Updated Branches: refs/heads/trunk 34f907c1a -> 793ead019
AMBARI-2675. Setup-https with wrong password does not produce error. (Dmitry Sen via swagle) Project: http://git-wip-us.apache.org/repos/asf/incubator-ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ambari/commit/793ead01 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ambari/tree/793ead01 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ambari/diff/793ead01 Branch: refs/heads/trunk Commit: 793ead0198475eafaf1c0db656c5cc16a9691e35 Parents: 34f907c Author: Siddharth Wagle <[email protected]> Authored: Wed Jul 17 16:27:48 2013 -0700 Committer: Siddharth Wagle <[email protected]> Committed: Wed Jul 17 16:27:48 2013 -0700 ---------------------------------------------------------------------- ambari-server/src/main/python/ambari-server.py | 20 ++++-- .../src/test/python/TestAmbaryServer.py | 76 ++++++++++++++++---- 2 files changed, 75 insertions(+), 21 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/793ead01/ambari-server/src/main/python/ambari-server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/python/ambari-server.py b/ambari-server/src/main/python/ambari-server.py index 5a63ee0..b4a15bc 100755 --- a/ambari-server/src/main/python/ambari-server.py +++ b/ambari-server/src/main/python/ambari-server.py @@ -3074,28 +3074,33 @@ def import_cert_and_key(security_server_keys_dir): if retcode == 0: keystoreFilePath = os.path.join(security_server_keys_dir,\ SSL_KEYSTORE_FILE_NAME) + keystoreFilePathTmp = os.path.join(tempfile.gettempdir(),\ + SSL_KEYSTORE_FILE_NAME) passFilePath = os.path.join(security_server_keys_dir,\ SSL_KEY_PASSWORD_FILE_NAME) + passFilePathTmp = os.path.join(tempfile.gettempdir(),\ + SSL_KEY_PASSWORD_FILE_NAME) passinFilePath = os.path.join(tempfile.gettempdir(),\ SSL_PASSIN_FILE) passwordFilePath = os.path.join(tempfile.gettempdir(),\ SSL_PASSWORD_FILE) - with open(passFilePath, 'w+') as passFile: + with open(passFilePathTmp, 'w+') as passFile: passFile.write(pem_password) passFile.close pass set_file_permissions(passFilePath, "660", read_ambari_user(), False) - copy_file(passFilePath, passinFilePath) - copy_file(passFilePath, passwordFilePath) + copy_file(passFilePathTmp, passinFilePath) + copy_file(passFilePathTmp, passwordFilePath) retcode, out, err = run_os_command(EXPRT_KSTR_CMD.format(import_cert_path,\ - import_key_path, passwordFilePath, passinFilePath, keystoreFilePath)) + import_key_path, passwordFilePath, passinFilePath, keystoreFilePathTmp)) if retcode == 0: print 'Importing and saving Certificate...done.' - set_file_permissions(keystoreFilePath, "660", read_ambari_user(), False) + import_file_to_keystore(keystoreFilePathTmp, keystoreFilePath) + import_file_to_keystore(passFilePathTmp, passFilePath) import_file_to_keystore(import_cert_path, os.path.join(\ security_server_keys_dir, SSL_CERT_FILE_NAME)) @@ -3117,7 +3122,10 @@ def import_cert_and_key(security_server_keys_dir): return True else: print_error_msg('Could not import Certificate and Private Key.') - print 'SSL error on exporting keystore: ' + err.rstrip() + '.' + print 'SSL error on exporting keystore: ' + err.rstrip() + \ + '.\nPlease ensure that provided Private Key password is correct and ' +\ + 're-import Certificate.' + return False def import_file_to_keystore(source, destination): http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/793ead01/ambari-server/src/test/python/TestAmbaryServer.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/TestAmbaryServer.py b/ambari-server/src/test/python/TestAmbaryServer.py index c46419d..8e5cd2c 100644 --- a/ambari-server/src/test/python/TestAmbaryServer.py +++ b/ambari-server/src/test/python/TestAmbaryServer.py @@ -1146,21 +1146,27 @@ class TestAmbariServer(TestCase): get_validated_string_input_mock.return_value = "password" get_validated_filepath_input_mock.side_effect = \ ["cert_file_path","key_file_path"] - os_path_join_mock.side_effect = ["keystore_file_path","pass_file_path",\ - "passin_file_path","password_file_path","keystore_cert_file_path",\ - "keystore_cert_key_file_path",] + os_path_join_mock.side_effect = ["keystore_file_path", "keystore_file_path_tmp",\ + "pass_file_path", "pass_file_path_tmp",\ + "passin_file_path","password_file_path",\ + "keystore_cert_file_path",\ + "keystore_cert_key_file_path",] run_os_command_mock.return_value = (0, "", "") om = open_mock.return_value - expect_import_file_to_keystore = "[call('cert_file_path',"+\ - " 'keystore_cert_file_path'),\n"+\ - " call('key_file_path',"+\ - " 'keystore_cert_key_file_path')]" + expect_import_file_to_keystore = "[call('keystore_file_path_tmp',"+\ + " 'keystore_file_path'),\n"+\ + " call('pass_file_path_tmp',"+\ + " 'pass_file_path'),\n"+\ + " call('cert_file_path',"+\ + " 'keystore_cert_file_path'),\n"+\ + " call('key_file_path',"+\ + " 'keystore_cert_key_file_path')]" ambari_server.import_cert_and_key("key_dir") self.assertTrue(get_validated_filepath_input_mock.call_count == 2) self.assertTrue(get_validated_string_input_mock.called) - self.assertEqual(os_path_join_mock.call_count, 6) - self.assertTrue(set_file_permissions_mock.call_count == 2) + self.assertEqual(os_path_join_mock.call_count, 8) + self.assertTrue(set_file_permissions_mock.call_count == 1) self.assertEqual(str(import_file_to_keystore_mock.call_args_list),\ expect_import_file_to_keystore) @@ -1190,12 +1196,18 @@ class TestAmbariServer(TestCase): get_validated_string_input_mock.return_value = "" get_validated_filepath_input_mock.side_effect =\ ["cert_file_path","key_file_path"] - os_path_join_mock.side_effect = ["keystore_file_path","pass_file_path",\ - "passin_file_path","password_file_path","keystore_cert_file_path",\ - "keystore_cert_key_file_path",] + os_path_join_mock.side_effect = ["keystore_file_path", "keystore_file_path_tmp",\ + "pass_file_path", "pass_file_path_tmp",\ + "passin_file_path","password_file_path",\ + "keystore_cert_file_path",\ + "keystore_cert_key_file_path",] run_os_command_mock.return_value = (0, "", "") - expect_import_file_to_keystore = "[call('cert_file_path',"+\ + expect_import_file_to_keystore = "[call('keystore_file_path_tmp',"+\ + " 'keystore_file_path'),\n"+\ + " call('pass_file_path_tmp',"+\ + " 'pass_file_path'),\n"+\ + " call('cert_file_path',"+\ " 'keystore_cert_file_path'),\n"+\ " call('key_file_path.secured',"+\ " 'keystore_cert_key_file_path')]" @@ -1203,12 +1215,46 @@ class TestAmbariServer(TestCase): ambari_server.import_cert_and_key("key_dir") self.assertEquals(get_validated_filepath_input_mock.call_count, 2) self.assertTrue(get_validated_string_input_mock.called) - self.assertEquals(os_path_join_mock.call_count, 6) - self.assertEquals(set_file_permissions_mock.call_count, 2) + self.assertEquals(os_path_join_mock.call_count, 8) + self.assertEquals(set_file_permissions_mock.call_count, 1) self.assertEqual(str(import_file_to_keystore_mock.call_args_list),\ expect_import_file_to_keystore) self.assertTrue(generate_random_string_mock.called) + @patch("__builtin__.open") + @patch.object(ambari_server, "copy_file") + @patch.object(ambari_server, "is_root") + @patch.object(ambari_server, "read_ambari_user") + @patch.object(ambari_server, "set_file_permissions") + @patch.object(ambari_server, "import_file_to_keystore") + @patch.object(ambari_server, "run_os_command") + @patch("os.path.join") + @patch.object(ambari_server, "get_validated_filepath_input") + @patch.object(ambari_server, "get_validated_string_input") + def test_import_cert_and_key_with_incorrect_password(self, + get_validated_string_input_mock,\ + get_validated_filepath_input_mock,\ + os_path_join_mock,\ + run_os_command_mock,\ + import_file_to_keystore_mock,\ + set_file_permissions_mock,\ + read_ambari_user_mock,\ + is_root_mock,\ + copy_file_mock,\ + open_mock): + get_validated_string_input_mock.return_value = "incorrect_password" + get_validated_filepath_input_mock.return_value = 'filename' + open_mock.return_value = MagicMock() + + os_path_join_mock.return_value = '' + is_root_mock.return_value = True + + + #provided password doesn't match, openssl command returns an error + run_os_command_mock.return_value = (1, "", "Some error message") + + self.assertFalse(ambari_server.import_cert_and_key_action(*["key_dir", None])) + self.assertFalse(ambari_server.import_cert_and_key("key_dir")) def test_is_valid_cert_exp(self):
