diff options
Diffstat (limited to 'spec/unit/ssl')
| -rwxr-xr-x | spec/unit/ssl/certificate_authority_spec.rb | 27 | ||||
| -rwxr-xr-x | spec/unit/ssl/inventory_spec.rb | 13 | ||||
| -rw-r--r-- | spec/unit/ssl/validator_spec.rb | 1 |
3 files changed, 38 insertions, 3 deletions
diff --git a/spec/unit/ssl/certificate_authority_spec.rb b/spec/unit/ssl/certificate_authority_spec.rb index ef5a86862..2881b0a1e 100755 --- a/spec/unit/ssl/certificate_authority_spec.rb +++ b/spec/unit/ssl/certificate_authority_spec.rb @@ -7,7 +7,6 @@ require 'puppet/ssl/certificate_authority' describe Puppet::SSL::CertificateAuthority do after do Puppet::SSL::CertificateAuthority.instance_variable_set(:@singleton_instance, nil) - Puppet.settings.clearused end def stub_ca_host @@ -937,12 +936,36 @@ describe Puppet::SSL::CertificateAuthority do cert = stub 'cert', :content => real_cert Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil - @ca.inventory.expects(:serial).with("host").returns 16 + @ca.inventory.expects(:serials).with("host").returns [16] @ca.crl.expects(:revoke).with { |serial, key| serial == 16 } @ca.revoke('host') end + it "should revoke all serials matching a name" do + real_cert = stub 'real_cert', :serial => 15 + cert = stub 'cert', :content => real_cert + Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil + + @ca.inventory.expects(:serials).with("host").returns [16, 20, 25] + + @ca.crl.expects(:revoke).with { |serial, key| serial == 16 } + @ca.crl.expects(:revoke).with { |serial, key| serial == 20 } + @ca.crl.expects(:revoke).with { |serial, key| serial == 25 } + @ca.revoke('host') + end + + it "should raise an error if no certificate match" do + real_cert = stub 'real_cert', :serial => 15 + cert = stub 'cert', :content => real_cert + Puppet::SSL::Certificate.indirection.expects(:find).with("host").returns nil + + @ca.inventory.expects(:serials).with("host").returns [] + + @ca.crl.expects(:revoke).never + expect { @ca.revoke('host') }.to raise_error + end + context "revocation by serial number (#16798)" do it "revokes when given a lower case hexadecimal formatted string" do @ca.crl.expects(:revoke).with { |serial, key| serial == 15 } diff --git a/spec/unit/ssl/inventory_spec.rb b/spec/unit/ssl/inventory_spec.rb index 6e4fbd340..879fd90d1 100755 --- a/spec/unit/ssl/inventory_spec.rb +++ b/spec/unit/ssl/inventory_spec.rb @@ -133,5 +133,18 @@ describe Puppet::SSL::Inventory, :unless => Puppet.features.microsoft_windows? d @inventory.serial("me").should == 15 end end + + describe "and finding all serial numbers" do + it "should return nil if the inventory file is missing" do + Puppet::FileSystem.expects(:exist?).with(cert_inventory).returns false + @inventory.serials(:whatever).should be_empty + end + + it "should return the all the serial numbers from the lines matching the provided name" do + File.expects(:readlines).with(cert_inventory).returns ["0x00f blah blah /CN=me\n", "0x001 blah blah /CN=you\n", "0x002 blah blah /CN=me\n"] + + @inventory.serials("me").should == [15, 2] + end + end end end diff --git a/spec/unit/ssl/validator_spec.rb b/spec/unit/ssl/validator_spec.rb index 2b8cfb0f9..ade1575dc 100644 --- a/spec/unit/ssl/validator_spec.rb +++ b/spec/unit/ssl/validator_spec.rb @@ -1,6 +1,5 @@ require 'spec_helper' require 'puppet/ssl' -require 'puppet/ssl/configuration' describe Puppet::SSL::Validator::DefaultValidator do let(:ssl_context) do |