Index: tests/standalone/io/raw_secure_server_socket_test.dart |
diff --git a/tests/standalone/io/raw_secure_server_socket_test.dart b/tests/standalone/io/raw_secure_server_socket_test.dart |
index 33fc191de87b07c50fad59aa84757d367dbc8213..560722f7a589a112ac9e4f0539e4c8be539727fe 100644 |
--- a/tests/standalone/io/raw_secure_server_socket_test.dart |
+++ b/tests/standalone/io/raw_secure_server_socket_test.dart |
@@ -14,11 +14,19 @@ import "package:async_helper/async_helper.dart"; |
import "package:expect/expect.dart"; |
InternetAddress HOST; |
-const CERTIFICATE = "localhost_cert"; |
+String localFile(path) => Platform.script.resolve(path).toFilePath(); |
+ |
+SecurityContext serverContext = new SecurityContext() |
+ ..useCertificateChain(localFile('certificates/server_chain.pem')) |
+ ..usePrivateKey(localFile('certificates/server_key.pem'), |
+ password: 'dartdart'); |
+ |
+SecurityContext clientContext = new SecurityContext() |
+ ..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem')); |
void testSimpleBind() { |
asyncStart(); |
- RawSecureServerSocket.bind(HOST, 0, CERTIFICATE).then((s) { |
+ RawSecureServerSocket.bind(HOST, 0, serverContext).then((s) { |
Expect.isTrue(s.port > 0); |
s.close(); |
asyncEnd(); |
@@ -30,7 +38,7 @@ void testInvalidBind() { |
// Bind to a unknown DNS name. |
asyncStart(); |
- RawSecureServerSocket.bind("ko.faar.__hest__", 0, CERTIFICATE).then((_) { |
+ RawSecureServerSocket.bind("ko.faar.__hest__", 0, serverContext).then((_) { |
Expect.fail("Failure expected"); |
}).catchError((error) { |
Expect.isTrue(error is SocketException); |
@@ -39,7 +47,7 @@ void testInvalidBind() { |
// Bind to an unavaliable IP-address. |
asyncStart(); |
- RawSecureServerSocket.bind("8.8.8.8", 0, CERTIFICATE).then((_) { |
+ RawSecureServerSocket.bind("8.8.8.8", 0, serverContext).then((_) { |
Expect.fail("Failure expected"); |
}).catchError((error) { |
Expect.isTrue(error is SocketException); |
@@ -48,10 +56,10 @@ void testInvalidBind() { |
// Bind to a port already in use. |
asyncStart(); |
- RawSecureServerSocket.bind(HOST, 0, CERTIFICATE).then((s) { |
+ RawSecureServerSocket.bind(HOST, 0, serverContext).then((s) { |
RawSecureServerSocket.bind(HOST, |
s.port, |
- CERTIFICATE).then((t) { |
+ serverContext).then((t) { |
s.close(); |
t.close(); |
Expect.fail("Multiple listens on same port"); |
@@ -64,12 +72,14 @@ void testInvalidBind() { |
}); |
} |
-void testSimpleConnect(String certificate) { |
+void testSimpleConnect() { |
asyncStart(); |
- RawSecureServerSocket.bind(HOST, 0, certificate).then((server) { |
- var clientEndFuture = RawSecureSocket.connect(HOST, server.port); |
+ RawSecureServerSocket.bind(HOST, 0, serverContext).then((server) { |
+ var clientEndFuture = |
+ RawSecureSocket.connect(HOST, server.port, context: clientContext); |
server.listen((serverEnd) { |
clientEndFuture.then((clientEnd) { |
+ // TODO(whesse): Shutdown(SEND) not supported on secure sockets. |
clientEnd.shutdown(SocketDirection.SEND); |
serverEnd.shutdown(SocketDirection.SEND); |
server.close(); |
@@ -79,10 +89,11 @@ void testSimpleConnect(String certificate) { |
}); |
} |
-void testSimpleConnectFail(String certificate, bool cancelOnError) { |
+void testSimpleConnectFail(SecurityContext context, bool cancelOnError) { |
asyncStart(); |
- RawSecureServerSocket.bind(HOST, 0, certificate).then((server) { |
- var clientEndFuture = RawSecureSocket.connect(HOST, server.port) |
+ RawSecureServerSocket.bind(HOST, 0, context).then((server) { |
+ var clientEndFuture = |
+ RawSecureSocket.connect(HOST, server.port, context: clientContext) |
.then((clientEnd) { |
Expect.fail("No client connection expected."); |
}) |
@@ -94,7 +105,7 @@ void testSimpleConnectFail(String certificate, bool cancelOnError) { |
Expect.fail("No server connection expected."); |
}, |
onError: (error) { |
- Expect.isTrue(error is CertificateException); |
+ Expect.isTrue(error is HandshakeException); |
clientEndFuture.then((_) { |
if (!cancelOnError) server.close(); |
asyncEnd(); |
@@ -106,9 +117,10 @@ void testSimpleConnectFail(String certificate, bool cancelOnError) { |
void testServerListenAfterConnect() { |
asyncStart(); |
- RawSecureServerSocket.bind(HOST, 0, CERTIFICATE).then((server) { |
+ RawSecureServerSocket.bind(HOST, 0, serverContext).then((server) { |
Expect.isTrue(server.port > 0); |
- var clientEndFuture = RawSecureSocket.connect(HOST, server.port); |
+ var clientEndFuture = |
+ RawSecureSocket.connect(HOST, server.port, context: clientContext); |
new Timer(const Duration(milliseconds: 500), () { |
server.listen((serverEnd) { |
clientEndFuture.then((clientEnd) { |
@@ -422,15 +434,17 @@ void testSimpleReadWrite({bool listenSecure, |
Future<RawSecureSocket> connectClient(int port) { |
if (connectSecure) { |
- return RawSecureSocket.connect(HOST, port); |
+ return RawSecureSocket.connect(HOST, port, context: clientContext); |
} else if (!handshakeBeforeSecure) { |
return RawSocket.connect(HOST, port).then((socket) { |
- return RawSecureSocket.secure(socket); |
+ return RawSecureSocket.secure(socket, context: clientContext); |
}); |
} else { |
return RawSocket.connect(HOST, port).then((socket) { |
return runClientHandshake(socket).then((subscription) { |
- return RawSecureSocket.secure(socket, subscription: subscription); |
+ return RawSecureSocket.secure(socket, |
+ context: clientContext, |
+ subscription: subscription); |
}); |
}); |
} |
@@ -441,14 +455,14 @@ void testSimpleReadWrite({bool listenSecure, |
if (listenSecure) { |
runServer(client).then((_) => server.close()); |
} else if (!handshakeBeforeSecure) { |
- RawSecureSocket.secureServer(client, CERTIFICATE).then((client) { |
+ RawSecureSocket.secureServer(client, serverContext).then((client) { |
runServer(client).then((_) => server.close()); |
}); |
} else { |
runServerHandshake(client).then((secure) { |
RawSecureSocket.secureServer( |
client, |
- CERTIFICATE, |
+ serverContext, |
subscription: secure[0], |
bufferedData: secure[1]).then((client) { |
runServer(client).then((_) => server.close()); |
@@ -465,7 +479,7 @@ void testSimpleReadWrite({bool listenSecure, |
if (listenSecure) { |
RawSecureServerSocket.bind( |
- HOST, 0, CERTIFICATE).then(serverReady); |
+ HOST, 0, serverContext).then(serverReady); |
} else { |
RawServerSocket.bind(HOST, 0).then(serverReady); |
} |
@@ -490,7 +504,7 @@ testPausedSecuringSubscription(bool pausedServer, bool pausedClient) { |
} |
try { |
RawSecureSocket.secureServer( |
- client, CERTIFICATE, subscription: subscription) |
+ client, serverContext, subscription: subscription) |
.catchError((_) {}) |
.whenComplete(() { |
if (pausedServer) { |
@@ -543,10 +557,6 @@ testPausedSecuringSubscription(bool pausedServer, bool pausedClient) { |
main() { |
asyncStart(); |
- var certificateDatabase = Platform.script.resolve('pkcert').toFilePath(); |
- SecureSocket.initialize(database: certificateDatabase, |
- password: 'dartdart', |
- useBuiltinRoots: false); |
InternetAddress.lookup("localhost").then((hosts) { |
HOST = hosts.first; |
runTests(); |
@@ -557,12 +567,22 @@ main() { |
runTests() { |
testSimpleBind(); |
testInvalidBind(); |
- testSimpleConnect(CERTIFICATE); |
- testSimpleConnect("CN=localhost"); |
- testSimpleConnectFail("not_a_nickname", false); |
- testSimpleConnectFail("CN=notARealDistinguishedName", false); |
- testSimpleConnectFail("not_a_nickname", true); |
- testSimpleConnectFail("CN=notARealDistinguishedName", true); |
+ testSimpleConnect(); |
+ SecurityContext context = new SecurityContext(); |
+ testSimpleConnectFail(context, false); |
+ testSimpleConnectFail(context, true); |
+ var chain = |
+ Platform.script.resolve('certificates/untrusted_server_chain.pem') |
+ .toFilePath(); |
+ context.useCertificateChain(chain); |
+ testSimpleConnectFail(context, false); |
+ testSimpleConnectFail(context, true); |
+ var key = |
+ Platform.script.resolve('certificates/untrusted_server_key.pem') |
+ .toFilePath(); |
+ context.usePrivateKey(key, password: 'dartdart'); |
+ testSimpleConnectFail(context, false); |
+ testSimpleConnectFail(context, true); |
testServerListenAfterConnect(); |
testSimpleReadWrite(listenSecure: true, |
@@ -575,11 +595,13 @@ runTests() { |
handshakeBeforeSecure: false, |
postponeSecure: false, |
dropReads: false); |
+ |
testSimpleReadWrite(listenSecure: false, |
connectSecure: true, |
handshakeBeforeSecure: false, |
postponeSecure: false, |
dropReads: false); |
+ |
testSimpleReadWrite(listenSecure: false, |
connectSecure: false, |
handshakeBeforeSecure: false, |