~ubuntu-branches/ubuntu/trusty/puppet/trusty

Viewing changes to .pc/2.7.18-CVE-Rollup.patch/spec/unit/network/rest_authconfig_spec.rb

Committer: Package Import Robot
Author(s): Robie Basak
Date: 2013-04-08 15:03:25 UTC
mfrom: (3.1.46 sid)
Revision ID: package-import@ubuntu.com-20130408150325-4o91hljzz2zca5fi

Tags: 2.7.18-4ubuntu1

* Merge from Debian unstable. This merges the vim addon fix in 2.7.18-2
  (LP: #1163927). Remaining changes:
  - debian/puppetmaster-passenger.postinst: Make sure we error if puppet
    config print doesn't work
  - debian/puppetmaster-passenger.postinst: Ensure upgrades from
    <= 2.7.11-1 fixup passenger apache configuration.
  - Drop Build-Depends on ruby-rspec (in universe):
    + debian/control: remove ruby-rspec from Build-Depends
    + debian/patches/no-rspec.patch: make Rakefile work anyway if rspec
      isn't installed so we can use it in debian/rules.
* Drop upstreamed patches:
  - debian/patches/security-mar-2013.patch

files added:
.pc/2.7.18-CVE-Rollup.patch

.pc/2.7.18-CVE-Rollup.patch/acceptance

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1640_facter_string.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1652_improper_query_params.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1652_poison_other_node_cache.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1653_puppet_kick.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1654_sslv2_downgrade_agent.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1654_sslv2_downgrade_master.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-1655_safe_yaml_deserialization.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-2274_all_your_agent_terminii_belong_to_us.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-2274_all_your_master_terminii_belong_to_us.rb

.pc/2.7.18-CVE-Rollup.patch/acceptance/tests/security/cve-2013-2275_report_acl.rb

.pc/2.7.18-CVE-Rollup.patch/conf

.pc/2.7.18-CVE-Rollup.patch/conf/auth.conf

.pc/2.7.18-CVE-Rollup.patch/lib

.pc/2.7.18-CVE-Rollup.patch/lib/puppet

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/catalog

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/catalog/compiler.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/certificate_status

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/certificate_status/file.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/errors.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/file_bucket_file

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/file_bucket_file/file.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/file_bucket_file/selector.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/indirection.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/request.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource/active_record.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource/ral.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource/store_configs.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/resource/validator.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/rest.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/run

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/run/local.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/indirector/terminus.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/formats.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/handler

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/handler/master.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/handler/report.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http/handler.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http/rack

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http/rack/rest.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/http/webrick.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/network/rest_authconfig.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/parser

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/parser/templatewrapper.rb

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/util

.pc/2.7.18-CVE-Rollup.patch/lib/puppet/util/monkey_patches.rb

.pc/2.7.18-CVE-Rollup.patch/spec

.pc/2.7.18-CVE-Rollup.patch/spec/integration

.pc/2.7.18-CVE-Rollup.patch/spec/integration/indirector

.pc/2.7.18-CVE-Rollup.patch/spec/integration/indirector/catalog

.pc/2.7.18-CVE-Rollup.patch/spec/integration/indirector/catalog/compiler_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/integration/indirector/catalog/queue_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/integration/resource

.pc/2.7.18-CVE-Rollup.patch/spec/integration/resource/catalog_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/catalog

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/catalog/compiler_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/indirection_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/request_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/indirector/terminus_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/formats_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http/handler_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http/rack

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http/rack/rest_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http/webrick_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/http_pool_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/rest_authconfig_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser/functions

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser/functions/inline_template_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser/functions/template_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/parser/templatewrapper_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/ssl

.pc/2.7.18-CVE-Rollup.patch/spec/unit/ssl/certificate_request_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/ssl/host_spec.rb

.pc/2.7.18-CVE-Rollup.patch/spec/unit/util

.pc/2.7.18-CVE-Rollup.patch/spec/unit/util/monkey_patches_spec.rb

.pc/2.7.x-unit-test-fix.patch

.pc/2.7.x-unit-test-fix.patch/test

.pc/2.7.x-unit-test-fix.patch/test/language

.pc/2.7.x-unit-test-fix.patch/test/language/snippets.rb

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03/spec

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03/spec/integration

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03/spec/integration/type

.pc/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03/spec/integration/type/file_spec.rb

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib/puppet

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib/puppet/type

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib/puppet/type/file

.pc/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63/lib/puppet/type/file/source.rb

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec/unit

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec/unit/type

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec/unit/type/file

.pc/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72/spec/unit/type/file/source_spec.rb

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance/tests

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance/tests/resource

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance/tests/resource/file

.pc/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309/acceptance/tests/resource/file/ticket_7680-follow-symlinks.rb

acceptance/tests/resource

acceptance/tests/resource/file

acceptance/tests/resource/file/ticket_7680-follow-symlinks.rb

debian/patches/2.7.18-CVE-Rollup.patch

debian/patches/2.7.x-unit-test-fix.patch

debian/patches/fix-symlink-1-ee4c6f7c697737aa919b9f90436ab0cc69934b03

debian/patches/fix-symlink-2-1b0e812ad9e33b3cc148fac30a28490f60f40c63

debian/patches/fix-symlink-3-3a00ed468617c17b5a527c68cfc37d7d1fddaa72

debian/patches/fix-symlink-4-1d8a76e060f610a9db20cf1bdd4ff95dddba9309

files removed:
.pc/security-mar-2013.patch

.pc/security-mar-2013.patch/acceptance

.pc/security-mar-2013.patch/acceptance/tests

.pc/security-mar-2013.patch/acceptance/tests/security

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1640_facter_string.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1652_improper_query_params.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1652_poison_other_node_cache.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1653_puppet_kick.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1654_sslv2_downgrade_agent.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1654_sslv2_downgrade_master.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-1655_safe_yaml_deserialization.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-2274_all_your_agent_terminii_belong_to_us.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-2274_all_your_master_terminii_belong_to_us.rb

.pc/security-mar-2013.patch/acceptance/tests/security/cve-2013-2275_report_acl.rb

.pc/security-mar-2013.patch/conf

.pc/security-mar-2013.patch/conf/auth.conf

.pc/security-mar-2013.patch/lib

.pc/security-mar-2013.patch/lib/puppet

.pc/security-mar-2013.patch/lib/puppet/indirector

.pc/security-mar-2013.patch/lib/puppet/indirector/catalog

.pc/security-mar-2013.patch/lib/puppet/indirector/catalog/compiler.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/certificate_status

.pc/security-mar-2013.patch/lib/puppet/indirector/certificate_status/file.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/errors.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/file_bucket_file

.pc/security-mar-2013.patch/lib/puppet/indirector/file_bucket_file/file.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/file_bucket_file/selector.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/indirection.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/request.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/resource

.pc/security-mar-2013.patch/lib/puppet/indirector/resource/active_record.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/resource/ral.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/resource/store_configs.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/resource/validator.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/rest.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/run

.pc/security-mar-2013.patch/lib/puppet/indirector/run/local.rb

.pc/security-mar-2013.patch/lib/puppet/indirector/terminus.rb

.pc/security-mar-2013.patch/lib/puppet/network

.pc/security-mar-2013.patch/lib/puppet/network/formats.rb

.pc/security-mar-2013.patch/lib/puppet/network/handler

.pc/security-mar-2013.patch/lib/puppet/network/handler/master.rb

.pc/security-mar-2013.patch/lib/puppet/network/handler/report.rb

.pc/security-mar-2013.patch/lib/puppet/network/http

.pc/security-mar-2013.patch/lib/puppet/network/http/handler.rb

.pc/security-mar-2013.patch/lib/puppet/network/http/rack

.pc/security-mar-2013.patch/lib/puppet/network/http/rack/rest.rb

.pc/security-mar-2013.patch/lib/puppet/network/http/webrick.rb

.pc/security-mar-2013.patch/lib/puppet/network/rest_authconfig.rb

.pc/security-mar-2013.patch/lib/puppet/parser

.pc/security-mar-2013.patch/lib/puppet/parser/templatewrapper.rb

.pc/security-mar-2013.patch/lib/puppet/util

.pc/security-mar-2013.patch/lib/puppet/util/monkey_patches.rb

.pc/security-mar-2013.patch/spec

.pc/security-mar-2013.patch/spec/integration

.pc/security-mar-2013.patch/spec/integration/indirector

.pc/security-mar-2013.patch/spec/integration/indirector/catalog

.pc/security-mar-2013.patch/spec/integration/indirector/catalog/compiler_spec.rb

.pc/security-mar-2013.patch/spec/integration/indirector/catalog/queue_spec.rb

.pc/security-mar-2013.patch/spec/integration/resource

.pc/security-mar-2013.patch/spec/integration/resource/catalog_spec.rb

.pc/security-mar-2013.patch/spec/unit

.pc/security-mar-2013.patch/spec/unit/indirector

.pc/security-mar-2013.patch/spec/unit/indirector/catalog

.pc/security-mar-2013.patch/spec/unit/indirector/catalog/compiler_spec.rb

.pc/security-mar-2013.patch/spec/unit/indirector/indirection_spec.rb

.pc/security-mar-2013.patch/spec/unit/indirector/request_spec.rb

.pc/security-mar-2013.patch/spec/unit/indirector/terminus_spec.rb

.pc/security-mar-2013.patch/spec/unit/network

.pc/security-mar-2013.patch/spec/unit/network/formats_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/http

.pc/security-mar-2013.patch/spec/unit/network/http/handler_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/http/rack

.pc/security-mar-2013.patch/spec/unit/network/http/rack/rest_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/http/webrick_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/http_pool_spec.rb

.pc/security-mar-2013.patch/spec/unit/network/rest_authconfig_spec.rb

.pc/security-mar-2013.patch/spec/unit/parser

.pc/security-mar-2013.patch/spec/unit/parser/functions

.pc/security-mar-2013.patch/spec/unit/parser/functions/inline_template_spec.rb

.pc/security-mar-2013.patch/spec/unit/parser/functions/template_spec.rb

.pc/security-mar-2013.patch/spec/unit/parser/templatewrapper_spec.rb

.pc/security-mar-2013.patch/spec/unit/ssl

.pc/security-mar-2013.patch/spec/unit/ssl/certificate_request_spec.rb

.pc/security-mar-2013.patch/spec/unit/ssl/host_spec.rb

.pc/security-mar-2013.patch/spec/unit/util

.pc/security-mar-2013.patch/spec/unit/util/monkey_patches_spec.rb

.pc/security-mar-2013.patch/test

.pc/security-mar-2013.patch/test/language

.pc/security-mar-2013.patch/test/language/snippets.rb

debian/patches/security-mar-2013.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

debian/vim-puppet.install

debian/vim-puppet.yaml

lib/puppet/type/file/source.rb

spec/integration/type/file_spec.rb

spec/unit/type/file/source_spec.rb

Show diffs side-by-side

added added

removed removed

.pc/2.7.18-CVE-Rollup.patch/spec/unit/network/rest_authconfig_spec.rb

#!/usr/bin/env rspec

require 'spec_helper'

require 'puppet/network/rest_authconfig'

describe Puppet::Network::RestAuthConfig do

DEFAULT_ACL = Puppet::Network::RestAuthConfig::DEFAULT_ACL

before :each do

FileTest.stubs(:exists?).returns(true)

File.stubs(:stat).returns(stub('stat', :ctime => :now))

Time.stubs(:now).returns Time.now

@authconfig = Puppet::Network::RestAuthConfig.new("dummy", false)

@authconfig.stubs(:read)

@acl = stub_everything 'rights'

@authconfig.rights = @acl

end

it "should use the puppet default rest authorization file" do

Puppet.expects(:[]).with(:rest_authconfig).returns("dummy")

Puppet::Network::RestAuthConfig.new(nil, false)

end

it "should ask for authorization to the ACL subsystem" do

params = {:ip => "127.0.0.1", :node => "me", :environment => :env, :authenticated => true}

@acl.expects(:is_request_forbidden_and_why?).with("path", :save, "to/resource", params).returns(nil)

@authconfig.check_authorization("path", :save, "to/resource", params)

end

describe "when defining an acl with mk_acl" do

it "should create a new right for each default acl" do

@acl.expects(:newright).with(:path)

@authconfig.mk_acl(:acl => :path)

end

it "should allow everyone for each default right" do

@acl.expects(:allow).with(:path, "*")

@authconfig.mk_acl(:acl => :path)

end

it "should restrict the ACL to a method" do

@acl.expects(:restrict_method).with(:path, :method)

@authconfig.mk_acl(:acl => :path, :method => :method)

end

it "should restrict the ACL to a specific authentication state" do

@acl.expects(:restrict_authenticated).with(:path, :authentication)

@authconfig.mk_acl(:acl => :path, :authenticated => :authentication)

end

describe "when parsing the configuration file" do

it "should check for missing ACL after reading the authconfig file" do

File.stubs(:open)

@authconfig.expects(:insert_default_acl)

@authconfig.parse

end

DEFAULT_ACL.each do |acl|

it "should insert #{acl[:acl]} if not present" do

@authconfig.rights.stubs(:[]).returns(true)

@authconfig.rights.stubs(:[]).with(acl[:acl]).returns(nil)

@authconfig.expects(:mk_acl).with { |h| h[:acl] == acl[:acl] }

@authconfig.insert_default_acl

end

it "should not insert #{acl[:acl]} if present" do

@authconfig.rights.stubs(:[]).returns(true)

@authconfig.rights.stubs(:[]).with(acl).returns(true)

@authconfig.expects(:mk_acl).never

@authconfig.insert_default_acl

end

it "should create default ACL entries if no file have been read" do

Puppet::Network::RestAuthConfig.any_instance.stubs(:exists?).returns(false)

Puppet::Network::RestAuthConfig.any_instance.expects(:insert_default_acl)

Puppet::Network::RestAuthConfig.main

end

describe "when adding default ACLs" do

DEFAULT_ACL.each do |acl|

it "should create a default right for #{acl[:acl]}" do

@authconfig.stubs(:mk_acl)

100

@authconfig.expects(:mk_acl).with(acl)

101

@authconfig.insert_default_acl

102

end

103

end

104

105

it "should log at info loglevel" do

106

Puppet.expects(:info).at_least_once

107

@authconfig.insert_default_acl

108

end

109

110

it "should create a last catch-all deny all rule" do

111

@authconfig.stubs(:mk_acl)

112

@acl.expects(:newright).with("/")

113

@authconfig.insert_default_acl

114

end

115

116

it "should create a last catch-all deny all rule for any authenticated request state" do

117

@authconfig.stubs(:mk_acl)

118

@acl.stubs(:newright).with("/")

119

120

@acl.expects(:restrict_authenticated).with("/", :any)

121

122

@authconfig.insert_default_acl

123

end

124

125

end

126

127

end

Older »