MCPcopy
hub / github.com/cloudflare/cloudflared / runClientServerHandshake

Function runClientServerHandshake

crypto/curves_test.go:82–102  ·  view source on GitHub ↗

runClientServerHandshake drives a TLS 1.3 handshake with the given curve preferences set on the client and captures the SupportedCurves list advertised by the client in its ClientHello. The helper is used by TestSupportedCurvesNegotiation to exercise the curves end-to-end against the standard librar

(t *testing.T, curves []tls.CurveID)

Source from the content-addressed store, hash-verified

80// TestSupportedCurvesNegotiation to exercise the curves end-to-end against
81// the standard library's TLS stack.
82func runClientServerHandshake(t *testing.T, curves []tls.CurveID) []tls.CurveID {
83 var advertisedCurves []tls.CurveID
84 ts := httptest.NewUnstartedServer(nil)
85 ts.TLS = &tls.Config{ // nolint: gosec
86 GetConfigForClient: func(chi *tls.ClientHelloInfo) (*tls.Config, error) {
87 advertisedCurves = slices.Clone(chi.SupportedCurves)
88 return nil, nil
89 },
90 }
91 ts.StartTLS()
92 defer ts.Close()
93 clientTLSConfig := ts.Client().Transport.(*http.Transport).TLSClientConfig
94 clientTLSConfig.CurvePreferences = curves
95 resp, err := ts.Client().Head(ts.URL)
96 if err != nil {
97 t.Error(err)
98 return nil
99 }
100 defer func() { _ = resp.Body.Close() }()
101 return advertisedCurves
102}
103
104// TestSupportedCurvesNegotiation verifies that the curves returned by
105// GetCurvePreferences survive a real TLS handshake unchanged, i.e. the

Callers 1

Calls 3

CloseMethod · 0.65
ClientMethod · 0.45
ErrorMethod · 0.45

Tested by

no test coverage detected