U ˜­“]=#ã@sndZddlZddlZddlZddlZddlmZddlmZddl m Z Gdd„de j ƒZ e dkrje ¡dS) z;Test for certbot_apache.configurator AutoHSTS functionalityéN)Úerrors)Ú constants)Úutilcs$eZdZdZ‡fdd„Zdd„Ze d¡e d¡dd „ƒƒZe d¡d d „ƒZ e d d ¡e d¡e d¡dd„ƒƒƒZ e d¡e d¡dd„ƒƒZ e d¡e d d ¡dd„ƒƒZ e d d ¡e d¡dd„ƒƒZ dd„Zdd„Ze d¡dd„ƒZe d¡e d¡d d!„ƒƒZd"d#„Zd$d%„Z‡ZS)&Ú AutoHSTSTestzTests for AutoHSTS featurecs|tt|ƒ ¡t |j|j|j|j¡|_ |j j j   d¡|j j j   d¡|j j j   d¡|j j j   d¡t  |jd¡|_dS)NÚheaders_modulez mod_headers.cZ ssl_modulez mod_ssl.cz!debian_apache_2_4/multiple_vhosts)ÚsuperrÚsetUprZget_apache_configuratorZ config_pathZ vhost_pathZ config_dirZwork_dirÚconfigÚparserÚmodulesÚaddZ get_vh_truthZtemp_dirÚvh_truth©Úself©Ú __class__©úD/usr/lib/python3/dist-packages/certbot_apache/tests/autohsts_test.pyrsÿÿzAutoHSTSTest.setUpcCs`|jj dd|¡}|r\d}|D]<}t ||jjj |¡ ¡¡r|jjj | dd¡¡SqdS)z1 Get value from Strict-Transport-Security header ÚHeaderNz/(?:[ "]|^)(strict-transport-security)(?:[ "]|$)zarg[3]zarg[4]) r r Úfind_dirÚreÚsearchÚaugÚgetÚlowerÚreplace)rZvh_pathZ header_pathZpatÚheadrrrÚget_autohsts_values  ÿ zAutoHSTSTest.get_autohsts_valuez6certbot_apache.configurator.ApacheConfigurator.restartz9certbot_apache.configurator.ApacheConfigurator.enable_modcCsD|jjj d¡|jjj d¡|j t ¡dg¡| |j¡dS)Nrz mod_header.cú ocspvhost.com) r r r ÚdiscardÚenable_autohstsÚmockÚ MagicMockÚ assertTrueÚcalled)rZ mock_enableÚ_restartrrrÚ test_autohsts_enable_headers_mod*sz-AutoHSTSTest.test_autohsts_enable_headers_modcCs4|j t ¡dg¡| tj|jjt ¡dg¡dS)Nr)r r r!r"Ú assertRaisesrZPluginEnhancementAlreadyPresent)rr%rrrÚ#test_autohsts_deploy_already_exists2s þz0AutoHSTSTest.test_autohsts_deploy_already_existsz&certbot_apache.constants.AUTOHSTS_FREQrz6certbot_apache.configurator.ApacheConfigurator.preparecCs”d|j_d}| tjd¡}| tjd¡}|j t ¡dg¡| |  |j dj ¡|¡|j  t ¡¡| |  |j dj ¡|¡|  |j¡dS)NFú "max-age={0}"réré)r Z _preparedÚformatrÚAUTOHSTS_STEPSr r!r"Ú assertEqualrr ÚpathÚupdate_autohstsr#r$)rZ mock_prepareÚ _mock_restartÚmaxageÚ initial_valZinc_valrrrÚtest_autohsts_increase9sÿÿz#AutoHSTSTest.test_autohsts_increasezAcertbot_apache.configurator.ApacheConfigurator._autohsts_increasecCsbd}| tjd¡}|j t ¡dg¡| | |j dj ¡|¡|j  t ¡¡|  |j ¡dS)Nr)rrr+)r,rr-r r r!r"r.rr r/r0Ú assertFalser$)rZ mock_increaser%r2r3rrrÚtest_autohsts_increase_noopMsÿz(AutoHSTSTest.test_autohsts_increase_noopcCsv|j t ¡dg¡|jj dd|jdj¡}d |d  d¡dd…¡}|jjj   |¡|  t j|jjt ¡¡dS)Nrrr+ú/réÿÿÿÿ)r r r!r"r rr r/ÚjoinÚsplitrÚremover'rÚ PluginErrorr0)rr%Zdir_locsZdir_locrrrÚ test_autohsts_increase_no_header\s  ÿþz-AutoHSTSTest.test_autohsts_increase_no_headercCsþd}| tj¡}t ¡}d|_|j t ¡dg¡tt tj ƒdƒD]h}|j  |¡|  |  |jdj¡|¡|j t ¡¡| tj |d¡}| |  |jdj¡|¡qD| |  |jdj¡| tj d¡¡|j  |¡| |  |jdj¡|¡dS)Nr)z#/etc/apache2/ssl/key-certbot_15.pemrr*r+r8)r,rZAUTOHSTS_PERMANENTr!r"Zkey_pathr r ÚrangeÚlenr-Údeploy_autohstsZassertNotEqualrr r/r0r.)rr1r2Zmax_valZ mock_lineageÚiZcur_valrrrÚ)test_autohsts_increase_and_make_permanentis,  ÿÿÿ ÿz6AutoHSTSTest.test_autohsts_increase_and_make_permanentc Cs6t d¡"}|j t ¡¡| |j¡W5QRXdS)Nz time.time)r!Úpatchr r0r"r5r$)rZ mock_timerrrÚtest_autohsts_update_noopƒs z&AutoHSTSTest.test_autohsts_update_noopcCs4t ¡|jj_|j t ¡¡| |jjjj¡dS)N)r!r"r ZstorageZputr@r5r$rrrrÚ!test_autohsts_make_permanent_noopŠsz.AutoHSTSTest.test_autohsts_make_permanent_noopz'certbot_apache.display_ops.select_vhostc CsX|jd|_t d¡8}| tj|jjt  ¡d¡|  d|j ddk¡W5QRXdS)Nrú*certbot_apache.configurator.logger.warningzinvalid.example.comz Certbot was not able to find SSL) r Ú return_valuer!rCr'rr<r r r"r#Ú call_args)rZ mock_selectÚmock_logrrrÚtest_autohsts_no_ssl_vhosts  þÿz'AutoHSTSTest.test_autohsts_no_ssl_vhostz;certbot_apache.configurator.ApacheConfigurator.add_vhost_idcCs.d|_|j t ¡ddg¡| |jd¡dS)NZ1234567rr*)rGr r r!r"r.Z call_count)rZmock_idr%rrrÚ test_autohsts_dont_enhance_twicešs  ÿz-AutoHSTSTest.test_autohsts_dont_enhance_twicecCsl|j ¡dddœ|jjd<|j ¡|j t ¡¡| d|jjk¡d|j_|j ¡| |jj¡dS)Nr©ZlaststepZ timestampÚ orphan_id)r Ú_autohsts_fetch_stateÚ _autohstsÚ_autohsts_save_stater0r!r"r5rrrrÚtest_autohsts_remove_orphaned¢s   z*AutoHSTSTest.test_autohsts_remove_orphanedc Cst|j ¡dddœ|jjd<|j ¡t d¡:}|j t ¡¡| |j ¡| d|j ddk¡W5QRXdS)NiçrrLrMrFz%VirtualHost with id orphan_id was not) r rNrOrPr!rCr@r"r#r$rH)rrIrrrÚ,test_autohsts_make_permanent_vhost_not_found¯s    ÿz9AutoHSTSTest.test_autohsts_make_permanent_vhost_not_found)Ú__name__Ú __module__Ú __qualname__Ú__doc__rrr!rCr&r(r4r6r=rBrDrErJrKrQrRÚ __classcell__rrrrrs<            rÚ__main__)rVrZunittestr!ZsixZcertbotrZcertbot_apacherZcertbot_apache.testsrZ ApacheTestrrSÚmainrrrrÚs   .