From 85e5ebbddf2a9b39376b7bc3b1529d6f170b907e Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Thu, 25 Sep 2014 14:43:16 -0700
Subject: [PATCH 14/14] Ticket 47880 - CI test: added test cases for ticket
47880
Description: Ticket #47880 - provide enabled ciphers as search result
https://fedorahosted.org/389/ticket/47880
(cherry picked from commit ce7378990855abe1a5b52cd4fbe78ffc33365dcb)
(cherry picked from commit b922e5d8387535a8bd71bbcea821ba08608d27c2)
---
dirsrvtests/tickets/ticket47838_test.py | 46 ++++++++++++++++++++++++++++++++-
1 file changed, 45 insertions(+), 1 deletion(-)
diff --git a/dirsrvtests/tickets/ticket47838_test.py b/dirsrvtests/tickets/ticket47838_test.py
index 1575376..c98c36e 100644
--- a/dirsrvtests/tickets/ticket47838_test.py
+++ b/dirsrvtests/tickets/ticket47838_test.py
@@ -216,6 +216,24 @@ def test_ticket47838_init(topology):
'nsSSLToken': 'internal (software)',
'nsSSLActivation': 'on'})))
+def comp_nsSSLEnableCipherCount(topology, ecount):
+ """
+ Check nsSSLEnabledCipher count with ecount
+ """
+ log.info("Checking nsSSLEnabledCiphers...")
+ msgid = topology.standalone.search_ext(ENCRYPTION_DN, ldap.SCOPE_BASE, 'cn=*', ['nsSSLEnabledCiphers'])
+ enabledciphercnt = 0
+ rtype, rdata, rmsgid = topology.standalone.result2(msgid)
+ topology.standalone.log.info("%d results" % len(rdata))
+
+ topology.standalone.log.info("Results:")
+ for dn, attrs in rdata:
+ topology.standalone.log.info("dn: %s" % dn)
+ if attrs.has_key('nsSSLEnabledCiphers'):
+ enabledciphercnt = len(attrs['nsSSLEnabledCiphers'])
+ topology.standalone.log.info("enabledCipherCount: %d" % enabledciphercnt)
+ assert ecount == enabledciphercnt
+
def test_ticket47838_run_0(topology):
"""
Check nsSSL3Ciphers: +all
@@ -248,6 +266,8 @@ def test_ticket47838_run_0(topology):
log.info("Weak ciphers: %d" % wcount)
assert wcount <= 29
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_1(topology):
"""
Check nsSSL3Ciphers: +all
@@ -287,6 +307,8 @@ def test_ticket47838_run_1(topology):
log.info("Weak ciphers: %d" % wcount)
assert wcount <= 29
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_2(topology):
"""
Check nsSSL3Ciphers: +rsa_aes_128_sha,+rsa_aes_256_sha
@@ -316,6 +338,8 @@ def test_ticket47838_run_2(topology):
assert ecount == 2
assert dcount == (plus_all_ecount + plus_all_dcount - ecount)
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_3(topology):
"""
Check nsSSL3Ciphers: -all
@@ -344,6 +368,8 @@ def test_ticket47838_run_3(topology):
log.info("Disabling SSL message?: %s" % disabledmsg.readline())
assert disabledmsg != ''
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_4(topology):
"""
Check no nsSSL3Ciphers
@@ -377,6 +403,8 @@ def test_ticket47838_run_4(topology):
log.info("Weak ciphers in the default setting: %d" % wcount)
assert wcount == 0
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_5(topology):
"""
Check nsSSL3Ciphers: default
@@ -410,6 +438,8 @@ def test_ticket47838_run_5(topology):
log.info("Weak ciphers in the default setting: %d" % wcount)
assert wcount == 0
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_6(topology):
"""
Check nssSSL3Chiphers: +all,-rsa_rc4_128_md5
@@ -441,6 +471,8 @@ def test_ticket47838_run_6(topology):
assert ecount == (plus_all_ecount_noweak - 1)
assert dcount == (plus_all_dcount_noweak + 1)
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_7(topology):
"""
Check nssSSL3Chiphers: -all,+rsa_rc4_128_md5
@@ -470,6 +502,8 @@ def test_ticket47838_run_7(topology):
assert ecount == 1
assert dcount == (plus_all_ecount + plus_all_dcount - ecount)
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_8(topology):
"""
Check nsSSL3Ciphers: default + allowWeakCipher: off
@@ -503,6 +537,8 @@ def test_ticket47838_run_8(topology):
log.info("Weak ciphers in the default setting: %d" % wcount)
assert wcount == 0
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_9(topology):
"""
Check no nsSSL3Ciphers
@@ -537,6 +573,8 @@ def test_ticket47838_run_9(topology):
log.info("Weak ciphers in the default setting: %d" % wcount)
assert wcount == 11
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_10(topology):
"""
Check nssSSL3Chiphers: -TLS_RSA_WITH_NULL_MD5,+TLS_RSA_WITH_RC4_128_MD5,
@@ -579,6 +617,8 @@ def test_ticket47838_run_10(topology):
topology.standalone.log.info("ticket47838 was successfully verified.");
+ comp_nsSSLEnableCipherCount(topology, ecount)
+
def test_ticket47838_run_11(topology):
"""
Check nssSSL3Chiphers: +fortezza
@@ -603,6 +643,8 @@ def test_ticket47838_run_11(topology):
log.info("Expected error message was not found")
assert False
+ comp_nsSSLEnableCipherCount(topology, 0)
+
def test_ticket47838_run_last(topology):
"""
Check nssSSL3Chiphers: all <== invalid value
@@ -627,7 +669,9 @@ def test_ticket47838_run_last(topology):
log.info("Expected error message was not found")
assert False
- topology.standalone.log.info("ticket47838 was successfully verified.");
+ comp_nsSSLEnableCipherCount(topology, 0)
+
+ topology.standalone.log.info("ticket47838, 47880, 47908 were successfully verified.");
def test_ticket47838_final(topology):
topology.standalone.simple_bind_s(DN_DM, PASSWORD)
--
1.9.3