Commit 8b93bfe7 authored by Matthew Holt's avatar Matthew Holt

letsencrypt: More tests! \o/

parent 897b6c5b
...@@ -122,7 +122,7 @@ func TestRedirPlaintextHost(t *testing.T) { ...@@ -122,7 +122,7 @@ func TestRedirPlaintextHost(t *testing.T) {
} }
func TestSaveCertResource(t *testing.T) { func TestSaveCertResource(t *testing.T) {
storage = Storage("./le_test") storage = Storage("./le_test_save")
defer func() { defer func() {
err := os.RemoveAll(string(storage)) err := os.RemoveAll(string(storage))
if err != nil { if err != nil {
...@@ -176,3 +176,168 @@ func TestSaveCertResource(t *testing.T) { ...@@ -176,3 +176,168 @@ func TestSaveCertResource(t *testing.T) {
t.Errorf("Expected meta file to contain '%s', got '%s'", metaContents, string(metaFile)) t.Errorf("Expected meta file to contain '%s', got '%s'", metaContents, string(metaFile))
} }
} }
func TestExistingCertAndKey(t *testing.T) {
storage = Storage("./le_test_existing")
defer func() {
err := os.RemoveAll(string(storage))
if err != nil {
t.Fatalf("Could not remove temporary storage directory (%s): %v", storage, err)
}
}()
domain := "example.com"
if existingCertAndKey(domain) {
t.Errorf("Did NOT expect %v to have existing cert or key, but it did", domain)
}
err := saveCertResource(acme.CertificateResource{
Domain: domain,
PrivateKey: []byte("key"),
Certificate: []byte("cert"),
})
if err != nil {
t.Fatalf("Expected no error, got: %v", err)
}
if !existingCertAndKey(domain) {
t.Errorf("Expected %v to have existing cert and key, but it did NOT", domain)
}
}
func TestHostHasOtherPort(t *testing.T) {
configs := []server.Config{
server.Config{Host: "example.com", Port: "80"},
server.Config{Host: "sub1.example.com", Port: "80"},
server.Config{Host: "sub1.example.com", Port: "443"},
}
if hostHasOtherPort(configs, 0, "80") {
t.Errorf(`Expected hostHasOtherPort(configs, 0, "80") to be false, but got true`)
}
if hostHasOtherPort(configs, 0, "443") {
t.Errorf(`Expected hostHasOtherPort(configs, 0, "443") to be false, but got true`)
}
if !hostHasOtherPort(configs, 1, "443") {
t.Errorf(`Expected hostHasOtherPort(configs, 1, "443") to be true, but got false`)
}
}
func TestMakePlaintextRedirects(t *testing.T) {
configs := []server.Config{
// Happy path = standard redirect from 80 to 443
server.Config{Host: "example.com", TLS: server.TLSConfig{Managed: true}},
// Host on port 80 already defined; don't change it (no redirect)
server.Config{Host: "sub1.example.com", Port: "80", Scheme: "http"},
server.Config{Host: "sub1.example.com", TLS: server.TLSConfig{Managed: true}},
// Redirect from port 80 to port 5000 in this case
server.Config{Host: "sub2.example.com", Port: "5000", TLS: server.TLSConfig{Managed: true}},
// Can redirect from 80 to either 443 or 5001, but choose 443
server.Config{Host: "sub3.example.com", Port: "443", TLS: server.TLSConfig{Managed: true}},
server.Config{Host: "sub3.example.com", Port: "5001", Scheme: "https", TLS: server.TLSConfig{Managed: true}},
}
result := MakePlaintextRedirects(configs)
expectedRedirCount := 3
if len(result) != len(configs)+expectedRedirCount {
t.Errorf("Expected %d redirect(s) to be added, but got %d",
expectedRedirCount, len(result)-len(configs))
}
}
func TestEnableTLS(t *testing.T) {
configs := []server.Config{
server.Config{TLS: server.TLSConfig{Managed: true}},
server.Config{}, // not managed - no changes!
}
EnableTLS(configs)
if !configs[0].TLS.Enabled {
t.Errorf("Expected config 0 to have TLS.Enabled == true, but it was false")
}
if configs[0].TLS.Certificate == "" {
t.Errorf("Expected config 0 to have TLS.Certificate set, but it was empty")
}
if configs[0].TLS.Key == "" {
t.Errorf("Expected config 0 to have TLS.Key set, but it was empty")
}
if configs[1].TLS.Enabled {
t.Errorf("Expected config 1 to have TLS.Enabled == false, but it was true")
}
if configs[1].TLS.Certificate != "" {
t.Errorf("Expected config 1 to have TLS.Certificate empty, but it was: %s", configs[1].TLS.Certificate)
}
if configs[1].TLS.Key != "" {
t.Errorf("Expected config 1 to have TLS.Key empty, but it was: %s", configs[1].TLS.Key)
}
}
func TestGroupConfigsByEmail(t *testing.T) {
if groupConfigsByEmail([]server.Config{}) == nil {
t.Errorf("With empty input, returned map was nil, but expected non-nil map")
}
configs := []server.Config{
server.Config{Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
server.Config{Host: "sub1.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar", Managed: true}},
server.Config{Host: "sub2.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
server.Config{Host: "sub3.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar", Managed: true}},
server.Config{Host: "sub4.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
server.Config{Host: "sub5.example.com", TLS: server.TLSConfig{LetsEncryptEmail: ""}}, // not managed
}
DefaultEmail = "test@example.com" // bypass prompt during tests...
groups := groupConfigsByEmail(configs)
if groups == nil {
t.Fatalf("Returned map was nil, but expected values")
}
if len(groups) != 2 {
t.Errorf("Expected 2 groups, got %d: %#v", len(groups), groups)
}
if len(groups["foo@bar"]) != 2 {
t.Errorf("Expected 2 configs for foo@bar, got %d: %#v", len(groups["foobar"]), groups["foobar"])
}
if len(groups[DefaultEmail]) != 3 {
t.Errorf("Expected 3 configs for %s, got %d: %#v", DefaultEmail, len(groups["foobar"]), groups["foobar"])
}
}
func TestMarkQualified(t *testing.T) {
// TODO: TestConfigQualifies and this test share the same config list...
configs := []server.Config{
{Host: "localhost"},
{Host: "example.com"},
{Host: "example.com", TLS: server.TLSConfig{Certificate: "cert.pem"}},
{Host: "example.com", TLS: server.TLSConfig{Key: "key.pem"}},
{Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "off"}},
{Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar.com"}},
{Host: "example.com", Scheme: "http"},
{Host: "example.com", Port: "80"},
{Host: "example.com", Port: "1234"},
{Host: "example.com", Scheme: "https"},
{Host: "example.com", Port: "80", Scheme: "https"},
}
expectedManagedCount := 4
MarkQualified(configs)
count := 0
for _, cfg := range configs {
if cfg.TLS.Managed {
count++
}
}
if count != expectedManagedCount {
t.Errorf("Expected %d managed configs, but got %d", expectedManagedCount, count)
}
}
...@@ -125,6 +125,11 @@ func TestGetUserAlreadyExists(t *testing.T) { ...@@ -125,6 +125,11 @@ func TestGetUserAlreadyExists(t *testing.T) {
} }
func TestGetEmail(t *testing.T) { func TestGetEmail(t *testing.T) {
// let's not clutter up the output
origStdout := os.Stdout
os.Stdout = nil
defer func() { os.Stdout = origStdout }()
storage = Storage("./testdata") storage = Storage("./testdata")
defer os.RemoveAll(string(storage)) defer os.RemoveAll(string(storage))
DefaultEmail = "test2@foo.com" DefaultEmail = "test2@foo.com"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment