summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatt Wrock <matt@mattwrock.com>2016-05-03 09:38:05 -0700
committerMatt Wrock <matt@mattwrock.com>2016-05-03 09:38:05 -0700
commitabad25eeb4fda3254f14eb3312d061a622abb12e (patch)
tree536c7b27bc64111449dcb8bf2f8810bca73adbf7
parent9b9f71d8a2e3ef16d00e4394dc914f24316d183f (diff)
parentc2d96d88f5dbe0db1a664afe4159ddcd6a5db63e (diff)
downloadchef-abad25eeb4fda3254f14eb3312d061a622abb12e.tar.gz
Merge pull request #4886 from chef/ssl_check_win
fixes knife ssl check on windows
-rw-r--r--lib/chef/knife/ssl_check.rb3
-rw-r--r--spec/unit/knife/ssl_check_spec.rb16
2 files changed, 18 insertions, 1 deletions
diff --git a/lib/chef/knife/ssl_check.rb b/lib/chef/knife/ssl_check.rb
index 0c672f322e..82ccb76ad7 100644
--- a/lib/chef/knife/ssl_check.rb
+++ b/lib/chef/knife/ssl_check.rb
@@ -257,7 +257,8 @@ ADVICE
def trusted_certificates
if configuration.trusted_certs_dir && Dir.exist?(configuration.trusted_certs_dir)
- Dir.glob(File.join(configuration.trusted_certs_dir, "*.{crt,pem}"))
+ glob_dir = ChefConfig::PathHelper.escape_glob_dir(configuration.trusted_certs_dir)
+ Dir.glob(File.join(glob_dir, "*.{crt,pem}"))
else
[]
end
diff --git a/spec/unit/knife/ssl_check_spec.rb b/spec/unit/knife/ssl_check_spec.rb
index 180d798d5b..8aa18c3abc 100644
--- a/spec/unit/knife/ssl_check_spec.rb
+++ b/spec/unit/knife/ssl_check_spec.rb
@@ -114,6 +114,22 @@ E
allow(ssl_check).to receive(:verify_cert_host).and_return(true)
end
+ context "when the trusted certificates directory is not glob escaped", :windows_only do
+ let(:trusted_certs_dir) { File.join(CHEF_SPEC_DATA.tr("/", "\\"), "trusted_certs") }
+
+ before do
+ allow(ssl_check).to receive(:trusted_certificates).and_call_original
+ allow(store).to receive(:verify).with(certificate).and_return(true)
+ end
+
+ it "escpaes the trusted certificates directory" do
+ expect(Dir).to receive(:glob)
+ .with("#{ChefConfig::PathHelper.escape_glob_dir(trusted_certs_dir)}/*.{crt,pem}")
+ .and_return([trusted_cert_file])
+ ssl_check.run
+ end
+ end
+
context "when the trusted certificates have valid X509 properties" do
before do
allow(store).to receive(:verify).with(certificate).and_return(true)