public void TestD16(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; Assert.NotNull(resolver); var dnsCertResolver = LocateChild <DnsCertResolver>(resolver); var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError; var ldapCertResolver = LocateChild <LdapCertResolverProxy>(resolver); var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); Assert.Equal(1, certs.Count); var cert = certs.FindByName("D16_valC"); // // Assert cert chain is good // AssertCert(cert, true); // // Note: this test has a second cert at priority 0 with a weight of 0, but the LDAP resolver does not retrieve it because it found one at priority 0, with a weight of 100 // }
public void Test502(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); // // Now prove the standard dns resolver will return the greater than 512 byte dns cert. // pluginResolver = new Common.Certificates.DnsCertResolver(IPAddress.Parse("8.8.8.8")); Assert.NotNull(pluginResolver); certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); }
public void TestD1(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; Assert.NotNull(resolver); var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal(subject, certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); // // Now prove the standard dns resolver will also return the Address Cert. // resolver = new DnsCertResolver(IPAddress.Parse(Dns_Server)); Assert.NotNull(resolver); certs = resolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal(subject, certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); }
public void TestD12(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; Assert.NotNull(resolver); var dnsCertResolver = LocateChild <DnsCertResolver>(resolver); var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError; var ldapCertResolver = LocateChild <LdapCertResolverProxy>(resolver); var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); Assert.Null(certs); Assert.Equal(1, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.domain7.staging.direct-test.com:10389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]); }
public void TestD9(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; Assert.NotNull(resolver); var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); Assert.Equal(2, certs.Count); var cert = certs.FindByName("D9_invA"); // // Assert cert chain fails // AssertCert(cert, false); cert = certs.FindByName("D9_valA"); // // Assert cert chain fails // AssertCert(cert, true); }
public void TestD4(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; Assert.NotNull(resolver); var dnsCertResolver = LocateChild <DnsCertResolver>(resolver); var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError; var ldapCertResolver = LocateChild <LdapCertResolverProxy>(resolver); var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); var cert = certs.FindByName("D4_valD"); Assert.Equal("domain2.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false)); AssertCert(cert, true); Assert.Equal(0, diagnosticsForDnsCertResolver.ActualErrorMessages.Count); Assert.Equal(0, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); }
public void TestD13(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; Assert.NotNull(resolver); var dnsCertResolver = LocateChild <DnsCertResolver>(resolver); var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError; var ldapCertResolver = LocateChild <LdapCertResolverProxy>(resolver); var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); Assert.Empty(certs); Assert.Equal(0, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); }
public void TestPluggedDomainResolver(string domain, bool result) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); Assert.True(agent.Domains.Domains.Count() > 0); Assert.True(agent.Domains.IsManaged(new MailAddress("hobojoe@" + domain)) == result); }
public void Test517(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); var ldapCertResolver = LocateChild <ModSpec3.ResolverPlugins.LdapCertResolverProxy>(pluginResolver); var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); Assert.Equal(3, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[1]); Assert.Equal("Error=NoUserCertificateAttribute\r\[email protected]_ldap._tcp.direct3.direct-test.com:10389 Priority:1 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[2]); // // Ok no lets just use the modspec3 LDAP resolver because I don't really know that // we fell back to LDAP with above test. // pluginResolver = LocateChild <ModSpec3.ResolverPlugins.LdapCertResolverProxy>(agent.PublicCertResolver); Assert.NotNull(pluginResolver); ldapCertResolver = pluginResolver; diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; email = new MailAddress(subject); certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); Assert.Equal(3, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[1]); Assert.Equal("Error=NoUserCertificateAttribute\r\[email protected]_ldap._tcp.direct3.direct-test.com:10389 Priority:1 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[2]); }
public void TestAnchorResolverPlugin() { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); Assert.NotNull(agent.TrustAnchors); Assert.True(agent.TrustAnchors is MachineAnchorResolverProxy); X509Certificate2Collection certs = agent.TrustAnchors.IncomingAnchors.GetCertificatesForDomain("nhind.hsgincubator.com"); Assert.NotNull(certs); Assert.True(certs.Count > 0); }
public void TestLdapCertResolverPlugin(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = LocateChild <LdapCertResolverProxy>(agent.PublicCertResolver); Assert.NotNull(pluginResolver); X509Certificate2Collection certs = pluginResolver.GetCertificatesForDomain(subject); Assert.NotNull(certs); Assert.True(certs.Count > 0); }
public void Test512(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.True(certs == null || certs.Count == 0, string.Format("Oops found cert: {0}", certs == null ? "" : certs[0].ExtractEmailNameOrName())); }
public void TestCertResolverPlugin() { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = LocateChild <MachineResolverProxy>(agent.PrivateCertResolver); Assert.NotNull(pluginResolver); X509Certificate2Collection certs = pluginResolver.GetCertificatesForDomain("nhind.hsgincubator.com"); Assert.NotNull(certs); Assert.True(certs.Count > 0); }
public void Test501(string subject) { //Debugger.Launch(); AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; var dnsCertResolver = LocateChild <DnsCertResolverProxy>(pluginResolver); var diagnostics = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnostics.OnResolverError; Assert.NotNull(pluginResolver); var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("direct1.direct-test.com", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); Assert.Equal(1, diagnostics.ActualErrorMessages.Count); Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnostics.ActualErrorMessages[0]); // // Now prove we can get it from as a domain with no fail over. // certs = pluginResolver.GetCertificatesForDomain(email.Host); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("direct1.direct-test.com", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); // // Now prove the standard dns resolver will return the invalid Address Cert. // pluginResolver = new Common.Certificates.DnsCertResolver(IPAddress.Parse("8.8.8.8")); Assert.NotNull(pluginResolver); certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], false); }
public void TestD11(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; Assert.NotNull(resolver); var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); Assert.Null(certs); }
public void TestDnsFallbackToLdapCertResolverPlugin(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); X509Certificate2Collection certs = pluginResolver.GetCertificates(new MailAddress(subject)); Assert.NotNull(certs); Assert.True(certs.Count > 0); }
public void TestDnsFallbackToLdapCertResolverBackupIPPlugin(string subject) { // System.Diagnostics.Debugger.Break(); AgentSettings settings = AgentSettings.Load(TestXmlBackupServerIP); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); X509Certificate2Collection certs = pluginResolver.GetCertificates(new MailAddress(subject)); Assert.NotNull(certs); Assert.True(certs.Count > 0); }
public void Test507(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.Equal(1, certs.Count); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); }
public void TestD3(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; Assert.NotNull(resolver); var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal(subject, certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); }
public void TestD2(string subject) { AgentSettings settings = AgentSettings.Load(TestRealResolversXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver resolver = agent.PublicCertResolver; var dnsCertResolver = LocateChild <DnsCertResolver>(resolver); var diagnostics = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnostics.OnResolverError; Assert.NotNull(resolver); var email = new MailAddress(subject); X509Certificate2Collection certs = resolver.GetCertificates(email); Assert.Equal(2, certs.Count); // // find invalid cert // var cert = certs.FindByName("D1_invB"); Assert.Equal("domain1.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false)); AssertCert(cert, false); cert = certs.FindByName("D2_valB"); Assert.Equal("domain1.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false)); AssertCert(cert, true); // // Now prove we can get it as a domain with no fail over. // certs = resolver.GetCertificatesForDomain(email.Host); cert = certs.FindByName("D1_invB"); Assert.Equal("domain1.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false)); AssertCert(cert, false); cert = certs.FindByName("D2_valB"); Assert.Equal("domain1.staging.direct-test.com", cert.GetNameInfo(X509NameType.DnsName, false)); AssertCert(cert, true); }
public void Test506(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); var email = new MailAddress(subject); // // Proving the 506 test contains a Background Cert in dns domain that should not be there. This is not documented // in the 506 test. // ICertificateResolver pluginResolver = new Common.Certificates.DnsCertResolver(IPAddress.Parse("8.8.8.8")); Assert.NotNull(pluginResolver); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("direct2.direct-test.com", certs[0].ExtractEmailNameOrName()); //This is not expected according to the 506 test Background Cert info we should not have found a domain cert at all AssertCert(certs[0], false); // // Lets get back to testing the ModSpec3 Resolvers. // pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); }
public void TestLoadFail() { try { AgentSettings settings = AgentSettings.Load(TestXmlFailCert); settings.Validate(); } catch (AgentConfigException ex) { Assert.True(ex.Error == AgentConfigError.MissingPluginResolverType); } try { AgentSettings settings = AgentSettings.Load(TestXmlFailAnchor); settings.Validate(); } catch (AgentConfigException ex) { Assert.True(ex.Error == AgentConfigError.MissingPluginAnchorResolverType); } }
public void Test515(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); var dnsCertResolver = LocateChild <DnsCertResolverProxy>(pluginResolver); var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError; var ldapCertResolver = LocateChild <LdapCertResolverProxy>(pluginResolver); var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal(2, diagnosticsForDnsCertResolver.ActualErrorMessages.Count); Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnosticsForDnsCertResolver.ActualErrorMessages[0]); Assert.Equal("Chain Element has problem direct2.direct-test.com;NotTimeValid", diagnosticsForDnsCertResolver.ActualErrorMessages[1]); Assert.Equal(1, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnosticsForLdapCertResolver.ActualErrorMessages[0]); Assert.Equal("direct2.direct-test.com", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); }
public void TestConfig() { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); }
public void TestMissingPluggedDomainResolver() { AgentSettings settings = AgentSettings.Load(TestMissingDomainsXml); Assert.Throws <ArgumentException>(() => settings.CreateAgent()); }