Fixs #2620 authconf interpolation, #2570 0-9 in domain names

Partial refactoring to clean up the case in the ticket (host name containing dots, begining and ending with a digit, was mistaken for an IP address) and a range of related edge cases. Stopped short of a full refactoring (put off to 0.26 as #2623) Added tests for numerous edge cases. This also fixes the issue raised in #2570. Signed-off-by: Markus Roberts <Markus@reality.com>
author: Markus Roberts <Markus@reality.com> 2009-09-10 12:31:35 -0700
committer: James Turnbull <james@lovedthanlost.net> 2009-09-14 07:57:03 +1000
commit: 7404e31d1ec418e9fdc276e0e619c045567cc00c (patch)
tree: 52420f9e2bb7f3f401456980692e261cfb7ad8f4 /spec/unit/network
parent: 43443390ec210a9462631d400b27d68b33d6592d (diff)
download: puppet-7404e31d1ec418e9fdc276e0e619c045567cc00c.tar.gz
puppet-7404e31d1ec418e9fdc276e0e619c045567cc00c.tar.xz
puppet-7404e31d1ec418e9fdc276e0e619c045567cc00c.zip
1 files changed, 77 insertions, 28 deletions
diff --git a/spec/unit/network/authstore.rb b/spec/unit/network/authstore.rb
index 4da3714ae..55b2c7bbc 100644
--- a/spec/unit/network/authstore.rb
+++ b/spec/unit/network/authstore.rb
@@ -6,25 +6,46 @@ require 'puppet/network/authconfig'
 
 describe Puppet::Network::AuthStore::Declaration do
 
-    describe "when the pattern is simple numeric IP" do
-        before :each do
-            @ip = '100.101.99.98'
-            @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@ip)
-        end
-        it "should match the specified IP" do
-            @declaration.should be_match('www.testsite.org',@ip)
+    ['100.101.99.98','100.100.100.100','1.2.3.4','11.22.33.44'].each { |ip|
+        describe "when the pattern is a simple numeric IP such as #{ip}" do
+            before :each do
+                @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,ip)
+            end
+            it "should match the specified IP" do
+                @declaration.should be_match('www.testsite.org',ip)
+            end
+            it "should not match other IPs" do
+                @declaration.should_not be_match('www.testsite.org','200.101.99.98')
+            end
         end
-        it "should not match other IPs" do
-            @declaration.should_not be_match('www.testsite.org','200.101.99.98')
-        end
-    end
+
+        (1..3).each { |n|
+            describe "when the pattern is a IP mask with #{n} numeric segments and a *" do
+                before :each do
+                    @ip_pattern = ip.split('.')[0,n].join('.')+'.*'
+                    @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@ip_pattern)
+                end
+                it "should match an IP in the range" do
+                    @declaration.should be_match('www.testsite.org',ip)
+                end
+                it "should not match other IPs" do
+                    @declaration.should_not be_match('www.testsite.org','200.101.99.98')
+                end
+                it "should not match IPs that differ in the last non-wildcard segment" do
+                    other = ip.split('.')
+                    other[n-1].succ!
+                    @declaration.should_not be_match('www.testsite.org',other.join('.'))
+                end
+            end
+        }    
+    }
 
     describe "when the pattern is a numeric IP with a back reference" do
         before :each do
             @ip = '100.101.$1'
             @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@ip).interpolate('12.34'.match(/(.*)/))
         end
-        it "should match an IP with the apropriate interpolation" do
+        it "should match an IP with the appropriate interpolation" do
             @declaration.should be_match('www.testsite.org',@ip.sub(/\$1/,'12.34'))
         end
         it "should not match other IPs" do
@@ -32,20 +53,25 @@ describe Puppet::Network::AuthStore::Declaration do
         end
     end
 
-    describe "when the pattern is a PQDN" do
-        before :each do
-            @host = 'spirit.mars.nasa.gov'
-            @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@host)
-        end
-        it "should match the specified PQDN" do
-            pending "FQDN consensus"
-            @declaration.should be_match(@host,'200.101.99.98')
-        end
-        it "should not match a similar FQDN" do
-            pending "FQDN consensus"
-            @declaration.should_not be_match(@host+'.','200.101.99.98')
-        end
-    end
+    {
+    'spirit.mars.nasa.gov' => 'a PQDN',
+    'ratchet.2ndsiteinc.com' => 'a PQDN with digits',
+    'a.c.ru' => 'a PQDN with short segments',
+    }.each {|pqdn,desc|
+        describe "when the pattern is #{desc}" do
+            before :each do
+                @host = pqdn
+                @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@host)
+            end
+            it "should match the specified PQDN" do
+                @declaration.should be_match(@host,'200.101.99.98')
+            end
+            it "should not match a similar FQDN" do
+                pending "FQDN consensus"
+                @declaration.should_not be_match(@host+'.','200.101.99.98')
+            end
+        end
+    }
 
     describe "when the pattern is a FQDN" do
         before :each do
@@ -57,7 +83,6 @@ describe Puppet::Network::AuthStore::Declaration do
             @declaration.should be_match(@host,'200.101.99.98')
         end
         it "should not match a similar PQDN" do
-            #pending "FQDN consensus"
             @declaration.should_not be_match(@host[0..-2],'200.101.99.98')
         end
     end
@@ -70,7 +95,31 @@ describe Puppet::Network::AuthStore::Declaration do
             @pattern = %{^/catalog/([^/]+)$}
             @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
         end
-        it "should match an IP with the apropriate interpolation" do
+        it "should match an IP with the appropriate interpolation" do
+            @declaration.interpolate(@item.match(@pattern)).should be_match(@host,'10.0.0.5')
+        end
+    end
+
+    describe "when the pattern is an opaque string with a back reference and the matched data contains dots" do
+        before :each do
+            @host = 'admin.mgmt.nym1'
+            @item = "/catalog/#{@host}"
+            @pattern = %{^/catalog/([^/]+)$}
+            @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
+        end
+        it "should match a name with the appropriate interpolation" do
+            @declaration.interpolate(@item.match(@pattern)).should be_match(@host,'10.0.0.5')
+        end
+    end
+
+    describe "when the pattern is an opaque string with a back reference and the matched data contains dots with an initial prefix that looks like an IP address" do
+        before :each do
+            @host = '01.admin.mgmt.nym1'
+            @item = "/catalog/#{@host}"
+            @pattern = %{^/catalog/([^/]+)$}
+            @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
+        end
+        it "should match a name with the appropriate interpolation" do
             @declaration.interpolate(@item.match(@pattern)).should be_match(@host,'10.0.0.5')
         end
     end
author	Markus Roberts <Markus@reality.com>	2009-09-10 12:31:35 -0700
committer	James Turnbull <james@lovedthanlost.net>	2009-09-14 07:57:03 +1000
commit	7404e31d1ec418e9fdc276e0e619c045567cc00c (patch)
tree	52420f9e2bb7f3f401456980692e261cfb7ad8f4 /spec/unit/network
parent	43443390ec210a9462631d400b27d68b33d6592d (diff)
download	puppet-7404e31d1ec418e9fdc276e0e619c045567cc00c.tar.gz puppet-7404e31d1ec418e9fdc276e0e619c045567cc00c.tar.xz puppet-7404e31d1ec418e9fdc276e0e619c045567cc00c.zip