KdZddlmZddlmZddlmZddlmZddlZddlZddlZddl m Z ddl Z ddl m Z dd l mZdd lmZdd lmZdd lmZd ej*j-dddgiZd ddgiZddiZdZdZdZeezZdZdezZeezZ eezZ!dZ"dZ#dZ$dZ%dZ&dZ'dZ(e jRrdnd Z*ejVjYd!ejVj[d!Gd"d#ej\Z/ej`ejVjYd!ejVj[d!Gd$d%ej\Z1y)&zTests for context_config.py.)absolute_import)print_function)division)unicode_literalsN)mock)context_config) exception)testcase)base)SetBotoConfigForTestcert_provider_commandsomehelper--print_certificatez some helperfoozv-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- z|-----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- zh-----BEGIN PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END PRIVATE KEY----- z##invalid-password##z8 -----BEGIN PASSPHRASE----- %s -----END PASSPHRASE----- z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- -----END CERTIFICATE----- z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS z-----END CERTIFICATE----- -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END ENCRYPTED PRIVATE KEY----- zSOMECOMMENTS -----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- SOMECOMMENT z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- SOMECOMMENT -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- z__builtin__.openz builtins.openzmTLS only runs on GCS JSON API.c:eZdZdZdZdZdZdZdZdZ dZ y ) TestPemFileParserz-Test PEM-format certificate parsing for mTLS.ctjt|j}|j |dt |j |dt yN CERTIFICATEzENCRYPTED PRIVATE KEY)r_split_pem_into_sectionsCERT_KEY_WITH_COMMENT_AT_BEGINlogger assertEqual CERT_SECTIONENCRYPTED_KEY_SECTIONselfsectionss 2platform/gsutil/gslib/tests/test_context_config.py'test_pem_file_with_comment_at_beginningz9TestPemFileParser.test_pem_file_with_comment_at_beginningsG66& 5HXm,l;X568MNctjt|j}|j |dt |j |dt yr)rrCERT_KEY_WITH_COMMENT_AT_ENDrrrrrs r !test_pem_file_with_comment_at_endz3TestPemFileParser.test_pem_file_with_comment_at_endsG66$dkk3HXm,l;X568MNr"ctjt|j}|j |dt |j |dt yr)rr CERT_KEY_WITH_COMMENT_IN_BETWEENrrrrrs r %test_pem_file_with_comment_in_betweenz7TestPemFileParser.test_pem_file_with_comment_in_betweensG66($++7HXm,l;X568MNr"ctjt|j}|j |j d|j |j dtyr)rrBAD_CERT_KEY_EMBEDDED_SECTIONr assertIsNonegetrrrs r .test_pem_file_with_bad_format_embedded_sectionz@TestPemFileParser.test_pem_file_with_bad_format_embedded_sectionsO66%t{{4Hhll=12X\\"9:*,r"ctjt|j}|j |j dt |j|j dyr)rrBAD_CERT_KEY_MISSING_ENDrrr,rr+rs r ,test_pem_file_with_bad_format_missing_endingz>TestPemFileParser.test_pem_file_with_bad_format_missing_endingsN667O7;{{DHX\\-0,?hll#:;$$^%J%JK** GG  RWW\\&(; < !#6 8 ) ! ! ) ( ! !s#CB C <C C CC"ctg|_tddg5|jt5t j |j|jt j|jtjjdddddddddy#1swYxYw#1swYyxYw)Nr^r_r Nz cert helperrrb).DEFAULT_CERT_PROVIDER_FILE_CONTENTS_WITH_SPACErdr rLrerrKrErfrgrhrirjrkrms r ;test_executes_provider_command_with_space_from_default_filezMTestContextConfig.test_executes_provider_command_with_space_from_default_files 7"N  (MO P   Z (,,T-=-=>$$^%J%JK**277+;+;M+J+@+> @ )  P P ) (  P Ps#B<A/B0B<0B9 5B<<Cc$t|_tddg5tj|j |j tj|j jjddddy#1swYyxYw)Nr^rrzVFailed to provision client certificate: Client certificate provider command not found.) %DEFAULT_CERT_PROVIDER_FILE_NO_COMMANDrXr rrKrErfrgerrorrhrrnros r &test_default_provider_no_command_errorz8TestContextConfig.test_default_provider_no_command_errors#HN  (MO P**4+;+;<"">#H#HI 44 ;<  P P Ps A$BBFctdddd|jfg5tj|j|jj j ddddy#1swYyxYw)Nr^rrGSUtil state_dirzSFailed to provision client certificate: Client certificate provider file not found.)r CreateTempDirrrKrErwrh)rs r %test_default_provider_not_found_errorz7TestContextConfig.test_default_provider_not_found_error sm 96 ; 2 2 45   **4+;+;< 44 89   s AA..A7c.td|_tddg5tj|j |j tj|j jjddddy#1swYyxYw)N valueErrorr^rrz2Failed to provision client certificate: valueError) rerdr rrKrErfrgrwrhrxs r 3test_raises_cert_provision_error_on_json_load_errorzETestContextConfig.test_raises_cert_provision_error_on_json_load_errors ",L!9N  (MO P**4+;+;<"">#H#HI 44 >@  P P Ps A$B  Bcttddg5|jt5tj|j |j tjjdtjtjddddddy#1swYxYw#1swYyxYw)Nr^r_r some/pathr)stdoutstderr) r rLrerrKrErhrirjrk subprocessPIPErUs r 6test_executes_custom_provider_command_from_boto_configzHTestContextConfig.test_executes_custom_provider_command_from_boto_config&s 9=    Z (,,T-=-=>**277+;+;K+H2TestContextConfig.test_converts_and_logs_provisioning_os_errorCse$X.J 9= **4+;+;< 44 :<    s AA,,A5ctjd|_tddg5t j |j |j jjddddy#1swYyxYwr) r ExternalBinaryErrorrdr rrKrErwrhrUs r 9test_converts_and_logs_provisioning_external_binary_errorzKTestContextConfig.test_converts_and_logs_provisioning_external_binary_errorOsm'::8DJ 9= **4+;+;< 44 :<    s AA66A?ctd|_tddg5tj|j t jrdnd}|j jjd|zdddy#1swYyxYw)Nrr^rz'foobar'z u'foobar'z\Failed to provision client certificate: Invalid output format from certificate provider, no ) KeyErrorrdr rrKrEsixPY3rwrh)rrVunicode_escaped_error_strings r -test_converts_and_logs_provisioning_key_errorz?TestContextConfig.test_converts_and_logs_provisioning_key_error\s&h/J 9= **4+;+;<3677Z " 44 B & '(   s ABB removectj|jtjj |j yr?)rrKrErB_unprovision_client_certrTr mock_removes r 2test_does_not_unprovision_if_no_client_certificatezDTestContextConfig.test_does_not_unprovision_if_no_client_certificatens4(()9)9:$$==?!!#r"ctd|_tj|jdtj _tj j|jjjdy)Nnorz'Failed to remove client certificate: no) rrdrrKrErBclient_cert_pathrrwrhrs r -test_handles_and_logs_unprovisioning_os_errorz?TestContextConfig.test_handles_and_logs_unprovisioning_os_errorts_%dmK(()9)9:8CN$$5$$==?2213r"ctj}d|_tj df|j _||_tddg5tjtj}|jtj|jdtjjttjjtgd|j!tj"j$t&tj"j)|j+|jdddy#1swYyxYw)Nrr^r_r zpath --print_certificatew+T any_order)rrD returncodeFULL_ENCRYPTED_CERTencoderrXr rrKassert_has_callscallrwriterrrrBclient_cert_passwordPASSWORDrrhrrVrrnr test_configs r Mtest_writes_and_deletes_encrypted_certificate_file_storing_password_to_memoryz_TestContextConfig.test_writes_and_deletes_encrypted_certificate_file_storing_password_to_memorys   99;&'#""$d5,$$12J 9L  #88Ek   ))K00$ 7 ))+  L ) ))+  1 2" ,0 !1 ~77LL!&&??A))+*F*FG-    D E++E4ctj}d|_tj df|j _||_tddg5tjtj}|jtj|jdtjjttjjtgd|j!tj"j$t&tj"j)|j+|jdddy#1swYyxYw)z-This is the format used by gcloud by default.rNr^rrTr)rrDr FULL_CERTrrrXr rrKrrrrr KEY_SECTIONr+rBrrrrhrs r Mtest_writes_and_deletes_unencrypted_certificate_file_without_storing_passwordz_TestContextConfig.test_writes_and_deletes_unencrypted_certificate_file_without_storing_passwords  99;&'#5>5E5E5G4N$$12J 9L  #88Ek   ))K00$ 7 ))+  L ) ))+  K (" ,0 !1 88MM "&&??A))+*F*FG-   r) r7r8r9r:rArIrQrpatchobjectrrWrDjson OPEN_TO_PATCHrnrprtryr~rrrrrrrirrrr __classcell__)rGs@r r=r=s1#@$::Z)#*# 4::IDII4$@A::T6D1::Z48 4::m$..9 8:92B 84::IDII4$@A::T6D1::Z48 4::m$..9@:92B@"4::IDII4$@A::T6D1 4::m$..9 <:2B <4::IDII5$AB 9C 9::T6D1 4::IDII4$@A 4::m$..9 @:B2 @::Z48 C9 C::Z) ;* ;::Z) <* <::Z) <* <::Z)(*("::R"$#$ ::R"3#34::m$..9::R"::Z)H*#:H@4::m$..9::R"::Z)H*#:Hr"r=)2r: __future__rrrrrrirunittestrrgslibrr gslib.testsr gslib.tests.testcaser gslib.tests.utilr rjrlrcrsrvrrrCERT_ENCRYPTED_KEY_SECTIONrPASSWORD_SECTIONrrr*r/r2r5rr$r'PY2rintegration_testcase SkipForS3 SkipForXMLGsUtilUnitTestCaserNotParallelizabler=r;r"r rs#&%'   %1  VX&(='#m-BC2.*/%  *,AA !  13CC ; & !  " $ '*gg"?  (()JK ))*KL-=33-=ML-=b (()JK ))*KLOH33OHMLOHr"