ansible/test/integration/targets/openssl_dhparam/tasks/impl.yml

98 lines
3.2 KiB
YAML
Raw Normal View History

---
# The tests for this module generate unsafe parameters for testing purposes;
# otherwise tests would be too slow. Use sizes of at least 2048 in production!
- name: "[{{ select_crypto_backend }}] Generate parameter"
openssl_dhparam:
size: 768
path: '{{ output_dir }}/dh768.pem'
select_crypto_backend: "{{ select_crypto_backend }}"
- name: "[{{ select_crypto_backend }}] Don't regenerate parameters with no change"
openssl_dhparam:
size: 768
path: '{{ output_dir }}/dh768.pem'
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_changed
- name: "[{{ select_crypto_backend }}] Generate parameters with size option"
openssl_dhparam:
path: '{{ output_dir }}/dh512.pem'
size: 512
select_crypto_backend: "{{ select_crypto_backend }}"
- name: "[{{ select_crypto_backend }}] Don't regenerate parameters with size option and no change"
openssl_dhparam:
path: '{{ output_dir }}/dh512.pem'
size: 512
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_changed_512
- copy:
src: '{{ output_dir }}/dh768.pem'
remote_src: yes
dest: '{{ output_dir }}/dh512.pem'
- name: "[{{ select_crypto_backend }}] Re-generate if size is different"
openssl_dhparam:
path: '{{ output_dir }}/dh512.pem'
size: 512
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_changed_to_512
- name: "[{{ select_crypto_backend }}] Force re-generate parameters with size option"
openssl_dhparam:
path: '{{ output_dir }}/dh512.pem'
size: 512
force: yes
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_changed_force
- name: "[{{ select_crypto_backend }}] Create broken params"
copy:
dest: "{{ output_dir }}/dhbroken.pem"
content: "broken"
- name: "[{{ select_crypto_backend }}] Regenerate broken params"
openssl_dhparam:
path: '{{ output_dir }}/dhbroken.pem'
size: 512
force: yes
select_crypto_backend: "{{ select_crypto_backend }}"
register: output_broken
- name: "[{{ select_crypto_backend }}] Generate params"
openssl_dhparam:
path: '{{ output_dir }}/dh_backup.pem'
size: 512
backup: yes
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_1
- name: "[{{ select_crypto_backend }}] Generate params (idempotent)"
openssl_dhparam:
path: '{{ output_dir }}/dh_backup.pem'
size: 512
backup: yes
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_2
- name: "[{{ select_crypto_backend }}] Generate params (change)"
openssl_dhparam:
path: '{{ output_dir }}/dh_backup.pem'
size: 512
force: yes
backup: yes
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_3
- name: "[{{ select_crypto_backend }}] Generate params (remove)"
openssl_dhparam:
path: '{{ output_dir }}/dh_backup.pem'
state: absent
backup: yes
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_4
- name: "[{{ select_crypto_backend }}] Generate params (remove, idempotent)"
openssl_dhparam:
path: '{{ output_dir }}/dh_backup.pem'
state: absent
backup: yes
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_5