IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Create a Certificate parameter

Browse Source 
Up until now, Bytes parameter was used for certificate parameters
throughout the framework. However, the Bytes parameter does nothing
special for certificates, like validation, so this had to be done
for each of the parameters which were supposed to represent a
certificate.

This commit introduces a special Certificate parameter which takes
care of certificate validation so this does not have to be done
separately. It also makes sure that the certificates represented by
this parameter are always converted to DER format so that we can work
with them in a unified manner throughout the framework.

This commit also makes it possible to pass bytes directly during
instantiation of the Certificate parameter and they are still
represented correctly after their conversion in the _convert_scalar()
method.

https://pagure.io/freeipa/issue/4985

Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
This commit is contained in:
Stanislav Laznicka
2017-07-03 17:10:34 +02:00
committed by Pavel Vomacka
parent 5ff1de8490
commit 5a44ca6383
19 changed files with 178 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
ipatests/test_ipaserver/test_ldap.py
View File

@@ -35,7 +35,7 @@ import six
from ipaplatform.paths import paths
from ipaserver.plugins.ldap2 import ldap2, AUTOBIND_DISABLED
from ipalib import api, x509, create_api, errors
from ipalib import api, create_api, errors
from ipapython import ipautil
from ipapython.dn import DN
@@ -77,8 +77,7 @@ class test_ldap(object):
self.conn = ldap2(api)
self.conn.connect(autobind=AUTOBIND_DISABLED)
entry_attrs = self.conn.get_entry(self.dn, ['usercertificate'])
cert = entry_attrs.get('usercertificate')
cert = x509.load_der_x509_certificate(cert[0])
cert = entry_attrs.get('usercertificate')[0]
assert cert.serial_number is not None
def test_simple(self):
@@ -94,8 +93,7 @@ class test_ldap(object):
self.conn = ldap2(api)
self.conn.connect(bind_dn=DN(('cn', 'directory manager')), bind_pw=dm_password)
entry_attrs = self.conn.get_entry(self.dn, ['usercertificate'])
cert = entry_attrs.get('usercertificate')
cert = x509.load_der_x509_certificate(cert[0])
cert = entry_attrs.get('usercertificate')[0]
assert cert.serial_number is not None
def test_Backend(self):
@@ -120,8 +118,7 @@ class test_ldap(object):
result = myapi.Command['service_show']('ldap/%s@%s' % (api.env.host, api.env.realm,))
entry_attrs = result['result']
cert = entry_attrs.get('usercertificate')
cert = x509.load_der_x509_certificate(cert[0])
cert = entry_attrs.get('usercertificate')[0]
assert cert.serial_number is not None
def test_autobind(self):
@@ -134,8 +131,7 @@ class test_ldap(object):
except errors.ACIError:
raise nose.SkipTest("Only executed as root")
entry_attrs = self.conn.get_entry(self.dn, ['usercertificate'])
cert = entry_attrs.get('usercertificate')
cert = x509.load_der_x509_certificate(cert[0])
cert = entry_attrs.get('usercertificate')[0]
assert cert.serial_number is not None