MCPcopy
hub / github.com/helm/helm / TestDownloadTLSWithRedirect

Function TestDownloadTLSWithRedirect

pkg/getter/httpgetter_test.go:359–482  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

357}
358
359func TestDownloadTLSWithRedirect(t *testing.T) {
360 cd := "../../testdata"
361 srv2Resp := "hello"
362 insecureSkipTLSVerify := false
363
364 // Server 2 that will actually fulfil the request.
365 ca, pub, priv := filepath.Join(cd, "rootca.crt"), filepath.Join(cd, "localhost-crt.pem"), filepath.Join(cd, "key.pem")
366 tlsConf, err := tlsutil.NewTLSConfig(
367 tlsutil.WithCAFile(ca),
368 tlsutil.WithCertKeyPairFiles(pub, priv),
369 tlsutil.WithInsecureSkipVerify(insecureSkipTLSVerify),
370 )
371
372 if err != nil {
373 t.Fatal(fmt.Errorf("can't create TLS config for client: %w", err))
374 }
375
376 tlsSrv2 := httptest.NewUnstartedServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) {
377 rw.Header().Set("Content-Type", "text/plain")
378 rw.Write([]byte(srv2Resp))
379 }))
380
381 tlsSrv2.TLS = tlsConf
382 tlsSrv2.StartTLS()
383 defer tlsSrv2.Close()
384
385 // Server 1 responds with a redirect to Server 2.
386 ca, pub, priv = filepath.Join(cd, "rootca.crt"), filepath.Join(cd, "crt.pem"), filepath.Join(cd, "key.pem")
387 tlsConf, err = tlsutil.NewTLSConfig(
388 tlsutil.WithCAFile(ca),
389 tlsutil.WithCertKeyPairFiles(pub, priv),
390 tlsutil.WithInsecureSkipVerify(insecureSkipTLSVerify),
391 )
392
393 if err != nil {
394 t.Fatal(fmt.Errorf("can't create TLS config for client: %w", err))
395 }
396
397 tlsSrv1 := httptest.NewUnstartedServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
398 u, _ := url.ParseRequestURI(tlsSrv2.URL)
399
400 // Make the request using the hostname 'localhost' (to which 'localhost-crt.pem' is issued)
401 // to verify that a successful TLS connection is made even if the client doesn't specify
402 // the hostname (SNI) in `tls.Config.ServerName`. By default the hostname is derived from the
403 // request URL for every request (including redirects). Setting `tls.Config.ServerName` on the
404 // client just overrides the remote endpoint's hostname.
405 // See https://github.com/golang/go/blob/3979fb9/src/net/http/transport.go#L1505-L1513.
406 u.Host = "localhost:" + u.Port()
407
408 http.Redirect(rw, r, u.String(), http.StatusTemporaryRedirect)
409 }))
410
411 tlsSrv1.TLS = tlsConf
412 tlsSrv1.StartTLS()
413 defer tlsSrv1.Close()
414
415 u, _ := url.ParseRequestURI(tlsSrv1.URL)
416

Callers

nothing calls this directly

Calls 15

GetMethod · 0.95
NewTLSConfigFunction · 0.92
WithCAFileFunction · 0.92
WithCertKeyPairFilesFunction · 0.92
WithInsecureSkipVerifyFunction · 0.92
NewHTTPGetterFunction · 0.85
WithURLFunction · 0.85
FatalMethod · 0.80
CloseMethod · 0.80
WithTLSClientConfigFunction · 0.70
RunMethod · 0.65
SetMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…