MCPcopy
hub / github.com/grpc/grpc-go / TestServerCredsHandshakeTimeout

Method TestServerCredsHandshakeTimeout

credentials/xds/xds_server_test.go:226–271  ·  view source on GitHub ↗

TestServerCredsHandshakeTimeout verifies the case where the client does not send required handshake data before the deadline set on the net.Conn passed to ServerHandshake().

(t *testing.T)

Source from the content-addressed store, hash-verified

224// send required handshake data before the deadline set on the net.Conn passed
225// to ServerHandshake().
226func (s) TestServerCredsHandshakeTimeout(t *testing.T) {
227 opts := ServerOptions{FallbackCreds: &errorCreds{}}
228 creds, err := NewServerCredentials(opts)
229 if err != nil {
230 t.Fatalf("NewServerCredentials(%v) failed: %v", opts, err)
231 }
232 ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout)
233 defer cancel()
234
235 // Create a test server which uses the xDS server credentials created above
236 // to perform TLS handshake on incoming connections.
237 ts := newTestServerWithHandshakeFunc(ctx, func(rawConn net.Conn) handshakeResult {
238 hi := xdsinternal.NewHandshakeInfo(makeRootProvider(t, "x509/client_ca_cert.pem"), makeIdentityProvider(t, "x509/server2_cert.pem", "x509/server2_key.pem"), nil, true, "", false, false)
239
240 // Create a wrapped conn which can return the HandshakeInfo created
241 // above with a very small deadline.
242 d := time.Now().Add(defaultTestShortTimeout)
243 rawConn.SetDeadline(d)
244 conn := newWrappedConn(rawConn, hi, d)
245
246 // ServerHandshake() on the xDS credentials is expected to fail.
247 if _, _, err := creds.ServerHandshake(conn); err == nil {
248 return handshakeResult{err: errors.New("ServerHandshake() succeeded when expected to timeout")}
249 }
250 return handshakeResult{}
251 })
252 defer ts.stop()
253
254 // Dial the test server, but don't trigger the TLS handshake. This will
255 // cause ServerHandshake() to fail.
256 rawConn, err := net.Dial("tcp", ts.address)
257 if err != nil {
258 t.Fatalf("net.Dial(%s) failed: %v", ts.address, err)
259 }
260 defer rawConn.Close()
261
262 // Read handshake result from the testServer and expect a failure result.
263 val, err := ts.hsResult.Receive(ctx)
264 if err != nil {
265 t.Fatalf("testServer failed to return handshake result: %v", err)
266 }
267 hsr := val.(handshakeResult)
268 if hsr.err != nil {
269 t.Fatalf("testServer handshake failure: %v", hsr.err)
270 }
271}
272
273// TestServerCredsHandshakeFailure verifies the case where the server-side
274// credentials uses a root certificate which does not match the certificate

Callers

nothing calls this directly

Calls 14

NewServerCredentialsFunction · 0.85
newWrappedConnFunction · 0.85
NowMethod · 0.80
makeRootProviderFunction · 0.70
makeIdentityProviderFunction · 0.70
FatalfMethod · 0.65
AddMethod · 0.65
ServerHandshakeMethod · 0.65
stopMethod · 0.65
CloseMethod · 0.65
SetDeadlineMethod · 0.45

Tested by

no test coverage detected