fluidB
/
fluidb-old
1
0
Fork 0
Code Pull Requests Activity

ServerName unit tests

Browse Source
master
Philip O'Toole 9 months ago
parent 58d6f1a260
commit 3d3f4c7e51
2 changed files with 134 additions and 32 deletions
Show Stats Download Patch File Download Diff File

46
tcp/dialer_test.go
Unescape Escape View File

@ -3,6 +3,7 @@ package tcp
import ( import (
"crypto/tls" "crypto/tls"
"errors" "errors"
"fmt"
"net" "net"
"os" "os"
"testing" "testing"
@ -79,6 +80,36 @@ func Test_DialerHeaderTLS(t *testing.T) {
} }
} }
func Test_DialerHeaderTLS_ExampleDotCom(t *testing.T) {
s, cert, key := mustNewEchoServerTLS_ExampleDotCom()
defer s.Close()
defer os.Remove(cert)
defer os.Remove(key)
go s.Start(t)
// Set server name to wrong value, dialing should fail.
tlsConfig, err := rtls.CreateClientConfig("", "", cert, "wrong.com", false)
if err != nil {
t.Fatalf("failed to create TLS config: %s", err.Error())
}
d := NewDialer(23, tlsConfig)
_, err = d.Dial(s.Addr(), 5*time.Second)
if err == nil {
t.Fatalf("dialing TLS echo server should have failed")
}
// Set server name to example.com, so dialing should succeed.
tlsConfig, err = rtls.CreateClientConfig("", "", cert, "example.com", false)
if err != nil {
t.Fatalf("failed to create TLS config: %s", err.Error())
}
d = NewDialer(23, tlsConfig)
_, err = d.Dial(s.Addr(), 5*time.Second)
if err != nil {
t.Fatalf("failed to dial TLS echo server: %s", err.Error())
}
}
func Test_DialerHeaderTLSBadConnect(t *testing.T) { func Test_DialerHeaderTLSBadConnect(t *testing.T) {
s, cert, key := mustNewEchoServerTLS() s, cert, key := mustNewEchoServerTLS()
defer s.Close() defer s.Close()
@ -163,3 +194,18 @@ func mustNewEchoServerTLS() (*echoServer, string, string) {
ln: tls.NewListener(ln, tlsConfig), ln: tls.NewListener(ln, tlsConfig),
}, cert, key }, cert, key
} }
func mustNewEchoServerTLS_ExampleDotCom() (*echoServer, string, string) {
ln := mustTCPListener("127.0.0.1:0")
cert := x509.CertExampleDotComFile("")
key := x509.KeyExampleDotComFile("")
tlsConfig, err := rtls.CreateServerConfig(cert, key, rtls.NoCACert, true)
if err != nil {
panic(fmt.Sprintf("failed to create TLS config: %s", err.Error()))
}
return &echoServer{
ln: tls.NewListener(ln, tlsConfig),
}, cert, key
}

120
testdata/x509/resources.go vendored
Unescape Escape View File

@ -1,7 +1,7 @@
package x509 package x509
import ( import (
"io/ioutil" "os"
) )
// CertFile returns the path to a temporary file, in directory dir, containing a cert. // CertFile returns the path to a temporary file, in directory dir, containing a cert.
@ -18,11 +18,25 @@ func KeyFile(dir string) string {
return mustWriteToFile(dir, key) return mustWriteToFile(dir, key)
} }
// CertExampleDotComFile returns the path to a temporary file, in directory dir, containing
// a cert for example.com. It is up to the caller to remove the file when finished. If
// dir is the empty string then the default directory for temporary files is used.
func CertExampleDotComFile(dir string) string {
return mustWriteToFile(dir, certExampleDotCom)
}
// KeyExampleDotComFile returns the path to a temporary file, in directory dir, containing
// a key for example.com. It is up to the caller to remove the file when finished. If
// dir is the empty string then the default directory for temporary files is used.
func KeyExampleDotComFile(dir string) string {
return mustWriteToFile(dir, keyExampleDotCom)
}
func mustWriteToFile(dir, content string) string { func mustWriteToFile(dir, content string) string {
b := []byte(content) b := []byte(content)
path := mustTempFile(dir) path := mustTempFile(dir)
if err := ioutil.WriteFile(path, b, 0600); err != nil { if err := os.WriteFile(path, b, 0600); err != nil {
panic(err.Error()) panic(err.Error())
} }
return path return path
@ -32,7 +46,7 @@ func mustWriteToFile(dir, content string) string {
// caller to remove the file once it is no longer needed. If dir is the empty // caller to remove the file once it is no longer needed. If dir is the empty
// string, then the default directory for temporary files is used. // string, then the default directory for temporary files is used.
func mustTempFile(dir string) string { func mustTempFile(dir string) string {
tmpfile, err := ioutil.TempFile(dir, "rqlite-tls-test") tmpfile, err := os.CreateTemp(dir, "rqlite-tls-test")
if err != nil { if err != nil {
panic(err.Error()) panic(err.Error())
} }
@ -41,35 +55,26 @@ func mustTempFile(dir string) string {
} }
const cert = `-----BEGIN CERTIFICATE----- const cert = `-----BEGIN CERTIFICATE-----
MIIFXTCCA0WgAwIBAgIJALrA6P0W35jRMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV MIIDkjCCAnqgAwIBAgIUMzZwlZl1wGrsn6gd3i6a3mRzhskwDQYJKoZIhvcNAQEL
BAYTAlVTMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX BQAwczELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJh
aWRnaXRzIFB0eSBMdGQwHhcNMTcwNjEwMjIwMDM1WhcNMTgwNjEwMjIwMDM1WjBF bmNpc2NvMRMwEQYDVQQKDApNeSBDb21wYW55MRQwEgYDVQQLDAtNeSBEaXZpc2lv
MQswCQYDVQQGEwJVUzETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 bjEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcNMjMxMjIxMTMyNDI1WhcNMjQxMjIw
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC MTMyNDI1WjBzMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDVNh
CgKCAgEA2cxg1IcP1gDQezLJm9MDkEEHqOZEAn1iatoIHUoIlfu36Sripn4yoTxM biBGcmFuY2lzY28xEzARBgNVBAoMCk15IENvbXBhbnkxFDASBgNVBAsMC015IERp
1pmOT37CFoaiRfj0biEbjrgfi0QXk9z4E7Vy0XGF6XB5KofOneqnUuSgnOnEkL0p dmlzaW9uMRQwEgYDVQQDDAtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
gQ3itCr/FLkvuT8/zYKL+PXsMnfHGORgJmHlu1/4rY6Z/dayaf4fUFlKRRziEVUn ggEPADCCAQoCggEBALyTUYxZHFXr1vF2XfBkoCpo/L5TJVuBMNRl1WAZASmDhYCT
3EMd/hHFHThXimWd3mtxE1YnpKimnFLmIYjXrK22QUZJ2MYVcRklJYaXhIJgHW2s SMCMtrvxM56jtdeOuS24V10CxiV2Wd2PvmRo/GGplZyVvwz/JwzHKS+Jyt8y2HP5
oe+ZRhFHxcYoY3znRFZXYkoCXETcExCmo7czLoN4/F92zFDEGbAMbwC/7Zo9AxQg bJB8Wuw0CoITt431ojC9Qd3P1htasRGg3+i8/w00nnRUs2OdBCPFstmfikMZ6kFP
30Q4iCrLfwAx+M/0A2dRbSTqGReBeBVfEBWopfz7zV3W7kI+s5K2AIFi+1hbmJ6a Lbl4Sz4/Hd+qIIjGkCZd2hSMCz+NagsN/Mn12UKcyau+5C24WhMOUm1UFg3DckFa
mKomv3f4z6Ml+yOqrq4KtrDSxnSf6Vh7EHsws6uyMG7Y6rLpPm1sLDiffPABlAti o/jfTIsrVlenYd9WiP9vTI/SWytAhER/tAxreR8OVRvQ8EbZ3Q8kGAxOL/CkN+Yb
/YlVT+3vlg86h7Vlw68CcNSclgyfFW+i1e5a+EV7WB0VmIQXzSkhA86b9aD8qWdL 5DgEQ1UJSJDJS0K0AQt3quUQGx9B14Wx5ZR828kCAwEAAaMeMBwwGgYDVR0RBBMw
N4H8sRlSZ3XfIil4u93QDC/NzJl22wRsN7926xR4DgbCesEsc361KYE8fBSx61fa EYIPc2FuLmV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCdQIowDAZn7DGV
6EyvlQoI2I4r1aWCSHq7YGfV6guBZekR0BeaIsoNwfZDZrboL0sOrHGxiEfzYdVC aHkhxA+qT/Tu62cpkbNkd92L2Kt9QmkTuu6i7MOW0a3qUDYyv6vJSSznYwsjefe4
pAxjdG13zuPo+634fUfewBAq695kVYcy3aBt2wOkLyQGLu0CHHsCAwEAAaNQME4w aAYWIqK5MdEztCk3MyYiwtNNZHCAoIbTT+/8REjmDzfbaNxXo0JlSoRbf+LUpnbT
HQYDVR0OBBYEFAYLLJUqmUdXCNYTQIWX1ICBKGvWMB8GA1UdIwQYMBaAFAYLLJUq WF56IgoZGcI+yJqgoPrpgGZXLEMEcus7bMDwabruQndClCtoP33ezhw06G8Tk3Z4
mUdXCNYTQIWX1ICBKGvWMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIB /eTtGjCuYdKfzl7PLIP/k7kJqVVqPO4jKFnSbXRcvgmk9bA3RVIr4asbyK85wskS
AGnvTPevCooo3xO8U/lq2YNo3cFxYnkurBwAn5pwzJrtPgogwezBltEp52+n39TY HKJWgffj/dB4TEWO7SOK5nfudsQucF8SkL9FsYecDaeaNXjHz2RLvnrpl84StRGS
5hSa//pfKdQz2GrQ9YvX1vB8gWkNLxBe6g2ksn0DsGTApC/te1p4M+yTKhogtE7a hS/pL0AI
qYmZBSEI46URe0JLYNirzdTu5dri7DzxFc7E/XlQ0riuMyHNqOP0JXKhxKN1dYOu
NEPxekq2Z2phoo1ul8hBXsz4IRwVeQOAtpRnfrKjxogOI1teP/RSikTsSLvFHxqo
UHVzwBexQs9isBlBUcmuKksxoGugqqSkGQRE+dSs5RSeEPLexMgACfFmKfpS+Vn4
ikb2ETQ3i76+JgMoDHKwb4u9xIyKTUToIsx5dUO+o7paPfyqRE6WbO4H+suM4VCd
VhNbG9qv02Fl8vdYAc/A6tVyV8b4fMbSsGEQnBlvKuOXf/uxAIcz11WUQ4gy/0/e
kHbMqGuBFPkg5nww3dBxkrBbtKq/1yrnQUjpBvjYtyUvoKrLSbQSGj586i52r4hF
+bqGPTxmk6hU4JZN+0wvkbVWLZBTRVNKs8Sb6fRWTd2Zd/o7a7QFhbnnAhv8bgyb
4472yLaXTL/siml+LlSrNGeZEsAaCVH4ETp+HzjpAMAyhhFGqCixG0e9BRPGV936
H/8+SUQK5KxnwDz3hqrAVJyimrvNlSaP1eZ5P8WXuvBl
-----END CERTIFICATE-----` -----END CERTIFICATE-----`
const key = `-----BEGIN PRIVATE KEY----- const key = `-----BEGIN PRIVATE KEY-----
@ -124,3 +129,54 @@ bKAjGuXsKOT3MPFU9tHxi4q/7flUb30mSUVXyPjh+C+UH7e0BS0pi/rDeRdEju4z
bJVERP8/VAJ61TDQJq+Il95fzKe4yTA3dDHnO+EG5W2eCsawTK4Ze5XAWqomgdew bJVERP8/VAJ61TDQJq+Il95fzKe4yTA3dDHnO+EG5W2eCsawTK4Ze5XAWqomgdew
62D3AkJQiflLfJL8zTFph1FZXLOm 62D3AkJQiflLfJL8zTFph1FZXLOm
-----END PRIVATE KEY-----` -----END PRIVATE KEY-----`
const certExampleDotCom = `-----BEGIN CERTIFICATE-----
MIIDjjCCAnagAwIBAgIUQdomCw77L5nEqXe9WKVBu+YNTtUwDQYJKoZIhvcNAQEL
BQAwczELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJh
bmNpc2NvMRMwEQYDVQQKDApNeSBDb21wYW55MRQwEgYDVQQLDAtNeSBEaXZpc2lv
bjEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcNMjMxMjIxMTMyNzUzWhcNMjQxMjIw
MTMyNzUzWjBzMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDVNh
biBGcmFuY2lzY28xEzARBgNVBAoMCk15IENvbXBhbnkxFDASBgNVBAsMC015IERp
dmlzaW9uMRQwEgYDVQQDDAtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSBJKK21N5pxrkcNOUun0VWZmSQr/CgGv0bYMoxHQhsa+Sr
zvDom+4+tXrlDwEqtpaUOC4HPTZHZoPJPcII9lpLwxRcFX7foyZ0N5IDgF5Dg1o/
1Wrujh/fQJ0TMjWua5VxAhRBWlY2h3uEe482wDC9d0aVBEFG6agaKcV6NaKs+VLX
lF8raVYsckjm2ad99wDg8WBAhyLKoEo+2Rfnpj0V4O3G3gK3CTR/QXXT3lTWPVeR
gcQNzhA7oPrrgp0jKpWdjfKp7SokfAYYelzs155Zam7YX3danHZb6JHdYPYco82U
R8vkjIj0LvuteKNb4VQfIj63HJy6X84blLpmbl8CAwEAAaMaMBgwFgYDVR0RBA8w
DYILZXhhbXBsZS5jb20wDQYJKoZIhvcNAQELBQADggEBAD0lAd964YLyg0HCigC8
GoPlPAtkFwhFwRaklm7LhZQOfgS1QruOtm1ds2PuSSr787L/tInWogp2SO1tCLK+
O+2bu0w59UhKc1bK9OWhBk0yLnMVkOIMF4Rp0kgocKVjX12Q/2Gd8Yr6UL4inOUV
r7/VOlekLQLkslsS73udGURmV/2G/90a/QuG8ZOKexLzUFVe/VPOVZ0/Jmxzckg1
W4tevlDIckAcBD6zovycDgY/qDwNyVvGot6N0BxFCSoq1iqg2vgr7zvuz++N7HPi
1mCoxsDmy5i7cEBewtvl+9+yu6OvQdkr7LZpgEyZnyiG/Q6xHxxe3QlQc3WEc0fQ
NPU=
-----END CERTIFICATE-----`
const keyExampleDotCom = `-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAtIEkorbU3mnGuRw05S6fRVZmZJCv8KAa/RtgyjEdCGxr5KvO
8Oib7j61euUPASq2lpQ4Lgc9Nkdmg8k9wgj2WkvDFFwVft+jJnQ3kgOAXkODWj/V
au6OH99AnRMyNa5rlXECFEFaVjaHe4R7jzbAML13RpUEQUbpqBopxXo1oqz5UteU
XytpVixySObZp333AODxYECHIsqgSj7ZF+emPRXg7cbeArcJNH9BddPeVNY9V5GB
xA3OEDug+uuCnSMqlZ2N8qntKiR8Bhh6XOzXnllqbthfd1qcdlvokd1g9hyjzZRH
y+SMiPQu+614o1vhVB8iPrccnLpfzhuUumZuXwIDAQABAoIBAQCCd94NJm3SnU4g
On0ZMou4yGyWP+aL3I3laMabHsjHb+bEkFKx2s/qcrUmMS6ZP1Beop/A1UavVwiI
NQtIlsXKGnzU2IJJBEie4N3R0moUuGPW9dDCy886xlmjr15ZYsssZ1SDY4FyU1O2
Odo9d+uOz0PJZqh+rkzxTofmzyC5hWp/QDSwflM63Ddc54oxqXre3d7E4ZIybv4z
/NhjVOeJQ5rcsPuoDyzcvu9zjoZlWyUVhJXxOD9Lsl4m1OtedlCy5pC7EGLfKCX8
2cMa6xyRGG5fkD1p3KtRjDRlCnJWZSfUpqfyBDNyd35ggsU2t1YUjtGOIm02s8Bv
Ppj91spRAoGBAN31QS7hb68KeyXzIg8PTmekuCe3J5pLdqqSJUddRRnuXF3Ck1UG
vIxCTthMDnrwm1zNOKSr8o1yWQiB+D8+wK4BQBWp3d+aPMdmXKrLabyOvBYC9l1k
pmvApgU3mq3Gmo5HItqnKveu77/0f9Phc7+Zx61D0M64GoyxCocxOeclAoGBANAw
S8ON0ly9z9/SeP7827GZe6BTHRosDLIeB4nhj28UkZA5Tqmhl9KltYRKN+elM9lk
dEbpJHKbQq8p9KrMgPMZbA10clp0201Phl+p/gXoV3+tW4ty68LnoHoJ0aVmcJg7
1wi6hQA4TktsuqGrQopxBcP2sfkPxw2wvOsC0zozAoGAIsrMAe5ClHyfGy7Gevfa
QXLXjxotsgj8O/aWs14Sc+MiRWw3rg9VROMr+snJR0oqAF0G8QEnDzcKb8P3xuou
R9hYVE0BQ4io2FTaV8d09qKlJwol1jPtxlw3af/yViUYmw7Zjs6/dH3OhRdtZigj
/be8ThOgSpcfSkiCLvjva6UCgYB5mWv3WbPgNYHgYqgHj5umnVZHK6SY79euhbmz
gErt/56SFdbrX5Y1FFL0ZQFITQb+2BzOekiupB8L/r6IsJA07cleBoDwcsbQ3j1H
TRwxSScqTRBmYAZyviXOgkOwjyf+0xzjXUZn/XtFtMlBuq1P/Xn3nvUO23dReMSv
o+PKXwKBgAIAB8Om2Sn2WtVbEoUSKthdp3C3Uv4rtpuHrChA/CJfznTz+abDI0Lq
65L3OLg5mPkyRQQuOPyo68S9ebuAwfX464G/P3IPPc3wcvvVOKrvgCxRbDzoO90i
XRolXKALnQTRz+4u+Essl9QG8ETWtAPz3De6fJybfSbg616LXr0u
-----END RSA PRIVATE KEY-----`

Write Preview
Loading…
Cancel
Save