247 |
249 |
248 # Refresh all publishers should try to validate all certs. |
250 # Refresh all publishers should try to validate all certs. |
249 self.pkg("refresh", exit=1) |
251 self.pkg("refresh", exit=1) |
250 self.assert_("Publisher: tmp" in self.errout, self.errout) |
252 self.assert_("Publisher: tmp" in self.errout, self.errout) |
251 self.assert_("Publisher: test" in self.errout, self.errout) |
253 self.assert_("Publisher: test" in self.errout, self.errout) |
|
254 |
|
255 def test_expiring_certs(self): |
|
256 """Test that image-create will not raise exception for |
|
257 expiring certificates. (Bug 17768096)""" |
|
258 |
|
259 tmp_dir = tempfile.mkdtemp(dir=self.test_root) |
|
260 |
|
261 # Retrive the correct CA and use it to generate a new cert. |
|
262 test_ca = self.get_pub_ta("test") |
|
263 test_cs = "cs1_%s" % test_ca |
|
264 |
|
265 # Add a certificate to the length 2 chain that is going to |
|
266 # expire in 27 days. |
|
267 cg = certgenerator.CertGenerator(base_dir=tmp_dir) |
|
268 cg.make_cs_cert(test_cs, test_ca, ca_path=self.path_to_certs, |
|
269 expiring=True, https=True) |
|
270 self.ac.start() |
|
271 self.image_create() |
|
272 |
|
273 # Set https-based publisher with expiring cert. |
|
274 self.seed_ta_dir("ta7") |
|
275 self.pkg("image-create -f --user -k %(key)s -c %(cert)s " |
|
276 "-p test=%(url)s %(path)s/image"% { |
|
277 "url": self.acurl1, |
|
278 "cert": os.path.join(cg.cs_dir, "%s_cert.pem" % test_cs), |
|
279 "key": os.path.join(cg.keys_dir, "%s_key.pem" % test_cs), |
|
280 "path": tmp_dir |
|
281 }) |
252 |
282 |
253 |
283 |
254 class TestDepotHTTPS(pkg5unittest.SingleDepotTestCase): |
284 class TestDepotHTTPS(pkg5unittest.SingleDepotTestCase): |
255 # Tests in this suite use the read only data directory. |
285 # Tests in this suite use the read only data directory. |
256 need_ro_data = True |
286 need_ro_data = True |