diff options
| author | Ryan Dahl <ry@tinyclouds.org> | 2021-08-09 15:55:00 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-09 15:55:00 +0200 |
| commit | 3ab50b355141f744a0acec1a5cc3b3b95247d4b1 (patch) | |
| tree | 5ab6c3a216f5ce5cc5ee8fbc12e99dfac09496d7 /cli/tests | |
| parent | f402904e6e227ee60a88d991cb9818d5340f5c1d (diff) | |
feat: support client certificates for connectTls (#11598)
Co-authored-by: Daniel Lamando <dan@danopia.net>
Co-authored-by: Erik Price <github@erikprice.net>
Diffstat (limited to 'cli/tests')
| -rw-r--r-- | cli/tests/unit/tls_test.ts | 68 |
1 files changed, 66 insertions, 2 deletions
diff --git a/cli/tests/unit/tls_test.ts b/cli/tests/unit/tls_test.ts index 46a27b7f0..8472d93e0 100644 --- a/cli/tests/unit/tls_test.ts +++ b/cli/tests/unit/tls_test.ts @@ -11,6 +11,7 @@ import { unitTest, } from "./test_util.ts"; import { BufReader, BufWriter } from "../../../test_util/std/io/bufio.ts"; +import { readAll } from "../../../test_util/std/io/util.ts"; import { TextProtoReader } from "../../../test_util/std/textproto/mod.ts"; const encoder = new TextEncoder(); @@ -26,7 +27,7 @@ function unreachable(): never { unitTest(async function connectTLSNoPerm() { await assertThrowsAsync(async () => { - await Deno.connectTls({ hostname: "github.com", port: 443 }); + await Deno.connectTls({ hostname: "deno.land", port: 443 }); }, Deno.errors.PermissionDenied); }); @@ -51,7 +52,7 @@ unitTest( unitTest(async function connectTLSCertFileNoReadPerm() { await assertThrowsAsync(async () => { await Deno.connectTls({ - hostname: "github.com", + hostname: "deno.land", port: 443, certFile: "cli/tests/tls/RootCA.crt", }); @@ -985,3 +986,66 @@ unitTest( conn.close(); }, ); + +unitTest( + { perms: { read: true, net: true } }, + async function connectTLSBadClientCertPrivateKey(): Promise<void> { + await assertThrowsAsync(async () => { + await Deno.connectTls({ + hostname: "deno.land", + port: 443, + certChain: "bad data", + privateKey: await Deno.readTextFile("cli/tests/tls/localhost.key"), + }); + }, Deno.errors.InvalidData); + }, +); + +unitTest( + { perms: { read: true, net: true } }, + async function connectTLSBadPrivateKey(): Promise<void> { + await assertThrowsAsync(async () => { + await Deno.connectTls({ + hostname: "deno.land", + port: 443, + certChain: await Deno.readTextFile("cli/tests/tls/localhost.crt"), + privateKey: "bad data", + }); + }, Deno.errors.InvalidData); + }, +); + +unitTest( + { perms: { read: true, net: true } }, + async function connectTLSNotPrivateKey(): Promise<void> { + await assertThrowsAsync(async () => { + await Deno.connectTls({ + hostname: "deno.land", + port: 443, + certChain: await Deno.readTextFile("cli/tests/tls/localhost.crt"), + privateKey: "", + }); + }, Deno.errors.InvalidData); + }, +); + +unitTest( + { perms: { read: true, net: true } }, + async function connectWithClientCert() { + // The test_server running on port 4552 responds with 'PASS' if client + // authentication was successful. Try it by running test_server and + // curl --key cli/tests/tls/localhost.key \ + // --cert cli/tests/tls/localhost.crt \ + // --cacert cli/tests/tls/RootCA.crt https://localhost:4552/ + const conn = await Deno.connectTls({ + hostname: "localhost", + port: 4552, + certChain: await Deno.readTextFile("cli/tests/tls/localhost.crt"), + privateKey: await Deno.readTextFile("cli/tests/tls/localhost.key"), + certFile: "cli/tests/tls/RootCA.crt", + }); + const result = decoder.decode(await readAll(conn)); + assertEquals(result, "PASS"); + conn.close(); + }, +); |