def setUp(self): from certbot.plugins.standalone import Authenticator self.config = mock.MagicMock( tls_sni_01_port=1234, http01_port=4321, standalone_supported_challenges="tls-sni-01,http-01") self.auth = Authenticator(self.config, name="standalone")
def setUp(self): from certbot.plugins.standalone import Authenticator self.config = mock.MagicMock( http01_port=get_open_port(), standalone_supported_challenges="http-01") self.auth = Authenticator(self.config, name="standalone") self.auth.servers = mock.MagicMock()
def setUp(self): from certbot.plugins.standalone import Authenticator self.config = mock.MagicMock( tls_sni_01_port=1234, http01_port=4321, standalone_supported_challenges="tls-sni-01,http-01" ) self.auth = Authenticator(self.config, name="standalone")
class AuthenticatorTest(unittest.TestCase): """Tests for certbot.plugins.standalone.Authenticator.""" def setUp(self): from certbot.plugins.standalone import Authenticator self.config = mock.MagicMock( tls_sni_01_port=get_open_port(), http01_port=get_open_port(), standalone_supported_challenges="tls-sni-01,http-01") self.auth = Authenticator(self.config, name="standalone") self.auth.servers = mock.MagicMock() def test_supported_challenges(self): self.assertEqual(self.auth.supported_challenges, [challenges.TLSSNI01, challenges.HTTP01]) def test_supported_challenges_configured(self): self.config.standalone_supported_challenges = "tls-sni-01" self.assertEqual(self.auth.supported_challenges, [challenges.TLSSNI01]) def test_more_info(self): self.assertTrue(isinstance(self.auth.more_info(), six.string_types)) def test_get_chall_pref(self): self.assertEqual(self.auth.get_chall_pref(domain=None), [challenges.TLSSNI01, challenges.HTTP01]) def test_get_chall_pref_configured(self): self.config.standalone_supported_challenges = "tls-sni-01" self.assertEqual(self.auth.get_chall_pref(domain=None), [challenges.TLSSNI01]) def test_perform(self): achalls = self._get_achalls() response = self.auth.perform(achalls) expected = [achall.response(achall.account_key) for achall in achalls] self.assertEqual(response, expected) @test_util.patch_get_utility() def test_perform_eaddrinuse_retry(self, mock_get_utility): mock_utility = mock_get_utility() errno = socket.errno.EADDRINUSE error = errors.StandaloneBindError(mock.MagicMock(errno=errno), -1) self.auth.servers.run.side_effect = [error] + 2 * [mock.MagicMock()] mock_yesno = mock_utility.yesno mock_yesno.return_value = True self.test_perform() self._assert_correct_yesno_call(mock_yesno) @test_util.patch_get_utility() def test_perform_eaddrinuse_no_retry(self, mock_get_utility): mock_utility = mock_get_utility() mock_yesno = mock_utility.yesno mock_yesno.return_value = False errno = socket.errno.EADDRINUSE self.assertRaises(errors.PluginError, self._fail_perform, errno) self._assert_correct_yesno_call(mock_yesno) def _assert_correct_yesno_call(self, mock_yesno): yesno_args, yesno_kwargs = mock_yesno.call_args self.assertTrue("in use" in yesno_args[0]) self.assertFalse(yesno_kwargs.get("default", True)) def test_perform_eacces(self): errno = socket.errno.EACCES self.assertRaises(errors.PluginError, self._fail_perform, errno) def test_perform_unexpected_socket_error(self): errno = socket.errno.ENOTCONN self.assertRaises(errors.StandaloneBindError, self._fail_perform, errno) def _fail_perform(self, errno): error = errors.StandaloneBindError(mock.MagicMock(errno=errno), -1) self.auth.servers.run.side_effect = error self.auth.perform(self._get_achalls()) @classmethod def _get_achalls(cls): domain = b'localhost' key = jose.JWK.load(test_util.load_vector('rsa512_key.pem')) http_01 = achallenges.KeyAuthorizationAnnotatedChallenge( challb=acme_util.HTTP01_P, domain=domain, account_key=key) tls_sni_01 = achallenges.KeyAuthorizationAnnotatedChallenge( challb=acme_util.TLSSNI01_P, domain=domain, account_key=key) return [http_01, tls_sni_01] def test_cleanup(self): self.auth.servers.running.return_value = { 1: "server1", 2: "server2", } self.auth.served["server1"].add("chall1") self.auth.served["server2"].update(["chall2", "chall3"]) self.auth.cleanup(["chall1"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set(["chall2", "chall3"]) }) self.auth.servers.stop.assert_called_once_with(1) self.auth.servers.running.return_value = { 2: "server2", } self.auth.cleanup(["chall2"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set(["chall3"]) }) self.assertEqual(1, self.auth.servers.stop.call_count) self.auth.cleanup(["chall3"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set([]) }) self.auth.servers.stop.assert_called_with(2)
class AuthenticatorTest(unittest.TestCase): """Tests for certbot.plugins.standalone.Authenticator.""" def setUp(self): from certbot.plugins.standalone import Authenticator self.config = mock.MagicMock( tls_sni_01_port=1234, http01_port=4321, standalone_supported_challenges="tls-sni-01,http-01") self.auth = Authenticator(self.config, name="standalone") def test_supported_challenges(self): self.assertEqual(self.auth.supported_challenges, [challenges.TLSSNI01, challenges.HTTP01]) def test_supported_challenges_configured(self): self.config.standalone_supported_challenges = "tls-sni-01" self.assertEqual(self.auth.supported_challenges, [challenges.TLSSNI01]) def test_more_info(self): self.assertTrue(isinstance(self.auth.more_info(), six.string_types)) def test_get_chall_pref(self): self.assertEqual(self.auth.get_chall_pref(domain=None), [challenges.TLSSNI01, challenges.HTTP01]) def test_get_chall_pref_configured(self): self.config.standalone_supported_challenges = "tls-sni-01" self.assertEqual(self.auth.get_chall_pref(domain=None), [challenges.TLSSNI01]) @mock.patch("certbot.plugins.standalone.util") def test_perform_already_listening(self, mock_util): for chall, port in ((challenges.TLSSNI01.typ, 1234), (challenges.HTTP01.typ, 4321)): mock_util.already_listening.return_value = True self.config.standalone_supported_challenges = chall self.assertRaises(errors.MisconfigurationError, self.auth.perform, []) mock_util.already_listening.assert_called_once_with(port, False) mock_util.already_listening.reset_mock() @mock.patch("certbot.plugins.standalone.zope.component.getUtility") def test_perform(self, unused_mock_get_utility): achalls = [1, 2, 3] self.auth.perform2 = mock.Mock(return_value=mock.sentinel.responses) self.assertEqual(mock.sentinel.responses, self.auth.perform(achalls)) self.auth.perform2.assert_called_once_with(achalls) @mock.patch("certbot.plugins.standalone.zope.component.getUtility") def _test_perform_bind_errors(self, errno, achalls, mock_get_utility): def _perform2(unused_achalls): raise errors.StandaloneBindError(mock.Mock(errno=errno), 1234) self.auth.perform2 = mock.MagicMock(side_effect=_perform2) self.auth.perform(achalls) mock_get_utility.assert_called_once_with(interfaces.IDisplay) notification = mock_get_utility.return_value.notification self.assertEqual(1, notification.call_count) self.assertTrue("1234" in notification.call_args[0][0]) def test_perform_eacces(self): # pylint: disable=no-value-for-parameter self._test_perform_bind_errors(socket.errno.EACCES, []) def test_perform_eaddrinuse(self): # pylint: disable=no-value-for-parameter self._test_perform_bind_errors(socket.errno.EADDRINUSE, []) def test_perfom_unknown_bind_error(self): self.assertRaises(errors.StandaloneBindError, self._test_perform_bind_errors, socket.errno.ENOTCONN, []) def test_perform2(self): domain = b'localhost' key = jose.JWK.load(test_util.load_vector('rsa512_key.pem')) http_01 = achallenges.KeyAuthorizationAnnotatedChallenge( challb=acme_util.HTTP01_P, domain=domain, account_key=key) tls_sni_01 = achallenges.KeyAuthorizationAnnotatedChallenge( challb=acme_util.TLSSNI01_P, domain=domain, account_key=key) self.auth.servers = mock.MagicMock() def _run(port, tls): # pylint: disable=unused-argument return "server{0}".format(port) self.auth.servers.run.side_effect = _run responses = self.auth.perform2([http_01, tls_sni_01]) self.assertTrue(isinstance(responses, list)) self.assertEqual(2, len(responses)) self.assertTrue(isinstance(responses[0], challenges.HTTP01Response)) self.assertTrue(isinstance(responses[1], challenges.TLSSNI01Response)) self.assertEqual(self.auth.servers.run.mock_calls, [ mock.call(4321, challenges.HTTP01), mock.call(1234, challenges.TLSSNI01), ]) self.assertEqual(self.auth.served, { "server1234": set([tls_sni_01]), "server4321": set([http_01]), }) self.assertEqual(1, len(self.auth.http_01_resources)) self.assertEqual(1, len(self.auth.certs)) self.assertEqual(list(self.auth.http_01_resources), [ acme_standalone.HTTP01RequestHandler.HTTP01Resource( acme_util.HTTP01, responses[0], mock.ANY) ]) def test_cleanup(self): self.auth.servers = mock.Mock() self.auth.servers.running.return_value = { 1: "server1", 2: "server2", } self.auth.served["server1"].add("chall1") self.auth.served["server2"].update(["chall2", "chall3"]) self.auth.cleanup(["chall1"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set(["chall2", "chall3"]) }) self.auth.servers.stop.assert_called_once_with(1) self.auth.servers.running.return_value = { 2: "server2", } self.auth.cleanup(["chall2"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set(["chall3"]) }) self.assertEqual(1, self.auth.servers.stop.call_count) self.auth.cleanup(["chall3"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set([]) }) self.auth.servers.stop.assert_called_with(2)
class AuthenticatorTest(unittest.TestCase): """Tests for certbot.plugins.standalone.Authenticator.""" def setUp(self): from certbot.plugins.standalone import Authenticator self.config = mock.MagicMock( tls_sni_01_port=1234, http01_port=4321, standalone_supported_challenges="tls-sni-01,http-01" ) self.auth = Authenticator(self.config, name="standalone") def test_supported_challenges(self): self.assertEqual(self.auth.supported_challenges, [challenges.TLSSNI01, challenges.HTTP01]) def test_supported_challenges_configured(self): self.config.standalone_supported_challenges = "tls-sni-01" self.assertEqual(self.auth.supported_challenges, [challenges.TLSSNI01]) def test_more_info(self): self.assertTrue(isinstance(self.auth.more_info(), six.string_types)) def test_get_chall_pref(self): self.assertEqual(self.auth.get_chall_pref(domain=None), [challenges.TLSSNI01, challenges.HTTP01]) def test_get_chall_pref_configured(self): self.config.standalone_supported_challenges = "tls-sni-01" self.assertEqual(self.auth.get_chall_pref(domain=None), [challenges.TLSSNI01]) @mock.patch("certbot.plugins.standalone.util") def test_perform_already_listening(self, mock_util): for chall, port in ((challenges.TLSSNI01.typ, 1234), (challenges.HTTP01.typ, 4321)): mock_util.already_listening.return_value = True self.config.standalone_supported_challenges = chall self.assertRaises(errors.MisconfigurationError, self.auth.perform, []) mock_util.already_listening.assert_called_once_with(port, False) mock_util.already_listening.reset_mock() @mock.patch("certbot.plugins.standalone.zope.component.getUtility") def test_perform(self, unused_mock_get_utility): achalls = [1, 2, 3] self.auth.perform2 = mock.Mock(return_value=mock.sentinel.responses) self.assertEqual(mock.sentinel.responses, self.auth.perform(achalls)) self.auth.perform2.assert_called_once_with(achalls) @mock.patch("certbot.plugins.standalone.zope.component.getUtility") def _test_perform_bind_errors(self, errno, achalls, mock_get_utility): def _perform2(unused_achalls): raise errors.StandaloneBindError(mock.Mock(errno=errno), 1234) self.auth.perform2 = mock.MagicMock(side_effect=_perform2) self.auth.perform(achalls) mock_get_utility.assert_called_once_with(interfaces.IDisplay) notification = mock_get_utility.return_value.notification self.assertEqual(1, notification.call_count) self.assertTrue("1234" in notification.call_args[0][0]) def test_perform_eacces(self): # pylint: disable=no-value-for-parameter self._test_perform_bind_errors(socket.errno.EACCES, []) def test_perform_eaddrinuse(self): # pylint: disable=no-value-for-parameter self._test_perform_bind_errors(socket.errno.EADDRINUSE, []) def test_perfom_unknown_bind_error(self): self.assertRaises(errors.StandaloneBindError, self._test_perform_bind_errors, socket.errno.ENOTCONN, []) def test_perform2(self): domain = b"localhost" key = jose.JWK.load(test_util.load_vector("rsa512_key.pem")) http_01 = achallenges.KeyAuthorizationAnnotatedChallenge( challb=acme_util.HTTP01_P, domain=domain, account_key=key ) tls_sni_01 = achallenges.KeyAuthorizationAnnotatedChallenge( challb=acme_util.TLSSNI01_P, domain=domain, account_key=key ) self.auth.servers = mock.MagicMock() def _run(port, tls): # pylint: disable=unused-argument return "server{0}".format(port) self.auth.servers.run.side_effect = _run responses = self.auth.perform2([http_01, tls_sni_01]) self.assertTrue(isinstance(responses, list)) self.assertEqual(2, len(responses)) self.assertTrue(isinstance(responses[0], challenges.HTTP01Response)) self.assertTrue(isinstance(responses[1], challenges.TLSSNI01Response)) self.assertEqual( self.auth.servers.run.mock_calls, [mock.call(4321, challenges.HTTP01), mock.call(1234, challenges.TLSSNI01)] ) self.assertEqual(self.auth.served, {"server1234": set([tls_sni_01]), "server4321": set([http_01])}) self.assertEqual(1, len(self.auth.http_01_resources)) self.assertEqual(1, len(self.auth.certs)) self.assertEqual( list(self.auth.http_01_resources), [acme_standalone.HTTP01RequestHandler.HTTP01Resource(acme_util.HTTP01, responses[0], mock.ANY)], ) def test_cleanup(self): self.auth.servers = mock.Mock() self.auth.servers.running.return_value = {1: "server1", 2: "server2"} self.auth.served["server1"].add("chall1") self.auth.served["server2"].update(["chall2", "chall3"]) self.auth.cleanup(["chall1"]) self.assertEqual(self.auth.served, {"server1": set(), "server2": set(["chall2", "chall3"])}) self.auth.servers.stop.assert_called_once_with(1) self.auth.servers.running.return_value = {2: "server2"} self.auth.cleanup(["chall2"]) self.assertEqual(self.auth.served, {"server1": set(), "server2": set(["chall3"])}) self.assertEqual(1, self.auth.servers.stop.call_count) self.auth.cleanup(["chall3"]) self.assertEqual(self.auth.served, {"server1": set(), "server2": set([])}) self.auth.servers.stop.assert_called_with(2)
class AuthenticatorTest(unittest.TestCase): """Tests for certbot.plugins.standalone.Authenticator.""" def setUp(self): from certbot.plugins.standalone import Authenticator self.config = mock.MagicMock( http01_port=get_open_port(), standalone_supported_challenges="http-01") self.auth = Authenticator(self.config, name="standalone") self.auth.servers = mock.MagicMock() def test_supported_challenges(self): self.assertEqual(self.auth.supported_challenges, [challenges.HTTP01]) def test_supported_challenges_configured(self): self.config.standalone_supported_challenges = "http-01" self.assertEqual(self.auth.supported_challenges, [challenges.HTTP01]) def test_more_info(self): self.assertTrue(isinstance(self.auth.more_info(), six.string_types)) def test_get_chall_pref(self): self.assertEqual(self.auth.get_chall_pref(domain=None), [challenges.HTTP01]) def test_get_chall_pref_configured(self): self.config.standalone_supported_challenges = "http-01" self.assertEqual(self.auth.get_chall_pref(domain=None), [challenges.HTTP01]) def test_perform(self): achalls = self._get_achalls() response = self.auth.perform(achalls) expected = [achall.response(achall.account_key) for achall in achalls] self.assertEqual(response, expected) @test_util.patch_get_utility() def test_perform_eaddrinuse_retry(self, mock_get_utility): mock_utility = mock_get_utility() errno = socket_errors.EADDRINUSE error = errors.StandaloneBindError(mock.MagicMock(errno=errno), -1) self.auth.servers.run.side_effect = [error] + 2 * [mock.MagicMock()] mock_yesno = mock_utility.yesno mock_yesno.return_value = True self.test_perform() self._assert_correct_yesno_call(mock_yesno) @test_util.patch_get_utility() def test_perform_eaddrinuse_no_retry(self, mock_get_utility): mock_utility = mock_get_utility() mock_yesno = mock_utility.yesno mock_yesno.return_value = False errno = socket_errors.EADDRINUSE self.assertRaises(errors.PluginError, self._fail_perform, errno) self._assert_correct_yesno_call(mock_yesno) def _assert_correct_yesno_call(self, mock_yesno): yesno_args, yesno_kwargs = mock_yesno.call_args self.assertTrue("in use" in yesno_args[0]) self.assertFalse(yesno_kwargs.get("default", True)) def test_perform_eacces(self): errno = socket_errors.EACCES self.assertRaises(errors.PluginError, self._fail_perform, errno) def test_perform_unexpected_socket_error(self): errno = socket_errors.ENOTCONN self.assertRaises( errors.StandaloneBindError, self._fail_perform, errno) def _fail_perform(self, errno): error = errors.StandaloneBindError(mock.MagicMock(errno=errno), -1) self.auth.servers.run.side_effect = error self.auth.perform(self._get_achalls()) @classmethod def _get_achalls(cls): domain = b'localhost' key = jose.JWK.load(test_util.load_vector('rsa512_key.pem')) http_01 = achallenges.KeyAuthorizationAnnotatedChallenge( challb=acme_util.HTTP01_P, domain=domain, account_key=key) return [http_01] def test_cleanup(self): self.auth.servers.running.return_value = { 1: "server1", 2: "server2", } self.auth.served["server1"].add("chall1") self.auth.served["server2"].update(["chall2", "chall3"]) self.auth.cleanup(["chall1"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set(["chall2", "chall3"])}) self.auth.servers.stop.assert_called_once_with(1) self.auth.servers.running.return_value = { 2: "server2", } self.auth.cleanup(["chall2"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set(["chall3"])}) self.assertEqual(1, self.auth.servers.stop.call_count) self.auth.cleanup(["chall3"]) self.assertEqual(self.auth.served, { "server1": set(), "server2": set([])}) self.auth.servers.stop.assert_called_with(2)