* test) sync of mod_md test cases from github.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1897864 13f79535-47bb-0310-9956-ffa450edef68
author: Stefan Eissing <icing@apache.org> 2022-02-08 13:19:07 +0100
committer: Stefan Eissing <icing@apache.org> 2022-02-08 13:19:07 +0100
commit: f4040ecb1478c0db1f62af6add4d8eb9ae640d7b (patch)
tree: 0e3c516911223c1d35116eadc22c4dffe957277f /test/modules/md
parent: * mod_md) do not interfere with requests to /.well-known/acme-challenge/ (diff)
download: apache2-f4040ecb1478c0db1f62af6add4d8eb9ae640d7b.tar.xz
apache2-f4040ecb1478c0db1f62af6add4d8eb9ae640d7b.zip
3 files changed, 61 insertions, 17 deletions
diff --git a/test/modules/md/test_300_conf_validate.py b/test/modules/md/test_300_conf_validate.py
index 0efbb115ea..e6b0561f82 100644
--- a/test/modules/md/test_300_conf_validate.py
+++ b/test/modules/md/test_300_conf_validate.py
@@ -342,3 +342,26 @@ class TestConf:
         md = env.get_md_status(domain)
         assert md['ca']['url'] == url
 
+    # vhost on another address, see #278
+    def test_md_300_026(self, env):
+        assert env.apache_stop() == 0
+        conf = MDConf(env)
+        domain = f"t300_026.{env.http_tld}"
+        conf.add(f"""
+            MDomain {domain}
+            """)
+        conf.add_vhost(port=env.http_port, domains=[domain], with_ssl=False)
+        conf.add(f"""
+            <VirtualHost 10.0.0.1:{env.https_port}>
+              ServerName {domain}
+              ServerAlias xxx.{env.http_tld}
+              SSLEngine on
+            </VirtualHost>
+            <VirtualHost 10.0.0.1:12345>
+              ServerName {domain}
+              SSLEngine on
+            </VirtualHost>
+            """)
+        conf.install()
+        assert env.apache_restart() == 0
+
diff --git a/test/modules/md/test_702_auto.py b/test/modules/md/test_702_auto.py
index 6864b0d2bc..57187ad749 100644
--- a/test/modules/md/test_702_auto.py
+++ b/test/modules/md/test_702_auto.py
@@ -661,7 +661,7 @@ class TestAutov2:
             "<IfModule tls_module>",
             f"  TLSEngine {env.https_port}",
             "</IfModule>",
-            ])
+        ])
         conf.add_md([domain])
         conf.install()
         assert env.apache_restart() == 0
diff --git a/test/modules/md/test_720_wildcard.py b/test/modules/md/test_720_wildcard.py
index 07d0dcadca..23b311c3a4 100644
--- a/test/modules/md/test_720_wildcard.py
+++ b/test/modules/md/test_720_wildcard.py
@@ -1,4 +1,4 @@
-# test wildcard certificates
+# test wildcard certifcates
 import os
 
 import pytest
@@ -25,9 +25,7 @@ class TestWildcard:
         env.clear_store()
         self.test_domain = env.get_request_domain(request)
 
-    # -----------------------------------------------------------------------------------------------
     # test case: a wildcard certificate with ACMEv2, no dns-01 supported
-    #
     def test_md_720_001(self, env):
         domain = self.test_domain
         
@@ -47,9 +45,7 @@ class TestWildcard:
         assert md['renewal']['errors'] > 0
         assert md['renewal']['last']['problem'] == 'challenge-mismatch'
 
-    # -----------------------------------------------------------------------------------------------
-    # test case: a wildcard certificate with ACMEv2, only dns-01 configured, invalid command path 
-    #
+    # test case: a wildcard certificate with ACMEv2, only dns-01 configured, invalid command path
     def test_md_720_002(self, env):
         dns01cmd = os.path.join(env.test_dir, "../modules/md/dns01-not-found.py")
 
@@ -96,9 +92,7 @@ class TestWildcard:
         for domain in domains:
             assert domain in altnames
 
-    # -----------------------------------------------------------------------------------------------
-    # test case: a wildcard certificate with ACMEv2, only dns-01 configured, invalid command option 
-    #
+    # test case: a wildcard certificate with ACMEv2, only dns-01 configured, invalid command option
     def test_md_720_003(self, env):
         dns01cmd = os.path.join(env.test_dir, "../modules/md/dns01.py fail")
         domain = self.test_domain
@@ -120,9 +114,7 @@ class TestWildcard:
         assert md['renewal']['errors'] > 0
         assert md['renewal']['last']['problem'] == 'challenge-setup-failure'
 
-    # -----------------------------------------------------------------------------------------------
-    # test case: a wildcard name certificate with ACMEv2, only dns-01 configured 
-    #
+    # test case: a wildcard name certificate with ACMEv2, only dns-01 configured
     def test_md_720_004(self, env):
         dns01cmd = os.path.join(env.test_dir, "../modules/md/dns01.py")
         domain = self.test_domain
@@ -147,9 +139,7 @@ class TestWildcard:
         for domain in domains:
             assert domain in altnames
 
-    # -----------------------------------------------------------------------------------------------
     # test case: a wildcard name and 2nd normal vhost, not overlapping
-    #
     def test_md_720_005(self, env):
         dns01cmd = os.path.join(env.test_dir, "../modules/md/dns01.py")
         domain = self.test_domain
@@ -176,7 +166,6 @@ class TestWildcard:
         for domain in domains:
             assert domain in altnames
 
-    # -----------------------------------------------------------------------------------------------
     # test case: a wildcard name and 2nd normal vhost, overlapping
     def test_md_720_006(self, env):
         dns01cmd = os.path.join(env.test_dir, "../modules/md/dns01.py")
@@ -205,7 +194,6 @@ class TestWildcard:
         for domain in [domain, dwild]:
             assert domain in altnames
 
-    # -----------------------------------------------------------------------------------------------
     # test case: a MDomain with just a wildcard, see #239
     def test_md_720_007(self, env):
         dns01cmd = os.path.join(env.test_dir, "../modules/md/dns01.py")
@@ -231,3 +219,36 @@ class TestWildcard:
         cert_a = env.get_cert(wwwdomain)
         altnames = cert_a.get_san_list()
         assert domains == altnames
+
+    # test case: a plain name, only dns-01 configured,
+    # http-01 should not be intercepted. See #279
+    def test_md_720_008(self, env):
+        dns01cmd = os.path.join(env.test_dir, "../modules/md/dns01.py")
+        domain = self.test_domain
+        domains = [domain]
+
+        conf = MDConf(env)
+        conf.add("MDCAChallenges dns-01")
+        conf.add(f"MDChallengeDns01 {dns01cmd}")
+        conf.add_md(domains)
+        conf.add_vhost(domains)
+        conf.add("LogLevel http:trace4")
+        conf.install()
+
+        challengedir = os.path.join(env.server_dir, "htdocs/test1/.well-known/acme-challenge")
+        env.mkpath(challengedir)
+        content = b'not a challenge'
+        with open(os.path.join(challengedir, "123456"), "wb") as fd:
+            fd.write(content)
+
+        # restart, check that md is in store
+        assert env.apache_restart() == 0
+        env.check_md(domains)
+        # await drive completion
+        assert env.await_completion([domain], restart=False)
+        # access a fake http-01 challenge on the domain
+        r = env.curl_get(f"http://{domain}:{env.http_port}/.well-known/acme-challenge/123456")
+        assert r.response['status'] == 200
+        assert r.response['body'] == content
+        assert env.apache_restart() == 0
+        env.check_md_complete(domain)
author	Stefan Eissing <icing@apache.org>	2022-02-08 13:19:07 +0100
committer	Stefan Eissing <icing@apache.org>	2022-02-08 13:19:07 +0100
commit	f4040ecb1478c0db1f62af6add4d8eb9ae640d7b (patch)
tree	0e3c516911223c1d35116eadc22c4dffe957277f /test/modules/md
parent	* mod_md) do not interfere with requests to /.well-known/acme-challenge/ (diff)
download	apache2-f4040ecb1478c0db1f62af6add4d8eb9ae640d7b.tar.xz apache2-f4040ecb1478c0db1f62af6add4d8eb9ae640d7b.zip