def test_700_006(self):
domain = "test700-006-" + TestAuto.dns_uniq
nameA = "test-a." + domain
dns_list = [ domain, nameA ]
# generate 1 MD, 1 vhost
conf = HttpdConf( TestAuto.TMP_CONF )
conf.add_admin( "admin@" + domain )
conf.add_ca_challenges([ "invalid-01", "invalid-02" ])
conf.add_md( dns_list )
conf.add_vhost( TestEnv.HTTPS_PORT, nameA, aliasList=[], docRoot="htdocs/a",
withSSL=True, certPath=TestEnv.path_domain_pubcert( domain ),
keyPath=TestEnv.path_domain_privkey( domain ) )
conf.install()
# create docRoot folder
self._write_res_file(os.path.join(TestEnv.APACHE_HTDOCS_DIR, "a"), "name.txt", nameA)
# restart, check that md is in store
assert TestEnv.apache_restart() == 0
self._check_md_names(domain, dns_list)
time.sleep( 2 )
# assert drive did not start
md = TestEnv.a2md([ "-j", "list", domain ])['jout']['output'][0]
assert md['state'] == TestEnv.MD_S_INCOMPLETE
assert 'account' not in md['ca']
assert TestEnv.apache_err_scan( re.compile('.*\[md:warn\].*the server offers no ACME challenge that is configured for this MD') )
# check: that request to domains give 503 Service Unavailable
cert = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, nameA)
assert nameA in cert.get_san_list()
assert TestEnv.getStatus(nameA, "/name.txt") == 503
def test_702_001(self):
domain = self.test_domain
# generate config with one MD
dns_list = [domain, "www." + domain]
conf = HttpdConf()
conf.add_admin("admin@" + domain)
conf.add_drive_mode("auto")
conf.add_md(dns_list)
conf.install()
# restart, check that MD is synched to store
assert TestEnv.apache_restart() == 0
TestEnv.check_md(domain, dns_list)
time.sleep(2)
# assert drive did not start
TestEnv.check_md(domain, dns_list, TestEnv.MD_S_INCOMPLETE)
assert TestEnv.apache_err_scan(
re.compile('.*\[md:debug\].*no mds to drive'))
# add vhost for MD, restart should drive it
conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[dns_list[1]])
conf.install()
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([domain])
TestEnv.check_md_complete(domain)
cert = CertUtil.load_server_cert(TestEnv.HTTPD_HOST,
TestEnv.HTTPS_PORT, domain)
assert domain in cert.get_san_list()
# challenges should have been removed
TestEnv.check_dir_empty(TestEnv.store_challenges())
# file system needs to have correct permissions
TestEnv.check_file_permissions(domain)
def test_300_021(self, confFile, expErrMsg):
TestEnv.install_test_conf(confFile)
assert TestEnv.apache_fail() == 0, "Server did start for {}".format(
confFile)
assert (1, 0) == TestEnv.apache_err_count()
if expErrMsg:
assert TestEnv.apache_err_scan(re.compile(expErrMsg))
def test_500_120(self):
# test case: NP dereference reported by Daniel Caminada <*****@*****.**>
domain = "test500-120-" + TestDrive.dns_uniq
name = "www." + domain
conf = HttpdConf( TestDrive.TMP_CONF )
conf.add_admin( "admin@" + domain )
conf.add_drive_mode( "manual" )
conf.add_md( [name] )
conf.add_vhost(TestEnv.HTTPS_PORT, name, aliasList=[], withSSL=True)
conf.install()
assert TestEnv.apache_restart() == 0
r = TestEnv.run( [ "openssl", "s_client",
"-connect", "%s:%s" % (TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT),
"-servername", "example.com", "-crlf"
], "GET https:// HTTP/1.1\nHost: example.com\n\n" )
assert TestEnv.apache_restart() == 0
# assert that no crash is reported in the log
assert not TestEnv.apache_err_scan( re.compile("^.* child pid \S+ exit .*$") )
def test_700_008(self):
domain = "test700-008-" + TestAuto.dns_uniq
dns_list = [ domain ]
conf = HttpdConf( TestAuto.TMP_CONF )
conf.add_admin( "admin@" + domain )
conf.add_drive_mode( "always" )
conf.add_http_proxy( "http://localhost:1" )
conf.add_md( dns_list )
conf.install()
# - restart (-> drive)
assert TestEnv.apache_restart() == 0
time.sleep( 2 )
# assert drive did not start
md = TestEnv.a2md([ "-j", "list", domain ])['jout']['output'][0]
assert md['state'] == TestEnv.MD_S_INCOMPLETE
assert 'account' not in md['ca']
assert TestEnv.apache_err_scan( re.compile('.*\[md:debug\].*Connection refused: ') )
def test_700_001(self):
domain = "test700-001-" + TestAuto.dns_uniq
# generate config with one MD
dns_list = [domain, "www." + domain]
conf = HttpdConf(TestAuto.TMP_CONF)
conf.add_admin("admin@" + domain)
conf.add_drive_mode("auto")
conf.add_md(dns_list)
conf.install()
# restart, check that MD is synched to store
assert TestEnv.apache_restart() == 0
self._check_md_names(domain, dns_list)
time.sleep(2)
# assert drive did not start
md = TestEnv.a2md(["-j", "list", domain])['jout']['output'][0]
assert md['state'] == TestEnv.MD_S_INCOMPLETE
assert 'account' not in md['ca']
assert TestEnv.apache_err_scan(
re.compile('.*\[md:debug\].*no mds to auto drive'))
# add vhost for MD, restart should drive it
conf.add_vhost(TestEnv.HTTPS_PORT,
domain,
aliasList=[dns_list[1]],
withSSL=True)
conf.install()
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([domain])
self._check_md_cert(dns_list)
cert = CertUtil.load_server_cert(TestEnv.HTTPD_HOST,
TestEnv.HTTPS_PORT, domain)
assert domain in cert.get_san_list()
# challenges should have been removed
TestEnv.check_dir_empty(TestEnv.path_challenges())
# file system needs to have correct permissions
TestEnv.check_file_permissions(domain)
