public void WildcardOld(int expectedBindings, int iisVersion)
{
var site = new MockSite()
{
Id = piramidId,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = 80,
Host = "*.b.c.com",
Protocol = "http"
}
}
};
var iis = new MockIISClient(log, iisVersion)
{
MockSites = new[] { site }
};
var bindingOptions = new BindingOptions().
WithSiteId(piramidId).
WithIP(DefaultIP).
WithPort(DefaultPort).
WithStore(DefaultStore).
WithThumbprint(newCert);
iis.AddOrUpdateBindings(new[] { "*.b.c.com" }, bindingOptions, scopeCert);
Assert.AreEqual(expectedBindings, site.Bindings.Count());
}
public void SNITrap2()
{
var iis = new MockIISClient(log)
{
MockSites = new[] {
new MockSite()
{
Id = sniTrap1,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = DefaultPort,
Host = sniTrapHost,
Protocol = "https",
CertificateHash = oldCert1,
CertificateStoreName = DefaultStore,
SSLFlags = SSLFlags.None
}
}
},
new MockSite()
{
Id = sniTrap2,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = DefaultPort,
Host = "",
Protocol = "https",
CertificateHash = oldCert1,
CertificateStoreName = DefaultStore,
SSLFlags = SSLFlags.None
}
}
},
}
};
var bindingOptions = new BindingOptions().
WithSiteId(sniTrap2).
WithIP(DefaultIP).
WithPort(DefaultPort).
WithStore(DefaultStore).
WithThumbprint(newCert);
var sniTrap1Site = iis.GetWebSite(sniTrap1);
var sniTrap2Site = iis.GetWebSite(sniTrap2);
iis.AddOrUpdateBindings(new[] { sniTrapHost }, bindingOptions, scopeCert);
var updatedBinding = sniTrap2Site.Bindings[0];
Assert.AreEqual(SSLFlags.None, updatedBinding.SSLFlags);
Assert.AreEqual(oldCert1, updatedBinding.CertificateHash);
}
public void UpdateOutOfScope()
{
var iis = new MockIISClient(log)
{
MockSites = new[] {
new MockSite()
{
Id = inscopeId,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = DefaultPort,
Host = inscopeHost,
Protocol = "https",
CertificateHash = scopeCert,
CertificateStoreName = DefaultStore,
SSLFlags = SSLFlags.SNI
}
}
},
new MockSite()
{
Id = outofscopeId,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = DefaultPort,
Host = outofscopeHost,
Protocol = "https",
CertificateHash = scopeCert,
CertificateStoreName = DefaultStore,
SSLFlags = SSLFlags.SNI
}
}
}
}
};
var bindingOptions = new BindingOptions().
WithSiteId(inscopeId).
WithIP(DefaultIP).
WithPort(DefaultPort).
WithStore(DefaultStore).
WithThumbprint(newCert);
var outofScopeSite = iis.GetWebSite(outofscopeId);
iis.AddOrUpdateBindings(new[] { regularHost }, bindingOptions, scopeCert);
Assert.AreEqual(1, outofScopeSite.Bindings.Count);
var updatedBinding = outofScopeSite.Bindings[0];
Assert.AreEqual(DefaultStore, updatedBinding.CertificateStoreName);
Assert.AreEqual(newCert, updatedBinding.CertificateHash);
}
public void UpdateSimple(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags)
{
var iis = new MockIISClient(log)
{
MockSites = new[] {
new MockSite()
{
Id = regularId,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = "*",
Port = 80,
Host = regularHost,
Protocol = "http"
},
new MockBinding()
{
IP = AltIP,
Port = AltPort,
Host = regularHost,
Protocol = "https",
CertificateHash = oldCert1,
CertificateStoreName = AltStore,
SSLFlags = SSLFlags.None
}
}
}
}
};
var bindingOptions = new BindingOptions().
WithSiteId(regularId).
WithIP(bindingIp).
WithPort(bindingPort).
WithStore(storeName).
WithFlags(inputFlags).
WithThumbprint(newCert);
var regularSite = iis.GetWebSite(regularId);
iis.AddOrUpdateBindings(new[] { regularHost }, bindingOptions, oldCert1);
Assert.AreEqual(2, regularSite.Bindings.Count);
var updatedBinding = regularSite.Bindings[1];
Assert.AreEqual(regularHost, updatedBinding.Host);
Assert.AreEqual("https", updatedBinding.Protocol);
Assert.AreEqual(storeName, updatedBinding.CertificateStoreName);
Assert.AreEqual(newCert, updatedBinding.CertificateHash);
Assert.AreEqual(AltPort, updatedBinding.Port);
Assert.AreEqual(AltIP, updatedBinding.IP);
Assert.AreEqual(expectedFlags, updatedBinding.SSLFlags);
}
public void DuplicateBinding()
{
var dup1 = new MockSite()
{
Id = 1,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = DefaultPort,
Host = "exists.example.com",
Protocol = "https",
CertificateHash = oldCert1,
CertificateStoreName = DefaultStore,
SSLFlags = SSLFlags.None
}
}
};
var dup2 = new MockSite()
{
Id = 2,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = 80,
Host = "exists.example.com",
Protocol = "http"
}
}
};
var iis = new MockIISClient(log)
{
MockSites = new[] { dup1, dup2 }
};
var bindingOptions = new BindingOptions().
WithSiteId(2).
WithIP(DefaultIP).
WithPort(DefaultPort).
WithStore(DefaultStore).
WithThumbprint(newCert);
iis.AddOrUpdateBindings(new[] { "exists.example.com" }, bindingOptions, scopeCert);
Assert.AreEqual(1, dup2.Bindings.Count);
}
public void AddNewMultiple(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags)
{
var originalBindings = new List <MockBinding> {
new MockBinding()
{
IP = "*",
Port = 80,
Host = "site1.example.com",
Protocol = "http"
},
new MockBinding()
{
IP = "*",
Port = 80,
Host = "site2.example.com",
Protocol = "http"
}
};
var site = new MockSite()
{
Id = httpOnlyId,
Bindings = originalBindings.ToList()
};
var iis = new MockIISClient(log)
{
MockSites = new[] { site }
};
var bindingOptions = new BindingOptions().
WithSiteId(httpOnlyId).
WithIP(bindingIp).
WithPort(bindingPort).
WithStore(storeName).
WithFlags(inputFlags).
WithThumbprint(newCert);
iis.AddOrUpdateBindings(new[] { "site1.example.com", "site2.example.com" }, bindingOptions, oldCert1);
Assert.AreEqual(4, site.Bindings.Count);
foreach (var newBinding in site.Bindings.Except(originalBindings))
{
Assert.AreEqual("https", newBinding.Protocol);
Assert.AreEqual(storeName, newBinding.CertificateStoreName);
Assert.AreEqual(newCert, newBinding.CertificateHash);
Assert.AreEqual(bindingPort, newBinding.Port);
Assert.AreEqual(bindingIp, newBinding.IP);
Assert.AreEqual(expectedFlags, newBinding.SSLFlags);
}
}
public void AddNewSingle(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags, int iisVersion)
{
var iis = new MockIISClient(log, iisVersion)
{
MockSites = new[] {
new MockSite()
{
Id = httpOnlyId,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = "*",
Port = 80,
Host = httpOnlyHost,
Protocol = "http"
}
}
}
}
};
var testHost = httpOnlyHost;
var bindingOptions = new BindingOptions().
WithSiteId(httpOnlyId).
WithIP(bindingIp).
WithPort(bindingPort).
WithStore(storeName).
WithFlags(inputFlags).
WithThumbprint(newCert);
var httpOnlySite = iis.GetWebSite(httpOnlyId);
iis.AddOrUpdateBindings(new[] { testHost }, bindingOptions, oldCert1);
Assert.AreEqual(2, httpOnlySite.Bindings.Count);
var newBinding = httpOnlySite.Bindings[1];
Assert.AreEqual(testHost, newBinding.Host);
Assert.AreEqual("https", newBinding.Protocol);
Assert.AreEqual(storeName, newBinding.CertificateStoreName);
Assert.AreEqual(newCert, newBinding.CertificateHash);
Assert.AreEqual(bindingPort, newBinding.Port);
Assert.AreEqual(bindingIp, newBinding.IP);
Assert.AreEqual(expectedFlags, newBinding.SSLFlags);
}
public void UpdateWildcardFuzzy(string storeName, string bindingIp, int bindingPort, SSLFlags inputFlags, SSLFlags expectedFlags)
{
var originalBindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = DefaultPort,
Host = "site1.example.com",
Protocol = "https",
CertificateHash = scopeCert
}
};
var site = new MockSite()
{
Id = httpOnlyId,
Bindings = originalBindings.ToList()
};
var iis = new MockIISClient(log)
{
MockSites = new[] { site }
};
var bindingOptions = new BindingOptions().
WithSiteId(httpOnlyId).
WithIP(bindingIp).
WithPort(bindingPort).
WithStore(storeName).
WithFlags(inputFlags).
WithThumbprint(newCert);
iis.AddOrUpdateBindings(new[] { "*.example.com" }, bindingOptions, oldCert1);
var expectedBindings = inputFlags.HasFlag(SSLFlags.CentralSSL) ? 2 : 1;
Assert.AreEqual(expectedBindings, site.Bindings.Count);
foreach (var newBinding in site.Bindings.Except(originalBindings))
{
Assert.AreEqual("https", newBinding.Protocol);
Assert.AreEqual(storeName, newBinding.CertificateStoreName);
Assert.AreEqual(newCert, newBinding.CertificateHash);
Assert.AreEqual(DefaultPort, newBinding.Port);
Assert.AreEqual(DefaultIP, newBinding.IP);
Assert.AreEqual(expectedFlags, newBinding.SSLFlags);
}
}
public void UpdatePiramid(string certificateHost, string[] ignoreBindings, string expectedBinding, SSLFlags flags)
{
var iis = new MockIISClient(log)
{
MockSites = new[] {
new MockSite()
{
Id = piramidId,
Bindings = new List <MockBinding> {
new MockBinding()
{
IP = DefaultIP,
Port = 80,
Host = "a.b.c.com",
Protocol = "http"
},
new MockBinding()
{
IP = DefaultIP,
Port = 80,
Host = "*.b.c.com",
Protocol = "http"
},
new MockBinding()
{
IP = DefaultIP,
Port = 80,
Host = "*.x.y.z.com",
Protocol = "http"
},
new MockBinding()
{
IP = DefaultIP,
Port = 80,
Host = "*.c.com",
Protocol = "http"
},
new MockBinding()
{
IP = DefaultIP,
Port = 80,
Host = "*.com",
Protocol = "http"
},
new MockBinding()
{
IP = DefaultIP,
Port = 80,
Host = "",
Protocol = "http"
}
}
}
}
};
var bindingOptions = new BindingOptions().
WithSiteId(piramidId).
WithIP(DefaultIP).
WithPort(DefaultPort).
WithStore(DefaultStore).
WithThumbprint(newCert).
WithFlags(flags);
var piramidSite = iis.GetWebSite(piramidId);
var originalSet = piramidSite.Bindings.Where(x => !ignoreBindings.Contains(x.Host)).ToList();
piramidSite.Bindings = originalSet.ToList().OrderBy(x => Guid.NewGuid()).ToList();
iis.AddOrUpdateBindings(new[] { certificateHost }, bindingOptions, scopeCert);
var newBindings = piramidSite.Bindings.Except(originalSet);
Assert.AreEqual(1, newBindings.Count());
var newBinding = newBindings.First();
Assert.AreEqual(expectedBinding, newBinding.Host);
}
