Add new test for invalid TLS configuration
This commit is contained in:
@ -130,10 +130,10 @@ pub async fn dummy_tcp_client_read_conn(port: u16) -> Vec<u8> {
|
||||
.await
|
||||
.expect("Failed to connect to dummy TCP server!");
|
||||
|
||||
let mut buff = Vec::with_capacity(100);
|
||||
socket.read_to_end(&mut buff).await.unwrap();
|
||||
let mut buff: [u8; 100] = [0; 100];
|
||||
let size = socket.read(&mut buff).await.unwrap();
|
||||
|
||||
buff
|
||||
buff[0..size].to_vec()
|
||||
}
|
||||
|
||||
pub async fn dummy_tcp_client_write_then_read_conn(port: u16, data: &[u8]) -> Vec<u8> {
|
||||
|
||||
@ -4,7 +4,7 @@ use crate::test::{get_port_number, PortsAllocation};
|
||||
const INVALID_TOKEN: &str = "/tmp/a/token/file/that/does/not/exists";
|
||||
|
||||
fn port(index: u16) -> u16 {
|
||||
get_port_number(PortsAllocation::InvalidTokenFile, index)
|
||||
get_port_number(PortsAllocation::TestsWithoutPortOpened, index)
|
||||
}
|
||||
|
||||
#[tokio::test(flavor = "multi_thread", worker_threads = 5)]
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
#[non_exhaustive]
|
||||
enum PortsAllocation {
|
||||
TestsWithoutPortOpened,
|
||||
DummyTCPServer,
|
||||
ValidWithTokenAuth,
|
||||
InvalidWithTokenAuth,
|
||||
ValidWithMultipleTokenAuth,
|
||||
ValidWithTokenFile,
|
||||
InvalidTokenFile,
|
||||
ClientTryTLSWhileThereIsNoTLS,
|
||||
ValidTokenWithCustomIncrement,
|
||||
ValidWithTokenAuthMultiplePorts,
|
||||
@ -15,7 +15,7 @@ enum PortsAllocation {
|
||||
}
|
||||
|
||||
fn get_port_number(alloc: PortsAllocation, index: u16) -> u16 {
|
||||
2100 + 20 * (alloc as u16) + index
|
||||
30000 + 20 * (alloc as u16) + index
|
||||
}
|
||||
|
||||
const LOCALHOST_IP: &str = "127.0.0.1";
|
||||
@ -27,6 +27,10 @@ mod test_files_utils;
|
||||
mod client_try_tls_while_there_is_no_tls;
|
||||
mod invalid_token_file;
|
||||
mod invalid_with_token_auth;
|
||||
mod server_invalid_tls_config_invalid_cert;
|
||||
mod server_invalid_tls_config_invalid_key;
|
||||
mod server_invalid_tls_config_invalid_paths;
|
||||
mod server_invalid_tls_config_missing_key;
|
||||
mod valid_token_with_custom_increment;
|
||||
mod valid_with_multiple_token_auth;
|
||||
mod valid_with_token_auth;
|
||||
|
||||
31
src/test/server_invalid_tls_config_invalid_cert.rs
Normal file
31
src/test/server_invalid_tls_config_invalid_cert.rs
Normal file
@ -0,0 +1,31 @@
|
||||
use crate::tcp_relay_server::server_config::ServerConfig;
|
||||
use crate::test::pki::Pki;
|
||||
use crate::test::{get_port_number, PortsAllocation};
|
||||
|
||||
const TOKEN: &str = "mytok";
|
||||
|
||||
fn port(index: u16) -> u16 {
|
||||
get_port_number(PortsAllocation::TestsWithoutPortOpened, index)
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn test() {
|
||||
let _ = env_logger::builder().is_test(true).try_init();
|
||||
|
||||
let pki = Pki::load();
|
||||
|
||||
crate::tcp_relay_server::run_app(ServerConfig {
|
||||
tokens: vec![TOKEN.to_string()],
|
||||
tokens_file: None,
|
||||
ports: vec![port(1)],
|
||||
upstream_server: "127.0.0.1".to_string(),
|
||||
listen_address: format!("127.0.0.1:{}", port(0)),
|
||||
increment_ports: 1,
|
||||
tls_cert: Some(pki.root_ca_crl.file_path()),
|
||||
tls_key: Some(pki.localhost_key.file_path()),
|
||||
tls_client_auth_root_cert: None,
|
||||
tls_revocation_list: None,
|
||||
})
|
||||
.await
|
||||
.unwrap_err();
|
||||
}
|
||||
31
src/test/server_invalid_tls_config_invalid_key.rs
Normal file
31
src/test/server_invalid_tls_config_invalid_key.rs
Normal file
@ -0,0 +1,31 @@
|
||||
use crate::tcp_relay_server::server_config::ServerConfig;
|
||||
use crate::test::pki::Pki;
|
||||
use crate::test::{get_port_number, PortsAllocation};
|
||||
|
||||
const TOKEN: &str = "mytok";
|
||||
|
||||
fn port(index: u16) -> u16 {
|
||||
get_port_number(PortsAllocation::TestsWithoutPortOpened, index)
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn test() {
|
||||
let _ = env_logger::builder().is_test(true).try_init();
|
||||
|
||||
let pki = Pki::load();
|
||||
|
||||
crate::tcp_relay_server::run_app(ServerConfig {
|
||||
tokens: vec![TOKEN.to_string()],
|
||||
tokens_file: None,
|
||||
ports: vec![port(1)],
|
||||
upstream_server: "127.0.0.1".to_string(),
|
||||
listen_address: format!("127.0.0.1:{}", port(0)),
|
||||
increment_ports: 1,
|
||||
tls_cert: Some(pki.root_ca_crt.file_path()),
|
||||
tls_key: Some(pki.root_ca_crt.file_path()),
|
||||
tls_client_auth_root_cert: None,
|
||||
tls_revocation_list: None,
|
||||
})
|
||||
.await
|
||||
.unwrap_err();
|
||||
}
|
||||
53
src/test/server_invalid_tls_config_invalid_paths.rs
Normal file
53
src/test/server_invalid_tls_config_invalid_paths.rs
Normal file
@ -0,0 +1,53 @@
|
||||
use crate::tcp_relay_server::server_config::ServerConfig;
|
||||
use crate::test::pki::Pki;
|
||||
use crate::test::{get_port_number, PortsAllocation};
|
||||
|
||||
const TOKEN: &str = "mytok";
|
||||
|
||||
fn port(index: u16) -> u16 {
|
||||
get_port_number(PortsAllocation::TestsWithoutPortOpened, index)
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn invalid_key_path() {
|
||||
let _ = env_logger::builder().is_test(true).try_init();
|
||||
|
||||
let pki = Pki::load();
|
||||
|
||||
crate::tcp_relay_server::run_app(ServerConfig {
|
||||
tokens: vec![TOKEN.to_string()],
|
||||
tokens_file: None,
|
||||
ports: vec![port(1)],
|
||||
upstream_server: "127.0.0.1".to_string(),
|
||||
listen_address: format!("127.0.0.1:{}", port(0)),
|
||||
increment_ports: 1,
|
||||
tls_cert: Some(pki.localhost_crt.file_path()),
|
||||
tls_key: Some("/bad/path/to/key/file".to_string()),
|
||||
tls_client_auth_root_cert: None,
|
||||
tls_revocation_list: None,
|
||||
})
|
||||
.await
|
||||
.unwrap_err();
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn invalid_cert_path() {
|
||||
let _ = env_logger::builder().is_test(true).try_init();
|
||||
|
||||
let pki = Pki::load();
|
||||
|
||||
crate::tcp_relay_server::run_app(ServerConfig {
|
||||
tokens: vec![TOKEN.to_string()],
|
||||
tokens_file: None,
|
||||
ports: vec![port(1)],
|
||||
upstream_server: "127.0.0.1".to_string(),
|
||||
listen_address: format!("127.0.0.1:{}", port(0)),
|
||||
increment_ports: 1,
|
||||
tls_cert: Some("/bad/path/to/key/file".to_string()),
|
||||
tls_key: Some(pki.localhost_key.file_path()),
|
||||
tls_client_auth_root_cert: None,
|
||||
tls_revocation_list: None,
|
||||
})
|
||||
.await
|
||||
.unwrap_err();
|
||||
}
|
||||
31
src/test/server_invalid_tls_config_missing_key.rs
Normal file
31
src/test/server_invalid_tls_config_missing_key.rs
Normal file
@ -0,0 +1,31 @@
|
||||
use crate::tcp_relay_server::server_config::ServerConfig;
|
||||
use crate::test::pki::Pki;
|
||||
use crate::test::{get_port_number, PortsAllocation};
|
||||
|
||||
const TOKEN: &str = "mytok";
|
||||
|
||||
fn port(index: u16) -> u16 {
|
||||
get_port_number(PortsAllocation::TestsWithoutPortOpened, index)
|
||||
}
|
||||
|
||||
#[tokio::test(flavor = "multi_thread")]
|
||||
async fn test() {
|
||||
let _ = env_logger::builder().is_test(true).try_init();
|
||||
|
||||
let pki = Pki::load();
|
||||
|
||||
crate::tcp_relay_server::run_app(ServerConfig {
|
||||
tokens: vec![TOKEN.to_string()],
|
||||
tokens_file: None,
|
||||
ports: vec![port(1)],
|
||||
upstream_server: "127.0.0.1".to_string(),
|
||||
listen_address: format!("127.0.0.1:{}", port(0)),
|
||||
increment_ports: 1,
|
||||
tls_cert: Some(pki.root_ca_crt.file_path()),
|
||||
tls_key: None,
|
||||
tls_client_auth_root_cert: None,
|
||||
tls_revocation_list: None,
|
||||
})
|
||||
.await
|
||||
.unwrap_err();
|
||||
}
|
||||
Reference in New Issue
Block a user