diff options
| author | Brad Warren <bmw@users.noreply.github.com> | 2016-10-11 04:44:39 +0300 |
|---|---|---|
| committer | Peter Eckersley <pde@users.noreply.github.com> | 2016-10-11 04:44:39 +0300 |
| commit | a5df9e5a0e5fcb6a66c63e0bd02844417fdbb456 (patch) | |
| tree | 73e45a470d20e90b479f26d2985d8494df33b4dc /tests | |
| parent | 2415092a78843c457149e91129362e3f4be932d1 (diff) | |
Only verify required ports are available (#3608)
* only verify port is available when you actually need it
* refactor code to create achalls
* Test port checks are based on achall
* test that only the port for the requested challenge is checked in standalone
Diffstat (limited to 'tests')
| -rwxr-xr-x | tests/boulder-integration.sh | 13 | ||||
| -rwxr-xr-x | tests/integration/_common.sh | 8 |
2 files changed, 16 insertions, 5 deletions
diff --git a/tests/boulder-integration.sh b/tests/boulder-integration.sh index ab8fde5f6..a70f13f8e 100755 --- a/tests/boulder-integration.sh +++ b/tests/boulder-integration.sh @@ -33,8 +33,17 @@ common() { "$@" } -common --domains le1.wtf --standalone-supported-challenges tls-sni-01 auth -common --domains le2.wtf --standalone-supported-challenges http-01 run +# We start a server listening on the port for the +# unrequested challenge to prevent regressions in #3601. +python -m SimpleHTTPServer $http_01_port & +python_server_pid=$! +common --domains le1.wtf --preferred-challenges tls-sni-01 auth +kill $python_server_pid +python -m SimpleHTTPServer $tls_sni_01_port & +python_server_pid=$! +common --domains le2.wtf --preferred-challenges http-01 run +kill $python_server_pid + common -a manual -d le.wtf auth --rsa-key-size 4096 export CSR_PATH="${root}/csr.der" KEY_PATH="${root}/key.pem" \ diff --git a/tests/integration/_common.sh b/tests/integration/_common.sh index 8992a18c0..935d44994 100755 --- a/tests/integration/_common.sh +++ b/tests/integration/_common.sh @@ -9,7 +9,9 @@ then fi store_flags="--config-dir $root/conf --work-dir $root/work" store_flags="$store_flags --logs-dir $root/logs" -export root store_flags +tls_sni_01_port=5001 +http_01_port=5002 +export root store_flags tls_sni_01_port http_01_port certbot_test () { certbot_test_no_force_renew \ @@ -21,8 +23,8 @@ certbot_test_no_force_renew () { certbot \ --server "${SERVER:-http://localhost:4000/directory}" \ --no-verify-ssl \ - --tls-sni-01-port 5001 \ - --http-01-port 5002 \ + --tls-sni-01-port $tls_sni_01_port \ + --http-01-port $http_01_port \ --manual-test-mode \ $store_flags \ --non-interactive \ |