diff options
| author | Markus Roberts <Markus@reality.com> | 2009-08-11 22:58:34 -0700 |
|---|---|---|
| committer | James Turnbull <james@lovedthanlost.net> | 2009-08-13 08:16:54 +1000 |
| commit | 55a9cdbac71ef303c4905330b946586262297672 (patch) | |
| tree | 8d8de19526885de9a4ee4050f17c14711938e888 /spec | |
| parent | 601a2e54aecccedfc0bdd94939d44cc07b4d6588 (diff) | |
| download | puppet-55a9cdbac71ef303c4905330b946586262297672.tar.gz puppet-55a9cdbac71ef303c4905330b946586262297672.tar.xz puppet-55a9cdbac71ef303c4905330b946586262297672.zip | |
Fix #2517 - Stack overflow when CA cert missing
This was a "There's A Hole In The Bucket" problem caused when trying
to establish a connection to get a certificate before there was
a certificate with which to establish the connection, ad
infinitum. The solution was to test for the presence of the
CA cert as well as the host cert before attempting to use them.
This patch modifies existing tests to pass with the new code (by
stubbing out the additional FileTests) and adds a new test which
catches the original problem.
Signed-off-by: Markus Roberts <Markus@reality.com>
Diffstat (limited to 'spec')
| -rwxr-xr-x | spec/unit/network/http_pool.rb | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/spec/unit/network/http_pool.rb b/spec/unit/network/http_pool.rb index ce7630951..65f91efa1 100755 --- a/spec/unit/network/http_pool.rb +++ b/spec/unit/network/http_pool.rb @@ -147,8 +147,10 @@ describe Puppet::Network::HttpPool do Puppet[:confdir] = "/sometthing/else" Puppet.settings.stubs(:value).returns "/some/file" Puppet.settings.stubs(:value).with(:hostcert).returns "/host/cert" + Puppet.settings.stubs(:value).with(:localcacert).returns "/local/ca/cert" FileTest.stubs(:exist?).with("/host/cert").returns true + FileTest.stubs(:exist?).with("/local/ca/cert").returns true Puppet::Network::HttpPool.stubs(:ssl_host).returns @host end @@ -157,12 +159,18 @@ describe Puppet::Network::HttpPool do Puppet.settings.clear end - it "should do nothing if no certificate is on disk" do + it "should do nothing if no host certificate is on disk" do FileTest.expects(:exist?).with("/host/cert").returns false @http.expects(:cert=).never Puppet::Network::HttpPool.cert_setup(@http) end + it "should do nothing if no local certificate is on disk" do + FileTest.expects(:exist?).with("/local/ca/cert").returns false + @http.expects(:cert=).never + Puppet::Network::HttpPool.cert_setup(@http) + end + it "should add a certificate store from the ssl host" do @http.expects(:cert_store=).with(@store) @@ -192,6 +200,7 @@ describe Puppet::Network::HttpPool do FileTest.stubs(:exist?).with(Puppet[:hostcert]).returns true Puppet.settings.stubs(:value).with(:localcacert).returns "/ca/cert/file" + FileTest.stubs(:exist?).with("/ca/cert/file").returns true @http.expects(:ca_file=).with("/ca/cert/file") Puppet::Network::HttpPool.cert_setup(@http) |