| Index: tests/standalone/io/raw_secure_server_socket_test.dart
|
| diff --git a/tests/standalone/io/raw_secure_server_socket_test.dart b/tests/standalone/io/raw_secure_server_socket_test.dart
|
| index 33fc191de87b07c50fad59aa84757d367dbc8213..560722f7a589a112ac9e4f0539e4c8be539727fe 100644
|
| --- a/tests/standalone/io/raw_secure_server_socket_test.dart
|
| +++ b/tests/standalone/io/raw_secure_server_socket_test.dart
|
| @@ -14,11 +14,19 @@ import "package:async_helper/async_helper.dart";
|
| import "package:expect/expect.dart";
|
|
|
| InternetAddress HOST;
|
| -const CERTIFICATE = "localhost_cert";
|
| +String localFile(path) => Platform.script.resolve(path).toFilePath();
|
| +
|
| +SecurityContext serverContext = new SecurityContext()
|
| + ..useCertificateChain(localFile('certificates/server_chain.pem'))
|
| + ..usePrivateKey(localFile('certificates/server_key.pem'),
|
| + password: 'dartdart');
|
| +
|
| +SecurityContext clientContext = new SecurityContext()
|
| + ..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
|
|
|
| void testSimpleBind() {
|
| asyncStart();
|
| - RawSecureServerSocket.bind(HOST, 0, CERTIFICATE).then((s) {
|
| + RawSecureServerSocket.bind(HOST, 0, serverContext).then((s) {
|
| Expect.isTrue(s.port > 0);
|
| s.close();
|
| asyncEnd();
|
| @@ -30,7 +38,7 @@ void testInvalidBind() {
|
|
|
| // Bind to a unknown DNS name.
|
| asyncStart();
|
| - RawSecureServerSocket.bind("ko.faar.__hest__", 0, CERTIFICATE).then((_) {
|
| + RawSecureServerSocket.bind("ko.faar.__hest__", 0, serverContext).then((_) {
|
| Expect.fail("Failure expected");
|
| }).catchError((error) {
|
| Expect.isTrue(error is SocketException);
|
| @@ -39,7 +47,7 @@ void testInvalidBind() {
|
|
|
| // Bind to an unavaliable IP-address.
|
| asyncStart();
|
| - RawSecureServerSocket.bind("8.8.8.8", 0, CERTIFICATE).then((_) {
|
| + RawSecureServerSocket.bind("8.8.8.8", 0, serverContext).then((_) {
|
| Expect.fail("Failure expected");
|
| }).catchError((error) {
|
| Expect.isTrue(error is SocketException);
|
| @@ -48,10 +56,10 @@ void testInvalidBind() {
|
|
|
| // Bind to a port already in use.
|
| asyncStart();
|
| - RawSecureServerSocket.bind(HOST, 0, CERTIFICATE).then((s) {
|
| + RawSecureServerSocket.bind(HOST, 0, serverContext).then((s) {
|
| RawSecureServerSocket.bind(HOST,
|
| s.port,
|
| - CERTIFICATE).then((t) {
|
| + serverContext).then((t) {
|
| s.close();
|
| t.close();
|
| Expect.fail("Multiple listens on same port");
|
| @@ -64,12 +72,14 @@ void testInvalidBind() {
|
| });
|
| }
|
|
|
| -void testSimpleConnect(String certificate) {
|
| +void testSimpleConnect() {
|
| asyncStart();
|
| - RawSecureServerSocket.bind(HOST, 0, certificate).then((server) {
|
| - var clientEndFuture = RawSecureSocket.connect(HOST, server.port);
|
| + RawSecureServerSocket.bind(HOST, 0, serverContext).then((server) {
|
| + var clientEndFuture =
|
| + RawSecureSocket.connect(HOST, server.port, context: clientContext);
|
| server.listen((serverEnd) {
|
| clientEndFuture.then((clientEnd) {
|
| + // TODO(whesse): Shutdown(SEND) not supported on secure sockets.
|
| clientEnd.shutdown(SocketDirection.SEND);
|
| serverEnd.shutdown(SocketDirection.SEND);
|
| server.close();
|
| @@ -79,10 +89,11 @@ void testSimpleConnect(String certificate) {
|
| });
|
| }
|
|
|
| -void testSimpleConnectFail(String certificate, bool cancelOnError) {
|
| +void testSimpleConnectFail(SecurityContext context, bool cancelOnError) {
|
| asyncStart();
|
| - RawSecureServerSocket.bind(HOST, 0, certificate).then((server) {
|
| - var clientEndFuture = RawSecureSocket.connect(HOST, server.port)
|
| + RawSecureServerSocket.bind(HOST, 0, context).then((server) {
|
| + var clientEndFuture =
|
| + RawSecureSocket.connect(HOST, server.port, context: clientContext)
|
| .then((clientEnd) {
|
| Expect.fail("No client connection expected.");
|
| })
|
| @@ -94,7 +105,7 @@ void testSimpleConnectFail(String certificate, bool cancelOnError) {
|
| Expect.fail("No server connection expected.");
|
| },
|
| onError: (error) {
|
| - Expect.isTrue(error is CertificateException);
|
| + Expect.isTrue(error is HandshakeException);
|
| clientEndFuture.then((_) {
|
| if (!cancelOnError) server.close();
|
| asyncEnd();
|
| @@ -106,9 +117,10 @@ void testSimpleConnectFail(String certificate, bool cancelOnError) {
|
|
|
| void testServerListenAfterConnect() {
|
| asyncStart();
|
| - RawSecureServerSocket.bind(HOST, 0, CERTIFICATE).then((server) {
|
| + RawSecureServerSocket.bind(HOST, 0, serverContext).then((server) {
|
| Expect.isTrue(server.port > 0);
|
| - var clientEndFuture = RawSecureSocket.connect(HOST, server.port);
|
| + var clientEndFuture =
|
| + RawSecureSocket.connect(HOST, server.port, context: clientContext);
|
| new Timer(const Duration(milliseconds: 500), () {
|
| server.listen((serverEnd) {
|
| clientEndFuture.then((clientEnd) {
|
| @@ -422,15 +434,17 @@ void testSimpleReadWrite({bool listenSecure,
|
|
|
| Future<RawSecureSocket> connectClient(int port) {
|
| if (connectSecure) {
|
| - return RawSecureSocket.connect(HOST, port);
|
| + return RawSecureSocket.connect(HOST, port, context: clientContext);
|
| } else if (!handshakeBeforeSecure) {
|
| return RawSocket.connect(HOST, port).then((socket) {
|
| - return RawSecureSocket.secure(socket);
|
| + return RawSecureSocket.secure(socket, context: clientContext);
|
| });
|
| } else {
|
| return RawSocket.connect(HOST, port).then((socket) {
|
| return runClientHandshake(socket).then((subscription) {
|
| - return RawSecureSocket.secure(socket, subscription: subscription);
|
| + return RawSecureSocket.secure(socket,
|
| + context: clientContext,
|
| + subscription: subscription);
|
| });
|
| });
|
| }
|
| @@ -441,14 +455,14 @@ void testSimpleReadWrite({bool listenSecure,
|
| if (listenSecure) {
|
| runServer(client).then((_) => server.close());
|
| } else if (!handshakeBeforeSecure) {
|
| - RawSecureSocket.secureServer(client, CERTIFICATE).then((client) {
|
| + RawSecureSocket.secureServer(client, serverContext).then((client) {
|
| runServer(client).then((_) => server.close());
|
| });
|
| } else {
|
| runServerHandshake(client).then((secure) {
|
| RawSecureSocket.secureServer(
|
| client,
|
| - CERTIFICATE,
|
| + serverContext,
|
| subscription: secure[0],
|
| bufferedData: secure[1]).then((client) {
|
| runServer(client).then((_) => server.close());
|
| @@ -465,7 +479,7 @@ void testSimpleReadWrite({bool listenSecure,
|
|
|
| if (listenSecure) {
|
| RawSecureServerSocket.bind(
|
| - HOST, 0, CERTIFICATE).then(serverReady);
|
| + HOST, 0, serverContext).then(serverReady);
|
| } else {
|
| RawServerSocket.bind(HOST, 0).then(serverReady);
|
| }
|
| @@ -490,7 +504,7 @@ testPausedSecuringSubscription(bool pausedServer, bool pausedClient) {
|
| }
|
| try {
|
| RawSecureSocket.secureServer(
|
| - client, CERTIFICATE, subscription: subscription)
|
| + client, serverContext, subscription: subscription)
|
| .catchError((_) {})
|
| .whenComplete(() {
|
| if (pausedServer) {
|
| @@ -543,10 +557,6 @@ testPausedSecuringSubscription(bool pausedServer, bool pausedClient) {
|
|
|
| main() {
|
| asyncStart();
|
| - var certificateDatabase = Platform.script.resolve('pkcert').toFilePath();
|
| - SecureSocket.initialize(database: certificateDatabase,
|
| - password: 'dartdart',
|
| - useBuiltinRoots: false);
|
| InternetAddress.lookup("localhost").then((hosts) {
|
| HOST = hosts.first;
|
| runTests();
|
| @@ -557,12 +567,22 @@ main() {
|
| runTests() {
|
| testSimpleBind();
|
| testInvalidBind();
|
| - testSimpleConnect(CERTIFICATE);
|
| - testSimpleConnect("CN=localhost");
|
| - testSimpleConnectFail("not_a_nickname", false);
|
| - testSimpleConnectFail("CN=notARealDistinguishedName", false);
|
| - testSimpleConnectFail("not_a_nickname", true);
|
| - testSimpleConnectFail("CN=notARealDistinguishedName", true);
|
| + testSimpleConnect();
|
| + SecurityContext context = new SecurityContext();
|
| + testSimpleConnectFail(context, false);
|
| + testSimpleConnectFail(context, true);
|
| + var chain =
|
| + Platform.script.resolve('certificates/untrusted_server_chain.pem')
|
| + .toFilePath();
|
| + context.useCertificateChain(chain);
|
| + testSimpleConnectFail(context, false);
|
| + testSimpleConnectFail(context, true);
|
| + var key =
|
| + Platform.script.resolve('certificates/untrusted_server_key.pem')
|
| + .toFilePath();
|
| + context.usePrivateKey(key, password: 'dartdart');
|
| + testSimpleConnectFail(context, false);
|
| + testSimpleConnectFail(context, true);
|
| testServerListenAfterConnect();
|
|
|
| testSimpleReadWrite(listenSecure: true,
|
| @@ -575,11 +595,13 @@ runTests() {
|
| handshakeBeforeSecure: false,
|
| postponeSecure: false,
|
| dropReads: false);
|
| +
|
| testSimpleReadWrite(listenSecure: false,
|
| connectSecure: true,
|
| handshakeBeforeSecure: false,
|
| postponeSecure: false,
|
| dropReads: false);
|
| +
|
| testSimpleReadWrite(listenSecure: false,
|
| connectSecure: false,
|
| handshakeBeforeSecure: false,
|
|
|
Chromium Code Reviews
Issue 1319703002:
Breaking Change: merge BoringSSL branch into master (Closed)
Base URL: git@github.com:dart-lang/sdk.git@master