Test that host/nslookup are not called with +noidnout

4 years ago · 9d023115b0
--- a/test/38-idn-http01-check-noidnout.bats
+++ b/test/38-idn-http01-check-noidnout.bats
@ -0,0 +1,44 @@
 #! /usr/bin/env bats

 load '/bats-support/load.bash'
 load '/bats-assert/load.bash'
 load '/getssl/test/test_helper.bash'

 setup_file() {
    if [ -z "$STAGING" ]; then
        export CURL_CA_BUNDLE=/root/pebble-ca-bundle.crt
        curl --silent -X POST -d '{"host":"'$GETSSL_IDN_HOST'", "addresses":["'$GETSSL_IP'"]}' http://10.30.50.3:8055/add-a
    fi
 }

 setup() {
    GETSSL_CMD_HOST=$GETSSL_IDN_HOST
 }

 teardown_file() {
    if [ -z "$STAGING" ]; then
        curl --silent -X POST -d '{"host":"'$GETSSL_IDN_HOST'", "addresses":["'$GETSSL_IP'"]}' http://10.30.50.3:8055/clear-a

    fi
 }

@test "Ensure noidnout in check_config isn't passed to host and nslookup (HTTP-01)" {
    if [ -n "$STAGING" ]; then
        skip "Using staging server, skipping internal test"
    fi
    CONFIG_FILE="getssl-http01.cfg"
    setup_environment
    init_getssl
    cat <<- EOF > ${INSTALL_DIR}/.getssl/${GETSSL_CMD_HOST}/getssl_test_specific.cfg
 SANS="${GETSSL_HOST}"
 USE_SINGLE_ACL="true"
 EOF

    create_certificate -d --check-config

    assert_success
    refute_output --partial "DNS lookup using host  +noidnout"
    refute_output --partial "DNS lookup using nslookup  +noidnout"
    refute_output --partial "+noidnout $GETSSL_HOST"
    check_output_for_errors
 }
--- a/test/test_helper.bash
+++ b/test/test_helper.bash
@ -47,7 +47,7 @@ create_certificate() {
  # Create certificate
  cp "${CODE_DIR}/test/test-config/${CONFIG_FILE}" "${INSTALL_DIR}/.getssl/${GETSSL_CMD_HOST}/getssl.cfg"
  # shellcheck disable=SC2086
  run ${CODE_DIR}/getssl $1 "$GETSSL_CMD_HOST"
  run ${CODE_DIR}/getssl "$@" "$GETSSL_CMD_HOST"
 }

 init_getssl() {