summaryrefslogtreecommitdiff
path: root/spec/unit/ssl/certificate_authority_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/unit/ssl/certificate_authority_spec.rb')
-rwxr-xr-xspec/unit/ssl/certificate_authority_spec.rb27
1 files changed, 25 insertions, 2 deletions
diff --git a/spec/unit/ssl/certificate_authority_spec.rb b/spec/unit/ssl/certificate_authority_spec.rb
index ef5a86862..2881b0a1e 100755
--- a/spec/unit/ssl/certificate_authority_spec.rb
+++ b/spec/unit/ssl/certificate_authority_spec.rb
@@ -7,7 +7,6 @@ require 'puppet/ssl/certificate_authority'
describe Puppet::SSL::CertificateAuthority do
after do
Puppet::SSL::CertificateAuthority.instance_variable_set(:@singleton_instance, nil)
- Puppet.settings.clearused
end
def stub_ca_host
@@ -937,12 +936,36 @@ describe Puppet::SSL::CertificateAuthority do
cert = stub 'cert', :content => real_cert
Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil
- @ca.inventory.expects(:serial).with("host").returns 16
+ @ca.inventory.expects(:serials).with("host").returns [16]
@ca.crl.expects(:revoke).with { |serial, key| serial == 16 }
@ca.revoke('host')
end
+ it "should revoke all serials matching a name" do
+ real_cert = stub 'real_cert', :serial => 15
+ cert = stub 'cert', :content => real_cert
+ Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil
+
+ @ca.inventory.expects(:serials).with("host").returns [16, 20, 25]
+
+ @ca.crl.expects(:revoke).with { |serial, key| serial == 16 }
+ @ca.crl.expects(:revoke).with { |serial, key| serial == 20 }
+ @ca.crl.expects(:revoke).with { |serial, key| serial == 25 }
+ @ca.revoke('host')
+ end
+
+ it "should raise an error if no certificate match" do
+ real_cert = stub 'real_cert', :serial => 15
+ cert = stub 'cert', :content => real_cert
+ Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil
+
+ @ca.inventory.expects(:serials).with("host").returns []
+
+ @ca.crl.expects(:revoke).never
+ expect { @ca.revoke('host') }.to raise_error
+ end
+
context "revocation by serial number (#16798)" do
it "revokes when given a lower case hexadecimal formatted string" do
@ca.crl.expects(:revoke).with { |serial, key| serial == 15 }
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-01 11:54:49 +0000