def _bind_external(self, authzid): if 'EXTERNALAUTH' not in self.cfg: self.skipTest("EXTERNAL authentication is not set.") if sys.platform == "win32": self.skipTest("Windows relies on set certs in its cert store.") tls_impl = bonsai.get_tls_impl_name() if tls_impl == "GnuTLS" or tls_impl == "OpenSSL": curdir = os.path.abspath(os.path.dirname(__file__)) cert_path = os.path.join(curdir, 'testenv', 'certs') cli = LDAPClient(self.host, tls=True) cli.set_ca_cert(cert_path + '/cacert.pem') cli.set_client_cert(cert_path + '/client.pem') cli.set_client_key(cert_path + '/client.key') cli.set_credentials('EXTERNAL', (authzid,)) try: conn = cli.connect() except (bonsai.errors.ConnectionError, \ bonsai.errors.AuthenticationError): self.fail() else: self.assertNotEqual("anonymous", conn.whoami(), "EXTERNAL authentication was" " unsuccessful.") return conn else: self.skipTest("")
def _bind_external(self, authzid): if 'EXTERNALAUTH' not in self.cfg: self.skipTest("EXTERNAL authentication is not set.") if sys.platform == "win32": self.skipTest("Windows relies on set certs in its cert store.") tls_impl = bonsai.get_tls_impl_name() if tls_impl == "GnuTLS" or tls_impl == "OpenSSL": curdir = os.path.abspath(os.path.dirname(__file__)) cert_path = os.path.join(curdir, 'testenv', 'certs') cli = LDAPClient("ldap://%s" % self.cfg['SERVER']['hostname'], tls=True) cli.set_ca_cert(cert_path + '/cacert.pem') cli.set_client_cert(cert_path + '/client.pem') cli.set_client_key(cert_path + '/client.key') cli.set_credentials('EXTERNAL', (authzid, )) try: conn = cli.connect() except (bonsai.errors.ConnectionError, \ bonsai.errors.AuthenticationError): self.fail() else: self.assertNotEqual( "anonymous", conn.whoami(), "EXTERNAL authentication was" " unsuccessful.") return conn else: self.skipTest("")
def test_tls_timeout(url): """ Test TLS connection timeout. """ client = LDAPClient(url, True) client.set_cert_policy("ALLOW") client.set_ca_cert(None) client.set_ca_cert_dir(None) with network_delay(9.0): with pytest.raises(bonsai.TimeoutError): client.connect(timeout=5.0)
def test_tls(url): """ Test TLS connection. """ client = LDAPClient(url, True) client.set_cert_policy("ALLOW") client.set_ca_cert(None) client.set_ca_cert_dir(None) try: conn = client.connect() conn.close() except Exception as exc: pytest.fail("TLS connection is failed with: %s" % str(exc))
def test_ldap_over_tls(ldaps_url): """ Test LDAP over TLS connection. """ client = LDAPClient(ldaps_url) client.set_cert_policy("ALLOW") client.set_ca_cert(None) client.set_ca_cert_dir(None) try: conn = client.connect() assert conn is not None conn.close() except Exception as exc: pytest.fail("TLS connection is failed with: %s" % str(exc))
def test_tls(self): """ Test TLS connection. """ if self.cfg['SERVER']['has_tls'] == 'False': self.skipTest("TLS is not set.") client = LDAPClient(self.url, True) client.set_cert_policy("ALLOW") client.set_ca_cert(None) client.set_ca_cert_dir(None) try: conn = client.connect() conn.close() except Exception as exc: self.fail("TLS connection is failed with: %s" % str(exc))
def _create_external(authzid=None): tls_impl = bonsai.get_tls_impl_name() if tls_impl == "GnuTLS" or tls_impl == "OpenSSL": cfg = get_config() curdir = os.path.abspath(os.path.dirname(__file__)) cert_path = os.path.join(curdir, "testenv", "certs") host = "ldap://%s" % cfg["SERVER"]["hostname"] cli = LDAPClient(host, tls=True) cli.set_ca_cert(cert_path + "/cacert.pem") cli.set_client_cert(cert_path + "/client.pem") cli.set_client_key(cert_path + "/client.key") cli.set_credentials("EXTERNAL", authz_id=authzid) return cli.connect() else: pytest.skip("")
def test_tls_timeout(self): """ Test TLS connection timeout. """ if not self.has_tls: self.skipTest("TLS is not set.") import multiprocessing client = LDAPClient(self.url, True) client.set_cert_policy("ALLOW") client.set_ca_cert(None) client.set_ca_cert_dir(None) proxy = rpc.ServerProxy("http://%s:%d/" % (self.ipaddr, 8000)) proxy.set_delay(9.0, 15) time.sleep(2.0) pool = multiprocessing.Pool(processes=1) try: result = pool.apply_async(receive_timeout_error, args=(client, )) result.get(timeout=18.0) except Exception as exc: self.assertIsInstance(exc, bonsai.TimeoutError) else: self.fail("Failed to receive TimeoutError.") finally: pool.terminate() proxy.remove_delay()