| LEFT | RIGHT |
|---|
| (no file at all) | |
| 1 package environs_test | 1 package environs_test |
| 2 | 2 |
| 3 import ( | 3 import ( |
| 4 "bytes" | 4 "bytes" |
| 5 "crypto/rsa" | 5 "crypto/rsa" |
| 6 "crypto/tls" | 6 "crypto/tls" |
| 7 "crypto/x509" | 7 "crypto/x509" |
| 8 "encoding/pem" | 8 "encoding/pem" |
| 9 "fmt" | 9 "fmt" |
| 10 "io" | 10 "io" |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 50 // correctly. | 50 // correctly. |
| 51 caKeyPEM, err := ioutil.ReadFile(filepath.Join(os.Getenv("HOME"), ".juju
", "foo.pem")) | 51 caKeyPEM, err := ioutil.ReadFile(filepath.Join(os.Getenv("HOME"), ".juju
", "foo.pem")) |
| 52 c.Assert(err, IsNil) | 52 c.Assert(err, IsNil) |
| 53 | 53 |
| 54 caCert, _ := parseCertAndKey(c, caKeyPEM) | 54 caCert, _ := parseCertAndKey(c, caKeyPEM) |
| 55 | 55 |
| 56 caName := checkTLSConnection(c, caCert, bootstrapCert, bootstrapKey) | 56 caName := checkTLSConnection(c, caCert, bootstrapCert, bootstrapKey) |
| 57 c.Assert(caName, Equals, `juju-generated CA for environment foo`) | 57 c.Assert(caName, Equals, `juju-generated CA for environment foo`) |
| 58 } | 58 } |
| 59 | 59 |
| 60 var testServerPEM = []byte(testing.CACertPEM + testing.CAKeyPEM) | 60 var testServerPEM = []byte(testing.CACert + testing.CAKey) |
| 61 | 61 |
| 62 func (s *bootstrapSuite) TestBootstrapExistingKey(c *C) { | 62 func (s *bootstrapSuite) TestBootstrapExistingKey(c *C) { |
| 63 path := filepath.Join(os.Getenv("HOME"), ".juju", "bar.pem") | 63 path := filepath.Join(os.Getenv("HOME"), ".juju", "bar.pem") |
| 64 err := ioutil.WriteFile(path, testServerPEM, 0600) | 64 err := ioutil.WriteFile(path, testServerPEM, 0600) |
| 65 c.Assert(err, IsNil) | 65 c.Assert(err, IsNil) |
| 66 | 66 |
| 67 env := &bootstrapEnviron{name: "bar"} | 67 env := &bootstrapEnviron{name: "bar"} |
| 68 err = environs.Bootstrap(env, false, nil) | 68 err = environs.Bootstrap(env, false, nil) |
| 69 c.Assert(err, IsNil) | 69 c.Assert(err, IsNil) |
| 70 c.Assert(env.bootstrapCount, Equals, 1) | 70 c.Assert(env.bootstrapCount, Equals, 1) |
| 71 | 71 |
| 72 bootstrapCert, bootstrapKey := parseCertAndKey(c, env.stateServerPEM) | 72 bootstrapCert, bootstrapKey := parseCertAndKey(c, env.stateServerPEM) |
| 73 | 73 |
| 74 » caName := checkTLSConnection(c, certificate(testing.CACertPEM), bootstra
pCert, bootstrapKey) | 74 » caName := checkTLSConnection(c, certificate(testing.CACert), bootstrapCe
rt, bootstrapKey) |
| 75 c.Assert(caName, Equals, testing.CACertX509.Subject.CommonName) | 75 c.Assert(caName, Equals, testing.CACertX509.Subject.CommonName) |
| 76 } | 76 } |
| 77 | 77 |
| 78 func (s *bootstrapSuite) TestBootstrapUploadTools(c *C) { | 78 func (s *bootstrapSuite) TestBootstrapUploadTools(c *C) { |
| 79 env := &bootstrapEnviron{name: "foo"} | 79 env := &bootstrapEnviron{name: "foo"} |
| 80 err := environs.Bootstrap(env, false, testServerPEM) | 80 err := environs.Bootstrap(env, false, testServerPEM) |
| 81 c.Assert(err, IsNil) | 81 c.Assert(err, IsNil) |
| 82 c.Assert(env.bootstrapCount, Equals, 1) | 82 c.Assert(env.bootstrapCount, Equals, 1) |
| 83 c.Assert(env.uploadTools, Equals, false) | 83 c.Assert(env.uploadTools, Equals, false) |
| 84 | 84 |
| 85 env = &bootstrapEnviron{name: "foo"} | 85 env = &bootstrapEnviron{name: "foo"} |
| 86 err = environs.Bootstrap(env, true, testServerPEM) | 86 err = environs.Bootstrap(env, true, testServerPEM) |
| 87 c.Assert(err, IsNil) | 87 c.Assert(err, IsNil) |
| 88 c.Assert(env.bootstrapCount, Equals, 1) | 88 c.Assert(env.bootstrapCount, Equals, 1) |
| 89 c.Assert(env.uploadTools, Equals, true) | 89 c.Assert(env.uploadTools, Equals, true) |
| 90 } | 90 } |
| 91 | 91 |
| 92 func (s *bootstrapSuite) TestBootstrapWithCertArgument(c *C) { | 92 func (s *bootstrapSuite) TestBootstrapWithCertArgument(c *C) { |
| 93 env := &bootstrapEnviron{name: "bar"} | 93 env := &bootstrapEnviron{name: "bar"} |
| 94 err := environs.Bootstrap(env, false, testServerPEM) | 94 err := environs.Bootstrap(env, false, testServerPEM) |
| 95 c.Assert(err, IsNil) | 95 c.Assert(err, IsNil) |
| 96 c.Assert(env.bootstrapCount, Equals, 1) | 96 c.Assert(env.bootstrapCount, Equals, 1) |
| 97 | 97 |
| 98 bootstrapCert, bootstrapKey := parseCertAndKey(c, env.stateServerPEM) | 98 bootstrapCert, bootstrapKey := parseCertAndKey(c, env.stateServerPEM) |
| 99 | 99 |
| 100 » caName := checkTLSConnection(c, certificate(testing.CACertPEM), bootstra
pCert, bootstrapKey) | 100 » caName := checkTLSConnection(c, certificate(testing.CACert), bootstrapCe
rt, bootstrapKey) |
| 101 c.Assert(caName, Equals, testing.CACertX509.Subject.CommonName) | 101 c.Assert(caName, Equals, testing.CACertX509.Subject.CommonName) |
| 102 } | 102 } |
| 103 | 103 |
| 104 var invalidCertTests = []struct { | 104 var invalidCertTests = []struct { |
| 105 pem string | 105 pem string |
| 106 err string | 106 err string |
| 107 }{{ | 107 }{{ |
| 108 `xxxx`, | 108 `xxxx`, |
| 109 "bad CA PEM: CA PEM holds no certificate", | 109 "bad CA PEM: CA PEM holds no certificate", |
| 110 }, { | 110 }, { |
| 111 » testing.CACertPEM, | 111 » testing.CACert, |
| 112 "bad CA PEM: CA PEM holds no private key", | 112 "bad CA PEM: CA PEM holds no private key", |
| 113 }, { | 113 }, { |
| 114 » testing.CAKeyPEM, | 114 » testing.CAKey, |
| 115 "bad CA PEM: CA PEM holds no certificate", | 115 "bad CA PEM: CA PEM holds no certificate", |
| 116 }, { | 116 }, { |
| 117 `-----BEGIN CERTIFICATE----- | 117 `-----BEGIN CERTIFICATE----- |
| 118 MIIBnTCCAUmgAwIBAgIBADALBgkqhkiG9w0BAQUwJjENMAsGA1UEChMEanVqdTEV | 118 MIIBnTCCAUmgAwIBAgIBADALBgkqhkiG9w0BAQUwJjENMAsGA1UEChMEanVqdTEV |
| 119 MBMGA1UEAxMManVqdSB0ZXN0aW5nMB4XDTEyMTExNDE0Mzg1NFoXDTIyMTExNDE0 | 119 MBMGA1UEAxMManVqdSB0ZXN0aW5nMB4XDTEyMTExNDE0Mzg1NFoXDTIyMTExNDE0 |
| 120 NDM1NFowJjENMAsGA1UEChMEanVqdTEVMBMGA1UEAxMManVqdSB0ZXN0aW5n | 120 NDM1NFowJjENMAsGA1UEChMEanVqdTEVMBMGA1UEAxMManVqdSB0ZXN0aW5n |
| 121 -----END CERTIFICATE----- | 121 -----END CERTIFICATE----- |
| 122 ` + testing.CAKeyPEM, | 122 ` + testing.CAKey, |
| 123 `bad CA PEM: ASN\.1.*`, | 123 `bad CA PEM: ASN\.1.*`, |
| 124 }, { | 124 }, { |
| 125 `-----BEGIN RSA PRIVATE KEY----- | 125 `-----BEGIN RSA PRIVATE KEY----- |
| 126 MIIBOwIBAAJBAII46mf1pYpwqvYZAa3KDAPs91817Uj0FiI8CprYjfcXn7o+oV1+ | 126 MIIBOwIBAAJBAII46mf1pYpwqvYZAa3KDAPs91817Uj0FiI8CprYjfcXn7o+oV1+ |
| 127 -----END RSA PRIVATE KEY----- | 127 -----END RSA PRIVATE KEY----- |
| 128 ` + testing.CACertPEM, | 128 ` + testing.CACert, |
| 129 "bad CA PEM: crypto/tls: .*", | 129 "bad CA PEM: crypto/tls: .*", |
| 130 }, { | 130 }, { |
| 131 `-----BEGIN CERTIFICATE----- | 131 `-----BEGIN CERTIFICATE----- |
| 132 MIIBmjCCAUagAwIBAgIBADALBgkqhkiG9w0BAQUwJjENMAsGA1UEChMEanVqdTEV | 132 MIIBmjCCAUagAwIBAgIBADALBgkqhkiG9w0BAQUwJjENMAsGA1UEChMEanVqdTEV |
| 133 MBMGA1UEAxMManVqdSB0ZXN0aW5nMB4XDTEyMTExNDE3MTU1NloXDTIyMTExNDE3 | 133 MBMGA1UEAxMManVqdSB0ZXN0aW5nMB4XDTEyMTExNDE3MTU1NloXDTIyMTExNDE3 |
| 134 MjA1NlowJjENMAsGA1UEChMEanVqdTEVMBMGA1UEAxMManVqdSB0ZXN0aW5nMFow | 134 MjA1NlowJjENMAsGA1UEChMEanVqdTEVMBMGA1UEAxMManVqdSB0ZXN0aW5nMFow |
| 135 CwYJKoZIhvcNAQEBA0sAMEgCQQC96/CsTTY1Va8et6QYNXwrssAi36asFlV/fksG | 135 CwYJKoZIhvcNAQEBA0sAMEgCQQC96/CsTTY1Va8et6QYNXwrssAi36asFlV/fksG |
| 136 hqRucidiz/+xHvhs9EiqEu7NGxeVAkcfIhXu6/BDlobtj2v5AgMBAAGjYzBhMA4G | 136 hqRucidiz/+xHvhs9EiqEu7NGxeVAkcfIhXu6/BDlobtj2v5AgMBAAGjYzBhMA4G |
| 137 A1UdDwEB/wQEAwIABDAPBgNVHRMBAf8EBTADAgEBMB0GA1UdDgQWBBRqbxkIW4R0 | 137 A1UdDwEB/wQEAwIABDAPBgNVHRMBAf8EBTADAgEBMB0GA1UdDgQWBBRqbxkIW4R0 |
| 138 vmmkUoYuWg9sDob4jzAfBgNVHSMEGDAWgBRqbxkIW4R0vmmkUoYuWg9sDob4jzAL | 138 vmmkUoYuWg9sDob4jzAfBgNVHSMEGDAWgBRqbxkIW4R0vmmkUoYuWg9sDob4jzAL |
| (...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 336 } | 336 } |
| 337 } | 337 } |
| 338 c.Assert(certBlocks, HasLen, 1) | 338 c.Assert(certBlocks, HasLen, 1) |
| 339 c.Assert(otherBlocks, HasLen, 1) | 339 c.Assert(otherBlocks, HasLen, 1) |
| 340 cert = certificate(pem.EncodeToMemory(certBlocks[0])) | 340 cert = certificate(pem.EncodeToMemory(certBlocks[0])) |
| 341 tlsCert, err := tls.X509KeyPair(cert, pem.EncodeToMemory(otherBlocks[0])
) | 341 tlsCert, err := tls.X509KeyPair(cert, pem.EncodeToMemory(otherBlocks[0])
) |
| 342 c.Assert(err, IsNil) | 342 c.Assert(err, IsNil) |
| 343 | 343 |
| 344 return cert, tlsCert.PrivateKey.(*rsa.PrivateKey) | 344 return cert, tlsCert.PrivateKey.(*rsa.PrivateKey) |
| 345 } | 345 } |
| LEFT | RIGHT |
|---|
