Merge branch 'master' into fix-amqp-defaults
This commit is contained in:
Jeff Hodges
commit
5da1e32f3b
|
|
@ -25,6 +25,7 @@ import (
|
|||
"encoding/json"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
_ "expvar" // For DebugServer, below.
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ import (
|
|||
"encoding/json"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"expvar"
|
||||
"fmt"
|
||||
"hash"
|
||||
"io"
|
||||
|
|
@ -48,6 +49,11 @@ var BuildHost string
|
|||
// BuildTime is set by the compiler and is used by GetBuildTime
|
||||
var BuildTime string
|
||||
|
||||
func init() {
|
||||
expvar.NewString("BuildID").Set(BuildID)
|
||||
expvar.NewString("BuildTime").Set(BuildTime)
|
||||
}
|
||||
|
||||
// Errors
|
||||
|
||||
// InternalServerError indicates that something has gone wrong unrelated to the
|
||||
|
|
|
|||
|
|
@ -25,11 +25,11 @@
|
|||
"insecure": true,
|
||||
"RA": {
|
||||
"server": "RA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
},
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
@ -101,11 +101,11 @@
|
|||
"serviceQueue": "CA.server",
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
},
|
||||
"Publisher": {
|
||||
"server": "Publisher.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
@ -136,11 +136,11 @@
|
|||
},
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
},
|
||||
"CA": {
|
||||
"server": "CA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
|
||||
}
|
||||
}
|
||||
|
|
@ -172,7 +172,7 @@
|
|||
"serviceQueue": "VA.server",
|
||||
"RA": {
|
||||
"server": "RA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
@ -188,11 +188,11 @@
|
|||
"insecure": true,
|
||||
"RA": {
|
||||
"server": "RA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
},
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
@ -227,15 +227,15 @@
|
|||
"insecure": true,
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
},
|
||||
"CA": {
|
||||
"server": "CA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
},
|
||||
"Publisher": {
|
||||
"server": "Publisher.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
@ -270,7 +270,7 @@
|
|||
"serviceQueue": "Publisher.server",
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "1s"
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -258,6 +258,10 @@ func (va *ValidationAuthorityImpl) fetchHTTP(identifier core.AcmeIdentifier, pat
|
|||
// Set Accept header for mod_security (see the other place the header is
|
||||
// set)
|
||||
req.Header.Set("Accept", "*/*")
|
||||
if va.UserAgent != "" {
|
||||
req.Header["User-Agent"] = []string{va.UserAgent}
|
||||
}
|
||||
|
||||
reqHost := req.URL.Host
|
||||
var reqPort int
|
||||
if h, p, err := net.SplitHostPort(reqHost); err == nil {
|
||||
|
|
|
|||
|
|
@ -78,6 +78,7 @@ const pathReLookup = "7e-P57coLM7D3woNTp_xbJrtlkDYy6PWf3mSSbLwCr4"
|
|||
const pathReLookupInvalid = "re-lookup-invalid"
|
||||
const pathLooper = "looper"
|
||||
const pathValid = "valid"
|
||||
const rejectUserAgent = "rejectMe"
|
||||
|
||||
// TODO(https://github.com/letsencrypt/boulder/issues/894): Remove this method
|
||||
func createValidation(token string, enableTLS bool) string {
|
||||
|
|
@ -584,6 +585,9 @@ func httpSrv(t *testing.T, token string) *httptest.Server {
|
|||
} else if strings.HasSuffix(r.URL.Path, pathRedirectPort) {
|
||||
t.Logf("HTTPSRV: Got a port redirect req\n")
|
||||
http.Redirect(w, r, "http://other.valid:8080/path", 302)
|
||||
} else if r.Header.Get("User-Agent") == rejectUserAgent {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
w.Write([]byte("found trap User-Agent"))
|
||||
} else {
|
||||
t.Logf("HTTPSRV: Got a valid req\n")
|
||||
t.Logf("HTTPSRV: Path = %s\n", r.URL.Path)
|
||||
|
|
@ -823,6 +827,29 @@ func TestHTTPRedirectLoop(t *testing.T) {
|
|||
fmt.Println(finChall)
|
||||
}
|
||||
|
||||
func TestHTTPRedirectUserAgent(t *testing.T) {
|
||||
chall := core.HTTPChallenge01(accountKey)
|
||||
err := setChallengeToken(&chall, expectedToken)
|
||||
test.AssertNotError(t, err, "Failed to complete HTTP challenge")
|
||||
|
||||
hs := httpSrv(t, expectedToken)
|
||||
defer hs.Close()
|
||||
port, err := getPort(hs)
|
||||
test.AssertNotError(t, err, "failed to get test server port")
|
||||
stats, _ := statsd.NewNoopClient()
|
||||
va := NewValidationAuthorityImpl(&PortConfig{HTTPPort: port}, nil, stats, clock.Default())
|
||||
va.DNSResolver = &mocks.DNSResolver{}
|
||||
va.UserAgent = rejectUserAgent
|
||||
|
||||
setChallengeToken(&chall, pathMoved)
|
||||
finChall, _ := va.validateHTTP01(ident, chall)
|
||||
test.AssertNotEquals(t, finChall.Status, core.StatusValid)
|
||||
|
||||
setChallengeToken(&chall, pathFound)
|
||||
finChall, _ = va.validateHTTP01(ident, chall)
|
||||
test.AssertNotEquals(t, finChall.Status, core.StatusValid)
|
||||
}
|
||||
|
||||
func getPort(hs *httptest.Server) (int, error) {
|
||||
url, err := url.Parse(hs.URL)
|
||||
if err != nil {
|
||||
|
|
|
|||
Loading…
Reference in New Issue