From de09260c33f5773a97f8b9554fadcf52bac424ea Mon Sep 17 00:00:00 2001 From: Michael Hobbs Date: Tue, 23 Dec 2014 16:40:28 -0800 Subject: [PATCH] add certificate CN to app VHOST if it's not already --- plugins/nginx-vhosts/commands | 4 +++- tests.mk | 3 ++- tests/unit/nginx-vhosts.bats | 20 ++++++++++++++++++++ tests/unit/server_ssl.tar | Bin 0 -> 10240 bytes tests/unit/test_helper.bash | 7 +++++++ 5 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 tests/unit/nginx-vhosts.bats create mode 100644 tests/unit/server_ssl.tar diff --git a/plugins/nginx-vhosts/commands b/plugins/nginx-vhosts/commands index e406dba8f..bb85ca607 100755 --- a/plugins/nginx-vhosts/commands +++ b/plugins/nginx-vhosts/commands @@ -45,7 +45,9 @@ EOF SSL_HOSTNAME=$(openssl x509 -in $SSL_INUSE/server.crt -noout -subject | tr '/' '\n' | grep CN= | cut -c4-) SSL_HOSTNAME=$(echo "$SSL_HOSTNAME" | sed 's|\.|\\.|g' | sed 's/\*/\.\*/g') - SSL_VHOSTS=$(egrep ^"$SSL_HOSTNAME"$ $VHOST_PATH) + + [[ -z "$(egrep ^"$SSL_HOSTNAME"$ $VHOST_PATH)" ]] && echo "$SSL_HOSTNAME" | sed 's/\\./\./g' >> $VHOST_PATH + SSL_VHOSTS=$(egrep ^"$SSL_HOSTNAME"$ $VHOST_PATH || exit 0) NONSSL_VHOSTS=$(egrep -v ^"$SSL_HOSTNAME"$ $VHOST_PATH || exit 0) while read line; do diff --git a/tests.mk b/tests.mk index 3c9b965b5..17c0afe0a 100644 --- a/tests.mk +++ b/tests.mk @@ -54,8 +54,9 @@ lint: # SC2034: VAR appears unused - https://github.com/koalaman/shellcheck/wiki/SC2034 # SC2086: Double quote to prevent globbing and word splitting - https://github.com/koalaman/shellcheck/wiki/SC2086 # SC2143: Instead of [ -n $(foo | grep bar) ], use foo | grep -q bar - https://github.com/koalaman/shellcheck/wiki/SC2143 + # SC2001: See if you can use ${variable//search/replace} instead. - https://github.com/koalaman/shellcheck/wiki/SC2001 @echo linting... - @$(QUIET) find . -not -path '*/\.*' | xargs file | egrep "shell|bash" | awk '{ print $$1 }' | sed 's/://g' | xargs shellcheck -e SC2034,SC2086,SC2143 + @$(QUIET) find . -not -path '*/\.*' | xargs file | egrep "shell|bash" | awk '{ print $$1 }' | sed 's/://g' | xargs shellcheck -e SC2034,SC2086,SC2143,SC2001 unit-tests: @echo running unit tests... diff --git a/tests/unit/nginx-vhosts.bats b/tests/unit/nginx-vhosts.bats new file mode 100644 index 000000000..8eda6458c --- /dev/null +++ b/tests/unit/nginx-vhosts.bats @@ -0,0 +1,20 @@ +#!/usr/bin/env bats + +load test_helper + +setup() { + create_app + setup_test_tls + deploy_app +} + +teardown() { + destroy_app +} + +@test "nginx:build-config (with SSL CN mismatch)" { + run /bin/bash -c "dokku domains $TEST_APP | grep node-js-app.dokku.me" + echo "output: "$output + echo "status: "$status + assert_output "node-js-app.dokku.me" +} diff --git a/tests/unit/server_ssl.tar b/tests/unit/server_ssl.tar new file mode 100644 index 0000000000000000000000000000000000000000..855a332104c26460b88e092a7e54c30b1d144750 GIT binary patch literal 10240 zcmeH~Ne`pg5y$(?r|3J%up2n!z-Bf-HnZQ@F<>ypte-ya9wjrQnMpK?I#MJ*2?6gx zQS~dRfAJGC70;!3{**mmUw+U)-{VA*U*0>6rqEySzb)YeMSa0=k|a(PO48I96eBPa z{qhz4LH_*4>^!}a=hv@amZW+n{hu@VPwT%i`u}tCw{L@&WYzd8NRF$XRe^J*@3Rn4 zRWWY_f$K;?utg~mtPW#@a(6j{uiCM0Z!){0JZF1nPUKl&Ppe=@qHo)>v}!)&9g+*) z#yQNB1Rm%%ex8ybUa~v&h+HWEy#0NR-+;rf_pCv(JR^<}~nDrOpiC z+8byj?7i*a;HcpHocEhKC}@5k*Ix+>`lGo1N?6bz#r0=lRh4uD94ZUfQNF4vA=(lT zz0<>Sq{@pcx4tjXxj}uWOgM?n67xfIFT2QQo;i9cNF(hmshJS}jQ zs4yD7f`zv)%k$|!;yaUYn|wjlJ$d%CNKhM}8W|b&yvMA6A7~x>@}&={S0!tA z`h=BB?eY<`){!y0d_UmhM9U6gr(6Yij+0i=jx>FU)q2T{cNU~GZ*$^113brbC3h@* z`vRR^k8n4T>-wCkrm2|o3mzQ7Zbj*sR0Vh8Intw8=ODR=uL!PFsVeD}iA`nAVp39!^LMxy@~pL5mOLb z(XtfGEcUPZL0m=hwTq^+bNaZq^R$tSf&?}%Lx!u^izwr!T?nMBFqbyjHz`$xo79D% zecYzY=u(rOl(e1!Bo8A&5g)eT>bh=}2MY;!6v+2vLXD}#l&-lDk0A}4GHcu+O^C|J zTM+03Ytc{Q9NVIlf4ixDD0wE0hZe#HfX)66 zeJ@^;A^yIg{r{BZ|Cy&h{Zs$jV*gPO{U-ANM*j&MBYx3;lK8IwIQ7y0AC-?^+x`Br z{H*`ZmHTQrs{hviueucds|S#V^(`2jF1$+^H&-N$+lfl`R3KS8Vds-8@bT5<-$mnE zWGm4*cRpLmL}tm;MT6G%397=ekcP)H(}*^)T}vV_=`t)Zl^&*<%VWQ<@SZF7IcTj^ZG|_|7 zb2acC=tg018u7PyhF>8~dTU?-H4xKwjZen-G`BWKhP$)S357#TC^TE(vYT z+mL7PVI6aoEm_8j+Exo5V(8hTR%&OVyfiT1^6s#)XCGi`Rymkoqqyf^1V_nDYmA_< zl{Ef53+4R+w*1B6Qm?%0KE?1+2DEx~`<&2kv>hI$V#LW2oxHJOy|s@ zVKqFf#UILNRq(7kBlOPKMSkPuU_|kBJK*e0S#ad1$%)vm&UK{x?d*olZGom7zHe-a z8(vi94ZKW<%~Lvxq>YcD3AtJpo7S#u$QTnMwvD|qc>VkSIwAq(?JsMZKcVc*^C>*_QD-z(C3_UEAToT)ufeJKXNyhSm@MZBksqv_wD8fqlGFYa8kJ>K2@qr?MP zOv!;E4X1}it#dlf-oyv4C?!p$H{DNeD`a-UWy9j#v9ZR#r>+*o3F8}26TZvxE|w#<605=fBi*c@>eMbkk_?AqHf z?7`1^whzse)W#xlF-~U5+)mKg#qJV#OnHY-dsy<}Vc?Rj^Oamt_=47S6u?`4Ry{d_ z#p0sPNPD@IAe@LsF0gkuO4y9kT`oQ;t3ibuaCdB3&->S_=eY!ian;0JZ<&x0l)kdI z2HtOPT<1kc2hpe@3kw~K9(A4so_XFkfLrgNc8y?|@$Qvfv4>OcC%7q0H|q{YJv|wN z%mlsnnnHI|1_2)A?&ymfWS#?a!E1L%MvPrl@hH=Jy&N_ANggvgmN2vRIzpFJeAt(r zbHIe6es@SUwCTtDXR13IK`w&n%<`yjW#Dqc=4}8hFX6MXVz6YuyQU-i`sxf)GwlRL zRHLenvVxLnx_5zWt1Oeh1Ot`0tSVN_m5M1A9~`;%R~j#^IGynekh6y0H1wCw><^{p z*Ru3E{t);O_z?II_z?II_z?II_z?II_z?II_z?II_z?II_z?II_z?II_z?II_%8_j E1L>>XWdHyG literal 0 HcmV?d00001 diff --git a/tests/unit/test_helper.bash b/tests/unit/test_helper.bash index 7a1d6719f..d671ae1b6 100644 --- a/tests/unit/test_helper.bash +++ b/tests/unit/test_helper.bash @@ -101,3 +101,10 @@ deploy_app() { git commit -m 'initial commit' git push target master || destroy_app } + +setup_test_tls() { + TLS="/home/dokku/$TEST_APP/tls" + mkdir -p $TLS + tar xf $BATS_TEST_DIRNAME/server_ssl.tar -C $TLS + sudo chown -R dokku:dokku $TLS +}