-
Notifications
You must be signed in to change notification settings - Fork 17
Expand file tree
/
Copy pathserver_tls_test.go
More file actions
79 lines (69 loc) · 2.24 KB
/
server_tls_test.go
File metadata and controls
79 lines (69 loc) · 2.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
// Copyright 2021-2024 Nokia
// Licensed under the BSD 3-Clause License.
// SPDX-License-Identifier: BSD-3-Clause
package restful
import (
"context"
"net/http"
"testing"
"time"
"github.com/stretchr/testify/assert"
)
func TestHTTPSServer(t *testing.T) {
http.HandleFunc("/a", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(204)
})
addr := ":18443"
server := NewServer().Addr(addr)
server.TLSServerCert("test_certs/tls.crt", "test_certs/tls.key")
server.TLSClientCert("test_certs", false)
go server.ListenAndServe()
defer server.Close()
c := NewClient().TLSRootCerts("test_certs", false)
err := c.Get(context.Background(), "https://localhost"+addr+"/a", nil)
assert.Equal(t, 500, GetErrStatusCode(err))
c.TLSOwnCerts("test_certs")
err = c.Get(context.Background(), "https://localhost"+addr+"/a", nil)
assert.Nil(t, err)
}
func TestHTTPSServerCRL(t *testing.T) {
http.HandleFunc("/b", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(204)
})
addr := ":18443"
ctx, canc := context.WithCancel(context.Background())
defer canc()
ch := make(chan error)
go func() {
for {
err := <-ch
t.Log(err)
}
}()
server := NewServer().Addr(addr)
server.TLSServerCert("test_certs/tls.crt", "test_certs/tls.key")
server.TLSClientCert("test_certs", false)
opt := CRLOptions{
Ctx: ctx,
StatusChan: ch,
CRLLocation: "test_certs/ca.crl",
ReadInterval: time.Minute,
FileExistTimeout: time.Minute,
}
server.CRL(opt)
go server.ListenAndServe()
defer server.Close()
c := NewClient().TLSRootCerts("test_certs", false).TLSOwnCerts("test_certs")
err := c.Get(context.Background(), "https://localhost"+addr+"/b", nil)
assert.Error(t, err) // cert has been revoked
server.setCRL(nil, time.Now().Add(-10*time.Second), true)
err = c.Get(context.Background(), "https://localhost"+addr+"/b", nil)
assert.Error(t, err) //revocation list out of date
server.setCRL(nil, time.Time{}, false)
err = c.Get(context.Background(), "https://localhost"+addr+"/b", nil)
assert.NoError(t, err)
}
func TestHTTPSServerNoOOP(t *testing.T) {
ListenAndServeTLS(":-1", "test_certs/tls.crt", "test_certs/tls.key", nil)
ListenAndServeMTLS(":-1", "test_certs/tls.crt", "test_certs/tls.key", "test_certs", false, nil)
}