diff options
| author | Luca Casonato <hello@lcas.dev> | 2021-09-30 09:26:15 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-09-30 09:26:15 +0200 |
| commit | 0d7a417f332a57fb3e89250a1ce250b929d0b2f7 (patch) | |
| tree | 8f63043fcf6c5419d6d213a196c54a8b421e3d8b /cli/tests/unit/tls_test.ts | |
| parent | 62920e4ef5bed131c125c4b8b5bdb8250584946f (diff) | |
feat(tls): custom in memory CA certificates (#12219)
This adds support for using in memory CA certificates for
`Deno.startTLS`, `Deno.connectTLS` and `Deno.createHttpClient`.
`certFile` is deprecated in `startTls` and `connectTls`, and removed
from `Deno.createHttpClient`.
Diffstat (limited to 'cli/tests/unit/tls_test.ts')
| -rw-r--r-- | cli/tests/unit/tls_test.ts | 70 |
1 files changed, 66 insertions, 4 deletions
diff --git a/cli/tests/unit/tls_test.ts b/cli/tests/unit/tls_test.ts index 391c51504..b2382833f 100644 --- a/cli/tests/unit/tls_test.ts +++ b/cli/tests/unit/tls_test.ts @@ -182,7 +182,7 @@ unitTest( const conn = await Deno.connectTls({ hostname, port, - certFile: "cli/tests/testdata/tls/RootCA.pem", + caCerts: [Deno.readTextFileSync("cli/tests/testdata/tls/RootCA.pem")], }); assert(conn.rid > 0); const w = new BufWriter(conn); @@ -230,7 +230,7 @@ async function tlsPair(): Promise<[Deno.Conn, Deno.Conn]> { const connectPromise = Deno.connectTls({ hostname: "localhost", port, - certFile: "cli/tests/testdata/tls/RootCA.pem", + caCerts: [Deno.readTextFileSync("cli/tests/testdata/tls/RootCA.pem")], }); const endpoints = await Promise.all([acceptPromise, connectPromise]); @@ -570,7 +570,7 @@ async function tlsWithTcpFailureTestImpl( Deno.connectTls({ hostname: "localhost", port: tcpPort, - certFile: "cli/tests/testdata/tls/RootCA.crt", + caCerts: [Deno.readTextFileSync("cli/tests/testdata/tls/RootCA.pem")], }), ]); @@ -1052,7 +1052,69 @@ unitTest( privateKey: await Deno.readTextFile( "cli/tests/testdata/tls/localhost.key", ), - certFile: "cli/tests/testdata/tls/RootCA.crt", + caCerts: [Deno.readTextFileSync("cli/tests/testdata/tls/RootCA.pem")], + }); + const result = decoder.decode(await readAll(conn)); + assertEquals(result, "PASS"); + conn.close(); + }, +); + +unitTest( + { permissions: { read: true, net: true } }, + async function connectTLSCaCerts() { + const conn = await Deno.connectTls({ + hostname: "localhost", + port: 4557, + caCerts: [Deno.readTextFileSync("cli/tests/testdata/tls/RootCA.pem")], + }); + const result = decoder.decode(await readAll(conn)); + assertEquals(result, "PASS"); + conn.close(); + }, +); + +unitTest( + { permissions: { read: true, net: true } }, + async function connectTLSCertFile() { + const conn = await Deno.connectTls({ + hostname: "localhost", + port: 4557, + certFile: "cli/tests/testdata/tls/RootCA.pem", + }); + const result = decoder.decode(await readAll(conn)); + assertEquals(result, "PASS"); + conn.close(); + }, +); + +unitTest( + { permissions: { read: true, net: true } }, + async function startTLSCaCerts() { + const plainConn = await Deno.connect({ + hostname: "localhost", + port: 4557, + }); + const conn = await Deno.startTls(plainConn, { + hostname: "localhost", + caCerts: [Deno.readTextFileSync("cli/tests/testdata/tls/RootCA.pem")], + }); + const result = decoder.decode(await readAll(conn)); + assertEquals(result, "PASS"); + conn.close(); + }, +); + +unitTest( + { permissions: { read: true, net: true } }, + async function startTLSCertFile() { + const plainConn = await Deno.connect({ + hostname: "localhost", + port: 4557, + }); + const conn = await Deno.startTls(plainConn, { + hostname: "localhost", + certFile: "cli/tests/testdata/tls/RootCA.pem", }); const result = decoder.decode(await readAll(conn)); assertEquals(result, "PASS"); |