diff --git a/src/tests/system/data/test_ipa/public_keys_port b/src/tests/system/data/test_ipa/public_keys_port new file mode 100644 index 00000000000..58ec1ea2d94 --- /dev/null +++ b/src/tests/system/data/test_ipa/public_keys_port @@ -0,0 +1,3 @@ +4444 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCI56aGtsWIbjz8XhODRT8NAio+TIHMXdiKoG6SdCtVlCR6xNP6gXgmChVWJ9DXlOF3WztOBf9om5SsPGX73/to= +4444 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPeSgRv4Vyq6ehrcA8hc6LFd9cUR1H3vdtH+WMJXvf1h +4444 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4O+2dXWi4iTJR3vlsqZE9707K0sKTeEnWHyMoWUY0N/p6TZgxoLWfUW8XPbj4Yt4BaI6M48/jWZjHjXPJjLfgon3BT5LvyZHrlnN34APcZ7+r73mMt4pIPI7WnzqJluRGgcdEQuJhaSUbTGBUoHwCmp5JAREqWMappkwwSo9QQEzeAxT58dLTEyENTxB1DCP7sJShZd9p+37+5XJ1m1fkpnpDb/JMnTX9jSApk6r2DOZgcpX2aNFMbxSQ5zASfhmzJCfx52c97GD85Zx+LMXBJ4KzNKAbvTsruFj3k5jh7pYvqZseUuReBDCjSGQ4Q4MDBm+XAPbCNfQcgLPo678kkIFK8bZfKLDeJH4g64EO1xHGxBhmcYiXkc0gyqpECKekiUb3ltkyUA/R+Q8Jo+Zr70IHEM2fFvyiIqyz2Nx3PH/FTLDSBguQuEtzBHcMfb9/sO8lbofJneAfsAk3C3TYxqJ176xYqk4C24pB8UrOAflni+P0RqS1Zwte2u3ZD0E= diff --git a/src/tests/system/tests/test_format.py b/src/tests/system/tests/test_format.py new file mode 100644 index 00000000000..42c23d950fa --- /dev/null +++ b/src/tests/system/tests/test_format.py @@ -0,0 +1,27 @@ +import pytest + +# Function to test +def format_output(option, hostname, port, key): + if option == "-o": + return f"{hostname} {key}" + else: + return f"{hostname}:{port} {key}" + +# Parameterized test +@pytest.mark.parametrize("option, expected_output", [ + (None, "{hostname}:{port} {key}"), + ("-o", "{hostname} {key}") +]) +def test_format_output(option, expected_output): + # Example inputs + hostname = "localhost" + port = 8080 + key = "my_key" + + # Get the actual output from the function + actual_output = format_output(option, hostname, port, key) + + # Replace placeholders with actual values for comparison + expected_output_formatted = expected_output.format(hostname=hostname, port=port, key=key) + + assert actual_output == expected_output_formatted diff --git a/src/tests/system/tests/test_ipa.py b/src/tests/system/tests/test_ipa.py index c564ff9b619..6bc78d47753 100644 --- a/src/tests/system/tests/test_ipa.py +++ b/src/tests/system/tests/test_ipa.py @@ -127,6 +127,96 @@ def test_ipa__hostpublickeys_by_ip(client: Client, ipa: IPA, public_keys: list[s assert f"{ip} {key}" in result.stdout_lines, "Did not get expected public keys!" +@pytest.mark.ticket(gh=7583) +@pytest.mark.importance("low") +@pytest.mark.parametrize("option, output", [(None, "{hostname}:{port} {key}"), ("-o", "{hostname} {key}")]) +@pytest.mark.topology(KnownTopology.IPA) +def test_ipa__hostpublickeys_by_name_with_port( + client: Client, ipa: IPA, public_keys: list[str], option: str | None, output: str +): + """ + :title: sss_ssh_knownhosts returns public keys by host name with port + :setup: + 1. Create host with SSH key + 2. Configure SSSD with SSH responder + 3. Start SSSD + :steps: + 1. Lookup SSH key + :expectedresults: + 1. All public keys were printed + :customerscenario: False + """ + hostname = f"ssh-host.{ipa.domain}" + ip = "10.255.251.10" + port = 3333 + + ipa.host_account(hostname).add(ip=ip, sshpubkey=public_keys) + client.sssd.enable_responder("ssh") + client.sssd.start() + args = [] + if option is not None: + args.append(option) + args.append(f"[{hostname}]:{port}") + + result = client.sss_ssh_knownhosts(*args) + assert result.rc == 0, "Did not get OpenSSH known hosts public keys!" + assert len(public_keys) == len(result.stdout_lines), "Did not get expected number of public keys!" + for key in public_keys: + if option == "-o": + output = f"{hostname} {key}" + else: + output = f"[{hostname}]:{port} {key}" + expected_output = output.format(hostname=hostname, port=port, key=key) + assert expected_output in result.stdout_lines, "Did not get expected public keys!" + + +@pytest.mark.ticket(gh=7583) +@pytest.mark.importance("low") +@pytest.mark.topology(KnownTopology.IPA) +def test_ipa__hostpublickeys_with_non_default_port(client: Client, ipa: IPA, public_keys: list[str]): + """ + :title: sss_ssh_knownhosts returns public keys by hostname with non-default port + :setup: + 1. Create host with SSH key + 2. Add the ipasshpubkey with hostname and port + 3. Configure SSSD with SSH responder + 4. Start SSSD + :steps: + 1. Lookup SSH key + :expectedresults: + 1. All public keys were printed + :customerscenario: False + """ + hostname = f"ssh-host.{ipa.domain}" + ip = "10.255.251.10" + port = 4444 + + ipa.host_account(hostname).add(ip=ip, sshpubkey=public_keys) + client.sssd.enable_responder("ssh") + client.sssd.start() + + # IPA doesn't currently ipa host-mod with hostname and key + # this is workaround till IPA add the support. + for key in public_keys: + modify_content = ipa.fs.mktmp( + rf""" + dn: fqdn={hostname},cn=computers,cn=accounts,dc=ipa,dc=test + changetype: modify + add: ipaSshPubKey + ipaSshPubKey: [{hostname}]:{port} {key} + """, + mode="a=rx", + ) + ipa.host.conn.run(command=f"ldapmodify -H ldap://master.ipa.test -f {modify_content}") + + result = client.sss_ssh_knownhosts(f"[{hostname}]:{port}") + assert result.rc == 0, "Did not get OpenSSH known hosts public keys!" + for key in public_keys: + assert f"[{hostname}]:{port} {key}" in result.stdout_lines, ( + "Did not get expected public keys with " " the host name with port" + ) + + @pytest.mark.ticket(bz=1926622) @pytest.mark.integration @pytest.mark.importance("low")