MCPcopy
hub / github.com/grpc/grpc-go / TestIncorrectAuthorityWithTLS

Method TestIncorrectAuthorityWithTLS

credentials/credentials_ext_test.go:162–217  ·  view source on GitHub ↗

Tests the `grpc.CallAuthority` option with TLS credentials. This test verifies that the RPC fails with `UNAVAILABLE` status code and doesn't reach the server when an incorrect authority is used.

(t *testing.T)

Source from the content-addressed store, hash-verified

160// that the RPC fails with `UNAVAILABLE` status code and doesn't reach the server
161// when an incorrect authority is used.
162func (s) TestIncorrectAuthorityWithTLS(t *testing.T) {
163 cert, err := tls.LoadX509KeyPair(testdata.Path("x509/server1_cert.pem"), testdata.Path("x509/server1_key.pem"))
164 if err != nil {
165 t.Fatalf("Failed to load key pair: %s", err)
166 }
167 creds, err := credentials.NewClientTLSFromFile(testdata.Path("x509/server_ca_cert.pem"), "x.test.example.com")
168 if err != nil {
169 t.Fatalf("Failed to create credentials %v", err)
170 }
171
172 tests := []struct {
173 name string
174 authority string
175 }{
176 {
177 name: "IncorrectAuthority",
178 authority: "auth.example.com",
179 },
180 {
181 name: "IncorrectAuthorityWithPort",
182 authority: "auth.example.com:8443",
183 },
184 }
185
186 for _, tt := range tests {
187 t.Run(tt.name, func(t *testing.T) {
188
189 serverCalled := make(chan struct{})
190 ss := &stubserver.StubServer{
191 EmptyCallF: func(context.Context, *testpb.Empty) (*testpb.Empty, error) {
192 close(serverCalled)
193 return nil, nil
194 },
195 }
196 if err := ss.StartServer(grpc.Creds(credentials.NewServerTLSFromCert(&cert))); err != nil {
197 t.Fatalf("Error starting endpoint server: %v", err)
198 }
199 defer ss.Stop()
200 cc, err := grpc.NewClient(ss.Address, grpc.WithTransportCredentials(creds))
201 if err != nil {
202 t.Fatalf("grpc.NewClient(%q) = %v", ss.Address, err)
203 }
204 defer cc.Close()
205 ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout)
206 defer cancel()
207 if _, err = testgrpc.NewTestServiceClient(cc).EmptyCall(ctx, &testpb.Empty{}, grpc.CallAuthority(tt.authority)); status.Code(err) != codes.Unavailable {
208 t.Fatalf("EmptyCall() returned status %v, want %v", status.Code(err), codes.Unavailable)
209 }
210 select {
211 case <-serverCalled:
212 t.Fatalf("Server handler should not have been called")
213 case <-time.After(defaultTestShortTimeout):
214 }
215 })
216 }
217}
218
219// testAuthInfoNoValidator implements only credentials.AuthInfo and not

Callers

nothing calls this directly

Calls 13

StartServerMethod · 0.95
StopMethod · 0.95
PathFunction · 0.92
NewClientTLSFromFileFunction · 0.92
CredsFunction · 0.92
NewServerTLSFromCertFunction · 0.92
NewClientFunction · 0.92
WithTransportCredentialsFunction · 0.92
CallAuthorityFunction · 0.92
CodeFunction · 0.92
FatalfMethod · 0.65
CloseMethod · 0.65

Tested by

no test coverage detected