forked from Venafi/vcert
-
Notifications
You must be signed in to change notification settings - Fork 2
/
listener_test.go
70 lines (64 loc) · 2.04 KB
/
listener_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package vcert
import (
"crypto/tls"
"crypto/x509"
"fmt"
"github.com/Venafi/vcert/v4/pkg/endpoint"
"github.com/Venafi/vcert/v4/pkg/venafi/fake"
"io/ioutil"
"net/http"
"testing"
"time"
)
func TestConfig_NewListener(t *testing.T) {
t.Run("normal", func(t *testing.T) {
testListener(t, "localhost:18443", []string{"localhost:18443"}, true)
})
t.Run("default port", func(t *testing.T) {
testListener(t, "localhost:443", []string{"localhost"}, true)
})
t.Run("two domains", func(t *testing.T) {
testListener(t, "localhost:8443", []string{"localhost", "test.example.com:8443"}, true)
})
t.Run("port conflict", func(t *testing.T) {
testListener(t, "localhost:8444", []string{"localhost:443", "test.example.com:8444"}, false)
})
t.Run("invalid hostname", func(t *testing.T) {
testListener(t, "localhost:8445", []string{"example.com:8445"}, false)
})
}
func testListener(t *testing.T, host string, domains []string, success bool) {
const text = "It works!\n"
cfg := Config{ConnectorType: endpoint.ConnectorTypeFake}
mux := http.NewServeMux()
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
fmt.Fprint(w, text)
})
listener := cfg.NewListener(domains...)
defer listener.Close()
go http.Serve(listener, mux)
time.Sleep(time.Millisecond * 100)
client := http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{}}}
_, err := client.Get("https://" + host + "/")
if err == nil {
t.Fatal("without trust bundle connection should fail")
}
connectionTrustBundle := x509.NewCertPool()
connectionTrustBundle.AppendCertsFromPEM([]byte(fake.CaCertPEM))
client = http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{RootCAs: connectionTrustBundle}}}
r, err := client.Get("https://" + host + "/")
if success && err != nil {
t.Fatal(err)
} else if !success && err == nil {
t.Fatal("test should fail but it doesnt")
} else if !success {
return
}
if r.StatusCode != 200 {
t.Fatalf("bad code: %v", r.StatusCode)
}
b, _ := ioutil.ReadAll(r.Body)
if string(b) != text {
t.Fatalf("bad text: %v", text)
}
}