internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-07 22:02:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow multiple values per key in name fields in openssl_certificate/csr (#30338)

Browse Source 
* allow multiple values per key in name fields in openssl_certificate

* check correct side of comparison

* trigger only on lists

* add subject parameter to openssl_csr

* fix key: value mapping not skipping None elements

* temporary fix for undefined "subject" field

* fix iteration over subject entries

* fix docs

* quote sample string

* allow csr with only subject defined

* fix integration test

* look up NIDs before comparing, add hidden _strict params

* deal with empty issuer/subject fields

* adapt integration tests

* also normalize output from pyopenssl

* fix issue with _sanitize_inputs

* don't convert empty lists

* workaround for pyopenssl limitations

* properly encode the input to the txt2nid function

* another to_bytes fix

* make subject, commonname and subjecAltName completely optional

* don't compare hashes of keys in openssl_csr integration tests

* add integration test for old API in openssl_csr

* compare keys directly in certificate and publickey integration tests

* fix typo
This commit is contained in:
MarkusTeufelberger
2017-12-12 13:35:22 +01:00
committed by John R Barker
parent 7dac82e2e2
commit 9ea1b18ff7
8 changed files with 141 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
test/integration/targets/openssl_publickey/tests/validate.yml
View File

@@ -1,9 +1,9 @@
- name: Validate public key (test - privatekey modulus)
shell: 'openssl rsa -noout -modulus -in {{ output_dir }}/privatekey.pem | openssl md5'
shell: 'openssl rsa -noout -modulus -in {{ output_dir }}/privatekey.pem'
register: privatekey_modulus
- name: Validate public key (test - publickey modulus)
shell: 'openssl rsa -pubin -noout -modulus < {{ output_dir }}/publickey.pub | openssl md5'
shell: 'openssl rsa -pubin -noout -modulus < {{ output_dir }}/publickey.pub'
register: publickey_modulus
- name: Validate public key (assert)
@@ -46,12 +46,12 @@
- name: Validate publickey3 (test - privatekey modulus)
shell: 'openssl rsa -noout -modulus -in {{ output_dir }}/privatekey3.pem -passin pass:ansible | openssl md5'
shell: 'openssl rsa -noout -modulus -in {{ output_dir }}/privatekey3.pem -passin pass:ansible'
register: privatekey3_modulus
when: openssl_version.stdout is version('0.9.8zh', '>=')
- name: Validate publickey3 (test - publickey modulus)
shell: 'openssl rsa -pubin -noout -modulus < {{ output_dir }}/publickey3.pub | openssl md5'
shell: 'openssl rsa -pubin -noout -modulus < {{ output_dir }}/publickey3.pub'
register: publickey3_modulus
when: openssl_version.stdout is version('0.9.8zh', '>=')
@@ -67,12 +67,12 @@
- publickey3_idempotence is not changed
- name: Validate publickey4 (test - privatekey modulus)
shell: 'openssl rsa -noout -modulus -in {{ output_dir }}/privatekey.pem | openssl md5'
shell: 'openssl rsa -noout -modulus -in {{ output_dir }}/privatekey.pem'
register: privatekey4_modulus
when: openssl_version.stdout is version('0.9.8zh', '>=')
- name: Validate publickey4 (test - publickey modulus)
shell: 'openssl rsa -pubin -noout -modulus < {{ output_dir }}/publickey4.pub | openssl md5'
shell: 'openssl rsa -pubin -noout -modulus < {{ output_dir }}/publickey4.pub'
register: publickey4_modulus
when: openssl_version.stdout is version('0.9.8zh', '>=')