(WIP) reproduction of issue for pp-913

jpartlow · Dec 3, 2013 · 406ca22 · 406ca22
1 parent de8a14f
commit 406ca22
Showing 1 changed file with 22 additions and 9 deletions.
diff --git a/spec/integration/ssl/autosign_spec.rb b/spec/integration/ssl/autosign_spec.rb
@@ -31,25 +31,38 @@
     Puppet::SSL::Key.indirection.termini.clear
   end
 
-  context "with extension requests from csr_attributes file" do
-    let(:ca) { Puppet::SSL::CertificateAuthority.new }
+  def write_csr_attributes(yaml)
+    File.open(Puppet.settings[:csr_attributes], 'w') do |file|
+      file.puts YAML.dump(yaml)
+    end
+  end
 
-    def write_csr_attributes
-      File.open(Puppet.settings[:csr_attributes], 'w') do |file|
-        file.puts YAML.dump(csr_attributes_content)
-      end
+  context "with an invalid csr_attributes file" do
+    it "empty file"
+    it "a string"
+    it "an empty hash"
+    it "an empty array"
+    it "ignores the file without raising errors" do
+      write_csr_attributes('')
+      host.generate_certificate_request
+      csr = Puppet::SSL::CertificateRequest.indirection.find(host.name)
+      expect(csr.subject_alt_names).to include('DNS:althostname.nowhere')
     end
+  end
+
+  context "with extension requests from csr_attributes file" do
+    let(:ca) { Puppet::SSL::CertificateAuthority.new }
 
     context "and subjectAltName" do
       it "raises an error if you include subjectAltName in csr_attributes" do
         csr_attributes_content['extension_requests']['subjectAltName'] = 'foo'
-        write_csr_attributes
+        write_csr_attributes(csr_attributes_content)
         expect { host.generate_certificate_request }.to raise_error(Puppet::Error, /subjectAltName.*conflicts with internally used extension request/)
       end
 
       it "properly merges subjectAltName when in settings" do
         Puppet.settings[:dns_alt_names] = 'althostname.nowhere'
-        write_csr_attributes
+        write_csr_attributes(csr_attributes_content)
         host.generate_certificate_request
         csr = Puppet::SSL::CertificateRequest.indirection.find(host.name)
         expect(csr.subject_alt_names).to include('DNS:althostname.nowhere')
@@ -59,7 +72,7 @@ def write_csr_attributes
     context "without subjectAltName" do
 
       before do
-        write_csr_attributes
+        write_csr_attributes(csr_attributes_content)
         host.generate_certificate_request
       end