blob: 511b6fcaa70143e5967a53977847e956c33bc74c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
#!/usr/bin/env ruby
$:.unshift("../../lib") if __FILE__ =~ /\.rb$/
require 'mocha'
require 'puppettest'
require 'puppet/network/client/ca'
require 'puppet/sslcertificates/support'
class TestClientCA < Test::Unit::TestCase
include PuppetTest::ServerTest
def setup
Puppet::Util::SUIDManager.stubs(:asuser).yields
super
@ca = Puppet::Network::Handler.ca.new
@client = Puppet::Network::Client.ca.new :CA => @ca
end
def test_request_cert
assert_nothing_raised("Could not request cert") do
@client.request_cert
end
[:hostprivkey, :hostcert, :localcacert].each do |name|
assert(FileTest.exists?(Puppet.settings[name]),
"Did not create cert %s" % name)
end
end
# Make sure the ca defaults to specific ports and names
def test_ca_server
client = nil
assert_nothing_raised do
client = Puppet::Network::Client.ca.new
end
end
# #578
def test_invalid_certs_are_not_written
# Run the get once, which should be valid
assert_nothing_raised("Could not get a certificate") do
@client.request_cert
end
# Now remove the cert and keys, so we get a broken cert
File.unlink(Puppet[:hostcert])
File.unlink(Puppet[:localcacert])
File.unlink(Puppet[:hostprivkey])
@client = Puppet::Network::Client.ca.new :CA => @ca
@ca.expects(:getcert).returns("yay") # not a valid cert
# Now make sure it fails, since we'll get the old cert but have new keys
assert_raise(Puppet::Network::Client::CA::InvalidCertificate, "Did not fail on invalid cert") do
@client.request_cert
end
# And then make sure the cert isn't written to disk
assert(! FileTest.exists?(Puppet[:hostcert]),
"Invalid cert got written to disk")
end
end
# $Id$
|