From 3979e206469607aba15a1833d6bdafd07ed00283 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Thu, 31 Mar 2016 16:27:26 +0200 Subject: Test TLS --- server_test.go | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 55 insertions(+), 3 deletions(-) (limited to 'server_test.go') diff --git a/server_test.go b/server_test.go index 7f296b5..e322195 100644 --- a/server_test.go +++ b/server_test.go @@ -1,6 +1,8 @@ package goxy import ( + "crypto/tls" + "crypto/x509" "io" "io/ioutil" "log" @@ -17,6 +19,21 @@ const ( wwwServer = "localhost:8080" tlsServer = "localhost:8443" rpcServer = "localhost:8000" + cert = `-----BEGIN CERTIFICATE----- +MIIBXjCCAQygAwIBAgIRAM03h8i2NyJ7sItcK4jU1eEwCgYIKoZIzj0EAwIwEjEQ +MA4GA1UEChMHQWNtZSBDbzAeFw0xNjAzMzExMzU5NTlaFw0yNjAzMjkxMzU5NTla +MBIxEDAOBgNVBAoTB0FjbWUgQ28wTjAQBgcqhkjOPQIBBgUrgQQAIQM6AATxB9y8 +ZHzQayFNY2mrEaG7tgJKTSDOAvVSn8VsDldcZXwXuWEcNoi2LKAckCL9E2xc6bxz +AlZGXaNOMEwwDgYDVR0PAQH/BAQDAgKkMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8G +A1UdEwEB/wQFMAMBAf8wFAYDVR0RBA0wC4IJbG9jYWxob3N0MAoGCCqGSM49BAMC +A0AAMD0CHQDQCcNis9uY0lGbQ4o8qJByjd9GY3Bon3wmt/ULAhwI78yOXxyeDR1T +77Q2+pF/GmcDtCbwrVt3KpmI +-----END CERTIFICATE-----` + key = `-----BEGIN EC PRIVATE KEY----- +MGgCAQEEHHvI0aSaXHcCugwEWoBJ9R1swGVeDbTYlikuv4+gBwYFK4EEACGhPAM6 +AATxB9y8ZHzQayFNY2mrEaG7tgJKTSDOAvVSn8VsDldcZXwXuWEcNoi2LKAckCL9 +E2xc6bxzAlZGXQ== +-----END EC PRIVATE KEY-----` ) var server Server @@ -30,7 +47,16 @@ func init() { } func get(uri string) (string, error) { - resp, err := http.Get(uri) + caPool := x509.NewCertPool() + caPool.AppendCertsFromPEM([]byte(cert)) + client := http.Client{ + Transport: &http.Transport{ + TLSClientConfig: &tls.Config{ + RootCAs: caPool, + }, + }, + } + resp, err := client.Get(uri) if err != nil { return "", err } @@ -69,12 +95,10 @@ func (c Cannary) Equal(s string) bool { } func TestReverseProxy(t *testing.T) { - // Backend server backServer := httptest.NewServer(cannary) defer backServer.Close() t.Log("start", backServer.URL) - // Test HTTP proxy e := Entry{ Host: "http://" + wwwServer, Upstream: backServer.URL, @@ -100,6 +124,34 @@ func TestReverseProxy(t *testing.T) { } func TestReverseProxyTLS(t *testing.T) { + backServer := httptest.NewServer(cannary) + defer backServer.Close() + t.Log("start", backServer.URL) + + e := Entry{ + Host: "https://" + tlsServer, + Upstream: backServer.URL, + Cert: []byte(cert), + Key: []byte(key), + } + if err := add(e); err != nil { + t.Error(err) + } + t.Log("add", e) + + resp, err := get("https://" + tlsServer) + if err != nil { + t.Error(err) + } + + if !cannary.Equal(resp) { + t.Errorf("got %q expected %q", resp, cannary) + } + + if err := del(tlsServer); err != nil { + t.Error(err) + } + t.Log("del", tlsServer) } func TestWebsocketProxy(t *testing.T) { -- cgit v1.2.3