func makeFakeHome(c *gc.C) *testing.FakeHome {
return testing.MakeFakeHomeWithFiles(c, []testing.TestFile{
{".ssh/id_rsa.pub", "rsa\n"},
{".juju/myenv-cert.pem", caCert},
{".juju/myenv-private-key.pem", caKey},
})
}
func (*ConfigSuite) TestGenerateStateServerCertAndKey(c *gc.C) {
// In order to test missing certs, it checks the JUJU_HOME dir, so we need
// a fake home.
defer testing.MakeFakeHomeWithFiles(c, []testing.TestFile{
{".ssh/id_rsa.pub", "rsa\n"},
}).Restore()
for _, test := range []struct {
configValues map[string]interface{}
errMatch string
}{{
configValues: map[string]interface{}{
"name": "test-no-certs",
"type": "dummy",
},
errMatch: "environment configuration has no ca-cert",
}, {
configValues: map[string]interface{}{
"name": "test-no-certs",
"type": "dummy",
"ca-cert": testing.CACert,
},
errMatch: "environment configuration has no ca-private-key",
}, {
configValues: map[string]interface{}{
"name": "test-no-certs",
"type": "dummy",
"ca-cert": testing.CACert,
"ca-private-key": testing.CAKey,
},
}} {
cfg, err := config.New(config.UseDefaults, test.configValues)
c.Assert(err, gc.IsNil)
certPEM, keyPEM, err := cfg.GenerateStateServerCertAndKey()
if test.errMatch == "" {
c.Assert(err, gc.IsNil)
_, _, err = cert.ParseCertAndKey(certPEM, keyPEM)
c.Check(err, gc.IsNil)
err = cert.Verify(certPEM, testing.CACert, time.Now())
c.Assert(err, gc.IsNil)
err = cert.Verify(certPEM, testing.CACert, time.Now().AddDate(9, 0, 0))
c.Assert(err, gc.IsNil)
err = cert.Verify(certPEM, testing.CACert, time.Now().AddDate(10, 0, 1))
c.Assert(err, gc.NotNil)
} else {
c.Assert(err, gc.ErrorMatches, test.errMatch)
c.Assert(certPEM, gc.Equals, "")
c.Assert(keyPEM, gc.Equals, "")
}
}
}
func (*ConfigSuite) TestConfigEmptyCertFiles(c *gc.C) {
files := []testing.TestFile{
{".juju/my-name-cert.pem", ""},
{".juju/my-name-private-key.pem", ""},
}
h := testing.MakeFakeHomeWithFiles(c, files)
defer h.Restore()
for i, test := range emptyCertFilesTests {
c.Logf("test %d. %s", i, test.about)
test.check(c, h)
}
}
func (*ConfigSuite) TestValidateChange(c *gc.C) {
files := []testing.TestFile{
{".ssh/identity.pub", "identity"},
}
h := testing.MakeFakeHomeWithFiles(c, files)
defer h.Restore()
for i, test := range validationTests {
c.Logf("test %d: %s", i, test.about)
newConfig := newTestConfig(c, test.new)
oldConfig := newTestConfig(c, test.old)
err := config.Validate(newConfig, oldConfig)
if test.err == "" {
c.Assert(err, gc.IsNil)
} else {
c.Assert(err, gc.ErrorMatches, test.err)
}
}
}
func (*ConfigSuite) TestConfig(c *gc.C) {
files := []testing.TestFile{
{".ssh/id_dsa.pub", "dsa"},
{".ssh/id_rsa.pub", "rsa\n"},
{".ssh/identity.pub", "identity"},
{".ssh/authorized_keys", "auth0\n# first\nauth1\n\n"},
{".ssh/authorized_keys2", "auth2\nauth3\n"},
{".juju/my-name-cert.pem", caCert},
{".juju/my-name-private-key.pem", caKey},
{".juju/cacert2.pem", caCert2},
{".juju/cakey2.pem", caKey2},
{"othercert.pem", caCert3},
{"otherkey.pem", caKey3},
}
h := testing.MakeFakeHomeWithFiles(c, files)
defer h.Restore()
for i, test := range configTests {
c.Logf("test %d. %s", i, test.about)
test.check(c, h)
}
}