diff options
author | Jacob Helwig <jacob@puppetlabs.com> | 2010-09-21 14:01:15 -0700 |
---|---|---|
committer | Markus Roberts <Markus@reality.com> | 2010-09-28 15:36:23 -0700 |
commit | 66cf3a925b4b6d9b40cbdf95f2be6575bb05a881 (patch) | |
tree | d79edb7a8867a2e748e9b6f8bd4f3e191ade3aad /spec | |
parent | d54352a0cc305cfada05d9ecb927e79957c8d744 (diff) | |
download | puppet-66cf3a925b4b6d9b40cbdf95f2be6575bb05a881.tar.gz puppet-66cf3a925b4b6d9b40cbdf95f2be6575bb05a881.tar.xz puppet-66cf3a925b4b6d9b40cbdf95f2be6575bb05a881.zip |
Fix #4226 - Prepend 'Puppet CA: ' to fqdn for default root ca_name
Having a root ca_name that matches the fqdn of the puppet master would
cause certificate lookup problems on some clients, resulting in failed SSL
negotiation.
Signed-off-by: Jacob Helwig <jacob@puppetlabs.com>
Diffstat (limited to 'spec')
-rwxr-xr-x | spec/integration/defaults_spec.rb | 2 | ||||
-rw-r--r-- | spec/unit/sslcertificates/ca_spec.rb | 13 |
2 files changed, 13 insertions, 2 deletions
diff --git a/spec/integration/defaults_spec.rb b/spec/integration/defaults_spec.rb index 4ae2983f4..1f90c7cbc 100755 --- a/spec/integration/defaults_spec.rb +++ b/spec/integration/defaults_spec.rb @@ -227,7 +227,7 @@ describe "Puppet defaults" do it "should have a :caname setting that defaults to the cert name" do Puppet.settings[:certname] = "foo" - Puppet.settings[:ca_name].should == "foo" + Puppet.settings[:ca_name].should == "Puppet CA: foo" end it "should have a 'prerun_command' that defaults to the empty string" do diff --git a/spec/unit/sslcertificates/ca_spec.rb b/spec/unit/sslcertificates/ca_spec.rb index aa7e25ff3..b1393b25d 100644 --- a/spec/unit/sslcertificates/ca_spec.rb +++ b/spec/unit/sslcertificates/ca_spec.rb @@ -1,6 +1,6 @@ #!/usr/bin/env ruby - require File.dirname(__FILE__) + '/../../spec_helper' + require 'puppet' require 'puppet/sslcertificates' require 'puppet/sslcertificates/ca' @@ -95,5 +95,16 @@ describe Puppet::SSLCertificates::CA do it 'should store the public key' do File.exists?(Puppet[:capub]).should be_true end + + it 'should prepend "Puppet CA: " to the fqdn as the ca_name by default' do + host_mock_fact = mock() + host_mock_fact.expects(:value).returns('myhost') + domain_mock_fact = mock() + domain_mock_fact.expects(:value).returns('puppetlabs.lan') + Facter.stubs(:[]).with('hostname').returns(host_mock_fact) + Facter.stubs(:[]).with('domain').returns(domain_mock_fact) + + @ca.mkrootcert.name.should == 'Puppet CA: myhost.puppetlabs.lan' + end end end |