[WIP] Test for dock-pulp with invalid user certificate

Katarina Bulkova · Katarina Bulkova · commit 1835ec35c3c5 · 2021-04-30T11:01:49.000+02:00
If user provides invalid certificate, dock-pulp fails with traceback.
OpenSSL is not required by dockpulp per se, however one of its dependecies
uses OpenSSL (if installed).
This change fixes this behaviour and adds tests for such scenario.

Signed-off-by: Katarina Bulkova &lt;kbulkova@redhat.com&gt;
diff --git a/dockpulp/__init__.py b/dockpulp/__init__.py
@@ -41,6 +41,7 @@
 from six.moves.urllib.parse import urlparse
 from requests.adapters import HTTPAdapter
 from requests.packages.urllib3.util.retry import Retry
+from OpenSSL.SSL import Error as OpenSSLError
 from operator import itemgetter
 import multiprocessing
 
@@ -158,7 +159,7 @@ def __call__(self, meth, api, **kwargs):
                     warnings.simplefilter("ignore")
                 answer = c(url, **kwargs)
 
-        except requests.exceptions.SSLError:
+        except (OpenSSLError, requests.exceptions.SSLError):
             if not self.verify:
                 raise errors.DockPulpLoginError(
                     'Expired or bad certificate, please re-login')
diff --git a/tests/requirements.txt b/tests/requirements.txt
@@ -5,3 +5,4 @@ responses
 requests
 flexmock
 simplejson
+pyOpenSSL
diff --git a/tests/test_pulp_instance.py b/tests/test_pulp_instance.py
@@ -1,20 +1,24 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 
-from copy import deepcopy
-from datetime import datetime
-from dockpulp import Pulp, Crane, RequestsHttpCaller, errors, log
-import pytest
 import hashlib
 import json
-import requests
-import tarfile
 import logging
 import subprocess
+import tarfile
+from copy import deepcopy
+from datetime import datetime
 from tempfile import NamedTemporaryFile
 from textwrap import dedent
+
+import pytest
+import requests
+from OpenSSL.SSL import Error as OpenSSLError
 from flexmock import flexmock
 from requests.packages.urllib3.util import Retry
+
+from dockpulp import Pulp, Crane, RequestsHttpCaller, errors, log
+
 log.setLevel(logging.CRITICAL)
 
 
@@ -310,6 +314,28 @@ def test_set_certs(self, pulp, cert, key):
         assert pulp.certificate == cert
         assert pulp.key == key
 
+    @pytest.mark.parametrize('tid, url', [
+        ('111', '/pulp/api/v2/tasks/111/')])
+    def test_invalid_cert(self, pulp, tid, url):
+        flexmock(requests.Session)
+        (requests.Session.should_receive('get').once().and_raise(OpenSSLError))
+        with pytest.raises(errors.DockPulpLoginError):
+            pulp.getTask(tid)
+
+    @pytest.mark.parametrize('tid, url', [
+        ('111', '/pulp/api/v2/tasks/111/')
+    ])
+    def test_always_valid_cert(self, pulp, tid, url):
+        class Answer:
+            def __init__(self):
+                self.ok = True
+                self.json = (lambda: None)
+                self.status_code = 200
+
+        flexmock(requests.Session)
+        (requests.Session.should_receive('get').once().and_return(Answer()))
+        pulp.getTask(tid)
+
     @pytest.mark.parametrize('tid, url', [
         ('111', '/pulp/api/v2/tasks/111/')
     ])
