92 lines
2.1 KiB
Go
92 lines
2.1 KiB
Go
package checker
|
|
|
|
import (
|
|
"context"
|
|
"net"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"strconv"
|
|
"testing"
|
|
"time"
|
|
|
|
"git.happydns.org/checker-tls/contract"
|
|
)
|
|
|
|
func TestProbe_DirectTLS_OK(t *testing.T) {
|
|
srv := httptest.NewTLSServer(nil)
|
|
defer srv.Close()
|
|
|
|
u, _ := url.Parse(srv.URL)
|
|
host, portStr, _ := net.SplitHostPort(u.Host)
|
|
port, _ := strconv.ParseUint(portStr, 10, 16)
|
|
|
|
probe := probe(context.Background(), contract.TLSEndpoint{
|
|
Host: host,
|
|
Port: uint16(port),
|
|
SNI: host,
|
|
}, 5*time.Second)
|
|
|
|
if probe.Error != "" {
|
|
t.Fatalf("unexpected error: %s", probe.Error)
|
|
}
|
|
if probe.TLSVersion == "" {
|
|
t.Errorf("expected TLSVersion, got empty")
|
|
}
|
|
if probe.CipherSuite == "" {
|
|
t.Errorf("expected CipherSuite, got empty")
|
|
}
|
|
if probe.ChainValid == nil || *probe.ChainValid {
|
|
t.Errorf("httptest self-signed chain should NOT be valid (chain_valid=%v)", probe.ChainValid)
|
|
}
|
|
if probe.HostnameMatch == nil {
|
|
t.Errorf("expected HostnameMatch to be populated")
|
|
}
|
|
if probe.NotAfter.IsZero() {
|
|
t.Errorf("expected NotAfter populated")
|
|
}
|
|
}
|
|
|
|
func TestProbe_TCPUnreachable(t *testing.T) {
|
|
// Grab a free port then immediately close it so we know nothing listens.
|
|
l, err := net.Listen("tcp", "127.0.0.1:0")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
addr := l.Addr().(*net.TCPAddr)
|
|
_ = l.Close()
|
|
|
|
probe := probe(context.Background(), contract.TLSEndpoint{
|
|
Host: "127.0.0.1",
|
|
Port: uint16(addr.Port),
|
|
}, 1*time.Second)
|
|
|
|
if probe.TCPError == "" {
|
|
t.Errorf("expected a TCP error for unreachable port")
|
|
}
|
|
}
|
|
|
|
func TestProbe_UnsupportedStartTLSProto(t *testing.T) {
|
|
// Listen so the dial succeeds, but the type maps to an unknown proto.
|
|
l, err := net.Listen("tcp", "127.0.0.1:0")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer l.Close()
|
|
go func() {
|
|
c, err := l.Accept()
|
|
if err == nil {
|
|
c.Close()
|
|
}
|
|
}()
|
|
|
|
addr := l.Addr().(*net.TCPAddr)
|
|
probe := probe(context.Background(), contract.TLSEndpoint{
|
|
Host: "127.0.0.1",
|
|
Port: uint16(addr.Port),
|
|
STARTTLS: "totallyfake",
|
|
}, 2*time.Second)
|
|
|
|
if probe.Error == "" {
|
|
t.Errorf("expected handshake error for unsupported starttls protocol")
|
|
}
|
|
}
|