def test_two_phase_renewal(fx_authorized_servers, fx_master_key):
remote_set = {
Remote('user', '127.0.0.1', port)
for port in fx_authorized_servers
}
old_key = fx_master_key
new_key = RSAKey.generate(1024)
for t, path, ev in fx_authorized_servers.values():
assert authorized_key_set(path) == {old_key}
with TwoPhaseRenewal(remote_set, old_key, new_key):
for t, path, ev in fx_authorized_servers.values():
assert authorized_key_set(path) == {old_key, new_key}
for t, path, ev in fx_authorized_servers.values():
assert authorized_key_set(path) == {new_key}
def test_two_phase_renewal_stop(fx_authorized_servers, fx_master_key):
remote_set = {
Remote('user', '127.0.0.1', port)
for port in fx_authorized_servers
}
old_key = fx_master_key
new_key = RSAKey.generate(1024)
for t, path, ev in fx_authorized_servers.values():
assert authorized_key_set(path) == {old_key}
SomeException = type('SomeException', (Exception, ), {})
with raises(SomeException):
with TwoPhaseRenewal(remote_set, old_key, new_key):
for t, path, ev in fx_authorized_servers.values():
assert authorized_key_set(path) == {old_key, new_key}
raise SomeException('something went wrong')
for t, path, ev in fx_authorized_servers.values():
assert old_key in authorized_key_set(path)