From 34df64db523684b66cc3814a384f67e5e398ed67 Mon Sep 17 00:00:00 2001 From: Shiloh Heurich Date: Thu, 8 Feb 2024 17:33:24 -0500 Subject: [PATCH 1/6] feat: add dns-account-01 integration test in chisel --- test/chisel2.py | 16 ++++++++++++++++ test/v2_integration.py | 3 +++ 2 files changed, 19 insertions(+) diff --git a/test/chisel2.py b/test/chisel2.py index 760ffc1baa8..ca8012f3fe9 100644 --- a/test/chisel2.py +++ b/test/chisel2.py @@ -124,6 +124,8 @@ def auth_and_issue(domains, chall_type="dns-01", email=None, cert_output=None, c cleanup = do_http_challenges(client, authzs) elif chall_type == "dns-01": cleanup = do_dns_challenges(client, authzs) + elif chall_type == "dns-account-01": + cleanup = do_dns_account_challenges(client, authzs) elif chall_type == "tls-alpn-01": cleanup = do_tlsalpn_challenges(client, authzs) else: @@ -153,6 +155,20 @@ def cleanup(): challSrv.remove_dns01_response(host) return cleanup +def do_dns_account_challenges(client, authzs): + cleanup_hosts = [] + for a in authzs: + c = get_chall(a, challenges.DNSACCOUNT01) + name, value = (c.validation_domain_name(client.net.account.uri, a.body.identifier.value), + c.validation(client.net.key)) + cleanup_hosts.append(name) + challSrv.add_dns01_response(name, value) + client.answer_challenge(c, c.response(client.net.key)) + def cleanup(): + for host in cleanup_hosts: + challSrv.remove_dns01_response(host) + return cleanup + def do_http_challenges(client, authzs): cleanup_tokens = [] challs = [get_chall(a, challenges.HTTP01) for a in authzs] diff --git a/test/v2_integration.py b/test/v2_integration.py index 184a422cc90..582b56afac0 100644 --- a/test/v2_integration.py +++ b/test/v2_integration.py @@ -45,6 +45,9 @@ import challtestsrv challSrv = challtestsrv.ChallTestServer() +def test_dns_account_challenge(): + chisel2.auth_and_issue([random_domain(), random_domain()], chall_type="dns-account-01") + def test_multidomain(): chisel2.auth_and_issue([random_domain(), random_domain()]) From 1535d617bdbb6542db591ba5de38cdad0f0a2ffd Mon Sep 17 00:00:00 2001 From: Seo Suchan Date: Fri, 9 Feb 2024 09:23:48 +0900 Subject: [PATCH 2/6] feat: add dns-account-01 integration test in chisel when config-next --- test/v2_integration.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/v2_integration.py b/test/v2_integration.py index 582b56afac0..9202e20b3fe 100644 --- a/test/v2_integration.py +++ b/test/v2_integration.py @@ -46,6 +46,9 @@ challSrv = challtestsrv.ChallTestServer() def test_dns_account_challenge(): + # Only config-next has a dns-account-01 challenge + if not CONFIG_NEXT: + return chisel2.auth_and_issue([random_domain(), random_domain()], chall_type="dns-account-01") def test_multidomain(): From 2b1e2d4756a9337fff13f1c57ca7a4a09539a496 Mon Sep 17 00:00:00 2001 From: Shiloh Heurich Date: Fri, 9 Feb 2024 16:30:54 -0500 Subject: [PATCH 3/6] fix(v2_integration): typo in check_challenge_dns_err --- test/v2_integration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/v2_integration.py b/test/v2_integration.py index 9202e20b3fe..5257519a05f 100644 --- a/test/v2_integration.py +++ b/test/v2_integration.py @@ -109,7 +109,7 @@ def check_challenge_dns_err(chalType): elif chalType == "tls-alpn-01": c = chisel2.get_chall(authzr, challenges.TLSALPN01) else: - raise(Exception("Invalid challenge type requested: {0}".format(challType))) + raise(Exception("Invalid challenge type requested: {0}".format(chalType))) # The failed challenge's error should match expected error = c.error From bfdc63b502a47f51f76a86a795852eb68d198d3b Mon Sep 17 00:00:00 2001 From: Shiloh Heurich Date: Fri, 9 Feb 2024 16:32:04 -0500 Subject: [PATCH 4/6] feat(v2_integration): use dns-account-01 in check_challenge_dns_err --- test/v2_integration.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/v2_integration.py b/test/v2_integration.py index 5257519a05f..bd70be82c1b 100644 --- a/test/v2_integration.py +++ b/test/v2_integration.py @@ -108,6 +108,8 @@ def check_challenge_dns_err(chalType): c = chisel2.get_chall(authzr, challenges.DNS01) elif chalType == "tls-alpn-01": c = chisel2.get_chall(authzr, challenges.TLSALPN01) + elif chalType == "dns-account-01": + c = chisel2.get_chall(authzr, challenges.DNSACCOUNT01) else: raise(Exception("Invalid challenge type requested: {0}".format(chalType))) From 3f4f24d8f8c555ec2afa52bf0cb296f290ecafbd Mon Sep 17 00:00:00 2001 From: Shiloh Heurich Date: Fri, 9 Feb 2024 16:34:27 -0500 Subject: [PATCH 5/6] feat: add test_dns_account_challenge_wildcardmultidomain --- test/v2_integration.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/test/v2_integration.py b/test/v2_integration.py index bd70be82c1b..a7be646baa5 100644 --- a/test/v2_integration.py +++ b/test/v2_integration.py @@ -46,11 +46,23 @@ challSrv = challtestsrv.ChallTestServer() def test_dns_account_challenge(): + """ + Test issuance for two random domains using DNS-ACCOUNT-01. + """ # Only config-next has a dns-account-01 challenge if not CONFIG_NEXT: return chisel2.auth_and_issue([random_domain(), random_domain()], chall_type="dns-account-01") +def test_dns_account_challenge_wildcardmultidomain(): + """ + Test issuance for a random domain and a random wildcard domain using DNS-ACCOUNT-01. + """ + # Only config-next has a dns-account-01 challenge + if not CONFIG_NEXT: + return + chisel2.auth_and_issue([random_domain(), "*."+random_domain()], chall_type="dns-account-01") + def test_multidomain(): chisel2.auth_and_issue([random_domain(), random_domain()]) From 06358271fb2043197e3e3bebaface442f4d260f7 Mon Sep 17 00:00:00 2001 From: Shiloh Heurich Date: Mon, 12 Feb 2024 13:35:28 -0500 Subject: [PATCH 6/6] fix naming --- test/v2_integration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/v2_integration.py b/test/v2_integration.py index a7be646baa5..d9c1605bcff 100644 --- a/test/v2_integration.py +++ b/test/v2_integration.py @@ -45,7 +45,7 @@ import challtestsrv challSrv = challtestsrv.ChallTestServer() -def test_dns_account_challenge(): +def test_dns_account_challenge_multidomain(): """ Test issuance for two random domains using DNS-ACCOUNT-01. """