mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-03 20:27:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #3040 from lucas-clemente/improve-handshake-tests

Browse source 
make the certificate verificiation integration tests more explicit
This commit is contained in:
Marten Seemann 2021-03-03 00:27:46 +08:00 committed by GitHub
commit 74569a514b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

16
integrationtests/self/handshake_test.go
View file

@ -210,12 +210,16 @@ var _ = Describe("Handshake tests", func() {
It("errors if the server name doesn't match", func() {
runServer(getTLSConfig())
_, err := quic.DialAddr(
fmt.Sprintf("127.0.0.1:%d", server.Addr().(*net.UDPAddr).Port),
conn, err := net.ListenUDP("udp", nil)
Expect(err).ToNot(HaveOccurred())
_, err = quic.Dial(
conn,
server.Addr(),
"foo.bar",
getTLSClientConfig(),
clientConfig,
)
Expect(err).To(MatchError("CRYPTO_ERROR (0x12a): x509: cannot validate certificate for 127.0.0.1 because it doesn't contain any IP SANs"))
Expect(err).To(MatchError("CRYPTO_ERROR (0x12a): x509: certificate is valid for localhost, not foo.bar"))
})
It("fails the handshake if the client fails to provide the requested client cert", func() {
@ -246,13 +250,13 @@ var _ = Describe("Handshake tests", func() {
It("uses the ServerName in the tls.Config", func() {
runServer(getTLSConfig())
tlsConf := getTLSClientConfig()
tlsConf.ServerName = "localhost"
tlsConf.ServerName = "foo.bar"
_, err := quic.DialAddr(
fmt.Sprintf("127.0.0.1:%d", server.Addr().(*net.UDPAddr).Port),
fmt.Sprintf("localhost:%d", server.Addr().(*net.UDPAddr).Port),
tlsConf,
clientConfig,
)
Expect(err).ToNot(HaveOccurred())
Expect(err).To(MatchError("CRYPTO_ERROR (0x12a): x509: certificate is valid for localhost, not foo.bar"))
})
})
}