Пример #1
0
 def _bind_external(self, authzid):
     if 'EXTERNALAUTH' not in self.cfg:
         self.skipTest("EXTERNAL authentication is not set.")
     if sys.platform == "win32":
         self.skipTest("Windows relies on set certs in its cert store.")
     tls_impl = bonsai.get_tls_impl_name()
     if tls_impl == "GnuTLS" or tls_impl == "OpenSSL":
         curdir = os.path.abspath(os.path.dirname(__file__))
         cert_path = os.path.join(curdir, 'testenv', 'certs')
         cli = LDAPClient(self.host, tls=True)
         cli.set_ca_cert(cert_path + '/cacert.pem')
         cli.set_client_cert(cert_path + '/client.pem')
         cli.set_client_key(cert_path + '/client.key')
         cli.set_credentials('EXTERNAL', (authzid,))
         try:
             conn = cli.connect()
         except (bonsai.errors.ConnectionError, \
                 bonsai.errors.AuthenticationError):
             self.fail()
         else:
             self.assertNotEqual("anonymous", conn.whoami(),
                                 "EXTERNAL authentication was"
                                 " unsuccessful.")
             return conn
     else:
         self.skipTest("")
Пример #2
0
 def _bind_external(self, authzid):
     if 'EXTERNALAUTH' not in self.cfg:
         self.skipTest("EXTERNAL authentication is not set.")
     if sys.platform == "win32":
         self.skipTest("Windows relies on set certs in its cert store.")
     tls_impl = bonsai.get_tls_impl_name()
     if tls_impl == "GnuTLS" or tls_impl == "OpenSSL":
         curdir = os.path.abspath(os.path.dirname(__file__))
         cert_path = os.path.join(curdir, 'testenv', 'certs')
         cli = LDAPClient("ldap://%s" % self.cfg['SERVER']['hostname'],
                          tls=True)
         cli.set_ca_cert(cert_path + '/cacert.pem')
         cli.set_client_cert(cert_path + '/client.pem')
         cli.set_client_key(cert_path + '/client.key')
         cli.set_credentials('EXTERNAL', (authzid, ))
         try:
             conn = cli.connect()
         except (bonsai.errors.ConnectionError, \
                 bonsai.errors.AuthenticationError):
             self.fail()
         else:
             self.assertNotEqual(
                 "anonymous", conn.whoami(), "EXTERNAL authentication was"
                 " unsuccessful.")
             return conn
     else:
         self.skipTest("")
Пример #3
0
def test_tls_timeout(url):
    """ Test TLS connection timeout. """
    client = LDAPClient(url, True)
    client.set_cert_policy("ALLOW")
    client.set_ca_cert(None)
    client.set_ca_cert_dir(None)
    with network_delay(9.0):
        with pytest.raises(bonsai.TimeoutError):
            client.connect(timeout=5.0)
Пример #4
0
def test_tls(url):
    """ Test TLS connection. """
    client = LDAPClient(url, True)
    client.set_cert_policy("ALLOW")
    client.set_ca_cert(None)
    client.set_ca_cert_dir(None)
    try:
        conn = client.connect()
        conn.close()
    except Exception as exc:
        pytest.fail("TLS connection is failed with: %s" % str(exc))
Пример #5
0
def test_ldap_over_tls(ldaps_url):
    """ Test LDAP over TLS connection. """
    client = LDAPClient(ldaps_url)
    client.set_cert_policy("ALLOW")
    client.set_ca_cert(None)
    client.set_ca_cert_dir(None)
    try:
        conn = client.connect()
        assert conn is not None
        conn.close()
    except Exception as exc:
        pytest.fail("TLS connection is failed with: %s" % str(exc))
Пример #6
0
 def test_tls(self):
     """ Test TLS connection. """
     if self.cfg['SERVER']['has_tls'] == 'False':
         self.skipTest("TLS is not set.")
     client = LDAPClient(self.url, True)
     client.set_cert_policy("ALLOW")
     client.set_ca_cert(None)
     client.set_ca_cert_dir(None)
     try:
         conn = client.connect()
         conn.close()
     except Exception as exc:
         self.fail("TLS connection is failed with: %s" % str(exc))
Пример #7
0
 def test_tls(self):
     """ Test TLS connection. """
     if self.cfg['SERVER']['has_tls'] == 'False':
         self.skipTest("TLS is not set.")
     client = LDAPClient(self.url, True)
     client.set_cert_policy("ALLOW")
     client.set_ca_cert(None)
     client.set_ca_cert_dir(None)
     try:
         conn = client.connect()
         conn.close()
     except Exception as exc:
         self.fail("TLS connection is failed with: %s" % str(exc))
Пример #8
0
 def _create_external(authzid=None):
     tls_impl = bonsai.get_tls_impl_name()
     if tls_impl == "GnuTLS" or tls_impl == "OpenSSL":
         cfg = get_config()
         curdir = os.path.abspath(os.path.dirname(__file__))
         cert_path = os.path.join(curdir, "testenv", "certs")
         host = "ldap://%s" % cfg["SERVER"]["hostname"]
         cli = LDAPClient(host, tls=True)
         cli.set_ca_cert(cert_path + "/cacert.pem")
         cli.set_client_cert(cert_path + "/client.pem")
         cli.set_client_key(cert_path + "/client.key")
         cli.set_credentials("EXTERNAL", authz_id=authzid)
         return cli.connect()
     else:
         pytest.skip("")
Пример #9
0
 def _create_external(authzid=None):
     tls_impl = bonsai.get_tls_impl_name()
     if tls_impl == "GnuTLS" or tls_impl == "OpenSSL":
         cfg = get_config()
         curdir = os.path.abspath(os.path.dirname(__file__))
         cert_path = os.path.join(curdir, "testenv", "certs")
         host = "ldap://%s" % cfg["SERVER"]["hostname"]
         cli = LDAPClient(host, tls=True)
         cli.set_ca_cert(cert_path + "/cacert.pem")
         cli.set_client_cert(cert_path + "/client.pem")
         cli.set_client_key(cert_path + "/client.key")
         cli.set_credentials("EXTERNAL", authz_id=authzid)
         return cli.connect()
     else:
         pytest.skip("")
Пример #10
0
 def test_tls_timeout(self):
     """ Test TLS connection timeout. """
     if not self.has_tls:
         self.skipTest("TLS is not set.")
     import multiprocessing
     client = LDAPClient(self.url, True)
     client.set_cert_policy("ALLOW")
     client.set_ca_cert(None)
     client.set_ca_cert_dir(None)
     proxy = rpc.ServerProxy("http://%s:%d/" % (self.ipaddr, 8000))
     proxy.set_delay(9.0, 15)
     time.sleep(2.0)
     pool = multiprocessing.Pool(processes=1)
     try:
         result = pool.apply_async(receive_timeout_error, args=(client, ))
         result.get(timeout=18.0)
     except Exception as exc:
         self.assertIsInstance(exc, bonsai.TimeoutError)
     else:
         self.fail("Failed to receive TimeoutError.")
     finally:
         pool.terminate()
         proxy.remove_delay()