return_value = 'blah.bad' csr_config = { 'get_subject.return_value.get_entries_by_nid.return_value': [cn_mock], } csr_mock = mock.MagicMock(**csr_config) with self.assertRaises(validators.ValidationError): validators.blacklist_names( csr=csr_mock, domains=['.bad'], )
def test_blacklist_names_empty_list(self): # empty blacklist should pass everything through csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionSubjectAltName() ext.add_dns_id('blah.good') csr.add_extension(ext) self.assertEqual(None, validators.blacklist_names(csr=csr, ))
def test_blacklist_names_good(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionSubjectAltName() ext.add_dns_id('blah.good') csr.add_extension(ext) self.assertEqual( None, validators.blacklist_names( csr=csr, domains=['.bad'], ))
def test_blacklist_names_empty_list(self): # empty blacklist should pass everything through csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionSubjectAltName() ext.add_dns_id('blah.good') csr.add_extension(ext) self.assertEqual( None, validators.blacklist_names( csr=csr, ) )
def test_blacklist_names_good(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionSubjectAltName() ext.add_dns_id('blah.good') csr.add_extension(ext) self.assertEqual( None, validators.blacklist_names( csr=csr, domains=['.bad'], ) )
def test_blacklist_names_empty_list(self): # empty blacklist should pass everything through ext_mock = mock.MagicMock() ext_mock.get_value.return_value = 'DNS:some.name' ext_mock.get_name.return_value = 'subjectAltName' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] self.assertEqual( None, validators.blacklist_names( csr=csr_mock, ) )
def test_blacklist_names_good(self): ext_mock = mock.MagicMock() ext_mock.get_value.return_value = 'DNS:blah.good' ext_mock.get_name.return_value = 'subjectAltName' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] self.assertEqual( None, validators.blacklist_names( csr=csr_mock, domains=['.bad'], ) )
def test_blacklist_names_ignore_unknown(self): # only validate the DNS type - other types may look like domains # by accident ext_mock = mock.MagicMock() ext_mock.get_value.return_value = 'RANDOM_TYPE:random.bad' ext_mock.get_name.return_value = 'subjectAltName' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] self.assertEqual( None, validators.blacklist_names( csr=csr_mock, domains=['.bad'], ) )