45 lines
1.5 KiB
Diff
45 lines
1.5 KiB
Diff
From 3baae8d1bd0a0c4c707314524289e86e6ecbc0df Mon Sep 17 00:00:00 2001
|
|
From: Alexander Bokovoy <abokovoy@redhat.com>
|
|
Date: Mon, 14 Mar 2022 21:09:36 +0200
|
|
Subject: [PATCH] test_otp: do not use paramiko unless it is really needed
|
|
|
|
paramiko cannot be used in FIPS mode. We have few tests that import
|
|
generic methods from test_otp (add_token/del_token) and those tests fail
|
|
in FIPS mode due to unconditional 'import paramiko'.
|
|
|
|
Instead, move 'import paramiko' to the ssh_2f() helper which is not used
|
|
in FIPS mode (the whole SSH 2FA test is skipped then).
|
|
|
|
Related: https://pagure.io/freeipa/issue/9119
|
|
|
|
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
|
|
Reviewed-By: Francisco Trivino <ftrivino@redhat.com>
|
|
---
|
|
ipatests/test_integration/test_otp.py | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/ipatests/test_integration/test_otp.py b/ipatests/test_integration/test_otp.py
|
|
index bec76d205bf37699483b65ebbc5613cbbb466bb4..04bef4626077e727654898b07a76acab4f1d5971 100644
|
|
--- a/ipatests/test_integration/test_otp.py
|
|
+++ b/ipatests/test_integration/test_otp.py
|
|
@@ -5,7 +5,6 @@
|
|
"""
|
|
import base64
|
|
import logging
|
|
-import paramiko
|
|
import pytest
|
|
import re
|
|
import time
|
|
@@ -102,6 +101,8 @@ def ssh_2f(hostname, username, answers_dict, port=22):
|
|
logger.info(
|
|
"Answer to ssh prompt is: '%s'", answers_dict[prmpt_str])
|
|
return resp
|
|
+
|
|
+ import paramiko
|
|
trans = paramiko.Transport((hostname, port))
|
|
trans.connect()
|
|
trans.auth_interactive(username, answer_handler)
|
|
--
|
|
2.34.1
|
|
|