URL: https://github.com/freeipa/freeipa/pull/1290 Author: Rezney Title: #1290: [Backport][ipa-4-6] test_caless: fix fix http.p12 is not valid and provide domain_level for replica tests Action: opened
PR body: """ This PR was opened automatically because PR #1266 was pushed to master and backport to ipa-4-6 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1290/head:pr1290 git checkout pr1290
From 4ac84bdbaaa0fa99fcd1561c3ba6cf545289c3b2 Mon Sep 17 00:00:00 2001 From: Michal Reznik <mrez...@redhat.com> Date: Thu, 9 Nov 2017 18:22:17 +0100 Subject: [PATCH 1/2] test_caless: fix TypeError on domain_level compare Fixes an error where we were getting domain_level None and after switching to Py3 we hit TypeError because of comparing None and int. https://pagure.io/freeipa/issue/7254 --- ipatests/test_integration/test_caless.py | 1 + 1 file changed, 1 insertion(+) diff --git a/ipatests/test_integration/test_caless.py b/ipatests/test_integration/test_caless.py index ae9b193686..d00322ec49 100644 --- a/ipatests/test_integration/test_caless.py +++ b/ipatests/test_integration/test_caless.py @@ -799,6 +799,7 @@ def install(cls, mh): cls.prepare_cacert('ca1') result = cls.install_server() assert result.returncode == 0 + cls.domain_level = tasks.domainlevel(cls.master) @replica_install_teardown def test_no_certs(self): From 997a9d96d9b833d8818192c097579878266fe480 Mon Sep 17 00:00:00 2001 From: Michal Reznik <mrez...@redhat.com> Date: Thu, 9 Nov 2017 19:59:34 +0100 Subject: [PATCH 2/2] test_caless: fix http.p12 is not valid In "test_invalid_ds_cn" test case an old invalid http.p12 cert is used as a leftover after previous "test_invalid_http_cn" test. Get new valid http.p12 cert using create_pkcs12(). Also use server-badname cert instead of cert for replica. This explicitly ensures a non-matching hostname/SAN rather than implicitly by using a certificate for the replica. https://pagure.io/freeipa/issue/7254 --- ipatests/test_integration/test_caless.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ipatests/test_integration/test_caless.py b/ipatests/test_integration/test_caless.py index d00322ec49..76f40292fd 100644 --- a/ipatests/test_integration/test_caless.py +++ b/ipatests/test_integration/test_caless.py @@ -526,7 +526,8 @@ def test_invalid_http_cn(self): def test_invalid_ds_cn(self): "IPA server install with DS certificate with invalid CN" - self.create_pkcs12('ca1/replica', filename='dirsrv.p12') + self.create_pkcs12('ca1/server', filename='http.p12') + self.create_pkcs12('ca1/server-badname', filename='dirsrv.p12') self.prepare_cacert('ca1') result = self.install_server(http_pkcs12='http.p12',
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org