mirror of
https://github.com/certbot/certbot.git
synced 2026-06-03 13:59:02 -04:00
2cb9d9e2aa
* get http01 challenge working * support multiple challenge types in configurator.py * update existing nginx tests * lint * refactor NginxHttp01 and NginxTlsSni01 to both now inherit from NginxChallengePerformer * remove TODO * challenges_test tests with both tlssni01 and http01 * Make challenges.py more abstract to make lint happier * add pylint disables to the tests to make pylint happier about the inheritance and abstraction situation * no need to cover raise NotImplementedError() lines * python3 compatibility * test that http01 perform is called * only remove ssl from addresses during http01 * Initialize addrs_to_add * Change Nginx http01 to modify server block so the site doesn't stop serving while getting a cert * pass existing unit tests * rename sni --> http01 in unit tests * lint * fix configurator test * select an http block instead of https * properly test for port number * use domains that have matching addresses * remove debugger * remove access_log and error_log cruft that wasn't being executed * continue to return None from choose_redirect_vhost when create_if_no_match is False * add nginx integration test
113 lines
3.8 KiB
Python
113 lines
3.8 KiB
Python
"""Tests for certbot_nginx.http_01"""
|
|
import unittest
|
|
import shutil
|
|
|
|
import mock
|
|
import six
|
|
|
|
from acme import challenges
|
|
|
|
from certbot import achallenges
|
|
|
|
from certbot.plugins import common_test
|
|
from certbot.tests import acme_util
|
|
|
|
from certbot_nginx.tests import util
|
|
|
|
|
|
class HttpPerformTest(util.NginxTest):
|
|
"""Test the NginxHttp01 challenge."""
|
|
|
|
account_key = common_test.AUTH_KEY
|
|
achalls = [
|
|
achallenges.KeyAuthorizationAnnotatedChallenge(
|
|
challb=acme_util.chall_to_challb(
|
|
challenges.HTTP01(token=b"kNdwjwOeX0I_A8DXt9Msmg"), "pending"),
|
|
domain="www.example.com", account_key=account_key),
|
|
achallenges.KeyAuthorizationAnnotatedChallenge(
|
|
challb=acme_util.chall_to_challb(
|
|
challenges.HTTP01(
|
|
token=b"\xba\xa9\xda?<m\xaewmx\xea\xad\xadv\xf4\x02\xc9y"
|
|
b"\x80\xe2_X\t\xe7\xc7\xa4\t\xca\xf7&\x945"
|
|
), "pending"),
|
|
domain="ipv6.com", account_key=account_key),
|
|
achallenges.KeyAuthorizationAnnotatedChallenge(
|
|
challb=acme_util.chall_to_challb(
|
|
challenges.HTTP01(
|
|
token=b"\x8c\x8a\xbf_-f\\cw\xee\xd6\xf8/\xa5\xe3\xfd"
|
|
b"\xeb9\xf1\xf5\xb9\xefVM\xc9w\xa4u\x9c\xe1\x87\xb4"
|
|
), "pending"),
|
|
domain="www.example.org", account_key=account_key),
|
|
achallenges.KeyAuthorizationAnnotatedChallenge(
|
|
challb=acme_util.chall_to_challb(
|
|
challenges.HTTP01(token=b"kNdwjxOeX0I_A8DXt9Msmg"), "pending"),
|
|
domain="migration.com", account_key=account_key),
|
|
]
|
|
|
|
def setUp(self):
|
|
super(HttpPerformTest, self).setUp()
|
|
|
|
config = util.get_nginx_configurator(
|
|
self.config_path, self.config_dir, self.work_dir, self.logs_dir)
|
|
|
|
from certbot_nginx import http_01
|
|
self.http01 = http_01.NginxHttp01(config)
|
|
|
|
def tearDown(self):
|
|
shutil.rmtree(self.temp_dir)
|
|
shutil.rmtree(self.config_dir)
|
|
shutil.rmtree(self.work_dir)
|
|
|
|
def test_perform0(self):
|
|
responses = self.http01.perform()
|
|
self.assertEqual([], responses)
|
|
|
|
@mock.patch("certbot_nginx.configurator.NginxConfigurator.save")
|
|
def test_perform1(self, mock_save):
|
|
self.http01.add_chall(self.achalls[0])
|
|
response = self.achalls[0].response(self.account_key)
|
|
|
|
responses = self.http01.perform()
|
|
|
|
self.assertEqual([response], responses)
|
|
self.assertEqual(mock_save.call_count, 1)
|
|
|
|
def test_perform2(self):
|
|
acme_responses = []
|
|
for achall in self.achalls:
|
|
self.http01.add_chall(achall)
|
|
acme_responses.append(achall.response(self.account_key))
|
|
|
|
sni_responses = self.http01.perform()
|
|
|
|
self.assertEqual(len(sni_responses), 4)
|
|
for i in six.moves.range(4):
|
|
self.assertEqual(sni_responses[i], acme_responses[i])
|
|
|
|
def test_mod_config(self):
|
|
self.http01.add_chall(self.achalls[0])
|
|
self.http01.add_chall(self.achalls[2])
|
|
|
|
self.http01._mod_config() # pylint: disable=protected-access
|
|
|
|
self.http01.configurator.save()
|
|
|
|
self.http01.configurator.parser.load()
|
|
|
|
# vhosts = self.http01.configurator.parser.get_vhosts()
|
|
|
|
# for vhost in vhosts:
|
|
# pass
|
|
# if the name matches
|
|
# check that the location block is in there and is correct
|
|
|
|
# if vhost.addrs == set(v_addr1):
|
|
# response = self.achalls[0].response(self.account_key)
|
|
# else:
|
|
# response = self.achalls[2].response(self.account_key)
|
|
# self.assertEqual(vhost.addrs, set(v_addr2_print))
|
|
# self.assertEqual(vhost.names, set([response.z_domain.decode('ascii')]))
|
|
|
|
|
|
if __name__ == "__main__":
|
|
unittest.main() # pragma: no cover
|