summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJay Mundrawala <jdmundrawala@gmail.com>2016-01-27 18:48:44 -0800
committerJay Mundrawala <jdmundrawala@gmail.com>2016-01-28 15:28:33 -0800
commitd1f9d3fe01da4620c983ee9b74cbd973abbff418 (patch)
treeba4bfcc70dd796fce8920f42c99d8ea87162e1a6
parented44d58632c02744ce02bcc6af504e4e3c802f1f (diff)
downloadchef-jdm/fips-58.tar.gz
Refactor chef-config fips configjdm/fips-58
This refactor allows for better mocking in the tests. Before, when init_openssl was called, classes would get monkey patched. While this may not cause problems now, some day in the future, somebody would have been like "WTF is going on".
-rw-r--r--chef-config/lib/chef-config/config.rb21
-rw-r--r--spec/unit/application/knife_spec.rb8
-rw-r--r--spec/unit/application_spec.rb2
3 files changed, 19 insertions, 12 deletions
diff --git a/chef-config/lib/chef-config/config.rb b/chef-config/lib/chef-config/config.rb
index 68cece43da..e4a12e8949 100644
--- a/chef-config/lib/chef-config/config.rb
+++ b/chef-config/lib/chef-config/config.rb
@@ -496,13 +496,7 @@ module ChefConfig
# Initialize openssl
def self.init_openssl
if fips
- ChefConfig.logger.warn "The `fips` feature is still a work in progress. This feature is incomplete."
- OpenSSL.fips_mode = true
- require "digest"
- require "digest/sha1"
- require "digest/md5"
- Digest.const_set("SHA1", OpenSSL::Digest::SHA1)
- OpenSSL::Digest.const_set("MD5", Digest::MD5)
+ self.enable_fips_mode
end
end
@@ -910,5 +904,18 @@ module ChefConfig
def self._this_file
File.expand_path(__FILE__)
end
+
+ # Set fips mode in openssl. Do any patching necessary to make
+ # sure Chef runs do not crash.
+ # @api private
+ def self.enable_fips_mode
+ ChefConfig.logger.warn "The `fips` feature is still a work in progress. This feature is incomplete."
+ OpenSSL.fips_mode = true
+ require "digest"
+ require "digest/sha1"
+ require "digest/md5"
+ Digest.const_set("SHA1", OpenSSL::Digest::SHA1)
+ OpenSSL::Digest.const_set("MD5", Digest::MD5)
+ end
end
end
diff --git a/spec/unit/application/knife_spec.rb b/spec/unit/application/knife_spec.rb
index c6c3c4d12c..08e058caed 100644
--- a/spec/unit/application/knife_spec.rb
+++ b/spec/unit/application/knife_spec.rb
@@ -93,7 +93,7 @@ describe Chef::Application::Knife do
it "does not initialize fips mode when no flags are passed" do
with_argv(*%w{noop knife command}) do
expect(@knife).to receive(:exit).with(0)
- expect(OpenSSL).not_to receive(:'fips_mode=')
+ expect(Chef::Config).not_to receive(:enable_fips_mode)
@knife.run
expect(Chef::Config[:fips]).to eq(false)
end
@@ -102,7 +102,7 @@ describe Chef::Application::Knife do
it "overwrites the Chef::Config value when passed --fips" do
with_argv(*%w{noop knife command --fips}) do
expect(@knife).to receive(:exit).with(0)
- expect(OpenSSL).to receive(:'fips_mode=').with(true)
+ expect(Chef::Config).to receive(:enable_fips_mode)
@knife.run
expect(Chef::Config[:fips]).to eq(true)
end
@@ -117,7 +117,7 @@ describe Chef::Application::Knife do
it "initializes fips mode when passed --fips" do
with_argv(*%w{noop knife command --fips}) do
expect(@knife).to receive(:exit).with(0)
- expect(OpenSSL).to receive(:'fips_mode=').with(true)
+ expect(Chef::Config).to receive(:enable_fips_mode)
@knife.run
expect(Chef::Config[:fips]).to eq(true)
end
@@ -126,7 +126,7 @@ describe Chef::Application::Knife do
it "overwrites the Chef::Config value when passed --no-fips" do
with_argv(*%w{noop knife command --no-fips}) do
expect(@knife).to receive(:exit).with(0)
- expect(OpenSSL).not_to receive(:'fips_mode=')
+ expect(Chef::Config).not_to receive(:enable_fips_mode)
@knife.run
expect(Chef::Config[:fips]).to eq(false)
end
diff --git a/spec/unit/application_spec.rb b/spec/unit/application_spec.rb
index 340f062564..ceff3b6eb5 100644
--- a/spec/unit/application_spec.rb
+++ b/spec/unit/application_spec.rb
@@ -148,7 +148,7 @@ describe Chef::Application do
end
it "sets openssl in fips mode" do
- expect(OpenSSL).to receive(:'fips_mode=').with(true)
+ expect(Chef::Config).to receive(:enable_fips_mode)
@app.configure_chef
end
end