mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-11-28 06:01:08 +01:00
Code Issues Projects Releases Wiki Activity

A PKI test to verify our defaults are the same for creates and update apis (#17094)

Browse Source
This commit is contained in:
Steven Clark 2022-09-12 09:22:56 -04:00 committed by GitHub
parent f305c4d4d1
commit 71cb0a2ae5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
builtin/logical/pki/backend_test.go
View File

@ -5462,6 +5462,34 @@ func TestBackend_IfModifiedSinceHeaders(t *testing.T) {
}
}
// Verify that our default values are consistent when creating an issuer and when we do an
// empty POST update to it. This will hopefully identify if we have different default values
// for fields across the two APIs.
func TestBackend_VerifyIssuerUpdateDefaultsMatchCreation(t *testing.T) {
t.Parallel()
b, s := createBackendWithStorage(t)
resp, err := CBWrite(b, s, "root/generate/internal", map[string]interface{}{
"common_name": "myvault.com",
})
requireSuccessNonNilResponse(t, resp, err, "failed generating root issuer")
resp, err = CBRead(b, s, "issuer/default")
requireSuccessNonNilResponse(t, resp, err, "failed reading default issuer")
preUpdateValues := resp.Data
resp, err = CBWrite(b, s, "issuer/default", map[string]interface{}{})
requireSuccessNonNilResponse(t, resp, err, "failed updating default issuer with no values")
resp, err = CBRead(b, s, "issuer/default")
requireSuccessNonNilResponse(t, resp, err, "failed reading default issuer")
postUpdateValues := resp.Data
require.Equal(t, preUpdateValues, postUpdateValues,
"A value was updated based on the empty update of an issuer, "+
"most likely we have a different set of field parameters across create and update of issuers.")
}
var (
initTest sync.Once
rsaCAKey string

12
builtin/logical/pki/storage.go
View File

@ -6,6 +6,7 @@ import (
"crypto"
"crypto/x509"
"fmt"
"sort"
"strings"
"time"
@ -115,7 +116,16 @@ func (i issuerUsage) Names() string {
var names []string
var builtUsage issuerUsage
for name, usage := range namedIssuerUsages {
// Return the known set of usages in a sorted order to not have Terraform state files flipping
// saying values are different when it's the same list in a different order.
keys := make([]string, 0, len(namedIssuerUsages))
for k := range namedIssuerUsages {
keys = append(keys, k)
}
sort.Strings(keys)
for _, name := range keys {
usage := namedIssuerUsages[name]
if i.HasUsage(usage) {
names = append(names, name)
builtUsage.ToggleUsage(usage)