github.com/leonlxy/hyperledger@v1.0.0-alpha.0.20170427033203-34922035d248/core/comm/connection_test.go (about) 1 /* 2 Copyright IBM Corp. 2016 All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package comm 18 19 import ( 20 "fmt" 21 "io/ioutil" 22 "path/filepath" 23 "testing" 24 25 "github.com/spf13/viper" 26 27 "github.com/hyperledger/fabric/core/testutil" 28 "github.com/stretchr/testify/assert" 29 "google.golang.org/grpc" 30 ) 31 32 const ( 33 numOrgs = 2 34 numChildOrgs = 2 35 ) 36 37 //string for cert filenames 38 var ( 39 orgCACert = filepath.Join("testdata", "certs", "Org%d-cert.pem") 40 childCACert = filepath.Join("testdata", "certs", "Org%d-child%d-cert.pem") 41 ) 42 43 var badPEM = `-----BEGIN CERTIFICATE----- 44 MIICRDCCAemgAwIBAgIJALwW//dz2ZBvMAoGCCqGSM49BAMCMH4xCzAJBgNVBAYT 45 AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2Nv 46 MRgwFgYDVQQKDA9MaW51eEZvdW5kYXRpb24xFDASBgNVBAsMC0h5cGVybGVkZ2Vy 47 MRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMTYxMjA0MjIzMDE4WhcNMjYxMjAyMjIz 48 MDE4WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UE 49 BwwNU2FuIEZyYW5jaXNjbzEYMBYGA1UECgwPTGludXhGb3VuZGF0aW9uMRQwEgYD 50 VQQLDAtIeXBlcmxlZGdlcjESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C 51 -----END CERTIFICATE----- 52 ` 53 54 func TestConnection_Correct(t *testing.T) { 55 testutil.SetupTestConfig() 56 viper.Set("ledger.blockchain.deploy-system-chaincode", "false") 57 peerAddress := GetPeerTestingAddress("7051") 58 var tmpConn *grpc.ClientConn 59 var err error 60 if TLSEnabled() { 61 tmpConn, err = NewClientConnectionWithAddress(peerAddress, true, true, InitTLSForPeer()) 62 } 63 tmpConn, err = NewClientConnectionWithAddress(peerAddress, true, false, nil) 64 if err != nil { 65 t.Fatalf("error connection to server at host:port = %s\n", peerAddress) 66 } 67 68 tmpConn.Close() 69 } 70 71 func TestConnection_WrongAddress(t *testing.T) { 72 testutil.SetupTestConfig() 73 viper.Set("ledger.blockchain.deploy-system-chaincode", "false") 74 peerAddress := GetPeerTestingAddress("7052") 75 var tmpConn *grpc.ClientConn 76 var err error 77 if TLSEnabled() { 78 tmpConn, err = NewClientConnectionWithAddress(peerAddress, true, true, InitTLSForPeer()) 79 } 80 tmpConn, err = NewClientConnectionWithAddress(peerAddress, true, false, nil) 81 if err == nil { 82 fmt.Printf("error connection to server - at host:port = %s\n", peerAddress) 83 t.Error("error connection to server - connection should fail") 84 tmpConn.Close() 85 } 86 } 87 88 // utility function to load up our test root certificates from testdata/certs 89 func loadRootCAs() [][]byte { 90 91 rootCAs := [][]byte{} 92 for i := 1; i <= numOrgs; i++ { 93 root, err := ioutil.ReadFile(fmt.Sprintf(orgCACert, i)) 94 if err != nil { 95 return [][]byte{} 96 } 97 rootCAs = append(rootCAs, root) 98 for j := 1; j <= numChildOrgs; j++ { 99 root, err := ioutil.ReadFile(fmt.Sprintf(childCACert, i, j)) 100 if err != nil { 101 return [][]byte{} 102 } 103 rootCAs = append(rootCAs, root) 104 } 105 } 106 return rootCAs 107 } 108 109 func TestCASupport(t *testing.T) { 110 111 rootCAs := loadRootCAs() 112 t.Logf("loaded %d root certificates", len(rootCAs)) 113 if len(rootCAs) != 6 { 114 t.Fatalf("failed to load root certificates") 115 } 116 117 cas := GetCASupport() 118 cas.AppRootCAsByChain["channel1"] = [][]byte{rootCAs[0]} 119 cas.AppRootCAsByChain["channel2"] = [][]byte{rootCAs[1]} 120 cas.OrdererRootCAsByChain["channel1"] = [][]byte{(rootCAs[2])} 121 cas.OrdererRootCAsByChain["channel2"] = [][]byte{rootCAs[3]} 122 cas.ServerRootCAs = [][]byte{rootCAs[4]} 123 cas.ClientRootCAs = [][]byte{rootCAs[4], rootCAs[5]} 124 125 appServerRoots, ordererServerRoots := cas.GetServerRootCAs() 126 t.Logf("%d appServerRoots | %d ordererServerRoots", len(appServerRoots), 127 len(ordererServerRoots)) 128 assert.Equal(t, 3, len(appServerRoots), "Expected 3 app server root CAs") 129 assert.Equal(t, 3, len(ordererServerRoots), "Expected 3 orderer server root CAs") 130 131 appClientRoots, ordererClientRoots := cas.GetClientRootCAs() 132 t.Logf("%d appClientRoots | %d ordererClientRoots", len(appClientRoots), 133 len(ordererClientRoots)) 134 assert.Equal(t, 4, len(appClientRoots), "Expected 4 app server root CAs") 135 assert.Equal(t, 4, len(ordererClientRoots), "Expected 4 orderer server root CAs") 136 137 // make sure we really have a singleton 138 casClone := GetCASupport() 139 assert.Exactly(t, casClone, cas, "Expected GetCASupport to be a singleton") 140 141 creds := cas.GetDeliverServiceCredentials() 142 assert.Equal(t, "1.2", creds.Info().SecurityVersion, 143 "Expected Security version to be 1.2") 144 145 // append some bad certs and make sure things still work 146 cas.ServerRootCAs = append(cas.ServerRootCAs, []byte("badcert")) 147 cas.ServerRootCAs = append(cas.ServerRootCAs, []byte(badPEM)) 148 creds = cas.GetDeliverServiceCredentials() 149 assert.Equal(t, "1.2", creds.Info().SecurityVersion, 150 "Expected Security version to be 1.2") 151 152 }