1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
# test mod_md acme terms-of-service handling
from shutil import copyfile
import pytest
from .md_env import MDTestEnv
@pytest.mark.skipif(condition=not MDTestEnv.has_a2md(), reason="no a2md available")
@pytest.mark.skipif(condition=not MDTestEnv.has_acme_server(),
reason="no ACME test server configured")
class TestRegAdd:
@pytest.fixture(autouse=True, scope='function')
def _method_scope(self, env):
env.clear_store()
# test case: list empty store
def test_md_120_000(self, env):
assert env.a2md(["list"]).json == env.EMPTY_JOUT
# test case: list two managed domains
def test_md_120_001(self, env):
domains = [
["test120-001.com", "test120-001a.com", "test120-001b.com"],
["greenbytes2.de", "www.greenbytes2.de", "mail.greenbytes2.de"]
]
for dns in domains:
assert env.a2md(["add"] + dns).exit_code == 0
#
# list all store content
jout = env.a2md(["list"]).json
assert len(jout['output']) == len(domains)
domains.reverse()
for i in range(0, len(jout['output'])):
env.check_json_contains(jout['output'][i], {
"name": domains[i][0],
"domains": domains[i],
"contacts": [],
"ca": {
"urls": [env.acme_url],
"proto": "ACME"
},
"state": env.MD_S_INCOMPLETE
})
# list md by name
for dns in ["test120-001.com", "greenbytes2.de"]:
md = env.a2md(["list", dns]).json['output'][0]
assert md['name'] == dns
# test case: validate md state in store
def test_md_120_002(self, env):
# check: md without pkey/cert -> INCOMPLETE
domain = f"test1.{env.http_tld}"
assert env.a2md(["add", domain]).exit_code == 0
assert env.a2md(["update", domain, "contacts", "admin@" + domain]).exit_code == 0
assert env.a2md(["update", domain, "agreement", env.acme_tos]).exit_code == 0
assert env.a2md(["list", domain]).json['output'][0]['state'] == env.MD_S_INCOMPLETE
# check: valid pkey/cert -> COMPLETE
cred = env.get_credentials_for_name(domain)[0]
copyfile(cred.pkey_file, env.store_domain_file(domain, 'privkey.pem'))
copyfile(cred.cert_file, env.store_domain_file(domain, 'pubcert.pem'))
assert env.a2md(["list", domain]).json['output'][0]['state'] == env.MD_S_COMPLETE
# check: expired cert -> EXPIRED
cred = env.get_credentials_for_name(f"expired.{env.http_tld}")[0]
copyfile(cred.pkey_file, env.store_domain_file(domain, 'privkey.pem'))
copyfile(cred.cert_file, env.store_domain_file(domain, 'pubcert.pem'))
out = env.a2md(["list", domain]).json['output'][0]
assert out['state'] == env.MD_S_INCOMPLETE
assert out['renew'] is True
# test case: broken cert file
def test_md_120_003(self, env):
domain = f"test1.{env.http_tld}"
assert env.a2md(["add", domain]).exit_code == 0
assert env.a2md(["update", domain, "contacts", "admin@" + domain]).exit_code == 0
assert env.a2md(["update", domain, "agreement", env.acme_tos]).exit_code == 0
# check: valid pkey/cert -> COMPLETE
cred = env.get_credentials_for_name(domain)[0]
copyfile(cred.pkey_file, env.store_domain_file(domain, 'privkey.pem'))
copyfile(cred.cert_file, env.store_domain_file(domain, 'pubcert.pem'))
assert env.a2md(["list", domain]).json['output'][0]['state'] == env.MD_S_COMPLETE
# check: replace cert by broken file -> ERROR
with open(env.store_domain_file(domain, 'pubcert.pem'), 'w') as fd:
fd.write("dummy\n")
assert env.a2md(["list", domain]).json['output'][0]['state'] == env.MD_S_INCOMPLETE
|
