You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
295 lines
6.5 KiB
Go
295 lines
6.5 KiB
Go
package gnutls
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"log"
|
|
"net"
|
|
"testing"
|
|
)
|
|
|
|
func TestTLSClient(t *testing.T) {
|
|
cert, err := tls.LoadX509KeyPair("testdata/server.crt", "testdata/server.key")
|
|
if err != nil {
|
|
t.Fatal("load certificate failed")
|
|
}
|
|
l, err := tls.Listen("tcp", "127.0.0.1:0", &tls.Config{
|
|
Certificates: []tls.Certificate{cert},
|
|
})
|
|
if err != nil {
|
|
t.Fatal("listen failed")
|
|
}
|
|
defer l.Close()
|
|
addr := l.Addr().String()
|
|
log.Println("test server listen on ", addr)
|
|
go func() {
|
|
for {
|
|
c, err := l.Accept()
|
|
if err != nil {
|
|
break
|
|
}
|
|
log.Printf("accept connection from %s", c.RemoteAddr())
|
|
go func(c net.Conn) {
|
|
defer c.Close()
|
|
for {
|
|
buf := make([]byte, 4096)
|
|
n, err := c.Read(buf)
|
|
if err != nil {
|
|
log.Println("connection closed")
|
|
break
|
|
}
|
|
if _, err = c.Write(buf[:n]); err != nil {
|
|
break
|
|
}
|
|
}
|
|
}(c)
|
|
}
|
|
}()
|
|
|
|
c, err := Dial("tcp", addr, &Config{InsecureSkipVerify: true})
|
|
if err != nil {
|
|
t.Fatal("gnutls dial ", err)
|
|
}
|
|
defer c.Close()
|
|
|
|
data := "hello, world"
|
|
if _, err = c.Write([]byte(data)); err != nil {
|
|
t.Fatal("gnutls write ", err)
|
|
}
|
|
buf := make([]byte, 100)
|
|
n, err := c.Read(buf)
|
|
if err != nil {
|
|
t.Fatal("gnutls read ", err)
|
|
}
|
|
if string(buf[:n]) != data {
|
|
t.Errorf("need: %s, got: %s", data, string(buf[:n]))
|
|
}
|
|
}
|
|
|
|
func TestTLSServer(t *testing.T) {
|
|
l, err := Listen("tcp", "127.0.0.1:0", &Config{
|
|
CrtFile: "testdata/server.crt", KeyFile: "testdata/server.key"})
|
|
if err != nil {
|
|
t.Fatal("gnutls listen ", err)
|
|
}
|
|
addr := l.Addr().String()
|
|
log.Println("test server listen on ", addr)
|
|
defer l.Close()
|
|
go func() {
|
|
for {
|
|
c, err := l.Accept()
|
|
if err != nil {
|
|
log.Println("gnutls accept ", err)
|
|
break
|
|
}
|
|
log.Println("accept connection from ", c.RemoteAddr())
|
|
go func(c net.Conn) {
|
|
defer c.Close()
|
|
|
|
buf := make([]byte, 4096)
|
|
for {
|
|
n, err := c.Read(buf[0:])
|
|
if err != nil {
|
|
log.Println("gnutls read ", err)
|
|
break
|
|
}
|
|
if _, err := c.Write(buf[:n]); err != nil {
|
|
log.Println("gnutls write ", err)
|
|
break
|
|
}
|
|
}
|
|
}(c)
|
|
}
|
|
}()
|
|
|
|
c, err := tls.Dial("tcp", addr, &tls.Config{InsecureSkipVerify: true})
|
|
if err != nil {
|
|
t.Fatal("dial ", err)
|
|
}
|
|
defer c.Close()
|
|
|
|
data := "hello, world"
|
|
if _, err := c.Write([]byte(data)); err != nil {
|
|
t.Fatal("write ", err)
|
|
}
|
|
buf := make([]byte, 100)
|
|
n, err := c.Read(buf)
|
|
if err != nil {
|
|
t.Fatal("read ", err)
|
|
}
|
|
if string(buf[:n]) != data {
|
|
t.Errorf("need: %s, got: %s", data, string(buf[:n]))
|
|
}
|
|
}
|
|
|
|
func TestTLSALPNServer(t *testing.T) {
|
|
serveralpn := []string{"a1", "a3", "a2"}
|
|
clientalpn := []string{"a0", "a2", "a5"}
|
|
expectedAlpn := "a2"
|
|
|
|
l, err := Listen("tcp", "127.0.0.1:0", &Config{
|
|
CrtFile: "testdata/server.crt",
|
|
KeyFile: "testdata/server.key",
|
|
NextProtos: serveralpn,
|
|
})
|
|
if err != nil {
|
|
t.Fatal("gnutls listen ", err)
|
|
}
|
|
addr := l.Addr().String()
|
|
log.Println("test server listen on ", addr)
|
|
defer l.Close()
|
|
go func() {
|
|
for {
|
|
c, err := l.Accept()
|
|
if err != nil {
|
|
log.Println("gnutls accept ", err)
|
|
break
|
|
}
|
|
log.Println("accept connection from ", c.RemoteAddr())
|
|
go func(c net.Conn) {
|
|
defer c.Close()
|
|
tlsConn := c.(*Conn)
|
|
if err := tlsConn.Handshake(); err != nil {
|
|
log.Println(err)
|
|
return
|
|
}
|
|
connState := tlsConn.ConnectionState()
|
|
log.Printf("%+v", connState)
|
|
buf := make([]byte, 4096)
|
|
for {
|
|
n, err := c.Read(buf[0:])
|
|
if err != nil {
|
|
log.Println("gnutls read ", err)
|
|
break
|
|
}
|
|
if _, err := c.Write(buf[:n]); err != nil {
|
|
log.Println("gnutls write ", err)
|
|
break
|
|
}
|
|
}
|
|
}(c)
|
|
}
|
|
}()
|
|
|
|
c, err := tls.Dial("tcp", addr, &tls.Config{
|
|
InsecureSkipVerify: true,
|
|
ServerName: "localhost",
|
|
NextProtos: clientalpn,
|
|
})
|
|
if err != nil {
|
|
t.Fatal("dial ", err)
|
|
}
|
|
defer c.Close()
|
|
|
|
if err := c.Handshake(); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
connState := c.ConnectionState()
|
|
log.Printf("%+v", connState)
|
|
|
|
if connState.NegotiatedProtocol != expectedAlpn {
|
|
t.Errorf("expected alpn %s, got %s",
|
|
expectedAlpn, connState.NegotiatedProtocol)
|
|
}
|
|
|
|
data := "hello, world"
|
|
if _, err := c.Write([]byte(data)); err != nil {
|
|
t.Fatal("write ", err)
|
|
}
|
|
buf := make([]byte, 100)
|
|
n, err := c.Read(buf)
|
|
if err != nil {
|
|
t.Fatal("read ", err)
|
|
}
|
|
if string(buf[:n]) != data {
|
|
t.Errorf("need: %s, got: %s", data, string(buf[:n]))
|
|
}
|
|
}
|
|
|
|
func TestTLSALPNClient(t *testing.T) {
|
|
serveralpn := []string{"a1", "a3", "a2"}
|
|
clientalpn := []string{"a0", "a2", "a5"}
|
|
expectedAlpn := "a2"
|
|
|
|
cert, err := tls.LoadX509KeyPair("testdata/server.crt", "testdata/server.key")
|
|
if err != nil {
|
|
t.Fatal("load key failed")
|
|
}
|
|
|
|
l, err := tls.Listen("tcp", "127.0.0.1:0", &tls.Config{
|
|
Certificates: []tls.Certificate{cert},
|
|
NextProtos: serveralpn,
|
|
})
|
|
|
|
if err != nil {
|
|
t.Fatal("tls listen ", err)
|
|
}
|
|
addr := l.Addr().String()
|
|
log.Println("test server listen on ", addr)
|
|
defer l.Close()
|
|
go func() {
|
|
for {
|
|
c, err := l.Accept()
|
|
if err != nil {
|
|
log.Println("gnutls accept ", err)
|
|
break
|
|
}
|
|
log.Println("accept connection from ", c.RemoteAddr())
|
|
go func(c net.Conn) {
|
|
defer c.Close()
|
|
tlsConn := c.(*tls.Conn)
|
|
if err := tlsConn.Handshake(); err != nil {
|
|
log.Println(err)
|
|
return
|
|
}
|
|
connState := tlsConn.ConnectionState()
|
|
log.Printf("%+v", connState)
|
|
buf := make([]byte, 4096)
|
|
for {
|
|
n, err := c.Read(buf[0:])
|
|
if err != nil {
|
|
log.Println("tls read ", err)
|
|
break
|
|
}
|
|
if _, err := c.Write(buf[:n]); err != nil {
|
|
log.Println("tls write ", err)
|
|
break
|
|
}
|
|
}
|
|
}(c)
|
|
}
|
|
}()
|
|
|
|
c, err := Dial("tcp", addr, &Config{InsecureSkipVerify: true,
|
|
ServerName: "localhost",
|
|
NextProtos: clientalpn,
|
|
})
|
|
if err != nil {
|
|
t.Fatal("dial ", err)
|
|
}
|
|
defer c.Close()
|
|
|
|
if err := c.Handshake(); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
connState := c.ConnectionState()
|
|
log.Printf("%+v", connState)
|
|
|
|
if connState.NegotiatedProtocol != expectedAlpn {
|
|
t.Errorf("expected alpn %s, got %s",
|
|
expectedAlpn, connState.NegotiatedProtocol)
|
|
}
|
|
|
|
data := "hello, world"
|
|
if _, err := c.Write([]byte(data)); err != nil {
|
|
t.Fatal("write ", err)
|
|
}
|
|
buf := make([]byte, 100)
|
|
n, err := c.Read(buf)
|
|
if err != nil {
|
|
t.Fatal("read ", err)
|
|
}
|
|
if string(buf[:n]) != data {
|
|
t.Errorf("need: %s, got: %s", data, string(buf[:n]))
|
|
}
|
|
}
|