a/certmagic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
aad674cda5
certmagic/dnsutil_test.go

266 lines
6.9 KiB
Go
Raw Normal View History

Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
package certmagic
// Code in this file adapted from go-acme/lego, July 2020:
// https://github.com/go-acme/lego
// by Ludovic Fernandez and Dominik Menke
//
// It has been modified.
import (
Use the configured resolvers exclusively (#131) (fix #132) * feature: add optional !important suffix if !important is added to any of the resolvers, then all are considered exclusive and no other fallbacks will be added. * fix: !important can be on it's own * simplify recursiveNameservers - use custom OR default nameservers - add testing * removed print line * tests: fixed defaults when resolv.conf is found
2021-06-09 05:14:45 +10:00
"net"
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
"reflect"
chore: Skip slow tests on Windows (#229)
2023-04-19 02:47:55 +10:00
"runtime"
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
"sort"
"strings"
"testing"
Improve DNS related logging
2024-04-09 04:24:15 +10:00
"go.uber.org/zap"
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
)
func TestLookupNameserversOK(t *testing.T) {
testCases := []struct {
fqdn string
nss []string
}{
{
fqdn: "physics.georgetown.edu.",
nss: []string{"ns4.georgetown.edu.", "ns5.georgetown.edu.", "ns6.georgetown.edu."},
},
}
for i, test := range testCases {
test := test
Synchronize caching of managed certs Should prevent stampedes to storage. See #185 Also minor fixes elsewhere.
2023-01-17 14:48:46 +10:00
i := i
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
t.Run(test.fqdn, func(t *testing.T) {
t.Parallel()
Improve DNS related logging
2024-04-09 04:24:15 +10:00
nss, err := lookupNameservers(zap.NewNop(), test.fqdn, recursiveNameservers(nil))
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
if err != nil {
t.Errorf("Expected no error, got: %v", err)
}
sort.Strings(nss)
sort.Strings(test.nss)
if !reflect.DeepEqual(test.nss, nss) {
t.Errorf("Test %d: expected %+v but got %+v", i, test.nss, nss)
}
})
}
}
func TestLookupNameserversErr(t *testing.T) {
testCases := []struct {
desc string
fqdn string
error string
}{
{
desc: "invalid tld",
fqdn: "_null.n0n0.",
error: "could not determine the zone",
},
}
for i, test := range testCases {
test := test
Synchronize caching of managed certs Should prevent stampedes to storage. See #185 Also minor fixes elsewhere.
2023-01-17 14:48:46 +10:00
i := i
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
Improve DNS related logging
2024-04-09 04:24:15 +10:00
_, err := lookupNameservers(zap.NewNop(), test.fqdn, nil)
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
if err == nil {
t.Errorf("expected error, got none")
}
if !strings.Contains(err.Error(), test.error) {
t.Errorf("Test %d: Expected error to contain '%s' but got '%s'", i, test.error, err.Error())
}
})
}
}
var findXByFqdnTestCases = []struct {
desc string
fqdn string
zone string
primaryNs string
nameservers []string
expectedError string
chore: Skip slow tests on Windows (#229)
2023-04-19 02:47:55 +10:00
skipTest bool
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
}{
{
desc: "domain is a CNAME",
Change tests that relied on accessing mail servers from CI env Also loosen up substring error checking a bit
2020-09-15 06:01:17 +10:00
fqdn: "scholar.google.com.",
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
zone: "google.com.",
primaryNs: "ns1.google.com.",
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
nameservers: recursiveNameservers(nil),
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
},
{
desc: "domain is a non-existent subdomain",
fqdn: "foo.google.com.",
zone: "google.com.",
primaryNs: "ns1.google.com.",
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
nameservers: recursiveNameservers(nil),
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
},
{
desc: "domain is a eTLD",
fqdn: "example.com.ac.",
zone: "ac.",
primaryNs: "a0.nic.ac.",
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
nameservers: recursiveNameservers(nil),
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
},
{
desc: "domain is a cross-zone CNAME",
fqdn: "cross-zone-example.assets.sh.",
zone: "assets.sh.",
primaryNs: "gina.ns.cloudflare.com.",
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
nameservers: recursiveNameservers(nil),
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
},
{
desc: "NXDOMAIN",
fqdn: "test.loho.jkl.",
zone: "loho.jkl.",
nameservers: []string{"1.1.1.1:53"},
expectedError: "could not find the start of authority for test.loho.jkl.: NXDOMAIN",
},
{
desc: "several non existent nameservers",
Change tests that relied on accessing mail servers from CI env Also loosen up substring error checking a bit
2020-09-15 06:01:17 +10:00
fqdn: "scholar.google.com.",
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
zone: "google.com.",
primaryNs: "ns1.google.com.",
nameservers: []string{":7053", ":8053", "1.1.1.1:53"},
chore: Skip slow tests on Windows (#229)
2023-04-19 02:47:55 +10:00
// Windows takes a super long time to timeout and this negatively impacts CI.
// Essentially, we know this works, but Windows is just slow to give up.
skipTest: runtime.GOOS == "windows",
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
},
{
desc: "only non existent nameservers",
Change tests that relied on accessing mail servers from CI env Also loosen up substring error checking a bit
2020-09-15 06:01:17 +10:00
fqdn: "scholar.google.com.",
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
zone: "google.com.",
nameservers: []string{":7053", ":8053", ":9053"},
Fix test failing on Windows
2020-09-15 06:08:11 +10:00
expectedError: "could not find the start of authority for scholar.google.com.:",
chore: Skip slow tests on Windows (#229)
2023-04-19 02:47:55 +10:00
// Windows takes a super long time to timeout and this negatively impacts CI.
// Essentially, we know this works, but Windows is just slow to give up.
skipTest: runtime.GOOS == "windows",
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
},
{
desc: "no nameservers",
fqdn: "test.ldez.com.",
zone: "ldez.com.",
nameservers: []string{},
expectedError: "could not find the start of authority for test.ldez.com.",
},
}
func TestFindZoneByFqdn(t *testing.T) {
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
for i, test := range findXByFqdnTestCases {
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
t.Run(test.desc, func(t *testing.T) {
chore: Skip slow tests on Windows (#229)
2023-04-19 02:47:55 +10:00
if test.skipTest {
t.Skip("skipping test")
}
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
clearFqdnCache()
Improve DNS related logging
2024-04-09 04:24:15 +10:00
zone, err := findZoneByFQDN(zap.NewNop(), test.fqdn, test.nameservers)
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
if test.expectedError != "" {
if err == nil {
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
t.Errorf("test %d: expected error, got none", i)
return
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
}
if !strings.Contains(err.Error(), test.expectedError) {
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
t.Errorf("test %d: expected error to contain '%s' but got '%s'", i, test.expectedError, err.Error())
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
}
} else {
if err != nil {
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
t.Errorf("test %d: expected no error, but got: %v", i, err)
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
}
if zone != test.zone {
Configure custom DNS resolvers to be preferred over default resolvers This makes the DNS challenge usable with split-horizon DNS. Related: - https://github.com/go-acme/lego/issues/461 - https://github.com/caddyserver/caddy/issues/1580 - https://github.com/go-acme/lego/issues/379/ - https://github.com/go-acme/lego/pull/293/
2020-08-22 12:22:42 +10:00
t.Errorf("test %d: expected zone '%s' but got '%s'", i, zone, test.zone)
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
}
}
})
}
}
func TestResolveConfServers(t *testing.T) {
var testCases = []struct {
fixture string
expected []string
defaults []string
}{
{
fixture: "testdata/resolv.conf.1",
defaults: []string{"127.0.0.1:53"},
Properly ensure port is added to all nameservers
2020-09-10 05:28:57 +10:00
expected: []string{"10.200.3.249", "10.200.3.250:5353", "2001:4860:4860::8844", "[10.0.0.1]:5353"},
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
},
{
fixture: "testdata/resolv.conf.nonexistant",
defaults: []string{"127.0.0.1:53"},
expected: []string{"127.0.0.1:53"},
},
}
for i, test := range testCases {
t.Run(test.fixture, func(t *testing.T) {
Properly ensure port is added to all nameservers
2020-09-10 05:28:57 +10:00
result := systemOrDefaultNameservers(test.fixture, test.defaults)
sort.Strings(result)
sort.Strings(test.expected)
if !reflect.DeepEqual(test.expected, result) {
t.Errorf("Test %d: Expected %v but got %v", i, test.expected, result)
}
})
}
}
Fix failing test that depends too much on environment
2020-09-15 05:49:12 +10:00
func TestRecursiveNameserversAddsPort(t *testing.T) {
Use the configured resolvers exclusively (#131) (fix #132) * feature: add optional !important suffix if !important is added to any of the resolvers, then all are considered exclusive and no other fallbacks will be added. * fix: !important can be on it's own * simplify recursiveNameservers - use custom OR default nameservers - add testing * removed print line * tests: fixed defaults when resolv.conf is found
2021-06-09 05:14:45 +10:00
type want struct {
port string
}
custom := []string{"127.0.0.1", "ns1.google.com:43"}
expectations := []want{{port: "53"}, {port: "43"}}
Fix failing test that depends too much on environment
2020-09-15 05:49:12 +10:00
results := recursiveNameservers(custom)
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
Use the configured resolvers exclusively (#131) (fix #132) * feature: add optional !important suffix if !important is added to any of the resolvers, then all are considered exclusive and no other fallbacks will be added. * fix: !important can be on it's own * simplify recursiveNameservers - use custom OR default nameservers - add testing * removed print line * tests: fixed defaults when resolv.conf is found
2021-06-09 05:14:45 +10:00
if !reflect.DeepEqual(custom, []string{"127.0.0.1", "ns1.google.com:43"}) {
t.Errorf("Expected custom nameservers to be unmodified. got %v", custom)
}
if len(results) != len(expectations) {
t.Errorf("%v wrong results length. got %d, want %d", results, len(results), len(expectations))
}
Fix failing test that depends too much on environment
2020-09-15 05:49:12 +10:00
var hasCustom bool
for i, res := range results {
hasCustom = hasCustom || strings.HasPrefix(res, custom[0])
Use the configured resolvers exclusively (#131) (fix #132) * feature: add optional !important suffix if !important is added to any of the resolvers, then all are considered exclusive and no other fallbacks will be added. * fix: !important can be on it's own * simplify recursiveNameservers - use custom OR default nameservers - add testing * removed print line * tests: fixed defaults when resolv.conf is found
2021-06-09 05:14:45 +10:00
if _, port, err := net.SplitHostPort(res); err != nil {
t.Errorf("%v Error splitting result %d into host and port: %v", results, i, err)
} else {
if port != expectations[i].port {
t.Errorf("%v Expected result %d to have port %s but got %s", results, i, expectations[i].port, port)
}
Fix failing test that depends too much on environment
2020-09-15 05:49:12 +10:00
}
}
if !hasCustom {
t.Errorf("%v Expected custom resolvers to be included, but they weren't: %v", results, custom)
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
}
Use the configured resolvers exclusively (#131) (fix #132) * feature: add optional !important suffix if !important is added to any of the resolvers, then all are considered exclusive and no other fallbacks will be added. * fix: !important can be on it's own * simplify recursiveNameservers - use custom OR default nameservers - add testing * removed print line * tests: fixed defaults when resolv.conf is found
2021-06-09 05:14:45 +10:00
}
func TestRecursiveNameserversDefaults(t *testing.T) {
results := recursiveNameservers(nil)
if len(results) < 1 {
t.Errorf("%v Expected at least 1 records as default when nil custom", results)
}
results = recursiveNameservers([]string{})
if len(results) < 1 {
t.Errorf("%v Expected at least 1 records as default when empty custom", results)
}
Add DNS-01 solver implementation that uses acmez and libdns APIs Before when we used lego as our ACME library, DNS solvers abounded in the lego repository and they could be used directly. Our new acmez lib is very lightweight, and "bring-your-own-solvers", let alone your own DNS provider implementations. DNS providers are implemented in libdns: https://github.com/libdns This commit adds an implementation of acmez.Solver that solves the DNS challenge using libdns providers. Unlike the other solvers, this one is exported because it is not a challenge type that is enabled by default, and there is more config surface. We borrowed some DNS utility functions and tests from the lego repo. But this is a very lightweight implementation that has a much, much simpler API and smaller footprint.
2020-07-31 06:07:04 +10:00
}
func clearFqdnCache() {
fqdnSOACacheMu.Lock()
fqdnSOACache = make(map[string]*soaCacheEntry)
fqdnSOACacheMu.Unlock()
}
Reference in New Issue Copy Permalink