def test_default_listen_addresses_t_f(self, ipv6_info): # pylint: disable=protected-access ipv6_info.return_value = (True, False) addrs = self.http01._default_listen_addresses() http_addr = Addr.fromstring("80") http_ipv6_addr = Addr.fromstring("[::]:80 ipv6only=on") self.assertEqual(addrs, [http_addr, http_ipv6_addr])
def _default_listen_addresses(self) -> List[Addr]: """Finds addresses for a challenge block to listen on. :returns: list of :class:`certbot_nginx._internal.obj.Addr` to apply :rtype: list """ addresses: List[Optional[Addr]] = [] default_addr = "%s" % self.configurator.config.http01_port ipv6_addr = "[::]:{0}".format( self.configurator.config.http01_port) port = self.configurator.config.http01_port ipv6, ipv6only = self.configurator.ipv6_info(str(port)) if ipv6: # If IPv6 is active in Nginx configuration if not ipv6only: # If ipv6only=on is not already present in the config ipv6_addr = ipv6_addr + " ipv6only=on" addresses = [Addr.fromstring(default_addr), Addr.fromstring(ipv6_addr)] logger.debug(("Using default addresses %s and %s for authentication."), default_addr, ipv6_addr) else: addresses = [Addr.fromstring(default_addr)] logger.debug("Using default address %s for authentication.", default_addr) return [address for address in addresses if address]
def test_set_inclusion(self): from certbot_nginx._internal.obj import Addr set_a = {self.addr1, self.addr2} addr1b = Addr.fromstring("192.168.1.1") addr2b = Addr.fromstring("192.168.1.1:* ssl") set_b = {addr1b, addr2b} self.assertEqual(set_a, set_b)
def test_contains_list(self): from certbot_nginx._internal.obj import VirtualHost from certbot_nginx._internal.obj import Addr from certbot_nginx._internal.configurator import _test_block_from_block test_block = [[ '\n ', 'return', ' ', '301', ' ', 'https://$host$request_uri' ], ['\n']] test_needle = _test_block_from_block(test_block) test_haystack = [ ['listen', '80'], ['root', '/var/www/html'], ['index', 'index.html index.htm index.nginx-debian.html'], ['server_name', 'two.functorkitten.xyz'], ['listen', '443 ssl'], ['#', ' managed by Certbot'], [ 'ssl_certificate', '/etc/letsencrypt/live/two.functorkitten.xyz/fullchain.pem' ], ['#', ' managed by Certbot'], [ 'ssl_certificate_key', '/etc/letsencrypt/live/two.functorkitten.xyz/privkey.pem' ], ['#', ' managed by Certbot'], ['return', '301', 'https://$host$request_uri'], ['#', ' managed by Certbot'], [] ] vhost_haystack = VirtualHost("filp", set([Addr.fromstring("localhost")]), False, False, set(['localhost']), test_haystack, []) test_bad_haystack = [ ['listen', '80'], ['root', '/var/www/html'], ['index', 'index.html index.htm index.nginx-debian.html'], ['server_name', 'two.functorkitten.xyz'], ['listen', '443 ssl'], ['#', ' managed by Certbot'], [ 'ssl_certificate', '/etc/letsencrypt/live/two.functorkitten.xyz/fullchain.pem' ], ['#', ' managed by Certbot'], [ 'ssl_certificate_key', '/etc/letsencrypt/live/two.functorkitten.xyz/privkey.pem' ], ['#', ' managed by Certbot'], [['if', '($scheme', '!=', '"https")'], [['return', '302', 'https://$host$request_uri']]], ['#', ' managed by Certbot'], [] ] vhost_bad_haystack = VirtualHost("filp", set([Addr.fromstring("localhost")]), False, False, set(['localhost']), test_bad_haystack, []) self.assertTrue(vhost_haystack.contains_list(test_needle)) self.assertFalse(vhost_bad_haystack.contains_list(test_needle))
def setUp(self): from certbot_nginx._internal.obj import VirtualHost from certbot_nginx._internal.obj import Addr raw1 = [ ['listen', '69.50.225.155:9000'], [['if', '($scheme', '!=', '"https") '], [['return', '301', 'https://$host$request_uri']] ], ['#', ' managed by Certbot'] ] self.vhost1 = VirtualHost( "filep", {Addr.fromstring("localhost")}, False, False, {'localhost'}, raw1, []) raw2 = [ ['listen', '69.50.225.155:9000'], [['if', '($scheme', '!=', '"https") '], [['return', '301', 'https://$host$request_uri']] ] ] self.vhost2 = VirtualHost( "filep", {Addr.fromstring("localhost")}, False, False, {'localhost'}, raw2, []) raw3 = [ ['listen', '69.50.225.155:9000'], ['rewrite', '^(.*)$', '$scheme://www.domain.com$1', 'permanent'] ] self.vhost3 = VirtualHost( "filep", {Addr.fromstring("localhost")}, False, False, {'localhost'}, raw3, []) raw4 = [ ['listen', '69.50.225.155:9000'], ['server_name', 'return.com'] ] self.vhost4 = VirtualHost( "filp", {Addr.fromstring("localhost")}, False, False, {'localhost'}, raw4, []) raw_has_hsts = [ ['listen', '69.50.225.155:9000'], ['server_name', 'return.com'], ['add_header', 'always', 'set', 'Strict-Transport-Security', '\"max-age=31536000\"'], ] self.vhost_has_hsts = VirtualHost( "filep", {Addr.fromstring("localhost")}, False, False, {'localhost'}, raw_has_hsts, [])
def setUp(self): from certbot_nginx._internal.obj import Addr self.addr1 = Addr.fromstring("192.168.1.1") self.addr2 = Addr.fromstring("192.168.1.1:* ssl") self.addr3 = Addr.fromstring("192.168.1.1:80") self.addr4 = Addr.fromstring("*:80 default_server ssl") self.addr5 = Addr.fromstring("myhost") self.addr6 = Addr.fromstring("80 default_server spdy") self.addr7 = Addr.fromstring("unix:/var/run/nginx.sock") self.addr8 = Addr.fromstring("*:80 default ssl")
def test_eq(self): from certbot_nginx._internal.obj import Addr from certbot_nginx._internal.obj import VirtualHost vhost1b = VirtualHost("filep", {Addr.fromstring("localhost blah")}, False, False, {'localhost'}, [], []) self.assertEqual(vhost1b, self.vhost1) self.assertEqual(str(vhost1b), str(self.vhost1)) self.assertFalse(vhost1b == 1234)
def test_equivalent_any_addresses(self): from certbot_nginx._internal.obj import Addr any_addresses = ("0.0.0.0:80 default_server ssl", "80 default_server ssl", "*:80 default_server ssl", "80 default ssl") for first, second in itertools.combinations(any_addresses, 2): self.assertEqual(Addr.fromstring(first), Addr.fromstring(second)) # Also, make sure ports are checked. self.assertNotEqual(Addr.fromstring(any_addresses[0]), Addr.fromstring("0.0.0.0:443 default_server ssl")) # And they aren't equivalent to a specified address. for any_address in any_addresses: self.assertNotEqual( Addr.fromstring("192.168.1.2:80 default_server ssl"), Addr.fromstring(any_address))
def test_eq(self): from certbot_nginx._internal.obj import Addr new_addr1 = Addr.fromstring("192.168.1.1 spdy") self.assertEqual(self.addr1, new_addr1) self.assertNotEqual(self.addr1, self.addr2) self.assertFalse(self.addr1 == 3333)