Closing #362. Case-insensitivity is handled by downcasing all host names.

git-svn-id: https://reductivelabs.com/svn/puppet/trunk@1971 980ebf18-57e1-0310-9a29-db15c13687c0

3 files changed, 119 insertions, 54 deletions

diff --git a/test/certmgr/ca.rb b/test/certmgr/ca.rb
new file mode 100755
index 000000000..d01725970
--- /dev/null
+++ b/test/certmgr/ca.rb
@@ -0,0 +1,72 @@
+#!/usr/bin/env ruby
+
+$:.unshift("../lib").unshift("../../lib") if __FILE__ =~ /\.rb$/
+
+require 'puppet'
+require 'puppet/sslcertificates/ca.rb'
+require 'puppettest'
+require 'puppettest/certificates'
+
+class TestCA < Test::Unit::TestCase
+    include PuppetTest
+    def hosts
+        %w{host.domain.com Other.Testing.Com}
+    end
+    def mkca
+        Puppet::SSLCertificates::CA.new
+    end
+    
+    def test_clean
+        dirs = [:csrdir, :signeddir, :publickeydir, :privatekeydir, :certdir]
+        ca = mkca
+        
+        hosts.each do |host|
+            files = []
+            dirs.each do |dir|
+                dir = Puppet[dir]
+                # We handle case insensitivity through downcasing
+                file = File.join(dir, host.downcase + ".pem")
+                File.open(file, "w") do |f|
+                    f.puts "testing"
+                end
+                files << file
+            end
+            assert_nothing_raised do
+                ca.clean(host)
+            end
+            files.each do |f|
+                assert(! FileTest.exists?(f), "File %s was not deleted" % f)
+            end
+        end
+    end
+    
+    def test_host2Xfile
+        ca = mkca
+        hosts.each do |host|
+            {:signeddir => :host2certfile, :csrdir => :host2csrfile}.each do |dir, method|
+                val = nil
+                assert_nothing_raised do
+                    val = ca.send(method, host)
+                end
+                assert_equal(File.join(Puppet[dir], host.downcase + ".pem"), val,
+                    "incorrect response from %s" % method)
+            end
+        end
+    end
+    
+    def test_list
+        ca = mkca
+        # Make a fake csr
+        dir = Puppet[:csrdir]
+        list = []
+        hosts.each do |host|
+            file = File.join(dir, host.downcase + ".pem")
+            File.open(file, "w") { |f| f.puts "yay" }
+            list << host.downcase
+        end
+        
+        assert_equal(list.sort, ca.list.sort, "list was not correct")
+    end
+end
+
+# $Id$
diff --git a/test/certmgr/certmgr.rb b/test/certmgr/certmgr.rb
index 32934e8ce..90d516cb4 100755
--- a/test/certmgr/certmgr.rb
+++ b/test/certmgr/certmgr.rb
@@ -7,15 +7,6 @@ require 'puppet/sslcertificates.rb'
 require 'puppettest'
 require 'puppettest/certificates'
 
-# so, what kind of things do we want to test?
-
-# we don't need to test function, since we're confident in the
-# library tests.  We do, however, need to test how things are actually
-# working in the language.
-
-# so really, we want to do things like test that our ast is correct
-# and test whether we've got things in the right scopes
-
 class TestCertMgr < Test::Unit::TestCase
     include PuppetTest::Certificates
     def setup
diff --git a/test/executables/puppetca.rb b/test/executables/puppetca.rb
index f96e7a5f5..2eafb7f6c 100755
--- a/test/executables/puppetca.rb
+++ b/test/executables/puppetca.rb
@@ -9,6 +9,16 @@ require 'puppettest'
 
 class TestPuppetCA < Test::Unit::TestCase
     include PuppetTest::ExeTest
+    
+    def gen_cert(ca, host)
+        runca("-g #{host}")
+        ca.getclientcert(host)[0]
+    end
+    
+    def mkca
+        Puppet::Server::CA.new()
+    end
+    
     def mkcert(hostname)
         cert = nil
         assert_nothing_raised {
@@ -27,59 +37,53 @@ class TestPuppetCA < Test::Unit::TestCase
             debug = "-d "
         end
         return %x{puppetca --user=#{Puppet[:user]} #{debug} --group=#{Puppet[:group]} --confdir=#{Puppet[:confdir]} --vardir=#{Puppet[:vardir]} #{args} 2>&1}
-
     end
 
     def test_signing
-        ca = nil
+        ca = mkca
         Puppet[:autosign] = false
-        assert_nothing_raised {
-            ca = Puppet::Server::CA.new()
-        }
-        #Puppet.warning "SSLDir is %s" % Puppet[:confdir]
-        #system("find %s" % Puppet[:confdir])
+        
+        %w{host.test.com Other.Testing.Com}.each do |host|
+            cert = mkcert(host)
+            resp = nil
+            assert_nothing_raised {
+                # We need to use a fake name so it doesn't think the cert is from
+                # itself.  Strangely, getcert stores the csr, because it's a server-side
+                # method, not client.
+                resp = ca.getcert(cert.csr.to_pem, host, "127.0.0.1")
+            }
+            assert_equal(["",""], resp)
 
-        cert = mkcert("host.test.com")
-        resp = nil
-        assert_nothing_raised {
-            # We need to use a fake name so it doesn't think the cert is from
-            # itself.
-            resp = ca.getcert(cert.csr.to_pem, "fakename", "127.0.0.1")
-        }
-        assert_equal(["",""], resp)
-        #Puppet.warning "SSLDir is %s" % Puppet[:confdir]
-        #system("find %s" % Puppet[:confdir])
-
-        output = nil
-        assert_nothing_raised {
-            output = runca("--list").chomp.split("\n").reject { |line| line =~ /warning:/ } # stupid ssl.rb
-        }
-        #Puppet.warning "SSLDir is %s" % Puppet[:confdir]
-        #system("find %s" % Puppet[:confdir])
-        assert_equal($?,0)
-        assert_equal(%w{host.test.com}, output)
-        assert_nothing_raised {
-            output = runca("--sign -a").chomp.split("\n")
-        }
+            output = nil
+            assert_nothing_raised {
+                output = runca("--list").chomp.split("\n").reject { |line| line =~ /warning:/ } # stupid ssl.rb
+            }
+            assert_equal($?,0)
+            assert_equal([host.downcase], output)
+            assert_nothing_raised {
+                output = runca("--sign -a").chomp.split("\n")
+            }
 
 
-        assert_equal($?,0)
-        assert_equal(["Signed host.test.com"], output)
+            assert_equal($?,0)
+            assert_equal(["Signed #{host.downcase}"], output)
 
-        signedfile = File.join(Puppet[:signeddir], "host.test.com.pem")
-        assert(FileTest.exists?(signedfile), "cert does not exist")
-        assert(! FileTest.executable?(signedfile), "cert is executable")
+            
+            signedfile = ca.ca.host2certfile(host)
+            assert(FileTest.exists?(signedfile), "cert does not exist")
+            assert(! FileTest.executable?(signedfile), "cert is executable")
 
-        uid = Puppet::Util.uid(Puppet[:user])
+            uid = Puppet::Util.uid(Puppet[:user])
 
-        if Puppet::SUIDManager.uid == 0
-            assert(! FileTest.owned?(signedfile), "cert is owned by root")
+            if Puppet::SUIDManager.uid == 0
+                assert(! FileTest.owned?(signedfile), "cert is owned by root")
+            end
+            assert_nothing_raised {
+                output = runca("--list").chomp.split("\n")
+            }
+            assert_equal($?,0)
+            assert_equal(["No certificates to sign"], output)
         end
-        assert_nothing_raised {
-            output = runca("--list").chomp.split("\n")
-        }
-        assert_equal($?,0)
-        assert_equal(["No certificates to sign"], output)
     end
     
     # This method takes a long time to run because of all of the external
@@ -102,9 +106,7 @@ class TestPuppetCA < Test::Unit::TestCase
         assert_equal(exp, revoked)
     end
     
-    def gen_cert(ca, host)
-        runca("-g #{host}")
-        ca.getclientcert(host)[0]
+    def test_case_insensitive_sign
     end
 end