MCPcopy Index your code
hub / github.com/zalando/skipper / TestOptionsTLSConfig

Function TestOptionsTLSConfig

skipper_test.go:177–231  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

175}
176
177func TestOptionsTLSConfig(t *testing.T) {
178 cr := certregistry.NewCertRegistry()
179 proxyTLS := &tls.Config{}
180
181 cert, err := tls.LoadX509KeyPair("fixtures/test.crt", "fixtures/test.key")
182 require.NoError(t, err)
183
184 cert2, err := tls.LoadX509KeyPair("fixtures/test2.crt", "fixtures/test2.key")
185 require.NoError(t, err)
186
187 // empty without registry
188 o := &Options{}
189 c, err := o.TlsConfig(nil)
190 require.NoError(t, err)
191 require.Nil(t, c)
192
193 // empty with registry
194 o = &Options{}
195 c, err = o.TlsConfig(cr)
196 require.NoError(t, err)
197 require.NotNil(t, c.GetCertificate)
198
199 // proxy tls config
200 o = &Options{ProxyTLS: proxyTLS}
201 c, err = o.TlsConfig(cr)
202 require.NoError(t, err)
203 require.Same(t, proxyTLS, c)
204
205 // proxy tls config priority
206 o = &Options{ProxyTLS: proxyTLS, CertPathTLS: "fixtures/test.crt", KeyPathTLS: "fixtures/test.key"}
207 c, err = o.TlsConfig(cr)
208 require.NoError(t, err)
209 require.Same(t, proxyTLS, c)
210
211 // cert key path
212 o = &Options{TLSMinVersion: tls.VersionTLS12, CertPathTLS: "fixtures/test.crt", KeyPathTLS: "fixtures/test.key"}
213 c, err = o.TlsConfig(cr)
214 require.NoError(t, err)
215 require.Equal(t, uint16(tls.VersionTLS12), c.MinVersion)
216 require.Equal(t, []tls.Certificate{cert}, c.Certificates)
217
218 // multiple cert key paths
219 o = &Options{TLSMinVersion: tls.VersionTLS13, CertPathTLS: "fixtures/test.crt,fixtures/test2.crt", KeyPathTLS: "fixtures/test.key,fixtures/test2.key"}
220 c, err = o.TlsConfig(cr)
221 require.NoError(t, err)
222 require.Equal(t, uint16(tls.VersionTLS13), c.MinVersion)
223 require.Equal(t, []tls.Certificate{cert, cert2}, c.Certificates)
224
225 // TLS Cipher Suites
226 o = &Options{CipherSuites: []uint16{1}}
227 c, err = o.TlsConfig(cr)
228 require.NoError(t, err)
229 assert.Equal(t, len(c.CipherSuites), 1)
230
231}
232
233func TestOptionsTLSConfigInvalidPaths(t *testing.T) {
234 cr := certregistry.NewCertRegistry()

Callers

nothing calls this directly

Calls 2

TlsConfigMethod · 0.95
NewCertRegistryFunction · 0.92

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…