diff options
| author | luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> | 2006-11-08 05:22:24 +0000 |
|---|---|---|
| committer | luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> | 2006-11-08 05:22:24 +0000 |
| commit | 744ded30a02883dd8ce5fbf2b847f10acb226d6e (patch) | |
| tree | d962b7b21f3a5d20dafd8e7f862c23a2449c2c9b /test/certmgr | |
| parent | dc4d98091a5566be289830839f1d6eb39367b42c (diff) | |
| download | puppet-744ded30a02883dd8ce5fbf2b847f10acb226d6e.tar.gz puppet-744ded30a02883dd8ce5fbf2b847f10acb226d6e.tar.xz puppet-744ded30a02883dd8ce5fbf2b847f10acb226d6e.zip | |
Merging the code over from the oscar branch. I will now be doing all development in the trunk again, except for larger changes, which will still get their own branch. This is a merge of the changes from revision 1826 to revision 1834.
git-svn-id: https://reductivelabs.com/svn/puppet/trunk@1835 980ebf18-57e1-0310-9a29-db15c13687c0
Diffstat (limited to 'test/certmgr')
| -rwxr-xr-x | test/certmgr/certmgr.rb | 69 | ||||
| -rwxr-xr-x | test/certmgr/inventory.rb | 79 |
2 files changed, 85 insertions, 63 deletions
diff --git a/test/certmgr/certmgr.rb b/test/certmgr/certmgr.rb index 5e2210913..d9349a9c0 100755 --- a/test/certmgr/certmgr.rb +++ b/test/certmgr/certmgr.rb @@ -5,6 +5,7 @@ $:.unshift("../lib").unshift("../../lib") if __FILE__ =~ /\.rb$/ require 'puppet' require 'puppet/sslcertificates.rb' require 'puppettest' +require 'puppettest/certificates' # so, what kind of things do we want to test? @@ -16,7 +17,7 @@ require 'puppettest' # and test whether we've got things in the right scopes class TestCertMgr < Test::Unit::TestCase - include PuppetTest + include PuppetTest::Certificates def setup super #@dir = File.join(Puppet[:certdir], "testing") @@ -24,28 +25,6 @@ class TestCertMgr < Test::Unit::TestCase system("mkdir -p %s" % @dir) end - def mkPassFile() - keyfile = File.join(@dir, "tmpkeyfile") - @@tmpfiles << keyfile - unless FileTest.exists?(@dir) - system("mkdir -p %s" % @dir) - end - File.open(keyfile, "w", 0600) { |f| - f.print "as;dklj23rlkjzdflij23wr" - } - - return keyfile - end - - def mkCA - ca = nil - assert_nothing_raised { - ca = Puppet::SSLCertificates::CA.new() - } - - return ca - end - def testCreateSelfSignedCertificate cert = nil name = "testing" @@ -191,16 +170,6 @@ class TestCertMgr < Test::Unit::TestCase assert_equal($?,0) assert_equal(File.join(Puppet[:certdir], "signedcertest.pem: OK\n"), output) end - - def mkcert(hostname) - cert = nil - assert_nothing_raised { - cert = Puppet::SSLCertificates::Certificate.new(:name => hostname) - cert.mkcsr - } - - return cert - end def test_interactiveca @@ -259,8 +228,8 @@ class TestCertMgr < Test::Unit::TestCase def test_crl ca = mkCA() - h1 = mkSignedCert(ca, "host1.example.com") - h2 = mkSignedCert(ca, "host2.example.com") + h1 = mksignedcert(ca, "host1.example.com") + h2 = mksignedcert(ca, "host2.example.com") assert(ca.cert.verify(ca.cert.public_key)) assert(h1.verify(ca.cert.public_key)) @@ -295,23 +264,6 @@ class TestCertMgr < Test::Unit::TestCase assert(!store.verify(h2, [ca.cert])) end - def mkSignedCert(ca, host) - cert = mkcert(host) - assert_nothing_raised { - signedcert, cacert = ca.sign(cert.mkcsr) - return signedcert - } - end - - def mkStore(ca) - store = OpenSSL::X509::Store.new - store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT - store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK - store.add_cert(ca.cert) - store.add_crl(ca.crl) - store - end - def test_ttl cert = mksignedcert assert_equal(5 * 365 * 24 * 60 * 60, cert.not_after - cert.not_before) @@ -343,15 +295,6 @@ class TestCertMgr < Test::Unit::TestCase assert_equal(3 * 24 * 60 * 60, cert.not_after - cert.not_before) end - - def mksignedcert - ca = mkCA() - hostname = "ttltest.example.com" - - cert = nil - assert_nothing_raised { - cert, cacert = ca.sign(mkcert(hostname).mkcsr) - } - return cert - end end + +# $Id$ diff --git a/test/certmgr/inventory.rb b/test/certmgr/inventory.rb new file mode 100755 index 000000000..c94523d85 --- /dev/null +++ b/test/certmgr/inventory.rb @@ -0,0 +1,79 @@ +#!/usr/bin/env ruby + +$:.unshift("../lib").unshift("../../lib") if __FILE__ =~ /\.rb$/ + +require 'puppet' +require 'puppettest/certificates' +require 'puppet/sslcertificates/inventory.rb' + +class TestCertInventory < Test::Unit::TestCase + include PuppetTest::Certificates + + Inventory = Puppet::SSLCertificates::Inventory + + def test_format + cert = mksignedcert + + format = nil + assert_nothing_raised do + format = Inventory.format(cert) + end + + assert(format =~ /^0x0001 \S+ \S+ #{cert.subject}/, + "Did not create correct format") + end + + def test_init + # First create a couple of certificates + ca = mkCA + + cert1 = mksignedcert(ca, "host1.madstop.com") + cert2 = mksignedcert(ca, "host2.madstop.com") + + init = nil + assert_nothing_raised do + init = Inventory.init + end + + [cert1, cert2].each do |cert| + assert(init.include?(cert.subject.to_s), + "Did not catch %s" % cert.subject.to_s) + end + end + + def test_add + certs = [] + + user = Puppet::Util.uid(Puppet[:user]) + + ca = mkCA + 3.times do |i| + cert = mksignedcert(ca, "host#{i.to_s}.domain.com") + certs << cert + + # Add the cert + assert_nothing_raised do + Puppet::SSLCertificates::Inventory.add(cert) + end + + # Now make sure the cert is in there + assert(FileTest.exists?(Puppet[:cert_inventory]), + "Inventory file was not created") + + # And make sure all of our certs are in there + certs.each do |c| + assert( + File.read(Puppet[:cert_inventory]).include?(cert.subject.to_s), + "File does not contain %s" % cert.subject.to_s + ) + end + + # And make sure the inventory file is owned by the right user + if Process.uid == 0 + assert_equal(user, File.stat(Puppet[:cert_inventory]).uid) + end + end + end +end + +# $Id$ |