From 93f829eba9f1d503c4864cdd9a4585ae39c91484 Mon Sep 17 00:00:00 2001 From: Chris Gilmer Date: Thu, 11 Jul 2019 20:36:39 +0000 Subject: [PATCH] Add tests against the tls connection --- pkg/server/server_test.go | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/pkg/server/server_test.go b/pkg/server/server_test.go index aed85116ae6..0239395a88d 100644 --- a/pkg/server/server_test.go +++ b/pkg/server/server_test.go @@ -217,19 +217,20 @@ func (suite *serverSuite) TestTLSConfigWithRequest() { Logger: suite.logger, Certificates: []tls.Certificate{keyPair}, }) - suite.Nil(err) defer srv.Close() + suite.Nil(err) // Start the Server go srv.ListenAndServeTLS() // Send a request + config := tls.Config{ + RootCAs: caCertPool, + Certificates: []tls.Certificate{keyPair}, + } client := &http.Client{ Transport: &http.Transport{ - TLSClientConfig: &tls.Config{ - RootCAs: caCertPool, - Certificates: []tls.Certificate{keyPair}, - }, + TLSClientConfig: &config, }, } res, err := client.Get(fmt.Sprintf("https://%s:%d", host, port)) @@ -237,9 +238,22 @@ func (suite *serverSuite) TestTLSConfigWithRequest() { // Read the response if res != nil { - body, err := ioutil.ReadAll(res.Body) + body, bodyErr := ioutil.ReadAll(res.Body) res.Body.Close() - suite.Nil(err) + suite.Nil(bodyErr) suite.Equal(htmlBody+"\n", string(body)) } + + // Check the connection + conn, err := tls.Dial("tcp", fmt.Sprintf("%s:%d", host, port), &config) + defer conn.Close() + suite.Nil(err) + + connState := conn.ConnectionState() + suite.Equal(tls.VersionTLS12, int(connState.Version)) + suite.True(connState.HandshakeComplete) + suite.False(connState.DidResume) + suite.Equal("", connState.NegotiatedProtocol) + suite.True(connState.NegotiatedProtocolIsMutual) + suite.Equal("", connState.ServerName) }