Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/common/molecule/default/tests/test_maintenance_from_allowed_client.py - annotation
8d272d91d3d2
1.0 KiB
text/x-python
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
7b004fce5c8b 7b004fce5c8b 325b9d16a72b 325b9d16a72b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 325b9d16a72b 325b9d16a72b 325b9d16a72b 325b9d16a72b 325b9d16a72b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 325b9d16a72b 7b004fce5c8b 7b004fce5c8b 325b9d16a72b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 325b9d16a72b 325b9d16a72b 325b9d16a72b 325b9d16a72b 325b9d16a72b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 7b004fce5c8b 325b9d16a72b 7b004fce5c8b 7b004fce5c8b 325b9d16a72b 7b004fce5c8b | import os
import pytest
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('client-allowed')
@pytest.mark.parametrize("platform", [
"stretch64",
"buster64"
])
def test_ssh_connectivity(host, platform):
"""
Test if SSH server is reachable.
"""
with host.sudo():
ping = host.run('hping3 -S -p 22 -c 1 %s', 'parameters-mandatory-%s' % platform)
assert ping.rc == 0
ping = host.run('hping3 -S -p 22 -c 1 %s', 'parameters-optional-%s' % platform)
assert ping.rc == 0
@pytest.mark.parametrize("platform", [
"stretch64",
"buster64"
])
def test_http_connectivity(host, platform):
"""
Test if HTTP server is reachable.
"""
with host.sudo():
ping = host.run('hping3 -S -p 80 -c 1 %s', 'parameters-mandatory-%s' % platform)
assert ping.rc == 0
ping = host.run('hping3 -S -p 80 -c 1 %s', 'parameters-optional-%s' % platform)
assert ping.rc == 0
|