def test_tls_and_server_only(self, mock_util): mock_util().yesno.return_value = True with create_installer(self.config) as installer: installer.prepare() installer.conf = lambda x: True installer.postconf.set = mock.Mock() installer.deploy_cert("example.com", "cert_path", "key_path", "chain_path", "fullchain_path") self.assertEqual(installer.postconf.set.call_count, 3)
def test_deploy_twice(self, mock_util): # Deploying twice on the same installer shouldn't do anything! mock_util().yesno.return_value = True with create_installer(self.config) as installer: installer.prepare() from certbot_postfix.postconf import ConfigMain with mock.patch.object(ConfigMain, "set", wraps=installer.postconf.set) as fake_set: installer.deploy_cert("example.com", "cert_path", "key_path", "chain_path", "fullchain_path") self.assertEqual(fake_set.call_count, 15) fake_set.reset_mock() installer.deploy_cert("example.com", "cert_path", "key_path", "chain_path", "fullchain_path") self.assertFalse(fake_set.called)
def test_deploy_already_secure(self, mock_util): # Should not overwrite "more-secure" parameters mock_util().yesno.return_value = True more_secure = { "smtpd_tls_security_level": "encrypt", "smtpd_tls_protocols": "!SSLv3, !SSLv2, !TLSv1", "smtpd_tls_eecdh_grade": "strong" } with create_installer(self.config,\ main_cf=_main_cf_with(more_secure)) as installer: installer.prepare() installer.deploy_cert("example.com", "cert_path", "key_path", "chain_path", "fullchain_path") for param in more_secure: self.assertFalse(param in installer.postconf.get_changes())
def test_deploy(self, mock_util): mock_util().yesno.return_value = True from certbot_postfix import constants with create_installer(self.config) as installer: installer.prepare() # pylint: disable=protected-access installer.deploy_cert("example.com", "cert_path", "key_path", "chain_path", "fullchain_path") changes = installer.postconf.get_changes() expected = {} # type: Dict[str, Tuple[str, ...]] expected.update(constants.TLS_SERVER_VARS) expected.update(constants.DEFAULT_SERVER_VARS) expected.update(constants.DEFAULT_CLIENT_VARS) self.assertEqual(changes["smtpd_tls_key_file"], "key_path") self.assertEqual(changes["smtpd_tls_cert_file"], "cert_path") for name, value in six.iteritems(expected): self.assertEqual(changes[name], value[0])