diff options
| author | Steven Fackler <sfackler@gmail.com> | 2014-08-03 19:16:09 -0700 |
|---|---|---|
| committer | Steven Fackler <sfackler@gmail.com> | 2014-08-03 19:16:09 -0700 |
| commit | 203bdd076ec744a1794a7b151efb6b9247d43455 (patch) | |
| tree | 8b4e69b8bdfd834648b73243519f4eeca301bb90 /src/ssl/tests.rs | |
| parent | 497734d3e80174e327c0254cf5fa00ab362f9051 (diff) | |
| download | rust-openssl-203bdd076ec744a1794a7b151efb6b9247d43455.zip | |
Shift directory structure
Diffstat (limited to 'src/ssl/tests.rs')
| -rw-r--r-- | src/ssl/tests.rs | 160 |
1 files changed, 160 insertions, 0 deletions
diff --git a/src/ssl/tests.rs b/src/ssl/tests.rs new file mode 100644 index 00000000..3b10e878 --- /dev/null +++ b/src/ssl/tests.rs @@ -0,0 +1,160 @@ +use std::io::Writer; +use std::io::net::tcp::TcpStream; +use std::str; + +use ssl::{Sslv23, SslContext, SslStream, SslVerifyPeer, X509StoreContext}; + +#[test] +fn test_new_ctx() { + SslContext::new(Sslv23); +} + +#[test] +fn test_new_sslstream() { + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + SslStream::new(&SslContext::new(Sslv23), stream); +} + +#[test] +fn test_verify_untrusted() { + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, None); + match SslStream::try_new(&ctx, stream) { + Ok(_) => fail!("expected failure"), + Err(err) => println!("error {}", err) + } +} + +#[test] +fn test_verify_trusted() { + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, None); + match ctx.set_CA_file("test/cert.pem") { + None => {} + Some(err) => fail!("Unexpected error {}", err) + } + match SslStream::try_new(&ctx, stream) { + Ok(_) => (), + Err(err) => fail!("Expected success, got {}", err) + } +} + +#[test] +fn test_verify_untrusted_callback_override_ok() { + fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { + true + } + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, Some(callback)); + match SslStream::try_new(&ctx, stream) { + Ok(_) => (), + Err(err) => fail!("Expected success, got {}", err) + } +} + +#[test] +fn test_verify_untrusted_callback_override_bad() { + fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { + false + } + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, Some(callback)); + assert!(SslStream::try_new(&ctx, stream).is_err()); +} + +#[test] +fn test_verify_trusted_callback_override_ok() { + fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { + true + } + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, Some(callback)); + match ctx.set_CA_file("test/cert.pem") { + None => {} + Some(err) => fail!("Unexpected error {}", err) + } + match SslStream::try_new(&ctx, stream) { + Ok(_) => (), + Err(err) => fail!("Expected success, got {}", err) + } +} + +#[test] +fn test_verify_trusted_callback_override_bad() { + fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { + false + } + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, Some(callback)); + match ctx.set_CA_file("test/cert.pem") { + None => {} + Some(err) => fail!("Unexpected error {}", err) + } + assert!(SslStream::try_new(&ctx, stream).is_err()); +} + +#[test] +fn test_verify_callback_load_certs() { + fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool { + assert!(x509_ctx.get_current_cert().is_some()); + true + } + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, Some(callback)); + assert!(SslStream::try_new(&ctx, stream).is_ok()); +} + +#[test] +fn test_verify_trusted_get_error_ok() { + fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool { + assert!(x509_ctx.get_error().is_none()); + true + } + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, Some(callback)); + match ctx.set_CA_file("test/cert.pem") { + None => {} + Some(err) => fail!("Unexpected error {}", err) + } + assert!(SslStream::try_new(&ctx, stream).is_ok()); +} + +#[test] +fn test_verify_trusted_get_error_err() { + fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool { + assert!(x509_ctx.get_error().is_some()); + false + } + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut ctx = SslContext::new(Sslv23); + ctx.set_verify(SslVerifyPeer, Some(callback)); + assert!(SslStream::try_new(&ctx, stream).is_err()); +} + +#[test] +fn test_write() { + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut stream = SslStream::new(&SslContext::new(Sslv23), stream); + stream.write("hello".as_bytes()).unwrap(); + stream.flush().unwrap(); + stream.write(" there".as_bytes()).unwrap(); + stream.flush().unwrap(); +} + +#[test] +fn test_read() { + let stream = TcpStream::connect("127.0.0.1", 15418).unwrap(); + let mut stream = SslStream::new(&SslContext::new(Sslv23), stream); + stream.write("GET /\r\n\r\n".as_bytes()).unwrap(); + stream.flush().unwrap(); + let buf = stream.read_to_end().ok().expect("read error"); + print!("{}", str::from_utf8(buf.as_slice())); +} |