Skip to content

Commit

Permalink
Merge pull request #615 from minimum2scp/fix/x509_certificate_subject…
Browse files Browse the repository at this point in the history 
…_infinite_loop

Fixed infinite loop in subject of x509_certificate
  • Loading branch information
@mizzy
mizzy authored Jun 21, 2021
2 parents bc23731 + cbaa9f6 commit e2b0acf
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 11 deletions.
6 changes: 3 additions & 3 deletions lib/serverspec/type/x509_certificate.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,9 +84,9 @@ def parse_dates_str_to_map(dates_str)

# Normalize output between openssl versions.
def normalize_dn(dn)
return subject unless subject.start_with?('/')
# normalize openssl >= 1.1 to < 1.1 output
subject[1..-1].split('/').join(', ').gsub('=', ' = ')
return dn unless dn.start_with?('/')
# normalize openssl < 1.1 to >= 1.1 output
dn[1..-1].split('/').join(', ').gsub('=', ' = ')
end
end
end
38 changes: 30 additions & 8 deletions spec/type/linux/x509_certificate_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,24 @@
it { should_not be_certificate }
end

describe x509_certificate('test.pem') do
let(:stdout) { sample_subj }
its(:subject) { should eq '/O=some/OU=thing' }
describe x509_certificate('test-openssl-1.0.pem') do
let(:stdout) { sample_subj_openssl_1_0 }
its(:subject) { should eq 'O = some, OU = thing' }
end

describe x509_certificate('test.pem') do
let(:stdout) { sample_issuer }
its(:issuer) { should eq '/O=some/OU=issuer' }
describe x509_certificate('test-openssl-1.1.pem') do
let(:stdout) { sample_subj_openssl_1_1 }
its(:subject) { should eq 'O = some, OU = thing' }
end

describe x509_certificate('test-openssl-1.0.pem') do
let(:stdout) { sample_issuer_openssl_1_0 }
its(:issuer) { should eq 'O = some, OU = issuer' }
end

describe x509_certificate('test-openssl-1.1.pem') do
let(:stdout) { sample_issuer_openssl_1_1 }
its(:issuer) { should eq 'O = some, OU = issuer' }
end

describe x509_certificate('test.pem') do
Expand All @@ -38,18 +48,30 @@
its(:subject_alt_names) { should eq %w[DNS:*.example.com DNS:www.example.net IP:192.0.2.10] }
end

def sample_subj
def sample_subj_openssl_1_0
<<'EOS'
subject= /O=some/OU=thing
EOS
end

def sample_issuer
def sample_subj_openssl_1_1
<<'EOS'
subject=O = some, OU = thing
EOS
end

def sample_issuer_openssl_1_0
<<'EOS'
issuer= /O=some/OU=issuer
EOS
end

def sample_issuer_openssl_1_1
<<'EOS'
issuer=O = some, OU = issuer
EOS
end

def sample_validity
<<'EOS'
notBefore=Jul 1 11:11:00 2000 GMT
Expand Down

0 comments on commit e2b0acf

Please sign in to comment.