diff options
| author | Asher Gomez <ashersaupingomez@gmail.com> | 2024-09-11 07:55:42 +1000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-10 21:55:42 +0000 |
| commit | ace1202227abeeac78db0266a13b451c1792a6ce (patch) | |
| tree | 3319bc3defab8dddc04e3907b7b7bece821fe094 /tests/unit | |
| parent | be0ba6d84f190f4fc1b4517e62d9d8ad30c8cfb1 (diff) | |
BREAKING(net): remove `Deno.ConnectTlsOptions.{certChain,certFile,privateKey}` and `Deno.ListenTlsOptions.certChain,certFile,keyFile}` (#25525)
Towards #22079
Diffstat (limited to 'tests/unit')
| -rw-r--r-- | tests/unit/tls_sni_test.ts | 5 | ||||
| -rw-r--r-- | tests/unit/tls_test.ts | 259 |
2 files changed, 10 insertions, 254 deletions
diff --git a/tests/unit/tls_sni_test.ts b/tests/unit/tls_sni_test.ts index 404f8016e..a8d51108e 100644 --- a/tests/unit/tls_sni_test.ts +++ b/tests/unit/tls_sni_test.ts @@ -25,9 +25,8 @@ Deno.test( return keys[sni]!; }, }; - const listener = Deno.listenTls( - <Deno.ListenTlsOptions & Deno.TlsCertifiedKeyConnectTls> opts, - ); + // @ts-ignore Trust me + const listener = Deno.listenTls(opts); for ( const server of ["server-1", "server-2", "fail-server-3", "fail-server-4"] diff --git a/tests/unit/tls_test.ts b/tests/unit/tls_test.ts index 6e80c984a..0f6ffc15f 100644 --- a/tests/unit/tls_test.ts +++ b/tests/unit/tls_test.ts @@ -68,112 +68,6 @@ Deno.test( ); Deno.test( - { permissions: { net: true, read: false }, ignore: DENO_FUTURE }, - async function connectTLSCertFileNoReadPerm() { - await assertRejects(async () => { - await Deno.connectTls({ - hostname: "deno.land", - port: 443, - certFile: "tests/testdata/tls/RootCA.crt", - }); - }, Deno.errors.NotCapable); - }, -); - -Deno.test( - { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, - function listenTLSNonExistentCertKeyFiles() { - const options = { - hostname: "localhost", - port: 0, - certFile: "tests/testdata/tls/localhost.crt", - keyFile: "tests/testdata/tls/localhost.key", - }; - - assertThrows(() => { - Deno.listenTls({ - ...options, - certFile: "./non/existent/file", - }); - }, Deno.errors.NotFound); - - assertThrows(() => { - Deno.listenTls({ - ...options, - keyFile: "./non/existent/file", - }); - }, Deno.errors.NotFound); - }, -); - -Deno.test( - { permissions: { net: true, read: false }, ignore: DENO_FUTURE }, - function listenTLSNoReadPerm() { - assertThrows(() => { - Deno.listenTls({ - hostname: "localhost", - port: 0, - certFile: "tests/testdata/tls/localhost.crt", - keyFile: "tests/testdata/tls/localhost.key", - }); - }, Deno.errors.NotCapable); - }, -); - -Deno.test( - { - permissions: { read: true, write: true, net: true }, - ignore: DENO_FUTURE, - }, - function listenTLSEmptyKeyFile() { - const options = { - hostname: "localhost", - port: 0, - certFile: "tests/testdata/tls/localhost.crt", - keyFile: "tests/testdata/tls/localhost.key", - }; - - const testDir = Deno.makeTempDirSync(); - const keyFilename = testDir + "/key.pem"; - Deno.writeFileSync(keyFilename, new Uint8Array([]), { - mode: 0o666, - }); - - assertThrows(() => { - Deno.listenTls({ - ...options, - keyFile: keyFilename, - }); - }, Error); - }, -); - -Deno.test( - { permissions: { read: true, write: true, net: true } }, - function listenTLSEmptyCertFile() { - const options = { - hostname: "localhost", - port: 0, - certFile: "tests/testdata/tls/localhost.crt", - keyFile: "tests/testdata/tls/localhost.key", - }; - - const testDir = Deno.makeTempDirSync(); - const certFilename = testDir + "/cert.crt"; - Deno.writeFileSync(certFilename, new Uint8Array([]), { - mode: 0o666, - }); - - assertThrows(() => { - Deno.listenTls({ - ...options, - certFile: certFilename, - }); - }, Error); - }, -); - -Deno.test( { permissions: { net: true } }, async function startTlsWithoutExclusiveAccessToTcpConn() { const { listener, hostname, port } = listenTcp(); @@ -1149,22 +1043,6 @@ Deno.test( Deno.test( { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, - async function connectTLSBadClientCertPrivateKey(): Promise<void> { - await assertRejects(async () => { - await Deno.connectTls({ - hostname: "deno.land", - port: 443, - certChain: "bad data", - privateKey: Deno.readTextFileSync( - "tests/testdata/tls/localhost.key", - ), - }); - }, Deno.errors.InvalidData); - }, -); - -Deno.test( - { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, async function connectTLSBadCertKey(): Promise<void> { await assertRejects(async () => { await Deno.connectTls({ @@ -1180,22 +1058,6 @@ Deno.test( ); Deno.test( - { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, - async function connectTLSBadPrivateKey(): Promise<void> { - await assertRejects(async () => { - await Deno.connectTls({ - hostname: "deno.land", - port: 443, - certChain: Deno.readTextFileSync( - "tests/testdata/tls/localhost.crt", - ), - privateKey: "bad data", - }); - }, Deno.errors.InvalidData); - }, -); - -Deno.test( { permissions: { read: true, net: true } }, async function connectTLSBadKey(): Promise<void> { await assertRejects(async () => { @@ -1213,22 +1075,6 @@ Deno.test( Deno.test( { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, - async function connectTLSNotPrivateKey(): Promise<void> { - await assertRejects(async () => { - await Deno.connectTls({ - hostname: "deno.land", - port: 443, - certChain: Deno.readTextFileSync( - "tests/testdata/tls/localhost.crt", - ), - privateKey: "", - }); - }, Deno.errors.InvalidData); - }, -); - -Deno.test( - { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, async function connectTLSNotKey(): Promise<void> { await assertRejects(async () => { await Deno.connectTls({ @@ -1244,31 +1090,6 @@ Deno.test( ); Deno.test( - { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, - async function connectWithClientCert() { - // The test_server running on port 4552 responds with 'PASS' if client - // authentication was successful. Try it by running test_server and - // curl --key tests/testdata/tls/localhost.key \ - // --cert tests/testdata/tls/localhost.crt \ - // --cacert tests/testdata/tls/RootCA.crt https://localhost:4552/ - const conn = await Deno.connectTls({ - hostname: "localhost", - port: 4552, - certChain: Deno.readTextFileSync( - "tests/testdata/tls/localhost.crt", - ), - privateKey: Deno.readTextFileSync( - "tests/testdata/tls/localhost.key", - ), - caCerts: [Deno.readTextFileSync("tests/testdata/tls/RootCA.pem")], - }); - const result = decoder.decode(await readAll(conn)); - assertEquals(result, "PASS"); - conn.close(); - }, -); - -Deno.test( { permissions: { read: true, net: true } }, async function connectWithCert() { // The test_server running on port 4552 responds with 'PASS' if client @@ -1294,56 +1115,6 @@ Deno.test( ); Deno.test( - { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, - async function connectTlsConflictingCertOptions(): Promise<void> { - await assertRejects( - async () => { - await Deno.connectTls({ - hostname: "deno.land", - port: 443, - cert: Deno.readTextFileSync( - "tests/testdata/tls/localhost.crt", - ), - certChain: Deno.readTextFileSync( - "tests/testdata/tls/localhost.crt", - ), - key: Deno.readTextFileSync( - "tests/testdata/tls/localhost.key", - ), - }); - }, - TypeError, - "Cannot specify both `certChain` and `cert`", - ); - }, -); - -Deno.test( - { permissions: { read: true, net: true }, ignore: DENO_FUTURE }, - async function connectTlsConflictingKeyOptions(): Promise<void> { - await assertRejects( - async () => { - await Deno.connectTls({ - hostname: "deno.land", - port: 443, - cert: Deno.readTextFileSync( - "tests/testdata/tls/localhost.crt", - ), - privateKey: Deno.readTextFileSync( - "tests/testdata/tls/localhost.crt", - ), - key: Deno.readTextFileSync( - "tests/testdata/tls/localhost.key", - ), - }); - }, - TypeError, - "Cannot specify both `key` and `privateKey` for `Deno.connectTls`.", - ); - }, -); - -Deno.test( { permissions: { read: true, net: true } }, async function connectTLSCaCerts() { const conn = await Deno.connectTls({ @@ -1359,20 +1130,6 @@ Deno.test( Deno.test( { permissions: { read: true, net: true } }, - async function connectTLSCertFile() { - const conn = await Deno.connectTls({ - hostname: "localhost", - port: 4557, - certFile: "tests/testdata/tls/RootCA.pem", - }); - const result = decoder.decode(await readAll(conn)); - assertEquals(result, "PASS"); - conn.close(); - }, -); - -Deno.test( - { permissions: { read: true, net: true } }, async function startTLSCaCerts() { const plainConn = await Deno.connect({ hostname: "localhost", @@ -1397,7 +1154,7 @@ Deno.test( const connectPromise = Deno.connectTls({ hostname, port, - certFile: "tests/testdata/tls/RootCA.crt", + caCerts: [await Deno.readTextFile("tests/testdata/tls/RootCA.crt")], }); const [conn1, conn2] = await Promise.all([acceptPromise, connectPromise]); listener.close(); @@ -1615,8 +1372,8 @@ Deno.test( Deno.listenTls({ hostname: "localhost", port: 0, - certFile: "tests/testdata/tls/invalid.crt", - keyFile: "tests/testdata/tls/localhost.key", + cert: Deno.readTextFileSync("tests/testdata/tls/invalid.crt"), + key: Deno.readTextFileSync("tests/testdata/tls/localhost.key"), }); }, Deno.errors.InvalidData); }, @@ -1629,21 +1386,21 @@ Deno.test( Deno.listenTls({ hostname: "localhost", port: 0, - certFile: "tests/testdata/tls/localhost.crt", - keyFile: "tests/testdata/tls/invalid.key", + cert: Deno.readTextFileSync("tests/testdata/tls/localhost.crt"), + key: Deno.readTextFileSync("tests/testdata/tls/invalid.key"), }); }, Deno.errors.InvalidData); }, ); Deno.test( - { ignore: DENO_FUTURE, permissions: { net: true, read: true } }, + { permissions: { net: true, read: true } }, function listenTLSEcKey() { const listener = Deno.listenTls({ hostname: "localhost", port: 0, - certFile: "tests/testdata/tls/localhost_ecc.crt", - keyFile: "tests/testdata/tls/localhost_ecc.key", + cert: Deno.readTextFileSync("tests/testdata/tls/localhost_ecc.crt"), + key: Deno.readTextFileSync("tests/testdata/tls/localhost_ecc.key"), }); listener.close(); }, |