Remove PyOpenSSL backends (except for openssl_pkcs12) (#273)

* Remove Ubuntu 16.04 (Xenial Xerus) from CI. * Removing PyOpenSSL backend from everywhere but openssl_pkcs12. * Remove PyOpenSSL support from module_utils that's not needed for openssl_pkcs12. * Add changelog fragment.
2026-05-08 14:22:56 +00:00 · 2021-09-28 17:46:35 +02:00
parent 24e7d07973
commit f644db3c79
72 changed files with 227 additions and 2638 deletions
--- a/tests/integration/targets/openssl_privatekey_info/meta/main.yml
+++ b/tests/integration/targets/openssl_privatekey_info/meta/main.yml
@@ -1,5 +1,4 @@
 dependencies:
  - setup_openssl
-  - setup_pyopenssl
  - setup_remote_tmp_dir
  - prepare_jinja2_compat
--- a/tests/integration/targets/openssl_privatekey_info/tasks/impl.yml
+++ b/tests/integration/targets/openssl_privatekey_info/tasks/impl.yml
@@ -20,10 +20,6 @@
      - "result.public_data.exponent > 5"
      - "'private_data' not in result"

- name: Update result list
-  set_fact:
-    info_results: "{{ info_results | combine({'key1': result}) }}"
-
 - name: ({{select_crypto_backend}}) Read private key
  slurp:
    src: '{{ remote_tmp_dir }}/privatekey_1.pem'
@@ -62,10 +58,6 @@
      - "result.public_data.modulus == result.private_data.p * result.private_data.q"
      - "result.private_data.exponent > 5"

- name: Update result list
-  set_fact:
-    info_results: "{{ info_results | combine({'key2': result}) }}"
-
 - name: ({{select_crypto_backend}}) Get key 3 info (without passphrase)
  openssl_privatekey_info:
    path: '{{ remote_tmp_dir }}/privatekey_3.pem'
@@ -113,10 +105,6 @@
      - "result.public_data.modulus == result.private_data.p * result.private_data.q"
      - "result.private_data.exponent > 5"

- name: Update result list
-  set_fact:
-    info_results: "{{ info_results | combine({'key3': result}) }}"
-
 - name: ({{select_crypto_backend}}) Get key 4 info
  openssl_privatekey_info:
    path: '{{ remote_tmp_dir }}/privatekey_4.pem'
@@ -124,37 +112,20 @@
    select_crypto_backend: '{{ select_crypto_backend }}'
  register: result

- block:
-  - name: Check that ECC key info is ok
-    assert:
-      that:
-        - "'public_key' in result"
-        - "'public_key_fingerprints' in result"
-        - "'type' in result"
-        - "result.type == 'ECC'"
-        - "'public_data' in result"
-        - "result.public_data.curve is string"
-        - "result.public_data.x != 0"
-        - "result.public_data.y != 0"
-        - "result.public_data.exponent_size == (521 if (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') else 256)"
-        - "'private_data' in result"
-        - "result.private_data.multiplier > 1024"
-
-  - name: Update result list
-    set_fact:
-      info_results: "{{ info_results | combine({'key4': result}) }}"
-  when: select_crypto_backend != 'pyopenssl' or (pyopenssl_version.stdout is version('16.1.0', '>=') and cryptography_version.stdout is version('0.0', '>'))
-
 - name: Check that ECC key info is ok
  assert:
    that:
      - "'public_key' in result"
      - "'public_key_fingerprints' in result"
      - "'type' in result"
-      - "result.type.startswith('unknown ')"
+      - "result.type == 'ECC'"
      - "'public_data' in result"
+      - "result.public_data.curve is string"
+      - "result.public_data.x != 0"
+      - "result.public_data.y != 0"
+      - "result.public_data.exponent_size == (521 if (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') else 256)"
      - "'private_data' in result"
-  when: select_crypto_backend == 'pyopenssl' and not (pyopenssl_version.stdout is version('16.1.0', '>=') and cryptography_version.stdout is version('0.0', '>'))
+      - "result.private_data.multiplier > 1024"

 - name: ({{select_crypto_backend}}) Get key 5 info
  openssl_privatekey_info:
@@ -177,7 +148,3 @@
      - "result.public_data.y > 2"
      - "'private_data' in result"
      - "result.private_data.x > 2"
-
- name: Update result list
-  set_fact:
-    info_results: "{{ info_results | combine({'key5': result}) }}"
--- a/tests/integration/targets/openssl_privatekey_info/tasks/main.yml
+++ b/tests/integration/targets/openssl_privatekey_info/tasks/main.yml
@@ -36,42 +36,8 @@
    type: DSA
    size: 1024

- name: Prepare result list
-  set_fact:
-    info_results: {}
-
- name: Running tests with pyOpenSSL backend
-  include_tasks: impl.yml
-  vars:
-    select_crypto_backend: pyopenssl
-  when: pyopenssl_version.stdout is version('0.15', '>=')
-
- name: Prepare result list
-  set_fact:
-    pyopenssl_info_results: "{{ info_results }}"
-    info_results: {}
-
 - name: Running tests with cryptography backend
  include_tasks: impl.yml
  vars:
    select_crypto_backend: cryptography
  when: cryptography_version.stdout is version('1.2.3', '>=')
-
- name: Prepare result list
-  set_fact:
-    cryptography_info_results: "{{ info_results }}"
-
- block:
-  - name: Dump pyOpenSSL results
-    debug:
-      var: pyopenssl_info_results
-  - name: Dump cryptography results
-    debug:
-      var: cryptography_info_results
-  - name: Compare results
-    assert:
-      that:
-      - '  (pyopenssl_info_results[item] | dict2items | rejectattr("key", "equalto", "deprecations") | list | items2dict)
-        == (cryptography_info_results[item] | dict2items | rejectattr("key", "equalto", "deprecations") | list | items2dict)'
-    loop: "{{ pyopenssl_info_results.keys() | intersect(cryptography_info_results.keys()) | list }}"
-  when: pyopenssl_version.stdout is version('0.15', '>=') and cryptography_version.stdout is version('1.2.3', '>=')