mirror of
https://github.com/caddyserver/caddy.git
synced 2026-02-24 12:10:00 -05:00
0188ef2e62
Some checks failed
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 18s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Failing after 15s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Failing after 39s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Failing after 16s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Failing after 14s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Failing after 15s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Failing after 15s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Failing after 15s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Failing after 15s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Failing after 16s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Failing after 15s
Lint / lint (ubuntu-latest, linux) (push) Failing after 19s
Lint / govulncheck (push) Successful in 1m43s
Lint / dependency-review (push) Failing after 16s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 17s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
95 lines
2.1 KiB
Go
95 lines
2.1 KiB
Go
package acmeserver
|
|
|
|
import (
|
|
"strings"
|
|
"testing"
|
|
|
|
"go.uber.org/zap"
|
|
"go.uber.org/zap/zaptest/observer"
|
|
)
|
|
|
|
func TestHandler_warnIfPolicyAllowsAll(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
policy *Policy
|
|
wantWarns int
|
|
wantAllowWildcard bool
|
|
}{
|
|
{
|
|
name: "warns when policy is nil",
|
|
policy: nil,
|
|
wantWarns: 1,
|
|
wantAllowWildcard: false,
|
|
},
|
|
{
|
|
name: "warns when allow/deny rules are empty",
|
|
policy: &Policy{},
|
|
wantWarns: 1,
|
|
wantAllowWildcard: false,
|
|
},
|
|
{
|
|
name: "warns when only allow_wildcard_names is true",
|
|
policy: &Policy{
|
|
AllowWildcardNames: true,
|
|
},
|
|
wantWarns: 1,
|
|
wantAllowWildcard: true,
|
|
},
|
|
{
|
|
name: "does not warn when allow rules are configured",
|
|
policy: &Policy{
|
|
Allow: &RuleSet{
|
|
Domains: []string{"example.com"},
|
|
},
|
|
},
|
|
wantWarns: 0,
|
|
wantAllowWildcard: false,
|
|
},
|
|
{
|
|
name: "does not warn when deny rules are configured",
|
|
policy: &Policy{
|
|
Deny: &RuleSet{
|
|
Domains: []string{"bad.example.com"},
|
|
},
|
|
},
|
|
wantWarns: 0,
|
|
wantAllowWildcard: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
core, logs := observer.New(zap.WarnLevel)
|
|
ash := &Handler{
|
|
CA: "local",
|
|
Policy: tt.policy,
|
|
logger: zap.New(core),
|
|
}
|
|
|
|
ash.warnIfPolicyAllowsAll()
|
|
if logs.Len() != tt.wantWarns {
|
|
t.Fatalf("expected %d warning logs, got %d", tt.wantWarns, logs.Len())
|
|
}
|
|
|
|
if tt.wantWarns == 0 {
|
|
return
|
|
}
|
|
|
|
entry := logs.All()[0]
|
|
if entry.Level != zap.WarnLevel {
|
|
t.Fatalf("expected warn level, got %v", entry.Level)
|
|
}
|
|
if !strings.Contains(entry.Message, "policy has no allow/deny rules") {
|
|
t.Fatalf("unexpected log message: %q", entry.Message)
|
|
}
|
|
ctx := entry.ContextMap()
|
|
if ctx["ca"] != "local" {
|
|
t.Fatalf("expected ca=local, got %v", ctx["ca"])
|
|
}
|
|
if ctx["allow_wildcard_names"] != tt.wantAllowWildcard {
|
|
t.Fatalf("expected allow_wildcard_names=%v, got %v", tt.wantAllowWildcard, ctx["allow_wildcard_names"])
|
|
}
|
|
})
|
|
}
|
|
}
|