100% test results

yaroslaff · Feb 19, 2025 · 8d0ef8e · 8d0ef8e
1 parent 64b1795
commit 8d0ef8e
Show file tree

Hide file tree

Showing 5 changed files with 75 additions and 7 deletions.
diff --git a/showcert/cli/showcert_main.py b/showcert/cli/showcert_main.py
@@ -52,7 +52,7 @@ def get_args():
     formatter_class=argparse.RawTextHelpFormatter, epilog=epilog)
     parser.add_argument('CERT', nargs='+', help='path, - (stdin), ":le" (letsencrypt cert path), hostname or hostname:port')
     parser.add_argument('-i', '--insecure', default=False, action='store_true', help='Do not verify remote certificate')
-    parser.add_argument('--output', '-o', default='brief', help='output format: brief, extended (ext), full, names, dnames (for certbot), pem, no.')
+    parser.add_argument('--output', '-o', choices=['brief', 'ext', 'full', 'names', 'dnames', 'pem', 'no'], default='brief', help='output format')
     parser.add_argument('-c','--chain', default=False, action='store_true', help='Show chain (not only server certificate)')
     parser.add_argument('-w', '--warn', default=None, metavar='DAYS', nargs='?', type=int, const=20, help='Warn about expiring certificates (def: 20 days)')
 

diff --git a/showcert/processcert.py b/showcert/processcert.py
@@ -133,7 +133,7 @@ def process_cert(CERT, name=None, insecure=False, warn=None, starttls='auto', ou
                 print()
             print_dnames(_c)
 
-    elif out == 'no' or out[0] == 'quiet':
+    elif out == 'no':
         pass
 
     else:

diff --git a/tests/test_gencert.py b/tests/test_gencert.py
@@ -19,6 +19,7 @@ def setup_class(self):
         self.ca_key_path = self.path / 'ca-priv.pem'
         self.cert_path = self.path / 'example.pem'
         self.key_path = self.path / 'example-priv.pem'
+        self.badchain_path = self.path / 'badchain.pem'
 
 
         cacert, cakey = generate_cert(["Test CA"], ca=True, days=1)
@@ -36,6 +37,11 @@ def setup_class(self):
         with open(self.key_path, "wb") as fh:
             save_key(fh, key)
 
+        badchain, _ = generate_cert(["example.com", "www.example.com"], cakey=self.cakey, cacert=self.cacert)
+        with open(self.badchain_path, "wb") as fh:
+            fh.write(badchain.public_bytes(encoding=serialization.Encoding.PEM))
+            fh.write(cert.public_bytes(encoding=serialization.Encoding.PEM))        
+
 
     def test_certs(self):
 
@@ -48,10 +54,15 @@ def test_certs(self):
         rc = process_cert(CERT=self.cert_path, trusted_ca=self.ca_cert_path)
         assert(rc == 0)
 
+    def test_badchain(self):
+        rc = process_cert(CERT=self.badchain_path)
+        assert(rc == 1)        
+
     def teardown_class(self):        
         self.ca_cert_path.unlink()
         self.ca_key_path.unlink()
         self.cert_path.unlink()
         self.key_path.unlink()
+        self.badchain_path.unlink()
         self.path.rmdir()
 
diff --git a/tests/test_local.py b/tests/test_local.py
@@ -1,4 +1,6 @@
 from showcert import process_cert
+from unittest import mock
+import io
 
 class TestShowcertLocal():
 
@@ -14,6 +16,14 @@ def test_snakeoil(self):
         rc = process_cert(CERT=self.snakeoil, insecure=True)
         assert(rc == 0)
 
+    def test_snakeoil_output(self):
+        rc = process_cert(CERT=self.snakeoil, output='no', insecure=True)
+        assert(rc == 0)
+
+        rc = process_cert(CERT=self.snakeoil, output='nosuchformat', insecure=True)
+        assert(rc == 0)
+
+
     def test_ca(self):
         for ca in self.ca_certs:
             rc = process_cert(CERT=ca)
@@ -28,3 +38,14 @@ def test_print(self):
         assert(rc == 0)
         rc = process_cert(CERT=self.snakeoil, output='dnames', insecure=True)
         assert(rc == 0)
+        rc = process_cert(CERT=self.snakeoil, output='pem', insecure=True)
+        assert(rc == 0)
+        rc = process_cert(CERT=self.snakeoil, output='no', insecure=True)
+        assert(rc == 0)
+
+    def test_stdin(self):
+        with open(self.ca_certs[0], "r") as f:  # Read the certificate file
+            mock_input = f.read()
+        with mock.patch("sys.stdin", io.StringIO(mock_input)):
+            rc = process_cert(CERT='-')
+            assert rc == 0
diff --git a/tests/test_remote.py b/tests/test_remote.py
@@ -1,5 +1,9 @@
 import time
 from showcert import process_cert
+from showcert.exceptions import InvalidAddress
+import random
+import string
+import pytest
 
 class TestShowcertRemote():
 
@@ -20,11 +24,39 @@ def test_https(self):
             code = process_cert(CERT=site)
             assert code == 0
 
+    def test_https_chain(self):
+        # warn if expires "too soon" in 2000 days
+        code = process_cert(CERT=self.sites[0], chain=True)
+        assert code == 0
+        code = process_cert(CERT=self.sites[0], chain=True, output='full')
+        assert code == 0
+        code = process_cert(CERT=self.sites[0], chain=True, output='pem')
+        assert code == 0
+        code = process_cert(CERT=self.sites[0], chain=True, output='names')
+        assert code == 0
+        code = process_cert(CERT=self.sites[0], chain=True, output='dnames')
+        assert code == 0
+
+
+    def test_https_methods(self):
+        code = process_cert(CERT=self.sites[0], starttls='no')
+        assert code == 0
+
+        with pytest.raises(ValueError):
+            process_cert(CERT=self.sites[0], starttls='nosuchmethod')
+
+    def test_invalid_address(self):
+        with pytest.raises(InvalidAddress):
+            process_cert("aa:bb.com:443")
+        with pytest.raises(InvalidAddress):
+            process_cert("github.com:notaport")
+
+
+
     def test_https_warn(self):
-        for site in self.sites:
-            # warn if expires "too soon" in 2000 days
-            code = process_cert(CERT=site, warn=2000)
-            assert code == 2
+        # warn if expires "too soon" in 2000 days
+        code = process_cert(CERT=self.sites[0], warn=2000, force_network=True)
+        assert code == 2
 
     def test_wildcard(self):
         for site in self.wildcard_sites:
@@ -70,6 +102,10 @@ def test_timeout(self):
         test_start = time.time()
         code = process_cert(CERT='0.0.0.1', limit=2)
         test_end = time.time()
-        print("code:", code)
         assert code == 1
         assert test_end - test_start >= 1
+
+    def test_nosuchdomain(self):
+        name = 'nosuchdomain-' + ''.join(random.choices(string.ascii_lowercase, k=20)) + '.com'
+        code = process_cert(CERT=name)
+        assert code == 1
-Original file line number
+Diff line change
@@ Expand Up @@
                     print()
                 print_dnames(_c)
-        elif out == 'no' or out[0] == 'quiet':
+        elif out == 'no':
             pass
         else:
@@ Expand Down @@