dart:io | Support connection renegotiation (rehandshake) on SecureSocket.

tests/standalone/io/secure_socket_renegotiate_test.dart

Index: tests/standalone/io/secure_socket_renegotiate_test.dart
diff --git a/tests/standalone/io/secure_socket_renegotiate_test.dart b/tests/standalone/io/secure_socket_renegotiate_test.dart
new file mode 100644
index 0000000000000000000000000000000000000000..49c1644ef33054819a6ee1a63d1624aed520ac4f
--- /dev/null
+++ b/tests/standalone/io/secure_socket_renegotiate_test.dart
@@ -0,0 +1,85 @@
+// Copyright (c) 2013, the Dart project authors.  Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+// This test verifies that client certificates work, if the client and server
+// are in separate processes, and that connection renegotiation works, and
+// can request a client certificate to be sent.
+
+import "package:expect/expect.dart";
+import "package:pathos/path.dart" as path;
+import "dart:async";
+import "dart:io";
+
+const HOST_NAME = "localhost";
+const CERTIFICATE = "localhost_cert";
+
+
+String certificateDatabase() =>
+    path.join(path.dirname(new Options().script), 'pkcert', '');
+
+
+Future<SecureServerSocket> runServer() {
+  SecureSocket.initialize(database: certificateDatabase(),
+      password: 'dartdart');
+
+  return SecureServerSocket.bind(HOST_NAME, 0, CERTIFICATE)
+    .then((SecureServerSocket server) {
+      server.listen((SecureSocket socket) {
+        Expect.isNull(socket.peerCertificate);
+
+        StreamIterator<String> input =
+            new StreamIterator(socket.transform(new StringDecoder())
+                                     .transform(new LineTransformer()));
+        input.moveNext().then((success) {
+          Expect.isTrue(success);
+          Expect.equals('first', input.current);
+          socket.writeln('first reply');
+          return input.moveNext();
+        }).then((success) {
+          Expect.isTrue(success);
+          Expect.equals('renegotiated', input.current);
+          Expect.isNull(socket.peerCertificate);
+          socket.renegotiate(requestClientCertificate: true,
+                             requireClientCertificate: true,
+                             useSessionCache: false);
+          socket.writeln('server renegotiated');
+          return input.moveNext();
+        }).then((success) {
+          Expect.isTrue(success);
+          Expect.equals('second', input.current);
+          X509Certificate certificate = socket.peerCertificate;
+          Expect.isNotNull(certificate);
+          Expect.equals("CN=localhost", certificate.subject);
+          Expect.equals("CN=myauthority", certificate.issuer);
+          server.close();
+          socket.close();
+        });
+      });
+      return server;
+    });
+}
+
+
+void main() {
+  runServer()
+    .then((SecureServerSocket server) {
+      final options = new Options();
+      var clientScript =
+          options.script.replaceFirst("_test.dart", "_client.dart");

[Anders Johnsen, 2013/07/11 11:20:32]

replaceLast?

[Bill Hesse, 2013/07/11 15:25:42]

There is no replaceLast.  That is why we check the result of replaceFirst.

+      Expect.isTrue(clientScript.endsWith("_client.dart"));
+      Process.run(options.executable,
+                  [clientScript,
+                   server.port.toString(),
+                   certificateDatabase()])
+        .then((ProcessResult result) {
+          if (result.exitCode != 0) {
+            print("Client failed, stdout:");
+            print(result.stdout);
+            print("  stderr:");
+            print(result.stderr);
+            Expect.fail('Client subprocess exit code: ${result.exitCode}');
+          }
+        });
+    });
+}