test_add_stunnel_ca_options.py 2.32 KB
Newer Older
Max Beckett's avatar
Max Beckett committed
1
2
3
4
5
6
7
8
9
10
11
12
13
#
# Copyright 2017-2018 Amazon.com, Inc. and its affiliates. All Rights Reserved.
#
# Licensed under the MIT License. See the LICENSE accompanying this file
# for the specific language governing permissions and limitations under
# the License.
#

import mount_efs
import tempfile

import pytest

14
15
16
17
18
try:
    import ConfigParser
except ImportError:
    from configparser import ConfigParser

Max Beckett's avatar
Max Beckett committed
19
20
21
22
CAPATH = '/capath'
CAFILE = '/cafile.crt'


23
24
25
26
27
28
29
30
31
32
def _get_config():
    try:
        config = ConfigParser.SafeConfigParser()
    except AttributeError:
        config = ConfigParser()
    config.add_section(mount_efs.CONFIG_SECTION)
    return config


def _create_temp_file(tmpdir, content=''):
Max Beckett's avatar
Max Beckett committed
33
34
35
36
37
    temp_file = tmpdir.join(tempfile.mktemp())
    temp_file.write(content, ensure=True)
    return temp_file


Ian Patel's avatar
Ian Patel committed
38
def test_use_existing_cafile(tmpdir):
39
    options = {'cafile': str(_create_temp_file(tmpdir))}
Max Beckett's avatar
Max Beckett committed
40
41
    efs_config = {}

42
    mount_efs.add_stunnel_ca_options(efs_config, _get_config(), options)
Max Beckett's avatar
Max Beckett committed
43

44
    assert options['cafile'] == efs_config.get('CAfile')
Max Beckett's avatar
Max Beckett committed
45
46
47
    assert 'CApath' not in efs_config


Ian Patel's avatar
Ian Patel committed
48
def test_use_missing_cafile(capsys):
49
    options = {'cafile': '/missing1'}
Max Beckett's avatar
Max Beckett committed
50
51
52
    efs_config = {}

    with pytest.raises(SystemExit) as ex:
53
        mount_efs.add_stunnel_ca_options(efs_config, _get_config(), options)
Max Beckett's avatar
Max Beckett committed
54
55
56
57

    assert 0 != ex.value.code

    out, err = capsys.readouterr()
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
    assert 'Failed to find certificate authority file for verification' in err


def test_stunnel_cafile_configuration_in_option(mocker):
    options = {'cafile': CAFILE}
    efs_config = {}

    mocker.patch('os.path.exists', return_value=True)

    mount_efs.add_stunnel_ca_options(efs_config, _get_config(), options)

    assert CAFILE == efs_config.get('CAfile')


def test_stunnel_cafile_configuration_in_config(mocker):
    options = {}
    efs_config = {}

    config = _get_config()
    config.set(mount_efs.CONFIG_SECTION, 'stunnel_cafile', CAFILE)

    mocker.patch('os.path.exists', return_value=True)

    mount_efs.add_stunnel_ca_options(efs_config, config, options)

    assert CAFILE == efs_config.get('CAfile')


def test_stunnel_cafile_not_configured(mocker):
    options = {}
    efs_config = {}

    mocker.patch('os.path.exists', return_value=True)

    mount_efs.add_stunnel_ca_options(efs_config, _get_config(), options)

    assert mount_efs.DEFAULT_STUNNEL_CAFILE == efs_config.get('CAfile')