blob: 17c0362a75ba83699a6c88d58b9e6377d351ed95 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
#! /usr/bin/env ruby
require 'spec_helper'
require 'openssl'
require 'puppet/util/ssl'
describe Puppet::Util::SSL do
def parse(dn)
Puppet::Util::SSL.subject_from_dn(dn)
end
describe "when getting a subject from a DN" do
RSpec::Matchers.define :be_a_subject_with do |expected|
match do |actual|
parts = actual.to_a.map { |part| part[0..1] }.flatten
Hash[*parts] == expected
end
end
NO_PARTS = {}
it "parses a DN with a single part" do
parse('CN=client.example.org').should be_a_subject_with({
'CN' => 'client.example.org'
})
end
it "parses a DN with parts separated by slashes" do
parse('/CN=Root CA/OU=Server Operations/O=Example Org').should be_a_subject_with({
'CN' => 'Root CA',
'OU' => 'Server Operations',
'O' => 'Example Org'
})
end
it "parses a DN with a single part preceeded by a slash" do
parse('/CN=client.example.org').should be_a_subject_with({
'CN' => 'client.example.org'
})
end
it "parses a DN with parts separated by commas" do
parse('O=Foo\, Inc,CN=client2a.example.org').should be_a_subject_with({
'O' => 'Foo, Inc',
'CN' => 'client2a.example.org'
})
end
it "finds no parts in something that is not a DN" do
parse('(no)').should be_a_subject_with(NO_PARTS)
end
it "finds no parts in a DN with an invalid part" do
parse('no=yes,CN=Root CA').should be_a_subject_with(NO_PARTS)
end
it "finds no parts in an empty DN" do
parse('').should be_a_subject_with(NO_PARTS)
end
end
describe "when getting a CN from a subject" do
def cn_from(subject)
Puppet::Util::SSL.cn_from_subject(subject)
end
it "should correctly parse a subject containing only a CN" do
subj = parse('/CN=foo')
cn_from(subj).should == 'foo'
end
it "should correctly parse a subject containing other components" do
subj = parse('/CN=Root CA/OU=Server Operations/O=Example Org')
cn_from(subj).should == 'Root CA'
end
it "should correctly parse a subject containing other components with CN not first" do
subj = parse('/emailAddress=foo@bar.com/CN=foo.bar.com/O=Example Org')
cn_from(subj).should == 'foo.bar.com'
end
it "should return nil for a subject with no CN" do
subj = parse('/OU=Server Operations/O=Example Org')
cn_from(subj).should == nil
end
it "should return nil for a bare string" do
cn_from("/CN=foo").should == nil
end
end
end
|
