Esempio n. 1
0
        public void Test517(string subject)
        {
            AgentSettings settings = AgentSettings.Load(TestXml);
            DirectAgent   agent    = settings.CreateAgent();

            ICertificateResolver pluginResolver = agent.PublicCertResolver;

            Assert.NotNull(pluginResolver);

            var ldapCertResolver = LocateChild <ModSpec3.ResolverPlugins.LdapCertResolverProxy>(pluginResolver);
            var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));

            ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;


            var email = new MailAddress(subject);
            X509Certificate2Collection certs = pluginResolver.GetCertificates(email);

            Assert.NotNull(certs);
            Assert.True(certs.Count == 1);
            Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName());

            AssertCert(certs[0], true);

            Assert.Equal(3, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
            Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]);
            Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[1]);
            Assert.Equal("Error=NoUserCertificateAttribute\r\[email protected]_ldap._tcp.direct3.direct-test.com:10389 Priority:1 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[2]);


            //
            // Ok no lets just use the modspec3 LDAP resolver because I don't really know that
            // we fell back to LDAP with above test.
            //

            pluginResolver = LocateChild <ModSpec3.ResolverPlugins.LdapCertResolverProxy>(agent.PublicCertResolver);
            Assert.NotNull(pluginResolver);

            ldapCertResolver = pluginResolver;
            diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));
            ldapCertResolver.Error        += diagnosticsForLdapCertResolver.OnResolverError;

            email = new MailAddress(subject);
            certs = pluginResolver.GetCertificates(email);
            Assert.NotNull(certs);
            Assert.True(certs.Count == 1);
            Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName());

            AssertCert(certs[0], true);


            Assert.Equal(3, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
            Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]);
            Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[1]);
            Assert.Equal("Error=NoUserCertificateAttribute\r\[email protected]_ldap._tcp.direct3.direct-test.com:10389 Priority:1 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[2]);
        }
Esempio n. 2
0
        public void Test501(string subject)
        {
            //Debugger.Launch();
            AgentSettings settings = AgentSettings.Load(TestXml);
            DirectAgent   agent    = settings.CreateAgent();

            ICertificateResolver pluginResolver = agent.PublicCertResolver;

            var dnsCertResolver = LocateChild <DnsCertResolverProxy>(pluginResolver);
            var diagnostics     = new FakeDiagnostics(typeof(DnsCertResolver));

            dnsCertResolver.Error += diagnostics.OnResolverError;

            Assert.NotNull(pluginResolver);

            var email = new MailAddress(subject);
            X509Certificate2Collection certs = pluginResolver.GetCertificates(email);

            Assert.NotNull(certs);
            Assert.True(certs.Count == 1);
            Assert.Equal("direct1.direct-test.com", certs[0].ExtractEmailNameOrName());
            AssertCert(certs[0], true);

            Assert.Equal(1, diagnostics.ActualErrorMessages.Count);
            Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnostics.ActualErrorMessages[0]);

            //
            // Now prove we can get it from as a domain with no fail over.
            //
            certs = pluginResolver.GetCertificatesForDomain(email.Host);
            Assert.NotNull(certs);
            Assert.True(certs.Count == 1);
            Assert.Equal("direct1.direct-test.com", certs[0].ExtractEmailNameOrName());

            AssertCert(certs[0], true);


            //
            // Now prove the standard dns resolver will return the invalid Address Cert.
            //
            pluginResolver = new Common.Certificates.DnsCertResolver(IPAddress.Parse("8.8.8.8"));
            Assert.NotNull(pluginResolver);

            certs = pluginResolver.GetCertificates(email);
            Assert.NotNull(certs);
            Assert.True(certs.Count == 1);
            Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName());

            AssertCert(certs[0], false);
        }
Esempio n. 3
0
        public void Test515(string subject)
        {
            AgentSettings settings = AgentSettings.Load(TestXml);
            DirectAgent   agent    = settings.CreateAgent();

            ICertificateResolver pluginResolver = agent.PublicCertResolver;

            Assert.NotNull(pluginResolver);


            var dnsCertResolver = LocateChild <DnsCertResolverProxy>(pluginResolver);
            var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver));

            dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError;

            var ldapCertResolver = LocateChild <LdapCertResolverProxy>(pluginResolver);
            var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));

            ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;

            var email = new MailAddress(subject);
            X509Certificate2Collection certs = pluginResolver.GetCertificates(email);

            Assert.NotNull(certs);
            Assert.True(certs.Count == 1);

            Assert.Equal(2, diagnosticsForDnsCertResolver.ActualErrorMessages.Count);
            Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnosticsForDnsCertResolver.ActualErrorMessages[0]);
            Assert.Equal("Chain Element has problem direct2.direct-test.com;NotTimeValid", diagnosticsForDnsCertResolver.ActualErrorMessages[1]);

            Assert.Equal(1, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
            Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnosticsForLdapCertResolver.ActualErrorMessages[0]);

            Assert.Equal("direct2.direct-test.com", certs[0].ExtractEmailNameOrName());
            AssertCert(certs[0], true);
        }