From b612f422bf156a3b3927038472ad885b1afa556e Mon Sep 17 00:00:00 2001
From: kali <kali@leap.se>
Date: Mon, 3 Sep 2012 02:51:41 +0900
Subject: providercertchecks:check_https_is_working

implementing a https server with its own base testcase
for convenience. https is delicate, and I think it's better
checking against a real implementation than mocking everything
here.
---
 src/leap/eip/checks.py | 62 ++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 60 insertions(+), 2 deletions(-)

(limited to 'src/leap/eip/checks.py')

diff --git a/src/leap/eip/checks.py b/src/leap/eip/checks.py
index c6a7ca72..4112ef57 100644
--- a/src/leap/eip/checks.py
+++ b/src/leap/eip/checks.py
@@ -40,12 +40,70 @@ class LeapNetworkChecker(object):
 
 
 class ProviderCertChecker(object):
-    pass
+    """
+    Several checks needed for getting
+    client certs and checking tls connection
+    with provider.
+    """
+    def __init__(self, fetcher=requests):
+        self.fetcher = fetcher
+
+    def run_all(self, checker=None, skip_download=False):
+        if not checker:
+            checker = self
+
+        # For MVS+
+        # checker.download_ca_cert()
+        # checker.download_ca_signature()
+        # checker.get_ca_signatures()
+        # checker.is_there_trust_path()
+
+        # For MVS
+        checker.is_there_provider_ca()
+        checker.is_https_working()
+        checker.download_new_client_cert()
+
+    def download_ca_cert(self):
+        # MVS+
+        raise NotImplementedError
+
+    def download_ca_signature(self):
+        # MVS+
+        raise NotImplementedError
+
+    def get_ca_signatures(self):
+        # MVS+
+        raise NotImplementedError
+
+    def is_there_trust_path(self):
+        # MVS+
+        raise NotImplementedError
+
+    def is_there_provider_ca(self):
+        # XXX fake it till you make it! :P
+        return True
+
+        # enable this when we have
+        # a custom "branded" bundle
+        # certs package.
+        try:
+            from leap.custom import certs
+            certs.ca.pemfile
+        except ImportError:
+            raise
+
+    def is_https_working(self, uri=None, cacert=None, verify=True):
+        assert uri.startswith('https')
+        self.fetcher.get(uri, verify=verify)
+        return True
+
+    def download_new_client_cert(self):
+        return True
 
 
 class EIPConfigChecker(object):
     """
-    Several tests needed
+    Several checks needed
     to ensure a EIPConnection
     can be sucessfully established.
     use run_all to run all checks.
-- 
cgit v1.2.3