diff --git a/va/dns_account_test.go b/va/dns_account_test.go index 98df3408b..3f304468a 100644 --- a/va/dns_account_test.go +++ b/va/dns_account_test.go @@ -16,67 +16,67 @@ import ( "github.com/letsencrypt/boulder/test" ) -// Use a consistent test account URL, matching the example in the draft -const testAccountURL = "https://example.com/acme/acct/ExampleAccount" +// Use a consistent test account URI, matching the example in the draft +const testAccountURI = "https://example.com/acme/acct/ExampleAccount" -// Expected label prefix derived from testAccountURL (as per draft example) +// Expected label prefix derived from testAccountURI (as per draft example) const expectedLabelPrefix = "_ujmmovf2vn55tgye._acme-challenge" func TestDNSAccount01ValidationWrong(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, err := va.validateDNSAccount01(context.Background(), identifier.NewDNS("wrong-dns01.com"), expectedKeyAuthorization, testAccountURL) + _, err := va.validateDNSAccount01(context.Background(), identifier.NewDNS("wrong-dns01.com"), expectedKeyAuthorization, testAccountURI) if err == nil { t.Fatalf("Successful DNS validation with wrong TXT record") } prob := detailedError(err) expectedErr := "unauthorized :: Incorrect TXT record \"a\" found at " + expectedLabelPrefix + ".wrong-dns01.com" + - " (account: " + testAccountURL + ")" + " (account: " + testAccountURI + ")" test.AssertEquals(t, prob.String(), expectedErr) } func TestDNSAccount01ValidationWrongMany(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, err := va.validateDNSAccount01(context.Background(), identifier.NewDNS("wrong-many-dns01.com"), expectedKeyAuthorization, testAccountURL) + _, err := va.validateDNSAccount01(context.Background(), identifier.NewDNS("wrong-many-dns01.com"), expectedKeyAuthorization, testAccountURI) if err == nil { t.Fatalf("Successful DNS validation with wrong TXT record") } prob := detailedError(err) expectedErr := "unauthorized :: Incorrect TXT record \"a\" (and 4 more) found at " + expectedLabelPrefix + ".wrong-many-dns01.com" + - " (account: " + testAccountURL + ")" + " (account: " + testAccountURI + ")" test.AssertEquals(t, prob.String(), expectedErr) } func TestDNSAccount01ValidationWrongLong(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, err := va.validateDNSAccount01(context.Background(), identifier.NewDNS("long-dns01.com"), expectedKeyAuthorization, testAccountURL) + _, err := va.validateDNSAccount01(context.Background(), identifier.NewDNS("long-dns01.com"), expectedKeyAuthorization, testAccountURI) if err == nil { t.Fatalf("Successful DNS validation with wrong TXT record") } prob := detailedError(err) expectedErr := "unauthorized :: Incorrect TXT record \"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...\" found at " + expectedLabelPrefix + ".long-dns01.com" + - " (account: " + testAccountURL + ")" + " (account: " + testAccountURI + ")" test.AssertEquals(t, prob.String(), expectedErr) } func TestDNSAccount01ValidationFailure(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, err := va.validateDNSAccount01(ctx, identifier.NewDNS("localhost"), expectedKeyAuthorization, testAccountURL) + _, err := va.validateDNSAccount01(ctx, identifier.NewDNS("localhost"), expectedKeyAuthorization, testAccountURI) prob := detailedError(err) test.AssertEquals(t, prob.Type, probs.UnauthorizedProblem) expectedErr := "unauthorized :: Incorrect TXT record \"hostname\" found at " + expectedLabelPrefix + ".localhost" + - " (account: " + testAccountURL + ")" + " (account: " + testAccountURI + ")" test.AssertEquals(t, prob.String(), expectedErr) } func TestDNSAccount01ValidationIP(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, err := va.validateDNSAccount01(ctx, identifier.NewIP(netip.MustParseAddr("127.0.0.1")), expectedKeyAuthorization, testAccountURL) + _, err := va.validateDNSAccount01(ctx, identifier.NewIP(netip.MustParseAddr("127.0.0.1")), expectedKeyAuthorization, testAccountURI) prob := detailedError(err) test.AssertEquals(t, prob.Type, probs.MalformedProblem) @@ -90,7 +90,7 @@ func TestDNSAccount01ValidationInvalid(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, err := va.validateDNSAccount01(ctx, notDNS, expectedKeyAuthorization, testAccountURL) + _, err := va.validateDNSAccount01(ctx, notDNS, expectedKeyAuthorization, testAccountURI) prob := detailedError(err) test.AssertEquals(t, prob.Type, probs.MalformedProblem) @@ -99,7 +99,7 @@ func TestDNSAccount01ValidationInvalid(t *testing.T) { func TestDNSAccount01ValidationServFail(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, err := va.validateDNSAccount01(ctx, identifier.NewDNS("servfail.com"), expectedKeyAuthorization, testAccountURL) + _, err := va.validateDNSAccount01(ctx, identifier.NewDNS("servfail.com"), expectedKeyAuthorization, testAccountURI) prob := detailedError(err) test.AssertEquals(t, prob.Type, probs.DNSProblem) @@ -120,7 +120,7 @@ func TestDNSAccount01ValidationNoServer(t *testing.T) { log, nil) - _, err = va.validateDNSAccount01(ctx, identifier.NewDNS("localhost"), expectedKeyAuthorization, testAccountURL) + _, err = va.validateDNSAccount01(ctx, identifier.NewDNS("localhost"), expectedKeyAuthorization, testAccountURI) prob := detailedError(err) test.AssertEquals(t, prob.Type, probs.DNSProblem) } @@ -128,7 +128,7 @@ func TestDNSAccount01ValidationNoServer(t *testing.T) { func TestDNSAccount01ValidationOK(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, prob := va.validateDNSAccount01(ctx, identifier.NewDNS("good-dns01.com"), expectedKeyAuthorization, testAccountURL) + _, prob := va.validateDNSAccount01(ctx, identifier.NewDNS("good-dns01.com"), expectedKeyAuthorization, testAccountURI) test.Assert(t, prob == nil, "Should be valid.") } @@ -136,7 +136,7 @@ func TestDNSAccount01ValidationOK(t *testing.T) { func TestDNSAccount01ValidationNoAuthorityOK(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, prob := va.validateDNSAccount01(ctx, identifier.NewDNS("no-authority-dns01.com"), expectedKeyAuthorization, testAccountURL) + _, prob := va.validateDNSAccount01(ctx, identifier.NewDNS("no-authority-dns01.com"), expectedKeyAuthorization, testAccountURI) test.Assert(t, prob == nil, "Should be valid.") } diff --git a/va/va_test.go b/va/va_test.go index 67559cbf5..965b91d57 100644 --- a/va/va_test.go +++ b/va/va_test.go @@ -377,7 +377,7 @@ func TestPerformValidationWithMismatchedRemoteVARIRs(t *testing.T) { func TestValidateMalformedChallenge(t *testing.T) { va, _ := setup(nil, "", nil, nil) - _, err := va.validateChallenge(ctx, identifier.NewDNS("example.com"), "fake-type-01", expectedToken, expectedKeyAuthorization, testAccountURL) + _, err := va.validateChallenge(ctx, identifier.NewDNS("example.com"), "fake-type-01", expectedToken, expectedKeyAuthorization, testAccountURI) prob := detailedError(err) test.AssertEquals(t, prob.Type, probs.MalformedProblem)