public void Test517(string subject)
{
AgentSettings settings = AgentSettings.Load(TestXml);
DirectAgent agent = settings.CreateAgent();
ICertificateResolver pluginResolver = agent.PublicCertResolver;
Assert.NotNull(pluginResolver);
var ldapCertResolver = LocateChild <ModSpec3.ResolverPlugins.LdapCertResolverProxy>(pluginResolver);
var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));
ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;
var email = new MailAddress(subject);
X509Certificate2Collection certs = pluginResolver.GetCertificates(email);
Assert.NotNull(certs);
Assert.True(certs.Count == 1);
Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName());
AssertCert(certs[0], true);
Assert.Equal(3, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]);
Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[1]);
Assert.Equal("Error=NoUserCertificateAttribute\r\[email protected]_ldap._tcp.direct3.direct-test.com:10389 Priority:1 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[2]);
//
// Ok no lets just use the modspec3 LDAP resolver because I don't really know that
// we fell back to LDAP with above test.
//
pluginResolver = LocateChild <ModSpec3.ResolverPlugins.LdapCertResolverProxy>(agent.PublicCertResolver);
Assert.NotNull(pluginResolver);
ldapCertResolver = pluginResolver;
diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));
ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;
email = new MailAddress(subject);
certs = pluginResolver.GetCertificates(email);
Assert.NotNull(certs);
Assert.True(certs.Count == 1);
Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName());
AssertCert(certs[0], true);
Assert.Equal(3, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[0]);
Assert.Equal("Error=BindFailure\r\n_ldap._tcp.direct3.direct-test.com:389 Priority:0 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[1]);
Assert.Equal("Error=NoUserCertificateAttribute\r\[email protected]_ldap._tcp.direct3.direct-test.com:10389 Priority:1 Weight:0", diagnosticsForLdapCertResolver.ActualErrorMessages[2]);
}
public void Test501(string subject)
{
//Debugger.Launch();
AgentSettings settings = AgentSettings.Load(TestXml);
DirectAgent agent = settings.CreateAgent();
ICertificateResolver pluginResolver = agent.PublicCertResolver;
var dnsCertResolver = LocateChild <DnsCertResolverProxy>(pluginResolver);
var diagnostics = new FakeDiagnostics(typeof(DnsCertResolver));
dnsCertResolver.Error += diagnostics.OnResolverError;
Assert.NotNull(pluginResolver);
var email = new MailAddress(subject);
X509Certificate2Collection certs = pluginResolver.GetCertificates(email);
Assert.NotNull(certs);
Assert.True(certs.Count == 1);
Assert.Equal("direct1.direct-test.com", certs[0].ExtractEmailNameOrName());
AssertCert(certs[0], true);
Assert.Equal(1, diagnostics.ActualErrorMessages.Count);
Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnostics.ActualErrorMessages[0]);
//
// Now prove we can get it from as a domain with no fail over.
//
certs = pluginResolver.GetCertificatesForDomain(email.Host);
Assert.NotNull(certs);
Assert.True(certs.Count == 1);
Assert.Equal("direct1.direct-test.com", certs[0].ExtractEmailNameOrName());
AssertCert(certs[0], true);
//
// Now prove the standard dns resolver will return the invalid Address Cert.
//
pluginResolver = new Common.Certificates.DnsCertResolver(IPAddress.Parse("8.8.8.8"));
Assert.NotNull(pluginResolver);
certs = pluginResolver.GetCertificates(email);
Assert.NotNull(certs);
Assert.True(certs.Count == 1);
Assert.Equal("*****@*****.**", certs[0].ExtractEmailNameOrName());
AssertCert(certs[0], false);
}
public void Test515(string subject)
{
AgentSettings settings = AgentSettings.Load(TestXml);
DirectAgent agent = settings.CreateAgent();
ICertificateResolver pluginResolver = agent.PublicCertResolver;
Assert.NotNull(pluginResolver);
var dnsCertResolver = LocateChild <DnsCertResolverProxy>(pluginResolver);
var diagnosticsForDnsCertResolver = new FakeDiagnostics(typeof(DnsCertResolver));
dnsCertResolver.Error += diagnosticsForDnsCertResolver.OnResolverError;
var ldapCertResolver = LocateChild <LdapCertResolverProxy>(pluginResolver);
var diagnosticsForLdapCertResolver = new FakeDiagnostics(typeof(LdapCertResolver));
ldapCertResolver.Error += diagnosticsForLdapCertResolver.OnResolverError;
var email = new MailAddress(subject);
X509Certificate2Collection certs = pluginResolver.GetCertificates(email);
Assert.NotNull(certs);
Assert.True(certs.Count == 1);
Assert.Equal(2, diagnosticsForDnsCertResolver.ActualErrorMessages.Count);
Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnosticsForDnsCertResolver.ActualErrorMessages[0]);
Assert.Equal("Chain Element has problem direct2.direct-test.com;NotTimeValid", diagnosticsForDnsCertResolver.ActualErrorMessages[1]);
Assert.Equal(1, diagnosticsForLdapCertResolver.ActualErrorMessages.Count);
Assert.Equal("Chain Element has problem [email protected];NotTimeValid", diagnosticsForLdapCertResolver.ActualErrorMessages[0]);
Assert.Equal("direct2.direct-test.com", certs[0].ExtractEmailNameOrName());
AssertCert(certs[0], true);
}
