aboutsummaryrefslogtreecommitdiff
path: root/core/https/https_test.go
diff options
context:
space:
mode:
authorGravatar Miek Gieben <miek@miek.nl> 2016-08-19 17:14:17 -0700
committerGravatar GitHub <noreply@github.com> 2016-08-19 17:14:17 -0700
commit9ac3cab1b7b1b1e78f86ce3c6a80fbee312162e6 (patch)
tree437e9755927c33af16276ad2602a6da115f948cb /core/https/https_test.go
parenta1989c35231b0e5ea271b2f68d82c1a63e697cd0 (diff)
downloadcoredns-9ac3cab1b7b1b1e78f86ce3c6a80fbee312162e6.tar.gz
coredns-9ac3cab1b7b1b1e78f86ce3c6a80fbee312162e6.tar.zst
coredns-9ac3cab1b7b1b1e78f86ce3c6a80fbee312162e6.zip
Make CoreDNS a server type plugin for Caddy (#220)
* Make CoreDNS a server type plugin for Caddy Remove code we don't need and port all middleware over. Fix all tests and rework the documentation. Also make `go generate` build a caddy binary which we then copy into our directory. This means `go build`-builds remain working as-is. And new etc instances in each etcd test for better isolation. Fix more tests and rework test.Server with the newer support Caddy offers. Fix Makefile to support new mode of operation.
Diffstat (limited to 'core/https/https_test.go')
-rw-r--r--core/https/https_test.go323
1 files changed, 0 insertions, 323 deletions
diff --git a/core/https/https_test.go b/core/https/https_test.go
deleted file mode 100644
index f19b3cde0..000000000
--- a/core/https/https_test.go
+++ /dev/null
@@ -1,323 +0,0 @@
-package https
-
-/*
-func TestHostQualifies(t *testing.T) {
- for i, test := range []struct {
- host string
- expect bool
- }{
- {"localhost", false},
- {"127.0.0.1", false},
- {"127.0.1.5", false},
- {"::1", false},
- {"[::1]", false},
- {"[::]", false},
- {"::", false},
- {"", false},
- {" ", false},
- {"0.0.0.0", false},
- {"192.168.1.3", false},
- {"10.0.2.1", false},
- {"169.112.53.4", false},
- {"foobar.com", true},
- {"sub.foobar.com", true},
- } {
- if HostQualifies(test.host) && !test.expect {
- t.Errorf("Test %d: Expected '%s' to NOT qualify, but it did", i, test.host)
- }
- if !HostQualifies(test.host) && test.expect {
- t.Errorf("Test %d: Expected '%s' to qualify, but it did NOT", i, test.host)
- }
- }
-}
-
-func TestConfigQualifies(t *testing.T) {
- for i, test := range []struct {
- cfg server.Config
- expect bool
- }{
- {server.Config{Host: ""}, false},
- {server.Config{Host: "localhost"}, false},
- {server.Config{Host: "123.44.3.21"}, false},
- {server.Config{Host: "example.com"}, true},
- {server.Config{Host: "example.com", TLS: server.TLSConfig{Manual: true}}, false},
- {server.Config{Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "off"}}, false},
- {server.Config{Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar.com"}}, true},
- {server.Config{Host: "example.com", Scheme: "http"}, false},
- {server.Config{Host: "example.com", Port: "80"}, false},
- {server.Config{Host: "example.com", Port: "1234"}, true},
- {server.Config{Host: "example.com", Scheme: "https"}, true},
- {server.Config{Host: "example.com", Port: "80", Scheme: "https"}, false},
- } {
- if test.expect && !ConfigQualifies(test.cfg) {
- t.Errorf("Test %d: Expected config to qualify, but it did NOT: %#v", i, test.cfg)
- }
- if !test.expect && ConfigQualifies(test.cfg) {
- t.Errorf("Test %d: Expected config to NOT qualify, but it did: %#v", i, test.cfg)
- }
- }
-}
-
-func TestRedirPlaintextHost(t *testing.T) {
- cfg := redirPlaintextHost(server.Config{
- Host: "example.com",
- BindHost: "93.184.216.34",
- Port: "1234",
- })
-
- // Check host and port
- if actual, expected := cfg.Host, "example.com"; actual != expected {
- t.Errorf("Expected redir config to have host %s but got %s", expected, actual)
- }
- if actual, expected := cfg.BindHost, "93.184.216.34"; actual != expected {
- t.Errorf("Expected redir config to have bindhost %s but got %s", expected, actual)
- }
- if actual, expected := cfg.Port, "80"; actual != expected {
- t.Errorf("Expected redir config to have port '%s' but got '%s'", expected, actual)
- }
-
- // Make sure redirect handler is set up properly
- if cfg.Middleware == nil || len(cfg.Middleware) != 1 {
- t.Fatalf("Redir config middleware not set up properly; got: %#v", cfg.Middleware)
- }
-
- handler, ok := cfg.Middleware[0](nil).(redirect.Redirect)
- if !ok {
- t.Fatalf("Expected a redirect.Redirect middleware, but got: %#v", handler)
- }
- if len(handler.Rules) != 1 {
- t.Fatalf("Expected one redirect rule, got: %#v", handler.Rules)
- }
-
- // Check redirect rule for correctness
- if actual, expected := handler.Rules[0].FromScheme, "http"; actual != expected {
- t.Errorf("Expected redirect rule to be from scheme '%s' but is actually from '%s'", expected, actual)
- }
- if actual, expected := handler.Rules[0].FromPath, "/"; actual != expected {
- t.Errorf("Expected redirect rule to be for path '%s' but is actually for '%s'", expected, actual)
- }
- if actual, expected := handler.Rules[0].To, "https://{host}:1234{uri}"; actual != expected {
- t.Errorf("Expected redirect rule to be to URL '%s' but is actually to '%s'", expected, actual)
- }
- if actual, expected := handler.Rules[0].Code, http.StatusMovedPermanently; actual != expected {
- t.Errorf("Expected redirect rule to have code %d but was %d", expected, actual)
- }
-
- // browsers can infer a default port from scheme, so make sure the port
- // doesn't get added in explicitly for default ports like 443 for https.
- cfg = redirPlaintextHost(server.Config{Host: "example.com", Port: "443"})
- handler, ok = cfg.Middleware[0](nil).(redirect.Redirect)
- if actual, expected := handler.Rules[0].To, "https://{host}{uri}"; actual != expected {
- t.Errorf("(Default Port) Expected redirect rule to be to URL '%s' but is actually to '%s'", expected, actual)
- }
-}
-
-func TestSaveCertResource(t *testing.T) {
- storage = Storage("./le_test_save")
- defer func() {
- err := os.RemoveAll(string(storage))
- if err != nil {
- t.Fatalf("Could not remove temporary storage directory (%s): %v", storage, err)
- }
- }()
-
- domain := "example.com"
- certContents := "certificate"
- keyContents := "private key"
- metaContents := `{
- "domain": "example.com",
- "certUrl": "https://example.com/cert",
- "certStableUrl": "https://example.com/cert/stable"
-}`
-
- cert := acme.CertificateResource{
- Domain: domain,
- CertURL: "https://example.com/cert",
- CertStableURL: "https://example.com/cert/stable",
- PrivateKey: []byte(keyContents),
- Certificate: []byte(certContents),
- }
-
- err := saveCertResource(cert)
- if err != nil {
- t.Fatalf("Expected no error, got: %v", err)
- }
-
- certFile, err := ioutil.ReadFile(storage.SiteCertFile(domain))
- if err != nil {
- t.Errorf("Expected no error reading certificate file, got: %v", err)
- }
- if string(certFile) != certContents {
- t.Errorf("Expected certificate file to contain '%s', got '%s'", certContents, string(certFile))
- }
-
- keyFile, err := ioutil.ReadFile(storage.SiteKeyFile(domain))
- if err != nil {
- t.Errorf("Expected no error reading private key file, got: %v", err)
- }
- if string(keyFile) != keyContents {
- t.Errorf("Expected private key file to contain '%s', got '%s'", keyContents, string(keyFile))
- }
-
- metaFile, err := ioutil.ReadFile(storage.SiteMetaFile(domain))
- if err != nil {
- t.Errorf("Expected no error reading meta file, got: %v", err)
- }
- if string(metaFile) != metaContents {
- t.Errorf("Expected meta file to contain '%s', got '%s'", metaContents, string(metaFile))
- }
-}
-
-func TestExistingCertAndKey(t *testing.T) {
- storage = Storage("./le_test_existing")
- defer func() {
- err := os.RemoveAll(string(storage))
- if err != nil {
- t.Fatalf("Could not remove temporary storage directory (%s): %v", storage, err)
- }
- }()
-
- domain := "example.com"
-
- if existingCertAndKey(domain) {
- t.Errorf("Did NOT expect %v to have existing cert or key, but it did", domain)
- }
-
- err := saveCertResource(acme.CertificateResource{
- Domain: domain,
- PrivateKey: []byte("key"),
- Certificate: []byte("cert"),
- })
- if err != nil {
- t.Fatalf("Expected no error, got: %v", err)
- }
-
- if !existingCertAndKey(domain) {
- t.Errorf("Expected %v to have existing cert and key, but it did NOT", domain)
- }
-}
-
-func TestHostHasOtherPort(t *testing.T) {
- configs := []server.Config{
- {Host: "example.com", Port: "80"},
- {Host: "sub1.example.com", Port: "80"},
- {Host: "sub1.example.com", Port: "443"},
- }
-
- if hostHasOtherPort(configs, 0, "80") {
- t.Errorf(`Expected hostHasOtherPort(configs, 0, "80") to be false, but got true`)
- }
- if hostHasOtherPort(configs, 0, "443") {
- t.Errorf(`Expected hostHasOtherPort(configs, 0, "443") to be false, but got true`)
- }
- if !hostHasOtherPort(configs, 1, "443") {
- t.Errorf(`Expected hostHasOtherPort(configs, 1, "443") to be true, but got false`)
- }
-}
-
-func TestMakePlaintextRedirects(t *testing.T) {
- configs := []server.Config{
- // Happy path = standard redirect from 80 to 443
- {Host: "example.com", TLS: server.TLSConfig{Managed: true}},
-
- // Host on port 80 already defined; don't change it (no redirect)
- {Host: "sub1.example.com", Port: "80", Scheme: "http"},
- {Host: "sub1.example.com", TLS: server.TLSConfig{Managed: true}},
-
- // Redirect from port 80 to port 5000 in this case
- {Host: "sub2.example.com", Port: "5000", TLS: server.TLSConfig{Managed: true}},
-
- // Can redirect from 80 to either 443 or 5001, but choose 443
- {Host: "sub3.example.com", Port: "443", TLS: server.TLSConfig{Managed: true}},
- {Host: "sub3.example.com", Port: "5001", Scheme: "https", TLS: server.TLSConfig{Managed: true}},
- }
-
- result := MakePlaintextRedirects(configs)
- expectedRedirCount := 3
-
- if len(result) != len(configs)+expectedRedirCount {
- t.Errorf("Expected %d redirect(s) to be added, but got %d",
- expectedRedirCount, len(result)-len(configs))
- }
-}
-
-func TestEnableTLS(t *testing.T) {
- configs := []server.Config{
- {Host: "example.com", TLS: server.TLSConfig{Managed: true}},
- {}, // not managed - no changes!
- }
-
- EnableTLS(configs, false)
-
- if !configs[0].TLS.Enabled {
- t.Errorf("Expected config 0 to have TLS.Enabled == true, but it was false")
- }
- if configs[1].TLS.Enabled {
- t.Errorf("Expected config 1 to have TLS.Enabled == false, but it was true")
- }
-}
-
-func TestGroupConfigsByEmail(t *testing.T) {
- if groupConfigsByEmail([]server.Config{}, false) == nil {
- t.Errorf("With empty input, returned map was nil, but expected non-nil map")
- }
-
- configs := []server.Config{
- {Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
- {Host: "sub1.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar", Managed: true}},
- {Host: "sub2.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
- {Host: "sub3.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar", Managed: true}},
- {Host: "sub4.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
- {Host: "sub5.example.com", TLS: server.TLSConfig{LetsEncryptEmail: ""}}, // not managed
- }
- DefaultEmail = "test@example.com"
-
- groups := groupConfigsByEmail(configs, true)
-
- if groups == nil {
- t.Fatalf("Returned map was nil, but expected values")
- }
-
- if len(groups) != 2 {
- t.Errorf("Expected 2 groups, got %d: %#v", len(groups), groups)
- }
- if len(groups["foo@bar"]) != 2 {
- t.Errorf("Expected 2 configs for foo@bar, got %d: %#v", len(groups["foobar"]), groups["foobar"])
- }
- if len(groups[DefaultEmail]) != 3 {
- t.Errorf("Expected 3 configs for %s, got %d: %#v", DefaultEmail, len(groups["foobar"]), groups["foobar"])
- }
-}
-
-func TestMarkQualified(t *testing.T) {
- // TODO: TestConfigQualifies and this test share the same config list...
- configs := []server.Config{
- {Host: ""},
- {Host: "localhost"},
- {Host: "123.44.3.21"},
- {Host: "example.com"},
- {Host: "example.com", TLS: server.TLSConfig{Manual: true}},
- {Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "off"}},
- {Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar.com"}},
- {Host: "example.com", Scheme: "http"},
- {Host: "example.com", Port: "80"},
- {Host: "example.com", Port: "1234"},
- {Host: "example.com", Scheme: "https"},
- {Host: "example.com", Port: "80", Scheme: "https"},
- }
- expectedManagedCount := 4
-
- MarkQualified(configs)
-
- count := 0
- for _, cfg := range configs {
- if cfg.TLS.Managed {
- count++
- }
- }
-
- if count != expectedManagedCount {
- t.Errorf("Expected %d managed configs, but got %d", expectedManagedCount, count)
- }
-}
-*/