From d2a9ccf407709aa7a2a2378f758fb4db40181684 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 8 Oct 2010 13:15:03 -0400 Subject: Accept an incoming certificate as either DER or base64 in the service plugin. The plugin required a base64-encoded certificate and always decoded it before processing. This doesn't work with the UI because the json module decodes binary values already. Try to detect if the incoming value is base64-encoded and decode if necessary. Finally, try to pull the cert apart to validate it. This will tell us for sure that the data is a certificate, regardless of the format it came in as. ticket 348 --- tests/test_xmlrpc/test_service_plugin.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'tests/test_xmlrpc/test_service_plugin.py') diff --git a/tests/test_xmlrpc/test_service_plugin.py b/tests/test_xmlrpc/test_service_plugin.py index 18eecd7ff..441cdb290 100644 --- a/tests/test_xmlrpc/test_service_plugin.py +++ b/tests/test_xmlrpc/test_service_plugin.py @@ -24,6 +24,7 @@ Test the `ipalib/plugins/service.py` module. from ipalib import api, errors from tests.test_xmlrpc.xmlrpc_test import Declarative, fuzzy_uuid from tests.test_xmlrpc import objectclasses +import base64 fqdn1 = u'testhost1.%s' % api.env.domain @@ -34,6 +35,8 @@ service1dn = u'krbprincipalname=%s,cn=services,cn=accounts,%s' % (service1.lower host1dn = u'fqdn=%s,cn=computers,cn=accounts,%s' % (fqdn1, api.env.basedn) host2dn = u'fqdn=%s,cn=computers,cn=accounts,%s' % (fqdn2, api.env.basedn) +servercert = 'MIICbzCCAdigAwIBAgICA/4wDQYJKoZIhvcNAQEFBQAwKTEnMCUGA1UEAxMeSVBBIFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEwMDgwOTE1MDIyN1oXDTIwMDgwOTE1MDIyN1owKTEMMAoGA1UEChMDSVBBMRkwFwYDVQQDExBwdW1hLmdyZXlvYWsuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYbfEOQPgGenPn9vt1JFKvWm/Je3y2tawGWA3LXDuqfFJyYtZ8ib3TcBUOnLk9WK5g2qCwHaNlei7bj8ggIfr5hegAVe10cun+wYErjnYo7hsHYd+57VZezeipWrXu+7NoNd4+c4A5lk4A/xJay9j3bYx2oOM8BEox4xWYoWge1ljPrc5JK46f0X7AGW4F2VhnKPnf8rwSuzI1U8VGjutyM9TWNy3m9KMWeScjyG/ggIpOjUDMV7HkJL0Di61lznR9jXubpiEC7gWGbTp84eGl/Nn9bgK1AwHfJ2lHwfoY4uiL7ge1gyP6EvuUlHoBzdb7pekiX28iePjW3iEG9IawIDAQABoyIwIDARBglghkgBhvhCAQEEBAMCBkAwCwYDVR0PBAQDAgUgMA0GCSqGSIb3DQEBBQUAA4GBACRESLemRV9BPxfEgbALuxH5oE8jQm8WZ3pm2pALbpDlAd9wQc3yVf6RtkfVthyDnM18bg7IhxKpd77/p3H8eCnS8w5MLVRda6ktUC6tGhFTS4QKAf0WyDGTcIgkXbeDw0OPAoNHivoXbIXIIRxlw/XgaSaMzJQDBG8iROsN4kCv' + class test_host(Declarative): @@ -53,7 +56,7 @@ class test_host(Declarative): dict( desc='Try to update non-existent %r' % service1, - command=('service_mod', [service1], dict(usercertificate='Nope')), + command=('service_mod', [service1], dict(usercertificate=servercert)), expected=errors.NotFound(reason='no such entry'), ), @@ -223,12 +226,12 @@ class test_host(Declarative): dict( desc='Update %r' % service1, - command=('service_mod', [service1], dict(usercertificate='aGVsbG8=')), + command=('service_mod', [service1], dict(usercertificate=servercert)), expected=dict( value=service1, summary=u'Modified service "%s"' % service1, result=dict( - usercertificate=['hello'], + usercertificate=[base64.b64decode(servercert)], krbprincipalname=[service1], managedby_host=[fqdn1], ), @@ -244,7 +247,7 @@ class test_host(Declarative): summary=None, result=dict( dn=service1dn, - usercertificate=['hello'], + usercertificate=[base64.b64decode(servercert)], krbprincipalname=[service1], has_keytab=False, managedby_host=[fqdn1], @@ -273,7 +276,7 @@ class test_host(Declarative): dict( desc='Try to update non-existent %r' % service1, - command=('service_mod', [service1], dict(usercertificate='Nope')), + command=('service_mod', [service1], dict(usercertificate=servercert)), expected=errors.NotFound(reason='no such entry'), ), -- cgit