Merge pull request #47957 from garethgreenaway/47236_ensure_passphrase_is_a_string

[2018.8] Ensure x509 passphrase is a string
2024-11-07 08:58:59 +00:00 · 2018-06-05 09:27:33 -04:00 · 2018-06-05 09:27:33 -04:00 · 84100570f7
commit 84100570f7
parent c355da9e0d 99bad3cca6
2 changed files with 11 additions and 1 deletions
--- a/salt/modules/x509.py
+++ b/salt/modules/x509.py
@ -376,7 +376,7 @@ def _passphrase_callback(passphrase):
    Returns a callback function used to supply a passphrase for private keys
    '''
    def f(*args):
-        return passphrase
+        return salt.utils.stringutils.to_str(passphrase)
    return f


--- a/tests/unit/modules/test_x509.py
+++ b/tests/unit/modules/test_x509.py
@ -164,3 +164,13 @@ c9bcgp7D7xD+TxWWNj4CSXEccJgGr91StV+gFg4ARQ==
                                      days_valid=3650,
                                      days_remaining=0)
        self.assertIn(b'BEGIN CERTIFICATE', ret)
+
+    @skipIf(not HAS_M2CRYPTO, 'Skipping, M2Crypt is unavailble')
+    def test_create_key(self):
+        '''
+        Test that x509.create_key returns a private key
+        :return:
+        '''
+        ret = x509.create_private_key(text=True,
+                                      passphrase='super_secret_passphrase')
+        self.assertIn(b'BEGIN RSA PRIVATE KEY', ret)