summaryrefslogtreecommitdiffstats
path: root/test/integration/targets/openssl_dhparam/tasks/impl.yml
diff options
context:
space:
mode:
Diffstat (limited to 'test/integration/targets/openssl_dhparam/tasks/impl.yml')
-rw-r--r--test/integration/targets/openssl_dhparam/tasks/impl.yml97
1 files changed, 97 insertions, 0 deletions
diff --git a/test/integration/targets/openssl_dhparam/tasks/impl.yml b/test/integration/targets/openssl_dhparam/tasks/impl.yml
new file mode 100644
index 0000000000..dcef8da59d
--- /dev/null
+++ b/test/integration/targets/openssl_dhparam/tasks/impl.yml
@@ -0,0 +1,97 @@
+---
+# The tests for this module generate unsafe parameters for testing purposes;
+# otherwise tests would be too slow. Use sizes of at least 2048 in production!
+- name: "[{{ select_crypto_backend }}] Generate parameter"
+ openssl_dhparam:
+ size: 768
+ path: '{{ output_dir }}/dh768.pem'
+ select_crypto_backend: "{{ select_crypto_backend }}"
+
+- name: "[{{ select_crypto_backend }}] Don't regenerate parameters with no change"
+ openssl_dhparam:
+ size: 768
+ path: '{{ output_dir }}/dh768.pem'
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_changed
+
+- name: "[{{ select_crypto_backend }}] Generate parameters with size option"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh512.pem'
+ size: 512
+ select_crypto_backend: "{{ select_crypto_backend }}"
+
+- name: "[{{ select_crypto_backend }}] Don't regenerate parameters with size option and no change"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh512.pem'
+ size: 512
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_changed_512
+
+- copy:
+ src: '{{ output_dir }}/dh768.pem'
+ remote_src: yes
+ dest: '{{ output_dir }}/dh512.pem'
+
+- name: "[{{ select_crypto_backend }}] Re-generate if size is different"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh512.pem'
+ size: 512
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_changed_to_512
+
+- name: "[{{ select_crypto_backend }}] Force re-generate parameters with size option"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh512.pem'
+ size: 512
+ force: yes
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_changed_force
+
+- name: "[{{ select_crypto_backend }}] Create broken params"
+ copy:
+ dest: "{{ output_dir }}/dhbroken.pem"
+ content: "broken"
+- name: "[{{ select_crypto_backend }}] Regenerate broken params"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dhbroken.pem'
+ size: 512
+ force: yes
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: output_broken
+
+- name: "[{{ select_crypto_backend }}] Generate params"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh_backup.pem'
+ size: 512
+ backup: yes
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_backup_1
+- name: "[{{ select_crypto_backend }}] Generate params (idempotent)"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh_backup.pem'
+ size: 512
+ backup: yes
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_backup_2
+- name: "[{{ select_crypto_backend }}] Generate params (change)"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh_backup.pem'
+ size: 512
+ force: yes
+ backup: yes
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_backup_3
+- name: "[{{ select_crypto_backend }}] Generate params (remove)"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh_backup.pem'
+ state: absent
+ backup: yes
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_backup_4
+- name: "[{{ select_crypto_backend }}] Generate params (remove, idempotent)"
+ openssl_dhparam:
+ path: '{{ output_dir }}/dh_backup.pem'
+ state: absent
+ backup: yes
+ select_crypto_backend: "{{ select_crypto_backend }}"
+ register: dhparam_backup_5
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-01 16:32:24 +0100