diff --git a/command/agent/rpc_client_test.go b/command/agent/rpc_client_test.go index ef082838ae..3bf03d6dc6 100644 --- a/command/agent/rpc_client_test.go +++ b/command/agent/rpc_client_test.go @@ -30,10 +30,10 @@ func (r *rpcParts) Close() { // testRPCClient returns an RPCClient connected to an RPC server that // serves only this connection. func testRPCClient(t *testing.T) *rpcParts { - return testRPCClientWithConfig(t, nil) + return testRPCClientWithConfig(t, func(c *Config) {}) } -func testRPCClientWithConfig(t *testing.T, c *Config) *rpcParts { +func testRPCClientWithConfig(t *testing.T, cb func(c *Config)) *rpcParts { l, err := net.Listen("tcp", "127.0.0.1:0") if err != nil { t.Fatalf("err: %s", err) @@ -43,9 +43,7 @@ func testRPCClientWithConfig(t *testing.T, c *Config) *rpcParts { mult := io.MultiWriter(os.Stderr, lw) conf := nextConfig() - if c != nil { - conf = MergeConfig(conf, c) - } + cb(conf) dir, agent := makeAgentLog(t, conf, mult) rpc := NewAgentRPC(agent, l, mult, lw) @@ -284,8 +282,10 @@ OUTER2: func TestRPCClientListKeys(t *testing.T) { key1 := "tbLJg26ZJyJ9pK3qhc9jig==" - conf := Config{EncryptKey: key1, Datacenter: "dc1"} - p1 := testRPCClientWithConfig(t, &conf) + p1 := testRPCClientWithConfig(t, func(c *Config) { + c.EncryptKey = key1 + c.Datacenter = "dc1" + }) defer p1.Close() // Key is initially installed to both wan/lan @@ -301,8 +301,9 @@ func TestRPCClientListKeys(t *testing.T) { func TestRPCClientInstallKey(t *testing.T) { key1 := "tbLJg26ZJyJ9pK3qhc9jig==" key2 := "xAEZ3uVHRMZD9GcYMZaRQw==" - conf := Config{EncryptKey: key1} - p1 := testRPCClientWithConfig(t, &conf) + p1 := testRPCClientWithConfig(t, func(c *Config) { + c.EncryptKey = key1 + }) defer p1.Close() // key2 is not installed yet @@ -344,8 +345,9 @@ func TestRPCClientInstallKey(t *testing.T) { func TestRPCClientUseKey(t *testing.T) { key1 := "tbLJg26ZJyJ9pK3qhc9jig==" key2 := "xAEZ3uVHRMZD9GcYMZaRQw==" - conf := Config{EncryptKey: key1} - p1 := testRPCClientWithConfig(t, &conf) + p1 := testRPCClientWithConfig(t, func(c *Config) { + c.EncryptKey = key1 + }) defer p1.Close() // add a second key to the ring diff --git a/command/keyring_test.go b/command/keyring_test.go index 25e20599cc..bb8691ebb4 100644 --- a/command/keyring_test.go +++ b/command/keyring_test.go @@ -17,8 +17,9 @@ func TestKeyringCommandRun(t *testing.T) { key2 := "kZyFABeAmc64UMTrm9XuKA==" // Begin with a single key - conf := agent.Config{EncryptKey: key1} - a1 := testAgentWithConfig(&conf, t) + a1 := testAgentWithConfig(t, func(c *agent.Config) { + c.EncryptKey = key1 + }) defer a1.Shutdown() // The LAN and WAN keyrings were initialized with key1 diff --git a/command/util_test.go b/command/util_test.go index 586489233e..a48f33cb0c 100644 --- a/command/util_test.go +++ b/command/util_test.go @@ -39,10 +39,10 @@ func (a *agentWrapper) Shutdown() { } func testAgent(t *testing.T) *agentWrapper { - return testAgentWithConfig(nil, t) + return testAgentWithConfig(t, func(c *agent.Config) {}) } -func testAgentWithConfig(c *agent.Config, t *testing.T) *agentWrapper { +func testAgentWithConfig(t *testing.T, cb func(c *agent.Config)) *agentWrapper { l, err := net.Listen("tcp", "127.0.0.1:0") if err != nil { t.Fatalf("err: %s", err) @@ -52,9 +52,7 @@ func testAgentWithConfig(c *agent.Config, t *testing.T) *agentWrapper { mult := io.MultiWriter(os.Stderr, lw) conf := nextConfig() - if c != nil { - conf = agent.MergeConfig(c, conf) - } + cb(conf) dir, err := ioutil.TempDir("", "agent") if err != nil { diff --git a/consul/client.go b/consul/client.go index 2c053513a3..cf0ddca0cf 100644 --- a/consul/client.go +++ b/consul/client.go @@ -206,11 +206,6 @@ func (c *Client) UserEvent(name string, payload []byte) error { return c.serf.UserEvent(userEventName(name), payload, false) } -// KeyManager returns the LAN Serf keyring manager -func (c *Client) KeyManagerLAN() *serf.KeyManager { - return c.serf.KeyManager() -} - // Encrypted determines if gossip is encrypted func (c *Client) Encrypted() bool { return c.serf.EncryptionEnabled() diff --git a/consul/client_test.go b/consul/client_test.go index a783c3a52c..33425cdf70 100644 --- a/consul/client_test.go +++ b/consul/client_test.go @@ -269,3 +269,23 @@ func TestClientServer_UserEvent(t *testing.T) { t.Fatalf("missing events") } } + +func TestClient_Encrypted(t *testing.T) { + dir1, c1 := testClient(t) + defer os.RemoveAll(dir1) + defer c1.Shutdown() + + key := []byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15} + dir2, c2 := testClientWithConfig(t, func(c *Config) { + c.SerfLANConfig.MemberlistConfig.SecretKey = key + }) + defer os.RemoveAll(dir2) + defer c2.Shutdown() + + if c1.Encrypted() { + t.Fatalf("should not be encrypted") + } + if !c2.Encrypted() { + t.Fatalf("should be encrypted") + } +} diff --git a/consul/server_test.go b/consul/server_test.go index 50627837e6..9a6c311239 100644 --- a/consul/server_test.go +++ b/consul/server_test.go @@ -486,14 +486,23 @@ func TestServer_globalRPC(t *testing.T) { // Try to join addr := fmt.Sprintf("127.0.0.1:%d", - s1.config.SerfLANConfig.MemberlistConfig.BindPort) - if _, err := s2.JoinLAN([]string{addr}); err != nil { + s1.config.SerfWANConfig.MemberlistConfig.BindPort) + if _, err := s2.JoinWAN([]string{addr}); err != nil { t.Fatalf("err: %v", err) } + // Check the members + testutil.WaitForResult(func() (bool, error) { + members := len(s1.WANMembers()) + return members == 2, fmt.Errorf("expected 2 members, got %d", members) + }, func(err error) { + t.Fatalf(err.Error()) + }) + + // Wait for leader election testutil.WaitForLeader(t, s1.RPC, "dc1") - // Check that replies from each DC come in + // Check that replies from each gossip pool come in resp := &structs.KeyringResponses{} args := &structs.KeyringRequest{Operation: structs.KeyringList} if err := s1.globalRPC("Internal.KeyringOperation", args, resp); err != nil { @@ -503,7 +512,7 @@ func TestServer_globalRPC(t *testing.T) { t.Fatalf("bad: %#v", resp.Responses) } - // Check that error from remote DC is returned + // Check that an error from a remote DC is returned resp = &structs.KeyringResponses{} err := s1.globalRPC("Bad.Method", nil, resp) if err == nil { @@ -513,3 +522,24 @@ func TestServer_globalRPC(t *testing.T) { t.Fatalf("unexpcted error: %s", err) } } + +func TestServer_Encrypted(t *testing.T) { + dir1, s1 := testServer(t) + defer os.RemoveAll(dir1) + defer s1.Shutdown() + + key := []byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15} + dir2, s2 := testServerWithConfig(t, func(c *Config) { + c.SerfLANConfig.MemberlistConfig.SecretKey = key + c.SerfWANConfig.MemberlistConfig.SecretKey = key + }) + defer os.RemoveAll(dir2) + defer s2.Shutdown() + + if s1.Encrypted() { + t.Fatalf("should not be encrypted") + } + if !s2.Encrypted() { + t.Fatalf("should be encrypted") + } +} diff --git a/consul/structs/structs_test.go b/consul/structs/structs_test.go index e5944cbe43..abf8ebb744 100644 --- a/consul/structs/structs_test.go +++ b/consul/structs/structs_test.go @@ -32,3 +32,24 @@ func TestEncodeDecode(t *testing.T) { t.Fatalf("bad: %#v %#v", arg, out) } } + +func TestStructs_Implements(t *testing.T) { + var ( + _ RPCInfo = &GenericRPC{} + _ RPCInfo = &RegisterRequest{} + _ RPCInfo = &DeregisterRequest{} + _ RPCInfo = &DCSpecificRequest{} + _ RPCInfo = &ServiceSpecificRequest{} + _ RPCInfo = &NodeSpecificRequest{} + _ RPCInfo = &ChecksInStateRequest{} + _ RPCInfo = &KVSRequest{} + _ RPCInfo = &KeyRequest{} + _ RPCInfo = &KeyListRequest{} + _ RPCInfo = &SessionRequest{} + _ RPCInfo = &SessionSpecificRequest{} + _ RPCInfo = &EventFireRequest{} + _ RPCInfo = &ACLPolicyRequest{} + _ RPCInfo = &KeyringRequest{} + _ CompoundResponse = &KeyringResponses{} + ) +}