Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2026-06-05 05:25:20 -04:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
0125ae39cccfdf9b6fdfb16d5a59f3ad37a2caf6
caddy/modules/caddytls/connpolicy_verifyconnection_test.go
T
Matt Holt 6c675e29f8
Tests / test (s390x on IBM Z) (push) Has been skipped
Details
Tests / goreleaser-check (push) Has been skipped
Details
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Failing after 1m38s
Details
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 2m16s
Details
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 2m54s
Details
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 3m25s
Details
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m28s
Details
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 2m20s
Details
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m44s
Details
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m46s
Details
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 5m32s
Details
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 2m3s
Details
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 3m19s
Details
Lint / dependency-review (push) Failing after 1m17s
Details
Lint / govulncheck (push) Successful in 1m55s
Details
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m31s
Details
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 5m45s
Details
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Details
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Details
Lint / lint (macos-14, mac) (push) Has been cancelled
Details
Lint / lint (windows-latest, windows) (push) Has been cancelled
Details
caddytls: Fix client auth (fix #7724) (#7727) 
The peer certificates should be loaded even if existingVerifyPeerCert is nil.

Patched with the assistance of Copilot, as an experiment.
2026-05-14 10:05:57 -06:00

60 lines
1.7 KiB
Go
Raw Blame History

package caddytls
import (
"crypto/tls"
"crypto/x509"
"errors"
"reflect"
"testing"
)
type testClientCertificateVerifier struct {
rawCerts [][]byte
verifiedChains [][]*x509.Certificate
err error
}
func (v *testClientCertificateVerifier) VerifyClientCertificate(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
v.rawCerts = rawCerts
v.verifiedChains = verifiedChains
return v.err
}
func TestClientAuthenticationVerifyConnectionPassesRawCertsToVerifiers(t *testing.T) {
verifier := &testClientCertificateVerifier{}
clientauth := &ClientAuthentication{
verifiers: []ClientCertificateVerifier{verifier},
}
peerCert := &x509.Certificate{Raw: []byte("peer-cert-raw")}
verifiedChains := [][]*x509.Certificate{{peerCert}}
connState := tls.ConnectionState{
PeerCertificates: []*x509.Certificate{peerCert},
VerifiedChains: verifiedChains,
}
if err := clientauth.verifyConnection(connState); err != nil {
t.Fatalf("verifyConnection failed: %v", err)
}
if !reflect.DeepEqual(verifier.rawCerts, [][]byte{[]byte("peer-cert-raw")}) {
t.Fatalf("unexpected raw certs: got %#v", verifier.rawCerts)
}
if !reflect.DeepEqual(verifier.verifiedChains, verifiedChains) {
t.Fatalf("unexpected verified chains: got %#v", verifier.verifiedChains)
}
}
func TestClientAuthenticationVerifyConnectionReturnsVerifierError(t *testing.T) {
wantErr := errors.New("verify failed")
verifier := &testClientCertificateVerifier{err: wantErr}
clientauth := &ClientAuthentication{
verifiers: []ClientCertificateVerifier{verifier},
}
err := clientauth.verifyConnection(tls.ConnectionState{})
if !errors.Is(err, wantErr) {
t.Fatalf("expected error %v, got %v", wantErr, err)
}
}
Reference in New Issue View Git Blame Copy Permalink