KSrSSKJr SSKJr SSKJr SSKJr SSKrSSKrSSKrSSK J r SSK r SSK J r SS K Jr SS KJr SS KJr SS KJr S \R*R-SS5S/0rS SS/0rSS0rSrSrSr\\-rSrS\-r\\-r \\-r!Sr"Sr#Sr$Sr%Sr&Sr'Sr(\ RR(aSOS r*\RVRYS!5\RVR[S!5"S"S#\R\555r/\R`\RVRYS!5\RVR[S!5"S$S%\R\5555r1g)&zTests for context_config.py.)absolute_import)print_function)division)unicode_literalsN)mock)context_config) exception)testcase)base)SetBotoConfigForTestcert_provider_commandsomehelper--print_certificatez some helperfoozv-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- z|-----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- zh-----BEGIN PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END PRIVATE KEY----- z##invalid-password##z8 -----BEGIN PASSPHRASE----- %s -----END PASSPHRASE----- z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- -----END CERTIFICATE----- z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS z-----END CERTIFICATE----- -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END ENCRYPTED PRIVATE KEY----- zSOMECOMMENTS -----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- SOMECOMMENT z-----BEGIN CERTIFICATE----- LKJHLSDJKFHLEUIORWUYERWEHJHL KLJHGFDLSJKH(@#*&$)@*#KJHFLKJDSFSD -----END CERTIFICATE----- SOMECOMMENT -----BEGIN ENCRYPTED PRIVATE KEY----- LKJWE:RUWEORIU)(#*&$@(#$KJHLKDJHF(I*F@YLFHSLDKJFS -----END ENCRYPTED PRIVATE KEY----- z__builtin__.openz builtins.openzmTLS only runs on GCS JSON API.cB\rSrSrSrSrSrSrSrSr Sr S r S r g ) TestPemFileParser~z-Test PEM-format certificate parsing for mTLS.c[R"[UR5nUR US[ 5 UR US[ 5 gN CERTIFICATEzENCRYPTED PRIVATE KEY)r_split_pem_into_sectionsCERT_KEY_WITH_COMMENT_AT_BEGINlogger assertEqual CERT_SECTIONENCRYPTED_KEY_SECTIONselfsectionss 2platform/gsutil/gslib/tests/test_context_config.py'test_pem_file_with_comment_at_beginning9TestPemFileParser.test_pem_file_with_comment_at_beginningsG66& 5HXm,l;X568MNc[R"[UR5nUR US[ 5 UR US[ 5 gr)rrCERT_KEY_WITH_COMMENT_AT_ENDrrrrrs r!!test_pem_file_with_comment_at_end3TestPemFileParser.test_pem_file_with_comment_at_endsG66$dkk3HXm,l;X568MNr$c[R"[UR5nUR US[ 5 UR US[ 5 gr)rr CERT_KEY_WITH_COMMENT_IN_BETWEENrrrrrs r!%test_pem_file_with_comment_in_between7TestPemFileParser.test_pem_file_with_comment_in_betweensG66($++7HXm,l;X568MNr$c[R"[UR5nUR UR S55 UR UR S5[5 gr)rrBAD_CERT_KEY_EMBEDDED_SECTIONr assertIsNonegetrrrs r!.test_pem_file_with_bad_format_embedded_section@TestPemFileParser.test_pem_file_with_bad_format_embedded_sectionsO66%t{{4Hhll=12X\\"9:*,r$c[R"[UR5nUR UR S5[ 5 URUR S55 gr)rrBAD_CERT_KEY_MISSING_ENDrrr0rr/rs r!,test_pem_file_with_bad_format_missing_ending>TestPemFileParser.test_pem_file_with_bad_format_missing_endingsN667O7;{{DHX\\-0,?hll#:;[[U] 5 [RUlS[l[ R"5UlgN) superrGsetUpr_singleton_config_old_context_configrMock mock_loggerr __class__s r!rLTestContextConfig.setUps5 T(*-??D'+N$yy{Dr$cT>[[U] 5 UR[lgrJ)rKrGtearDownrNrrMrQs r!rUTestContextConfig.tearDowns T+-'+'?'?N$r$cB[R"UR5nUR[R5 [R"UR5 SSS5 [R "5nUR X5 g!,(df  N5=frJ)rcreate_context_configrP assertRaises(ContextConfigSingletonAlreadyExistsErrorget_context_configr)rfirstseconds r!"test_context_config_is_a_singleton4TestContextConfig.test_context_config_is_a_singletonsu  0 01A1A BE  ?? A**4+;+;< A . . 0FU#  A As !B BPopencd[R"UR5 UR5 grJ)rrXrPassert_not_calledr mock_Popens r!:test_does_not_provision_if_use_client_certificate_not_trueLTestContextConfig.test_does_not_provision_if_use_client_certificate_not_trues$(()9)9:  "r$zos.path.existsT) return_value)newload)autospec) new_callablec [/Ul[S/5 UR[5 [ R "UR5 UR[ R5 UR[RR[RRSS55SS5 SSS5 SSS5 g!,(df  N=f!,(df  g=f)N Credentialsuse_client_certificateTruerrr--with_passphrase)#DEFAULT_CERT_PROVIDER_FILE_CONTENTS side_effectr rY ValueErrorrrXrPassert_called_with_DEFAULT_METADATA_PATHassert_called_once_withospathrealpathjoinr mock_openrdmock_json_loads r!0test_executes_provider_command_from_default_fileBTestContextConfig.test_executes_provider_command_from_default_files#F!FN P  !   Z (,,T-=-=>$$^%J%JK** GG  RWW\\&(; < !#6 8 ) ! ! ) ( ! !s#CBC=C C C C-c[/Ul[SS/5 UR[5 [ R "UR5 UR[ R5 UR[RRS5SS5 SSS5 SSS5 g!,(df  N=f!,(df  g=f)Nrmrnr Nz cert helperrrq).DEFAULT_CERT_PROVIDER_FILE_CONTENTS_WITH_SPACErsr rYrtrrXrPrurvrwrxryrzr|s r!;test_executes_provider_command_with_space_from_default_fileMTestContextConfig.test_executes_provider_command_with_space_from_default_files 7"N  (MO P   Z (,,T-=-=>$$^%J%JK**277+;+;M+J+@+> @ )  P P ) (  P Ps#CA0B1 C1 B? ;C Cc0[Ul[SS/5 [R"UR 5 UR [R5 UR RRS5 SSS5 g!,(df  g=f)NrmrzVFailed to provision client certificate: Client certificate provider command not found.) %DEFAULT_CERT_PROVIDER_FILE_NO_COMMANDrgr rrXrPrurverrorrwrr}r~s r!&test_default_provider_no_command_error8TestContextConfig.test_default_provider_no_command_errors#HN  (MO P**4+;+;<"">#H#HI 44 ;<  P P Ps A%B BFc[SSSSUR54/5 [R"UR5 URR R S5 SSS5 g!,(df  g=f)NrmrGSUtil state_dirzSFailed to provision client certificate: Client certificate provider file not found.)r CreateTempDirrrXrPrrw)rs r!%test_default_provider_not_found_error7TestContextConfig.test_default_provider_not_found_error sm 96 ; 2 2 45   **4+;+;< 44 89   s AA// A=c:[S5Ul[SS/5 [R"UR 5 UR [R5 UR RRS5 SSS5 g!,(df  g=f)N valueErrorrmrz2Failed to provision client certificate: valueError) rtrsr rrXrPrurvrrwrs r!3test_raises_cert_provision_error_on_json_load_errorETestContextConfig.test_raises_cert_provision_error_on_json_load_errors ",L!9N  (MO P**4+;+;<"">#H#HI 44 >@  P P Ps A%B  Bc[SS/5 UR[5 [R"UR 5 UR [RRS5[R[RS9 SSS5 SSS5 g!,(df  N=f!,(df  g=f)Nrmrnr some/pathr)stdoutstderr) r rYrtrrXrPrwrxryrz subprocessPIPErcs r!6test_executes_custom_provider_command_from_boto_configHTestContextConfig.test_executes_custom_provider_command_from_boto_config&s 9=    Z (,,T-=-=>**277+;+;K+H2TestContextConfig.test_converts_and_logs_provisioning_os_errorCse$X.J 9= **4+;+;< 44 :<    s AA-- A;c[R"S5Ul[SS/5 [R "UR 5 UR RRS5 SSS5 g!,(df  g=fr) r ExternalBinaryErrorrsr rrXrPrrwrcs r!9test_converts_and_logs_provisioning_external_binary_errorKTestContextConfig.test_converts_and_logs_provisioning_external_binary_errorOsm'::8DJ 9= **4+;+;< 44 :<    s AA88 Bc4[S5Ul[SS/5 [R"UR 5 [ R(aSOSnUR RRSU-5 SSS5 g!,(df  g=f)Nrrmrz'foobar'z u'foobar'z\Failed to provision client certificate: Invalid output format from certificate provider, no ) KeyErrorrsr rrXrPsixPY3rrw)rrdunicode_escaped_error_strings r!-test_converts_and_logs_provisioning_key_error?TestContextConfig.test_converts_and_logs_provisioning_key_error\s&h/J 9= **4+;+;<3677Z " 44 B & '(   s A"B  Bremovec[R"UR5 [RR 5 UR 5 grJ)rrXrPrM_unprovision_client_certrbr mock_removes r!2test_does_not_unprovision_if_no_client_certificateDTestContextConfig.test_does_not_unprovision_if_no_client_certificatens4(()9)9:$$==?!!#r$c[S5Ul[R"UR5 S[R l[R R5 URRRS5 g)Nnorz'Failed to remove client certificate: no) rrsrrXrPrMclient_cert_pathrrrwrs r!-test_handles_and_logs_unprovisioning_os_error?TestContextConfig.test_handles_and_logs_unprovisioning_os_errorts_%dmK(()9)9:8CN$$5$$==?2213r$c[R"5nSUl[R 5S4UR lXAl[SS/5 [R"[R"55nUR[R"URS5[R"5R[5[R"5R[5/SS9 UR![R"R$[&5 [R"R)5 UR+UR5 SSS5 g!,(df  g=f)Nrrmrnr zpath --print_certificatew+T any_order)rrO returncodeFULL_ENCRYPTED_CERTencoderrgr rrXassert_has_callscallrwriterrrrMclient_cert_passwordPASSWORDrrwrrdrr}r test_configs r!Mtest_writes_and_deletes_encrypted_certificate_file_storing_password_to_memory_TestContextConfig.test_writes_and_deletes_encrypted_certificate_file_storing_password_to_memorys  99;&'#""$d5,$$12 9L  #88Ek   ))K00$ 7 ))+  L ) ))+  1 2" ,0 !1 ~77LL!&&??A))+*F*FG-    DE-- E;c[R"5nSUl[R 5S4UR lXAl[SS/5 [R"[R"55nUR[R"URS5[R"5R[5[R"5R[5/SS9 UR![R"R$[&5 [R"R)5 UR+UR5 SSS5 g!,(df  g=f)z-This is the format used by gcloud by default.rNrmrrTr)rrOr FULL_CERTrrrgr rrXrrrrr KEY_SECTIONr/rMrrrrwrs r!Mtest_writes_and_deletes_unencrypted_certificate_file_without_storing_password_TestContextConfig.test_writes_and_deletes_unencrypted_certificate_file_without_storing_passwords  99;&'#5>5E5E5G4N$$12 9L  #88Ek   ))K00$ 7 ))+  L ) ))+  K (" ,0 !1 88MM "&&??A))+*F*FG-   r)rNrP)"r@rArBrCrDrLrUr^rpatchobjectrrerOjson OPEN_TO_PATCHr}rrrrrrrrrrrxrrrrrE __classcell__)rRs@r!rGrGs1#@$::Z)#*# ::DII4$@A::T6D1::Z48::m$..9 8:92B 8::DII4$@A::T6D1::Z48::m$..9@:92B@"::DII4$@A::T6D1::m$..9 <:2B <::DII5$AB 9C 9::T6D1::DII4$@A::m$..9 @:B2 @::Z48 C9 C::Z) ;* ;::Z) <* <::Z) <* <::Z)(*("::R"$#$ ::R"3#3::m$..9::R"::Z)H*#:H@::m$..9::R"::Z)H*#:Hr$rG)2rD __future__rrrrrrxrunittestrrgslibrr gslib.testsr gslib.tests.testcaser gslib.tests.utilr ryr{rrrrrrrCERT_ENCRYPTED_KEY_SECTIONrPASSWORD_SECTIONrrr.r4r8r<rr&r*PY2rintegration_testcase SkipForS3 SkipForXMLGsUtilUnitTestCaserNotParallelizablerGr?r$r!rs#&%'   %1  VX&(='#m-BC2.*/%  *,AA !  13CC ; & !  " $ '*gg"?  (()JK ))*KL-=33-=ML-=b (()JK ))*KLOH33OHMLOHr$