From 0c25e5cdff0a0dae5ecc4892bfc29afe1d7aa004 Mon Sep 17 00:00:00 2001 From: Armon Dadgar Date: Wed, 11 Mar 2015 15:33:25 -0700 Subject: [PATCH] vault: Testing mount table setup --- vault/core_test.go | 22 ++++++++++++++ vault/logical_backend.go | 4 +++ vault/mount.go | 1 + vault/mount_test.go | 66 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 93 insertions(+) create mode 100644 vault/mount_test.go diff --git a/vault/core_test.go b/vault/core_test.go index d7d2026235..745bc70566 100644 --- a/vault/core_test.go +++ b/vault/core_test.go @@ -17,6 +17,28 @@ func testCore(t *testing.T) *Core { return c } +func testUnsealedCore(t *testing.T) (*Core, []byte) { + c := testCore(t) + sealConf := &SealConfig{ + SecretShares: 1, + SecretThreshold: 1, + } + res, err := c.Initialize(sealConf) + if err != nil { + t.Fatalf("err: %v", err) + } + master := make([]byte, len(res.SecretShares[0])) + copy(master, res.SecretShares[0]) + unseal, err := c.Unseal(res.SecretShares[0]) + if err != nil { + t.Fatalf("err: %v", err) + } + if !unseal { + t.Fatalf("should be unsealed") + } + return c, master +} + func TestCore_Init(t *testing.T) { inm := physical.NewInmem() conf := &CoreConfig{physical: inm} diff --git a/vault/logical_backend.go b/vault/logical_backend.go index 9564852107..32075266fc 100644 --- a/vault/logical_backend.go +++ b/vault/logical_backend.go @@ -10,6 +10,10 @@ var ( // ErrUnsupportedOperation is returned if the operation is not supported // by the logical backend. ErrUnsupportedOperation = errors.New("unsupported operation") + + // ErrUnsupportedPath is returned if the path is not supported + // by the logical backend. + ErrUnsupportedPath = errors.New("unsupported path") ) // LogicalBackend interface must be implemented to be "mountable" at diff --git a/vault/mount.go b/vault/mount.go index 0eb23c870f..fa63db3612 100644 --- a/vault/mount.go +++ b/vault/mount.go @@ -34,6 +34,7 @@ func (c *Core) loadMounts() error { return errors.New("failed to setup mount table") } if raw != nil { + c.mounts = &MountTable{} if err := json.Unmarshal(raw.Value, c.mounts); err != nil { c.logger.Printf("[ERR] core: failed to decode mount table: %v", err) return errors.New("failed to setup mount table") diff --git a/vault/mount_test.go b/vault/mount_test.go new file mode 100644 index 0000000000..37e2d27a95 --- /dev/null +++ b/vault/mount_test.go @@ -0,0 +1,66 @@ +package vault + +import ( + "reflect" + "testing" +) + +func TestCore_DefaultMountTable(t *testing.T) { + c, key := testUnsealedCore(t) + verifyDefaultTable(t, c.mounts) + + // Start a second core with same physical + conf := &CoreConfig{physical: c.physical} + c2, err := NewCore(conf) + if err != nil { + t.Fatalf("err: %v", err) + } + unseal, err := c2.Unseal(key) + if err != nil { + t.Fatalf("err: %v", err) + } + if !unseal { + t.Fatalf("should be unsealed") + } + + // Verify matching mount tables + if !reflect.DeepEqual(c.mounts, c2.mounts) { + t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts) + } +} + +func TestDefaultMountTable(t *testing.T) { + table := defaultMountTable() + verifyDefaultTable(t, table) +} + +func verifyDefaultTable(t *testing.T, table *MountTable) { + if len(table.Entries) != 2 { + t.Fatalf("bad: %v", table.Entries) + } + for idx, entry := range table.Entries { + switch idx { + case 0: + if entry.Path != "secret/" { + t.Fatalf("bad: %v", entry) + } + if entry.Type != "generic" { + t.Fatalf("bad: %v", entry) + } + case 1: + if entry.Path != "sys/" { + t.Fatalf("bad: %v", entry) + } + if entry.Type != "system" { + t.Fatalf("bad: %v", entry) + } + } + if entry.Description == "" { + t.Fatalf("bad: %v", entry) + } + if entry.UUID == "" { + t.Fatalf("bad: %v", entry) + } + } + +}