Tests that the MinVersion of tls.Config is set to 1.2 if it is not already set by the user.
(t *testing.T)
| 77 | // Tests that the MinVersion of tls.Config is set to 1.2 if it is not already |
| 78 | // set by the user. |
| 79 | func (s) TestTLS_MinVersion12(t *testing.T) { |
| 80 | ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout) |
| 81 | defer cancel() |
| 82 | |
| 83 | testCases := []struct { |
| 84 | name string |
| 85 | serverTLS func() *tls.Config |
| 86 | }{ |
| 87 | { |
| 88 | name: "base_case", |
| 89 | serverTLS: func() *tls.Config { |
| 90 | return &tls.Config{ |
| 91 | // MinVersion should be set to 1.2 by gRPC by default. |
| 92 | Certificates: []tls.Certificate{serverCert}, |
| 93 | } |
| 94 | }, |
| 95 | }, |
| 96 | { |
| 97 | name: "fallback_to_base", |
| 98 | serverTLS: func() *tls.Config { |
| 99 | config := &tls.Config{ |
| 100 | // MinVersion should be set to 1.2 by gRPC by default. |
| 101 | Certificates: []tls.Certificate{serverCert}, |
| 102 | } |
| 103 | config.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) { |
| 104 | return nil, nil |
| 105 | } |
| 106 | return config |
| 107 | }, |
| 108 | }, |
| 109 | { |
| 110 | name: "dynamic_using_get_config_for_client", |
| 111 | serverTLS: func() *tls.Config { |
| 112 | return &tls.Config{ |
| 113 | GetConfigForClient: func(*tls.ClientHelloInfo) (*tls.Config, error) { |
| 114 | return &tls.Config{ |
| 115 | // MinVersion should be set to 1.2 by gRPC by default. |
| 116 | Certificates: []tls.Certificate{serverCert}, |
| 117 | }, nil |
| 118 | }, |
| 119 | } |
| 120 | }, |
| 121 | }, |
| 122 | } |
| 123 | |
| 124 | for _, tc := range testCases { |
| 125 | t.Run(tc.name, func(t *testing.T) { |
| 126 | // Create server creds without a minimum version. |
| 127 | serverCreds := credentials.NewTLS(tc.serverTLS()) |
| 128 | ss := stubserver.StubServer{ |
| 129 | EmptyCallF: func(context.Context, *testpb.Empty) (*testpb.Empty, error) { |
| 130 | return &testpb.Empty{}, nil |
| 131 | }, |
| 132 | } |
| 133 | |
| 134 | // Create client creds that supports V1.0-V1.1. |
| 135 | clientCreds := credentials.NewTLS(&tls.Config{ |
| 136 | ServerName: serverName, |
nothing calls this directly
no test coverage detected