HOME


Mini Shell 1.0
DIR: /snap/certbot/4482/lib/python3.12/site-packages/certbot_nginx/_internal/tests/
Upload File :
Current File : //snap/certbot/4482/lib/python3.12/site-packages/certbot_nginx/_internal/tests/obj_test.py
"""Test the helper objects in certbot_nginx._internal.obj."""
import itertools
import sys
import unittest

import pytest


class AddrTest(unittest.TestCase):
    """Test the Addr class."""
    def setUp(self):
        from certbot_nginx._internal.obj import Addr
        self.addr1 = Addr.fromstring("192.168.1.1")
        self.addr2 = Addr.fromstring("192.168.1.1:* ssl")
        self.addr3 = Addr.fromstring("192.168.1.1:80")
        self.addr4 = Addr.fromstring("*:80 default_server ssl")
        self.addr5 = Addr.fromstring("myhost")
        self.addr6 = Addr.fromstring("80 default_server spdy")
        self.addr7 = Addr.fromstring("*:80 default ssl")

    def test_fromstring(self):
        assert self.addr1.get_addr() == "192.168.1.1"
        assert self.addr1.get_port() == ""
        assert self.addr1.ssl is False
        assert self.addr1.default is False

        assert self.addr2.get_addr() == "192.168.1.1"
        assert self.addr2.get_port() == "*"
        assert self.addr2.ssl is True
        assert self.addr2.default is False

        assert self.addr3.get_addr() == "192.168.1.1"
        assert self.addr3.get_port() == "80"
        assert self.addr3.ssl is False
        assert self.addr3.default is False

        assert self.addr4.get_addr() == "*"
        assert self.addr4.get_port() == "80"
        assert self.addr4.ssl is True
        assert self.addr4.default is True

        assert self.addr5.get_addr() == "myhost"
        assert self.addr5.get_port() == ""
        assert self.addr5.ssl is False
        assert self.addr5.default is False

        assert self.addr6.get_addr() == ""
        assert self.addr6.get_port() == "80"
        assert self.addr6.ssl is False
        assert self.addr6.default is True

        assert self.addr7.default is True

    def test_fromstring_socket(self):
        from certbot_nginx._internal.obj import Addr, SocketAddrError
        socket_string = r"unix:/var/run/nginx.sock"
        with pytest.raises(SocketAddrError, match=socket_string):
            Addr.fromstring(socket_string)

    def test_str(self):
        assert str(self.addr1) == "192.168.1.1"
        assert str(self.addr2) == "192.168.1.1:* ssl"
        assert str(self.addr3) == "192.168.1.1:80"
        assert str(self.addr4) == "*:80 default_server ssl"
        assert str(self.addr5) == "myhost"
        assert str(self.addr6) == "80 default_server"
        assert str(self.addr7) == "*:80 default_server ssl"

    def test_to_string(self):
        assert self.addr1.to_string() == "192.168.1.1"
        assert self.addr2.to_string() == "192.168.1.1:* ssl"
        assert self.addr3.to_string() == "192.168.1.1:80"
        assert self.addr4.to_string() == "*:80 default_server ssl"
        assert self.addr4.to_string(include_default=False) == "*:80 ssl"
        assert self.addr5.to_string() == "myhost"
        assert self.addr6.to_string() == "80 default_server"
        assert self.addr6.to_string(include_default=False) == "80"

    def test_eq(self):
        from certbot_nginx._internal.obj import Addr
        new_addr1 = Addr.fromstring("192.168.1.1 spdy")
        assert self.addr1 == new_addr1
        assert self.addr1 != self.addr2
        assert self.addr1 != 3333

    def test_equivalent_any_addresses(self):
        from certbot_nginx._internal.obj import Addr
        any_addresses = ("0.0.0.0:80 default_server ssl",
                         "80 default_server ssl",
                         "*:80 default_server ssl",
                         "80 default ssl")
        for first, second in itertools.combinations(any_addresses, 2):
            assert Addr.fromstring(first) == Addr.fromstring(second)

        # Also, make sure ports are checked.
        assert Addr.fromstring(any_addresses[0]) != \
                            Addr.fromstring("0.0.0.0:443 default_server ssl")

        # And they aren't equivalent to a specified address.
        for any_address in any_addresses:
            assert Addr.fromstring("192.168.1.2:80 default_server ssl") != \
                Addr.fromstring(any_address)

    def test_set_inclusion(self):
        from certbot_nginx._internal.obj import Addr
        set_a = {self.addr1, self.addr2}
        addr1b = Addr.fromstring("192.168.1.1")
        addr2b = Addr.fromstring("192.168.1.1:* ssl")
        set_b = {addr1b, addr2b}

        assert set_a == set_b


class VirtualHostTest(unittest.TestCase):
    """Test the VirtualHost class."""
    def setUp(self):
        from certbot_nginx._internal.obj import Addr
        from certbot_nginx._internal.obj import VirtualHost
        raw1 = [
            ['listen', '69.50.225.155:9000'],
            [['if', '($scheme', '!=', '"https") '],
                [['return', '301', 'https://$host$request_uri']]
            ],
            ['#', ' managed by Certbot']
        ]
        self.vhost1 = VirtualHost(
            "filep",
            {Addr.fromstring("localhost")}, False, False,
            {'localhost'}, raw1, [])
        raw2 = [
            ['listen', '69.50.225.155:9000'],
            [['if', '($scheme', '!=', '"https") '],
                [['return', '301', 'https://$host$request_uri']]
            ]
        ]
        self.vhost2 = VirtualHost(
            "filep",
            {Addr.fromstring("localhost")}, False, False,
            {'localhost'}, raw2, [])
        raw3 = [
            ['listen', '69.50.225.155:9000'],
            ['rewrite', '^(.*)$', '$scheme://www.domain.com$1', 'permanent']
        ]
        self.vhost3 = VirtualHost(
            "filep",
            {Addr.fromstring("localhost")}, False, False,
            {'localhost'}, raw3, [])
        raw4 = [
            ['listen', '69.50.225.155:9000'],
            ['server_name', 'return.com']
        ]
        self.vhost4 = VirtualHost(
            "filp",
            {Addr.fromstring("localhost")}, False, False,
            {'localhost'}, raw4, [])
        raw_has_hsts = [
            ['listen', '69.50.225.155:9000'],
            ['server_name', 'return.com'],
            ['add_header', 'always', 'set', 'Strict-Transport-Security', '\"max-age=31536000\"'],
        ]
        self.vhost_has_hsts = VirtualHost(
            "filep",
            {Addr.fromstring("localhost")}, False, False,
            {'localhost'}, raw_has_hsts, [])

    def test_eq(self):
        from certbot_nginx._internal.obj import Addr
        from certbot_nginx._internal.obj import VirtualHost
        vhost1b = VirtualHost(
            "filep",
            {Addr.fromstring("localhost blah")}, False, False,
            {'localhost'}, [], [])

        assert vhost1b == self.vhost1
        assert str(vhost1b) == str(self.vhost1)
        assert vhost1b != 1234

    def test_str(self):
        stringified = '\n'.join(['file: filep', 'addrs: localhost',
                                 "names: ['localhost']", 'ssl: False',
                                 'enabled: False'])
        assert stringified == str(self.vhost1)

    def test_has_header(self):
        assert self.vhost_has_hsts.has_header('Strict-Transport-Security') is True
        assert self.vhost_has_hsts.has_header('Bogus-Header') is False
        assert self.vhost1.has_header('Strict-Transport-Security') is False
        assert self.vhost1.has_header('Bogus-Header') is False

    def test_contains_list(self):
        from certbot_nginx._internal.configurator import _test_block_from_block
        from certbot_nginx._internal.obj import Addr
        from certbot_nginx._internal.obj import VirtualHost
        test_block = [
            ['\n    ', 'return', ' ', '301', ' ', 'https://$host$request_uri'],
            ['\n']
        ]
        test_needle = _test_block_from_block(test_block)
        test_haystack = [['listen', '80'], ['root', '/var/www/html'],
            ['index', 'index.html index.htm index.nginx-debian.html'],
            ['server_name', 'two.functorkitten.xyz'], ['listen', '443 ssl'],
            ['#', ' managed by Certbot'],
            ['ssl_certificate', '/etc/letsencrypt/live/two.functorkitten.xyz/fullchain.pem'],
            ['#', ' managed by Certbot'],
            ['ssl_certificate_key', '/etc/letsencrypt/live/two.functorkitten.xyz/privkey.pem'],
            ['#', ' managed by Certbot'],
            ['return', '301', 'https://$host$request_uri'],
            ['#', ' managed by Certbot'], []]
        vhost_haystack = VirtualHost(
            "filp",
            {Addr.fromstring("localhost")}, False, False,
            {'localhost'}, test_haystack, [])
        test_bad_haystack = [['listen', '80'], ['root', '/var/www/html'],
            ['index', 'index.html index.htm index.nginx-debian.html'],
            ['server_name', 'two.functorkitten.xyz'], ['listen', '443 ssl'],
            ['#', ' managed by Certbot'],
            ['ssl_certificate', '/etc/letsencrypt/live/two.functorkitten.xyz/fullchain.pem'],
            ['#', ' managed by Certbot'],
            ['ssl_certificate_key', '/etc/letsencrypt/live/two.functorkitten.xyz/privkey.pem'],
            ['#', ' managed by Certbot'],
            [['if', '($scheme', '!=', '"https")'],
             [['return', '302', 'https://$host$request_uri']]
            ],
            ['#', ' managed by Certbot'], []]
        vhost_bad_haystack = VirtualHost(
            "filp",
            {Addr.fromstring("localhost")}, False, False,
            {'localhost'}, test_bad_haystack, [])
        assert vhost_haystack.contains_list(test_needle)
        assert not vhost_bad_haystack.contains_list(test_needle)


if __name__ == "__main__":
    sys.exit(pytest.main(sys.argv[1:] + [__file__]))  # pragma: no cover