3
require File.expand_path(File.dirname(__FILE__) + '/../../lib/puppettest')
7
require 'puppet/network/client/ca'
8
require 'puppet/sslcertificates/support'
10
class TestClientCA < Test::Unit::TestCase
11
include PuppetTest::ServerTest
14
Puppet::Util::SUIDManager.stubs(:asuser).yields
16
@ca = Puppet::Network::Handler.ca.new
17
@client = Puppet::Network::Client.ca.new :CA => @ca
21
assert_nothing_raised("Could not request cert") do
25
[:hostprivkey, :hostcert, :localcacert].each do |name|
26
assert(FileTest.exists?(Puppet.settings[name]), "Did not create cert #{name}")
30
# Make sure the ca defaults to specific ports and names
32
Puppet.settings.stubs(:value).returns "eh"
33
Puppet.settings.expects(:value).with(:ca_server).returns("myca")
34
Puppet.settings.expects(:value).with(:ca_port).returns(321)
35
Puppet.settings.stubs(:value).with(:http_proxy_host).returns(nil)
36
Puppet.settings.stubs(:value).with(:http_proxy_port).returns(nil)
37
Puppet.settings.stubs(:value).with(:http_keepalive).returns(false)
38
Puppet.settings.stubs(:value).with(:configtimeout).returns(180)
40
# Just throw an error; the important thing is the values, not what happens next.
41
Net::HTTP.stubs(:new).with("myca", 321, nil, nil).raises(ArgumentError)
42
assert_raise(ArgumentError) { Puppet::Network::Client.ca.new }
46
def test_invalid_certs_are_not_written
47
# Run the get once, which should be valid
49
assert_nothing_raised("Could not get a certificate") do
53
# Now remove the cert and keys, so we get a broken cert
54
File.unlink(Puppet[:hostcert])
55
File.unlink(Puppet[:localcacert])
56
File.unlink(Puppet[:hostprivkey])
58
@client = Puppet::Network::Client.ca.new :CA => @ca
59
@ca.expects(:getcert).returns("yay") # not a valid cert
60
# Now make sure it fails, since we'll get the old cert but have new keys
61
assert_raise(Puppet::Network::Client::CA::InvalidCertificate, "Did not fail on invalid cert") do
65
# And then make sure the cert isn't written to disk
66
assert(! FileTest.exists?(Puppet[:hostcert]), "Invalid cert got written to disk")