@@ -34,7 +34,7 @@ import (
3434 "github.com/nats-io/nkeys"
3535
3636 "github.com/klauspost/compress/s2"
37- jwt "github.com/nats-io/jwt/v2"
37+ "github.com/nats-io/jwt/v2"
3838 "github.com/nats-io/nats.go"
3939
4040 "github.com/nats-io/nats-server/v2/internal/testhelper"
@@ -337,12 +337,45 @@ func TestLeafNodeTLSRemoteWithNoCerts(t *testing.T) {
337337
338338type captureErrorLogger struct {
339339 DummyLogger
340- errCh chan string
340+ filter func (string ) bool
341+ errCh chan string
342+ sync.Mutex
343+ }
344+
345+ func (l * captureErrorLogger ) setFilter (f func (string ) bool ) {
346+ l .Lock ()
347+ l .filter = f
348+ l .Unlock ()
341349}
342350
343351func (l * captureErrorLogger ) Errorf (format string , v ... any ) {
352+ msg := fmt .Sprintf (format , v ... )
353+
354+ l .Lock ()
355+ defer l .Unlock ()
356+
357+ if l .filter != nil && ! l .filter (msg ) {
358+ return
359+ }
360+
344361 select {
345- case l .errCh <- fmt .Sprintf (format , v ... ):
362+ case l .errCh <- msg :
363+ default :
364+ }
365+ }
366+
367+ func (l * captureErrorLogger ) Debugf (format string , v ... any ) {
368+ msg := fmt .Sprintf (format , v ... )
369+
370+ l .Lock ()
371+ defer l .Unlock ()
372+
373+ if l .filter != nil && ! l .filter (msg ) {
374+ return
375+ }
376+
377+ select {
378+ case l .errCh <- msg :
346379 default :
347380 }
348381}
@@ -2624,7 +2657,7 @@ func TestLeafNodeTLSConfigReload(t *testing.T) {
26242657 defer srvA .Shutdown ()
26252658
26262659 lg := & captureErrorLogger {errCh : make (chan string , 10 )}
2627- srvA .SetLogger (lg , false , false )
2660+ srvA .SetLogger (lg , true , false )
26282661
26292662 confB := createConfFile (t , []byte (fmt .Sprintf (`
26302663 listen: -1
@@ -2652,16 +2685,17 @@ func TestLeafNodeTLSConfigReload(t *testing.T) {
26522685 srvB := RunServer (optsB )
26532686 defer srvB .Shutdown ()
26542687
2655- // Wait for the error
2656- select {
2657- case err := <- lg .errCh :
2688+ lg .setFilter (func (m string ) bool {
26582689 // Since Go 1.18, we had to regenerate certs to not have to use GODEBUG="x509sha1=1"
26592690 // But on macOS, with our test CA certs, no SCTs included, it will fail
26602691 // for the reason "x509: “localhost” certificate is not standards compliant"
26612692 // instead of "unknown authority".
2662- if ! strings .Contains (err , "unknown" ) && ! strings .Contains (err , "compliant" ) {
2663- t .Fatalf ("Unexpected error: %v" , err )
2664- }
2693+ return strings .Contains (m , "unknown" ) || strings .Contains (m , "compliant" )
2694+ })
2695+
2696+ // Wait for the error
2697+ select {
2698+ case <- lg .errCh :
26652699 case <- time .After (2 * time .Second ):
26662700 t .Fatalf ("Did not get TLS error" )
26672701 }
@@ -2697,7 +2731,7 @@ func TestLeafNodeTLSConfigReloadForRemote(t *testing.T) {
26972731 defer srvA .Shutdown ()
26982732
26992733 lg := & captureErrorLogger {errCh : make (chan string , 10 )}
2700- srvA .SetLogger (lg , false , false )
2734+ srvA .SetLogger (lg , true , false )
27012735
27022736 template := `
27032737 listen: -1
@@ -2719,12 +2753,12 @@ func TestLeafNodeTLSConfigReloadForRemote(t *testing.T) {
27192753 srvB , _ := RunServerWithConfig (confB )
27202754 defer srvB .Shutdown ()
27212755
2756+ lg .setFilter (func (m string ) bool {
2757+ return strings .Contains (m , "bad certificate" )
2758+ })
27222759 // Wait for the error
27232760 select {
2724- case err := <- lg .errCh :
2725- if ! strings .Contains (err , "bad certificate" ) {
2726- t .Fatalf ("Unexpected error: %v" , err )
2727- }
2761+ case <- lg .errCh :
27282762 case <- time .After (2 * time .Second ):
27292763 t .Fatalf ("Did not get TLS error" )
27302764 }
@@ -3076,13 +3110,13 @@ func TestLeafNodeWSFailedConnection(t *testing.T) {
30763110 defer ln .Shutdown ()
30773111
30783112 el := & captureErrorLogger {errCh : make (chan string , 100 )}
3079- ln .SetLogger (el , false , false )
3113+ ln .SetLogger (el , true , false )
30803114
3115+ el .setFilter (func (m string ) bool {
3116+ return strings .Contains (m , "handshake error" )
3117+ })
30813118 select {
3082- case err := <- el .errCh :
3083- if ! strings .Contains (err , "handshake error" ) {
3084- t .Fatalf ("Unexpected error: %v" , err )
3085- }
3119+ case <- el .errCh :
30863120 case <- time .After (time .Second ):
30873121 t .Fatal ("No error reported!" )
30883122 }
@@ -5002,17 +5036,18 @@ func TestLeafNodeTLSHandshakeFirst(t *testing.T) {
50025036 // handshake first since the hub is configured that way.
50035037 // Set a logger on s1 to capture errors
50045038 l := & captureErrorLogger {errCh : make (chan string , 10 )}
5005- s1 .SetLogger (l , false , false )
5039+ s1 .SetLogger (l , true , false )
50065040
50075041 confSpoke = createConfFile (t , []byte (fmt .Sprintf (tmpl2 , o1 .LeafNode .Port , "false" )))
50085042 s2 , _ = RunServerWithConfig (confSpoke )
50095043 defer s2 .Shutdown ()
50105044
5045+ l .setFilter (func (m string ) bool {
5046+ return strings .Contains (m , "handshake error" )
5047+ })
5048+
50115049 select {
5012- case err := <- l .errCh :
5013- if ! strings .Contains (err , "handshake error" ) {
5014- t .Fatalf ("Unexpected error: %v" , err )
5015- }
5050+ case <- l .errCh :
50165051 case <- time .After (2 * time .Second ):
50175052 t .Fatal ("Did not get TLS handshake failure" )
50185053 }
0 commit comments