Improve validation of sshd_config_maxstartups and add spec tests

manifests/init.pp

@@ -437,7 +437,8 @@ class ssh (
   }
 
   if $sshd_config_maxstartups != undef {
-    validate_string($sshd_config_maxstartups)
+    validate_re($sshd_config_maxstartups,'^(\d+)+(\d+?:\d+?:\d+)?$',
+      "ssh::sshd_config_maxstartups may be either an integer or three integers separated with colons, such as 10:30:100. Detected value is <${sshd_config_maxstartups}>.")
   }
 
   if $sshd_config_maxsessions != undef {

spec/classes/init_spec.rb

@@ -2236,15 +2236,36 @@ describe 'ssh' do
   end
 
   describe 'with parameter sshd_config_maxstartups specified' do
-    context 'as a valid string' do
-      let(:params) { { :sshd_config_maxstartups => '10:30:100' } }
+    ['10','10:30:100'].each do |value|
+      context "as a valid string - #{value}" do
+        let(:params) { { :sshd_config_maxstartups => value } }
         let(:facts) do
           { :fqdn      => 'monkey.example.com',
             :osfamily  => 'RedHat',
             :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
           }
         end
-      it { should contain_file('sshd_config').with_content(/^MaxStartups 10:30:100$/) }
+
+        it { should contain_file('sshd_config').with_content(/^MaxStartups #{value}$/) }
+      end
+    end
+
+    ['10a',true,'10:30:1a'].each do |value|
+      context "as an invalid string - #{value}" do
+        let(:params) { { :sshd_config_maxstartups => value } }
+        let(:facts) do
+          { :fqdn      => 'monkey.example.com',
+            :osfamily  => 'RedHat',
+            :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
+          }
+        end
+
+        it 'should fail' do
+          expect {
+            should contain_class('ssh')
+          }.to raise_error(Puppet::Error,/^ssh::sshd_config_maxstartups may be either an integer or three integers separated with colons, such as 10:30:100. Detected value is <#{value}>./)
+        end
+      end
     end
 
     context 'as an invalid type' do
@@ -2256,12 +2277,11 @@ describe 'ssh' do
         }
       end
       it 'should fail' do
-        expect { should raise_error(Puppet::Error) }
+        expect { should contain_class('ssh') }.to raise_error(Puppet::Error)
       end
     end
   end
 
-#MAX
   describe 'with parameter sshd_config_maxsessions specified' do
     context 'as a valid integer' do
       let(:params) { { :sshd_config_maxsessions => 10 } }
@@ -2283,11 +2303,10 @@ describe 'ssh' do
         }
       end
       it 'should fail' do
-        expect { should raise_error(Puppet::Error) }
+        expect { should contain_class('ssh') }.to raise_error(Puppet::Error)
       end
     end
   end
-#MAX
 
   describe 'with parameter sshd_acceptenv specified' do
     ['true',true].each do |value|

templates/sshd_config.erb

@@ -154,17 +154,16 @@ ClientAliveCountMax <%= @sshd_client_alive_count_max %>
 UseDNS <%= @sshd_config_use_dns_real %>
 <% end -%>
 #PidFile /var/run/sshd.pid
-<% if @sshd_config_maxstartups %>
+<% if @sshd_config_maxstartups -%>
 MaxStartups <%= sshd_config_maxstartups %>
-<% else %>
+<% else -%>
 #MaxStartups 10:30:100
-<% end %>
-<% if @sshd_config_maxsessions %>
+<% end -%>
+<% if @sshd_config_maxsessions -%>
 MaxSessions <%= sshd_config_maxsessions %>
-<% else %>
+<% else -%>
 #MaxSessions 10
-<% end %>
-
+<% end -%>
 
 #PermitTunnel no
 #ChrootDirectory none