TestTLS_DisabledALPNClient tests the behaviour of TransportCredentials when connecting to a server that doesn't support ALPN.
(t *testing.T)
| 453 | // TestTLS_DisabledALPNClient tests the behaviour of TransportCredentials when |
| 454 | // connecting to a server that doesn't support ALPN. |
| 455 | func (s) TestTLS_DisabledALPNClient(t *testing.T) { |
| 456 | initialVal := envconfig.EnforceALPNEnabled |
| 457 | defer func() { |
| 458 | envconfig.EnforceALPNEnabled = initialVal |
| 459 | }() |
| 460 | |
| 461 | tests := []struct { |
| 462 | name string |
| 463 | alpnEnforced bool |
| 464 | wantErr bool |
| 465 | }{ |
| 466 | { |
| 467 | name: "enforced", |
| 468 | alpnEnforced: true, |
| 469 | wantErr: true, |
| 470 | }, |
| 471 | { |
| 472 | name: "not_enforced", |
| 473 | }, |
| 474 | } |
| 475 | |
| 476 | for _, tc := range tests { |
| 477 | t.Run(tc.name, func(t *testing.T) { |
| 478 | envconfig.EnforceALPNEnabled = tc.alpnEnforced |
| 479 | |
| 480 | listener, err := tls.Listen("tcp", "localhost:0", &tls.Config{ |
| 481 | Certificates: []tls.Certificate{serverCert}, |
| 482 | NextProtos: []string{}, // Empty list indicates ALPN is disabled. |
| 483 | }) |
| 484 | if err != nil { |
| 485 | t.Fatalf("Error starting TLS server: %v", err) |
| 486 | } |
| 487 | |
| 488 | errCh := make(chan error, 1) |
| 489 | go func() { |
| 490 | conn, err := listener.Accept() |
| 491 | if err != nil { |
| 492 | errCh <- fmt.Errorf("listener.Accept returned error: %v", err) |
| 493 | } else { |
| 494 | // The first write to the TLS listener initiates the TLS handshake. |
| 495 | conn.Write([]byte("Hello, World!")) |
| 496 | conn.Close() |
| 497 | } |
| 498 | close(errCh) |
| 499 | }() |
| 500 | |
| 501 | serverAddr := listener.Addr().String() |
| 502 | conn, err := net.Dial("tcp", serverAddr) |
| 503 | if err != nil { |
| 504 | t.Fatalf("net.Dial(%s) failed: %v", serverAddr, err) |
| 505 | } |
| 506 | defer conn.Close() |
| 507 | |
| 508 | ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout) |
| 509 | defer cancel() |
| 510 | |
| 511 | clientCfg := tls.Config{ |
| 512 | ServerName: serverName, |