VictoriaMetrics/lib/netutil/tls_test.go

109 lines
2.4 KiB
Go
Raw Permalink Normal View History

package netutil
import (
"crypto/tls"
"reflect"
"testing"
)
func TestCipherSuitesFromNamesSucces(t *testing.T) {
f := func(cipherSuites []string, expectedSuites []uint16) {
t.Helper()
suites, err := cipherSuitesFromNames(cipherSuites)
if err != nil {
t.Fatalf("unexpected error: %s", err)
}
if !reflect.DeepEqual(suites, expectedSuites) {
t.Fatalf("unexpected ciphersuites; got %d; want %d", suites, expectedSuites)
}
}
// Empty ciphersuites
f(nil, nil)
// Supported ciphersuites uppercase
f([]string{
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
}, []uint16{
0xc013,
0xc014,
})
// Supported ciphersuites lowercase
f([]string{
"tls_ecdhe_rsa_with_aes_128_cbc_sha",
"tls_ecdhe_rsa_with_aes_256_cbc_sha",
}, []uint16{
0xc013,
0xc014,
})
// Correct ciphersuites via numbers
f([]string{"0xC013", "0xC014"}, []uint16{0xc013, 0xc014})
f([]string{"0xc013", "0xc014"}, []uint16{0xc013, 0xc014})
}
func TestCipherSuitesFromNamesFailure(t *testing.T) {
f := func(cipherSuites []string) {
t.Helper()
_, err := cipherSuitesFromNames(cipherSuites)
if err == nil {
t.Fatalf("expecting non-nil error")
}
}
// wrong ciphersuite
f([]string{"non-existing-ciphersuite"})
f([]string{"23432"})
f([]string{"2343223432423"})
// insecure ciphersuites
f([]string{"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA"})
// insecure ciphersuite numbers
f([]string{"0x0005", "0x000a"})
}
func TestParseTLSVersionSuccess(t *testing.T) {
f := func(s string, want uint16) {
t.Helper()
got, err := ParseTLSVersion(s)
if err != nil {
t.Fatalf("unexpected error for ParseTLSVersion(%q): %s", s, err)
}
if got != want {
t.Fatalf("unexpected value got from ParseTLSVersion(%q); got %d; want %d", s, got, want)
}
}
// lowercase tlsName
f("tls10", tls.VersionTLS10)
f("tls11", tls.VersionTLS11)
f("tls12", tls.VersionTLS12)
f("tls13", tls.VersionTLS13)
// uppercase tlsName
f("TLS10", tls.VersionTLS10)
f("TLS11", tls.VersionTLS11)
f("TLS12", tls.VersionTLS12)
f("TLS13", tls.VersionTLS13)
// empty tlsName
f("", 0)
}
func TestParseTLSVersionFailure(t *testing.T) {
f := func(s string) {
t.Helper()
_, err := ParseTLSVersion(s)
if err == nil {
t.Fatalf("expecting non-nil error for ParseTLSVersion(%q)", s)
}
}
// incorrect tlsName
f("123")
// incorrect tlsName with correct prefix
f("TLS1")
// incorrect tls version in tlsName
f("TLS14")
}