diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2015-06-09 10:06:53 +0200 |
---|---|---|
committer | Petr Vobornik <pvoborni@redhat.com> | 2015-06-23 10:29:20 +0200 |
commit | 74883bbc959058c8bfafd9f63e8fad0e3792ac28 (patch) | |
tree | 46290812a10cfc369470ff25394af79f146e8ca4 /ipatests/test_xmlrpc/testcert.py | |
parent | acbf0a160dbd866fbdb0464b317d3607d7aab15d (diff) | |
download | freeipa-74883bbc959058c8bfafd9f63e8fad0e3792ac28.tar.gz freeipa-74883bbc959058c8bfafd9f63e8fad0e3792ac28.tar.xz freeipa-74883bbc959058c8bfafd9f63e8fad0e3792ac28.zip |
generalize certificate creation during testing
With added support for multiple certificates for hosts, services, and even
users, IPA testing framework will need a more flexible way to generate
temporary testing certificates for these entities. This patch modifies the
currently used `testcert` module to support these requirements.
Related to work on http://www.freeipa.org/page/V4/User_Certificates
Reviewed-By: Milan KubĂk <mkubik@redhat.com>
Diffstat (limited to 'ipatests/test_xmlrpc/testcert.py')
-rw-r--r-- | ipatests/test_xmlrpc/testcert.py | 25 |
1 files changed, 10 insertions, 15 deletions
diff --git a/ipatests/test_xmlrpc/testcert.py b/ipatests/test_xmlrpc/testcert.py index 77179fc78..4afd38d2c 100644 --- a/ipatests/test_xmlrpc/testcert.py +++ b/ipatests/test_xmlrpc/testcert.py @@ -34,18 +34,15 @@ from ipapython import ipautil from ipaplatform.paths import paths from ipapython.dn import DN -_testcert = None - -def get_testcert(): +def get_testcert(subject, principal): """Get the certificate, creating it if it doesn't exist""" - global _testcert - if _testcert is None: - reqdir = tempfile.mkdtemp(prefix="tmp-") - try: - _testcert = makecert(reqdir) - finally: - shutil.rmtree(reqdir) + reqdir = tempfile.mkdtemp(prefix="tmp-") + try: + _testcert = makecert(reqdir, subject, + principal) + finally: + shutil.rmtree(reqdir) return x509.strip_header(_testcert) @@ -72,9 +69,9 @@ def generate_csr(reqdir, pwname, subject): return fp.read() -def makecert(reqdir): +def makecert(reqdir, subject, principal): """ - Generate a service certificate that can be used during unit testing. + Generate a certificate that can be used during unit testing. """ ra = rabase.rabase() @@ -96,9 +93,7 @@ def makecert(reqdir): subject_base = res['result']['ipacertificatesubjectbase'][0] cert = None - subject = DN(('CN', api.env.host), subject_base) - princ = 'unittest/%s@%s' % (api.env.host, api.env.realm) csr = unicode(generate_csr(reqdir, pwname, str(subject))) - res = api.Command['cert_request'](csr, principal=princ, add=True) + res = api.Command['cert_request'](csr, principal=principal, add=True) return x509.make_pem(res['result']['certificate']) |