diff options
-rw-r--r-- | deps/rabbitmq_cli/lib/rabbitmq/cli/diagnostics/commands/cipher_suites_command.ex | 69 | ||||
-rw-r--r-- | deps/rabbitmq_cli/test/diagnostics/cipher_suites_command_test.exs | 59 |
2 files changed, 88 insertions, 40 deletions
diff --git a/deps/rabbitmq_cli/lib/rabbitmq/cli/diagnostics/commands/cipher_suites_command.ex b/deps/rabbitmq_cli/lib/rabbitmq/cli/diagnostics/commands/cipher_suites_command.ex index 35bd3c90bd..ab09d695f6 100644 --- a/deps/rabbitmq_cli/lib/rabbitmq/cli/diagnostics/commands/cipher_suites_command.ex +++ b/deps/rabbitmq_cli/lib/rabbitmq/cli/diagnostics/commands/cipher_suites_command.ex @@ -17,24 +17,38 @@ defmodule RabbitMQ.CLI.Diagnostics.Commands.CipherSuitesCommand do @behaviour RabbitMQ.CLI.CommandBehaviour use RabbitMQ.CLI.DefaultOutput - def merge_defaults(args, %{erlang_format: true} = opts) do - {args, opts} - end - def merge_defaults(args, opts) do - {args, Map.merge(%{openssl_format: true, erlang_format: false}, opts)} + format_opts = case opts do + %{openssl_format: true} -> %{erlang_format: false, map_format: false}; + %{erlang_format: true} -> %{openssl_format: false, map_format: false}; + %{map_format: true} -> %{erlang_format: false, openssl_format: false} + %{} -> %{openssl_format: true, erlang_format: false, map_format: false} + end + {args, Map.merge(format_opts, Map.merge(%{all: false}, opts))} end - def switches(), do: [timeout: :integer, openssl_format: :boolean, erlang_format: :boolean] + def switches(), do: [timeout: :integer, + openssl_format: :boolean, + erlang_format: :boolean, + map_format: :boolean, + all: :boolean] def aliases(), do: [t: :timeout] def validate(_, %{openssl_format: true, erlang_format: true}) do - {:validation_failure, {:bad_argument, "Cannot use both formats together"}} + {:validation_failure, {:bad_argument, "Cannot use multiple formats together"}} + end + + def validate(_, %{openssl_format: true, map_format: true}) do + {:validation_failure, {:bad_argument, "Cannot use multiple formats together"}} end - def validate(_, %{openssl_format: false, erlang_format: false}) do + def validate(_, %{erlang_format: true, map_format: true}) do + {:validation_failure, {:bad_argument, "Cannot use multiple formats together"}} + end + + def validate(_, %{openssl_format: false, erlang_format: false, map_format: false}) do {:validation_failure, - {:bad_argument, "Either OpenSSL or Erlang term format must be selected"}} + {:bad_argument, "At least one format must be selected"}} end def validate(args, _) when length(args) > 0 do @@ -43,32 +57,37 @@ defmodule RabbitMQ.CLI.Diagnostics.Commands.CipherSuitesCommand do def validate(_, _), do: :ok - def run([], %{node: node_name, timeout: timeout, openssl_format: true} = _opts) do - :rabbit_misc.rpc_call(node_name, :ssl, :cipher_suites, [:openssl], timeout) - end - - def run([], %{node: node_name, timeout: timeout, openssl_format: false} = _opts) do - :rabbit_misc.rpc_call(node_name, :ssl, :cipher_suites, [], timeout) - end - - def run([], %{node: node_name, timeout: timeout, erlang_format: true} = _opts) do - :rabbit_misc.rpc_call(node_name, :ssl, :cipher_suites, [], timeout) + def run([], %{node: node_name, timeout: timeout} = opts) do + {mod, function} = case opts do + %{openssl_format: true} -> {:rabbit_ssl, :cipher_suites_openssl}; + %{erlang_format: true} -> {:rabbit_ssl, :cipher_suites_erlang}; + %{map_format: true} -> {:rabbit_ssl, :cipher_suites} + end + args = case opts do + %{all: true} -> [:all]; + %{} -> [:default] + end + :rabbit_misc.rpc_call(node_name, mod, function, args, timeout) end def banner([], %{openssl_format: true}), do: "Listing available cipher suites in the OpenSSL format" def banner([], %{erlang_format: true}), do: "Listing available cipher suites in the Erlang term format" + def banner([], %{map_format: true}), do: "Listing available cipher suites in the new map-based format" + def help_section(), do: :observability_and_health_checks def description(), do: "Lists cipher suites available (but not necessarily allowed) on the target node" - def usage, do: "cipher_suites [--openssl-format] [--erlang-format]" + def usage, do: "cipher_suites [--openssl-format | --erlang-format | --map-format] [--all]" def usage_additional() do [ ["--openssl-format", "use OpenSSL cipher suite format"], - ["--erlang-format", "use Erlang cipher suite format"] + ["--erlang-format", "use Erlang cipher suite format"], + ["--map-format", "use new map-based cipher suite format"], + ["--all", "list all available suites"] ] end @@ -77,11 +96,11 @@ defmodule RabbitMQ.CLI.Diagnostics.Commands.CipherSuitesCommand do @behaviour RabbitMQ.CLI.FormatterBehaviour - def format_output(item, %{openssl_format: false} = _opts) do + def format_output(item, %{erlang_format: true} = _opts) do to_string(:io_lib.format("~p", [item])) end - def format_output(item, %{erlang_format: true} = _opts) do + def format_output(item, %{map_format: true} = opts) do to_string(:io_lib.format("~p", [item])) end @@ -89,11 +108,11 @@ defmodule RabbitMQ.CLI.Diagnostics.Commands.CipherSuitesCommand do RabbitMQ.CLI.Formatters.String.format_output(item, opts) end - def format_stream(stream, %{openssl_format: false} = opts) do + def format_stream(stream, %{erlang_format: true} = opts) do comma_separated(stream, opts) end - def format_stream(stream, %{erlang_format: true} = opts) do + def format_stream(stream, %{map_format: true} = opts) do comma_separated(stream, opts) end diff --git a/deps/rabbitmq_cli/test/diagnostics/cipher_suites_command_test.exs b/deps/rabbitmq_cli/test/diagnostics/cipher_suites_command_test.exs index 22f9462284..662ba0071a 100644 --- a/deps/rabbitmq_cli/test/diagnostics/cipher_suites_command_test.exs +++ b/deps/rabbitmq_cli/test/diagnostics/cipher_suites_command_test.exs @@ -30,8 +30,10 @@ defmodule CipherSuitesCommandTest do {:ok, opts: %{ node: get_rabbit_hostname(), timeout: context[:test_timeout] || 30000, - openssl_format: context[:openssl_format] || true, - erlang_format: context[:erlang_format] || false + openssl_format: true, + erlang_format: false, + map_format: false, + all: false }} end @@ -40,11 +42,11 @@ defmodule CipherSuitesCommandTest do end test "validate: providing --openssl-format passes validation", context do - assert @command.validate([], Map.merge(%{openssl_format: true}, context[:opts])) == :ok + assert @command.validate([], Map.merge(context[:opts], %{openssl_format: true})) == :ok end test "validate: providing --erlang-format passes validation", context do - assert @command.validate([], Map.merge(%{erlang_format: true}, context[:opts])) == :ok + assert @command.validate([], Map.merge(context[:opts], %{erlang_format: true, openssl_format: false})) == :ok end test "validate: providing any arguments fails validation", context do @@ -52,21 +54,25 @@ defmodule CipherSuitesCommandTest do {:validation_failure, :too_many_args} end - test "validate: setting both --openssl-format and --erlang-format to false fails validation", context do - assert @command.validate([], Map.merge(context[:opts], %{openssl_format: false, erlang_format: false})) == - {:validation_failure, {:bad_argument, "Either OpenSSL or Erlang term format must be selected"}} + test "validate: setting all formats to false fails validation", context do + assert @command.validate([], Map.merge(context[:opts], + %{openssl_format: false, + erlang_format: false, + map_format: false})) == + {:validation_failure, {:bad_argument, "At least one format must be selected"}} end test "validate: setting both --openssl-format and --erlang-format to true fails validation", context do assert @command.validate([], Map.merge(context[:opts], %{openssl_format: true, erlang_format: true})) == - {:validation_failure, {:bad_argument, "Cannot use both formats together"}} + {:validation_failure, {:bad_argument, "Cannot use multiple formats together"}} end test "validate: treats empty positional arguments and default switches as a success" do - assert @command.validate([], %{openssl_format: true, erlang_format: false}) == :ok + assert @command.validate([], %{openssl_format: true, + erlang_format: false}) == :ok end - test "validate: treats empty positional arguments and an Erlang term format flag as a success" do + test "validate: treats empty positional arguments Erlang term format flag and default flag as a success" do assert @command.validate([], %{erlang_format: true}) == :ok end @@ -75,17 +81,40 @@ defmodule CipherSuitesCommandTest do assert match?({:badrpc, _}, @command.run([], Map.merge(context[:opts], %{node: :jake@thedog}))) end - test "run: returns a list of cipher suites", context do + test "run: returns a list of cipher suites in OpenSSL format", context do res = @command.run([], context[:opts]) + for cipher <- res, do: assert true == is_list(cipher) # the list is long and its values are environment-specific, # so we simply assert that it is non-empty. MK. assert length(res) > 0 end - @tag openssl_format: true - test "run: returns a list cipher suites in the OpenSSL format", context do - res = @command.run([], context[:opts]) - # see the test above + test "run: returns a list of cipher suites in erlang format", context do + res = @command.run([], Map.merge(context[:opts], %{openssl_format: false, + erlang_format: true})) + + for cipher <- res, do: assert true = is_tuple(cipher) + # the list is long and its values are environment-specific, + # so we simply assert that it is non-empty. MK. + assert length(res) > 0 + end + + test "run: returns a list of cipher suites in map format", context do + res = @command.run([], Map.merge(context[:opts], %{openssl_format: false, + map_format: true})) + for cipher <- res, do: assert true = is_map(cipher) + # the list is long and its values are environment-specific, + # so we simply assert that it is non-empty. MK. assert length(res) > 0 end + + test "run: returns more cipher suites when all suites requested", context do + all_suites_opts = Map.merge(context[:opts], %{all: true}) + default_suites_opts = Map.merge(context[:opts], %{all: false}) + all_suites = @command.run([], all_suites_opts) + default_suites = @command.run([], default_suites_opts) + assert length(all_suites) > length(default_suites) + assert length(default_suites -- all_suites) == 0 + end + end |