diff options
Diffstat (limited to 'test/integration/targets/get_certificate')
6 files changed, 0 insertions, 201 deletions
diff --git a/test/integration/targets/get_certificate/aliases b/test/integration/targets/get_certificate/aliases deleted file mode 100644 index 1dcd7efef2..0000000000 --- a/test/integration/targets/get_certificate/aliases +++ /dev/null @@ -1,4 +0,0 @@ -shippable/posix/group1 -destructive -needs/httptester -skip/aix diff --git a/test/integration/targets/get_certificate/files/bogus_ca.pem b/test/integration/targets/get_certificate/files/bogus_ca.pem deleted file mode 100644 index 16119c9edb..0000000000 --- a/test/integration/targets/get_certificate/files/bogus_ca.pem +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC+DCCAeACCQCWuDvGDH3otTANBgkqhkiG9w0BAQsFADA+MQswCQYDVQQGEwJV -UzEOMAwGA1UECAwFQm9ndXMxEDAOBgNVBAcMB0JhbG9uZXkxDTALBgNVBAoMBEFD -TUUwHhcNMTgwNzEyMTgxNDA0WhcNMjMwNzExMTgxNDA0WjA+MQswCQYDVQQGEwJV -UzEOMAwGA1UECAwFQm9ndXMxEDAOBgNVBAcMB0JhbG9uZXkxDTALBgNVBAoMBEFD -TUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLTGCpn8b+/2qdpkvK -iwXU8PMOXBOmRa+GmzxsxMr1QZcY0m6pY3uuIvqErMFf4qp4BMxQF+VpDLVJUJX/ -1oKCM7J3hEfgmKRD4RmKhBlnWVv5YGZmvlXRJBl1AsDTONZy8iKJB5NYnB3ZyrJq -H2GAgyJ55aYckoU55vwjRzKp49dZmzX5YS04Kzzzw/SmOuW8kMypZV5TJH+NXqKc -pw3u3cJ4yJ9DHSU5pnhC5BeKl8XDMO42jRWt5/7C7JDiCbZ9lu5jQiv/4DhsRsHF -A8/Lgl47sNDaBMbha786I9laPHLlVycpYaP6pwtizhN9ZRTdDOHmWi/vjiamERLL -FjjLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAA+1uj3tHaCai+A1H/kOgTN5e0eW -/wmaxu8gNK5eiHrecNJNAlFxVTrCwhvv4nUW7NXVcW/1WUqSO0QMiPJhCsSLVAMF -8MuYH73B+ctRqAGdeOAWF+ftCywZTEj5h5F0XiWB+TmkPlTVNShMiPFelDJpLy7u -9MfiPEJjo4sZotQl8/pZ6R9cY6GpEXWnttcuhLJCEuiB8fWO7epiWYCt/Ak+CVmZ -OzfI/euV6Upaen22lNu8V3ZwWEFtmU5CioKJ3S8DK5Mw/LJIJw1ZY9E+fTtn8x0k -xlI4e7urD2FYhTdv2fFUG8Z5arb/3bICgsUYQZ+G1c3wjWtJg9zcy8hpnZQ= ------END CERTIFICATE----- diff --git a/test/integration/targets/get_certificate/files/process_certs.py b/test/integration/targets/get_certificate/files/process_certs.py deleted file mode 100644 index 8a21af7117..0000000000 --- a/test/integration/targets/get_certificate/files/process_certs.py +++ /dev/null @@ -1,28 +0,0 @@ -from __future__ import absolute_import, division, print_function -__metaclass__ = type - -from sys import argv -from subprocess import Popen, PIPE, STDOUT - -p = Popen(["openssl", "s_client", "-host", argv[1], "-port", "443", "-prexit", "-showcerts"], stdin=PIPE, stdout=PIPE, stderr=STDOUT) -stdout = p.communicate(input=b'\n')[0] -data = stdout.decode() - -certs = [] -cert = "" -capturing = False -for line in data.split('\n'): - if line == '-----BEGIN CERTIFICATE-----': - capturing = True - - if capturing: - cert = "{0}{1}\n".format(cert, line) - - if line == '-----END CERTIFICATE-----': - capturing = False - certs.append(cert) - cert = "" - -with open(argv[2], 'w') as f: - for cert in set(certs): - f.write(cert) diff --git a/test/integration/targets/get_certificate/meta/main.yml b/test/integration/targets/get_certificate/meta/main.yml deleted file mode 100644 index 54be4e6d4d..0000000000 --- a/test/integration/targets/get_certificate/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: - - setup_openssl - - prepare_http_tests diff --git a/test/integration/targets/get_certificate/tasks/main.yml b/test/integration/targets/get_certificate/tasks/main.yml deleted file mode 100644 index ac06e1f8bb..0000000000 --- a/test/integration/targets/get_certificate/tasks/main.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -- block: - - - name: Get servers certificate with backend auto-detection - get_certificate: - host: "{{ httpbin_host }}" - port: 443 - - when: | - pyopenssl_version.stdout is version('0.15', '>=') or - (cryptography_version.stdout is version('1.6', '>=') and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)) - -- block: - - - include_tasks: ../tests/validate.yml - vars: - select_crypto_backend: pyopenssl - - when: pyopenssl_version.stdout is version('0.15', '>=') - -- name: Remove output directory - file: - path: "{{ output_dir }}" - state: absent - -- name: Re-create output directory - file: - path: "{{ output_dir }}" - state: directory - -- block: - - - include_tasks: ../tests/validate.yml - vars: - select_crypto_backend: cryptography - - # The module doesn't work with CentOS 6. Since the pyOpenSSL installed there is too old, - # we never noticed before. This becomes a problem with the new cryptography backend, - # since there is a new enough cryptography version... - when: | - cryptography_version.stdout is version('1.6', '>=') and - (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6) diff --git a/test/integration/targets/get_certificate/tests/validate.yml b/test/integration/targets/get_certificate/tests/validate.yml deleted file mode 100644 index 5dec56c83b..0000000000 --- a/test/integration/targets/get_certificate/tests/validate.yml +++ /dev/null @@ -1,106 +0,0 @@ ---- -- name: Get servers certificate - get_certificate: - host: "{{ httpbin_host }}" - port: 443 - select_crypto_backend: "{{ select_crypto_backend }}" - register: result - -- debug: var=result - -- assert: - that: - # This module should never change anything - - result is not changed - - result is not failed - # We got the correct ST from the cert - - "'North Carolina' == result.subject.ST" - -- name: Connect to http port (will fail because there is no SSL cert to get) - get_certificate: - host: "{{ httpbin_host }}" - port: 80 - select_crypto_backend: "{{ select_crypto_backend }}" - register: result - ignore_errors: true - -- assert: - that: - - result is not changed - - result is failed - # We got the expected error message - - "'The handshake operation timed out' in result.msg or 'unknown protocol' in result.msg or 'wrong version number' in result.msg" - -- name: Test timeout option - get_certificate: - host: "{{ httpbin_host }}" - port: 1234 - timeout: 1 - select_crypto_backend: "{{ select_crypto_backend }}" - register: result - ignore_errors: true - -- assert: - that: - - result is not changed - - result is failed - # We got the expected error message - - "'Failed to get cert from port with error: timed out' == result.msg or 'Connection refused' in result.msg" - -- name: Test failure if ca_cert is not a valid file - get_certificate: - host: "{{ httpbin_host }}" - port: 443 - ca_cert: dn.e - select_crypto_backend: "{{ select_crypto_backend }}" - register: result - ignore_errors: true - -- assert: - that: - - result is not changed - - result is failed - # We got the correct response from the module - - "'ca_cert file does not exist' == result.msg" - -- name: Download CA Cert as pem from server - get_url: - url: "http://ansible.http.tests/cacert.pem" - dest: "{{ output_dir }}/temp.pem" - -- name: Get servers certificate comparing it to its own ca_cert file - get_certificate: - ca_cert: '{{ output_dir }}/temp.pem' - host: "{{ httpbin_host }}" - port: 443 - select_crypto_backend: "{{ select_crypto_backend }}" - register: result - -- assert: - that: - - result is not changed - - result is not failed - -- name: Get a temp directory - tempfile: - state: directory - register: my_temp_dir - -- name: Deploy the bogus_ca.pem file - copy: - src: "bogus_ca.pem" - dest: "{{ my_temp_dir.path }}/bogus_ca.pem" - -- name: Get servers certificate comparing it to an invalid ca_cert file - get_certificate: - ca_cert: '{{ my_temp_dir.path }}/bogus_ca.pem' - host: "{{ httpbin_host }}" - port: 443 - select_crypto_backend: "{{ select_crypto_backend }}" - register: result - ignore_errors: true - -- assert: - that: - - result is not changed - - result.failed |