nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/spec/lib/hydra_wrapper_spec.rb
Jonne Haß 2d98c57cf1 [ci skip] The real issue with GnuTLS is actually a flaw in OpenSSL 
which accepts several server misconfigurations

OpenSSL is very liberal about the order and content of the supplied
cert chain. GnuTLS however is very crucial about it. So to support
GnuTLS we need to tell our community to fix their servers (joindiaspora.com
is broken too). You can check it with
gnutls-cli -V --x506cafile=/etc/ssl/ca-certificates.crt $domain
It will print the certs in the order received and say at the end
if it could be verifed. Note that not only the order is important but
also the content. Many example configurations, especially for Nginx,
include the root cert of the CA in the chain which is wrong.
Note from a GnuTLS maintainer: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23573736#29

Revert "Fix federation with GnuTLS by passing the ca_file to Typhoeus"

This reverts commit 640a0181ab.
2012-01-29 00:08:28 +01:00

97 lines
3.3 KiB
Ruby
Raw Blame History

# Copyright (c) 2010-2011, Diaspora Inc. This file is
# licensed under the Affero General Public License version 3 or later. See
# the COPYRIGHT file.
require 'hydra_wrapper'
describe HydraWrapper do
before do
@people = ["person", "person2", "person3"]
@wrapper = HydraWrapper.new(stub, @people, "<encoded_xml>", stub)
end
describe 'initialize' do
it 'it sets the proper instance variables' do
user = "user"
encoded_object_xml = "encoded xml"
dispatcher_class = "Postzord::Dispatcher::Private"
wrapper = HydraWrapper.new(user, @people, encoded_object_xml, dispatcher_class)
wrapper.user.should == user
wrapper.people.should == @people
wrapper.encoded_object_xml.should == encoded_object_xml
end
end
describe '#run' do
it 'delegates #run to the @hydra' do
@wrapper.hydra = stub.as_null_object
@wrapper.hydra.should_receive(:run)
@wrapper.run
end
end
describe '#salmon' do
it 'calls the salmon method on the dispatcher class (and memoizes)' do
Base64.stub(:decode64).and_return(@wrapper.encoded_object_xml + 'decoded')
decoded = Base64.decode64(@wrapper.encoded_object_xml)
@wrapper.dispatcher_class.should_receive(:salmon).with(@wrapper.user, decoded).once.and_return(true)
@wrapper.salmon
@wrapper.salmon
end
end
describe '#grouped_people' do
it 'groups people given their receive_urls' do
@wrapper.dispatcher_class.should_receive(:receive_url_for).and_return("foo.com","bar.com","bar.com")
@wrapper.grouped_people.should == {"foo.com" => [@people[0]], "bar.com" => @people[1,2]}
end
end
describe '#enqueue_batch' do
it 'calls #grouped_people' do
@wrapper.should_receive(:grouped_people).and_return([])
@wrapper.enqueue_batch
end
it 'inserts a job for every group of people' do
Base64.stub(:decode64)
@wrapper.dispatcher_class = stub(:salmon => stub(:xml_for => "<XML>"))
@wrapper.stub(:grouped_people).and_return({'https://foo.com' => @wrapper.people})
@wrapper.people.should_receive(:first).once
@wrapper.should_receive(:insert_job).with('https://foo.com', "<XML>", @wrapper.people).once
@wrapper.enqueue_batch
end
it 'does not insert a job for a person whos xml returns false' do
Base64.stub(:decode64)
@wrapper.stub(:grouped_people).and_return({'https://foo.com' => [stub]})
@wrapper.dispatcher_class = stub(:salmon => stub(:xml_for => false))
@wrapper.should_not_receive(:insert_job)
@wrapper.enqueue_batch
end
end
describe '#redirecting_to_https?!' do
it 'does not execute unless response has a 3xx code' do
resp = stub(:code => 200)
@wrapper.redirecting_to_https?(resp).should be_false
end
it "returns true if just the protocol is different" do
host = "the-same.com/"
resp = stub(:request => stub(:url => "http://#{host}"), :code => 302, :headers_hash => {'Location' => "https://#{host}"})
@wrapper.redirecting_to_https?(resp).should be_true
end
it "returns false if not just the protocol is different" do
host = "the-same.com/"
resp = stub(:request => stub(:url => "http://#{host}"), :code => 302, :headers_hash => {'Location' => "https://not-the-same/"})
@wrapper.redirecting_to_https?(resp).should be_false
end
end
end
Reference in a new issue View git blame Copy permalink