github.com/Cloud-Foundations/Dominator@v0.3.4/lib/net/tls/dial_test.go

github.com/Cloud-Foundations/Dominator@v0.3.4/lib/net/tls/dial_test.go (about)

     1  package tls
     2  
     3  import (
     4  	"crypto/tls"
     5  	"crypto/x509"
     6  	"net"
     7  	"strings"
     8  	"testing"
     9  
    10  	mynet "github.com/Cloud-Foundations/Dominator/lib/net"
    11  )
    12  
    13  var (
    14  	serverAddress   string
    15  	tlsCertificate  tls.Certificate
    16  	x509Certificate *x509.Certificate
    17  )
    18  
    19  func init() {
    20  	var err error
    21  	tlsCertificate, x509Certificate, err = NewTestCertificate()
    22  	if err != nil {
    23  		panic(err)
    24  	}
    25  	config := &tls.Config{
    26  		Certificates: []tls.Certificate{tlsCertificate},
    27  		MinVersion:   tls.VersionTLS12,
    28  	}
    29  	listener, err := tls.Listen("tcp", "localhost:", config)
    30  	if err != nil {
    31  		panic(err)
    32  	}
    33  	serverAddress = listener.Addr().String()
    34  	go func() {
    35  		for {
    36  			accept(listener)
    37  		}
    38  	}()
    39  }
    40  
    41  func accept(listener net.Listener) {
    42  	conn, err := listener.Accept()
    43  	if err != nil {
    44  		panic(err)
    45  	}
    46  	defer conn.Close()
    47  	conn.(*tls.Conn).Handshake()
    48  }
    49  
    50  func TestDialSkipVerify(t *testing.T) {
    51  	dialer := NewDialer(nil, &tls.Config{InsecureSkipVerify: true})
    52  	if conn, err := dialer.Dial("tcp", serverAddress); err != nil {
    53  		t.Fatalf("error dialing: %s: %s", serverAddress, err)
    54  	} else {
    55  		conn.Close()
    56  	}
    57  }
    58  
    59  func TestDialNoConfig(t *testing.T) {
    60  	dialer := NewDialer(nil, nil)
    61  	if conn, err := dialer.Dial("tcp", serverAddress); err != nil {
    62  		if strings.Contains(err.Error(),
    63  			"certificate signed by unknown authority") {
    64  			return
    65  		}
    66  		t.Fatal(err)
    67  	} else {
    68  		conn.Close()
    69  		t.Fatal("Dial with nil config did not fail")
    70  	}
    71  }
    72  
    73  func TestDialConfig(t *testing.T) {
    74  	caCertPool := x509.NewCertPool()
    75  	caCertPool.AddCert(x509Certificate)
    76  	dialer := NewDialer(nil, &tls.Config{RootCAs: caCertPool})
    77  	if conn, err := dialer.Dial("tcp", serverAddress); err != nil {
    78  		t.Fatal(err)
    79  	} else {
    80  		conn.Close()
    81  	}
    82  }
    83  
    84  func TestDialSkipVerifyMeasuringDialer(t *testing.T) {
    85  	dialer := NewDialer(mynet.NewMeasuringDialer(&net.Dialer{}),
    86  		&tls.Config{InsecureSkipVerify: true})
    87  	if conn, err := dialer.Dial("tcp", serverAddress); err != nil {
    88  		t.Fatal(err)
    89  	} else {
    90  		conn.Close()
    91  	}
    92  }