diff options
Diffstat (limited to 'spec')
| -rwxr-xr-x | spec/integration/ssl/certificate_authority.rb | 8 | ||||
| -rwxr-xr-x | spec/unit/ssl/certificate_authority.rb | 8 | ||||
| -rwxr-xr-x | spec/unit/ssl/certificate_authority/interface.rb | 6 |
3 files changed, 15 insertions, 7 deletions
diff --git a/spec/integration/ssl/certificate_authority.rb b/spec/integration/ssl/certificate_authority.rb index 5f963f7f5..553c9b3b6 100755 --- a/spec/integration/ssl/certificate_authority.rb +++ b/spec/integration/ssl/certificate_authority.rb @@ -50,13 +50,11 @@ describe Puppet::SSL::CertificateAuthority do end it "should be able to revoke a host certificate" do - pending("This test doesn't actually work yet") do - @ca.generate("newhost") + @ca.generate("newhost") - @ca.revoke("newhost") + @ca.revoke("newhost") - lambda { @ca.verify("newhost") }.should raise_error - end + lambda { @ca.verify("newhost") }.should raise_error end it "should have a CRL" do diff --git a/spec/unit/ssl/certificate_authority.rb b/spec/unit/ssl/certificate_authority.rb index 4c2466d93..80114300e 100755 --- a/spec/unit/ssl/certificate_authority.rb +++ b/spec/unit/ssl/certificate_authority.rb @@ -585,7 +585,7 @@ describe Puppet::SSL::CertificateAuthority do describe "and verifying certificates" do before do - @store = stub 'store', :verify => true, :add_file => nil, :purpose= => nil, :add_crl => true + @store = stub 'store', :verify => true, :add_file => nil, :purpose= => nil, :add_crl => true, :flags= => nil OpenSSL::X509::Store.stubs(:new).returns @store @@ -631,6 +631,12 @@ describe Puppet::SSL::CertificateAuthority do @ca.verify("me") end + it "should set the store flags to check the crl" do + @store.expects(:flags=).with OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK + + @ca.verify("me") + end + it "should use the store to verify the certificate" do @cert.expects(:content).returns "mycert" diff --git a/spec/unit/ssl/certificate_authority/interface.rb b/spec/unit/ssl/certificate_authority/interface.rb index 784c6cf9a..d741ec400 100755 --- a/spec/unit/ssl/certificate_authority/interface.rb +++ b/spec/unit/ssl/certificate_authority/interface.rb @@ -176,6 +176,7 @@ describe Puppet::SSL::CertificateAuthority::Interface do describe "and an empty array was provided" do it "should print a string containing all certificate requests" do @ca.expects(:waiting?).returns %w{host1 host2} + @ca.stubs(:verify) @applier = @class.new(:list, []) @@ -189,12 +190,14 @@ describe Puppet::SSL::CertificateAuthority::Interface do it "should print a string containing all certificate requests and certificates" do @ca.expects(:waiting?).returns %w{host1 host2} @ca.expects(:list).returns %w{host3 host4} + @ca.stubs(:verify) + @ca.expects(:verify).with("host3").raises(Puppet::SSL::CertificateAuthority::CertificateVerificationError.new(23), "certificate revoked") @applier = @class.new(:list, :all) @applier.expects(:puts).with "host1" @applier.expects(:puts).with "host2" - @applier.expects(:puts).with "+ host3" + @applier.expects(:puts).with "- host3 (certificate revoked)" @applier.expects(:puts).with "+ host4" @applier.apply(@ca) @@ -205,6 +208,7 @@ describe Puppet::SSL::CertificateAuthority::Interface do it "should print a string of all named hosts that have a waiting request" do @ca.expects(:waiting?).returns %w{host1 host2} @ca.expects(:list).returns %w{host3 host4} + @ca.stubs(:verify) @applier = @class.new(:list, %w{host1 host2 host3 host4}) |