Merge "Only b64encode ssl_ca if it needs it"

This commit is contained in:
Zuul 2018-10-23 13:02:23 +00:00 committed by Gerrit Code Review
commit 6d0118e9e0
2 changed files with 21 additions and 2 deletions

View File

@ -23,6 +23,7 @@ from charmhelpers.core.hookenv import (
)
import base64
import binascii
def get_ssl_mode():
@ -53,8 +54,13 @@ def configure_client_ssl(relation_data):
relation_data['ssl_port'] = config('ssl_port')
if external_ca:
if config('ssl_ca'):
relation_data['ssl_ca'] = base64.b64encode(
config('ssl_ca'))
try:
base64.decodestring(config('ssl_ca'))
# No need to encode it, it is already encoded.
ssl_ca_encoded = config('ssl_ca')
except binascii.Error:
ssl_ca_encoded = base64.b64encode(config('ssl_ca'))
relation_data['ssl_ca'] = ssl_ca_encoded
return
ca = ServiceCA.get_ca()
relation_data['ssl_ca'] = base64.b64encode(ca.get_ca_bundle())

View File

@ -110,6 +110,19 @@ class TestSSLUtils(CharmTestCase):
relation_data,
{'ssl_port': '9090', 'ssl_ca': 'ZXh0X2Nh'})
@patch('ssl_utils.get_ssl_mode')
def test_get_ssl_mode_ssl_on_ext_ca_b64(self, get_ssl_mode):
get_ssl_mode.return_value = ('on', True)
test_config = {
'ssl_port': '9090',
'ssl_ca': 'ZXh0X2Nh'}
self.config.side_effect = lambda x: test_config[x]
relation_data = {}
ssl_utils.configure_client_ssl(relation_data)
self.assertEqual(
relation_data,
{'ssl_port': '9090', 'ssl_ca': 'ZXh0X2Nh'})
@patch('ssl_utils.local_unit')
@patch('ssl_utils.relation_ids')
@patch('ssl_utils.relation_get')