Source file src/github.com/letsencrypt/boulder/test/integration/errors_test.go

Documentation: github.com/letsencrypt/boulder/test/integration

     1  //go:build integration
     2  
     3  package integration
     4  
     5  import (
     6  	"fmt"
     7  	"strings"
     8  	"testing"
     9  
    10  	"github.com/eggsampler/acme/v3"
    11  
    12  	"github.com/letsencrypt/boulder/test"
    13  )
    14  
    15  // TestTooBigOrderError tests that submitting an order with more than 100 names
    16  // produces the expected problem result.
    17  func TestTooBigOrderError(t *testing.T) {
    18  	t.Parallel()
    19  
    20  	var domains []string
    21  	for i := 0; i < 101; i++ {
    22  		domains = append(domains, fmt.Sprintf("%d.example.com", i))
    23  	}
    24  
    25  	_, err := authAndIssue(nil, nil, domains, true)
    26  	test.AssertError(t, err, "authAndIssue failed")
    27  
    28  	var prob acme.Problem
    29  	test.AssertErrorWraps(t, err, &prob)
    30  	test.AssertEquals(t, prob.Type, "urn:ietf:params:acme:error:malformed")
    31  	test.AssertEquals(t, prob.Detail, "Error creating new order :: Order cannot contain more than 100 DNS names")
    32  }
    33  
    34  // TestAccountEmailError tests that registering a new account, or updating an
    35  // account, with invalid contact information produces the expected problem
    36  // result to ACME clients.
    37  func TestAccountEmailError(t *testing.T) {
    38  	t.Parallel()
    39  
    40  	// The registrations.contact field is VARCHAR(191). 175 'a' characters plus
    41  	// the prefix "mailto:" and the suffix "@a.com" makes exactly 191 bytes of
    42  	// encoded JSON. The correct size to hit our maximum DB field length.
    43  	var longStringBuf strings.Builder
    44  	longStringBuf.WriteString("mailto:")
    45  	for i := 0; i < 175; i++ {
    46  		longStringBuf.WriteRune('a')
    47  	}
    48  	longStringBuf.WriteString("@a.com")
    49  
    50  	createErrorPrefix := "Error creating new account :: "
    51  	updateErrorPrefix := "Unable to update account :: "
    52  
    53  	testCases := []struct {
    54  		name               string
    55  		contacts           []string
    56  		expectedProbType   string
    57  		expectedProbDetail string
    58  	}{
    59  		{
    60  			name:               "empty contact",
    61  			contacts:           []string{"mailto:valid@valid.com", ""},
    62  			expectedProbType:   "urn:ietf:params:acme:error:invalidContact",
    63  			expectedProbDetail: `empty contact`,
    64  		},
    65  		{
    66  			name:               "empty proto",
    67  			contacts:           []string{"mailto:valid@valid.com", " "},
    68  			expectedProbType:   "urn:ietf:params:acme:error:unsupportedContact",
    69  			expectedProbDetail: `contact method "" is not supported`,
    70  		},
    71  		{
    72  			name:               "empty mailto",
    73  			contacts:           []string{"mailto:valid@valid.com", "mailto:"},
    74  			expectedProbType:   "urn:ietf:params:acme:error:invalidContact",
    75  			expectedProbDetail: `"" is not a valid e-mail address`,
    76  		},
    77  		{
    78  			name:               "non-ascii mailto",
    79  			contacts:           []string{"mailto:valid@valid.com", "mailto:cpu@l̴etsencrypt.org"},
    80  			expectedProbType:   "urn:ietf:params:acme:error:invalidContact",
    81  			expectedProbDetail: `contact email ["mailto:cpu@l̴etsencrypt.org"] contains non-ASCII characters`,
    82  		},
    83  		{
    84  			name:               "too many contacts",
    85  			contacts:           []string{"a", "b", "c", "d"},
    86  			expectedProbType:   "urn:ietf:params:acme:error:malformed",
    87  			expectedProbDetail: `too many contacts provided: 4 > 3`,
    88  		},
    89  		{
    90  			name:               "invalid contact",
    91  			contacts:           []string{"mailto:valid@valid.com", "mailto:a@"},
    92  			expectedProbType:   "urn:ietf:params:acme:error:invalidContact",
    93  			expectedProbDetail: `"a@" is not a valid e-mail address`,
    94  		},
    95  		{
    96  			name:               "forbidden contact domain",
    97  			contacts:           []string{"mailto:valid@valid.com", "mailto:a@example.com"},
    98  			expectedProbType:   "urn:ietf:params:acme:error:invalidContact",
    99  			expectedProbDetail: "invalid contact domain. Contact emails @example.com are forbidden",
   100  		},
   101  		{
   102  			name:               "contact domain invalid TLD",
   103  			contacts:           []string{"mailto:valid@valid.com", "mailto:a@example.cpu"},
   104  			expectedProbType:   "urn:ietf:params:acme:error:invalidContact",
   105  			expectedProbDetail: `contact email "a@example.cpu" has invalid domain : Domain name does not end with a valid public suffix (TLD)`,
   106  		},
   107  		{
   108  			name:               "contact domain invalid",
   109  			contacts:           []string{"mailto:valid@valid.com", "mailto:a@example./.com"},
   110  			expectedProbType:   "urn:ietf:params:acme:error:invalidContact",
   111  			expectedProbDetail: "contact email \"a@example./.com\" has invalid domain : Domain name contains an invalid character",
   112  		},
   113  		{
   114  			name: "too long contact",
   115  			contacts: []string{
   116  				longStringBuf.String(),
   117  			},
   118  			expectedProbType:   "urn:ietf:params:acme:error:invalidContact",
   119  			expectedProbDetail: `too many/too long contact(s). Please use shorter or fewer email addresses`,
   120  		},
   121  	}
   122  
   123  	for _, tc := range testCases {
   124  		t.Run(tc.name, func(t *testing.T) {
   125  			// First try registering a new account and ensuring the expected problem occurs
   126  			var prob acme.Problem
   127  			if _, err := makeClient(tc.contacts...); err != nil {
   128  				test.AssertErrorWraps(t, err, &prob)
   129  				test.AssertEquals(t, prob.Type, tc.expectedProbType)
   130  				test.AssertEquals(t, prob.Detail, createErrorPrefix+tc.expectedProbDetail)
   131  			} else if err == nil {
   132  				t.Errorf("expected %s type problem for %q, got nil",
   133  					tc.expectedProbType, strings.Join(tc.contacts, ","))
   134  			}
   135  
   136  			// Next try making a client with a good contact and updating with the test
   137  			// case contact info. The same problem should occur.
   138  			c, err := makeClient("mailto:valid@valid.com")
   139  			test.AssertNotError(t, err, "failed to create account with valid contact")
   140  			if _, err := c.UpdateAccount(c.Account, tc.contacts...); err != nil {
   141  				test.AssertErrorWraps(t, err, &prob)
   142  				test.AssertEquals(t, prob.Type, tc.expectedProbType)
   143  				test.AssertEquals(t, prob.Detail, updateErrorPrefix+tc.expectedProbDetail)
   144  			} else if err == nil {
   145  				t.Errorf("expected %s type problem after updating account to %q, got nil",
   146  					tc.expectedProbType, strings.Join(tc.contacts, ","))
   147  			}
   148  		})
   149  	}
   150  }
   151  

View as plain text