diff options
author | Michal Reznik <mreznik@redhat.com> | 2017-12-06 11:49:09 +0100 |
---|---|---|
committer | Christian Heimes <cheimes@redhat.com> | 2018-01-09 10:17:01 +0100 |
commit | efe21a1bda22fcfc1ad786fadf781bdcf6eb3b21 (patch) | |
tree | 75d19e85faaa9ee3b09f782146dc3b19b3f610b9 | |
parent | 0cef5107639beb00a65e02a7ae8e52612cfdb6f4 (diff) | |
download | freeipa-efe21a1bda22fcfc1ad786fadf781bdcf6eb3b21.tar.gz freeipa-efe21a1bda22fcfc1ad786fadf781bdcf6eb3b21.tar.xz freeipa-efe21a1bda22fcfc1ad786fadf781bdcf6eb3b21.zip |
test_tasks: add sign_ca_and_transport() function
Add sign_ca_and_transport() function which will sign provided csr
and transport root CA and signed IPA CA to the host.
https://pagure.io/freeipa/issue/7302
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
-rw-r--r-- | ipatests/pytest_plugins/integration/tasks.py | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/ipatests/pytest_plugins/integration/tasks.py b/ipatests/pytest_plugins/integration/tasks.py index a6fdca39e..07c8ac582 100644 --- a/ipatests/pytest_plugins/integration/tasks.py +++ b/ipatests/pytest_plugins/integration/tasks.py @@ -42,6 +42,7 @@ from ipalib.util import get_reverse_zone_default, verify_host_resolvable from ipalib.constants import ( DEFAULT_CONFIG, DOMAIN_SUFFIX_NAME, DOMAIN_LEVEL_0) +from .create_external_ca import ExternalCA from .env_config import env_to_script from .host import Host @@ -1382,3 +1383,30 @@ def add_dns_zone(master, zone, skip_overlap_check=False, host.hostname + ".", '--a-rec', host.ip]) else: logger.debug('Zone %s already added.', zone) + + +def sign_ca_and_transport(host, csr_name, root_ca_name, ipa_ca_name): + """ + Sign ipa csr and save signed CA together with root CA back to the host. + Returns root CA and IPA CA paths on the host. + """ + + test_dir = host.config.test_dir + + # Get IPA CSR as bytes + ipa_csr = host.get_file_contents(csr_name) + + external_ca = ExternalCA() + # Create root CA + root_ca = external_ca.create_ca() + # Sign CSR + ipa_ca = external_ca.sign_csr(ipa_csr) + + root_ca_fname = os.path.join(test_dir, root_ca_name) + ipa_ca_fname = os.path.join(test_dir, ipa_ca_name) + + # Transport certificates (string > file) to master + host.put_file_contents(root_ca_fname, root_ca) + host.put_file_contents(ipa_ca_fname, ipa_ca) + + return (root_ca_fname, ipa_ca_fname) |