Agents should be able to use CA and CRL bundles (PUP-8652)

[PUP-8690] Refactor Puppet::SSL::* methods and spec tests Created: 2018/05/02  Updated: 2018/09/19  Resolved: 2018/09/19

Status: Closed
Project: Puppet
Component/s: None
Affects Version/s: None
Fix Version/s: PUP 6.0.0

Type: Sub-task Priority: Normal
Reporter: Tony Vu Assignee: Tony Vu
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Team: Server
Release Notes: Not Needed
QA Risk Assessment: Needs Assessment


Since PUP-8655, PUP-8656, and PUP-8653 were all touching much of the same code, we opted to just merge the PRs as is and refactor overlapping interests after those had been merged. This ticket is to track that work and make sure it gets done.

Areas for refactor:

  • Overlapping functionality in decode_cert_bundle from Puppet::SSL::DefaultValidator; probably need specific function for decoding crls and cert bundles
  • Usage of PuppetSpec::SSL in spec tests for Puppet::SSL::DefaultValidator
  • Factor out logic around verify mode for HTTP connections, for use by Rest::Client and SSL::DefaultValidator

Generated at Wed Nov 20 21:29:10 PST 2019 using JIRA 7.7.1#77002-sha1:e75ca93d5574d9409c0630b81c894d9065296414.