crypto/tls: remove TestVerifyHostnameResumed

Session resumption is not a reliable TLS behavior: the server can decide to reject a session ticket for a number of reasons, or no reason at all. This makes this non-hermetic test extremely brittle. It's currently broken on the builders for both TLS 1.2 and TLS 1.3, and I could reproduce the issue for TLS 1.3 only. As I was debugging it, it started passing entirely on my machine. In practice, it doesn't get us any coverage as resumption is already tested with the recorded exchange tests, and TestVerifyHostname still provides a smoke test checking that we can in fact talk TLS. Fixes #32978 Change-Id: I63505e22ff7704f25ad700d46e4ff14850ba5d3c Reviewed-on: https://go-review.googlesource.com/c/go/+/186239 Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Bryan C. Mills <bcmills@google.com>
2025-04-03 20:17:36 +03:00 · 2019-07-15 16:45:17 -04:00 · 2019-07-15 16:45:17 -04:00 · dcf5a4372d
commit dcf5a4372d
parent ab3bb3c6ec
1 changed files with 0 additions and 44 deletions
--- a/tls_test.go
+++ b/tls_test.go
@ -359,50 +359,6 @@ func TestVerifyHostname(t *testing.T) {
 	}
 }

-func TestVerifyHostnameResumed(t *testing.T) {
-	t.Run("TLSv12", func(t *testing.T) { testVerifyHostnameResumed(t, VersionTLS12) })
-	t.Run("TLSv13", func(t *testing.T) { testVerifyHostnameResumed(t, VersionTLS13) })
-}
-
-func testVerifyHostnameResumed(t *testing.T, version uint16) {
-	testenv.MustHaveExternalNetwork(t)
-
-	config := &Config{
-		MaxVersion:         version,
-		ClientSessionCache: NewLRUClientSessionCache(32),
-	}
-	for i := 0; i < 2; i++ {
-		c, err := DialWithDialer(&net.Dialer{
-			Timeout: 10 * time.Second,
-		}, "tcp", "mail.google.com:https", config)
-		if err != nil {
-			t.Fatalf("Dial #%d: %v", i, err)
-		}
-		cs := c.ConnectionState()
-		if i > 0 && !cs.DidResume {
-			t.Fatalf("Subsequent connection unexpectedly didn't resume")
-		}
-		if cs.Version != version {
-			t.Fatalf("Unexpectedly negotiated version %x", cs.Version)
-		}
-		if cs.VerifiedChains == nil {
-			t.Fatalf("Dial #%d: cs.VerifiedChains == nil", i)
-		}
-		if err := c.VerifyHostname("mail.google.com"); err != nil {
-			t.Fatalf("verify mail.google.com #%d: %v", i, err)
-		}
-		// Have the server send some data so session tickets are delivered.
-		c.SetDeadline(time.Now().Add(5 * time.Second))
-		if _, err := io.WriteString(c, "HEAD / HTTP/1.0\n\n"); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := c.Read(make([]byte, 1)); err != nil {
-			t.Fatal(err)
-		}
-		c.Close()
-	}
-}
-
 func TestConnCloseBreakingWrite(t *testing.T) {
 	ln := newLocalListener(t)
 	defer ln.Close()