Imported Upstream version 3.7.0upstream/3.7.0

3 files changed, 38 insertions, 3 deletions

diff --git a/spec/unit/ssl/certificate_authority_spec.rb b/spec/unit/ssl/certificate_authority_spec.rb
index ef5a86862..2881b0a1e 100755
--- a/spec/unit/ssl/certificate_authority_spec.rb
+++ b/spec/unit/ssl/certificate_authority_spec.rb
@@ -7,7 +7,6 @@ require 'puppet/ssl/certificate_authority'
 describe Puppet::SSL::CertificateAuthority do
   after do
     Puppet::SSL::CertificateAuthority.instance_variable_set(:@singleton_instance, nil)
-    Puppet.settings.clearused
   end
 
   def stub_ca_host
@@ -937,12 +936,36 @@ describe Puppet::SSL::CertificateAuthority do
         cert = stub 'cert', :content => real_cert
         Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil
 
-        @ca.inventory.expects(:serial).with("host").returns 16
+        @ca.inventory.expects(:serials).with("host").returns [16]
 
         @ca.crl.expects(:revoke).with { |serial, key| serial == 16 }
         @ca.revoke('host')
       end
 
+      it "should revoke all serials matching a name" do
+        real_cert = stub 'real_cert', :serial => 15
+        cert = stub 'cert', :content => real_cert
+        Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil
+
+        @ca.inventory.expects(:serials).with("host").returns [16, 20, 25]
+
+        @ca.crl.expects(:revoke).with { |serial, key| serial == 16 }
+        @ca.crl.expects(:revoke).with { |serial, key| serial == 20 }
+        @ca.crl.expects(:revoke).with { |serial, key| serial == 25 }
+        @ca.revoke('host')
+      end
+
+      it "should raise an error if no certificate match" do
+        real_cert = stub 'real_cert', :serial => 15
+        cert = stub 'cert', :content => real_cert
+        Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil
+
+        @ca.inventory.expects(:serials).with("host").returns []
+
+        @ca.crl.expects(:revoke).never
+        expect { @ca.revoke('host') }.to raise_error
+      end
+
       context "revocation by serial number (#16798)" do
         it "revokes when given a lower case hexadecimal formatted string" do
           @ca.crl.expects(:revoke).with { |serial, key| serial == 15 }
diff --git a/spec/unit/ssl/inventory_spec.rb b/spec/unit/ssl/inventory_spec.rb
index 6e4fbd340..879fd90d1 100755
--- a/spec/unit/ssl/inventory_spec.rb
+++ b/spec/unit/ssl/inventory_spec.rb
@@ -133,5 +133,18 @@ describe Puppet::SSL::Inventory, :unless => Puppet.features.microsoft_windows? d
         @inventory.serial("me").should == 15
       end
     end
+
+    describe "and finding all serial numbers" do
+      it "should return nil if the inventory file is missing" do
+        Puppet::FileSystem.expects(:exist?).with(cert_inventory).returns false
+        @inventory.serials(:whatever).should be_empty
+      end
+
+      it "should return the all the serial numbers from the lines matching the provided name" do
+        File.expects(:readlines).with(cert_inventory).returns ["0x00f blah blah /CN=me\n", "0x001 blah blah /CN=you\n", "0x002 blah blah /CN=me\n"]
+
+        @inventory.serials("me").should == [15, 2]
+      end
+    end
   end
 end
diff --git a/spec/unit/ssl/validator_spec.rb b/spec/unit/ssl/validator_spec.rb
index 2b8cfb0f9..ade1575dc 100644
--- a/spec/unit/ssl/validator_spec.rb
+++ b/spec/unit/ssl/validator_spec.rb
@@ -1,6 +1,5 @@
 require 'spec_helper'
 require 'puppet/ssl'
-require 'puppet/ssl/configuration'
 
 describe Puppet::SSL::Validator::DefaultValidator do
   let(:ssl_context) do