parent
376d7cde12
commit
bfb8e5df82
|
@ -0,0 +1,2 @@
|
|||
bugfixes:
|
||||
- "x509_certificate - fix crash when ``assertonly`` provider is used and some error conditions should be reported (https://github.com/ansible-collections/community.crypto/issues/240, https://github.com/ansible-collections/community.crypto/pull/241)."
|
|
@ -177,25 +177,25 @@ class AssertOnlyCertificateBackend(CertificateBackend):
|
|||
if self.privatekey_path is not None or self.privatekey_content is not None:
|
||||
if not self._validate_privatekey():
|
||||
messages.append(
|
||||
'Certificate %s and private key %s do not match' %
|
||||
(self.path, self.privatekey_path or '(provided in module options)')
|
||||
'Certificate and private key %s do not match' %
|
||||
(self.privatekey_path or '(provided in module options)')
|
||||
)
|
||||
|
||||
if self.csr_path is not None or self.csr_content is not None:
|
||||
if not self._validate_csr_signature():
|
||||
messages.append(
|
||||
'Certificate %s and CSR %s do not match: private key mismatch' %
|
||||
(self.path, self.csr_path or '(provided in module options)')
|
||||
'Certificate and CSR %s do not match: private key mismatch' %
|
||||
(self.csr_path or '(provided in module options)')
|
||||
)
|
||||
if not self._validate_csr_subject():
|
||||
messages.append(
|
||||
'Certificate %s and CSR %s do not match: subject mismatch' %
|
||||
(self.path, self.csr_path or '(provided in module options)')
|
||||
'Certificate and CSR %s do not match: subject mismatch' %
|
||||
(self.csr_path or '(provided in module options)')
|
||||
)
|
||||
if not self._validate_csr_extensions():
|
||||
messages.append(
|
||||
'Certificate %s and CSR %s do not match: extensions mismatch' %
|
||||
(self.path, self.csr_path or '(provided in module options)')
|
||||
'Certificate and CSR %s do not match: extensions mismatch' %
|
||||
(self.csr_path or '(provided in module options)')
|
||||
)
|
||||
|
||||
if self.signature_algorithms is not None:
|
||||
|
|
|
@ -114,6 +114,16 @@
|
|||
- extension_missing_eku is failed
|
||||
- "'Found no extendedKeyUsage extension' in extension_missing_eku.msg"
|
||||
|
||||
- name: (Assertonly, {{select_crypto_backend}}) - Check wrong key fail
|
||||
x509_certificate:
|
||||
path: '{{ output_dir }}/cert_noext.pem'
|
||||
privatekey_path: '{{ output_dir }}/privatekeypw.pem'
|
||||
privatekey_passphrase: hunter2
|
||||
provider: assertonly
|
||||
select_crypto_backend: '{{ select_crypto_backend }}'
|
||||
ignore_errors: yes
|
||||
register: private_key_error
|
||||
|
||||
- name: (Assertonly, {{select_crypto_backend}}) - Check private key passphrase fail 1
|
||||
x509_certificate:
|
||||
path: '{{ output_dir }}/cert_noext.pem'
|
||||
|
@ -146,6 +156,8 @@
|
|||
- name: (Assertonly, {{select_crypto_backend}}) -
|
||||
assert:
|
||||
that:
|
||||
- private_key_error is failed
|
||||
- "'Certificate and private key ' in private_key_error.msg and ' do not match' in private_key_error.msg"
|
||||
- passphrase_error_1 is failed
|
||||
- "'assphrase' in passphrase_error_1.msg or 'assword' in passphrase_error_1.msg"
|
||||
- passphrase_error_2 is failed
|
||||
|
|
Loading…
Reference in New Issue