Skip to content

Commit 5b68c17

Browse files
bavshin-f5bavshin-f5
committed
Tests: ACME configuration parsing test.
1 parent fd77c33 commit 5b68c17

File tree

1 file changed

+151
-0
lines changed

1 file changed

+151
-0
lines changed

t/acme_conf_issuer.t

Lines changed: 151 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,151 @@
1+
#!/usr/bin/perl
2+
3+
# (C) Aleksei Bavshin
4+
# (C) Nginx, Inc.
5+
6+
# Tests for ACME client: configuration parsing and validation.
7+
8+
###############################################################################
9+
10+
use warnings;
11+
use strict;
12+
13+
use Test::More;
14+
15+
use IO::Select;
16+
17+
BEGIN { use FindBin; chdir($FindBin::Bin); }
18+
19+
use lib 'lib';
20+
use Test::Nginx;
21+
22+
###############################################################################
23+
24+
select STDERR; $| = 1;
25+
select STDOUT; $| = 1;
26+
27+
my $t = Test::Nginx->new()->has(qw/http socket_ssl/)->plan(6);
28+
29+
use constant TEMPLATE_CONF => <<'EOF';
30+
31+
%%TEST_GLOBALS%%
32+
33+
daemon off;
34+
35+
events {
36+
}
37+
38+
http {
39+
%%TEST_GLOBALS_HTTP%%
40+
41+
server {
42+
listen 127.0.0.1:8080;
43+
server_name example.test;
44+
}
45+
46+
server {
47+
listen 127.0.0.1:8443 ssl;
48+
server_name example.test;
49+
50+
acme_certificate example.test
51+
issuer=example;
52+
53+
ssl_certificate $acme_certificate;
54+
ssl_certificate_key $acme_certificate_key;
55+
}
56+
57+
%%ACME_ISSUER%%
58+
}
59+
60+
EOF
61+
62+
###############################################################################
63+
64+
is(check($t, <<'EOF' ), undef, 'valid');
65+
66+
acme_issuer example {
67+
uri https://localhost:%%PORT_9000%%/dir;
68+
account_key ecdsa:256;
69+
contact mailto:[email protected];
70+
resolver 127.0.0.1:%%PORT_8980_UDP%%;
71+
resolver_timeout 5s;
72+
state_path %%TESTDIR%%;
73+
}
74+
EOF
75+
76+
77+
is(check($t, <<'EOF' ), undef, 'resolver in server');
78+
79+
acme_issuer example {
80+
uri https://localhost:%%PORT_9000%%/dir;
81+
}
82+
83+
resolver 127.0.0.1:%%PORT_8980_UDP%%;
84+
85+
EOF
86+
87+
88+
like(check($t, <<'EOF' ), qr/\[emerg].*bad account key/, 'bad key file');
89+
90+
acme_issuer example {
91+
uri https://localhost:%%PORT_9000%%/dir;
92+
account_key no-such-file.key;
93+
resolver 127.0.0.1:%%PORT_8980_UDP%%;
94+
}
95+
96+
EOF
97+
98+
99+
like(check($t, <<'EOF' ), qr/\[emerg].*unsupported curve/, 'bad key curve');
100+
101+
acme_issuer example {
102+
uri https://localhost:%%PORT_9000%%/dir;
103+
account_key ecdsa:234;
104+
resolver 127.0.0.1:%%PORT_8980_UDP%%;
105+
}
106+
107+
EOF
108+
109+
110+
like(check($t, <<'EOF' ), qr/\[emerg].*unsupported key size/, 'bad key size');
111+
112+
acme_issuer example {
113+
uri https://localhost:%%PORT_9000%%/dir;
114+
account_key rsa:1024;
115+
resolver 127.0.0.1:%%PORT_8980_UDP%%;
116+
}
117+
118+
EOF
119+
120+
121+
like(check($t, ''), qr/issuer "[^"]+" is missing/, 'no issuer');
122+
123+
###############################################################################
124+
125+
sub check {
126+
my ($t, $issuer) = @_;
127+
128+
$t->write_file_expand('nginx.conf',
129+
TEMPLATE_CONF =~ s/%%ACME_ISSUER%%/$issuer/r);
130+
131+
return try_run($t);
132+
}
133+
134+
sub try_run {
135+
my $t = shift;
136+
137+
# clean up after a successfull try
138+
139+
$t->stop();
140+
unlink $t->testdir() . '/error.log';
141+
142+
eval {
143+
open OLDERR, ">&", \*STDERR; close STDERR;
144+
$t->run();
145+
open STDERR, ">&", \*OLDERR;
146+
};
147+
148+
return unless $@;
149+
150+
return $t->read_file('error.log');
151+
}

0 commit comments

Comments
 (0)