| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing test_bruteforce_decrypt was nondeterministic; in some
cases, the generated ciphertext would be decryptable with one of the
wrong passphrases, which would cause test failure even though it
decrypts to gibberish. This checks that by splitting it into two
tests:
1. Test with an invalid ciphertext, so that EVPError is always raised;
2. Test with valid ciphertext, and check for *either* EVPError or
decrypted plaintext that is not the same as the original plaintext.
|
| |
|
|
|
|
|
| |
The test uses both variants: get_decisions and get_decision. So there is
no way to fix the code without fixing the test.
|
| |
|
| |
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
misc/bcfg2.spec
src/lib/Bcfg2/Client/Client.py
src/lib/Bcfg2/Client/Tools/APK.py
src/lib/Bcfg2/Client/Tools/MacPorts.py
src/lib/Bcfg2/Client/Tools/Pacman.py
src/lib/Bcfg2/Client/Tools/YUM.py
src/lib/Bcfg2/Server/Admin/Minestruct.py
src/lib/Bcfg2/Server/Admin/Pull.py
src/lib/Bcfg2/Server/Admin/Viz.py
src/lib/Bcfg2/Server/Core.py
src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
src/lib/Bcfg2/Server/Plugins/Cfg/CfgPrivateKeyCreator.py
src/lib/Bcfg2/Server/Plugins/Properties.py
src/lib/Bcfg2/settings.py
src/sbin/bcfg2-crypt
src/sbin/bcfg2-info
src/sbin/bcfg2-lint
src/sbin/bcfg2-yum-helper
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/TestCfgEncryptedGenerator.py
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestProperties.py
|
| | |
|
| | |
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
doc/appendix/guides/fedora.txt
misc/bcfg2.spec
schemas/types.xsd
src/lib/Bcfg2/Encryption.py
src/lib/Bcfg2/Options.py
src/lib/Bcfg2/Server/Admin/Client.py
src/lib/Bcfg2/Server/Core.py
src/lib/Bcfg2/Server/Lint/Validate.py
src/lib/Bcfg2/Server/Plugin/helpers.py
src/lib/Bcfg2/Server/Plugins/Bundler.py
src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
src/lib/Bcfg2/Server/Plugins/Probes.py
src/sbin/bcfg2-crypt
testsuite/Testsrc/Testlib/TestServer/TestPlugin/Testhelpers.py
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/TestCfgEncryptedGenerator.py
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestProbes.py
testsuite/common.py
testsuite/install.sh
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Previously, if CfgEncryptedGenerator was imported before the Cfg
object was instantiated, it would finalize the
Bcfg2.Server.Plugins.Cfg.SETUP object with a value of None, and would
be unable to access the options dict.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
This lets you provide variables to the top-level namespace of
templates in a more seamless way than through a Connector plugin.
It's mostly useful for TemplateHelper for now, but may find other uses
in the future.
|
| | |
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
doc/development/lint.txt
misc/bcfg2.spec
src/lib/Bcfg2/Reporting/Collector.py
src/lib/Bcfg2/Server/Core.py
src/lib/Bcfg2/Server/Plugins/Metadata.py
src/lib/Bcfg2/Server/models.py
testsuite/install.sh
|
| |
| |
| |
| |
| |
| |
| |
| | |
The addition of the call to load_xml in 9a6a231 causes the test to
fail because load_xml() expects to read a clients.xml file. The
actual actual open calls in write_xml are dummied out with Mock,
so no file is written, and thus cannot be read back. This commit
dummies out the load_xml and adds some more asserts for good measure.
|
| |
| |
| |
| |
| | |
AWSTags allows querying tags from EC2, and setting groups based on the
tag names or values.
|
| |
| |
| |
| |
| |
| | |
Instead of mocking get_filename, use its normal functionality. This
avoids a messy situation where we have to mock out a **magic call,
which py2.5 doesn't like at all.
|
|\|
| |
| |
| |
| |
| | |
Conflicts:
src/lib/Bcfg2/Server/Plugins/Cfg/CfgPublicKeyCreator.py
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/TestCfgPrivateKeyCreator.py
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
created
Previously, only two cases were handled properly: both public and
private keys had been created; or neither had been created. If the
private key had been created (e.g., manually added to the repo), the
public key would not be created from it. This fixes that.
|
|\|
| |
| |
| |
| |
| |
| | |
Conflicts:
src/lib/Bcfg2/Server/Plugins/Cfg/CfgAuthorizedKeysGenerator.py
src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py
testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This monitors XIncluded files even if should_monitor=False, since the
object monitoring the base file will not monitor XIncludes. This
ensures that XIncluded files are properly monitored whenever possible,
particularly for Bundler and Properties.
This is a partial backport of 5b66845 -- as much of a backport as is
possible without a module-level FAM object.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| | |
This was needed when we implemented skipping ourselves in a hackish
way; with unittest2, skipping is implemented correctly, so tests can
always be skipped
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
Conflicts:
src/lib/Bcfg2/Client/Tools/__init__.py
src/lib/Bcfg2/Server/BuiltinCore.py
src/lib/Bcfg2/Server/Plugins/Metadata.py
src/lib/Bcfg2/Server/Plugins/NagiosGen.py
src/lib/Bcfg2/Server/Plugins/Probes.py
src/lib/Bcfg2/Server/SSLServer.py
tools/README
|
| |
| |
| |
| |
| | |
This makes category negation consistent, and also makes it work like
it did in Bcfg2 1.2
|
| |
| |
| |
| |
| |
| |
| | |
Removed code that supported an unused watch_clients option that
permitted locally disabling FAM monitoring for Metadata; and ensured
that XIncludes from clients.xml/groups.xml were always monitored
(fixed in 5b66845).
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In Bcfg2 1.3, XInclude'd files only got FAM watches if the parent file
was monitoring itself, and it got a FAM object passed to it. This led
to some ugly workarounds, and bugs -- you couldn't easily use XInclude
in Properties or Bundler, for instance, and have changes recognized.
Since FAM objects are now module-level, we can always monitor
XInclude'd files.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Substantially rewrote the way the Probes plugin caches data.
Formerly, it was structured to assume that probe data was stored in
probed.xml, with the database feature very much a second-class
citizen; this adds a proper abstraction layer between the persistent
storage and the plugin (and its caches).
Also rewrote most Probes unit tests to actually be useful unit tests,
not implementation tests.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The caching facilities in Bcfg2.Server.Cache provided basically no
features. This rewrites that to allow for much more powerful cache
expiration, with a particular focus on interoperation between
different components and plugins to let caches be expired as
necessary. (E.g., the Probes plugin can expire the Metadata cache.)
This does not affect any of the file data cached by Bcfg2, only the
caches that are populated with arbitrary data (Metadata, Packages,
Probes, etc.).
|
| |
| |
| |
| |
| |
| | |
Commit had more stuff in it than it should have.
This reverts commit a9a7c84703eb7250012fd68af3e4ca77eae07029.
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds encryption support to SSL key creation (much like SSH
private keys), and the ability to generate keys and certs that are
specific to groups, instead of just to hosts. It also moves the SSLCA
data (the XML files describing keys and certs as well as the keys and
certs themselves) into the Cfg tree, rather than off in their own
separate place.
tools/upgrade/1.4/migrate_sslca.py can be used to migrate to the new
format.
This also adds XMLCfgCreator, a CfgCreator that makes it easier to
create data based on XML descriptions of it (which is exactly what the
SSH key and SSL CA creators do), including built-in support for host-
and group-specific data, encryption, and so on.
|
| | |
|
| | |
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
doc/appendix/files/mysql.txt
doc/getting_started/index.txt
doc/server/plugins/structures/bundler/kernel.txt
src/lib/Bcfg2/Server/MultiprocessingCore.py
src/lib/Bcfg2/Server/Plugin/interfaces.py
src/lib/Bcfg2/Server/Plugins/Packages/Yum.py
src/lib/Bcfg2/Server/Plugins/Probes.py
src/lib/Bcfg2/Server/Plugins/SSHbase.py
|
| | |
|
| |
| |
| |
| |
| |
| | |
Rather than doing some ad-hoc lookups of internal data structures
stpierre suggested that it'd be better to use the normal metadata
build procedures. This implements that and adjusts the tests.
|
| |
| |
| |
| | |
Don't need to check write() because update_client() calls it
|
| | |
|