diff options
author | Pete Higgins <pete@peterhiggins.org> | 2020-12-17 11:06:00 -0800 |
---|---|---|
committer | Pete Higgins <pete@peterhiggins.org> | 2020-12-17 11:06:00 -0800 |
commit | 7e94fd61d4bae76a830448daa0d72b8d13891e4b (patch) | |
tree | 1af28364b18d1deaae14e3c5b3fad896a28d7ca0 | |
parent | 98da57d7e5e3b4e6175e5391bf56ad79d3e964cb (diff) | |
download | chef-7e94fd61d4bae76a830448daa0d72b8d13891e4b.tar.gz |
Don't pollute trusted_certs test data to keep bootstrap tests happy.fix-failures-in-ssl-handler
Signed-off-by: Pete Higgins <pete@peterhiggins.org>
-rw-r--r-- | spec/data/ssl/binary/chef-rspec-der.cert (renamed from spec/data/ssl/chef-rspec-der.cert) | bin | 1174 -> 1174 bytes | |||
-rw-r--r-- | spec/data/ssl/binary/chef-rspec-der.key (renamed from spec/data/ssl/chef-rspec-der.key) | bin | 1191 -> 1191 bytes | |||
-rw-r--r-- | spec/data/trusted_certs/example_der.crt | bin | 1174 -> 0 bytes | |||
-rw-r--r-- | spec/unit/http/ssl_policies_spec.rb | 27 |
4 files changed, 17 insertions, 10 deletions
diff --git a/spec/data/ssl/chef-rspec-der.cert b/spec/data/ssl/binary/chef-rspec-der.cert Binary files differindex e49df6252a..e49df6252a 100644 --- a/spec/data/ssl/chef-rspec-der.cert +++ b/spec/data/ssl/binary/chef-rspec-der.cert diff --git a/spec/data/ssl/chef-rspec-der.key b/spec/data/ssl/binary/chef-rspec-der.key Binary files differindex d8adadc5c9..d8adadc5c9 100644 --- a/spec/data/ssl/chef-rspec-der.key +++ b/spec/data/ssl/binary/chef-rspec-der.key diff --git a/spec/data/trusted_certs/example_der.crt b/spec/data/trusted_certs/example_der.crt Binary files differdeleted file mode 100644 index e49df6252a..0000000000 --- a/spec/data/trusted_certs/example_der.crt +++ /dev/null diff --git a/spec/unit/http/ssl_policies_spec.rb b/spec/unit/http/ssl_policies_spec.rb index 2eda19a4e2..6fc00b5fd9 100644 --- a/spec/unit/http/ssl_policies_spec.rb +++ b/spec/unit/http/ssl_policies_spec.rb @@ -116,7 +116,7 @@ describe "HTTP SSL Policy" do end it "configures the HTTP client's cert and private key with a DER encoded cert" do - Chef::Config[:ssl_client_cert] = CHEF_SPEC_DATA + "/ssl/chef-rspec-der.cert" + Chef::Config[:ssl_client_cert] = CHEF_SPEC_DATA + "/ssl/binary/chef-rspec-der.cert" Chef::Config[:ssl_client_key] = CHEF_SPEC_DATA + "/ssl/chef-rspec.key" expect(http_client.cert.to_s).to eq(OpenSSL::X509::Certificate.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.cert")).to_s) expect(http_client.key.to_s).to eq(OpenSSL::PKey::RSA.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.key")).to_s) @@ -124,7 +124,7 @@ describe "HTTP SSL Policy" do it "configures the HTTP client's cert and private key with a DER encoded key" do Chef::Config[:ssl_client_cert] = CHEF_SPEC_DATA + "/ssl/chef-rspec.cert" - Chef::Config[:ssl_client_key] = CHEF_SPEC_DATA + "/ssl/chef-rspec-der.key" + Chef::Config[:ssl_client_key] = CHEF_SPEC_DATA + "/ssl/binary/chef-rspec-der.key" expect(http_client.cert.to_s).to eq(OpenSSL::X509::Certificate.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.cert")).to_s) expect(http_client.key.to_s).to eq(OpenSSL::PKey::RSA.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.key")).to_s) end @@ -164,17 +164,24 @@ describe "HTTP SSL Policy" do ssl_policy.set_custom_certs ssl_policy.set_custom_certs # should not raise an error end - end - it "raises ConfigurationError with a bad cert file in the trusted_certs dir" do - ssl_policy = ssl_policy_class.new(Net::HTTP.new("example.com")) + it "raises ConfigurationError with a bad cert file in the trusted_certs dir" do + ssl_policy = ssl_policy_class.new(Net::HTTP.new("example.com")) + + Dir.mktmpdir do |dir| + bad_cert_file = File.join(dir, "bad_cert_file.crt") + File.write(bad_cert_file, File.read(__FILE__)) - Dir.mktmpdir do |dir| - bad_cert_file = File.join(dir, "bad_cert_file.crt") - File.binwrite(bad_cert_file, File.read(__FILE__)) + Chef::Config.trusted_certs_dir = dir + expect { ssl_policy.set_custom_certs }.to raise_error(Chef::Exceptions::ConfigurationError, /Error reading cert file/) + end + end - Chef::Config.trusted_certs_dir = dir - expect { ssl_policy.set_custom_certs }.to raise_error(Chef::Exceptions::ConfigurationError, /Error reading cert file/) + it "works with binary certs" do + Chef::Config.trusted_certs_dir = File.join(CHEF_SPEC_DATA, "ssl", "binary") + + ssl_policy = ssl_policy_class.new(Net::HTTP.new("example.com")) + ssl_policy.set_custom_certs end end end |