def setUp(self):
from certbot.auth_handler import challb_to_achall
from certbot.auth_handler import AuthHandler
# Account and network are mocked...
self.mock_net = mock.MagicMock()
self.handler = AuthHandler(None, self.mock_net,
mock.Mock(key="mock_key"), [])
self.doms = ["0", "1", "2"]
self.handler.authzr[self.doms[0]] = acme_util.gen_authzr(
messages.STATUS_PENDING, self.doms[0],
[acme_util.HTTP01, acme_util.TLSSNI01],
[messages.STATUS_PENDING] * 2, False)
self.handler.authzr[self.doms[1]] = acme_util.gen_authzr(
messages.STATUS_PENDING, self.doms[1], acme_util.CHALLENGES,
[messages.STATUS_PENDING] * 3, False)
self.handler.authzr[self.doms[2]] = acme_util.gen_authzr(
messages.STATUS_PENDING, self.doms[2], acme_util.CHALLENGES,
[messages.STATUS_PENDING] * 3, False)
self.chall_update = {}
for dom in self.doms:
self.chall_update[dom] = [
challb_to_achall(challb, mock.Mock(key="dummy_key"), dom)
for challb in self.handler.authzr[dom].body.challenges
]
def setUp(self):
from certbot.auth_handler import challb_to_achall
from certbot.auth_handler import AuthHandler, AnnotatedAuthzr
# Account and network are mocked...
self.mock_net = mock.MagicMock()
self.handler = AuthHandler(None, self.mock_net,
mock.Mock(key="mock_key"), [])
self.doms = ["0", "1", "2"]
self.aauthzrs = [
AnnotatedAuthzr(
acme_util.gen_authzr(messages.STATUS_PENDING, self.doms[0],
[acme_util.HTTP01, acme_util.TLSSNI01],
[messages.STATUS_PENDING] * 2, False),
[]),
AnnotatedAuthzr(
acme_util.gen_authzr(messages.STATUS_PENDING, self.doms[1],
acme_util.CHALLENGES,
[messages.STATUS_PENDING] * 3, False),
[]),
AnnotatedAuthzr(
acme_util.gen_authzr(messages.STATUS_PENDING, self.doms[2],
acme_util.CHALLENGES,
[messages.STATUS_PENDING] * 3, False), [])
]
self.chall_update = {
} # type: Dict[int, achallenges.KeyAuthorizationAnnotatedChallenge]
for i, aauthzr in enumerate(self.aauthzrs):
self.chall_update[i] = [
challb_to_achall(challb, mock.Mock(key="dummy_key"),
self.doms[i])
for challb in aauthzr.authzr.body.challenges
]
def setUp(self):
from certbot.auth_handler import challb_to_achall
from certbot.auth_handler import AuthHandler
# Account and network are mocked...
self.mock_net = mock.MagicMock()
self.handler = AuthHandler(
None, self.mock_net, mock.Mock(key="mock_key"), [])
self.doms = ["0", "1", "2"]
self.handler.authzr[self.doms[0]] = acme_util.gen_authzr(
messages.STATUS_PENDING, self.doms[0],
[acme_util.HTTP01, acme_util.TLSSNI01],
[messages.STATUS_PENDING] * 2, False)
self.handler.authzr[self.doms[1]] = acme_util.gen_authzr(
messages.STATUS_PENDING, self.doms[1],
acme_util.CHALLENGES, [messages.STATUS_PENDING] * 3, False)
self.handler.authzr[self.doms[2]] = acme_util.gen_authzr(
messages.STATUS_PENDING, self.doms[2],
acme_util.CHALLENGES, [messages.STATUS_PENDING] * 3, False)
self.chall_update = {}
for dom in self.doms:
self.chall_update[dom] = [
challb_to_achall(challb, mock.Mock(key="dummy_key"), dom)
for challb in self.handler.authzr[dom].body.challenges]
def test_validated_challenge_not_rerun(self):
# With pending challenge, we expect the challenge to be tried, and fail.
authzr = acme_util.gen_authzr(messages.STATUS_PENDING, "0",
[acme_util.HTTP01],
[messages.STATUS_PENDING], False)
mock_order = mock.MagicMock(authorizations=[authzr])
self.assertRaises(errors.AuthorizationError,
self.handler.handle_authorizations, mock_order)
# With validated challenge; we expect the challenge not be tried again, and succeed.
authzr = acme_util.gen_authzr(messages.STATUS_VALID, "0",
[acme_util.HTTP01],
[messages.STATUS_VALID], False)
mock_order = mock.MagicMock(authorizations=[authzr])
self.handler.handle_authorizations(mock_order)
def test_valid_authzrs_deactivated(self):
"""When we deactivate valid authzrs in an orderr, we expect them to become deactivated
and to receive a list of deactivated authzrs in return."""
def _mock_deactivate(authzr):
if authzr.body.status == messages.STATUS_VALID:
if authzr.body.identifier.value == "is_valid_but_will_fail":
raise acme_errors.Error("Mock deactivation ACME error")
authzb = authzr.body.update(status=messages.STATUS_DEACTIVATED)
authzr = messages.AuthorizationResource(body=authzb)
else: # pragma: no cover
raise errors.Error("Can't deactivate non-valid authz")
return authzr
to_deactivate = [("is_valid", messages.STATUS_VALID),
("is_pending", messages.STATUS_PENDING),
("is_valid_but_will_fail", messages.STATUS_VALID)]
to_deactivate = [
acme_util.gen_authzr(a[1], a[0], [acme_util.HTTP01], [a[1], False])
for a in to_deactivate
]
orderr = mock.MagicMock(authorizations=to_deactivate)
self.mock_net.deactivate_authorization.side_effect = _mock_deactivate
authzrs, failed = self.handler.deactivate_valid_authorizations(orderr)
self.assertEqual(self.mock_net.deactivate_authorization.call_count, 2)
self.assertEqual(len(authzrs), 1)
self.assertEqual(len(failed), 1)
self.assertEqual(authzrs[0].body.identifier.value, "is_valid")
self.assertEqual(authzrs[0].body.status, messages.STATUS_DEACTIVATED)
self.assertEqual(failed[0].body.identifier.value,
"is_valid_but_will_fail")
self.assertEqual(failed[0].body.status, messages.STATUS_VALID)
def test_unrecognized(self):
authzr = acme_util.gen_authzr(
messages.STATUS_PENDING, "test",
[mock.Mock(chall="chall", typ="unrecognized")],
[messages.STATUS_PENDING])
self.assertRaises(
errors.Error, self.handler._challenge_factory, authzr, [0])
def test_validated_challenge_not_rerun(self):
# With pending challenge, we expect the challenge to be tried, and fail.
authzr = acme_util.gen_authzr(
messages.STATUS_PENDING, "0",
[acme_util.HTTP01],
[messages.STATUS_PENDING], False)
mock_order = mock.MagicMock(authorizations=[authzr])
self.assertRaises(
errors.AuthorizationError, self.handler.handle_authorizations, mock_order)
# With validated challenge; we expect the challenge not be tried again, and succeed.
authzr = acme_util.gen_authzr(
messages.STATUS_VALID, "0",
[acme_util.HTTP01],
[messages.STATUS_VALID], False)
mock_order = mock.MagicMock(authorizations=[authzr])
self.handler.handle_authorizations(mock_order)
def _validate_all(self, unused_1, unused_2):
for dom in six.iterkeys(self.handler.authzr):
azr = self.handler.authzr[dom]
self.handler.authzr[dom] = acme_util.gen_authzr(
messages.STATUS_VALID, dom,
[challb.chall for challb in azr.body.challenges],
[messages.STATUS_VALID] * len(azr.body.challenges),
azr.body.combinations)
def setUp(self):
from certbot.auth_handler import AuthHandler
# Account is mocked...
self.handler = AuthHandler(None, None, mock.Mock(key="mock_key"), [])
self.authzr = acme_util.gen_authzr(
messages.STATUS_PENDING, "test", acme_util.CHALLENGES,
[messages.STATUS_PENDING] * 6, False)
def test_validated_challenge_not_rerun(self):
# With a pending challenge that is not supported by the plugin, we
# expect an exception to be raised.
authzr = acme_util.gen_authzr(messages.STATUS_PENDING, "0",
[acme_util.DNS01],
[messages.STATUS_PENDING], False)
mock_order = mock.MagicMock(authorizations=[authzr])
self.assertRaises(errors.AuthorizationError,
self.handler.handle_authorizations, mock_order)
# With a validated challenge that is not supported by the plugin, we
# expect the challenge to not be solved again and
# handle_authorizations() to succeed.
authzr = acme_util.gen_authzr(messages.STATUS_VALID, "0",
[acme_util.DNS01],
[messages.STATUS_VALID], False)
mock_order = mock.MagicMock(authorizations=[authzr])
self.handler.handle_authorizations(mock_order)
def _validate_all(self, aauthzrs, unused_1, unused_2):
for i, aauthzr in enumerate(aauthzrs):
azr = aauthzr.authzr
updated_azr = acme_util.gen_authzr(
messages.STATUS_VALID, azr.body.identifier.value,
[challb.chall for challb in azr.body.challenges],
[messages.STATUS_VALID] * len(azr.body.challenges),
azr.body.combinations)
aauthzrs[i] = type(aauthzr)(updated_azr, aauthzr.achalls)
def _validate_all(self, unused_1, unused_2):
for dom in six.iterkeys(self.handler.authzr):
azr = self.handler.authzr[dom]
self.handler.authzr[dom] = acme_util.gen_authzr(
messages.STATUS_VALID,
dom,
[challb.chall for challb in azr.body.challenges],
[messages.STATUS_VALID] * len(azr.body.challenges),
azr.body.combinations)
def test_unrecognized(self):
self.handler.authzr["failure.com"] = acme_util.gen_authzr(
messages.STATUS_PENDING,
"failure.com",
[mock.Mock(chall="chall", typ="unrecognized")],
[messages.STATUS_PENDING],
)
self.assertRaises(errors.Error, self.handler._challenge_factory, "failure.com", [0])
def _mock(authzr):
state['count'] = state['count'] - 1
effective_status = status if state['count'] < 0 else messages.STATUS_PENDING
updated_azr = acme_util.gen_authzr(
effective_status,
authzr.body.identifier.value,
[challb.chall for challb in authzr.body.challenges],
[effective_status] * len(authzr.body.challenges),
authzr.body.combinations)
return updated_azr, mock.MagicMock(headers={'Retry-After': str(wait_value)})
def gen_dom_authzr(domain, challs, combos=True):
"""Generates new authzr for domains."""
return acme_util.gen_authzr(
messages.STATUS_PENDING, domain, challs,
[messages.STATUS_PENDING] * len(challs), combos)
