Improve validation of sshd_config_maxstartups and add spec tests
This commit is contained in:
Garrett Honeycutt
parent
6d6fe4c030
commit
d462f6f0b2
@ -437,7 +437,8 @@ class ssh (
|
||||
}
|
||||
|
||||
if $sshd_config_maxstartups != undef {
|
||||
validate_string($sshd_config_maxstartups)
|
||||
validate_re($sshd_config_maxstartups,'^(\d+)+(\d+?:\d+?:\d+)?$',
|
||||
"ssh::sshd_config_maxstartups may be either an integer or three integers separated with colons, such as 10:30:100. Detected value is <${sshd_config_maxstartups}>.")
|
||||
}
|
||||
|
||||
if $sshd_config_maxsessions != undef {
|
||||
|
||||
@ -2236,15 +2236,36 @@ describe 'ssh' do
|
||||
end
|
||||
|
||||
describe 'with parameter sshd_config_maxstartups specified' do
|
||||
context 'as a valid string' do
|
||||
let(:params) { { :sshd_config_maxstartups => '10:30:100' } }
|
||||
let(:facts) do
|
||||
{ :fqdn => 'monkey.example.com',
|
||||
:osfamily => 'RedHat',
|
||||
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
|
||||
}
|
||||
['10','10:30:100'].each do |value|
|
||||
context "as a valid string - #{value}" do
|
||||
let(:params) { { :sshd_config_maxstartups => value } }
|
||||
let(:facts) do
|
||||
{ :fqdn => 'monkey.example.com',
|
||||
:osfamily => 'RedHat',
|
||||
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
|
||||
}
|
||||
end
|
||||
|
||||
it { should contain_file('sshd_config').with_content(/^MaxStartups #{value}$/) }
|
||||
end
|
||||
end
|
||||
|
||||
['10a',true,'10:30:1a'].each do |value|
|
||||
context "as an invalid string - #{value}" do
|
||||
let(:params) { { :sshd_config_maxstartups => value } }
|
||||
let(:facts) do
|
||||
{ :fqdn => 'monkey.example.com',
|
||||
:osfamily => 'RedHat',
|
||||
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
|
||||
}
|
||||
end
|
||||
|
||||
it 'should fail' do
|
||||
expect {
|
||||
should contain_class('ssh')
|
||||
}.to raise_error(Puppet::Error,/^ssh::sshd_config_maxstartups may be either an integer or three integers separated with colons, such as 10:30:100. Detected value is <#{value}>./)
|
||||
end
|
||||
end
|
||||
it { should contain_file('sshd_config').with_content(/^MaxStartups 10:30:100$/) }
|
||||
end
|
||||
|
||||
context 'as an invalid type' do
|
||||
@ -2256,12 +2277,11 @@ describe 'ssh' do
|
||||
}
|
||||
end
|
||||
it 'should fail' do
|
||||
expect { should raise_error(Puppet::Error) }
|
||||
expect { should contain_class('ssh') }.to raise_error(Puppet::Error)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
#MAX
|
||||
describe 'with parameter sshd_config_maxsessions specified' do
|
||||
context 'as a valid integer' do
|
||||
let(:params) { { :sshd_config_maxsessions => 10 } }
|
||||
@ -2283,11 +2303,10 @@ describe 'ssh' do
|
||||
}
|
||||
end
|
||||
it 'should fail' do
|
||||
expect { should raise_error(Puppet::Error) }
|
||||
expect { should contain_class('ssh') }.to raise_error(Puppet::Error)
|
||||
end
|
||||
end
|
||||
end
|
||||
#MAX
|
||||
|
||||
describe 'with parameter sshd_acceptenv specified' do
|
||||
['true',true].each do |value|
|
||||
|
||||
@ -154,17 +154,16 @@ ClientAliveCountMax <%= @sshd_client_alive_count_max %>
|
||||
UseDNS <%= @sshd_config_use_dns_real %>
|
||||
<% end -%>
|
||||
#PidFile /var/run/sshd.pid
|
||||
<% if @sshd_config_maxstartups %>
|
||||
<% if @sshd_config_maxstartups -%>
|
||||
MaxStartups <%= sshd_config_maxstartups %>
|
||||
<% else %>
|
||||
<% else -%>
|
||||
#MaxStartups 10:30:100
|
||||
<% end %>
|
||||
<% if @sshd_config_maxsessions %>
|
||||
<% end -%>
|
||||
<% if @sshd_config_maxsessions -%>
|
||||
MaxSessions <%= sshd_config_maxsessions %>
|
||||
<% else %>
|
||||
<% else -%>
|
||||
#MaxSessions 10
|
||||
<% end %>
|
||||
|
||||
<% end -%>
|
||||
|
||||
#PermitTunnel no
|
||||
#ChrootDirectory none
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user