Sha256: 3c2c59fa581eeb5b414516cb9dcd6f64b5d75261449ab9393fe0f7b0b8afe138
Contents?: true
Size: 1.59 KB
Versions: 2
Compression:
Stored size: 1.59 KB
Contents
require 'spec_helper'
require 'certmeister/policy/fcrdns'
describe Certmeister::Policy::Fcrdns do
it "demands a request" do
expect { subject.authenticate }.to raise_error(ArgumentError)
end
it "refuses to authenticate a request with a missing cn" do
response = subject.authenticate({ip: '127.0.0.1'})
expect(response).to_not be_authenticated
expect(response.error).to eql "missing cn"
end
it "refuses to authenticate a request with a missing ip" do
response = subject.authenticate({cn: 'localhost'})
expect(response).to_not be_authenticated
expect(response.error).to eql "missing ip"
end
it "refuses to authenticate a request with an ip that does not have fcrdns that matches the cn" do
response = subject.authenticate({cn: 'bad.example.com', ip: '127.0.0.1'})
expect(response).to_not be_authenticated
expect(response.error).to eql "cn does not match fcrdns"
end
it "authenticates any request with an ip that does not have fcrdns that matches the cn" do
response = subject.authenticate({cn: 'localhost', ip: '127.0.0.1'})
expect(response).to be_authenticated
end
describe "error handling" do
it "refuses to authenticate a request when a DNS failure occurs" do
allow_any_instance_of(Resolv::DNS).to receive(:getnames).with('nonsense').and_raise(Resolv::ResolvError.new("cannot interpret as address: nonsense"))
response = subject.authenticate({cn: 'localhost', ip: 'nonsense'})
expect(response).to_not be_authenticated
expect(response.error).to eql "DNS error (cannot interpret as address: nonsense)"
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| certmeister-1.0.1 | spec/certmeister/policy/fcrdns_spec.rb |
| certmeister-1.0.0 | spec/certmeister/policy/fcrdns_spec.rb |