예제 #1
0
func makeFakeHome(c *gc.C) *testing.FakeHome {
	return testing.MakeFakeHomeWithFiles(c, []testing.TestFile{
		{".ssh/id_rsa.pub", "rsa\n"},
		{".juju/myenv-cert.pem", caCert},
		{".juju/myenv-private-key.pem", caKey},
	})
}
예제 #2
0
func (*ConfigSuite) TestGenerateStateServerCertAndKey(c *gc.C) {
	// In order to test missing certs, it checks the JUJU_HOME dir, so we need
	// a fake home.
	defer testing.MakeFakeHomeWithFiles(c, []testing.TestFile{
		{".ssh/id_rsa.pub", "rsa\n"},
	}).Restore()

	for _, test := range []struct {
		configValues map[string]interface{}
		errMatch     string
	}{{
		configValues: map[string]interface{}{
			"name": "test-no-certs",
			"type": "dummy",
		},
		errMatch: "environment configuration has no ca-cert",
	}, {
		configValues: map[string]interface{}{
			"name":    "test-no-certs",
			"type":    "dummy",
			"ca-cert": testing.CACert,
		},
		errMatch: "environment configuration has no ca-private-key",
	}, {
		configValues: map[string]interface{}{
			"name":           "test-no-certs",
			"type":           "dummy",
			"ca-cert":        testing.CACert,
			"ca-private-key": testing.CAKey,
		},
	}} {
		cfg, err := config.New(config.UseDefaults, test.configValues)
		c.Assert(err, gc.IsNil)
		certPEM, keyPEM, err := cfg.GenerateStateServerCertAndKey()
		if test.errMatch == "" {
			c.Assert(err, gc.IsNil)

			_, _, err = cert.ParseCertAndKey(certPEM, keyPEM)
			c.Check(err, gc.IsNil)

			err = cert.Verify(certPEM, testing.CACert, time.Now())
			c.Assert(err, gc.IsNil)
			err = cert.Verify(certPEM, testing.CACert, time.Now().AddDate(9, 0, 0))
			c.Assert(err, gc.IsNil)
			err = cert.Verify(certPEM, testing.CACert, time.Now().AddDate(10, 0, 1))
			c.Assert(err, gc.NotNil)
		} else {
			c.Assert(err, gc.ErrorMatches, test.errMatch)
			c.Assert(certPEM, gc.Equals, "")
			c.Assert(keyPEM, gc.Equals, "")
		}
	}
}
예제 #3
0
func (*ConfigSuite) TestConfigEmptyCertFiles(c *gc.C) {
	files := []testing.TestFile{
		{".juju/my-name-cert.pem", ""},
		{".juju/my-name-private-key.pem", ""},
	}
	h := testing.MakeFakeHomeWithFiles(c, files)
	defer h.Restore()

	for i, test := range emptyCertFilesTests {
		c.Logf("test %d. %s", i, test.about)
		test.check(c, h)
	}
}
예제 #4
0
func (*ConfigSuite) TestValidateChange(c *gc.C) {
	files := []testing.TestFile{
		{".ssh/identity.pub", "identity"},
	}
	h := testing.MakeFakeHomeWithFiles(c, files)
	defer h.Restore()

	for i, test := range validationTests {
		c.Logf("test %d: %s", i, test.about)
		newConfig := newTestConfig(c, test.new)
		oldConfig := newTestConfig(c, test.old)
		err := config.Validate(newConfig, oldConfig)
		if test.err == "" {
			c.Assert(err, gc.IsNil)
		} else {
			c.Assert(err, gc.ErrorMatches, test.err)
		}
	}
}
예제 #5
0
func (*ConfigSuite) TestConfig(c *gc.C) {
	files := []testing.TestFile{
		{".ssh/id_dsa.pub", "dsa"},
		{".ssh/id_rsa.pub", "rsa\n"},
		{".ssh/identity.pub", "identity"},
		{".ssh/authorized_keys", "auth0\n# first\nauth1\n\n"},
		{".ssh/authorized_keys2", "auth2\nauth3\n"},

		{".juju/my-name-cert.pem", caCert},
		{".juju/my-name-private-key.pem", caKey},
		{".juju/cacert2.pem", caCert2},
		{".juju/cakey2.pem", caKey2},
		{"othercert.pem", caCert3},
		{"otherkey.pem", caKey3},
	}
	h := testing.MakeFakeHomeWithFiles(c, files)
	defer h.Restore()
	for i, test := range configTests {
		c.Logf("test %d. %s", i, test.about)
		test.check(c, h)
	}
}