diff options
author | Lenka Doudova <ldoudova@redhat.com> | 2016-08-25 07:22:16 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-08-31 14:29:00 +0200 |
commit | 36979ad0b6c021e6f8ec83606e9c9adcd6bb8053 (patch) | |
tree | 982c4200a930a4d0cdf7e2560f0a567ca1548a40 /ipatests/test_xmlrpc | |
parent | b942b00ac7bca7e2864c7dc513d25983556916ff (diff) | |
download | freeipa-36979ad0b6c021e6f8ec83606e9c9adcd6bb8053.tar.gz freeipa-36979ad0b6c021e6f8ec83606e9c9adcd6bb8053.tar.xz freeipa-36979ad0b6c021e6f8ec83606e9c9adcd6bb8053.zip |
Tests: Random issuer certificate can be added to a service
Changing negative test case that verified that a certificate with different
than expected issuer cannot be added to a service to a positive one that
verifies that this operation now proceeds successfully. Corresponds to changes
made in scope of https://fedorahosted.org/freeipa/ticket/4559 implementation.
https://fedorahosted.org/freeipa/ticket/6258
Reviewed-By: Ganna Kaihorodova <gkaihoro@redhat.com>
Diffstat (limited to 'ipatests/test_xmlrpc')
-rw-r--r-- | ipatests/test_xmlrpc/test_service_plugin.py | 40 |
1 files changed, 33 insertions, 7 deletions
diff --git a/ipatests/test_xmlrpc/test_service_plugin.py b/ipatests/test_xmlrpc/test_service_plugin.py index 0e8c8ea30..fb2c4e77f 100644 --- a/ipatests/test_xmlrpc/test_service_plugin.py +++ b/ipatests/test_xmlrpc/test_service_plugin.py @@ -52,7 +52,20 @@ role1_dn = DN(('cn', role1), api.env.container_rolegroup, api.env.basedn) servercert= get_testcert(DN(('CN', api.env.host), x509.subject_base()), 'unittest/%s@%s' % (api.env.host, api.env.realm)) -badservercert = 'MIICbzCCAdigAwIBAgICA/4wDQYJKoZIhvcNAQEFBQAwKTEnMCUGA1UEAxMeSVBBIFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEwMDgwOTE1MDIyN1oXDTIwMDgwOTE1MDIyN1owKTEMMAoGA1UEChMDSVBBMRkwFwYDVQQDExBwdW1hLmdyZXlvYWsuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYbfEOQPgGenPn9vt1JFKvWm/Je3y2tawGWA3LXDuqfFJyYtZ8ib3TcBUOnLk9WK5g2qCwHaNlei7bj8ggIfr5hegAVe10cun+wYErjnYo7hsHYd+57VZezeipWrXu+7NoNd4+c4A5lk4A/xJay9j3bYx2oOM8BEox4xWYoWge1ljPrc5JK46f0X7AGW4F2VhnKPnf8rwSuzI1U8VGjutyM9TWNy3m9KMWeScjyG/ggIpOjUDMV7HkJL0Di61lznR9jXubpiEC7gWGbTp84eGl/Nn9bgK1AwHfJ2lHwfoY4uiL7ge1gyP6EvuUlHoBzdb7pekiX28iePjW3iEG9IawIDAQABoyIwIDARBglghkgBhvhCAQEEBAMCBkAwCwYDVR0PBAQDAgUgMA0GCSqGSIb3DQEBBQUAA4GBACRESLemRV9BPxfEgbALuxH5oE8jQm8WZ3pm2pALbpDlAd9wQc3yVf6RtkfVthyDnM18bg7IhxKpd77/p3H8eCnS8w5MLVRda6ktUC6tGhFTS4QKAf0WyDGTcIgkXbeDw0OPAoNHivoXbIXIIRxlw/XgaSaMzJQDBG8iROsN4kCv' +randomissuercert = ( + "MIICbzCCAdigAwIBAgICA/4wDQYJKoZIhvcNAQEFBQAwKTEnMCUGA1UEAxMeSVBBIFRlc3Q" + "gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEwMDgwOTE1MDIyN1oXDTIwMDgwOTE1MDIyN1" + "owKTEMMAoGA1UEChMDSVBBMRkwFwYDVQQDExBwdW1hLmdyZXlvYWsuY29tMIIBIjANBgkqh" + "kiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYbfEOQPgGenPn9vt1JFKvWm/Je3y2tawGWA3LXD" + "uqfFJyYtZ8ib3TcBUOnLk9WK5g2qCwHaNlei7bj8ggIfr5hegAVe10cun+wYErjnYo7hsHY" + "d+57VZezeipWrXu+7NoNd4+c4A5lk4A/xJay9j3bYx2oOM8BEox4xWYoWge1ljPrc5JK46f" + "0X7AGW4F2VhnKPnf8rwSuzI1U8VGjutyM9TWNy3m9KMWeScjyG/ggIpOjUDMV7HkJL0Di61" + "lznR9jXubpiEC7gWGbTp84eGl/Nn9bgK1AwHfJ2lHwfoY4uiL7ge1gyP6EvuUlHoBzdb7pe" + "kiX28iePjW3iEG9IawIDAQABoyIwIDARBglghkgBhvhCAQEEBAMCBkAwCwYDVR0PBAQDAgU" + "gMA0GCSqGSIb3DQEBBQUAA4GBACRESLemRV9BPxfEgbALuxH5oE8jQm8WZ3pm2pALbpDlAd" + "9wQc3yVf6RtkfVthyDnM18bg7IhxKpd77/p3H8eCnS8w5MLVRda6ktUC6tGhFTS4QKAf0Wy" + "DGTcIgkXbeDw0OPAoNHivoXbIXIIRxlw/XgaSaMzJQDBG8iROsN4kCv") +randomissuer = DN(('CN', 'puma.greyoak.com'), 'O=IPA') user1 = u'tuser1' user2 = u'tuser2' @@ -424,18 +437,31 @@ class test_service(Declarative): dict( - desc='Update %r with a bad certificate' % service1, + desc='Update %r with a random issuer certificate' % service1, command=( 'service_mod', [service1], - dict(usercertificate=base64.b64decode(badservercert)) + dict(usercertificate=base64.b64decode(randomissuercert))), + expected=dict( + value=service1, + summary=u'Modified service "%s"' % service1, + result=dict( + usercertificate=[base64.b64decode(randomissuercert)], + krbprincipalname=[service1], + krbcanonicalname=[service1], + managedby_host=[fqdn1], + valid_not_before=fuzzy_date, + valid_not_after=fuzzy_date, + subject=randomissuer, + serial_number=fuzzy_digits, + serial_number_hex=fuzzy_hex, + md5_fingerprint=fuzzy_hash, + sha1_fingerprint=fuzzy_hash, + issuer=fuzzy_issuer, ), - expected=errors.CertificateOperationError( - error=u'Issuer "CN=IPA Test Certificate Authority" does not ' + - u'match the expected issuer'), + ), ), - dict( desc='Update %r' % service1, command=('service_mod', [service1], dict(usercertificate=servercert)), |