ansible/test/integration/targets/openssl_dhparam/tests/validate.yml

---
- name: "[{{ select_crypto_backend }}] Validate generated params"
  shell: 'openssl dhparam -in {{ output_dir }}/{{ item }}.pem -noout -check'
  with_items:
    - dh768
    - dh512

- name: "[{{ select_crypto_backend }}] Get bit size of 768"
  shell: 'openssl dhparam -noout -in {{ output_dir }}/dh768.pem -text | head -n1 | sed -ne "s@.*(\\([[:digit:]]\{1,\}\\) bit).*@\\1@p"'
  register: bit_size_dhparam

- name: "[{{ select_crypto_backend }}] Check bit size of default"
  assert:
    that:
      - bit_size_dhparam.stdout == "768"

- name: "[{{ select_crypto_backend }}] Get bit size of 512"
  shell: 'openssl dhparam -noout -in {{ output_dir }}/dh512.pem -text | head -n1 | sed -ne "s@.*(\\([[:digit:]]\{1,\}\\) bit).*@\\1@p"'
  register: bit_size_dhparam_512

- name: "[{{ select_crypto_backend }}] Check bit size of default"
  assert:
    that:
      - bit_size_dhparam_512.stdout == "512"

- name: "[{{ select_crypto_backend }}] Check if changed works correctly"
  assert:
    that:
      - dhparam_changed is not changed
      - dhparam_changed_512 is not changed
      - dhparam_changed_to_512 is changed
      - dhparam_changed_force is changed

- name: "[{{ select_crypto_backend }}] Make sure correct values are returned"
  assert:
    that:
      - dhparam.dhparams == lookup('file', output_dir ~ '/dh768.pem', rstrip=False)
      - dhparam.dhparams == dhparam_changed.dhparams

- name: "[{{ select_crypto_backend }}] Verify that broken params will be regenerated"
  assert:
    that:
      - output_broken is changed

- name: "[{{ select_crypto_backend }}] Check backup"
  assert:
    that:
      - dhparam_backup_1 is changed
      - dhparam_backup_1.backup_file is undefined
      - dhparam_backup_2 is not changed
      - dhparam_backup_2.backup_file is undefined
      - dhparam_backup_3 is changed
      - dhparam_backup_3.backup_file is string
      - dhparam_backup_4 is changed
      - dhparam_backup_4.backup_file is string
      - dhparam_backup_5 is not changed
      - dhparam_backup_5.backup_file is undefined
      - dhparam_backup_4.dhparams is none
Module to generate Diffie-Hellman parameters (#32620) * Module to generate Diffie-Hellman parameters Implements #32577 * Add integration tests for openssl_dhparam * Slightly refactor check to prevent unnecessary regeneration * Fix code smell in tests Highly annoying to have to do this again and again and again as the rules change during the game * Using module.run_command() and module.atomic_move() from a tempfile. * Remove underscore variable Ansible prefers dummy 2018-01-26 09:08:29 +01:00			`---`
openssl_dhparam: add cryptography backend (#62991) * Separate OpenSSL-specific code from generic code. * Make sure absent works without OpenSSL. * Add cryptography backend. * Add tests. * Add changelog. * Duplicate disclaimer. * Add dependency on setup_openssl. * Forgot to adjust something. * Fix version tuple. 2019-10-04 21:53:04 +02:00			`- name: "[{{ select_crypto_backend }}] Validate generated params"`
Module to generate Diffie-Hellman parameters (#32620) * Module to generate Diffie-Hellman parameters Implements #32577 * Add integration tests for openssl_dhparam * Slightly refactor check to prevent unnecessary regeneration * Fix code smell in tests Highly annoying to have to do this again and again and again as the rules change during the game * Using module.run_command() and module.atomic_move() from a tempfile. * Remove underscore variable Ansible prefers dummy 2018-01-26 09:08:29 +01:00			`shell: 'openssl dhparam -in {{ output_dir }}/{{ item }}.pem -noout -check'`
			`with_items:`
			`- dh768`
			`- dh512`

openssl_dhparam: add cryptography backend (#62991) * Separate OpenSSL-specific code from generic code. * Make sure absent works without OpenSSL. * Add cryptography backend. * Add tests. * Add changelog. * Duplicate disclaimer. * Add dependency on setup_openssl. * Forgot to adjust something. * Fix version tuple. 2019-10-04 21:53:04 +02:00			`- name: "[{{ select_crypto_backend }}] Get bit size of 768"`
Module to generate Diffie-Hellman parameters (#32620) * Module to generate Diffie-Hellman parameters Implements #32577 * Add integration tests for openssl_dhparam * Slightly refactor check to prevent unnecessary regeneration * Fix code smell in tests Highly annoying to have to do this again and again and again as the rules change during the game * Using module.run_command() and module.atomic_move() from a tempfile. * Remove underscore variable Ansible prefers dummy 2018-01-26 09:08:29 +01:00			`shell: 'openssl dhparam -noout -in {{ output_dir }}/dh768.pem -text \| head -n1 \| sed -ne "s@.(\\([[:digit:]]\{1,\}\\) bit).@\\1@p"'`
			`register: bit_size_dhparam`

openssl_dhparam: add cryptography backend (#62991) * Separate OpenSSL-specific code from generic code. * Make sure absent works without OpenSSL. * Add cryptography backend. * Add tests. * Add changelog. * Duplicate disclaimer. * Add dependency on setup_openssl. * Forgot to adjust something. * Fix version tuple. 2019-10-04 21:53:04 +02:00			`- name: "[{{ select_crypto_backend }}] Check bit size of default"`
Module to generate Diffie-Hellman parameters (#32620) * Module to generate Diffie-Hellman parameters Implements #32577 * Add integration tests for openssl_dhparam * Slightly refactor check to prevent unnecessary regeneration * Fix code smell in tests Highly annoying to have to do this again and again and again as the rules change during the game * Using module.run_command() and module.atomic_move() from a tempfile. * Remove underscore variable Ansible prefers dummy 2018-01-26 09:08:29 +01:00			`assert:`
			`that:`
			`- bit_size_dhparam.stdout == "768"`

openssl_dhparam: add cryptography backend (#62991) * Separate OpenSSL-specific code from generic code. * Make sure absent works without OpenSSL. * Add cryptography backend. * Add tests. * Add changelog. * Duplicate disclaimer. * Add dependency on setup_openssl. * Forgot to adjust something. * Fix version tuple. 2019-10-04 21:53:04 +02:00			`- name: "[{{ select_crypto_backend }}] Get bit size of 512"`
Module to generate Diffie-Hellman parameters (#32620) * Module to generate Diffie-Hellman parameters Implements #32577 * Add integration tests for openssl_dhparam * Slightly refactor check to prevent unnecessary regeneration * Fix code smell in tests Highly annoying to have to do this again and again and again as the rules change during the game * Using module.run_command() and module.atomic_move() from a tempfile. * Remove underscore variable Ansible prefers dummy 2018-01-26 09:08:29 +01:00			`shell: 'openssl dhparam -noout -in {{ output_dir }}/dh512.pem -text \| head -n1 \| sed -ne "s@.(\\([[:digit:]]\{1,\}\\) bit).@\\1@p"'`
			`register: bit_size_dhparam_512`

openssl_dhparam: add cryptography backend (#62991) * Separate OpenSSL-specific code from generic code. * Make sure absent works without OpenSSL. * Add cryptography backend. * Add tests. * Add changelog. * Duplicate disclaimer. * Add dependency on setup_openssl. * Forgot to adjust something. * Fix version tuple. 2019-10-04 21:53:04 +02:00			`- name: "[{{ select_crypto_backend }}] Check bit size of default"`
Module to generate Diffie-Hellman parameters (#32620) * Module to generate Diffie-Hellman parameters Implements #32577 * Add integration tests for openssl_dhparam * Slightly refactor check to prevent unnecessary regeneration * Fix code smell in tests Highly annoying to have to do this again and again and again as the rules change during the game * Using module.run_command() and module.atomic_move() from a tempfile. * Remove underscore variable Ansible prefers dummy 2018-01-26 09:08:29 +01:00			`assert:`
			`that:`
			`- bit_size_dhparam_512.stdout == "512"`

openssl_dhparam: add cryptography backend (#62991) * Separate OpenSSL-specific code from generic code. * Make sure absent works without OpenSSL. * Add cryptography backend. * Add tests. * Add changelog. * Duplicate disclaimer. * Add dependency on setup_openssl. * Forgot to adjust something. * Fix version tuple. 2019-10-04 21:53:04 +02:00			`- name: "[{{ select_crypto_backend }}] Check if changed works correctly"`
Module to generate Diffie-Hellman parameters (#32620) * Module to generate Diffie-Hellman parameters Implements #32577 * Add integration tests for openssl_dhparam * Slightly refactor check to prevent unnecessary regeneration * Fix code smell in tests Highly annoying to have to do this again and again and again as the rules change during the game * Using module.run_command() and module.atomic_move() from a tempfile. * Remove underscore variable Ansible prefers dummy 2018-01-26 09:08:29 +01:00			`assert:`
			`that:`
			`- dhparam_changed is not changed`
			`- dhparam_changed_512 is not changed`
			`- dhparam_changed_to_512 is changed`
			`- dhparam_changed_force is changed`
openssl_* modules: private key errors (#54088) * Improve error handling, in particular with respect to private key loading problems. * Add tests to validate that modules regenerate invalid input and don't crash. * Don't crash when input is invalid. * Create 'better' broken input. * Fix paths. * Simplifying pyOpenSSL error handling. 2019-03-30 14:28:10 +01:00
openssl_* modules: allow direct input and output for some files (#65400) * Allow to return generated object. * Use slurp module instead of file lookup + b64encode. * Rename return_xxx_content -> return_content. 2020-02-02 12:42:52 +01:00			`- name: "[{{ select_crypto_backend }}] Make sure correct values are returned"`
			`assert:`
			`that:`
			`- dhparam.dhparams == lookup('file', output_dir ~ '/dh768.pem', rstrip=False)`
			`- dhparam.dhparams == dhparam_changed.dhparams`

openssl_dhparam: add cryptography backend (#62991) * Separate OpenSSL-specific code from generic code. * Make sure absent works without OpenSSL. * Add cryptography backend. * Add tests. * Add changelog. * Duplicate disclaimer. * Add dependency on setup_openssl. * Forgot to adjust something. * Fix version tuple. 2019-10-04 21:53:04 +02:00			`- name: "[{{ select_crypto_backend }}] Verify that broken params will be regenerated"`
openssl_* modules: private key errors (#54088) * Improve error handling, in particular with respect to private key loading problems. * Add tests to validate that modules regenerate invalid input and don't crash. * Don't crash when input is invalid. * Create 'better' broken input. * Fix paths. * Simplifying pyOpenSSL error handling. 2019-03-30 14:28:10 +01:00			`assert:`
			`that:`
			`- output_broken is changed`
openssl_*: add backup option (#54294) 2019-03-30 15:38:43 +01:00
openssl_dhparam: add cryptography backend (#62991) * Separate OpenSSL-specific code from generic code. * Make sure absent works without OpenSSL. * Add cryptography backend. * Add tests. * Add changelog. * Duplicate disclaimer. * Add dependency on setup_openssl. * Forgot to adjust something. * Fix version tuple. 2019-10-04 21:53:04 +02:00			`- name: "[{{ select_crypto_backend }}] Check backup"`
openssl_*: add backup option (#54294) 2019-03-30 15:38:43 +01:00			`assert:`
			`that:`
			`- dhparam_backup_1 is changed`
			`- dhparam_backup_1.backup_file is undefined`
			`- dhparam_backup_2 is not changed`
			`- dhparam_backup_2.backup_file is undefined`
			`- dhparam_backup_3 is changed`
			`- dhparam_backup_3.backup_file is string`
			`- dhparam_backup_4 is changed`
			`- dhparam_backup_4.backup_file is string`
			`- dhparam_backup_5 is not changed`
			`- dhparam_backup_5.backup_file is undefined`
openssl_* modules: allow direct input and output for some files (#65400) * Allow to return generated object. * Use slurp module instead of file lookup + b64encode. * Rename return_xxx_content -> return_content. 2020-02-02 12:42:52 +01:00			`- dhparam_backup_4.dhparams is none`