def test_can_perform(self):
"""What happens if start_listener() returns True."""
test_key = pkg_resources.resource_string(__name__,
"testdata/rsa256_key.pem")
key = le_util.Key("something", test_key)
chall1 = challenge_util.DvsniChall("foo.example.com", "whee",
"foononce", key)
chall2 = challenge_util.DvsniChall("bar.example.com", "whee",
"barnonce", key)
bad_chall = ("This", "Represents", "A Non-DVSNI", "Challenge")
self.authenticator.start_listener = mock.Mock()
self.authenticator.start_listener.return_value = True
result = self.authenticator.perform([chall1, chall2, bad_chall])
self.assertEqual(len(self.authenticator.tasks), 2)
self.assertTrue(
self.authenticator.tasks.has_key("foononce.acme.invalid"))
self.assertTrue(
self.authenticator.tasks.has_key("barnonce.acme.invalid"))
self.assertTrue(isinstance(result, list))
self.assertEqual(len(result), 3)
self.assertTrue(isinstance(result[0], dict))
self.assertTrue(isinstance(result[1], dict))
self.assertFalse(result[2])
self.assertTrue(result[0].has_key("s"))
self.assertTrue(result[1].has_key("s"))
self.authenticator.start_listener.assert_called_once_with(443, key)
def test_perform(self, mock_restart, mock_dvsni_perform):
# Only tests functionality specific to configurator.perform
# Note: As more challenges are offered this will have to be expanded
auth_key = le_util.Key(self.rsa256_file, self.rsa256_pem)
chall1 = challenge_util.DvsniChall(
"encryption-example.demo",
"jIq_Xy1mXGN37tb4L6Xj_es58fW571ZNyXekdZzhh7Q",
"37bc5eb75d3e00a19b4f6355845e5a18", auth_key)
chall2 = challenge_util.DvsniChall(
"letsencrypt.demo", "uqnaPzxtrndteOqtrXb0Asl5gOJfWAnnx6QJyvcmlDU",
"59ed014cac95f77057b1d7a1b2c596ba", auth_key)
dvsni_ret_val = [{
"type": "dvsni",
"s": "randomS1"
}, {
"type": "dvsni",
"s": "randomS2"
}]
mock_dvsni_perform.return_value = dvsni_ret_val
responses = self.config.perform([chall1, chall2])
self.assertEqual(mock_dvsni_perform.call_count, 1)
self.assertEqual(responses, dvsni_ret_val)
self.assertEqual(mock_restart.call_count, 1)
def setUp(self):
super(DvsniPerformTest, self).setUp()
with mock.patch("letsencrypt.client.apache.configurator."
"mod_loaded") as mock_load:
mock_load.return_value = True
config = util.get_apache_configurator(
self.config_path, self.config_dir, self.work_dir,
self.ssl_options)
from letsencrypt.client.apache import dvsni
self.sni = dvsni.ApacheDvsni(config)
rsa256_file = pkg_resources.resource_filename(
"letsencrypt.client.tests", 'testdata/rsa256_key.pem')
rsa256_pem = pkg_resources.resource_string(
"letsencrypt.client.tests", 'testdata/rsa256_key.pem')
auth_key = le_util.Key(rsa256_file, rsa256_pem)
self.challs = []
self.challs.append(challenge_util.DvsniChall(
"encryption-example.demo",
"jIq_Xy1mXGN37tb4L6Xj_es58fW571ZNyXekdZzhh7Q",
"37bc5eb75d3e00a19b4f6355845e5a18",
auth_key))
self.challs.append(challenge_util.DvsniChall(
"letsencrypt.demo",
"uqnaPzxtrndteOqtrXb0Asl5gOJfWAnnx6QJyvcmlDU",
"59ed014cac95f77057b1d7a1b2c596ba",
auth_key))
def _construct_dv_chall(self, chall, domain):
"""Construct Auth Type Challenges.
:param dict chall: Single challenge
:param str domain: challenge's domain
:returns: challenge_util named tuple Chall object
:rtype: `collections.namedtuple`
:raises errors.LetsEncryptClientError: If unimplemented challenge exists
"""
if chall["type"] == "dvsni":
logging.info(" DVSNI challenge for name %s.", domain)
return challenge_util.DvsniChall(
domain, str(chall["r"]), str(chall["nonce"]),
self.authkey[domain])
elif chall["type"] == "simpleHttps":
logging.info(" SimpleHTTPS challenge for name %s.", domain)
return challenge_util.SimpleHttpsChall(
domain, str(chall["token"]), self.authkey[domain])
elif chall["type"] == "dns":
logging.info(" DNS challenge for name %s.", domain)
return challenge_util.DnsChall(domain, str(chall["token"]))
else:
raise errors.LetsEncryptClientError(
"Unimplemented Auth Challenge: %s" % chall["type"])
def test_cleanup(self, mock_sleep, mock_kill):
mock_sleep.return_value = None
mock_kill.return_value = None
chall = challenge_util.DvsniChall("foo.example.com", "whee",
"foononce", "key")
self.authenticator.cleanup([chall])
mock_kill.assert_called_once_with(12345, signal.SIGINT)
mock_sleep.assert_called_once_with(1)
def test_perform_without_challenge_list(self):
extra_challenge = challenge_util.DvsniChall("a", "b", "c", "d")
# This is wrong because a challenge must be specified.
self.assertRaises(ValueError, self.authenticator.perform, [])
# This is wrong because it must be a list, not a bare challenge.
self.assertRaises(ValueError, self.authenticator.perform,
extra_challenge)
# This is wrong because the list must contain at least one challenge.
self.assertRaises(ValueError, self.authenticator.perform, range(20))
def test_perform_when_already_listening(self):
test_key = pkg_resources.resource_string(__name__,
"testdata/rsa256_key.pem")
key = le_util.Key("something", test_key)
chall1 = challenge_util.DvsniChall("foo.example.com", "whee",
"foononce", key)
self.authenticator.already_listening = mock.Mock()
self.authenticator.already_listening.return_value = True
result = self.authenticator.perform([chall1])
self.assertEqual(result, [None])
def test_bad_cleanup(self):
chall = challenge_util.DvsniChall("bad.example.com", "whee",
"badnonce", "key")
self.assertRaises(ValueError, self.authenticator.cleanup, [chall])
def test_perform_with_pending_tasks(self):
self.authenticator.tasks = {"foononce.acme.invalid": "cert_data"}
extra_challenge = challenge_util.DvsniChall("a", "b", "c", "d")
self.assertRaises(ValueError, self.authenticator.perform,
[extra_challenge])
def test_unexpected(self):
token = challenge_util.RecTokenChall("0")
unexpected = challenge_util.DvsniChall("0", "rb64", "123", "dummy_key")
self.assertRaises(errors.LetsEncryptClientAuthError, self.auth.cleanup,
[token, unexpected])
def test_unexpected(self):
unexpected = challenge_util.DvsniChall("0", "rb64", "123",
"invalid_key")
self.assertRaises(errors.LetsEncryptClientAuthError, self.auth.perform,
[unexpected])
