Test verifying that IPA server is able to install using passwords
composed of all but forbidden characters.
Related to https://fedorahosted.org/freeipa/ticket/2796
--
David Kupka
From e4d1c384288f4b5c5d08f9f3abd9393b3b868c80 Mon Sep 17 00:00:00 2001
From: David Kupka <dku...@redhat.com>
Date: Fri, 18 Jul 2014 10:15:05 +0200
Subject: [PATCH] Test generated passwords composed of all allowed charactes.
Test ipaserver installation with generated passwords composed of all allowed characters.
---
ipatests/test_password/test_password.py | 93 +++++++++++++++++++++++++++++++++
1 file changed, 93 insertions(+)
create mode 100644 ipatests/test_password/test_password.py
diff --git a/ipatests/test_password/test_password.py b/ipatests/test_password/test_password.py
new file mode 100644
index 0000000000000000000000000000000000000000..eae7cb54b3e49dd90928100288c6af7ba8869087
--- /dev/null
+++ b/ipatests/test_password/test_password.py
@@ -0,0 +1,93 @@
+# Authors:
+# David Kupka <dku...@redhat.com>
+#
+# Copyright (C) 2014 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+import random
+import itertools
+from ipatests.test_integration.base import IntegrationTest
+from ipatests.test_integration import tasks
+
+
+class PasswordGenerator(object):
+ """
+ Generate passwords as a permutation of all allowed (ASCII>0x20 \ banned)
+ characters that succeds in validator.
+ """
+ __test__ = False
+
+ def __init__(self, banned='', validator=lambda p: True):
+ self.validator = validator
+ # use ASCII characters starting with ' '
+ # exclude underlying-tool-specific disallowed characters
+ self.allowed = list(set([chr(c) for c in range(0x20, 0x7F)]) - set(banned))
+
+ def __call__(self):
+ pw = self.allowed
+
+ while True:
+ random.shuffle(pw)
+ if self.validator(''.join(pw)):
+ return ''.join(pw)
+
+class TestPassword(IntegrationTest):
+ """
+ Test to install ipa-server using passwords composed from all
+ allowed characters.
+ """
+ __test__ = True
+
+ banned_admin = '\\'
+ banned_dirman = '\\'
+
+ @staticmethod
+ def validator_dirman(pw):
+ if pw.startswith(' ') or pw.endswith(' '):
+ return False
+ else:
+ return True
+
+ def test_password(self):
+ # run 10 tests by default
+ tests = 10
+ # password generator for admin
+ pg_admin = PasswordGenerator(self.banned_admin)
+ # password generator for dirman
+ pg_dirman = PasswordGenerator(self.banned_dirman, self.validator_dirman)
+
+ # backup password
+ pw_old_admin = self.master.config.admin_password
+ pw_old_dirman = self.master.config.dirman_password
+
+ for t in range(0, tests):
+ # generate passwords
+ pw_admin = pg_admin()
+ pw_dirman = pg_dirman()
+ # set tested password
+ self.master.config.admin_password = pw_admin
+ self.master.config.dirman_password = pw_dirman
+
+ try:
+ # install master on configured server
+ tasks.install_master(self.master)
+ except Exception, e:
+ self.log.error('Failed to install ipa with -a=\'%s\', -p=\'%s\': %s' % (pw_admin, pw_dirman, e))
+ # uninstall master
+ tasks.uninstall_master(self.master)
+
+ #restore password
+ self.master.config.admin_password = pw_old_admin
+ self.master.config.dirman_password = pw_old_dirman
--
1.9.3
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel