本文整理汇总了Golang中github.com/letsencrypt/boulder/core.ParseAcmeURL函数的典型用法代码示例。如果您正苦于以下问题:Golang ParseAcmeURL函数的具体用法?Golang ParseAcmeURL怎么用?Golang ParseAcmeURL使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ParseAcmeURL函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: TestValidateContacts
func TestValidateContacts(t *testing.T) {
_, _, ra, _, cleanUp := initAuthorities(t)
defer cleanUp()
tel, _ := core.ParseAcmeURL("tel:")
ansible, _ := core.ParseAcmeURL("ansible:earth.sol.milkyway.laniakea/letsencrypt")
validEmail, _ := core.ParseAcmeURL("mailto:[email protected]")
malformedEmail, _ := core.ParseAcmeURL("mailto:admin.com")
err := ra.validateContacts([]*core.AcmeURL{})
test.AssertNotError(t, err, "No Contacts")
err = ra.validateContacts([]*core.AcmeURL{tel, validEmail})
test.AssertError(t, err, "Too Many Contacts")
err = ra.validateContacts([]*core.AcmeURL{tel})
test.AssertNotError(t, err, "Simple Telephone")
err = ra.validateContacts([]*core.AcmeURL{validEmail})
test.AssertNotError(t, err, "Valid Email")
err = ra.validateContacts([]*core.AcmeURL{malformedEmail})
test.AssertError(t, err, "Malformed Email")
err = ra.validateContacts([]*core.AcmeURL{ansible})
test.AssertError(t, err, "Unknown scheme")
}
开发者ID:rf152,项目名称:boulder,代码行数:27,代码来源:registration-authority_test.go
示例2: TestAddRegistration
func TestAddRegistration(t *testing.T) {
sa, clk, cleanUp := initSA(t)
defer cleanUp()
jwk := satest.GoodJWK()
contact, err := core.ParseAcmeURL("mailto:[email protected]")
if err != nil {
t.Fatalf("unable to parse contact link: %s", err)
}
contacts := []*core.AcmeURL{contact}
reg, err := sa.NewRegistration(core.Registration{
Key: jwk,
Contact: contacts,
InitialIP: net.ParseIP("43.34.43.34"),
})
if err != nil {
t.Fatalf("Couldn't create new registration: %s", err)
}
test.Assert(t, reg.ID != 0, "ID shouldn't be 0")
test.AssertDeepEquals(t, reg.Contact, contacts)
_, err = sa.GetRegistration(0)
test.AssertError(t, err, "Registration object for ID 0 was returned")
dbReg, err := sa.GetRegistration(reg.ID)
test.AssertNotError(t, err, fmt.Sprintf("Couldn't get registration with ID %v", reg.ID))
expectedReg := core.Registration{
ID: reg.ID,
Key: jwk,
InitialIP: net.ParseIP("43.34.43.34"),
CreatedAt: clk.Now(),
}
test.AssertEquals(t, dbReg.ID, expectedReg.ID)
test.Assert(t, core.KeyDigestEquals(dbReg.Key, expectedReg.Key), "Stored key != expected")
u, _ := core.ParseAcmeURL("test.com")
newReg := core.Registration{
ID: reg.ID,
Key: jwk,
Contact: []*core.AcmeURL{u},
InitialIP: net.ParseIP("72.72.72.72"),
Agreement: "yes",
}
err = sa.UpdateRegistration(newReg)
test.AssertNotError(t, err, fmt.Sprintf("Couldn't get registration with ID %v", reg.ID))
dbReg, err = sa.GetRegistrationByKey(jwk)
test.AssertNotError(t, err, "Couldn't get registration by key")
test.AssertEquals(t, dbReg.ID, newReg.ID)
test.AssertEquals(t, dbReg.Agreement, newReg.Agreement)
var anotherJWK jose.JsonWebKey
err = json.Unmarshal([]byte(anotherKey), &anotherJWK)
test.AssertNotError(t, err, "couldn't unmarshal anotherJWK")
_, err = sa.GetRegistrationByKey(anotherJWK)
test.AssertError(t, err, "Registration object for invalid key was returned")
}
开发者ID:BergkristalQuantumLabs,项目名称:boulder,代码行数:60,代码来源:storage-authority_test.go
示例3: TestValidateContacts
func TestValidateContacts(t *testing.T) {
_, _, ra, _, cleanUp := initAuthorities(t)
defer cleanUp()
ansible, _ := core.ParseAcmeURL("ansible:earth.sol.milkyway.laniakea/letsencrypt")
validEmail, _ := core.ParseAcmeURL("mailto:[email protected]")
otherValidEmail, _ := core.ParseAcmeURL("mailto:[email protected]")
malformedEmail, _ := core.ParseAcmeURL("mailto:admin.com")
err := ra.validateContacts(context.Background(), &[]*core.AcmeURL{})
test.AssertNotError(t, err, "No Contacts")
err = ra.validateContacts(context.Background(), &[]*core.AcmeURL{validEmail, otherValidEmail})
test.AssertError(t, err, "Too Many Contacts")
err = ra.validateContacts(context.Background(), &[]*core.AcmeURL{validEmail})
test.AssertNotError(t, err, "Valid Email")
err = ra.validateContacts(context.Background(), &[]*core.AcmeURL{malformedEmail})
test.AssertError(t, err, "Malformed Email")
err = ra.validateContacts(context.Background(), &[]*core.AcmeURL{ansible})
test.AssertError(t, err, "Unknown scheme")
err = ra.validateContacts(context.Background(), &[]*core.AcmeURL{nil})
test.AssertError(t, err, "Nil AcmeURL")
}
开发者ID:andrewrothstein,项目名称:boulder,代码行数:27,代码来源:ra_test.go
示例4: TestValidateContacts
func TestValidateContacts(t *testing.T) {
tel, _ := core.ParseAcmeURL("tel:")
ansible, _ := core.ParseAcmeURL("ansible:earth.sol.milkyway.laniakea/letsencrypt")
validEmail, _ := core.ParseAcmeURL("mailto:[email protected]")
invalidEmail, _ := core.ParseAcmeURL("mailto:[email protected]")
malformedEmail, _ := core.ParseAcmeURL("mailto:admin.com")
err := validateContacts([]*core.AcmeURL{}, &mocks.MockDNS{})
test.AssertNotError(t, err, "No Contacts")
err = validateContacts([]*core.AcmeURL{tel}, &mocks.MockDNS{})
test.AssertNotError(t, err, "Simple Telephone")
err = validateContacts([]*core.AcmeURL{validEmail}, &mocks.MockDNS{})
test.AssertNotError(t, err, "Valid Email")
err = validateContacts([]*core.AcmeURL{invalidEmail}, &mocks.MockDNS{})
test.AssertError(t, err, "Invalid Email")
err = validateContacts([]*core.AcmeURL{malformedEmail}, &mocks.MockDNS{})
test.AssertError(t, err, "Malformed Email")
err = validateContacts([]*core.AcmeURL{ansible}, &mocks.MockDNS{})
test.AssertError(t, err, "Unknown scehme")
}
开发者ID:lmcro,项目名称:boulder,代码行数:25,代码来源:registration-authority_test.go
示例5: TestSendNags
func TestSendNags(t *testing.T) {
stats, _ := statsd.NewNoopClient(nil)
mc := mocks.Mailer{}
rs := newFakeRegStore()
fc := newFakeClock(t)
m := mailer{
stats: stats,
mailer: &mc,
emailTemplate: tmpl,
rs: rs,
clk: fc,
}
cert := &x509.Certificate{
Subject: pkix.Name{
CommonName: "happy",
},
NotAfter: fc.Now().AddDate(0, 0, 2),
DNSNames: []string{"example.com"},
}
email, _ := core.ParseAcmeURL("mailto:[email protected]")
emailB, _ := core.ParseAcmeURL("mailto:[email protected]")
err := m.sendNags([]*core.AcmeURL{email}, []*x509.Certificate{cert})
test.AssertNotError(t, err, "Failed to send warning messages")
test.AssertEquals(t, len(mc.Messages), 1)
test.AssertEquals(t, fmt.Sprintf(`hi, cert for DNS names example.com is going to expire in 2 days (%s)`, cert.NotAfter.Format(time.RFC822Z)), mc.Messages[0])
mc.Clear()
err = m.sendNags([]*core.AcmeURL{email, emailB}, []*x509.Certificate{cert})
test.AssertNotError(t, err, "Failed to send warning messages")
test.AssertEquals(t, len(mc.Messages), 2)
test.AssertEquals(t, fmt.Sprintf(`hi, cert for DNS names example.com is going to expire in 2 days (%s)`, cert.NotAfter.Format(time.RFC822Z)), mc.Messages[0])
test.AssertEquals(t, fmt.Sprintf(`hi, cert for DNS names example.com is going to expire in 2 days (%s)`, cert.NotAfter.Format(time.RFC822Z)), mc.Messages[1])
mc.Clear()
err = m.sendNags([]*core.AcmeURL{}, []*x509.Certificate{cert})
test.AssertNotError(t, err, "Not an error to pass no email contacts")
test.AssertEquals(t, len(mc.Messages), 0)
templates, err := template.ParseGlob("../../data/*.template")
test.AssertNotError(t, err, "Failed to parse templates")
for _, template := range templates.Templates() {
m.emailTemplate = template
err = m.sendNags(nil, []*x509.Certificate{cert})
test.AssertNotError(t, err, "failed to send nag")
}
}
开发者ID:linearregression,项目名称:boulder,代码行数:50,代码来源:main_test.go
示例6: CreateDomainAuthWithRegId
func CreateDomainAuthWithRegId(t *testing.T, domainName string, sa *SQLStorageAuthority, regID int64) (authz core.Authorization) {
// create pending auth
authz, err := sa.NewPendingAuthorization(core.Authorization{RegistrationID: regID, Challenges: []core.Challenge{core.Challenge{}}})
if err != nil {
t.Fatalf("Couldn't create new pending authorization: %s", err)
}
test.Assert(t, authz.ID != "", "ID shouldn't be blank")
// prepare challenge for auth
u, err := core.ParseAcmeURL(domainName)
test.AssertNotError(t, err, "Couldn't parse domainName "+domainName)
chall := core.Challenge{Type: "simpleHttp", Status: core.StatusValid, URI: u, Token: "THISWOULDNTBEAGOODTOKEN"}
combos := make([][]int, 1)
combos[0] = []int{0, 1}
exp := time.Now().AddDate(0, 0, 1) // expire in 1 day
// validate pending auth
authz.Status = core.StatusPending
authz.Identifier = core.AcmeIdentifier{Type: core.IdentifierDNS, Value: domainName}
authz.Expires = &exp
authz.Challenges = []core.Challenge{chall}
authz.Combinations = combos
// save updated auth
err = sa.UpdatePendingAuthorization(authz)
test.AssertNotError(t, err, "Couldn't update pending authorization with ID "+authz.ID)
return
}
开发者ID:josephyzhou,项目名称:boulder,代码行数:30,代码来源:storage-authority_test.go
示例7: mustParseAcmeURL
func mustParseAcmeURL(acmeURL string) *core.AcmeURL {
c, err := core.ParseAcmeURL(acmeURL)
if err != nil {
panic(fmt.Sprintf("unable to parse as AcmeURL %#v: %s", acmeURL, err))
}
return c
}
开发者ID:linearregression,项目名称:boulder,代码行数:7,代码来源:send_test.go
示例8: TestNewRegistration
func TestNewRegistration(t *testing.T) {
_, sa, ra, _, cleanUp := initAuthorities(t)
defer cleanUp()
mailto, _ := core.ParseAcmeURL("mailto:[email protected]")
input := core.Registration{
Contact: []*core.AcmeURL{mailto},
Key: AccountKeyB,
InitialIP: net.ParseIP("7.6.6.5"),
}
result, err := ra.NewRegistration(input)
if err != nil {
t.Fatalf("could not create new registration: %s", err)
}
test.Assert(t, core.KeyDigestEquals(result.Key, AccountKeyB), "Key didn't match")
test.Assert(t, len(result.Contact) == 1, "Wrong number of contacts")
test.Assert(t, mailto.String() == result.Contact[0].String(),
"Contact didn't match")
test.Assert(t, result.Agreement == "", "Agreement didn't default empty")
reg, err := sa.GetRegistration(result.ID)
test.AssertNotError(t, err, "Failed to retrieve registration")
test.Assert(t, core.KeyDigestEquals(reg.Key, AccountKeyB), "Retrieved registration differed.")
}
开发者ID:rf152,项目名称:boulder,代码行数:25,代码来源:registration-authority_test.go
示例9: TestNewRegistrationNoFieldOverwrite
func TestNewRegistrationNoFieldOverwrite(t *testing.T) {
_, _, _, ra, cleanUp := initAuthorities(t)
defer cleanUp()
mailto, _ := core.ParseAcmeURL("mailto:[email protected]")
input := core.Registration{
ID: 23,
Key: AccountKeyC,
Contact: []*core.AcmeURL{mailto},
Agreement: "I agreed",
}
result, err := ra.NewRegistration(input)
test.AssertNotError(t, err, "Could not create new registration")
test.Assert(t, result.ID != 23, "ID shouldn't be set by user")
// TODO: Enable this test case once we validate terms agreement.
//test.Assert(t, result.Agreement != "I agreed", "Agreement shouldn't be set with invalid URL")
id := result.ID
result2, err := ra.UpdateRegistration(result, core.Registration{
ID: 33,
Key: ShortKey,
})
test.AssertNotError(t, err, "Could not update registration")
test.Assert(t, result2.ID != 33, fmt.Sprintf("ID shouldn't be overwritten. expected %d, got %d", id, result2.ID))
test.Assert(t, !core.KeyDigestEquals(result2.Key, ShortKey), "Key shouldn't be overwritten")
}
开发者ID:lmcro,项目名称:boulder,代码行数:27,代码来源:registration-authority_test.go
示例10: TestDontFindRevokedCert
func TestDontFindRevokedCert(t *testing.T) {
expiresIn := 24 * time.Hour
ctx := setup(t, []time.Duration{expiresIn})
var keyA jose.JsonWebKey
err := json.Unmarshal(jsonKeyA, &keyA)
test.AssertNotError(t, err, "Failed to unmarshal public JWK")
emailA, _ := core.ParseAcmeURL("mailto:[email protected]")
regA := core.Registration{
ID: 1,
Contact: []*core.AcmeURL{
emailA,
},
Key: keyA,
InitialIP: net.ParseIP("6.5.5.6"),
}
regA, err = ctx.ssa.NewRegistration(regA)
if err != nil {
t.Fatalf("Couldn't store regA: %s", err)
}
rawCertA := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy A",
},
NotAfter: ctx.fc.Now().Add(expiresIn),
DNSNames: []string{"example-a.com"},
SerialNumber: big.NewInt(1337),
}
certDerA, _ := x509.CreateCertificate(rand.Reader, &rawCertA, &rawCertA, &testKey.PublicKey, &testKey)
certA := &core.Certificate{
RegistrationID: regA.ID,
Serial: "001",
Expires: rawCertA.NotAfter,
DER: certDerA,
}
certStatusA := &core.CertificateStatus{
Serial: "001",
Status: core.OCSPStatusRevoked,
}
setupDBMap, err := sa.NewDbMap("mysql+tcp://[email protected]:3306/boulder_sa_test")
err = setupDBMap.Insert(certA)
test.AssertNotError(t, err, "unable to insert Certificate")
err = setupDBMap.Insert(certStatusA)
test.AssertNotError(t, err, "unable to insert CertificateStatus")
err = ctx.m.findExpiringCertificates()
test.AssertNotError(t, err, "err from findExpiringCertificates")
if len(ctx.mc.Messages) != 0 {
t.Errorf("no emails should have been sent, but sent %d", len(ctx.mc.Messages))
}
}
开发者ID:bretthoerner,项目名称:boulder,代码行数:57,代码来源:main_test.go
示例11: TestSendNags
func TestSendNags(t *testing.T) {
stats, _ := statsd.NewNoopClient(nil)
mc := mockMail{}
rs := newFakeRegStore()
fc := clock.NewFake()
fc.Add(7 * 24 * time.Hour)
m := mailer{
stats: stats,
mailer: &mc,
emailTemplate: tmpl,
rs: rs,
clk: fc,
}
cert := &x509.Certificate{
Subject: pkix.Name{
CommonName: "happy",
},
NotAfter: fc.Now().AddDate(0, 0, 2),
DNSNames: []string{"example.com"},
}
email, _ := core.ParseAcmeURL("mailto:[email protected]")
emailB, _ := core.ParseAcmeURL("mailto:[email protected]")
err := m.sendNags(cert, []*core.AcmeURL{email})
test.AssertNotError(t, err, "Failed to send warning messages")
test.AssertEquals(t, len(mc.Messages), 1)
test.AssertEquals(t, fmt.Sprintf(`hi, cert for DNS names example.com is going to expire in 3 days (%s)`, cert.NotAfter), mc.Messages[0])
mc.Clear()
err = m.sendNags(cert, []*core.AcmeURL{email, emailB})
test.AssertNotError(t, err, "Failed to send warning messages")
test.AssertEquals(t, len(mc.Messages), 2)
test.AssertEquals(t, fmt.Sprintf(`hi, cert for DNS names example.com is going to expire in 3 days (%s)`, cert.NotAfter), mc.Messages[0])
test.AssertEquals(t, fmt.Sprintf(`hi, cert for DNS names example.com is going to expire in 3 days (%s)`, cert.NotAfter), mc.Messages[1])
mc.Clear()
err = m.sendNags(cert, []*core.AcmeURL{})
test.AssertNotError(t, err, "Not an error to pass no email contacts")
test.AssertEquals(t, len(mc.Messages), 0)
}
开发者ID:hotelzululima,项目名称:boulder,代码行数:43,代码来源:main_test.go
示例12: TestNewRegistrationBadKey
func TestNewRegistrationBadKey(t *testing.T) {
_, _, _, ra, cleanUp := initAuthorities(t)
defer cleanUp()
mailto, _ := core.ParseAcmeURL("mailto:[email protected]")
input := core.Registration{
Contact: []*core.AcmeURL{mailto},
Key: ShortKey,
}
_, err := ra.NewRegistration(input)
test.AssertError(t, err, "Should have rejected authorization with short key")
}
开发者ID:lmcro,项目名称:boulder,代码行数:12,代码来源:registration-authority_test.go
示例13: CreateWorkingRegistration
// CreateWorkingRegistration inserts a new, correct Registration into
// SA using GoodKey under the hood. This a hack to allow both the CA
// and SA tests to benefit because the CA tests currently require a
// full-fledged SQLSAImpl. Long term, when the CA tests no longer need
// CreateWorkingRegistration, this and CreateWorkingRegistration can
// be pushed back into the SA tests proper.
func CreateWorkingRegistration(t *testing.T, sa core.StorageAuthority) core.Registration {
contact, err := core.ParseAcmeURL("mailto:[email protected]")
if err != nil {
t.Fatalf("unable to parse contact link: %s", err)
}
contacts := []*core.AcmeURL{contact}
reg, err := sa.NewRegistration(core.Registration{
Key: GoodJWK(),
Contact: contacts,
})
if err != nil {
t.Fatalf("Unable to create new registration")
}
return reg
}
开发者ID:JoeHorn,项目名称:boulder,代码行数:21,代码来源:satest.go
示例14: modelToChallenge
func modelToChallenge(cm *challModel) (core.Challenge, error) {
c := core.Challenge{
Type: cm.Type,
Status: cm.Status,
Validated: cm.Validated,
Token: cm.Token,
TLS: cm.TLS,
}
if len(cm.URI) > 0 {
uri, err := core.ParseAcmeURL(cm.URI)
if err != nil {
return core.Challenge{}, err
}
c.URI = uri
}
if len(cm.Validation) > 0 {
val, err := jose.ParseSigned(string(cm.Validation))
if err != nil {
return core.Challenge{}, err
}
c.Validation = val
}
if len(cm.Error) > 0 {
var problem core.ProblemDetails
err := json.Unmarshal(cm.Error, &problem)
if err != nil {
return core.Challenge{}, err
}
c.Error = &problem
}
if len(cm.ValidationRecord) > 0 {
var vr []core.ValidationRecord
err := json.Unmarshal(cm.ValidationRecord, &vr)
if err != nil {
return core.Challenge{}, err
}
c.ValidationRecord = vr
}
if len(cm.AccountKey) > 0 {
var ak jose.JsonWebKey
err := json.Unmarshal(cm.AccountKey, &ak)
if err != nil {
return core.Challenge{}, err
}
c.AccountKey = &ak
}
return c, nil
}
开发者ID:josephyzhou,项目名称:boulder,代码行数:48,代码来源:model.go
示例15: CreateWorkingRegistration
// CreateWorkingRegistration inserts a new, correct Registration into
// SA using GoodKey under the hood. This a hack to allow both the CA
// and SA tests to benefit because the CA tests currently require a
// full-fledged SQLSAImpl. Long term, when the CA tests no longer need
// CreateWorkingRegistration, this and CreateWorkingRegistration can
// be pushed back into the SA tests proper.
func CreateWorkingRegistration(t *testing.T, sa core.StorageAdder) core.Registration {
contact, err := core.ParseAcmeURL("mailto:[email protected]")
if err != nil {
t.Fatalf("unable to parse contact link: %s", err)
}
contacts := &[]*core.AcmeURL{contact}
reg, err := sa.NewRegistration(context.Background(), core.Registration{
Key: GoodJWK(),
Contact: contacts,
InitialIP: net.ParseIP("88.77.66.11"),
CreatedAt: time.Date(2003, 5, 10, 0, 0, 0, 0, time.UTC),
})
if err != nil {
t.Fatalf("Unable to create new registration: %s", err)
}
return reg
}
开发者ID:MTRNord,项目名称:boulder-freifunk_support,代码行数:23,代码来源:satest.go
示例16: TestLifetimeOfACert
func TestLifetimeOfACert(t *testing.T) {
ctx := setup(t, []time.Duration{time.Hour * 24, time.Hour * 24 * 4, time.Hour * 24 * 7})
defer ctx.cleanUp()
var keyA jose.JsonWebKey
err := json.Unmarshal(jsonKeyA, &keyA)
test.AssertNotError(t, err, "Failed to unmarshal public JWK")
emailA, _ := core.ParseAcmeURL("mailto:[email protected]")
regA := core.Registration{
ID: 1,
Contact: []*core.AcmeURL{
emailA,
},
Key: keyA,
InitialIP: net.ParseIP("1.2.2.1"),
}
regA, err = ctx.ssa.NewRegistration(regA)
if err != nil {
t.Fatalf("Couldn't store regA: %s", err)
}
rawCertA := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy A",
},
NotAfter: ctx.fc.Now(),
DNSNames: []string{"example-a.com"},
SerialNumber: big.NewInt(1337),
}
certDerA, _ := x509.CreateCertificate(rand.Reader, &rawCertA, &rawCertA, &testKey.PublicKey, &testKey)
certA := &core.Certificate{
RegistrationID: regA.ID,
Serial: "001",
Expires: rawCertA.NotAfter,
DER: certDerA,
}
certStatusA := &core.CertificateStatus{
Serial: "001",
Status: core.OCSPStatusGood,
}
setupDBMap, err := sa.NewDbMap("mysql+tcp://[email protected]:3306/boulder_sa_test")
err = setupDBMap.Insert(certA)
test.AssertNotError(t, err, "unable to insert Certificate")
err = setupDBMap.Insert(certStatusA)
test.AssertNotError(t, err, "unable to insert CertificateStatus")
type lifeTest struct {
timeLeft time.Duration
numMsgs int
context string
}
tests := []lifeTest{
{
timeLeft: 9 * 24 * time.Hour, // 9 days before expiration
numMsgs: 0,
context: "Expected no emails sent because we are more than 7 days out.",
},
{
(7*24 + 12) * time.Hour, // 7.5 days before
1,
"Sent 1 for 7 day notice.",
},
{
7 * 24 * time.Hour,
1,
"The 7 day email was already sent.",
},
{
(4*24 - 1) * time.Hour, // <4 days before, the mailer did not run yesterday
2,
"Sent 1 for the 7 day notice, and 1 for the 4 day notice.",
},
{
36 * time.Hour, // within 1day + nagMargin
3,
"Sent 1 for the 7 day notice, 1 for the 4 day notice, and 1 for the 1 day notice.",
},
{
12 * time.Hour,
3,
"The 1 day before email was already sent.",
},
{
-2 * 24 * time.Hour, // 2 days after expiration
3,
"No expiration warning emails are sent after expiration",
},
}
for _, tt := range tests {
ctx.fc.Add(-tt.timeLeft)
err = ctx.m.findExpiringCertificates()
test.AssertNotError(t, err, "error calling findExpiringCertificates")
if len(ctx.mc.Messages) != tt.numMsgs {
t.Errorf(tt.context+" number of messages: expected %d, got %d", tt.numMsgs, len(ctx.mc.Messages))
//.........这里部分代码省略.........
开发者ID:bretthoerner,项目名称:boulder,代码行数:101,代码来源:main_test.go
示例17: TestFindExpiringCertificates
func TestFindExpiringCertificates(t *testing.T) {
ctx := setup(t, []time.Duration{time.Hour * 24, time.Hour * 24 * 4, time.Hour * 24 * 7})
log.Clear()
err := ctx.m.findExpiringCertificates()
test.AssertNotError(t, err, "Failed on no certificates")
test.AssertEquals(t, len(log.GetAllMatching("Searching for certificates that expire between.*")), 3)
// Add some expiring certificates and registrations
emailA, _ := core.ParseAcmeURL("mailto:[email protected]")
emailB, _ := core.ParseAcmeURL("mailto:[email protected]")
var keyA jose.JsonWebKey
var keyB jose.JsonWebKey
err = json.Unmarshal(jsonKeyA, &keyA)
test.AssertNotError(t, err, "Failed to unmarshal public JWK")
err = json.Unmarshal(jsonKeyB, &keyB)
test.AssertNotError(t, err, "Failed to unmarshal public JWK")
regA := core.Registration{
ID: 1,
Contact: []*core.AcmeURL{
emailA,
},
Key: keyA,
InitialIP: net.ParseIP("2.3.2.3"),
}
regB := core.Registration{
ID: 2,
Contact: []*core.AcmeURL{
emailB,
},
Key: keyB,
InitialIP: net.ParseIP("2.3.2.3"),
}
regA, err = ctx.ssa.NewRegistration(regA)
if err != nil {
t.Fatalf("Couldn't store regA: %s", err)
}
regB, err = ctx.ssa.NewRegistration(regB)
if err != nil {
t.Fatalf("Couldn't store regB: %s", err)
}
// Expires in <1d, last nag was the 4d nag
rawCertA := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy A",
},
NotAfter: ctx.fc.Now().Add(23 * time.Hour),
DNSNames: []string{"example-a.com"},
SerialNumber: big.NewInt(1337),
}
certDerA, _ := x509.CreateCertificate(rand.Reader, &rawCertA, &rawCertA, &testKey.PublicKey, &testKey)
certA := &core.Certificate{
RegistrationID: regA.ID,
Serial: "001",
Expires: rawCertA.NotAfter,
DER: certDerA,
}
certStatusA := &core.CertificateStatus{
Serial: "001",
LastExpirationNagSent: ctx.fc.Now().AddDate(0, 0, -3),
Status: core.OCSPStatusGood,
}
// Expires in 3d, already sent 4d nag at 4.5d
rawCertB := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy B",
},
NotAfter: ctx.fc.Now().AddDate(0, 0, 3),
DNSNames: []string{"example-b.com"},
SerialNumber: big.NewInt(1337),
}
certDerB, _ := x509.CreateCertificate(rand.Reader, &rawCertB, &rawCertB, &testKey.PublicKey, &testKey)
certB := &core.Certificate{
RegistrationID: regA.ID,
Serial: "002",
Expires: rawCertB.NotAfter,
DER: certDerB,
}
certStatusB := &core.CertificateStatus{
Serial: "002",
LastExpirationNagSent: ctx.fc.Now().Add(-36 * time.Hour),
Status: core.OCSPStatusGood,
}
// Expires in 7d and change, no nag sent at all yet
rawCertC := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy C",
},
NotAfter: ctx.fc.Now().Add((7*24 + 1) * time.Hour),
DNSNames: []string{"example-c.com"},
SerialNumber: big.NewInt(1337),
}
certDerC, _ := x509.CreateCertificate(rand.Reader, &rawCertC, &rawCertC, &testKey.PublicKey, &testKey)
certC := &core.Certificate{
RegistrationID: regB.ID,
Serial: "003",
Expires: rawCertC.NotAfter,
//.........这里部分代码省略.........
开发者ID:bretthoerner,项目名称:boulder,代码行数:101,代码来源:main_test.go
示例18: TestFindExpiringCertificates
func TestFindExpiringCertificates(t *testing.T) {
ctx := setup(t, []time.Duration{time.Hour * 24, time.Hour * 24 * 4, time.Hour * 24 * 7})
ctx.fc.Add(7 * 24 * time.Hour)
log.Clear()
err := ctx.m.findExpiringCertificates()
test.AssertNotError(t, err, "Failed on no certificates")
test.AssertEquals(t, len(log.GetAllMatching("Searching for certificates that expire between.*")), 3)
// Add some expiring certificates and registrations
emailA, _ := core.ParseAcmeURL("mailto:[email protected]")
emailB, _ := core.ParseAcmeURL("mailto:[email protected]")
var keyA jose.JsonWebKey
var keyB jose.JsonWebKey
err = json.Unmarshal(jsonKeyA, &keyA)
test.AssertNotError(t, err, "Failed to unmarshal public JWK")
err = json.Unmarshal(jsonKeyB, &keyB)
test.AssertNotError(t, err, "Failed to unmarshal public JWK")
regA := core.Registration{
ID: 1,
Contact: []*core.AcmeURL{
emailA,
},
Key: keyA,
}
regB := core.Registration{
ID: 2,
Contact: []*core.AcmeURL{
emailB,
},
Key: keyB,
}
regA, err = ctx.ssa.NewRegistration(regA)
if err != nil {
t.Fatalf("Couldn't store regA: %s", err)
}
regB, err = ctx.ssa.NewRegistration(regB)
if err != nil {
t.Fatalf("Couldn't store regB: %s", err)
}
rawCertA := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy A",
},
// This is slightly within the ultime nag window (one day)
NotAfter: ctx.fc.Now().AddDate(0, 0, 1).Add(-time.Hour),
DNSNames: []string{"example-a.com"},
SerialNumber: big.NewInt(1337),
}
certDerA, _ := x509.CreateCertificate(rand.Reader, &rawCertA, &rawCertA, &testKey.PublicKey, &testKey)
certA := &core.Certificate{
RegistrationID: regA.ID,
Serial: "001",
Expires: rawCertA.NotAfter,
DER: certDerA,
}
// Already sent a nag but too long ago
certStatusA := &core.CertificateStatus{
Serial: "001",
LastExpirationNagSent: ctx.fc.Now().Add(-time.Hour * 24 * 3),
Status: core.OCSPStatusGood,
}
rawCertB := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy B",
},
NotAfter: ctx.fc.Now().AddDate(0, 0, 3),
DNSNames: []string{"example-b.com"},
SerialNumber: big.NewInt(1337),
}
certDerB, _ := x509.CreateCertificate(rand.Reader, &rawCertB, &rawCertB, &testKey.PublicKey, &testKey)
certB := &core.Certificate{
RegistrationID: regA.ID,
Serial: "002",
Expires: rawCertB.NotAfter,
DER: certDerB,
}
// Already sent a nag for this period
certStatusB := &core.CertificateStatus{
Serial: "002",
LastExpirationNagSent: ctx.fc.Now().Add(-time.Hour * 24 * 3),
Status: core.OCSPStatusGood,
}
rawCertC := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy C",
},
// This is within the earliest nag window (7 days)
NotAfter: ctx.fc.Now().AddDate(0, 0, 6),
DNSNames: []string{"example-c.com"},
SerialNumber: big.NewInt(1337),
}
certDerC, _ := x509.CreateCertificate(rand.Reader, &rawCertC, &rawCertC, &testKey.PublicKey, &testKey)
certC := &core.Certificate{
RegistrationID: regB.ID,
Serial: "003",
Expires: rawCertC.NotAfter,
DER: certDerC,
//.........这里部分代码省略.........
开发者ID:KyleChamberlin,项目名称:boulder,代码行数:101,代码来源:main_test.go
示例19: NewAuthorization
// NewAuthorization constuct a new Authz from a request.
func (ra *RegistrationAuthorityImpl) NewAuthorization(request core.Authorization, regID int64) (authz core.Authorization, err error) {
reg, err := ra.SA.GetRegistration(regID)
if err != nil {
err = core.MalformedRequestError(fmt.Sprintf("Invalid registration ID: %d", regID))
return authz, err
}
identifier := request.Identifier
// Check that the identifier is present and appropriate
if err = ra.PA.WillingToIssue(identifier); err != nil {
err = core.UnauthorizedError(err.Error())
return authz, err
}
// Check CAA records for the requested identifier
present, valid, err := ra.VA.CheckCAARecords(identifier)
if err != nil {
return authz, err
}
// AUDIT[ Certificate Requests ] 11917fa4-10ef-4e0d-9105-bacbe7836a3c
ra.log.Audit(fmt.Sprintf("Checked CAA records for %s, registration ID %d [Present: %t, Valid for issuance: %t]", identifier.Value, regID, present, valid))
if !valid {
err = errors.New("CAA check for identifier failed")
return authz, err
}
// Create validations, but we have to update them with URIs later
challenges, combinations := ra.PA.ChallengesFor(identifier)
// Partially-filled object
authz = core.Authorization{
Identifier: identifier,
RegistrationID: regID,
Status: core.StatusPending,
Combinations: combinations,
Challenges: challenges,
}
// Get a pending Auth first so we can get our ID back, then update with challenges
authz, err = ra.SA.NewPendingAuthorization(authz)
if err != nil {
// InternalServerError since the user-data was validated before being
// passed to the SA.
err = core.InternalServerError(fmt.Sprintf("Invalid authorization request: %s", err))
return authz, err
}
// Construct all the challenge URIs
for i := range authz.Challenges {
// Ignoring these errors because we construct the URLs to be correct
challengeURI, _ := core.ParseAcmeURL(ra.AuthzBase + authz.ID + "?challenge=" + strconv.Itoa(i))
authz.Challenges[i].URI = challengeURI
// Add the account key used to generate the challenge
authz.Challenges[i].AccountKey = ®.Key
if !authz.Challenges[i].IsSane(false) {
// InternalServerError because we generated these challenges, they should
// be OK.
err = core.InternalServerError(fmt.Sprintf("Challenge didn't pass sanity check: %+v", authz.Challenges[i]))
return authz, err
}
}
// Store the authorization object, then return it
err = ra.SA.UpdatePendingAuthorization(authz)
if err != nil {
// InternalServerError because we created the authorization just above,
// and adding Sane challenges should not break it.
err = core.InternalServerError(err.Error())
}
return authz, err
}
开发者ID:devpaul,项目名称:boulder,代码行数:75,代码来源:registration-authority.go
示例20: TestFindExpiringCertificates
func TestFindExpiringCertificates(t *testing.T) {
dbMap, err := sa.NewDbMap(dbConnStr)
if err != nil {
t.Fatalf("Couldn't connect the database: %s", err)
}
cleanUp := test.ResetTestDatabase(t, dbMap.Db)
ssa, err := sa.NewSQLStorageAuthority(dbMap)
if err != nil {
t.Fatalf("unable to create SQLStorageAuthority: %s", err)
}
defer cleanUp()
tmpl, err := template.New("expiry-email").Parse(testTmpl)
test.AssertNotError(t, err, "Couldn't parse test email template")
stats, _ := statsd.NewNoopClient(nil)
mc := mockMail{}
m := mailer{
log: blog.GetAuditLogger(),
stats: stats,
mailer: &mc,
emailTemplate: tmpl,
dbMap: dbMap,
rs: ssa,
nagTimes: []time.Duration{time.Hour * 24, time.Hour * 24 * 4, time.Hour * 24 * 7},
limit: 100,
}
log.Clear()
err = m.findExpiringCertificates()
test.AssertNotError(t, err, "Failed on no certificates")
test.AssertEquals(t, len(log.GetAllMatching("Searching for certificates that expire between.*")), 3)
// Add some expiring certificates and registrations
emailA, _ := core.ParseAcmeURL("mailto:[email protected]")
emailB, _ := core.ParseAcmeURL("mailto:[email protected]")
var keyA jose.JsonWebKey
var keyB jose.JsonWebKey
err = json.Unmarshal(jsonKeyA, &keyA)
test.AssertNotError(t, err, "Failed to unmarshal public JWK")
err = json.Unmarshal(jsonKeyB, &keyB)
test.AssertNotError(t, err, "Failed to unmarshal public JWK")
regA := core.Registration{
ID: 1,
Contact: []*core.AcmeURL{
emailA,
},
Key: keyA,
}
regB := core.Registration{
ID: 2,
Contact: []*core.AcmeURL{
emailB,
},
Key: keyB,
}
regA, err = ssa.NewRegistration(regA)
if err != nil {
t.Fatalf("Couldn't store regA: %s", err)
}
regB, err = ssa.NewRegistration(regB)
if err != nil {
t.Fatalf("Couldn't store regB: %s", err)
}
rawCertA := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy A",
},
NotAfter: time.Now().AddDate(0, 0, 1),
DNSNames: []string{"example-a.com"},
SerialNumber: big.NewInt(1337),
}
certDerA, _ := x509.CreateCertificate(rand.Reader, &rawCertA, &rawCertA, &testKey.PublicKey, &testKey)
certA := &core.Certificate{
RegistrationID: regA.ID,
Status: core.StatusValid,
Serial: "001",
Expires: time.Now().AddDate(0, 0, 1),
DER: certDerA,
}
// Already sent a nag but too long ago
certStatusA := &core.CertificateStatus{Serial: "001", LastExpirationNagSent: time.Now().Add(-time.Hour * 24 * 3)}
rawCertB := x509.Certificate{
Subject: pkix.Name{
CommonName: "happy B",
},
NotAfter: time.Now().AddDate(0, 0, 3),
DNSNames: []string{"example-b.com"},
SerialNumber: big.NewInt(1337),
}
certDerB, _ := x509.CreateCertificate(rand.Reader, &rawCertB, &rawCertB, &testKey.PublicKey, &testKey)
certB := &core.Certificate{
RegistrationID: regA.ID,
Status: core.StatusValid,
Serial: "002",
Expires: time.Now().AddDate(0, 0, 3),
DER: certDerB,
}
// Already sent a nag for this period
certStatusB := &core.CertificateStatus{Serial: "002", LastExpirationNagSent: time.Now().Add(-time.Hour * 24 * 3)}
rawCertC := x509.Certificate{
//.........这里部分代码省略.........
开发者ID:JoeHorn,项目名称:boulder,代码行数:101,代码来源:main_test.go
注:本文中的github.com/letsencrypt/boulder/core.ParseAcmeURL函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论