summaryrefslogtreecommitdiffstats
path: root/test/modules/md/test_820_locks.py
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:01:30 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:01:30 +0000
commit6beeb1b708550be0d4a53b272283e17e5e35fe17 (patch)
tree1ce8673d4aaa948e5554000101f46536a1e4cc29 /test/modules/md/test_820_locks.py
parentInitial commit. (diff)
downloadapache2-6beeb1b708550be0d4a53b272283e17e5e35fe17.tar.xz
apache2-6beeb1b708550be0d4a53b272283e17e5e35fe17.zip
Adding upstream version 2.4.57.upstream/2.4.57upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--test/modules/md/test_820_locks.py73
1 files changed, 73 insertions, 0 deletions
diff --git a/test/modules/md/test_820_locks.py b/test/modules/md/test_820_locks.py
new file mode 100644
index 0000000..9436912
--- /dev/null
+++ b/test/modules/md/test_820_locks.py
@@ -0,0 +1,73 @@
+import os
+
+import pytest
+from filelock import Timeout, FileLock
+
+from .md_cert_util import MDCertUtil
+from .md_conf import MDConf
+from .md_env import MDTestEnv
+
+
+@pytest.mark.skipif(condition=not MDTestEnv.has_acme_server(),
+ reason="no ACME test server configured")
+class TestLocks:
+
+ @pytest.fixture(autouse=True, scope='class')
+ def _class_scope(self, env, acme):
+ env.APACHE_CONF_SRC = "data/test_auto"
+ acme.start(config='default')
+ env.check_acme()
+ env.clear_store()
+
+ @pytest.fixture(autouse=True, scope='function')
+ def _method_scope(self, env, request):
+ env.clear_store()
+ self.test_domain = env.get_request_domain(request)
+
+ def configure_httpd(self, env, domains, add_lines=""):
+ conf = MDConf(env)
+ conf.add(add_lines)
+ conf.add_md(domains)
+ conf.add_vhost(domains)
+ conf.install()
+
+ # normal renewal with store locks activated
+ def test_md_820_001(self, env):
+ domain = self.test_domain
+ self.configure_httpd(env, [domain], add_lines=[
+ "MDStoreLocks 1s"
+ ])
+ assert env.apache_restart() == 0
+ assert env.await_completion([domain])
+
+ # renewal, with global lock held during restert
+ @pytest.mark.skip("does not work in our CI")
+ def test_md_820_002(self, env):
+ domain = self.test_domain
+ self.configure_httpd(env, [domain], add_lines=[
+ "MDStoreLocks 1s"
+ ])
+ assert env.apache_restart() == 0
+ assert env.await_completion([domain])
+ # we have a cert now, add a dns name to force renewal
+ certa = MDCertUtil(env.store_domain_file(domain, 'pubcert.pem'))
+ self.configure_httpd(env, [domain, f"x.{domain}"], add_lines=[
+ "MDStoreLocks 1s"
+ ])
+ assert env.apache_restart() == 0
+ # await new cert, but do not restart, keeps the cert in staging
+ assert env.await_completion([domain], restart=False)
+ # obtain global lock and restart
+ lockfile = os.path.join(env.store_dir, "store.lock")
+ with FileLock(lockfile):
+ assert env.apache_restart() == 0
+ # lock should have prevented staging from being activated,
+ # meaning we will have the same cert
+ certb = MDCertUtil(env.store_domain_file(domain, 'pubcert.pem'))
+ assert certa.same_serial_as(certb)
+ # now restart without lock
+ assert env.apache_restart() == 0
+ certc = MDCertUtil(env.store_domain_file(domain, 'pubcert.pem'))
+ assert not certa.same_serial_as(certc)
+
+