mbiryukova/lego
1
0
Fork 0
forked from TrueCloudLab/lego
Code Pull requests Activity

Fix tests in ACMEv2

Browse source
This commit is contained in:
Unknown 2018-04-09 01:48:25 +02:00
parent c62cb65ba5
commit 0b6d953434
4 changed files with 39 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
acmev2/client_test.go
View file

@ -27,7 +27,13 @@ func TestNewClient(t *testing.T) {
} }
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
data, _ := json.Marshal(directory{NewAuthzURL: "http://test", NewCertURL: "http://test", NewRegURL: "http://test", RevokeCertURL: "http://test"}) data, _ := json.Marshal(directory{
NewNonceURL: "http://test",
NewAccountURL: "http://test",
NewOrderURL: "http://test",
RevokeCertURL: "http://test",
KeyChangeURL: "http://test",
})
w.Write(data) w.Write(data)
})) }))
@ -47,7 +53,7 @@ func TestNewClient(t *testing.T) {
t.Errorf("Expected keyType to be %s but was %s", keyType, client.keyType) t.Errorf("Expected keyType to be %s but was %s", keyType, client.keyType)
} }
if expected, actual := 2, len(client.solvers); actual != expected { if expected, actual := 1, len(client.solvers); actual != expected {
t.Fatalf("Expected %d solver(s), got %d", expected, actual) t.Fatalf("Expected %d solver(s), got %d", expected, actual)
} }
} }
@ -65,7 +71,13 @@ func TestClientOptPort(t *testing.T) {
} }
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
data, _ := json.Marshal(directory{NewAuthzURL: "http://test", NewCertURL: "http://test", NewRegURL: "http://test", RevokeCertURL: "http://test"}) data, _ := json.Marshal(directory{
NewNonceURL: "http://test",
NewAccountURL: "http://test",
NewOrderURL: "http://test",
RevokeCertURL: "http://test",
KeyChangeURL: "http://test",
})
w.Write(data) w.Write(data)
})) }))
@ -76,7 +88,6 @@ func TestClientOptPort(t *testing.T) {
t.Fatalf("Could not create client: %v", err) t.Fatalf("Could not create client: %v", err)
} }
client.SetHTTPAddress(net.JoinHostPort(optHost, optPort)) client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))
client.SetTLSAddress(net.JoinHostPort(optHost, optPort))
httpSolver, ok := client.solvers[HTTP01].(*httpChallenge) httpSolver, ok := client.solvers[HTTP01].(*httpChallenge)
if !ok { if !ok {
@ -92,7 +103,7 @@ func TestClientOptPort(t *testing.T) {
t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got) t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)
} }
httpsSolver, ok := client.solvers[TLSSNI01].(*tlsSNIChallenge) /* httpsSolver, ok := client.solvers[TLSSNI01].(*tlsSNIChallenge)
if !ok { if !ok {
t.Fatal("Expected tls-sni-01 solver to be httpChallenge type") t.Fatal("Expected tls-sni-01 solver to be httpChallenge type")
} }
@ -104,19 +115,15 @@ func TestClientOptPort(t *testing.T) {
} }
if got := httpsSolver.provider.(*TLSProviderServer).iface; got != optHost { if got := httpsSolver.provider.(*TLSProviderServer).iface; got != optHost {
t.Errorf("Expected tls-sni-01 to have port %s but was %s", optHost, got) t.Errorf("Expected tls-sni-01 to have port %s but was %s", optHost, got)
} } */
// test setting different host // test setting different host
optHost = "127.0.0.1" optHost = "127.0.0.1"
client.SetHTTPAddress(net.JoinHostPort(optHost, optPort)) client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))
client.SetTLSAddress(net.JoinHostPort(optHost, optPort))
if got := httpSolver.provider.(*HTTPProviderServer).iface; got != optHost { if got := httpSolver.provider.(*HTTPProviderServer).iface; got != optHost {
t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got) t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)
} }
if got := httpsSolver.provider.(*TLSProviderServer).port; got != optPort {
t.Errorf("Expected tls-sni-01 to have port %s but was %s", optPort, got)
}
} }
func TestNotHoldingLockWhileMakingHTTPRequests(t *testing.T) { func TestNotHoldingLockWhileMakingHTTPRequests(t *testing.T) {
@ -124,12 +131,12 @@ func TestNotHoldingLockWhileMakingHTTPRequests(t *testing.T) {
time.Sleep(250 * time.Millisecond) time.Sleep(250 * time.Millisecond)
w.Header().Add("Replay-Nonce", "12345") w.Header().Add("Replay-Nonce", "12345")
w.Header().Add("Retry-After", "0") w.Header().Add("Retry-After", "0")
writeJSONResponse(w, &challenge{Type: "http-01", Status: "Valid", URI: "http://example.com/", Token: "token"}) writeJSONResponse(w, &challenge{Type: "http-01", Status: "Valid", URL: "http://example.com/", Token: "token"})
})) }))
defer ts.Close() defer ts.Close()
privKey, _ := rsa.GenerateKey(rand.Reader, 512) privKey, _ := rsa.GenerateKey(rand.Reader, 512)
j := &jws{privKey: privKey, directoryURL: ts.URL} j := &jws{privKey: privKey, getNonceURL: ts.URL}
ch := make(chan bool) ch := make(chan bool)
resultCh := make(chan bool) resultCh := make(chan bool)
go func() { go func() {
@ -163,12 +170,12 @@ func TestValidate(t *testing.T) {
case "POST": case "POST":
st := statuses[0] st := statuses[0]
statuses = statuses[1:] statuses = statuses[1:]
writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URI: "http://example.com/", Token: "token"}) writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URL: "http://example.com/", Token: "token"})
case "GET": case "GET":
st := statuses[0] st := statuses[0]
statuses = statuses[1:] statuses = statuses[1:]
writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URI: "http://example.com/", Token: "token"}) writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URL: "http://example.com/", Token: "token"})
default: default:
http.Error(w, r.Method, http.StatusMethodNotAllowed) http.Error(w, r.Method, http.StatusMethodNotAllowed)
@ -177,7 +184,7 @@ func TestValidate(t *testing.T) {
defer ts.Close() defer ts.Close()
privKey, _ := rsa.GenerateKey(rand.Reader, 512) privKey, _ := rsa.GenerateKey(rand.Reader, 512)
j := &jws{privKey: privKey, directoryURL: ts.URL} j := &jws{privKey: privKey, getNonceURL: ts.URL}
tsts := []struct { tsts := []struct {
name string name string
@ -186,10 +193,10 @@ func TestValidate(t *testing.T) {
}{ }{
{"POST-unexpected", []string{"weird"}, "unexpected"}, {"POST-unexpected", []string{"weird"}, "unexpected"},
{"POST-valid", []string{"valid"}, ""}, {"POST-valid", []string{"valid"}, ""},
{"POST-invalid", []string{"invalid"}, "Error Detail"}, {"POST-invalid", []string{"invalid"}, "Error"},
{"GET-unexpected", []string{"pending", "weird"}, "unexpected"}, {"GET-unexpected", []string{"pending", "weird"}, "unexpected"},
{"GET-valid", []string{"pending", "valid"}, ""}, {"GET-valid", []string{"pending", "valid"}, ""},
{"GET-invalid", []string{"pending", "invalid"}, "Error Detail"}, {"GET-invalid", []string{"pending", "invalid"}, "Error"},
} }
for _, tst := range tsts { for _, tst := range tsts {
@ -209,9 +216,15 @@ func TestGetChallenges(t *testing.T) {
case "GET", "HEAD": case "GET", "HEAD":
w.Header().Add("Replay-Nonce", "12345") w.Header().Add("Replay-Nonce", "12345")
w.Header().Add("Retry-After", "0") w.Header().Add("Retry-After", "0")
writeJSONResponse(w, directory{NewAuthzURL: ts.URL, NewCertURL: ts.URL, NewRegURL: ts.URL, RevokeCertURL: ts.URL}) writeJSONResponse(w, directory{
NewNonceURL: ts.URL,
NewAccountURL: ts.URL,
NewOrderURL: ts.URL,
RevokeCertURL: ts.URL,
KeyChangeURL: ts.URL,
})
case "POST": case "POST":
writeJSONResponse(w, authorization{}) writeJSONResponse(w, orderMessage{})
} }
})) }))
defer ts.Close() defer ts.Close()
@ -224,7 +237,7 @@ func TestGetChallenges(t *testing.T) {
} }
user := mockUser{ user := mockUser{
email: "test@test.com", email: "test@test.com",
regres: &RegistrationResource{NewAuthzURL: ts.URL}, regres: &RegistrationResource{URI: ts.URL},
privatekey: key, privatekey: key,
} }
@ -233,8 +246,8 @@ func TestGetChallenges(t *testing.T) {
t.Fatalf("Could not create client: %v", err) t.Fatalf("Could not create client: %v", err)
} }
_, failures := client.getChallenges([]string{"example.com"}) _, err = client.createOrderForIdentifiers([]string{"example.com"})
if failures["example.com"] == nil { if err != nil {
t.Fatal("Expecting \"Server did not provide next link to proceed\" error, got nil") t.Fatal("Expecting \"Server did not provide next link to proceed\" error, got nil")
} }
} }

4
acmev2/dns_challenge_test.go
View file

@ -100,9 +100,9 @@ func TestDNSValidServerResponse(t *testing.T) {
})) }))
manualProvider, _ := NewDNSProviderManual() manualProvider, _ := NewDNSProviderManual()
jws := &jws{privKey: privKey, directoryURL: ts.URL} jws := &jws{privKey: privKey, getNonceURL: ts.URL}
solver := &dnsChallenge{jws: jws, validate: validate, provider: manualProvider} solver := &dnsChallenge{jws: jws, validate: validate, provider: manualProvider}
clientChallenge := challenge{Type: "dns01", Status: "pending", URI: ts.URL, Token: "http8"} clientChallenge := challenge{Type: "dns01", Status: "pending", URL: ts.URL, Token: "http8"}
go func() { go func() {
time.Sleep(time.Second * 2) time.Sleep(time.Second * 2)

4
acmev2/http_challenge_test.go
View file

@ -11,7 +11,7 @@ import (
func TestHTTPChallenge(t *testing.T) { func TestHTTPChallenge(t *testing.T) {
privKey, _ := rsa.GenerateKey(rand.Reader, 512) privKey, _ := rsa.GenerateKey(rand.Reader, 512)
j := &jws{privKey: privKey} j := &jws{privKey: privKey}
clientChallenge := challenge{Type: HTTP01, Token: "http1"} clientChallenge := challenge{Type: string(HTTP01), Token: "http1"}
mockValidate := func(_ *jws, _, _ string, chlng challenge) error { mockValidate := func(_ *jws, _, _ string, chlng challenge) error {
uri := "http://localhost:23457/.well-known/acme-challenge/" + chlng.Token uri := "http://localhost:23457/.well-known/acme-challenge/" + chlng.Token
resp, err := httpGet(uri) resp, err := httpGet(uri)
@ -46,7 +46,7 @@ func TestHTTPChallenge(t *testing.T) {
func TestHTTPChallengeInvalidPort(t *testing.T) { func TestHTTPChallengeInvalidPort(t *testing.T) {
privKey, _ := rsa.GenerateKey(rand.Reader, 128) privKey, _ := rsa.GenerateKey(rand.Reader, 128)
j := &jws{privKey: privKey} j := &jws{privKey: privKey}
clientChallenge := challenge{Type: HTTP01, Token: "http2"} clientChallenge := challenge{Type: string(HTTP01), Token: "http2"}
solver := &httpChallenge{jws: j, validate: stubValidate, provider: &HTTPProviderServer{port: "123456"}} solver := &httpChallenge{jws: j, validate: stubValidate, provider: &HTTPProviderServer{port: "123456"}}
if err := solver.Solve(clientChallenge, "localhost:123456"); err == nil { if err := solver.Solve(clientChallenge, "localhost:123456"); err == nil {

2
cli_handlers.go
View file

@ -207,8 +207,6 @@ func handleTOS(c *cli.Context, client *acme.Client) bool {
logger().Println("Your input was invalid. Please answer with one of Y/y, n or by pressing enter.") logger().Println("Your input was invalid. Please answer with one of Y/y, n or by pressing enter.")
} }
return false
} }
func readCSRFile(filename string) (*x509.CertificateRequest, error) { func readCSRFile(filename string) (*x509.CertificateRequest, error) {