luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/builtin/logical/ssh/path_config_ca_test.go
Calvin Leung Huang bb54e9c131 Backend plugin system (#2874) 
* Add backend plugin changes

* Fix totp backend plugin tests

* Fix logical/plugin InvalidateKey test

* Fix plugin catalog CRUD test, fix NoopBackend

* Clean up commented code block

* Fix system backend mount test

* Set plugin_name to omitempty, fix handleMountTable config parsing

* Clean up comments, keep shim connections alive until cleanup

* Include pluginClient, disallow LookupPlugin call from within a plugin

* Add wrapper around backendPluginClient for proper cleanup

* Add logger shim tests

* Add logger, storage, and system shim tests

* Use pointer receivers for system view shim

* Use plugin name if no path is provided on mount

* Enable plugins for auth backends

* Add backend type attribute, move builtin/plugin/package

* Fix merge conflict

* Fix missing plugin name in mount config

* Add integration tests on enabling auth backend plugins

* Remove dependency cycle on mock-plugin

* Add passthrough backend plugin, use logical.BackendType to determine lease generation

* Remove vault package dependency on passthrough package

* Add basic impl test for passthrough plugin

* Incorporate feedback; set b.backend after shims creation on backendPluginServer

* Fix totp plugin test

* Add plugin backends docs

* Fix tests

* Fix builtin/plugin tests

* Remove flatten from PluginRunner fields

* Move mock plugin to logical/plugin, remove totp and passthrough plugins

* Move pluginMap into newPluginClient

* Do not create storage RPC connection on HandleRequest and HandleExistenceCheck

* Change shim logger's Fatal to no-op

* Change BackendType to uint32, match UX backend types

* Change framework.Backend Setup signature

* Add Setup func to logical.Backend interface

* Move OptionallyEnableMlock call into plugin.Serve, update docs and comments

* Remove commented var in plugin package

* RegisterLicense on logical.Backend interface (#3017)

* Add RegisterLicense to logical.Backend interface

* Update RegisterLicense to use callback func on framework.Backend

* Refactor framework.Backend.RegisterLicense

* plugin: Prevent plugin.SystemViewClient.ResponseWrapData from getting JWTs

* plugin: Revert BackendType to remove TypePassthrough and related references

* Fix typo in plugin backends docs
2017-07-20 13:28:40 -04:00

164 lines
3.7 KiB
Go
Raw Blame History

package ssh
import (
"testing"
"github.com/hashicorp/vault/logical"
)
func TestSSH_ConfigCAStorageUpgrade(t *testing.T) {
var err error
config := logical.TestBackendConfig()
config.StorageView = &logical.InmemStorage{}
b, err := Backend(config)
if err != nil {
t.Fatal(err)
}
err = b.Setup(config)
if err != nil {
t.Fatal(err)
}
// Store at an older path
err = config.StorageView.Put(&logical.StorageEntry{
Key: caPrivateKeyStoragePathDeprecated,
Value: []byte(privateKey),
})
if err != nil {
t.Fatal(err)
}
// Reading it should return the key as well as upgrade the storage path
privateKeyEntry, err := caKey(config.StorageView, caPrivateKey)
if err != nil {
t.Fatal(err)
}
if privateKeyEntry == nil || privateKeyEntry.Key == "" {
t.Fatalf("failed to read the stored private key")
}
entry, err := config.StorageView.Get(caPrivateKeyStoragePathDeprecated)
if err != nil {
t.Fatal(err)
}
if entry != nil {
t.Fatalf("bad: expected a nil entry after upgrade")
}
entry, err = config.StorageView.Get(caPrivateKeyStoragePath)
if err != nil {
t.Fatal(err)
}
if entry == nil {
t.Fatalf("bad: expected a non-nil entry after upgrade")
}
// Store at an older path
err = config.StorageView.Put(&logical.StorageEntry{
Key: caPublicKeyStoragePathDeprecated,
Value: []byte(publicKey),
})
if err != nil {
t.Fatal(err)
}
// Reading it should return the key as well as upgrade the storage path
publicKeyEntry, err := caKey(config.StorageView, caPublicKey)
if err != nil {
t.Fatal(err)
}
if publicKeyEntry == nil || publicKeyEntry.Key == "" {
t.Fatalf("failed to read the stored public key")
}
entry, err = config.StorageView.Get(caPublicKeyStoragePathDeprecated)
if err != nil {
t.Fatal(err)
}
if entry != nil {
t.Fatalf("bad: expected a nil entry after upgrade")
}
entry, err = config.StorageView.Get(caPublicKeyStoragePath)
if err != nil {
t.Fatal(err)
}
if entry == nil {
t.Fatalf("bad: expected a non-nil entry after upgrade")
}
}
func TestSSH_ConfigCAUpdateDelete(t *testing.T) {
var resp *logical.Response
var err error
config := logical.TestBackendConfig()
config.StorageView = &logical.InmemStorage{}
b, err := Factory(config)
if err != nil {
t.Fatalf("Cannot create backend: %s", err)
}
caReq := &logical.Request{
Path: "config/ca",
Operation: logical.UpdateOperation,
Storage: config.StorageView,
}
// Auto-generate the keys
resp, err = b.HandleRequest(caReq)
if err != nil || (resp != nil && resp.IsError()) {
t.Fatalf("bad: err: %v, resp:%v", err, resp)
}
// Fail to overwrite it
resp, err = b.HandleRequest(caReq)
if err == nil {
t.Fatalf("expected an error")
}
caReq.Operation = logical.DeleteOperation
// Delete the configured keys
resp, err = b.HandleRequest(caReq)
if err != nil || (resp != nil && resp.IsError()) {
t.Fatalf("bad: err: %v, resp:%v", err, resp)
}
caReq.Operation = logical.UpdateOperation
caReq.Data = map[string]interface{}{
"public_key": publicKey,
"private_key": privateKey,
}
// Successfully create a new one
resp, err = b.HandleRequest(caReq)
if err != nil || (resp != nil && resp.IsError()) {
t.Fatalf("bad: err: %v, resp:%v", err, resp)
}
// Fail to overwrite it
resp, err = b.HandleRequest(caReq)
if err == nil {
t.Fatalf("expected an error")
}
caReq.Operation = logical.DeleteOperation
// Delete the configured keys
resp, err = b.HandleRequest(caReq)
if err != nil || (resp != nil && resp.IsError()) {
t.Fatalf("bad: err: %v, resp:%v", err, resp)
}
caReq.Operation = logical.UpdateOperation
caReq.Data = nil
// Successfully create a new one
resp, err = b.HandleRequest(caReq)
if err != nil || (resp != nil && resp.IsError()) {
t.Fatalf("bad: err: %v, resp:%v", err, resp)
}
}
Reference in a new issue View git blame Copy permalink