Commit graph

12 commits

Author SHA1 Message Date
Felix Fontein
d6fb9da8ed
openssl_* modules: allow direct input and output for some files (#65400)
* Allow to return generated object.

* Use slurp module instead of file lookup + b64encode.

* Rename return_xxx_content -> return_content.
2020-02-02 12:42:52 +01:00
Felix Fontein
6a786d0d93
openssl_publickey: add cryptography backend (#60387)
* Add cryptography backend.

* Add changelog.

* Make sure requirements are satisfied.

* Use more compatible elliptic curve.

* Decrease required version numbers.

* PyOpenSSL >= 16.0.0 is really needed.

* Update lib/ansible/modules/crypto/openssl_publickey.py

Co-Authored-By: MarkusTeufelberger <mteufelberger@mgit.at>
2019-08-17 18:52:14 +02:00
Felix Fontein
188903448a openssl_*: add backup option (#54294) 2019-03-30 15:38:43 +01:00
Felix Fontein
90c067e947 openssl_* modules: private key errors (#54088)
* Improve error handling, in particular with respect to private key loading problems.

* Add tests to validate that modules regenerate invalid input and don't crash.

* Don't crash when input is invalid.

* Create 'better' broken input.

* Fix paths.

* Simplifying pyOpenSSL error handling.
2019-03-30 14:28:10 +01:00
Felix Fontein
caf7fd2245 openssl_*: improve passphrase handling for private keys in PyOpenSSL (#53489)
* Raise OpenSSLBadPassphraseError if passphrase is wrong.

* Improve handling of passphrase errors.

Current behavior for modules is: if passphrase is wrong (or wrongly specified), fail.
Current behavior for openssl_privatekey is: if passphrase is worng (or wrongly specified), regenerate.

* Add changelog.

* Add tests.

* Adjustments for some versions of PyOpenSSL.

* Update lib/ansible/modules/crypto/openssl_certificate.py

Improve text.

Co-Authored-By: felixfontein <felix@fontein.de>
2019-03-08 16:21:18 +00:00
Felix Fontein
e1218ca10f Elliptic curve tests for crypto modules (#50109)
* Add openssl_csr ECC test.

* Add openssl_publickey ECC test.

* Add openssl_certificate ECC test.
2018-12-23 10:23:31 +01:00
Matt Martz
3a2c1541ca
Fix tests as filters syntax in recently modified integration tests (#33346) 2017-11-28 12:26:45 -06:00
Yanis Guenane
a773bd7ad5 openssl_publickey: Ensure format OpenSSH is idempotent (#33264)
Currently the check() method for idempotence only assumes the public
key is under the form of a PEM file when its not always the case.

The module openssl_publickey allows one to generate OpenSSH format
publickey. This leads to idempotence not being detected.
2017-11-28 14:08:47 +05:30
Matt Martz
4fe08441be Deprecate tests used as filters (#32361)
* Warn on tests used as filters

* Update docs, add aliases for tests that fit more gramatically with test syntax

* Fix rst formatting

* Add successful filter, alias of success

* Remove renamed_deprecation, it was overkill

* Make directory alias for is_dir

* Update tests to use proper jinja test syntax

* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax

* Add conversion script, porting guide updates, and changelog updates

* Update newly added uses of tests as filters

* No underscore variable

* Convert recent tests as filter changes to win_stat

* Fix some changes related to rebasing a few integration tests

* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name

* Add test for tests_as_filters_warning

* Update tests as filters in newly added/modified tests

* Address recent changes to several integration tests

* Address recent changes in cs_vpc
2017-11-27 17:58:08 -05:00
Yanis Guenane
32635577a3 openssl_publickey: Do not fail on empty existing file (#33255)
Currently during the check phase, the code considers the file to be
a public key if the file exist - which is not necessarily true.

This commits aims to ensure that the file is actually a publickey else
returns false for the check.
2017-11-25 03:29:06 +00:00
Yanis Guenane
d4e7b045b7 Extend test coverage for openssl modules (#27548)
* openssl_privatekey: Extend test coverage

Extend the coverage of the integration test for the module
openssl_privatekey.

New tests have been added:

  * passphrase
  * idempotence
  * removal

Co-Authored-By: Pierre-Louis Bonicoli <pierre-louis.bonicoli@gmx.fr>

* openssl_publickey: Extend test coverage

Extend the coverage on the integration test for the module
openssl_publickey.

New tests have been added:

  * OpenSSH format
  * passphrase
  * idempotence
  * removal
2017-08-21 12:19:41 +01:00
Yanis Guenane
8b22c45a45 Enable integration tests for the crypto/ namespace (#26684)
Crypto namespace contains the openssl modules. It has no integration
testing as of now.

This commits aims to add integration tests for the crypto namespace.
This will make it easier to spot breaking changes in the future.

This tests currently apply to:

  * openssl_privatekey
  * openssl_publickey
  * openssl_csr
2017-07-25 12:18:18 +01:00