2016-03-24 17:09:53 +00:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
'''
|
|
|
|
Validate the mac-keychain module
|
|
|
|
'''
|
|
|
|
|
|
|
|
# Import Python Libs
|
2016-03-25 21:15:34 +00:00
|
|
|
from __future__ import absolute_import
|
2016-03-24 17:09:53 +00:00
|
|
|
import os
|
|
|
|
|
|
|
|
# Import Salt Testing Libs
|
2017-04-03 16:04:09 +00:00
|
|
|
from tests.support.case import ModuleCase
|
2017-02-27 13:58:07 +00:00
|
|
|
from tests.support.unit import skipIf
|
2017-04-03 16:04:09 +00:00
|
|
|
from tests.support.paths import FILES
|
2017-03-29 18:15:15 +00:00
|
|
|
from tests.support.helpers import destructiveTest
|
2016-03-24 17:09:53 +00:00
|
|
|
|
|
|
|
# Import Salt Libs
|
|
|
|
from salt.exceptions import CommandExecutionError
|
|
|
|
|
2016-03-25 21:15:34 +00:00
|
|
|
CERT = os.path.join(
|
2017-04-03 16:04:09 +00:00
|
|
|
FILES,
|
2016-03-25 21:15:34 +00:00
|
|
|
'file',
|
|
|
|
'base',
|
|
|
|
'certs',
|
|
|
|
'salttest.p12'
|
|
|
|
)
|
2016-03-24 17:09:53 +00:00
|
|
|
CERT_ALIAS = 'Salt Test'
|
|
|
|
PASSWD = 'salttest'
|
|
|
|
|
|
|
|
|
2016-03-25 21:15:34 +00:00
|
|
|
@destructiveTest
|
|
|
|
@skipIf(os.geteuid() != 0, 'You must be logged in as root to run this test')
|
2017-04-03 16:04:09 +00:00
|
|
|
class MacKeychainModuleTest(ModuleCase):
|
2016-03-24 17:09:53 +00:00
|
|
|
'''
|
|
|
|
Integration tests for the mac_keychain module
|
|
|
|
'''
|
|
|
|
def setUp(self):
|
|
|
|
'''
|
|
|
|
Sets up the test requirements
|
|
|
|
'''
|
|
|
|
os_grain = self.run_function('grains.item', ['kernel'])
|
|
|
|
# Must be running on a mac
|
|
|
|
if os_grain['kernel'] not in 'Darwin':
|
|
|
|
self.skipTest(
|
|
|
|
'Test not applicable to \'{kernel}\' kernel'.format(
|
|
|
|
**os_grain
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
2016-03-25 21:15:34 +00:00
|
|
|
def tearDown(self):
|
|
|
|
'''
|
|
|
|
Clean up after tests
|
|
|
|
'''
|
|
|
|
# Remove the salttest cert, if left over.
|
|
|
|
certs_list = self.run_function('keychain.list_certs')
|
|
|
|
if CERT_ALIAS in certs_list:
|
|
|
|
self.run_function('keychain.uninstall', [CERT_ALIAS])
|
2016-03-24 17:09:53 +00:00
|
|
|
|
2017-03-29 18:15:15 +00:00
|
|
|
def test_mac_keychain_install(self):
|
2016-03-24 17:09:53 +00:00
|
|
|
'''
|
|
|
|
Tests that attempts to install a certificate
|
|
|
|
'''
|
2016-03-25 21:15:34 +00:00
|
|
|
install_cert = self.run_function('keychain.install', [CERT, PASSWD])
|
2016-03-24 17:09:53 +00:00
|
|
|
self.assertTrue(install_cert)
|
|
|
|
|
2016-03-25 21:15:34 +00:00
|
|
|
# check to ensure the cert was installed
|
2016-03-24 17:09:53 +00:00
|
|
|
certs_list = self.run_function('keychain.list_certs')
|
|
|
|
self.assertIn(CERT_ALIAS, certs_list)
|
|
|
|
|
2017-03-29 18:15:15 +00:00
|
|
|
def test_mac_keychain_uninstall(self):
|
2016-03-24 17:09:53 +00:00
|
|
|
'''
|
|
|
|
Tests that attempts to uninstall a certificate
|
|
|
|
'''
|
2016-03-25 21:15:34 +00:00
|
|
|
self.run_function('keychain.install', [CERT, PASSWD])
|
2016-03-24 17:09:53 +00:00
|
|
|
certs_list = self.run_function('keychain.list_certs')
|
|
|
|
|
|
|
|
if CERT_ALIAS not in certs_list:
|
|
|
|
self.run_function('keychain.uninstall', [CERT_ALIAS])
|
|
|
|
self.skipTest('Failed to install keychain')
|
|
|
|
|
2016-03-25 21:15:34 +00:00
|
|
|
# uninstall cert
|
|
|
|
self.run_function('keychain.uninstall', [CERT_ALIAS])
|
2016-03-24 17:09:53 +00:00
|
|
|
certs_list = self.run_function('keychain.list_certs')
|
|
|
|
|
2016-03-25 21:15:34 +00:00
|
|
|
# check to ensure the cert was uninstalled
|
2016-03-24 17:09:53 +00:00
|
|
|
try:
|
|
|
|
self.assertNotIn(CERT_ALIAS, str(certs_list))
|
|
|
|
except CommandExecutionError:
|
|
|
|
self.run_function('keychain.uninstall', [CERT_ALIAS])
|
|
|
|
|
2017-03-29 18:15:15 +00:00
|
|
|
def test_mac_keychain_get_friendly_name(self):
|
2016-03-24 17:09:53 +00:00
|
|
|
'''
|
|
|
|
Test that attempts to get friendly name of a cert
|
|
|
|
'''
|
2016-03-25 21:15:34 +00:00
|
|
|
self.run_function('keychain.install', [CERT, PASSWD])
|
2016-03-24 17:09:53 +00:00
|
|
|
certs_list = self.run_function('keychain.list_certs')
|
|
|
|
if CERT_ALIAS not in certs_list:
|
|
|
|
self.run_function('keychain.uninstall', [CERT_ALIAS])
|
|
|
|
self.skipTest('Failed to install keychain')
|
|
|
|
|
2016-03-25 21:15:34 +00:00
|
|
|
get_name = self.run_function('keychain.get_friendly_name', [CERT, PASSWD])
|
2016-03-24 17:09:53 +00:00
|
|
|
self.assertEqual(get_name, CERT_ALIAS)
|
|
|
|
|
2017-03-29 18:15:15 +00:00
|
|
|
def test_mac_keychain_get_default_keychain(self):
|
2016-03-24 17:09:53 +00:00
|
|
|
'''
|
|
|
|
Test that attempts to get the default keychain
|
|
|
|
'''
|
|
|
|
salt_get_keychain = self.run_function('keychain.get_default_keychain')
|
2016-03-25 21:15:34 +00:00
|
|
|
sys_get_keychain = self.run_function('cmd.run',
|
|
|
|
['security default-keychain -d user'])
|
2016-03-24 17:09:53 +00:00
|
|
|
self.assertEqual(salt_get_keychain, sys_get_keychain)
|
|
|
|
|
2017-03-29 18:15:15 +00:00
|
|
|
def test_mac_keychain_list_certs(self):
|
2016-03-25 21:15:34 +00:00
|
|
|
'''
|
|
|
|
Test that attempts to list certs
|
|
|
|
'''
|
|
|
|
cert_default = 'com.apple.systemdefault'
|
|
|
|
certs = self.run_function('keychain.list_certs')
|
|
|
|
self.assertIn(cert_default, certs)
|