diff options
Diffstat (limited to 'certbot-nginx/tests/obj_test.py')
-rw-r--r-- | certbot-nginx/tests/obj_test.py | 228 |
1 files changed, 228 insertions, 0 deletions
diff --git a/certbot-nginx/tests/obj_test.py b/certbot-nginx/tests/obj_test.py new file mode 100644 index 000000000..db808229f --- /dev/null +++ b/certbot-nginx/tests/obj_test.py @@ -0,0 +1,228 @@ +"""Test the helper objects in certbot_nginx._internal.obj.""" +import itertools +import unittest + + +class AddrTest(unittest.TestCase): + """Test the Addr class.""" + def setUp(self): + from certbot_nginx._internal.obj import Addr + self.addr1 = Addr.fromstring("192.168.1.1") + self.addr2 = Addr.fromstring("192.168.1.1:* ssl") + self.addr3 = Addr.fromstring("192.168.1.1:80") + self.addr4 = Addr.fromstring("*:80 default_server ssl") + self.addr5 = Addr.fromstring("myhost") + self.addr6 = Addr.fromstring("80 default_server spdy") + self.addr7 = Addr.fromstring("unix:/var/run/nginx.sock") + self.addr8 = Addr.fromstring("*:80 default ssl") + + def test_fromstring(self): + self.assertEqual(self.addr1.get_addr(), "192.168.1.1") + self.assertEqual(self.addr1.get_port(), "") + self.assertFalse(self.addr1.ssl) + self.assertFalse(self.addr1.default) + + self.assertEqual(self.addr2.get_addr(), "192.168.1.1") + self.assertEqual(self.addr2.get_port(), "*") + self.assertTrue(self.addr2.ssl) + self.assertFalse(self.addr2.default) + + self.assertEqual(self.addr3.get_addr(), "192.168.1.1") + self.assertEqual(self.addr3.get_port(), "80") + self.assertFalse(self.addr3.ssl) + self.assertFalse(self.addr3.default) + + self.assertEqual(self.addr4.get_addr(), "*") + self.assertEqual(self.addr4.get_port(), "80") + self.assertTrue(self.addr4.ssl) + self.assertTrue(self.addr4.default) + + self.assertEqual(self.addr5.get_addr(), "myhost") + self.assertEqual(self.addr5.get_port(), "") + self.assertFalse(self.addr5.ssl) + self.assertFalse(self.addr5.default) + + self.assertEqual(self.addr6.get_addr(), "") + self.assertEqual(self.addr6.get_port(), "80") + self.assertFalse(self.addr6.ssl) + self.assertTrue(self.addr6.default) + + self.assertTrue(self.addr8.default) + + self.assertEqual(None, self.addr7) + + def test_str(self): + self.assertEqual(str(self.addr1), "192.168.1.1") + self.assertEqual(str(self.addr2), "192.168.1.1:* ssl") + self.assertEqual(str(self.addr3), "192.168.1.1:80") + self.assertEqual(str(self.addr4), "*:80 default_server ssl") + self.assertEqual(str(self.addr5), "myhost") + self.assertEqual(str(self.addr6), "80 default_server") + self.assertEqual(str(self.addr8), "*:80 default_server ssl") + + def test_to_string(self): + self.assertEqual(self.addr1.to_string(), "192.168.1.1") + self.assertEqual(self.addr2.to_string(), "192.168.1.1:* ssl") + self.assertEqual(self.addr3.to_string(), "192.168.1.1:80") + self.assertEqual(self.addr4.to_string(), "*:80 default_server ssl") + self.assertEqual(self.addr4.to_string(include_default=False), "*:80 ssl") + self.assertEqual(self.addr5.to_string(), "myhost") + self.assertEqual(self.addr6.to_string(), "80 default_server") + self.assertEqual(self.addr6.to_string(include_default=False), "80") + + def test_eq(self): + from certbot_nginx._internal.obj import Addr + new_addr1 = Addr.fromstring("192.168.1.1 spdy") + self.assertEqual(self.addr1, new_addr1) + self.assertNotEqual(self.addr1, self.addr2) + self.assertFalse(self.addr1 == 3333) + + def test_equivalent_any_addresses(self): + from certbot_nginx._internal.obj import Addr + any_addresses = ("0.0.0.0:80 default_server ssl", + "80 default_server ssl", + "*:80 default_server ssl", + "80 default ssl") + for first, second in itertools.combinations(any_addresses, 2): + self.assertEqual(Addr.fromstring(first), Addr.fromstring(second)) + + # Also, make sure ports are checked. + self.assertNotEqual(Addr.fromstring(any_addresses[0]), + Addr.fromstring("0.0.0.0:443 default_server ssl")) + + # And they aren't equivalent to a specified address. + for any_address in any_addresses: + self.assertNotEqual( + Addr.fromstring("192.168.1.2:80 default_server ssl"), + Addr.fromstring(any_address)) + + def test_set_inclusion(self): + from certbot_nginx._internal.obj import Addr + set_a = set([self.addr1, self.addr2]) + addr1b = Addr.fromstring("192.168.1.1") + addr2b = Addr.fromstring("192.168.1.1:* ssl") + set_b = set([addr1b, addr2b]) + + self.assertEqual(set_a, set_b) + + +class VirtualHostTest(unittest.TestCase): + """Test the VirtualHost class.""" + def setUp(self): + from certbot_nginx._internal.obj import VirtualHost + from certbot_nginx._internal.obj import Addr + raw1 = [ + ['listen', '69.50.225.155:9000'], + [['if', '($scheme', '!=', '"https") '], + [['return', '301', 'https://$host$request_uri']] + ], + ['#', ' managed by Certbot'] + ] + self.vhost1 = VirtualHost( + "filep", + set([Addr.fromstring("localhost")]), False, False, + set(['localhost']), raw1, []) + raw2 = [ + ['listen', '69.50.225.155:9000'], + [['if', '($scheme', '!=', '"https") '], + [['return', '301', 'https://$host$request_uri']] + ] + ] + self.vhost2 = VirtualHost( + "filep", + set([Addr.fromstring("localhost")]), False, False, + set(['localhost']), raw2, []) + raw3 = [ + ['listen', '69.50.225.155:9000'], + ['rewrite', '^(.*)$', '$scheme://www.domain.com$1', 'permanent'] + ] + self.vhost3 = VirtualHost( + "filep", + set([Addr.fromstring("localhost")]), False, False, + set(['localhost']), raw3, []) + raw4 = [ + ['listen', '69.50.225.155:9000'], + ['server_name', 'return.com'] + ] + self.vhost4 = VirtualHost( + "filp", + set([Addr.fromstring("localhost")]), False, False, + set(['localhost']), raw4, []) + raw_has_hsts = [ + ['listen', '69.50.225.155:9000'], + ['server_name', 'return.com'], + ['add_header', 'always', 'set', 'Strict-Transport-Security', '\"max-age=31536000\"'], + ] + self.vhost_has_hsts = VirtualHost( + "filep", + set([Addr.fromstring("localhost")]), False, False, + set(['localhost']), raw_has_hsts, []) + + def test_eq(self): + from certbot_nginx._internal.obj import Addr + from certbot_nginx._internal.obj import VirtualHost + vhost1b = VirtualHost( + "filep", + set([Addr.fromstring("localhost blah")]), False, False, + set(['localhost']), [], []) + + self.assertEqual(vhost1b, self.vhost1) + self.assertEqual(str(vhost1b), str(self.vhost1)) + self.assertFalse(vhost1b == 1234) + + def test_str(self): + stringified = '\n'.join(['file: filep', 'addrs: localhost', + "names: ['localhost']", 'ssl: False', + 'enabled: False']) + self.assertEqual(stringified, str(self.vhost1)) + + def test_has_header(self): + self.assertTrue(self.vhost_has_hsts.has_header('Strict-Transport-Security')) + self.assertFalse(self.vhost_has_hsts.has_header('Bogus-Header')) + self.assertFalse(self.vhost1.has_header('Strict-Transport-Security')) + self.assertFalse(self.vhost1.has_header('Bogus-Header')) + + def test_contains_list(self): + from certbot_nginx._internal.obj import VirtualHost + from certbot_nginx._internal.obj import Addr + from certbot_nginx._internal.configurator import _test_block_from_block + test_block = [ + ['\n ', 'return', ' ', '301', ' ', 'https://$host$request_uri'], + ['\n'] + ] + test_needle = _test_block_from_block(test_block) + test_haystack = [['listen', '80'], ['root', '/var/www/html'], + ['index', 'index.html index.htm index.nginx-debian.html'], + ['server_name', 'two.functorkitten.xyz'], ['listen', '443 ssl'], + ['#', ' managed by Certbot'], + ['ssl_certificate', '/etc/letsencrypt/live/two.functorkitten.xyz/fullchain.pem'], + ['#', ' managed by Certbot'], + ['ssl_certificate_key', '/etc/letsencrypt/live/two.functorkitten.xyz/privkey.pem'], + ['#', ' managed by Certbot'], + ['return', '301', 'https://$host$request_uri'], + ['#', ' managed by Certbot'], []] + vhost_haystack = VirtualHost( + "filp", + set([Addr.fromstring("localhost")]), False, False, + set(['localhost']), test_haystack, []) + test_bad_haystack = [['listen', '80'], ['root', '/var/www/html'], + ['index', 'index.html index.htm index.nginx-debian.html'], + ['server_name', 'two.functorkitten.xyz'], ['listen', '443 ssl'], + ['#', ' managed by Certbot'], + ['ssl_certificate', '/etc/letsencrypt/live/two.functorkitten.xyz/fullchain.pem'], + ['#', ' managed by Certbot'], + ['ssl_certificate_key', '/etc/letsencrypt/live/two.functorkitten.xyz/privkey.pem'], + ['#', ' managed by Certbot'], + [['if', '($scheme', '!=', '"https")'], + [['return', '302', 'https://$host$request_uri']] + ], + ['#', ' managed by Certbot'], []] + vhost_bad_haystack = VirtualHost( + "filp", + set([Addr.fromstring("localhost")]), False, False, + set(['localhost']), test_bad_haystack, []) + self.assertTrue(vhost_haystack.contains_list(test_needle)) + self.assertFalse(vhost_bad_haystack.contains_list(test_needle)) + +if __name__ == "__main__": + unittest.main() # pragma: no cover |