From 07b2a3afd996fa367e2e1b3692b5b8eea3273af2 Mon Sep 17 00:00:00 2001 From: Jeff McCune Date: Mon, 10 Oct 2011 11:51:14 -0700 Subject: (#10007) Revert "Merge pull request #13 from kbarber/issue/master/8925-user_ssl_certs" This reverts commit 14852e0259e1e43371dbcb2675e00c6d6e614f05, reversing changes made to a95dccd464b55945feb8bcf7483f777c25164115. This is to fix the broken build (failing tests) as per #8925 and #10007 --- .../parser/functions/get_certficiate_spec.rb | 158 --------------------- .../puppet/parser/functions/get_pubkey_spec.rb | 54 ------- 2 files changed, 212 deletions(-) delete mode 100755 spec/unit/puppet/parser/functions/get_certficiate_spec.rb delete mode 100755 spec/unit/puppet/parser/functions/get_pubkey_spec.rb (limited to 'spec/unit/puppet/parser') diff --git a/spec/unit/puppet/parser/functions/get_certficiate_spec.rb b/spec/unit/puppet/parser/functions/get_certficiate_spec.rb deleted file mode 100755 index 2f5b583..0000000 --- a/spec/unit/puppet/parser/functions/get_certficiate_spec.rb +++ /dev/null @@ -1,158 +0,0 @@ -#!/usr/bin/env rspec - -require 'spec_helper' -require 'net/http' -require 'thread' -require 'fileutils' - -describe "the get_certificate function" do - include PuppetSpec::Files - - before :all do - @sslcert = File.read("spec/master_config/ssl/ca/signed/bob@mydomain.com.pem") - - Puppet::Parser::Functions.autoloader.loadall - end - - before :each do - @scope = Puppet::Parser::Scope.new - end - - it "should exist" do - Puppet::Parser::Functions.function("get_certificate").should == "function_get_certificate" - end - - it "should raise a ParseError if there is less than 1 argument" do - lambda { @scope.function_get_certificate([]) }.should(raise_error(Puppet::ParseError)) - end - - it "should raise a ParseError if the argument is empty" do - lambda { @scope.function_get_certificate([""]) }.should(raise_error(Puppet::ParseError)) - end - - it "should raise a ParseError if the argument contains strange characters" do - lambda { @scope.function_get_certificate(["%^&"]) }.should(raise_error(Puppet::ParseError)) - end - - it "should return a valid certificate if CA is local" do - Puppet[:ca] = true - Puppet[:signeddir] = "spec/master_config/ssl/ca/signed/" - result = @scope.function_get_certificate(["bob@mydomain.com"]) - result.should(eq(@sslcert)) - end - - it "should throw an error if CN is missing and CA is local" do - Puppet[:ca] = true - Puppet[:signeddir] = "spec/master_config/ssl/ca/signed/" - result = @scope.function_get_certificate(["missing@mydomain.com"]) - result.should(eq(:undef)) - end - - it "should return a valid certificate if CA is remote" do - Puppet[:ca] = false - Puppet[:ssldir] = "spec/master_config/ssl" - Puppet[:certname] = "puppetmaster" - - # Mock return - require 'ostruct' - http = OpenStruct.new - http.body = @sslcert - http.code = "200" - - # Intercept http start call - Net::HTTP.any_instance.expects(:start).returns(http) - - result = @scope.function_get_certificate(["bob@mydomain.com"]) - result.should(eq(@sslcert)) - end - - it "should throw an error if CN doesn't exist and CA is remote (stubbed)" do - Puppet[:ca] = false - Puppet[:ssldir] = "spec/master_config/ssl" - Puppet[:certname] = "puppetmaster" - - # Mock return - require 'ostruct' - http = OpenStruct.new - http.code = "404" - - # Intercept http start call - Net::HTTP.any_instance.expects(:start).returns(http) - - result = @scope.function_get_certificate(["missing@mydomain.com"]) - result.should(eq(:undef)) - end - - describe "real puppetmaster" do - before :all do - # Prepare fixture for puppetmaster - @master_tmp = tmpdir("get_certificate") + "/master_config" - FileUtils.cp_r("spec/master_config",@master_tmp) - - # Fork and start a puppetmaster - master_config = [ - "--config=/dev/null", - "--logdest=#{@master_tmp}/var/log/logfile", - "--confdir=#{@master_tmp}", - "--no-daemonize", - "--masterport=9354", - "--bindaddress=127.0.0.1", - "--vardir=#{@master_tmp}/var", - "--ssldir=#{@master_tmp}/ssl", - "--certname=puppetmaster", - "--user=#{ENV["USER"]}", -# "--debug", - ] - @master = Process.fork do - cmd = Puppet::Util::CommandLine.new("master", master_config) - Puppet::Plugins.on_application_intialization(:application_object => cmd) - app = Puppet::Application.find("master").new(cmd) - app.run - end - - # Wait 1 second for puppetmatser setup - # TODO: must be a better wait to check if master - # is listening first before proceeding. - sleep 1 - - Puppet::Parser::Functions.autoloader.loadall - end - - before :each do - # Standard puppet setup for each test - Puppet[:ca] = false - Puppet[:ssldir] = "#{@master_tmp}/ssl" - Puppet[:certname] = "puppetmaster" - Puppet[:ca_port] = "9354" - Puppet[:ca_server] = "127.0.0.1" - end - - after :all do - # Kill and reap puppetmaster - Process.kill("TERM", @master) - Process.wait(@master) - end - - it "should return a valid certificate if CA is remote" do - result = @scope.function_get_certificate(["bob@mydomain.com"]) - result.should(eq(@sslcert)) - end - - it "should throw an error if CN doesn't exist and CA is remote" do - result = @scope.function_get_certificate(["missing@mydomain.com"]) - result.should(eq(:undef)) - end - - it "should throw a connection refused message if CA is not running on port" do - Puppet[:ca_port] = "65111" - lambda { @scope.function_get_certificate(["missing@mydomain.com"]) }.should(raise_error(Puppet::Error)) - end - - it "should raise an exception if connection to CA times out" do - Puppet[:ca_server] = "10.254.254.254" - lambda { @scope.function_get_certificate(["missing@mydomain.com", { :conn_timeout => 1}]) }.should(raise_error(Puppet::Error)) - end - - end - -end diff --git a/spec/unit/puppet/parser/functions/get_pubkey_spec.rb b/spec/unit/puppet/parser/functions/get_pubkey_spec.rb deleted file mode 100755 index e4cdd9f..0000000 --- a/spec/unit/puppet/parser/functions/get_pubkey_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -#!/usr/bin/env rspec - -require 'spec_helper' -require 'net/http' -require 'thread' -require 'fileutils' - -describe "the get_pubkey function" do - include PuppetSpec::Files - - before :all do - Puppet::Parser::Functions.autoloader.loadall - end - - before :each do - @scope = Puppet::Parser::Scope.new - end - - it "should exist" do - Puppet::Parser::Functions.function("get_pubkey").should == "function_get_pubkey" - end - - it "should raise a ParseError if there is less than 1 argument" do - lambda { @scope.function_get_pubkey([]) }.should(raise_error(Puppet::ParseError)) - end - - it "should raise a ParseError if the argument is empty" do - lambda { @scope.function_get_pubkey([""]) }.should(raise_error(Puppet::ParseError)) - end - - it "should raise a ParseError if the argument contains strange characters" do - lambda { @scope.function_get_pubkey(["%^&"]) }.should(raise_error(Puppet::ParseError)) - end - - it "should return a valid certificate if CA is local" do - Puppet[:ca] = true - Puppet[:signeddir] = "spec/master_config/ssl/ca/signed/" - result = @scope.function_get_pubkey(["bob@mydomain.com"]) - result.should(eq(<<-EOS)) ------BEGIN RSA PUBLIC KEY----- -MIGJAoGBAL7+Idbd+eohxCXVXcICvo1IaqAzyjezWxfxMxoBF4mjdvwY9RalRM5j -Itm9ThVwLMezcISYSNPI42Y70+9XIK/3f6OxnSMoB7kDKX9MvcbZkRAtOfxDeWmA -un+PXuH87VN1r7sViRSSB2dIxB3qjF1HNhAm0ocmSW+sZ3eul2lpAgMBAAE= ------END RSA PUBLIC KEY----- -EOS - end - - it "should throw an error if CN is missing and CA is local" do - Puppet[:ca] = true - Puppet[:signeddir] = "spec/master_config/ssl/ca/signed/" - result = @scope.function_get_pubkey(["missing@mydomain.com"]) - result.should(eq(:undef)) - end -end -- cgit v1.2.3