mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-04 12:47:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

use a self-signed certificate for integration tests

Browse source
This commit is contained in:
Marten Seemann 2018-12-11 14:03:08 +06:30
parent 7b880f259f
commit 4abcce6408
22 changed files with 225 additions and 159 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.circleci/config.yml
View file

@ -8,13 +8,11 @@ defaults: &defaults
go get -t ./...
go get github.com/onsi/ginkgo/ginkgo
go get github.com/onsi/gomega
echo 127.0.0.1 quic.clemente.io | sudo tee -a /etc/hosts
- run:
name: "Build infos"
command: |
echo $GOARCH
go version
printf "quic.clemente.io certificate valid until: " && openssl x509 -in example/fullchain.pem -enddate -noout | cut -d = -f 2
- run:
name: "Run benchmark tests"
command: ginkgo -randomizeAllSpecs -trace benchmark -- -samples=1

5
.travis.yml
View file

@ -1,10 +1,6 @@
dist: trusty
group: travis_latest
addons:
hosts:
- quic.clemente.io
language: go
go:
@ -41,7 +37,6 @@ before_install:
- go get github.com/onsi/gomega
- export GOARCH=$TRAVIS_GOARCH
- go env # for debugging
- "printf \"quic.clemente.io certificate valid until: \" && openssl x509 -in example/fullchain.pem -enddate -noout | cut -d = -f 2"
- "export DISPLAY=:99.0"
- "Xvfb $DISPLAY &> /dev/null &"

3
appveyor.yml
View file

@ -10,9 +10,6 @@ environment:
- GOARCH: 386
- GOARCH: amd64
hosts:
quic.clemente.io: 127.0.0.1
clone_folder: c:\gopath\src\github.com\lucas-clemente\quic-go
install:

7
example/Readme.md
View file

@ -1,7 +0,0 @@
# About the certificate
Yes, this folder contains a private key and a certificate for quic.clemente.io.
Unfortunately we need a valid certificate for the integration tests with Chrome and `quic_client`. No important data is served on the "real" `quic.clemente.io` (only a test page), and the MITM problem is imho negligible.
If you figure out a way to test with Chrome without having a cert and key here, let us now in an issue.

62
example/fullchain.pem
View file

@ -1,62 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgISAzFzQHPYT5Vnbq8NLMKNdHANMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA5MDgwODIwMTFaFw0x
ODEyMDcwODIwMTFaMBsxGTAXBgNVBAMTEHF1aWMuY2xlbWVudGUuaW8wggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54rxI2G99GLs7VKnIbKnl+FjQxjj5
6e01dW6mE+3JSouBG3K+9hO6dExvZS4zUqL0hxi93H480WGtIn8bIYVpcZZvkgzG
i8ot3Hq2SXOBb3nBTCj7Y+DB4oJX1rPNqn0YVS8LidxUKIhsFOgIpjrhXsa1ugI3
ia5djPLxQYUc1r/48flUjTYy9HDD+VFUINPtVJzXJz3/7liPdgbhSy4Uzpe5cu4c
kgNTikQ6CuxGf3+8y9BP2nNOKe1nI3ubfC+gj4oUbOaoYA/tVTcJxJimy+/mI9sx
/Ku9lxzC/DdZwv7PRM3Q0BsE3/2I7DRRMENJof4zQfe/XvD9WZ09+AdjAgMBAAGj
ggMZMIIDFTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOvj9SUSgmP+urLufOl3cskz
xAxnMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEB
BGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZy8wGwYDVR0RBBQwEoIQcXVpYy5jbGVtZW50ZS5pbzCB/gYDVR0gBIH2MIHz
MAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6
Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2Vy
dGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0
aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUg
UG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRv
cnkvMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYA23Sv7ssp7LH+yj5xbSzluaq7
NveEcYPHXZ1PN7Yfv2QAAAFluHtHHAAABAMARzBFAiEAk+yUopdJ1uIGOsCMLEof
qBYJKCq1qU6lEd4DSmh5Q8UCIDPgjfWG6JRJLtNrVCcayQpLgNlFDx1Mx/lWkpOb
VuigAHcAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFluHtIDAAA
BAMASDBGAiEAvgKW8+NpBYBYPSglVaQZ/GZww/QItzpsVj305GoB87cCIQDEDbjH
feFKJo/7C20pOha1lERVZae6XLlRZVL+UMP8+jANBgkqhkiG9w0BAQsFAAOCAQEA
eZuO6bQsmBu2iQVxOdSmRtu/VXsYZi+fyteToSNtexWYu6SAUfe5dr5MHD2m3OeU
oYIxHeKtSMjiE7o7BVUUZgVaCXjjT/nR1iyJvVxAt9ekd4lcjjoudoxQHms76KU9
dcEr8M/z4/PhuB83nvpJB40mgJln47BhvKKAeFtfD+c+gR4L5NG0LC6H7Jbc8PyR
WPEzc1HCfHaHkkVgLRljgky8hl83+uR95lgjSPKYyRy8qCwL/1mthdaGpfP6u+aD
9tsDjMFEj+Lq7RDeiZkBoZ6uZnqjFcfg4sLlwuv/aFvbAbkPa25SpwizdKRLFVNr
WtT2VbhFhz86rXplNgnJEw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----

28
example/privkey.pem
View file

@ -1,28 +0,0 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC54rxI2G99GLs7
VKnIbKnl+FjQxjj56e01dW6mE+3JSouBG3K+9hO6dExvZS4zUqL0hxi93H480WGt
In8bIYVpcZZvkgzGi8ot3Hq2SXOBb3nBTCj7Y+DB4oJX1rPNqn0YVS8LidxUKIhs
FOgIpjrhXsa1ugI3ia5djPLxQYUc1r/48flUjTYy9HDD+VFUINPtVJzXJz3/7liP
dgbhSy4Uzpe5cu4ckgNTikQ6CuxGf3+8y9BP2nNOKe1nI3ubfC+gj4oUbOaoYA/t
VTcJxJimy+/mI9sx/Ku9lxzC/DdZwv7PRM3Q0BsE3/2I7DRRMENJof4zQfe/XvD9
WZ09+AdjAgMBAAECggEAL3O8EPR/cXXQxhKUzP9AV96P/au8e7/FuDHkLy1DNHF9
L1Yscqcq3hw2LvGrW5qq0rVyEXWqHChvQN1fiTODdSlz98NW05B36kEwajxR6ibk
8/1XMOWMSLJkB7xdZhExofaM7eshfbJjMQQdP6f/u+yP2XBEhJz3EBadJg1Nx9By
8FbZJBC3QAezE54aPR/M3SRCwF4ZRI2vPnptxxjkcNhFXue3xjPAIMKjrNNBtWjn
HZ3OWqBz0BD9bb7MxjDDjPXAwv92UGJuap1BZYbaqUG6fPtn2aY9oxZcXYuIMaXk
ymdhYYRfxk7S5aR8+6kyJCkaoMATaf4Y8vEiw0lk4QKBgQDkLTmRctqj3CNBGyU7
wIqzgp1P6q+CptWVcadA3LoWHquLEVOmuTjWdX+4LBgwTjmAlnBfMIrR4HvluC7N
89sHrA5KMQpt0a/B+7ZdgSsGXk4Pbc8u5QR5Qe70plC7SyX7mHwUmND0LJuwKO6Z
THv9oYOP+abw0HHTtWZoYrBB+QKBgQDQjVpuBN0HijeCDhvSUkcL/WHjHfizkJER
hUiqBc+vbFkfdcMukde3buB12CnIO1EZCFn5LgTjvR1fv+gfdG/EAfNYLRMwN+e/
Ai6gM20KR1KjQHMz64546ZXdMhA8afbMD8MBAFURMpG2ECetEoDz5LnLI929mxRd
UZbB12QrOwKBgQCeOE3m8YFyhj9b8frLiCOlfjifJdk1+4G28uxLKcNPe0zwTb93
qJAlBazehJTxSgzNgYPCPeLEzaicDi9GWIXUuBXglEjrBa+eD3DRPbQb4mC2iipU
FjIX8wRDWOA6P03DPGUt0xlxd00txfRNEKAZq1mTCEYeTivf5bVxRJ174QKBgF7E
HJdptlY6xEZgytujb41PMi/V6rENvB3OBtrbkSgRf93/0RVUSEWeKHjkJPhLm+pY
FSpZcvdZdAOSXJQOgMr8Z+tlcBa1EKWHBFDfjWjiR/bOzoqFO1ROMD83BJGvROot
L1tBH2aVKAknBiBrDBXHlXVtctE5quNMs8iZa3cJAoGBAMX3qTxgsfCfWemJjj35
PJnzMRTe0gKQbeVw7tkp57G8vz1b+fblaDBCI63tj0O0PZ5nE01Y882g9NRNBI04
LYquJcRy8Mhb0R0EmoX1CAXTJPsZCmd3/rPLAUXser4zK6Yy/dkJFcD8NOMNWcX+
ok6Vq4VGdKA7ZxzJrKm3DGt/
-----END PRIVATE KEY-----

22
integrationtests/self/client_test.go
View file

@ -2,17 +2,17 @@ package self_test
import (
"bytes"
"crypto/tls"
"fmt"
"io/ioutil"
"net"
"net/http"
"os"
"time"
quic "github.com/lucas-clemente/quic-go"
"github.com/lucas-clemente/quic-go/h2quic"
"github.com/lucas-clemente/quic-go/integrationtests/tools/testserver"
"github.com/lucas-clemente/quic-go/internal/protocol"
"github.com/lucas-clemente/quic-go/internal/testdata"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
@ -25,13 +25,6 @@ var _ = Describe("Client tests", func() {
versions := protocol.SupportedVersions
BeforeEach(func() {
err := os.Setenv("HOSTALIASES", "quic.clemente.io 127.0.0.1")
Expect(err).ToNot(HaveOccurred())
addr, err := net.ResolveUDPAddr("udp4", "quic.clemente.io:0")
Expect(err).ToNot(HaveOccurred())
if addr.String() != "127.0.0.1:0" {
Fail("quic.clemente.io does not resolve to 127.0.0.1. Consider adding it to /etc/hosts.")
}
testserver.StartQuicServer(versions)
})
@ -46,6 +39,9 @@ var _ = Describe("Client tests", func() {
BeforeEach(func() {
client = &http.Client{
Transport: &h2quic.RoundTripper{
TLSClientConfig: &tls.Config{
RootCAs: testdata.GetRootCA(),
},
QuicConfig: &quic.Config{
Versions: []protocol.VersionNumber{version},
},
@ -54,7 +50,7 @@ var _ = Describe("Client tests", func() {
})
It("downloads a hello", func() {
resp, err := client.Get("https://quic.clemente.io:" + testserver.Port() + "/hello")
resp, err := client.Get("https://localhost:" + testserver.Port() + "/hello")
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(200))
body, err := ioutil.ReadAll(gbytes.TimeoutReader(resp.Body, 3*time.Second))
@ -63,7 +59,7 @@ var _ = Describe("Client tests", func() {
})
It("downloads a small file", func() {
resp, err := client.Get("https://quic.clemente.io:" + testserver.Port() + "/prdata")
resp, err := client.Get("https://localhost:" + testserver.Port() + "/prdata")
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(200))
body, err := ioutil.ReadAll(gbytes.TimeoutReader(resp.Body, 5*time.Second))
@ -72,7 +68,7 @@ var _ = Describe("Client tests", func() {
})
It("downloads a large file", func() {
resp, err := client.Get("https://quic.clemente.io:" + testserver.Port() + "/prdatalong")
resp, err := client.Get("https://localhost:" + testserver.Port() + "/prdatalong")
Expect(err).ToNot(HaveOccurred())
Expect(resp.StatusCode).To(Equal(200))
body, err := ioutil.ReadAll(gbytes.TimeoutReader(resp.Body, 20*time.Second))
@ -82,7 +78,7 @@ var _ = Describe("Client tests", func() {
It("uploads a file", func() {
resp, err := client.Post(
"https://quic.clemente.io:"+testserver.Port()+"/echo",
"https://localhost:"+testserver.Port()+"/echo",
"text/plain",
bytes.NewReader(testserver.PRData),
)

4
integrationtests/self/conn_id_test.go
View file

@ -47,8 +47,8 @@ var _ = Describe("Connection ID lengths tests", func() {
runClient := func(addr net.Addr, conf *quic.Config) {
GinkgoWriter.Write([]byte(fmt.Sprintf("Using %d byte connection ID for the client\n", conf.ConnectionIDLength)))
cl, err := quic.DialAddr(
fmt.Sprintf("quic.clemente.io:%d", addr.(*net.UDPAddr).Port),
&tls.Config{InsecureSkipVerify: true},
fmt.Sprintf("localhost:%d", addr.(*net.UDPAddr).Port),
&tls.Config{RootCAs: testdata.GetRootCA()},
conf,
)
Expect(err).ToNot(HaveOccurred())

13
integrationtests/self/handshake_drop_test.go
View file

@ -1,6 +1,7 @@
package self_test
import (
"crypto/tls"
"fmt"
mrand "math/rand"
"net"
@ -70,8 +71,8 @@ var _ = Describe("Handshake drop tests", func() {
serverSessionChan <- sess
}()
sess, err := quic.DialAddr(
fmt.Sprintf("quic.clemente.io:%d", proxy.LocalPort()),
nil,
fmt.Sprintf("localhost:%d", proxy.LocalPort()),
&tls.Config{RootCAs: testdata.GetRootCA()},
&quic.Config{Versions: []protocol.VersionNumber{version}},
)
Expect(err).ToNot(HaveOccurred())
@ -102,8 +103,8 @@ var _ = Describe("Handshake drop tests", func() {
serverSessionChan <- sess
}()
sess, err := quic.DialAddr(
fmt.Sprintf("quic.clemente.io:%d", proxy.LocalPort()),
nil,
fmt.Sprintf("localhost:%d", proxy.LocalPort()),
&tls.Config{RootCAs: testdata.GetRootCA()},
&quic.Config{Versions: []protocol.VersionNumber{version}},
)
Expect(err).ToNot(HaveOccurred())
@ -132,8 +133,8 @@ var _ = Describe("Handshake drop tests", func() {
serverSessionChan <- sess
}()
sess, err := quic.DialAddr(
fmt.Sprintf("quic.clemente.io:%d", proxy.LocalPort()),
nil,
fmt.Sprintf("localhost:%d", proxy.LocalPort()),
&tls.Config{RootCAs: testdata.GetRootCA()},
&quic.Config{Versions: []protocol.VersionNumber{version}},
)
Expect(err).ToNot(HaveOccurred())

2
integrationtests/self/handshake_rtt_test.go
View file

@ -95,7 +95,7 @@ var _ = Describe("Handshake RTT tests", func() {
clientConfig = &quic.Config{Versions: []protocol.VersionNumber{protocol.VersionTLS}}
clientTLSConfig = &tls.Config{
InsecureSkipVerify: true,
ServerName: "quic.clemente.io",
ServerName: "localhost",
}
})

26
integrationtests/self/handshake_test.go
View file

@ -97,10 +97,14 @@ var _ = Describe("Handshake tests", func() {
version := v
Context(fmt.Sprintf("using %s", version), func() {
var clientConfig *quic.Config
var (
tlsConf *tls.Config
clientConfig *quic.Config
)
BeforeEach(func() {
serverConfig.Versions = []protocol.VersionNumber{version}
tlsConf = &tls.Config{RootCAs: testdata.GetRootCA()}
clientConfig = &quic.Config{
Versions: []protocol.VersionNumber{version},
}
@ -108,20 +112,32 @@ var _ = Describe("Handshake tests", func() {
It("accepts the certificate", func() {
runServer()
_, err := quic.DialAddr(fmt.Sprintf("quic.clemente.io:%d", server.Addr().(*net.UDPAddr).Port), nil, clientConfig)
_, err := quic.DialAddr(
fmt.Sprintf("localhost:%d", server.Addr().(*net.UDPAddr).Port),
tlsConf,
clientConfig,
)
Expect(err).ToNot(HaveOccurred())
})
It("errors if the server name doesn't match", func() {
runServer()
_, err := quic.DialAddr(fmt.Sprintf("127.0.0.1:%d", server.Addr().(*net.UDPAddr).Port), nil, clientConfig)
_, err := quic.DialAddr(
fmt.Sprintf("127.0.0.1:%d", server.Addr().(*net.UDPAddr).Port),
tlsConf,
clientConfig,
)
Expect(err).To(HaveOccurred())
})
It("uses the ServerName in the tls.Config", func() {
runServer()
conf := &tls.Config{ServerName: "quic.clemente.io"}
_, err := quic.DialAddr(fmt.Sprintf("127.0.0.1:%d", server.Addr().(*net.UDPAddr).Port), conf, clientConfig)
tlsConf.ServerName = "localhost"
_, err := quic.DialAddr(
fmt.Sprintf("127.0.0.1:%d", server.Addr().(*net.UDPAddr).Port),
tlsConf,
clientConfig,
)
Expect(err).ToNot(HaveOccurred())
})
})

5
integrationtests/self/multiplex_test.go
View file

@ -1,6 +1,7 @@
package self_test
import (
"crypto/tls"
"fmt"
"io/ioutil"
"net"
@ -46,8 +47,8 @@ var _ = Describe("Multiplexing", func() {
sess, err := quic.Dial(
conn,
addr,
fmt.Sprintf("quic.clemente.io:%d", addr.(*net.UDPAddr).Port),
nil,
fmt.Sprintf("localhost:%d", addr.(*net.UDPAddr).Port),
&tls.Config{RootCAs: testdata.GetRootCA()},
&quic.Config{Versions: []protocol.VersionNumber{version}},
)
Expect(err).ToNot(HaveOccurred())

5
integrationtests/self/rtt_test.go
View file

@ -1,6 +1,7 @@
package self
import (
"crypto/tls"
"fmt"
"io/ioutil"
"net"
@ -63,8 +64,8 @@ var _ = Describe("non-zero RTT", func() {
defer proxy.Close()
sess, err := quic.DialAddr(
fmt.Sprintf("quic.clemente.io:%d", proxy.LocalPort()),
nil,
fmt.Sprintf("localhost:%d", proxy.LocalPort()),
&tls.Config{RootCAs: testdata.GetRootCA()},
&quic.Config{Versions: []protocol.VersionNumber{version}},
)
Expect(err).ToNot(HaveOccurred())

21
integrationtests/self/stream_test.go
View file

@ -1,6 +1,7 @@
package self_test
import (
"crypto/tls"
"fmt"
"io/ioutil"
"net"
@ -36,7 +37,7 @@ var _ = Describe("Bidirectional streams", func() {
}
server, err = quic.ListenAddr("localhost:0", testdata.GetTLSConfig(), qconf)
Expect(err).ToNot(HaveOccurred())
serverAddr = fmt.Sprintf("quic.clemente.io:%d", server.Addr().(*net.UDPAddr).Port)
serverAddr = fmt.Sprintf("localhost:%d", server.Addr().(*net.UDPAddr).Port)
})
AfterEach(func() {
@ -98,7 +99,11 @@ var _ = Describe("Bidirectional streams", func() {
runReceivingPeer(sess)
}()
client, err := quic.DialAddr(serverAddr, nil, qconf)
client, err := quic.DialAddr(
serverAddr,
&tls.Config{RootCAs: testdata.GetRootCA()},
qconf,
)
Expect(err).ToNot(HaveOccurred())
runSendingPeer(client)
})
@ -112,7 +117,11 @@ var _ = Describe("Bidirectional streams", func() {
sess.Close()
}()
client, err := quic.DialAddr(serverAddr, nil, qconf)
client, err := quic.DialAddr(
serverAddr,
&tls.Config{RootCAs: testdata.GetRootCA()},
qconf,
)
Expect(err).ToNot(HaveOccurred())
runReceivingPeer(client)
Eventually(client.Context().Done()).Should(BeClosed())
@ -135,7 +144,11 @@ var _ = Describe("Bidirectional streams", func() {
close(done1)
}()
client, err := quic.DialAddr(serverAddr, nil, qconf)
client, err := quic.DialAddr(
serverAddr,
&tls.Config{RootCAs: testdata.GetRootCA()},
qconf,
)
Expect(err).ToNot(HaveOccurred())
done2 := make(chan struct{})
go func() {

25
integrationtests/self/uni_stream_test.go
View file

@ -1,6 +1,7 @@
package self_test
import (
"crypto/tls"
"fmt"
"io/ioutil"
"net"
@ -29,7 +30,7 @@ var _ = Describe("Unidirectional Streams", func() {
qconf = &quic.Config{Versions: []protocol.VersionNumber{protocol.VersionTLS}}
server, err = quic.ListenAddr("localhost:0", testdata.GetTLSConfig(), qconf)
Expect(err).ToNot(HaveOccurred())
serverAddr = fmt.Sprintf("quic.clemente.io:%d", server.Addr().(*net.UDPAddr).Port)
serverAddr = fmt.Sprintf("localhost:%d", server.Addr().(*net.UDPAddr).Port)
})
AfterEach(func() {
@ -71,17 +72,19 @@ var _ = Describe("Unidirectional Streams", func() {
}
It(fmt.Sprintf("client opening %d streams to a server", numStreams), func() {
var sess quic.Session
go func() {
defer GinkgoRecover()
var err error
sess, err = server.Accept()
sess, err := server.Accept()
Expect(err).ToNot(HaveOccurred())
runReceivingPeer(sess)
sess.Close()
}()
client, err := quic.DialAddr(serverAddr, nil, qconf)
client, err := quic.DialAddr(
serverAddr,
&tls.Config{RootCAs: testdata.GetRootCA()},
qconf,
)
Expect(err).ToNot(HaveOccurred())
runSendingPeer(client)
<-client.Context().Done()
@ -95,7 +98,11 @@ var _ = Describe("Unidirectional Streams", func() {
runSendingPeer(sess)
}()
client, err := quic.DialAddr(serverAddr, nil, qconf)
client, err := quic.DialAddr(
serverAddr,
&tls.Config{RootCAs: testdata.GetRootCA()},
qconf,
)
Expect(err).ToNot(HaveOccurred())
runReceivingPeer(client)
})
@ -117,7 +124,11 @@ var _ = Describe("Unidirectional Streams", func() {
close(done1)
}()
client, err := quic.DialAddr(serverAddr, nil, qconf)
client, err := quic.DialAddr(
serverAddr,
&tls.Config{RootCAs: testdata.GetRootCA()},
qconf,
)
Expect(err).ToNot(HaveOccurred())
done2 := make(chan struct{})
go func() {

17
internal/handshake/crypto_setup_test.go
View file

@ -48,6 +48,8 @@ func (s *stream) Write(b []byte) (int, error) {
}
var _ = Describe("Crypto Setup TLS", func() {
var clientConf *tls.Config
initStreams := func() (chan chunk, *stream /* initial */, *stream /* handshake */) {
chunkChan := make(chan chunk, 100)
initialStream := newStream(chunkChan, protocol.EncryptionInitial)
@ -55,6 +57,13 @@ var _ = Describe("Crypto Setup TLS", func() {
return chunkChan, initialStream, handshakeStream
}
BeforeEach(func() {
clientConf = &tls.Config{
ServerName: "localhost",
RootCAs: testdata.GetRootCA(),
}
})
It("returns Handshake() when an error occurs", func() {
_, sInitialStream, sHandshakeStream := initStreams()
server, err := NewCryptoSetupServer(
@ -231,7 +240,6 @@ var _ = Describe("Crypto Setup TLS", func() {
}
It("handshakes", func() {
clientConf := &tls.Config{ServerName: "quic.clemente.io"}
serverConf := testdata.GetTLSConfig()
clientErr, serverErr := handshakeWithTLSConf(clientConf, serverConf)
Expect(clientErr).ToNot(HaveOccurred())
@ -239,10 +247,7 @@ var _ = Describe("Crypto Setup TLS", func() {
})
It("handshakes with client auth", func() {
clientConf := &tls.Config{
ServerName: "quic.clemente.io",
Certificates: []tls.Certificate{generateCert()},
}
clientConf.Certificates = []tls.Certificate{generateCert()}
serverConf := testdata.GetTLSConfig()
serverConf.ClientAuth = qtls.RequireAnyClientCert
clientErr, serverErr := handshakeWithTLSConf(clientConf, serverConf)
@ -299,7 +304,7 @@ var _ = Describe("Crypto Setup TLS", func() {
protocol.ConnectionID{},
cTransportParameters,
func(p *TransportParameters) { sTransportParametersRcvd = p },
&tls.Config{ServerName: "quic.clemente.io"},
clientConf,
protocol.VersionTLS,
[]protocol.VersionNumber{protocol.VersionTLS},
protocol.VersionTLS,

18
internal/testdata/ca.pem vendored Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC0DCCAbgCCQCmiwJpSoekpDANBgkqhkiG9w0BAQsFADAqMRMwEQYDVQQKDApx
dWljLWdvIENBMRMwEQYDVQQLDApxdWljLWdvIENBMB4XDTE4MTIwODA2NDIyMVoX
DTI4MTIwNTA2NDIyMVowKjETMBEGA1UECgwKcXVpYy1nbyBDQTETMBEGA1UECwwK
cXVpYy1nbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN5MxI09
i01xRON732BFIuxO2SGjA9jYkvUvNXK886gifp2BfWLcOW1DHkXxBnhWMqfpcIWM
GviF4G2Mp0HEJDMe+4LBxje/1e2WA+nzQlIZD6LaDi98nXJaAcCMM4a64Vm0i8Z3
+4c+O93+5TekPn507nl7QA1IaEEtoek7w7wDw4ZF3ET+nns2HwVpV/ugfuYOQbTJ
8Np+zO8EfPMTUjEpKdl4bp/yqcouWD+oIhoxmx1V+LxshcpSwtzHIAi6gjHUDCEe
bk5Y2GBT4VR5WKmNGvlfe9L0Gn0ZLJoeXDshrunF0xEmSv8MxlHcKH/u4IHiO+6x
+5sdslqY7uEPEhkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvXUMiatkgsnoRHc
UobKraGttETivxvtKpc48o1TSkR+kCKbMnygmrvc5niEqc9iDg8JI6HjBKJ3/hfA
uKdyiR8cQNcQRgJ/3FVx0n3KGDUbHJSuIQzFvXom2ZPdlAHFqAT+8AVrz42v8gct
gyiGdFCSNisDbevOiRHuJtZ0m8YsGgtfU48wqGOaSSsRz4mYD6kqBFd0+Ja3/EGv
vl24L5xMCy1zGGl6wKPa7TT7ok4TfD1YmIXOfmWYop6cTLwePLj1nHrLi0AlsSn1
2pFlosc9/qEbO5drqNoxUZfeF0L9RUSuArHRSO779dW/AmOtFdK3yaBGqflg0r7p
lYombA==
-----END CERTIFICATE-----

30
internal/testdata/cert.go vendored
View file

@ -2,6 +2,9 @@ package testdata
import (
"crypto/tls"
"crypto/x509"
"encoding/pem"
"io/ioutil"
"path"
"runtime"
)
@ -14,13 +17,12 @@ func init() {
panic("Failed to get current frame")
}
certPath = path.Join(path.Dir(path.Dir(path.Dir(filename))), "example")
certPath = path.Dir(filename)
}
// GetCertificatePaths returns the paths to 'fullchain.pem' and 'privkey.pem' for the
// quic.clemente.io cert.
// GetCertificatePaths returns the paths to certificate and key
func GetCertificatePaths() (string, string) {
return path.Join(certPath, "fullchain.pem"), path.Join(certPath, "privkey.pem")
return path.Join(certPath, "cert.pem"), path.Join(certPath, "priv.key")
}
// GetTLSConfig returns a tls config for quic.clemente.io
@ -33,3 +35,23 @@ func GetTLSConfig() *tls.Config {
Certificates: []tls.Certificate{cert},
}
}
// GetRootCA returns an x509.CertPool containing the CA certificate
func GetRootCA() *x509.CertPool {
caCertPath := path.Join(certPath, "ca.pem")
caCertRaw, err := ioutil.ReadFile(caCertPath)
if err != nil {
panic(err)
}
p, _ := pem.Decode(caCertRaw)
if p.Type != "CERTIFICATE" {
panic("expected a certificate")
}
caCert, err := x509.ParseCertificate(p.Bytes)
if err != nil {
panic(err)
}
certPool := x509.NewCertPool()
certPool.AddCert(caCert)
return certPool
}

18
internal/testdata/cert.pem vendored Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC3jCCAcYCCQCV4BOv+SRo4zANBgkqhkiG9w0BAQUFADAqMRMwEQYDVQQKDApx
dWljLWdvIENBMRMwEQYDVQQLDApxdWljLWdvIENBMB4XDTE4MTIwODA2NDMwMloX
DTI4MTIwNTA2NDMwMlowODEQMA4GA1UECgwHcXVpYy1nbzEQMA4GA1UECwwHcXVp
Yy1nbzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAyc/hS8XHkOJaLrdPOSTZFUBVyHNSfQUX/3dEpmccPlLQLgopYZZO
W/cVhkxAfQ3e68xKkuZKfZN5Hytn5V/AOSk281BqxFxpfCcKVYqVpDZH99+jaVfG
ImPp5Y22qCnbSEwYrMTcLiK8PVa4MkpKf1KNacVlqawU+ZWI5fevAFGTtmrMJ4S+
qZY7tAaVkax+OiKWWfhLQjJCsN3IIDysTfbWao6cYKgtTfqVChEddzS7LRJVRaB+
+huUbB87tRBJbCuJX65yB7Fw77YiKoFjc5r2845fcS2Ew4+w29mbXoj7M7g6eup5
SnCydsCvyNy6VkgaSlWS0DXvxuzWshwUrwIDAQABMA0GCSqGSIb3DQEBBQUAA4IB
AQBWgmFunf44X3/NIjNvVLeQsfGW+4L/lCi2F5tqa70Hkda+xhKACnQQGB2qCSCF
Jfxj4iKrFJ7+JB8GnribWthLuDq49PQrTI+1wKFd9c2b8DXzJLz4Onw+mPX97pZm
TflQSIxXRaFAIQuUWNTArZZEe1ESSlnaBuE5w77LMf4GMFD3P3jzSHKUyM1sF97j
gRbIt8Jw7Uyd8vlXk6m2wvO5H3hZrrhJUJH3WW13a7wLJRnff2meKU90hkLQwuxO
kyh0k/h158/r2ibiahTmQEgHs9vQaCM+HXuk5P+Tzq5Zl/n0dMFZMfkqNkD4nym/
nu7zfdwMlcBjKt9g3BGw+KE3
-----END CERTIFICATE-----

31
internal/testdata/cert_test.go vendored Normal file
View file

@ -0,0 +1,31 @@
package testdata
import (
"crypto/tls"
"io/ioutil"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
var _ = Describe("certificates", func() {
It("returns certificates", func() {
ln, err := tls.Listen("tcp", "localhost:4433", GetTLSConfig())
Expect(err).ToNot(HaveOccurred())
go func() {
defer GinkgoRecover()
conn, err := ln.Accept()
Expect(err).ToNot(HaveOccurred())
defer conn.Close()
_, err = conn.Write([]byte("foobar"))
Expect(err).ToNot(HaveOccurred())
}()
conn, err := tls.Dial("tcp", "localhost:4433", &tls.Config{RootCAs: GetRootCA()})
Expect(err).ToNot(HaveOccurred())
data, err := ioutil.ReadAll(conn)
Expect(err).ToNot(HaveOccurred())
Expect(string(data)).To(Equal("foobar"))
})
})

27
internal/testdata/priv.key vendored Normal file
View file

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAyc/hS8XHkOJaLrdPOSTZFUBVyHNSfQUX/3dEpmccPlLQLgop
YZZOW/cVhkxAfQ3e68xKkuZKfZN5Hytn5V/AOSk281BqxFxpfCcKVYqVpDZH99+j
aVfGImPp5Y22qCnbSEwYrMTcLiK8PVa4MkpKf1KNacVlqawU+ZWI5fevAFGTtmrM
J4S+qZY7tAaVkax+OiKWWfhLQjJCsN3IIDysTfbWao6cYKgtTfqVChEddzS7LRJV
RaB++huUbB87tRBJbCuJX65yB7Fw77YiKoFjc5r2845fcS2Ew4+w29mbXoj7M7g6
eup5SnCydsCvyNy6VkgaSlWS0DXvxuzWshwUrwIDAQABAoIBADunQwVO1Qqync2p
SbWueqyZc8HotL1XwBw3eQdm+yZA/GBfiJPcBhWRF7+20mkkrHwuyuxZPjOYX/ki
r3dRslQzJpcNckHQvy1/rMJUUJ9VnDhc1sTQuTR5LC46kX9rv/HC7JhFKIBKrDHF
bHURGKxCDqLxQnfA8gJEfU7cw9HnxMxmKv7qJ3O7EHYMuTQstkYsGOr60zX/C+Zm
7YA+d7nx1LpL0m2lKs70iz5MzGg+KgKyrkMWQ30gpxILBxNzzuQr7Kv/+63/3+G9
nfCGeLmwGakPFpm6/GwiABE0yGa71YNAQs18iUTZwP/ZEDw3KB2SoG8wcqWjNAd+
cUF2PgECgYEA5Xe/OZouw9h0NBo0Zut+HC0YOuUfY72Ug9Fm8bAS6wDuPiO3jIvK
J40d+ZHNp4AakfTuugiqEDJRlV7T/F2K/KHDWvXTg5ZpAC8dsZKJMxyyAp8EniYQ
vsoFWeHBfsD83rCVKLcjDB3hbQH+MSoT3lsqjZRNiNUMK13gyuX7k28CgYEA4SWF
ySRXUqUezX5D8kV5rQVYLcw6WVB3czYd7cKf8zHy4xJX0ZicyZjohknMmKCkdx+M
1mrxlqUO7EBGokM8vs87m/4rz6bjgZffpWzUmP/x1+3f3j/wIZeqNilW8NqY5nLi
tj3JxMwaesU86rOekSy27BlX4sjQ8NRs7Z2d8sECgYBKAD8kBWwVbqWy88x4cHOA
BK7ut1tTIB1YEVzgjobbULaERaJ46c/sx16mUHYBEZf///xI9Ghbxs52nFlC5qve
4xAMMoDey8/a5lbuIDKs0BE8NSoZEm+OB7qIDP0IspYZ/tprgfwEeVJshBsEoew8
Ziwn8m66tPIyvhizdk2WcwKBgH2M8RgDffaGQbESEk3N1FZZvpx7YKZhqtrCeNoX
SB7T4cAigHpPAk+hRzlref46xrvvChiftmztSm8QQNNHb15wLauFh2Taic/Ao2Sa
VcukHnbtHYPQX9Y7vx1I3ESfgdgwhKBfwF5P+wwvZRL0ax5FsxPh5hJ/LZS+wKeY
13WBAoGAXSqG3ANmCyvSLVmAXGIbr0Tuixf/a25sPrlq7Im1H1OnqLrcyxWCLV3E
6gprhG5An0Zlr/FFRxVojf0TKmtJZs9B70/6WPwVvFtBduCM1zuUuCQYU9opTJQL
ElMIP4VfjABm4tm1fqGIy1PQP0Osb6/qb2DPPJqsFiW0oRByyMA=
-----END RSA PRIVATE KEY-----

13
internal/testdata/testdata_suite_test.go vendored Normal file
View file

@ -0,0 +1,13 @@
package testdata
import (
"testing"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
func TestTestdata(t *testing.T) {
RegisterFailHandler(Fail)
RunSpecs(t, "Testdata Suite")
}