astelm/grpcurl
1
0
Fork 0
mirror of https://github.com/fullstorydev/grpcurl.git synced 2026-06-30 14:51:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

use custom dialer so we can show better error messages when things like TLS handshakes go awry; restore error message checks in tls tests

Browse Source
This commit is contained in:
Josh Humphries
2017-12-13 15:30:57 -05:00
parent 45e17ae10b
commit 6c05311fb9
4 changed files with 115 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tls_settings_test.go
+24 -8
View File
@@ -125,7 +125,8 @@ func TestBrokenTLS_ClientPlainText(t *testing.T) {
// various errors possible when server closes connection
if !strings.Contains(err.Error(), "transport is closing") &&
!strings.Contains(err.Error(), "connection is unavailable") &&
!strings.Contains(err.Error(), "use of closed network connection") {
!strings.Contains(err.Error(), "use of closed network connection") &&
!strings.Contains(err.Error(), "all SubConns are in TransientFailure") {
t.Fatalf("expecting transport failure, got: %v", err)
}
@@ -142,6 +143,9 @@ func TestBrokenTLS_ServerPlainText(t *testing.T) {
t.Fatal("expecting TLS failure setting up server and client")
e.Close()
}
if !strings.Contains(err.Error(), "first record does not look like a TLS handshake") {
t.Fatalf("expecting TLS handshake failure, got: %v", err)
}
}
func TestBrokenTLS_ServerUsesWrongCert(t *testing.T) {
@@ -159,6 +163,9 @@ func TestBrokenTLS_ServerUsesWrongCert(t *testing.T) {
t.Fatal("expecting TLS failure setting up server and client")
e.Close()
}
if !strings.Contains(err.Error(), "certificate is valid for") {
t.Fatalf("expecting TLS certificate error, got: %v", err)
}
}
func TestBrokenTLS_ClientHasExpiredCert(t *testing.T) {
@@ -176,6 +183,9 @@ func TestBrokenTLS_ClientHasExpiredCert(t *testing.T) {
t.Fatal("expecting TLS failure setting up server and client")
e.Close()
}
if !strings.Contains(err.Error(), "bad certificate") {
t.Fatalf("expecting TLS certificate error, got: %v", err)
}
}
func TestBrokenTLS_ServerHasExpiredCert(t *testing.T) {
@@ -193,6 +203,9 @@ func TestBrokenTLS_ServerHasExpiredCert(t *testing.T) {
t.Fatal("expecting TLS failure setting up server and client")
e.Close()
}
if !strings.Contains(err.Error(), "certificate has expired or is not yet valid") {
t.Fatalf("expecting TLS certificate expired, got: %v", err)
}
}
func TestBrokenTLS_ClientNotTrusted(t *testing.T) {
@@ -210,6 +223,9 @@ func TestBrokenTLS_ClientNotTrusted(t *testing.T) {
t.Fatal("expecting TLS failure setting up server and client")
e.Close()
}
if !strings.Contains(err.Error(), "bad certificate") {
t.Fatalf("expecting TLS certificate error, got: %v", err)
}
}
func TestBrokenTLS_ServerNotTrusted(t *testing.T) {
@@ -227,6 +243,9 @@ func TestBrokenTLS_ServerNotTrusted(t *testing.T) {
t.Fatal("expecting TLS failure setting up server and client")
e.Close()
}
if !strings.Contains(err.Error(), "certificate signed by unknown authority") {
t.Fatalf("expecting TLS certificate error, got: %v", err)
}
}
func TestBrokenTLS_RequireClientCertButNonePresented(t *testing.T) {
@@ -244,6 +263,9 @@ func TestBrokenTLS_RequireClientCertButNonePresented(t *testing.T) {
t.Fatal("expecting TLS failure setting up server and client")
e.Close()
}
if !strings.Contains(err.Error(), "bad certificate") {
t.Fatalf("expecting TLS certificate error, got: %v", err)
}
}
func simpleTest(t *testing.T, cc *grpc.ClientConn) {
@@ -279,13 +301,7 @@ func createTestServerAndClient(serverCreds, clientCreds credentials.TransportCre
ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
defer cancel()
var tlsOpt grpc.DialOption
if clientCreds != nil {
tlsOpt = grpc.WithTransportCredentials(clientCreds)
} else {
tlsOpt = grpc.WithInsecure()
}
cc, err := grpc.DialContext(ctx, fmt.Sprintf("127.0.0.1:%d", port), grpc.WithBlock(), tlsOpt)
cc, err := BlockingDial(ctx, fmt.Sprintf("127.0.0.1:%d", port), clientCreds)
if err != nil {
return e, err
}