Exemplo n.º 1
0
 def test_502_101(self):
     # test case: md with 2 domains
     domain = self.test_domain
     name = "www." + domain
     self._prepare_md([ name, "test." + domain ])
     assert TestEnv.apache_start() == 0
     # drive
     assert TestEnv.a2md( [ "-vv", "drive", "-c", "http-01", name ] )['rv'] == 0
     TestEnv.check_md_credentials(name, [ name, "test." + domain ])
Exemplo n.º 2
0
    def test_502_108(self):
        # test case: drive via HTTP proxy
        domain = self.test_domain
        name = "www." + domain
        self._prepare_md([ name ])
        assert TestEnv.apache_restart() == 0

        # drive it, with wrong proxy url -> FAIL
        r = TestEnv.a2md( [ "-p", "http://%s:1" % TestEnv.HTTPD_HOST, "drive", name ] )
        assert r['rv'] == 1
        assert "Connection refused" in r['stderr']

        # drive it, working proxy url -> SUCCESS
        assert TestEnv.a2md( [ "-p", "http://%s:%s" % (TestEnv.HTTPD_HOST, TestEnv.HTTP_PROXY_PORT), "drive", name ] )['rv'] == 0
        TestEnv.check_md_credentials(name, [ name ])
Exemplo n.º 3
0
    def test_500_100(self):
        # test case: md with one domain
        domain = self.test_domain
        name = "www." + domain
        self._prepare_md([name])
        assert TestEnv.apache_start() == 0
        # drive
        prevMd = TestEnv.a2md(["list", name])['jout']['output'][0]
        assert TestEnv.a2md(["drive", "-c", "http-01", name])['rv'] == 0
        TestEnv.check_md_credentials([name])
        self._check_account_key(name)

        # check archive content
        storeMd = json.loads(
            open(TestEnv.store_archived_file(name, 1, 'md.json')).read())
        for f in [
                'name', 'ca', 'domains', 'contacts', 'renew-mode',
                'renew-window', 'must-staple'
        ]:
            assert storeMd[f] == prevMd[f]

        # check file system permissions:
        TestEnv.check_file_permissions(name)
        # check: challenges removed
        TestEnv.check_dir_empty(TestEnv.store_challenges())
        # check how the challenge resources are answered in sevceral combinations
        result = TestEnv.get_meta(domain, "/.well-known/acme-challenge", False)
        assert result['rv'] == 0
        assert result['http_status'] == 404
        result = TestEnv.get_meta(domain, "/.well-known/acme-challenge/",
                                  False)
        assert result['rv'] == 0
        assert result['http_status'] == 404
        result = TestEnv.get_meta(domain, "/.well-known/acme-challenge/123",
                                  False)
        assert result['rv'] == 0
        assert result['http_status'] == 404
        assert result['rv'] == 0
        cdir = os.path.join(TestEnv.store_challenges(), domain)
        os.makedirs(cdir)
        open(os.path.join(cdir, 'acme-http-01.txt'),
             "w").write("content-of-123")
        result = TestEnv.get_meta(domain, "/.well-known/acme-challenge/123",
                                  False)
        assert result['rv'] == 0
        assert result['http_status'] == 200
        assert result['http_headers']['Content-Length'] == '14'
Exemplo n.º 4
0
 def test_502_103(self):
     # test case: md with one domain, ACME account and TOS agreement on server
     # setup: create md
     domain = self.test_domain
     name = "www." + domain
     assert TestEnv.a2md(["add", name])['rv'] == 0
     assert TestEnv.a2md([ "update", name, "contacts", "admin@" + domain ])['rv'] == 0
     assert TestEnv.apache_start() == 0
     # setup: create account on server
     run = TestEnv.a2md( ["-t", "accepted", "acme", "newreg", "admin@" + domain], raw=True )
     assert run['rv'] == 0
     acct = re.match("registered: (.*)$", run["stdout"]).group(1)
     # setup: link md to account
     assert TestEnv.a2md([ "update", name, "account", acct])['rv'] == 0
     # drive
     assert TestEnv.a2md( [ "-vv", "drive", name ] )['rv'] == 0
     TestEnv.check_md_credentials(name, [ name ])
Exemplo n.º 5
0
 def test_502_200(self):
     # test case: add dns name on existing valid md
     # setup: create md in store
     domain = self.test_domain
     name = "www." + domain
     self._prepare_md([ name ])
     assert TestEnv.apache_start() == 0
     # setup: drive it
     assert TestEnv.a2md( [ "drive", name ] )['rv'] == 0
     old_cert = CertUtil( TestEnv.store_domain_file(name, 'pubcert.pem'))
     # setup: add second domain
     assert TestEnv.a2md([ "update", name, "domains", name, "test." + domain ])['rv'] == 0
     # drive
     assert TestEnv.a2md( [ "-vv", "drive", name ] )['rv'] == 0
     # check new cert
     TestEnv.check_md_credentials(name, [ name, "test." + domain ])
     new_cert = CertUtil( TestEnv.store_domain_file(name, 'pubcert.pem'))
     assert old_cert.get_serial() != new_cert.get_serial()
Exemplo n.º 6
0
 def test_502_105(self):
     # test case: md with one domain, local TOS agreement and ACME account that is deleted (!) on server
     # setup: create md
     domain = self.test_domain
     name = "www." + domain
     self._prepare_md([ name ])
     assert TestEnv.apache_start() == 0
     # setup: create account on server
     run = TestEnv.a2md( ["-t", "accepted", "acme", "newreg", "test@" + domain], raw=True )
     assert run['rv'] == 0
     acct = re.match("registered: (.*)$", run["stdout"]).group(1)
     # setup: link md to account
     assert TestEnv.a2md([ "update", name, "account", acct])['rv'] == 0
     # setup: delete account on server
     assert TestEnv.a2md( ["acme", "delreg", acct] )['rv'] == 0
     # drive
     run = TestEnv.a2md( [ "drive", name ] )
     print run["stderr"]
     assert run['rv'] == 0
     TestEnv.check_md_credentials(name, [ name ])
Exemplo n.º 7
0
    def test_502_107(self):
        # test case: drive again on COMPLETE md, then drive --force
        # setup: prepare md in store
        domain = self.test_domain
        name = "www." + domain
        self._prepare_md([ name ])
        assert TestEnv.apache_start() == 0
        # drive
        assert TestEnv.a2md( [ "-vv", "drive", name ] )['rv'] == 0
        TestEnv.check_md_credentials(name, [ name ])
        orig_cert = CertUtil( TestEnv.store_domain_file(name, 'pubcert.pem'))

        # drive again
        assert TestEnv.a2md( [ "-vv", "drive", name ] )['rv'] == 0
        TestEnv.check_md_credentials(name, [ name ])
        cert = CertUtil( TestEnv.store_domain_file(name, 'pubcert.pem'))
        # check: cert not changed
        assert cert.get_serial() == orig_cert.get_serial()

        # drive --force
        assert TestEnv.a2md( [ "-vv", "drive", "--force", name ] )['rv'] == 0
        TestEnv.check_md_credentials(name, [ name ])
        cert = CertUtil( TestEnv.store_domain_file(name, 'pubcert.pem'))
        # check: cert not changed
        assert cert.get_serial() != orig_cert.get_serial()
        # check: previous cert was archived
        cert = CertUtil(TestEnv.store_archived_file( name, 2, 'pubcert.pem'))
        assert cert.get_serial() == orig_cert.get_serial()
Exemplo n.º 8
0
 def test_500_104(self):
     # test case: md with one domain, TOS agreement, ACME account and authz challenge
     # setup: create md
     domain = self.test_domain
     name = "www." + domain
     self._prepare_md([name])
     assert TestEnv.apache_start() == 0
     # setup: create account on server
     run = TestEnv.a2md(["acme", "newreg", "admin@" + domain], raw=True)
     assert run['rv'] == 0
     acct = re.match("registered: (.*)$", run["stdout"]).group(1)
     # setup: send TOS agreement to server
     assert TestEnv.a2md(
         ["--terms", TestEnv.ACME_TOS, "acme", "agree", acct])['rv'] == 0
     # setup: link md to account
     assert TestEnv.a2md(["update", name, "account", acct])['rv'] == 0
     # setup: create authz resource, write it into store
     run = TestEnv.a2md(["-vv", "acme", "authz", acct, name], raw=True)
     assert run['rv'] == 0
     authz_url = re.match("authz: " + name + " (.*)$",
                          run["stdout"]).group(1)
     # TODO: find storage-independent way to modify local authz data
     TestEnv.authz_save(
         name,
         json.dumps(
             {
                 "account":
                 acct,
                 "authorizations": [{
                     "domain": name,
                     "location": authz_url,
                     "state": 0
                 }]
             },
             indent=2))
     # drive
     assert TestEnv.a2md(["-vv", "drive", name])['rv'] == 0
     TestEnv.check_md_credentials(name, [name])