[Pkg-puppet-devel] [SCM] Puppet packaging for Debian branch, experimental, updated. debian/2.6.8-1-844-g7ec39d5

[Nick Lewis]

The following commit has been merged in the experimental branch:
commit 665fabdb3e468d1ef38d689b9cb0d75b9d788f88
Merge: dce851cac79393f86950f4ebfc48b9ac67dcd8f7 cb01221a0f7221dba60bc23c5a0be2a70466bcdc
Author: Nick Lewis <nick at puppetlabs.com>
Date:   Tue Apr 12 10:46:12 2011 -0700

    Merge branch 'ticket/next/3360' into next

diff --combined spec/unit/indirector/certificate_request/ca_spec.rb
index 508d187,38d8a1b..08055e0
--- a/spec/unit/indirector/certificate_request/ca_spec.rb
+++ b/spec/unit/indirector/certificate_request/ca_spec.rb
@@@ -3,11 -3,30 +3,30 @@@
  #  Created by Luke Kanies on 2008-3-7.
  #  Copyright (c) 2007. All rights reserved.
  
 -require File.expand_path(File.dirname(__FILE__) + '/../../../spec_helper')
 +require 'spec_helper'
  
+ require 'puppet/ssl/host'
+ require 'puppet/sslcertificates'
+ require 'puppet/sslcertificates/ca'
  require 'puppet/indirector/certificate_request/ca'
  
  describe Puppet::SSL::CertificateRequest::Ca do
+   include PuppetSpec::Files
+ 
+   before :each do
+     Puppet[:ssldir] = tmpdir('ssl')
+ 
+     Puppet::SSL::Host.ca_location = :local
+     Puppet[:localcacert] = Puppet[:cacert]
+     Puppet::SSLCertificates::CA.new.mkrootcert
+ 
+     @ca = Puppet::SSL::CertificateAuthority.new
+   end
+ 
+   after :all do
+     Puppet::SSL::Host.ca_location = :none
+   end
+ 
    it "should have documentation" do
      Puppet::SSL::CertificateRequest::Ca.doc.should be_instance_of(String)
    end
@@@ -16,4 -35,30 +35,30 @@@
      Puppet.settings.expects(:value).with(:csrdir).returns "/request/dir"
      Puppet::SSL::CertificateRequest::Ca.collection_directory.should == "/request/dir"
    end
+ 
+   it "should overwrite the previous certificate request if allow_duplicate_certs is true" do
+     Puppet[:allow_duplicate_certs] = true
+     host = Puppet::SSL::Host.new("foo")
+     host.generate_certificate_request
+     @ca.sign(host.name)
+ 
+     Puppet::SSL::Host.indirection.find("foo").generate_certificate_request
+ 
+     Puppet::SSL::Certificate.indirection.find("foo").name.should == "foo"
+     Puppet::SSL::CertificateRequest.indirection.find("foo").name.should == "foo"
+     Puppet::SSL::Host.indirection.find("foo").state.should == "requested"
+   end
+ 
+   it "should reject a new certificate request if allow_duplicate_certs is false" do
+     Puppet[:allow_duplicate_certs] = false
+     host = Puppet::SSL::Host.new("bar")
+     host.generate_certificate_request
+     @ca.sign(host.name)
+ 
+     expect { Puppet::SSL::Host.indirection.find("bar").generate_certificate_request }.should raise_error(/ignoring certificate request/)
+ 
+     Puppet::SSL::Certificate.indirection.find("bar").name.should == "bar"
+     Puppet::SSL::CertificateRequest.indirection.find("bar").should be_nil
+     Puppet::SSL::Host.indirection.find("bar").state.should == "signed"
+   end
  end

-- 
Puppet packaging for Debian