public void Test517(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); var ldapCertResolver = LocateChild <ModSpec3.ResolverPlugins.LdapCertResolverProxy>(pluginResolver); var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); Assert.Equal(3, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[1]); Assert.Equal("Error=NoUserCertificateAttribute\r\[email protected]_ldap._tcp.direct3.direct-test.com:10389 Priority:1 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[2]); // // Ok no lets just use the modspec3 LDAP resolver because I don't really know that // we fell back to LDAP with above test. // pluginResolver = LocateChild <ModSpec3.ResolverPlugins.LdapCertResolverProxy>(agent.PublicCertResolver); Assert.NotNull(pluginResolver); ldapCertResolver = pluginResolver; diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; email = new MailAddress(subject); certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); Assert.Equal(3, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]); Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[1]); Assert.Equal("Error=NoUserCertificateAttribute\r\[email protected]_ldap._tcp.direct3.direct-test.com:10389 Priority:1 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[2]); }
public void Test501(string subject) { //Debugger.Launch(); AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; var dnsCertResolver = LocateChild <DnsCertResolverProxy>(pluginResolver); var diagnostics = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnostics.OnResolverError; Assert.NotNull(pluginResolver); var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("direct1.direct-test.com", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); Assert.Equal(1, diagnostics.ActualErrorMessages.Count); Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnostics.ActualErrorMessages[0]); // // Now prove we can get it from as a domain with no fail over. // certs = pluginResolver.GetCertificatesForDomain(email.Host); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("direct1.direct-test.com", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); // // Now prove the standard dns resolver will return the invalid Address Cert. // pluginResolver = new Common.Certificates.DnsCertResolver(IPAddress.Parse("8.8.8.8")); Assert.NotNull(pluginResolver); certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], false); }
public void Test515(string subject) { AgentSettings settings = AgentSettings.Load(TestXml); DirectAgent agent = settings.CreateAgent(); ICertificateResolver pluginResolver = agent.PublicCertResolver; Assert.NotNull(pluginResolver); var dnsCertResolver = LocateChild <DnsCertResolverProxy>(pluginResolver); var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver)); dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError; var ldapCertResolver = LocateChild <LdapCertResolverProxy>(pluginResolver); var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver)); ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError; var email = new MailAddress(subject); X509Certificate2Collection certs = pluginResolver.GetCertificates(email); Assert.NotNull(certs); Assert.True(certs.Count == 1); Assert.Equal(2, diagnosticsForDnsCertResolver.ActualErrorMessages.Count); Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnosticsForDnsCertResolver.ActualErrorMessages[0]); Assert.Equal("Chain Element has problem direct2.direct-test.com;NotTimeValid", diagnosticsForDnsCertResolver.ActualErrorMessages[1]); Assert.Equal(1, diagnosticsForLdapCertResolver.ActualErrorMessages.Count); Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnosticsForLdapCertResolver.ActualErrorMessages[0]); Assert.Equal("direct2.direct-test.com", certs[0].ExtractEmailNameOrName()); AssertCert(certs[0], true); }