github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

agent: install/use/remove key tests

pull/336/head
Ryan Uber 2014-09-10 22:51:33 -07:00
parent 2280434e16
commit df68820645
1 changed files with 129 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

169
command/agent/rpc_client_test.go
View File

@ -282,78 +282,167 @@ OUTER2:
} }
} }
func TestRPCClientListKeysLAN(t *testing.T) { func TestRPCClientListKeys(t *testing.T) {
key1 := "tbLJg26ZJyJ9pK3qhc9jig==" key1 := "tbLJg26ZJyJ9pK3qhc9jig=="
conf := Config{EncryptKey: key1} conf := Config{EncryptKey: key1}
p1 := testRPCClientWithConfig(t, &conf) p1 := testRPCClientWithConfig(t, &conf)
defer p1.Close() defer p1.Close()
keys, numNodes, messages, err := p1.client.ListKeysLAN() // Check WAN keys
if err != nil { keys := listKeys(t, p1.client, false)
t.Fatalf("err: %s", err)
}
if _, ok := keys[key1]; !ok { if _, ok := keys[key1]; !ok {
t.Fatalf("bad: %#v", keys) t.Fatalf("bad: %#v", keys)
} }
if keys[key1] != 1 { // Check LAN keys
keys = listKeys(t, p1.client, true)
if _, ok := keys[key1]; !ok {
t.Fatalf("bad: %#v", keys) t.Fatalf("bad: %#v", keys)
} }
if numNodes != 1 {
t.Fatalf("bad: %d", numNodes)
}
if len(messages) != 0 {
t.Fatalf("bad: %#v", messages)
}
} }
func TestRPCClientListKeysWAN(t *testing.T) { func TestRPCClientInstallKey(t *testing.T) {
key1 := "tbLJg26ZJyJ9pK3qhc9jig==" key1 := "tbLJg26ZJyJ9pK3qhc9jig=="
key2 := "xAEZ3uVHRMZD9GcYMZaRQw=="
conf := Config{EncryptKey: key1} conf := Config{EncryptKey: key1}
p1 := testRPCClientWithConfig(t, &conf) p1 := testRPCClientWithConfig(t, &conf)
defer p1.Close() defer p1.Close()
keys, numNodes, messages, err := p1.client.ListKeysWAN() // Test WAN keys
keys := listKeys(t, p1.client, true)
if _, ok := keys[key2]; ok {
t.Fatalf("bad: %#v", keys)
}
installKey(t, p1.client, key2, true)
keys = listKeys(t, p1.client, true)
if _, ok := keys[key2]; !ok {
t.Fatalf("bad: %#v", keys)
}
// Test LAN keys
keys = listKeys(t, p1.client, false)
if _, ok := keys[key2]; ok {
t.Fatalf("bad: %#v", keys)
}
installKey(t, p1.client, key2, false)
keys = listKeys(t, p1.client, false)
if _, ok := keys[key2]; !ok {
t.Fatalf("bad: %#v", keys)
}
}
func TestRPCClientRotateKey(t *testing.T) {
key1 := "tbLJg26ZJyJ9pK3qhc9jig=="
key2 := "xAEZ3uVHRMZD9GcYMZaRQw=="
conf := Config{EncryptKey: key1}
p1 := testRPCClientWithConfig(t, &conf)
defer p1.Close()
// Test WAN keys
keys := listKeys(t, p1.client, true)
if _, ok := keys[key2]; ok {
t.Fatalf("bad: %#v", keys)
}
installKey(t, p1.client, key2, true)
useKey(t, p1.client, key2, true)
removeKey(t, p1.client, key1, true)
keys = listKeys(t, p1.client, true)
if _, ok := keys[key1]; ok {
t.Fatalf("bad: %#v", keys)
}
if _, ok := keys[key2]; !ok {
t.Fatalf("bad: %#v", keys)
}
// Test LAN keys
keys = listKeys(t, p1.client, false)
if _, ok := keys[key2]; ok {
t.Fatalf("bad: %#v", keys)
}
installKey(t, p1.client, key2, false)
useKey(t, p1.client, key2, false)
removeKey(t, p1.client, key1, false)
keys = listKeys(t, p1.client, false)
if _, ok := keys[key1]; ok {
t.Fatalf("bad: %#v", keys)
}
if _, ok := keys[key2]; !ok {
t.Fatalf("bad: %#v", keys)
}
}
func TestRPCClientKeyOperation_encryptionDisabled(t *testing.T) {
p1 := testRPCClient(t)
defer p1.Close()
_, _, failures, err := p1.client.ListKeysLAN()
if err == nil {
t.Fatalf("no error listing keys with encryption disabled")
}
if len(failures) != 1 {
t.Fatalf("bad: %#v", failures)
}
}
func listKeys(t *testing.T, c *RPCClient, wan bool) (keys map[string]int) {
var err error
if wan {
keys, _, _, err = c.ListKeysWAN()
} else {
keys, _, _, err = c.ListKeysLAN()
}
if err != nil { if err != nil {
t.Fatalf("err: %s", err) t.Fatalf("err: %s", err)
} }
if _, ok := keys[key1]; !ok { return
t.Fatalf("bad: %#v", keys) }
}
if keys[key1] != 1 { func installKey(t *testing.T, c *RPCClient, key string, wan bool) {
t.Fatalf("bad: %#v", keys) var err error
}
if numNodes != 1 { if wan {
t.Fatalf("bad: %d", numNodes) _, err = c.InstallKeyWAN(key)
} else {
_, err = c.InstallKeyLAN(key)
} }
if err != nil {
if len(messages) != 0 { t.Fatalf("err: %s", err)
t.Fatalf("bad: %#v", messages)
} }
} }
func TestRPCClientListKeysLAN_encryptionDisabled(t *testing.T) { func useKey(t *testing.T, c *RPCClient, key string, wan bool) {
p1 := testRPCClient(t) var err error
defer p1.Close()
_, _, _, err := p1.client.ListKeysLAN() if wan {
if err == nil { _, err = c.UseKeyWAN(key)
t.Fatalf("no error listing keys with encryption disabled") } else {
_, err = c.UseKeyLAN(key)
}
if err != nil {
t.Fatalf("err: %s", err)
} }
} }
func TestRPCClientListKeysWAN_encryptionDisabled(t *testing.T) { func removeKey(t *testing.T, c *RPCClient, key string, wan bool) {
p1 := testRPCClient(t) var err error
defer p1.Close()
_, _, _, err := p1.client.ListKeysWAN() if wan {
if err == nil { _, err = c.RemoveKeyWAN(key)
t.Fatalf("no error listing keys with encryption disabled") } else {
_, err = c.RemoveKeyLAN(key)
}
if err != nil {
t.Fatalf("err: %s", err)
} }
} }