diff options
| author | Numan Siddique <nusiddiq@redhat.com> | 2016-10-05 17:50:24 +0530 |
|---|---|---|
| committer | Ben Pfaff <blp@ovn.org> | 2016-10-05 09:47:34 -0700 |
| commit | d90ed7d65ba8cfbdada2286f5adb167ca26048c9 (patch) | |
| tree | 93b270a726391a9ebd6ef734e5861451c67d8981 /tests | |
| parent | 603a31628858465a313c7ac43aaab3c16a8cd69a (diff) | |
| download | openvswitch-d90ed7d65ba8cfbdada2286f5adb167ca26048c9.tar.gz | |
python: Add SSL support to the python ovs client library
SSL support is added to the ovs/stream.py. pyOpenSSL library is used
to support SSL. If this library is not present, then the SSL stream
is not registered with the Stream class.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/ovsdb-idl.at | 30 | ||||
| -rw-r--r-- | tests/test-ovsdb.py | 7 |
2 files changed, 35 insertions, 2 deletions
diff --git a/tests/ovsdb-idl.at b/tests/ovsdb-idl.at index d633dbb93..e57a3a468 100644 --- a/tests/ovsdb-idl.at +++ b/tests/ovsdb-idl.at @@ -1198,10 +1198,36 @@ m4_define([OVSDB_CHECK_IDL_NOTIFY_PY], OVSDB_SERVER_SHUTDOWN AT_CLEANUP]) +# This test uses the Python IDL implementation with ssl +m4_define([OVSDB_CHECK_IDL_NOTIFY_SSL_PY], + [AT_SETUP([$1 - SSL]) + AT_SKIP_IF([test $HAVE_PYTHON = no]) + $PYTHON -m OpenSSL.SSL + SSL_PRESENT=$? + AT_SKIP_IF([test $SSL_PRESENT != 0]) + AT_KEYWORDS([ovsdb server idl Python notify - ssl socket]) + AT_CHECK([ovsdb-tool create db $abs_srcdir/idltest.ovsschema], + [0], [stdout], [ignore]) + PKIDIR=$abs_top_builddir/tests + AT_CHECK([ovsdb-server --log-file '-vPATTERN:console:ovsdb-server|%c|%m' \ + --detach --no-chdir --pidfile="`pwd`"/pid \ + --private-key=$PKIDIR/testpki-privkey2.pem \ + --certificate=$PKIDIR/testpki-cert2.pem \ + --ca-cert=$PKIDIR/testpki-cacert.pem \ + --remote=pssl:0:127.0.0.1 --unixctl="`pwd`"/unixctl db], [0], [ignore], [ignore]) + PARSE_LISTENING_PORT([ovsdb-server.log], [TCP_PORT]) + AT_CHECK([$PYTHON $srcdir/test-ovsdb.py -t10 idl $srcdir/idltest.ovsschema \ + ssl:127.0.0.1:$TCP_PORT $PKIDIR/testpki-privkey.pem \ + $PKIDIR/testpki-cert.pem $PKIDIR/testpki-cacert.pem $2], + [0], [stdout], [ignore], [kill `cat pid`]) + AT_CHECK([sort stdout | ${PERL} $srcdir/uuidfilt.pl]m4_if([$5],,, [[| $5]]), + [0], [$3], [], [kill `cat pid`]) + OVSDB_SERVER_SHUTDOWN + AT_CLEANUP]) m4_define([OVSDB_CHECK_IDL_NOTIFY], - [OVSDB_CHECK_IDL_NOTIFY_PY($@)]) - + [OVSDB_CHECK_IDL_NOTIFY_PY($@) + OVSDB_CHECK_IDL_NOTIFY_SSL_PY($@)]) OVSDB_CHECK_IDL_NOTIFY([simple idl verify notify], [['track-notify' \ diff --git a/tests/test-ovsdb.py b/tests/test-ovsdb.py index e1cfdad24..b27ad28ac 100644 --- a/tests/test-ovsdb.py +++ b/tests/test-ovsdb.py @@ -27,6 +27,7 @@ from ovs.db import data import ovs.db.types import ovs.ovsuuid import ovs.poller +import ovs.stream import ovs.util from ovs.fatal_signal import signal_alarm import six @@ -519,6 +520,12 @@ def do_idl(schema_file, remote, *commands): schema_helper = ovs.db.idl.SchemaHelper(schema_file) track_notify = False + if remote.startswith("ssl:"): + ovs.stream.Stream.ssl_set_private_key_file(commands[0]) + ovs.stream.Stream.ssl_set_certificate_file(commands[1]) + ovs.stream.Stream.ssl_set_ca_cert_file(commands[2]) + commands = commands[3:] + if commands and commands[0] == "track-notify": commands = commands[1:] track_notify = True |