spec/integration/ssl/certificate_revocation_list_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

#!/usr/bin/env rspec
require 'spec_helper'

require 'puppet/ssl/certificate_revocation_list'
require 'tempfile'

describe Puppet::SSL::CertificateRevocationList do
  before do
    # Get a safe temporary file
    file = Tempfile.new("ca_integration_testing")
    @dir = file.path
    file.delete

    Puppet.settings[:confdir] = @dir
    Puppet.settings[:vardir] = @dir
    Puppet.settings[:group] = Process.gid

    Puppet::SSL::Host.ca_location = :local
  end

  after {
    Puppet::SSL::Host.ca_location = :none

    system("rm -rf #{@dir}")
    Puppet.settings.clear

    # This is necessary so the terminus instances don't lie around.
    Puppet::Util::Cacher.expire
  }

  it "should be able to read in written out CRLs with no revoked certificates" do
    ca = Puppet::SSL::CertificateAuthority.new

    raise "CRL not created" unless FileTest.exist?(Puppet[:hostcrl])

    crl = Puppet::SSL::CertificateRevocationList.new("crl_int_testing")
    crl.read(Puppet[:hostcrl])
  end
end