nee2c
/
salt
réplica de https://github.com/nee2c/salt.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399
							# -*- coding: utf-8 -*-
"""
Test cases for keystore state
"""
# Import Python libs
from __future__ import absolute_import, print_function, unicode_literals

# Import Salt Libs
import salt.states.keystore as keystore

# Import Salt Testing Libs
from tests.support.mixins import LoaderModuleMockMixin
from tests.support.mock import MagicMock, patch
from tests.support.unit import TestCase


class KeystoreTestCase(TestCase, LoaderModuleMockMixin):
    """
    Test cases for salt.states.keystore
    """

    def setup_loader_modules(self):
        return {keystore: {"__opts__": {"test": False}}}

    @patch("os.path.exists", MagicMock(return_value=True))
    def test_cert_already_present(self):
        """
        Test for existing value_present
        """

        cert_return = [
            {
                "valid_until": "August 21 2017",
                "sha1": "07:1C:B9:4F:0C:C8:51:4D:02:41:24:70:8E:E8:B2:68:7B:D7:D9:D5",
                "valid_start": "August 22 2012",
                "type": "TrustedCertEntry",
                "alias": "stringhost",
                "expired": True,
            }
        ]
        x509_return = {
            "Not After": "2017-08-21 05:26:54",
            "Subject Hash": "97:95:14:4F",
            "Serial Number": "0D:FA",
            "SHA1 Finger Print": "07:1C:B9:4F:0C:C8:51:4D:02:41:24:70:8E:E8:B2:68:7B:D7:D9:D5",
            "SHA-256 Finger Print": "5F:0F:B5:16:65:81:AA:E6:4A:10:1C:15:83:B1:BE:BE:74:E8:14:A9:1E:7A:8A:14:BA:1E:83:5D:78:F6:E9:E7",
            "MD5 Finger Print": "80:E6:17:AF:78:D8:E4:B8:FB:5F:41:3A:27:1D:CC:F2",
            "Version": 1,
            "Key Size": 512,
            "Public Key": "-----BEGIN PUBLIC KEY-----\nMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waK\ne7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQ==\n-----END PUBLIC KEY-----\n",
            "Issuer": {
                "C": "JP",
                "organizationName": "Frank4DD",
                "CN": "Frank4DD Web CA",
                "SP": "Tokyo",
                "L": "Chuo-ku",
                "emailAddress": "support@frank4dd.com",
                "OU": "WebCert Support",
            },
            "Issuer Hash": "92:DA:45:6B",
            "Not Before": "2012-08-22 05:26:54",
            "Subject": {
                "C": "JP",
                "SP": "Tokyo",
                "organizationName": "Frank4DD",
                "CN": "www.example.com",
            },
        }

        name = "keystore.jks"
        passphrase = "changeit"
        entries = [
            {
                "alias": "stringhost",
                "certificate": """-----BEGIN CERTIFICATE-----
                   MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG
                   A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE
                   MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl
                   YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw
                   ODIyMDUyNjU0WhcNMTcwODIxMDUyNjU0WjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE
                   CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs
                   ZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl
                   8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwID
                   AQABMA0GCSqGSIb3DQEBBQUAA4GBABS2TLuBeTPmcaTaUW/LCB2NYOy8GMdzR1mx
                   8iBIu2H6/E2tiY3RIevV2OW61qY2/XRQg7YPxx3ffeUugX9F4J/iPnnu1zAxxyBy
                   2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0
                   Hn+GmxZA\n-----END CERTIFICATE-----""",
            }
        ]

        state_return = {
            "name": name,
            "changes": {},
            "result": True,
            "comment": "No changes made.\n",
        }

        # with patch.dict(keystore.__opts__, {'test': False}):
        with patch.dict(
            keystore.__salt__, {"keystore.list": MagicMock(return_value=cert_return)}
        ):
            with patch.dict(
                keystore.__salt__,
                {"x509.read_certificate": MagicMock(return_value=x509_return)},
            ):
                self.assertDictEqual(
                    keystore.managed(name, passphrase, entries), state_return
                )

        with patch.dict(keystore.__opts__, {"test": True}):
            with patch.dict(
                keystore.__salt__,
                {"keystore.list": MagicMock(return_value=cert_return)},
            ):
                with patch.dict(
                    keystore.__salt__,
                    {"x509.read_certificate": MagicMock(return_value=x509_return)},
                ):
                    self.assertDictEqual(
                        keystore.managed(name, passphrase, entries), state_return
                    )

    @patch("os.path.exists", MagicMock(return_value=True))
    def test_cert_update(self):
        """
        Test for existing value_present
        """

        cert_return = [
            {
                "valid_until": "August 21 2017",
                "sha1": "07:1C:B9:4F:0C:C8:51:4D:02:41:24:70:8E:E8:B2:68:7B:D7:D9:D5",
                "valid_start": "August 22 2012",
                "type": "TrustedCertEntry",
                "alias": "stringhost",
                "expired": True,
            }
        ]
        x509_return = {
            "Not After": "2017-08-21 05:26:54",
            "Subject Hash": "97:95:14:4F",
            "Serial Number": "0D:FA",
            "SHA1 Finger Print": "07:1C:B9:4F:0C:C8:51:4D:02:41:24:70:8E:E8:B2:68:7B:D7:D9:D6",
            "SHA-256 Finger Print": "5F:0F:B5:16:65:81:AA:E6:4A:10:1C:15:83:B1:BE:BE:74:E8:14:A9:1E:7A:8A:14:BA:1E:83:5D:78:F6:E9:E7",
            "MD5 Finger Print": "80:E6:17:AF:78:D8:E4:B8:FB:5F:41:3A:27:1D:CC:F2",
            "Version": 1,
            "Key Size": 512,
            "Public Key": "-----BEGIN PUBLIC KEY-----\nMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waK\ne7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQ==\n-----END PUBLIC KEY-----\n",
            "Issuer": {
                "C": "JP",
                "organizationName": "Frank4DD",
                "CN": "Frank4DD Web CA",
                "SP": "Tokyo",
                "L": "Chuo-ku",
                "emailAddress": "support@frank4dd.com",
                "OU": "WebCert Support",
            },
            "Issuer Hash": "92:DA:45:6B",
            "Not Before": "2012-08-22 05:26:54",
            "Subject": {
                "C": "JP",
                "SP": "Tokyo",
                "organizationName": "Frank4DD",
                "CN": "www.example.com",
            },
        }

        name = "keystore.jks"
        passphrase = "changeit"
        entries = [
            {
                "alias": "stringhost",
                "certificate": """-----BEGIN CERTIFICATE-----
                   MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG
                   A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE
                   MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl
                   YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw
                   ODIyMDUyNjU0WhcNMTcwODIxMDUyNjU0WjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE
                   CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs
                   ZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl
                   8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwID
                   AQABMA0GCSqGSIb3DQEBBQUAA4GBABS2TLuBeTPmcaTaUW/LCB2NYOy8GMdzR1mx
                   8iBIu2H6/E2tiY3RIevV2OW61qY2/XRQg7YPxx3ffeUugX9F4J/iPnnu1zAxxyBy
                   2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0
                   Hn+GmxZA\n-----END CERTIFICATE-----""",
            }
        ]

        test_return = {
            "name": name,
            "changes": {},
            "result": None,
            "comment": "Alias stringhost would have been updated\n",
        }
        state_return = {
            "name": name,
            "changes": {"stringhost": "Updated"},
            "result": True,
            "comment": "Alias stringhost updated.\n",
        }

        with patch.dict(keystore.__opts__, {"test": True}):
            with patch.dict(
                keystore.__salt__,
                {"keystore.list": MagicMock(return_value=cert_return)},
            ):
                with patch.dict(
                    keystore.__salt__,
                    {"x509.read_certificate": MagicMock(return_value=x509_return)},
                ):
                    self.assertDictEqual(
                        keystore.managed(name, passphrase, entries), test_return
                    )

        with patch.dict(
            keystore.__salt__, {"keystore.list": MagicMock(return_value=cert_return)}
        ):
            with patch.dict(
                keystore.__salt__,
                {"x509.read_certificate": MagicMock(return_value=x509_return)},
            ):
                with patch.dict(
                    keystore.__salt__, {"keystore.remove": MagicMock(return_value=True)}
                ):
                    with patch.dict(
                        keystore.__salt__,
                        {"keystore.add": MagicMock(return_value=True)},
                    ):
                        self.assertDictEqual(
                            keystore.managed(name, passphrase, entries), state_return
                        )

    @patch("os.path.exists", MagicMock(return_value=False))
    def test_new_file(self):
        """
        Test for existing value_present
        """
        name = "keystore.jks"
        passphrase = "changeit"
        entries = [
            {
                "alias": "stringhost",
                "certificate": """-----BEGIN CERTIFICATE-----
                   MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG
                   A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE
                   MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl
                   YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw
                   ODIyMDUyNjU0WhcNMTcwODIxMDUyNjU0WjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE
                   CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs
                   ZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl
                   8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwID
                   AQABMA0GCSqGSIb3DQEBBQUAA4GBABS2TLuBeTPmcaTaUW/LCB2NYOy8GMdzR1mx
                   8iBIu2H6/E2tiY3RIevV2OW61qY2/XRQg7YPxx3ffeUugX9F4J/iPnnu1zAxxyBy
                   2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0
                   Hn+GmxZA\n-----END CERTIFICATE-----""",
            }
        ]

        test_return = {
            "name": name,
            "changes": {},
            "result": None,
            "comment": "Alias stringhost would have been added\n",
        }
        state_return = {
            "name": name,
            "changes": {"stringhost": "Added"},
            "result": True,
            "comment": "Alias stringhost added.\n",
        }

        with patch.dict(keystore.__opts__, {"test": True}):
            self.assertDictEqual(
                keystore.managed(name, passphrase, entries), test_return
            )

        with patch.dict(
            keystore.__salt__, {"keystore.remove": MagicMock(return_value=True)}
        ):
            with patch.dict(
                keystore.__salt__, {"keystore.add": MagicMock(return_value=True)}
            ):
                self.assertDictEqual(
                    keystore.managed(name, passphrase, entries), state_return
                )

    @patch("os.path.exists", MagicMock(return_value=True))
    def test_force_remove(self):
        """
        Test for existing value_present
        """

        cert_return = [
            {
                "valid_until": "August 21 2017",
                "sha1": "07:1C:B9:4F:0C:C8:51:4D:02:41:24:70:8E:E8:B2:68:7B:D7:D9:D5",
                "valid_start": "August 22 2012",
                "type": "TrustedCertEntry",
                "alias": "oldhost",
                "expired": True,
            }
        ]
        x509_return = {
            "Not After": "2017-08-21 05:26:54",
            "Subject Hash": "97:95:14:4F",
            "Serial Number": "0D:FA",
            "SHA1 Finger Print": "07:1C:B9:4F:0C:C8:51:4D:02:41:24:70:8E:E8:B2:68:7B:D7:D9:D6",
            "SHA-256 Finger Print": "5F:0F:B5:16:65:81:AA:E6:4A:10:1C:15:83:B1:BE:BE:74:E8:14:A9:1E:7A:8A:14:BA:1E:83:5D:78:F6:E9:E7",
            "MD5 Finger Print": "80:E6:17:AF:78:D8:E4:B8:FB:5F:41:3A:27:1D:CC:F2",
            "Version": 1,
            "Key Size": 512,
            "Public Key": "-----BEGIN PUBLIC KEY-----\nMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waK\ne7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQ==\n-----END PUBLIC KEY-----\n",
            "Issuer": {
                "C": "JP",
                "organizationName": "Frank4DD",
                "CN": "Frank4DD Web CA",
                "SP": "Tokyo",
                "L": "Chuo-ku",
                "emailAddress": "support@frank4dd.com",
                "OU": "WebCert Support",
            },
            "Issuer Hash": "92:DA:45:6B",
            "Not Before": "2012-08-22 05:26:54",
            "Subject": {
                "C": "JP",
                "SP": "Tokyo",
                "organizationName": "Frank4DD",
                "CN": "www.example.com",
            },
        }

        name = "keystore.jks"
        passphrase = "changeit"
        entries = [
            {
                "alias": "stringhost",
                "certificate": """-----BEGIN CERTIFICATE-----
                   MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG
                   A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE
                   MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl
                   YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw
                   ODIyMDUyNjU0WhcNMTcwODIxMDUyNjU0WjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE
                   CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs
                   ZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl
                   8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwID
                   AQABMA0GCSqGSIb3DQEBBQUAA4GBABS2TLuBeTPmcaTaUW/LCB2NYOy8GMdzR1mx
                   8iBIu2H6/E2tiY3RIevV2OW61qY2/XRQg7YPxx3ffeUugX9F4J/iPnnu1zAxxyBy
                   2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0
                   Hn+GmxZA\n-----END CERTIFICATE-----""",
            }
        ]

        test_return = {
            "name": name,
            "changes": {},
            "result": None,
            "comment": "Alias stringhost would have been updated\nAlias oldhost would have been removed",
        }
        state_return = {
            "name": name,
            "changes": {"oldhost": "Removed", "stringhost": "Updated"},
            "result": True,
            "comment": "Alias stringhost updated.\nAlias oldhost removed.\n",
        }

        with patch.dict(keystore.__opts__, {"test": True}):
            with patch.dict(
                keystore.__salt__,
                {"keystore.list": MagicMock(return_value=cert_return)},
            ):
                with patch.dict(
                    keystore.__salt__,
                    {"x509.read_certificate": MagicMock(return_value=x509_return)},
                ):
                    self.assertDictEqual(
                        keystore.managed(name, passphrase, entries, force_remove=True),
                        test_return,
                    )

        with patch.dict(
            keystore.__salt__, {"keystore.list": MagicMock(return_value=cert_return)}
        ):
            with patch.dict(
                keystore.__salt__,
                {"x509.read_certificate": MagicMock(return_value=x509_return)},
            ):
                with patch.dict(
                    keystore.__salt__, {"keystore.remove": MagicMock(return_value=True)}
                ):
                    with patch.dict(
                        keystore.__salt__,
                        {"keystore.add": MagicMock(return_value=True)},
                    ):
                        self.assertDictEqual(
                            keystore.managed(
                                name, passphrase, entries, force_remove=True
                            ),
                            state_return,
                        )