1/* 2Copyright The Helm Authors. 3 4Licensed under the Apache License, Version 2.0 (the "License"); 5you may not use this file except in compliance with the License. 6You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10Unless required by applicable law or agreed to in writing, software 11distributed under the License is distributed on an "AS IS" BASIS, 12WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13See the License for the specific language governing permissions and 14limitations under the License. 15*/ 16 17package tlsutil 18 19import ( 20 "path/filepath" 21 "testing" 22) 23 24const tlsTestDir = "../../testdata" 25 26const ( 27 testCaCertFile = "rootca.crt" 28 testCertFile = "crt.pem" 29 testKeyFile = "key.pem" 30) 31 32func TestClientConfig(t *testing.T) { 33 opts := Options{ 34 CaCertFile: testfile(t, testCaCertFile), 35 CertFile: testfile(t, testCertFile), 36 KeyFile: testfile(t, testKeyFile), 37 InsecureSkipVerify: false, 38 } 39 40 cfg, err := ClientConfig(opts) 41 if err != nil { 42 t.Fatalf("error building tls client config: %v", err) 43 } 44 45 if got := len(cfg.Certificates); got != 1 { 46 t.Fatalf("expecting 1 client certificates, got %d", got) 47 } 48 if cfg.InsecureSkipVerify { 49 t.Fatalf("insecure skip verify mistmatch, expecting false") 50 } 51 if cfg.RootCAs == nil { 52 t.Fatalf("mismatch tls RootCAs, expecting non-nil") 53 } 54} 55 56func testfile(t *testing.T, file string) (path string) { 57 var err error 58 if path, err = filepath.Abs(filepath.Join(tlsTestDir, file)); err != nil { 59 t.Fatalf("error getting absolute path to test file %q: %v", file, err) 60 } 61 return path 62} 63 64func TestNewClientTLS(t *testing.T) { 65 certFile := testfile(t, testCertFile) 66 keyFile := testfile(t, testKeyFile) 67 caCertFile := testfile(t, testCaCertFile) 68 69 cfg, err := NewClientTLS(certFile, keyFile, caCertFile) 70 if err != nil { 71 t.Error(err) 72 } 73 74 if got := len(cfg.Certificates); got != 1 { 75 t.Fatalf("expecting 1 client certificates, got %d", got) 76 } 77 if cfg.InsecureSkipVerify { 78 t.Fatalf("insecure skip verify mistmatch, expecting false") 79 } 80 if cfg.RootCAs == nil { 81 t.Fatalf("mismatch tls RootCAs, expecting non-nil") 82 } 83 84 cfg, err = NewClientTLS("", "", caCertFile) 85 if err != nil { 86 t.Error(err) 87 } 88 89 if got := len(cfg.Certificates); got != 0 { 90 t.Fatalf("expecting 0 client certificates, got %d", got) 91 } 92 if cfg.InsecureSkipVerify { 93 t.Fatalf("insecure skip verify mistmatch, expecting false") 94 } 95 if cfg.RootCAs == nil { 96 t.Fatalf("mismatch tls RootCAs, expecting non-nil") 97 } 98 99 cfg, err = NewClientTLS(certFile, keyFile, "") 100 if err != nil { 101 t.Error(err) 102 } 103 104 if got := len(cfg.Certificates); got != 1 { 105 t.Fatalf("expecting 1 client certificates, got %d", got) 106 } 107 if cfg.InsecureSkipVerify { 108 t.Fatalf("insecure skip verify mistmatch, expecting false") 109 } 110 if cfg.RootCAs != nil { 111 t.Fatalf("mismatch tls RootCAs, expecting nil") 112 } 113} 114