Skip to content

Commit

Permalink
Add tests for compatibility code
Browse files Browse the repository at this point in the history
  • Loading branch information
@lkubb
lkubb committed Dec 15, 2022
1 parent ba2d8ba commit b67a880
Show file tree
Hide file tree
Showing 5 changed files with 579 additions and 4 deletions.
13 changes: 10 additions & 3 deletions salt/modules/x509_v2.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -512,6 +512,11 @@ def create_certificate(
"Creating a PKCS12-encoded certificate without embedded private key "
"is unsupported"
)
if "signing_private_key" not in kwargs and not ca_server:
raise SaltInvocationError(
"Creating a certificate locally at least requires a signing private key."
)

if path and not overwrite and __salt__["file.file_exists"](path):
return f"The file at {path} exists and overwrite was set to false"
if ca_server:
Expand Down Expand Up @@ -927,7 +932,7 @@ def create_crl(
salt.utils.dictupdate.set_dict_key_value(
(parsed or rev), "extensions:CRLReason", (parsed or rev).pop("reason")
)
revoked_parsed.append(rev)
revoked_parsed.append(parsed or rev)
revoked = revoked_parsed

if encoding not in ["der", "pem"]:
Expand Down Expand Up @@ -1222,11 +1227,13 @@ def create_private_key(
)
keysize = kwargs.pop("bits")

ignored_params = {"cipher", "verbose"}.intersection(kwargs) # path, overwrite
ignored_params = {"cipher", "verbose", "text"}.intersection(
kwargs
) # path, overwrite
if ignored_params:
salt.utils.versions.kwargs_warn_until(ignored_params, "Potassium")
for x in ignored_params:
kwargs.pop("x")
kwargs.pop(x)

if kwargs:
raise SaltInvocationError(f"Unrecognized keyword arguments: {list(kwargs)}")
Expand Down
44 changes: 44 additions & 0 deletions salt/states/x509_v2.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -775,6 +775,10 @@ def crl_managed(
- extensions:
cRLNumber: auto
"""
if "text" in kwargs:
salt.utils.versions.kwargs_warn_until(["text"], "Potassium")
kwargs.pop("text")

if days_valid is None:
try:
salt.utils.versions.warn_until(
Expand All @@ -795,6 +799,27 @@ def crl_managed(
except RuntimeError:
days_remaining = 3

revoked_parsed = []
for rev in revoked:
parsed = {}
if len(rev) == 1 and isinstance(rev[next(iter(rev))], list):
salt.utils.versions.warn_until(
"Potassium",
"Revoked certificates should be specified as a simple list of dicts.",
)
for val in rev[next(iter(rev))]:
parsed.update(val)
if "reason" in (parsed or rev):
salt.utils.versions.warn_until(
"Potassium",
"The `reason` parameter for revoked certificates should be specified in extensions:CRLReason.",
)
salt.utils.dictupdate.set_dict_key_value(
(parsed or rev), "extensions:CRLReason", (parsed or rev).pop("reason")
)
revoked_parsed.append(parsed or rev)
revoked = revoked_parsed

ret = {
"name": name,
"changes": {},
Expand Down Expand Up @@ -1295,6 +1320,25 @@ def private_key_managed(
- x509: /etc/pki/www.crt
{%- endif %}
"""
# Deprecation checks vs the old x509 module
if "bits" in kwargs:
salt.utils.versions.warn_until(
"Potassium",
"`bits` has been renamed to `keysize`. Please update your code.",
)
keysize = kwargs.pop("bits")

ignored_params = {"cipher", "verbose", "text"}.intersection(
kwargs
) # path, overwrite
if ignored_params:
salt.utils.versions.kwargs_warn_until(ignored_params, "Potassium")
for x in ignored_params:
kwargs.pop(x)

if kwargs:
raise SaltInvocationError(f"Unrecognized keyword arguments: {list(kwargs)}")

ret = {
"name": name,
"changes": {},
Expand Down
Loading

0 comments on commit b67a880

Please sign in to comment.