MCPcopy
hub / github.com/grpc/grpc-go / TestClientCredsSuccess

Method TestClientCredsSuccess

credentials/xds/xds_client_test.go:352–451  ·  view source on GitHub ↗

TestClientCredsSuccess verifies successful client handshake cases.

(t *testing.T)

Source from the content-addressed store, hash-verified

350
351// TestClientCredsSuccess verifies successful client handshake cases.
352func (s) TestClientCredsSuccess(t *testing.T) {
353 tests := []struct {
354 desc string
355 handshakeFunc testHandshakeFunc
356 handshakeInfoCtx func(ctx context.Context) context.Context
357 enableSNIFlag bool
358 }{
359 {
360 desc: "fallback",
361 handshakeFunc: testServerTLSHandshake,
362 handshakeInfoCtx: func(ctx context.Context) context.Context {
363 // Since we don't add a HandshakeInfo to the context, the
364 // ClientHandshake() method will delegate to the fallback.
365 return ctx
366 },
367 },
368 {
369 desc: "TLS",
370 handshakeFunc: testServerTLSHandshake,
371 handshakeInfoCtx: func(ctx context.Context) context.Context {
372 return newTestContextWithHandshakeInfo(ctx, makeRootProvider(t, "x509/server_ca_cert.pem"), nil, defaultTestCertSAN, "", false)
373 },
374 },
375 {
376 desc: "mTLS",
377 handshakeFunc: testServerMutualTLSHandshake,
378 handshakeInfoCtx: func(ctx context.Context) context.Context {
379 return newTestContextWithHandshakeInfo(ctx, makeRootProvider(t, "x509/server_ca_cert.pem"), makeIdentityProvider(t, "x509/server1_cert.pem", "x509/server1_key.pem"), defaultTestCertSAN, "", false)
380 },
381 },
382 {
383 desc: "mTLS with no acceptedSANs specified",
384 handshakeFunc: testServerMutualTLSHandshake,
385 handshakeInfoCtx: func(ctx context.Context) context.Context {
386 return newTestContextWithHandshakeInfo(ctx, makeRootProvider(t, "x509/server_ca_cert.pem"), makeIdentityProvider(t, "x509/server1_cert.pem", "x509/server1_key.pem"), "", "", false)
387 },
388 },
389 {
390 desc: "TLS with SNI",
391 handshakeFunc: testServerTLSHandshake,
392 handshakeInfoCtx: func(ctx context.Context) context.Context {
393 return newTestContextWithHandshakeInfo(ctx, makeRootProvider(t, "x509/server_ca_cert.pem"), nil, "bad-match", defaultTestCertSAN, true)
394 },
395 enableSNIFlag: true,
396 },
397 {
398 desc: "TLS with SNI, env variable disabled, AutoSniSanValidation enabled",
399 handshakeFunc: testServerTLSHandshake,
400 handshakeInfoCtx: func(ctx context.Context) context.Context {
401 return newTestContextWithHandshakeInfo(ctx, makeRootProvider(t, "x509/server_ca_cert.pem"), nil, defaultTestCertSAN, "bad-sni", true)
402 },
403 },
404 {
405 desc: "TLS with SNI, env variable enabled but AutoSniSanValidation disabled",
406 handshakeFunc: testServerTLSHandshake,
407 handshakeInfoCtx: func(ctx context.Context) context.Context {
408 return newTestContextWithHandshakeInfo(ctx, makeRootProvider(t, "x509/server_ca_cert.pem"), nil, defaultTestCertSAN, "bad-sni", false)
409 },

Callers

nothing calls this directly

Calls 14

SetEnvConfigFunction · 0.92
makeFallbackClientCredsFunction · 0.85
NewClientCredentialsFunction · 0.85
compareAuthInfoFunction · 0.85
makeRootProviderFunction · 0.70
makeIdentityProviderFunction · 0.70
stopMethod · 0.65
FatalfMethod · 0.65
CloseMethod · 0.65
ClientHandshakeMethod · 0.65

Tested by

no test coverage detected