URL: https://github.com/freeipa/freeipa/pull/2961 Author: tiran Title: #2961: [Backport][ipa-4-7] Add test case for configure_openldap_conf Action: opened
PR body: """ This PR was opened automatically because PR #2756 was pushed to master and backport to ipa-4-7 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2961/head:pr2961 git checkout pr2961
From 01df33b1e847623be3abbabb63108e6da837f8af Mon Sep 17 00:00:00 2001 From: Christian Heimes <chei...@redhat.com> Date: Mon, 14 Jan 2019 17:25:28 +0100 Subject: [PATCH] Add test case for configure_openldap_conf IPAChangeConf doesn't handle lines with mixed assignment values correctly. See: https://pagure.io/freeipa/issue/7838 Signed-off-by: Christian Heimes <chei...@redhat.com> --- ipatests/test_ipaclient/test_ldapconf.py | 114 +++++++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 ipatests/test_ipaclient/test_ldapconf.py diff --git a/ipatests/test_ipaclient/test_ldapconf.py b/ipatests/test_ipaclient/test_ldapconf.py new file mode 100644 index 0000000000..6f70c12db5 --- /dev/null +++ b/ipatests/test_ipaclient/test_ldapconf.py @@ -0,0 +1,114 @@ +# +# Copyright (C) 2019 FreeIPA Contributors see COPYING for license +# + +import os +import shutil +import tempfile + +import pytest + +from ipaplatform.paths import paths + +import ipatests.util +ipatests.util.check_ipaclient_unittests() # noqa: E402 + +from ipaclient.install.client import configure_openldap_conf + +# with single URI and space +LDAP_CONF_1 = """ +# +# LDAP Defaults +# + +BASE dc=example,dc=com +URI ldap://ldap.example.com + +# Turning this off breaks GSSAPI used with krb5 when rdns = false +SASL_NOCANON on +""" + +# URI with two entries and tabs +LDAP_CONF_2 = """ +# +# LDAP Defaults +# + +BASE\tdc=example,dc=com +URI\tldap://ldap.example.com ldap://ldap-master.example.com:666 + +# Turning this off breaks GSSAPI used with krb5 when rdns = false +SASL_NOCANON on +""" + +BASEDN = 'cn=ipa,cn=example' +SERVER = 'ldap.ipa.example' + + +class DummyFStore: + def backup_file(self, fname): + pass + + +def ldap_conf(content): + # fixture tmp_path is pytest >= 3.9 + tmp_path = tempfile.mkdtemp() + cfgfile = os.path.join(tmp_path, 'ldap.conf') + if content is not None: + with open(cfgfile, 'w') as f: + f.write(content) + orig_ldap_conf = paths.OPENLDAP_LDAP_CONF + try: + paths.OPENLDAP_LDAP_CONF = cfgfile + configure_openldap_conf(DummyFStore(), BASEDN, [SERVER]) + + with open(cfgfile) as f: + text = f.read() + + settings = {} + for line in text.split('\n'): + line = line.strip() + if not line or line.startswith('#'): + continue + k, v = line.split(None, 1) + settings.setdefault(k, []).append(v) + finally: + paths.OPENLDAP_LDAP_CONF = orig_ldap_conf + shutil.rmtree(tmp_path) + return text, settings + + +def test_openldap_conf_empty(): + text, settings = ldap_conf("") + assert '# File modified by ipa-client-install' in text + assert settings == { + 'BASE': [BASEDN], + 'URI': ['ldaps://{}'.format(SERVER)], + 'TLS_CACERT': ['/etc/ipa/ca.crt'], + 'SASL_MECH': ['GSSAPI'] + } + + +def test_openldap_conf_spaces(): + text, settings = ldap_conf(LDAP_CONF_1) + assert '# File modified by ipa-client-install' in text + assert settings == { + 'BASE': ['dc=example,dc=com'], + 'URI': ['ldap://ldap.example.com'], + 'SASL_NOCANON': ['on'], + 'TLS_CACERT': ['/etc/ipa/ca.crt'], + 'SASL_MECH': ['GSSAPI'] + } + + +@pytest.mark.xfail(reason="freeipa ticket 7838", strict=True) +def test_openldap_conf_mixed(): + text, settings = ldap_conf(LDAP_CONF_2) + assert '# File modified by ipa-client-install' in text + assert settings == { + 'BASE': ['dc=example,dc=com'], + 'URI': ['ldap://ldap.example.com ldap://ldap-master.example.com:666'], + 'SASL_NOCANON': ['on'], + 'TLS_CACERT': ['/etc/ipa/ca.crt'], + 'SASL_MECH': ['GSSAPI'] + }
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
