[Freeipa-devel] [PATCH 0012-0019] CA ACL tracker and functional test
Milan Kubík
mkubik at redhat.com
Thu Sep 24 12:49:02 UTC 2015
Hi all,
an update for CA ACL tests!
I, with help from M. Babinsky, managed to find a way how to change the
identity during acceptance cest run, which allows
to test CA ACLs (and perhaps other areas with some form of access controll).
This allowed me to write a test for CA ACLs and certificate profiles
that checks if the ACL/profile is being used and enforced.
The first several tests are based on Fraser's blogpost using SMIME
profile [1].
The master and ipa-4-2 branches diverged a bit, so I had to change two
commits when rebasing to ipa-4-2 branch.
Commits should be applied in the order (including rebased patches I sent
in an earlier email):
master:
* 12 - 17
ipa-4-2:
* 18, 13 - 15, 19, 17
For convenience:
patches on top of master:
https://github.com/apophys/freeipa/tree/acl-profile-functional
patches on top of ipa-4-2: https://github.com/apophys/freeipa/tree/acl-42
[1]:
https://blog-ftweedal.rhcloud.com/2015/08/user-certificates-and-custom-profiles-with-freeipa-4-2/
Cheers,
Milan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkubik-0012.3-ipatests-add-fuzzy-instances-for-CA-ACL-DN-and-RDN.patch
Type: text/x-patch
Size: 1139 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150924/b1cbd23e/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkubik-0013.3-ipatests-Add-initial-CAACLTracker-implementation.patch
Type: text/x-patch
Size: 12295 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150924/b1cbd23e/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkubik-0014.3-tests-add-test-to-check-the-default-ACL.patch
Type: text/x-patch
Size: 1332 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150924/b1cbd23e/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkubik-0015-ipatests-CA-ACL-added-config-templates.patch
Type: text/x-patch
Size: 10439 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150924/b1cbd23e/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkubik-0016-ipatests-added-unlock_principal_password-and-change_.patch
Type: text/x-patch
Size: 2484 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150924/b1cbd23e/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkubik-0017-ipatests-CA-ACL-and-cert-profile-functional-test.patch
Type: text/x-patch
Size: 7657 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150924/b1cbd23e/attachment-0005.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkubik-0018-ipatests-add-fuzzy-instances-for-CA-ACL-DN-and-RDN.patch
Type: text/x-patch
Size: 1133 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150924/b1cbd23e/attachment-0006.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkubik-0019-ipatests-added-unlock_principal_password-and-change_.patch
Type: text/x-patch
Size: 2394 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150924/b1cbd23e/attachment-0007.bin>
More information about the Freeipa-devel
mailing list