From 0329bdf2c0b2c157cf80c15f7dde580fbd243e3c Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 21 Oct 2016 17:46:09 +0200 Subject: add a testing boilerplate --- spec/puppetlabs_spec_helper_clone.rb | 34 +++++++++++++++++++++++++ spec/spec_helper.rb | 48 ++++++++++++++++++++++++++++++++++++ 2 files changed, 82 insertions(+) create mode 100644 spec/puppetlabs_spec_helper_clone.rb create mode 100755 spec/spec_helper.rb (limited to 'spec') diff --git a/spec/puppetlabs_spec_helper_clone.rb b/spec/puppetlabs_spec_helper_clone.rb new file mode 100644 index 0000000..6a94a3b --- /dev/null +++ b/spec/puppetlabs_spec_helper_clone.rb @@ -0,0 +1,34 @@ +#This file pulls in only the minimum necessary to let unmigrated specs still work + +# Define the main module namespace for use by the helper modules +module PuppetlabsSpec + # FIXTURE_DIR represents the standard locations of all fixture data. Normally + # this represents /spec/fixtures. This will be used by the fixtures + # library to find relative fixture data. + FIXTURE_DIR = File.join("spec", "fixtures") unless defined?(FIXTURE_DIR) +end + +# Require all necessary helper libraries so they can be used later +require 'puppetlabs_spec_helper/puppetlabs_spec/files' +require 'puppetlabs_spec_helper/puppetlabs_spec/fixtures' +#require 'puppetlabs_spec_helper/puppetlabs_spec/puppet_internals' +require 'puppetlabs_spec_helper/puppetlabs_spec/matchers' + +RSpec.configure do |config| + # Include PuppetlabsSpec helpers so they can be called at convenience + config.extend PuppetlabsSpec::Files + config.extend PuppetlabsSpec::Fixtures + config.include PuppetlabsSpec::Fixtures + + config.parser = 'future' if ENV['FUTURE_PARSER'] == 'yes' + config.strict_variables = true if ENV['STRICT_VARIABLES'] == 'yes' + config.stringify_facts = false if ENV['STRINGIFY_FACTS'] == 'no' + config.trusted_node_data = true if ENV['TRUSTED_NODE_DATA'] == 'yes' + config.ordering = ENV['ORDERING'] if ENV['ORDERING'] + + # This will cleanup any files that were created with tmpdir or tmpfile + config.after :each do + PuppetlabsSpec::Files.cleanup + end +end + diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100755 index 0000000..66cfb3b --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,48 @@ +#! /usr/bin/env ruby -S rspec +dir = File.expand_path(File.dirname(__FILE__)) +$LOAD_PATH.unshift File.join(dir, 'lib') + +# So everyone else doesn't have to include this base constant. +module PuppetSpec + FIXTURE_DIR = File.join(dir = File.expand_path(File.dirname(__FILE__)), "fixtures") unless defined?(FIXTURE_DIR) +end + +require 'puppet' +require 'rspec-puppet' +require 'puppetlabs_spec_helper/module_spec_helper' +require 'mocha/api' +#require 'puppetlabs_spec_helper/module_spec_helper' +require 'puppetlabs_spec_helper_clone' + +# hack to enable all the expect syntax (like allow_any_instance_of) in rspec-puppet examples +RSpec::Mocks::Syntax.enable_expect(RSpec::Puppet::ManifestMatchers) + +RSpec.configure do |config| + config.module_path = File.join(File.dirname(File.expand_path(__FILE__)), 'fixtures', 'modules') + config.manifest_dir = File.join(File.dirname(File.expand_path(__FILE__)), 'fixtures', 'manifests') + config.environmentpath = spec_path = File.expand_path(File.join(Dir.pwd, 'spec')) + + config.add_setting :puppet_future + #config.puppet_future = (ENV['FUTURE_PARSER'] == 'yes' or Puppet.version.to_f >= 4.0) + config.puppet_future = Puppet.version.to_f >= 4.0 + + config.before :each do + # Ensure that we don't accidentally cache facts and environment between + # test cases. This requires each example group to explicitly load the + # facts being exercised with something like + # Facter.collection.loader.load(:ipaddress) + Facter.clear + Facter.clear_messages + + RSpec::Mocks.setup + end + + config.after :each do + RSpec::Mocks.verify + RSpec::Mocks.teardown + end +end + +# Helper class to test handling of arguments which are derived from string +class AlsoString < String +end -- cgit v1.2.3 From 826fd077aca94acf6a8d41d643b8f06ed7fb7090 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 21 Oct 2016 17:54:08 +0200 Subject: add functions to support dealing with keys for onion addresses --- spec/functions/generate_onion_key_spec.rb | 73 +++++++++++++++++++++++++++++++ spec/functions/onion_address_spec.rb | 48 ++++++++++++++++++++ 2 files changed, 121 insertions(+) create mode 100644 spec/functions/generate_onion_key_spec.rb create mode 100644 spec/functions/onion_address_spec.rb (limited to 'spec') diff --git a/spec/functions/generate_onion_key_spec.rb b/spec/functions/generate_onion_key_spec.rb new file mode 100644 index 0000000..07a9f91 --- /dev/null +++ b/spec/functions/generate_onion_key_spec.rb @@ -0,0 +1,73 @@ +require 'spec_helper' +require 'fileutils' + +describe 'generate_onion_key' do + before(:all) do + @tmp_path = File.expand_path(File.join(File.dirname(__FILE__),'..','fixtures','tmp')) + @test_path = File.join(@tmp_path,'test') + @drpsyff5srkctr7h_str = "-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQC9OUBOkL73n43ogC/Jma54/ZZDEpoisqpkGJHgbcRGJIxcqqfL +PbnT3hD5SUCVXxLnzWDCTwTe2VOzIUlBXmslwVXnCJh/XGZg9NHiNU3EAZTwu1g9 +8gNmmG1bymaoEBkuC1osijOj+CN+gzLzApiMbDxddpxTn70LWaSqMDbfdQIDAQAB +An88nBn9EGAa8QCDeIvWB2PbXV7EHTFB6/ioFzairIYx8YMEK6WTdDIRqw/EybHm +Jo3nseFMXAMzXmlw9zh/t76ZzE7ooYocSPIEzpu4gDRsa5/mqRCGajs8A8ooiHN5 +Tc9cHzIfhjOYhu3VxF0G9LTAC8nKdWQkHm+h+J6A6+wBAkEA2E6GcIdPGTSfaNRS +BHOpKUUSvH7W0e5fyYe221EhESdTFjVkaO5YN9HvcqYh27nik0azKgNj6PiE01FC +0q4fgQJBAN/ycGS3dX5WRXEOpbQ04LKyxCFMVgS+tN5ueDgbv/SxWAxidLYcVfbg +CcUA+L2OaQ95S97CxYlCLda10vIPOfUCQQCUvQJzFIgOlAHdqsovJ3011Lp6hVmg +h6K0SK8zhkkPq5PVnKdMBEEDOUfG9XgoyFyF20LN7ADirSlgyesCRhuBAkEAmuCE +MmNecn0fkUzb9IENVQik85JjeuyZEau8oLEwU/3CMu50YO2/1fijSQee/xlaN0Vf +3zM8geyu3urodFdrcQJBAMBcecMvo4ddZ/GnwpKJuXEhKSwQfPOeb8lK12NvKuVE +znq+qT/KbJlwy/27X/auCAzD5rJ9VVzyWiu8nnwICS8= +-----END RSA PRIVATE KEY-----\n" + end + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /requires 2 arguments/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /requires 2 arguments/) } + it { is_expected.to run.with_params('/etc/passwd','test').and_raise_error(Puppet::ParseError, /requires location \(\/etc\/passwd\) to be a directory/) } + describe 'with a key bigger than 1024' do + before(:each) do + FileUtils.mkdir_p(@tmp_path) unless File.directory?(@tmp_path) + File.open(@test_path,'w'){|f| f << OpenSSL::PKey::RSA.generate(2048) } + end + it { is_expected.to run.with_params(@tmp_path,'test').and_raise_error(Puppet::ParseError, /must have a length of 1024bit/) } + end + end + + describe 'normal operation' do + before(:all) do + FileUtils.rm_rf(@tmp_path) if File.exists?(@tmp_path) + FileUtils.mkdir_p(@tmp_path) + end + after(:all) do + FileUtils.rm_rf(@tmp_path) if File.exists?(@tmp_path) + end + let(:return_value) { + scope.function_generate_onion_key([@tmp_path,'test']) + } + context 'without an existing key' do + it 'returns an onion address and a key ' do + expect(return_value.size).to be(2) + end + it 'creates and stores the key' do + expect(return_value.last).to be_eql(File.read(File.join(@tmp_path,'test'))) + end + it 'returns a proper onion address' do + expect(return_value.first).to be_eql(scope.function_onion_address([File.read(File.join(@tmp_path,'test'))])) + end + it 'does not recreate a key once created' do + expect(scope.function_generate_onion_key([@tmp_path,'test'])).to be_eql(scope.function_generate_onion_key([@tmp_path,'test'])) + end + it 'creates to different keys for different names' do + expect(scope.function_generate_onion_key([@tmp_path,'test']).first).to_not be_eql(scope.function_generate_onion_key([@tmp_path,'test2'])) + end + end + context 'with an existing key' do + before(:all) do + File.open(@test_path,'w'){|f| f << @drpsyff5srkctr7h_str } + end + it { is_expected.to run.with_params(@tmp_path,'test').and_return(['drpsyff5srkctr7h',@drpsyff5srkctr7h_str]) } + end + end +end diff --git a/spec/functions/onion_address_spec.rb b/spec/functions/onion_address_spec.rb new file mode 100644 index 0000000..942d022 --- /dev/null +++ b/spec/functions/onion_address_spec.rb @@ -0,0 +1,48 @@ +require 'spec_helper' + +describe 'onion_address' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /requires 1 argument/) } + it { is_expected.to run.with_params(1,2).and_raise_error(Puppet::ParseError, /requires 1 argument/) } + end + + describe 'normal operation' do + it { is_expected.to run.with_params( +"-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQC9OUBOkL73n43ogC/Jma54/ZZDEpoisqpkGJHgbcRGJIxcqqfL +PbnT3hD5SUCVXxLnzWDCTwTe2VOzIUlBXmslwVXnCJh/XGZg9NHiNU3EAZTwu1g9 +8gNmmG1bymaoEBkuC1osijOj+CN+gzLzApiMbDxddpxTn70LWaSqMDbfdQIDAQAB +An88nBn9EGAa8QCDeIvWB2PbXV7EHTFB6/ioFzairIYx8YMEK6WTdDIRqw/EybHm +Jo3nseFMXAMzXmlw9zh/t76ZzE7ooYocSPIEzpu4gDRsa5/mqRCGajs8A8ooiHN5 +Tc9cHzIfhjOYhu3VxF0G9LTAC8nKdWQkHm+h+J6A6+wBAkEA2E6GcIdPGTSfaNRS +BHOpKUUSvH7W0e5fyYe221EhESdTFjVkaO5YN9HvcqYh27nik0azKgNj6PiE01FC +0q4fgQJBAN/ycGS3dX5WRXEOpbQ04LKyxCFMVgS+tN5ueDgbv/SxWAxidLYcVfbg +CcUA+L2OaQ95S97CxYlCLda10vIPOfUCQQCUvQJzFIgOlAHdqsovJ3011Lp6hVmg +h6K0SK8zhkkPq5PVnKdMBEEDOUfG9XgoyFyF20LN7ADirSlgyesCRhuBAkEAmuCE +MmNecn0fkUzb9IENVQik85JjeuyZEau8oLEwU/3CMu50YO2/1fijSQee/xlaN0Vf +3zM8geyu3urodFdrcQJBAMBcecMvo4ddZ/GnwpKJuXEhKSwQfPOeb8lK12NvKuVE +znq+qT/KbJlwy/27X/auCAzD5rJ9VVzyWiu8nnwICS8= +-----END RSA PRIVATE KEY-----" + ).and_return("drpsyff5srkctr7h")} + end + describe 'by getting an RSA key' do + it { is_expected.to run.with_params(OpenSSL::PKey::RSA.new( +"-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQDbvYjbtJB9vTnEygyq4Bzp0xxtTl3ZYKC6JbxgRzP8uLv1HoxX +20EmQUZ/LNBXHebc6frlObhtpKULFuBzAy5LpdKI9CUErkl3D3AigFgP3XP/PtdP +m11TuxdBoKL6Jbo54NpUVOGQ5SJJaNEOfhmgMSCtlyyI9DBni3PLO2P0sQIDAQAB +AoGAPTlt7Gk+6QnUErSJGwMeize67+mp1GtL3RGujtTH8141YHKGf+QjHtmJHt4J +nnxCWsMGmN+gN0xsf8578w+r0fvDjZ3e5lVUpR/8ds90a654Lr/pgqLc3H1EZ9Pr +GDFjPdaMtdTSX5hSAB2EDLfDUU19bdFRK+k71mglrMLpdQECQQDmJt3mmX67kAzH +w2I/BEbmOlonmn3c98VyawoNrk0fKAluoYWHxxk9SuCu2ZDQyyPKPQuZbgdPnUNp +kV3PuQ6ZAkEA9GtTjMfceX8ArLTmOMIMVP2t8yzbcK2uqukMG79JiPZbYKIstjho +XUpO/jZhTb9p8M4NV/09z091gMTOF6Fd2QJBAM1I7bS6ROhX3I5yIDfFQNgqRC// +BTULa/par2T0i6W2uHMNb2VkmYaqOy66sQkLqKjDOo1oLu08gNyw5NRbZEECQQCr +FDR25a28nNisCjLap3haRPXssAko5WjM2DJReaLO6yEqklkZcoIaSljgNtAEy2Yr +1w4f+HG7GbL1XsuiXqCBAkAeYljaIVhqGOOez0ORaCm0FCLoTJ6/fn7009os/qgr +n2xsVGUNm+E0pvAMT0LIx2KvpLxe2Y0Xx497/vyM6e7G +-----END RSA PRIVATE KEY-----") + ).and_return("d3ep6pcs4to4hbwo") } + end +end -- cgit v1.2.3 From 4510682dff23142df5de4cfcc988e4319fcb73cd Mon Sep 17 00:00:00 2001 From: mh Date: Mon, 31 Oct 2016 23:15:18 +0100 Subject: add a default set of specs so that the minimum is tested --- spec/classes/base_spec.rb | 44 ++++++++++++++++++++++++++++++++++++++++++++ spec/classes/daemon_spec.rb | 31 +++++++++++++++++++++++++++++++ spec/classes/init_spec.rb | 27 +++++++++++++++++++++++++++ 3 files changed, 102 insertions(+) create mode 100644 spec/classes/base_spec.rb create mode 100644 spec/classes/daemon_spec.rb create mode 100644 spec/classes/init_spec.rb (limited to 'spec') diff --git a/spec/classes/base_spec.rb b/spec/classes/base_spec.rb new file mode 100644 index 0000000..7f288ec --- /dev/null +++ b/spec/classes/base_spec.rb @@ -0,0 +1,44 @@ +require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) + +describe 'tor::base', :type => 'class' do + let(:default_facts) { + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + } + } + let(:facts){ default_facts } + let(:pre_condition){'include ::tor + Exec{path => "/bin"}' } + describe 'with standard' do + it { is_expected.to compile.with_all_deps } + + it { is_expected.to contain_package('tor').with_ensure('installed') } + it { is_expected.to_not contain_package('tor-geoipdb').with_ensure('installed') } + it { is_expected.to contain_service('tor').with( + :ensure => 'running', + :enable => 'true', + :hasrestart => 'true', + :hasstatus => 'true', + :require => 'Package[tor]', + ) } + context 'on Debian' do + let(:facts) { + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_package('tor').with_ensure('installed') } + it { is_expected.to contain_package('tor-geoipdb').with_ensure('installed') } + it { is_expected.to contain_service('tor').with( + :ensure => 'running', + :enable => 'true', + :hasrestart => 'true', + :hasstatus => 'true', + :require => 'Package[tor]', + ) } + end + end +end diff --git a/spec/classes/daemon_spec.rb b/spec/classes/daemon_spec.rb new file mode 100644 index 0000000..db5291d --- /dev/null +++ b/spec/classes/daemon_spec.rb @@ -0,0 +1,31 @@ +require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) + +describe 'tor::daemon', :type => 'class' do + let(:default_facts) { + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + } + } + let(:facts){ default_facts } + let(:pre_condition){'Exec{path => "/bin"}' } + describe 'with standard' do + it { is_expected.to compile.with_all_deps } + + it { is_expected.to contain_class('tor') } + it { is_expected.to contain_class('tor::daemon::base') } + it { is_expected.to_not contain_class('tor::munin') } + context 'on Debian' do + let(:facts) { + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_class('tor') } + it { is_expected.to contain_class('tor::daemon::base') } + it { is_expected.to_not contain_class('tor::munin') } + end + end +end diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb new file mode 100644 index 0000000..be4f30b --- /dev/null +++ b/spec/classes/init_spec.rb @@ -0,0 +1,27 @@ +require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) + +describe 'tor', :type => 'class' do + let(:default_facts) { + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + } + } + let(:facts){ default_facts } + let(:pre_condition){'Exec{path => "/bin"}' } + describe 'with standard' do + it { is_expected.to compile.with_all_deps } + + it { is_expected.to contain_class('tor::base') } + context 'on Debian' do + let(:facts) { + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_class('tor::base') } + end + end +end -- cgit v1.2.3 From 720c1670750345e8c361219a58c2722a603e26bb Mon Sep 17 00:00:00 2001 From: mh Date: Tue, 1 Nov 2016 20:26:20 +0100 Subject: add support for onionbalance --- spec/classes/onionbalance_spec.rb | 60 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 spec/classes/onionbalance_spec.rb (limited to 'spec') diff --git a/spec/classes/onionbalance_spec.rb b/spec/classes/onionbalance_spec.rb new file mode 100644 index 0000000..ff9bb27 --- /dev/null +++ b/spec/classes/onionbalance_spec.rb @@ -0,0 +1,60 @@ +require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) + +describe 'tor::onionbalance', :type => 'class' do + let(:default_facts) { + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + } + } + let(:facts){ default_facts } + let(:pre_condition){'Exec{path => "/bin"}' } + let(:params){ + { + :services => { + 'keyname_of_service1' => { + 'name1' => 'onionservice_addr_3', + 'name2' => 'onionservice_addr_2', + '_key_content' => 'content_of_key_of_onionbalanced_service1', + }, + }, + } + } + describe 'with standard' do + it { is_expected.to compile.with_all_deps } + + it { is_expected.to contain_package('python2-onionbalance').with( + :ensure => 'installed', + ) } + it { is_expected.to contain_service('tor@onionbalance').with( + :ensure => 'running', + :enable => true, + ) } + it { is_expected.to contain_service('onionbalance').with( + :ensure => 'running', + :enable => true, + :subscribe => 'Service[tor@onionbalance]', + ) } + context 'on Debian' do + let(:facts) { + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_package('onionbalance').with( + :ensure => 'installed', + ) } + it { is_expected.to contain_service('tor@onionbalance').with( + :ensure => 'running', + :enable => true, + ) } + it { is_expected.to contain_service('onionbalance').with( + :ensure => 'running', + :enable => true, + :subscribe => 'Service[tor@onionbalance]', + ) } + end + end +end -- cgit v1.2.3 From 914df896d915cea5acade2732526d3bbc75b176d Mon Sep 17 00:00:00 2001 From: mh Date: Tue, 1 Nov 2016 21:29:31 +0100 Subject: make it possible to also add pregenerated private keys for onion services or even let them pregenerate on the fly --- spec/defines/daemon_hidden_service_spec.rb | 122 +++++++++++++++++++++++++++++ spec/tmp/.keep | 0 2 files changed, 122 insertions(+) create mode 100644 spec/defines/daemon_hidden_service_spec.rb create mode 100644 spec/tmp/.keep (limited to 'spec') diff --git a/spec/defines/daemon_hidden_service_spec.rb b/spec/defines/daemon_hidden_service_spec.rb new file mode 100644 index 0000000..7a3aae6 --- /dev/null +++ b/spec/defines/daemon_hidden_service_spec.rb @@ -0,0 +1,122 @@ +require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) +require 'openssl' + +describe 'tor::daemon::hidden_service', :type => 'define' do + let(:default_facts) { + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + } + } + let(:title){ 'test_os' } + let(:facts){ default_facts } + let(:pre_condition){'Exec{path => "/bin"} + include tor::daemon' } + describe 'with standard' do + it { is_expected.to compile.with_all_deps } + + it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with( + :ensure => 'present', + :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, + :order => '05', + :target => '/etc/tor/torrc', + )} + it { is_expected.to_not contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + context 'on Debian' do + let(:facts) { + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with( + :ensure => 'present', + :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, + :order => '05', + :target => '/etc/tor/torrc', + )} + it { is_expected.to_not contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + end + context 'with differt port params' do + let(:params){ + { + :ports => ['25','443 192.168.0.1:8443'] + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 25 127.0.0.1:25/) } + it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 443 192.168.0.1:8443/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + end + context 'with private_key' do + let(:params){ + { + :ports => ['80'], + :private_key => OpenSSL::PKey::RSA.generate(1024).to_s, + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } + it { is_expected.to contain_file('/var/lib/tor/test_os').with( + :ensure => 'directory', + :purge => true, + :force => true, + :recurse => true, + :owner => 'toranon', + :group => 'toranon', + :mode => '0750', + :require => 'Package[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( + :content => /^[a-z2-7]{16}\.onion\n/, + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + end + context 'with private key to generate' do + let(:params){ + { + :ports => ['80'], + :private_key_name => 'test_os', + :private_key_store_path => File.expand_path(File.join(File.dirname(__FILE__),'..','tmp')), + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } + it { is_expected.to contain_file('/var/lib/tor/test_os').with( + :ensure => 'directory', + :purge => true, + :force => true, + :recurse => true, + :owner => 'toranon', + :group => 'toranon', + :mode => '0750', + :require => 'Package[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( + :content => /^[a-z2-7]{16}\.onion\n/, + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + end + end +end diff --git a/spec/tmp/.keep b/spec/tmp/.keep new file mode 100644 index 0000000..e69de29 -- cgit v1.2.3 From 34ef388fcfc92d37faad08ca9216d787a53e186c Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 4 Nov 2016 15:17:40 +0100 Subject: rename hidden service to onion service to follow the new naming conventions --- spec/defines/daemon_hidden_service_spec.rb | 122 ----------------------------- spec/defines/daemon_onion_service_spec.rb | 122 +++++++++++++++++++++++++++++ 2 files changed, 122 insertions(+), 122 deletions(-) delete mode 100644 spec/defines/daemon_hidden_service_spec.rb create mode 100644 spec/defines/daemon_onion_service_spec.rb (limited to 'spec') diff --git a/spec/defines/daemon_hidden_service_spec.rb b/spec/defines/daemon_hidden_service_spec.rb deleted file mode 100644 index 7a3aae6..0000000 --- a/spec/defines/daemon_hidden_service_spec.rb +++ /dev/null @@ -1,122 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) -require 'openssl' - -describe 'tor::daemon::hidden_service', :type => 'define' do - let(:default_facts) { - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - } - } - let(:title){ 'test_os' } - let(:facts){ default_facts } - let(:pre_condition){'Exec{path => "/bin"} - include tor::daemon' } - describe 'with standard' do - it { is_expected.to compile.with_all_deps } - - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with( - :ensure => 'present', - :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, - :order => '05', - :target => '/etc/tor/torrc', - )} - it { is_expected.to_not contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort/) } - it { is_expected.to_not contain_file('/var/lib/tor/test_os') } - context 'on Debian' do - let(:facts) { - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - } - } - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with( - :ensure => 'present', - :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, - :order => '05', - :target => '/etc/tor/torrc', - )} - it { is_expected.to_not contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort/) } - it { is_expected.to_not contain_file('/var/lib/tor/test_os') } - end - context 'with differt port params' do - let(:params){ - { - :ports => ['25','443 192.168.0.1:8443'] - } - } - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 25 127.0.0.1:25/) } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 443 192.168.0.1:8443/) } - it { is_expected.to_not contain_file('/var/lib/tor/test_os') } - end - context 'with private_key' do - let(:params){ - { - :ports => ['80'], - :private_key => OpenSSL::PKey::RSA.generate(1024).to_s, - } - } - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } - it { is_expected.to contain_file('/var/lib/tor/test_os').with( - :ensure => 'directory', - :purge => true, - :force => true, - :recurse => true, - :owner => 'toranon', - :group => 'toranon', - :mode => '0750', - :require => 'Package[tor]', - )} - it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( - :content => /^[a-z2-7]{16}\.onion\n/, - :owner => 'toranon', - :group => 'toranon', - :mode => '0600', - :notify => 'Service[tor]', - )} - it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( - :owner => 'toranon', - :group => 'toranon', - :mode => '0600', - :notify => 'Service[tor]', - )} - end - context 'with private key to generate' do - let(:params){ - { - :ports => ['80'], - :private_key_name => 'test_os', - :private_key_store_path => File.expand_path(File.join(File.dirname(__FILE__),'..','tmp')), - } - } - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } - it { is_expected.to contain_file('/var/lib/tor/test_os').with( - :ensure => 'directory', - :purge => true, - :force => true, - :recurse => true, - :owner => 'toranon', - :group => 'toranon', - :mode => '0750', - :require => 'Package[tor]', - )} - it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( - :content => /^[a-z2-7]{16}\.onion\n/, - :owner => 'toranon', - :group => 'toranon', - :mode => '0600', - :notify => 'Service[tor]', - )} - it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( - :owner => 'toranon', - :group => 'toranon', - :mode => '0600', - :notify => 'Service[tor]', - )} - end - end -end diff --git a/spec/defines/daemon_onion_service_spec.rb b/spec/defines/daemon_onion_service_spec.rb new file mode 100644 index 0000000..bf9641d --- /dev/null +++ b/spec/defines/daemon_onion_service_spec.rb @@ -0,0 +1,122 @@ +require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) +require 'openssl' + +describe 'tor::daemon::onion_service', :type => 'define' do + let(:default_facts) { + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + } + } + let(:title){ 'test_os' } + let(:facts){ default_facts } + let(:pre_condition){'Exec{path => "/bin"} + include tor::daemon' } + describe 'with standard' do + it { is_expected.to compile.with_all_deps } + + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with( + :ensure => 'present', + :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, + :order => '05', + :target => '/etc/tor/torrc', + )} + it { is_expected.to_not contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + context 'on Debian' do + let(:facts) { + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with( + :ensure => 'present', + :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, + :order => '05', + :target => '/etc/tor/torrc', + )} + it { is_expected.to_not contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + end + context 'with differt port params' do + let(:params){ + { + :ports => ['25','443 192.168.0.1:8443'] + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort 25 127.0.0.1:25/) } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort 443 192.168.0.1:8443/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + end + context 'with private_key' do + let(:params){ + { + :ports => ['80'], + :private_key => OpenSSL::PKey::RSA.generate(1024).to_s, + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } + it { is_expected.to contain_file('/var/lib/tor/test_os').with( + :ensure => 'directory', + :purge => true, + :force => true, + :recurse => true, + :owner => 'toranon', + :group => 'toranon', + :mode => '0750', + :require => 'Package[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( + :content => /^[a-z2-7]{16}\.onion\n/, + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + end + context 'with private key to generate' do + let(:params){ + { + :ports => ['80'], + :private_key_name => 'test_os', + :private_key_store_path => File.expand_path(File.join(File.dirname(__FILE__),'..','tmp')), + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } + it { is_expected.to contain_file('/var/lib/tor/test_os').with( + :ensure => 'directory', + :purge => true, + :force => true, + :recurse => true, + :owner => 'toranon', + :group => 'toranon', + :mode => '0750', + :require => 'Package[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( + :content => /^[a-z2-7]{16}\.onion\n/, + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + end + end +end -- cgit v1.2.3 From bf16597ec2c0ad155527742fe07e655f555d7f62 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 4 Nov 2016 18:52:20 +0100 Subject: fix tests --- spec/defines/daemon_onion_service_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'spec') diff --git a/spec/defines/daemon_onion_service_spec.rb b/spec/defines/daemon_onion_service_spec.rb index bf9641d..fba8efd 100644 --- a/spec/defines/daemon_onion_service_spec.rb +++ b/spec/defines/daemon_onion_service_spec.rb @@ -67,7 +67,7 @@ describe 'tor::daemon::onion_service', :type => 'define' do :recurse => true, :owner => 'toranon', :group => 'toranon', - :mode => '0750', + :mode => '0600', :require => 'Package[tor]', )} it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( @@ -101,7 +101,7 @@ describe 'tor::daemon::onion_service', :type => 'define' do :recurse => true, :owner => 'toranon', :group => 'toranon', - :mode => '0750', + :mode => '0600', :require => 'Package[tor]', )} it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( -- cgit v1.2.3 From d91d70dd378a4a91c740b03b0852432ef128b24a Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 4 Nov 2016 18:52:39 +0100 Subject: store key & hostname --- spec/functions/generate_onion_key_spec.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'spec') diff --git a/spec/functions/generate_onion_key_spec.rb b/spec/functions/generate_onion_key_spec.rb index 07a9f91..355f862 100644 --- a/spec/functions/generate_onion_key_spec.rb +++ b/spec/functions/generate_onion_key_spec.rb @@ -4,7 +4,7 @@ require 'fileutils' describe 'generate_onion_key' do before(:all) do @tmp_path = File.expand_path(File.join(File.dirname(__FILE__),'..','fixtures','tmp')) - @test_path = File.join(@tmp_path,'test') + @test_path = File.join(@tmp_path,'test.key') @drpsyff5srkctr7h_str = "-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQC9OUBOkL73n43ogC/Jma54/ZZDEpoisqpkGJHgbcRGJIxcqqfL PbnT3hD5SUCVXxLnzWDCTwTe2VOzIUlBXmslwVXnCJh/XGZg9NHiNU3EAZTwu1g9 @@ -51,10 +51,10 @@ znq+qT/KbJlwy/27X/auCAzD5rJ9VVzyWiu8nnwICS8= expect(return_value.size).to be(2) end it 'creates and stores the key' do - expect(return_value.last).to be_eql(File.read(File.join(@tmp_path,'test'))) + expect(return_value.last).to be_eql(File.read(File.join(@tmp_path,'test.key'))) end it 'returns a proper onion address' do - expect(return_value.first).to be_eql(scope.function_onion_address([File.read(File.join(@tmp_path,'test'))])) + expect(return_value.first).to be_eql(scope.function_onion_address([File.read(File.join(@tmp_path,'test.key'))])) end it 'does not recreate a key once created' do expect(scope.function_generate_onion_key([@tmp_path,'test'])).to be_eql(scope.function_generate_onion_key([@tmp_path,'test'])) @@ -65,9 +65,9 @@ znq+qT/KbJlwy/27X/auCAzD5rJ9VVzyWiu8nnwICS8= end context 'with an existing key' do before(:all) do - File.open(@test_path,'w'){|f| f << @drpsyff5srkctr7h_str } + File.open(File.join(@tmp_path,'test3.key'),'w'){|f| f << @drpsyff5srkctr7h_str } end - it { is_expected.to run.with_params(@tmp_path,'test').and_return(['drpsyff5srkctr7h',@drpsyff5srkctr7h_str]) } + it { is_expected.to run.with_params(@tmp_path,'test3').and_return(['drpsyff5srkctr7h',@drpsyff5srkctr7h_str]) } end end end -- cgit v1.2.3 From 1fcbe72115d57d53fced2777c8b54a4ee4ec17e9 Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 30 Aug 2017 18:30:12 +0200 Subject: make it work with newer concat module --- spec/defines/daemon_onion_service_spec.rb | 2 -- 1 file changed, 2 deletions(-) (limited to 'spec') diff --git a/spec/defines/daemon_onion_service_spec.rb b/spec/defines/daemon_onion_service_spec.rb index fba8efd..95be8c4 100644 --- a/spec/defines/daemon_onion_service_spec.rb +++ b/spec/defines/daemon_onion_service_spec.rb @@ -16,7 +16,6 @@ describe 'tor::daemon::onion_service', :type => 'define' do it { is_expected.to compile.with_all_deps } it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with( - :ensure => 'present', :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, :order => '05', :target => '/etc/tor/torrc', @@ -32,7 +31,6 @@ describe 'tor::daemon::onion_service', :type => 'define' do } it { is_expected.to compile.with_all_deps } it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with( - :ensure => 'present', :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, :order => '05', :target => '/etc/tor/torrc', -- cgit v1.2.3