You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by ti...@apache.org on 2016/07/04 16:42:59 UTC
[3/5] mesos git commit: Added tests for IP based certificate
validation.
Added tests for IP based certificate validation.
Review: https://reviews.apache.org/r/49402/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/ae0504c3
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/ae0504c3
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/ae0504c3
Branch: refs/heads/master
Commit: ae0504c33efc126b9b19755cbc7839a38de067f5
Parents: 36a3c64
Author: Till Toenshoff <to...@me.com>
Authored: Mon Jul 4 18:34:03 2016 +0200
Committer: Till Toenshoff <to...@me.com>
Committed: Mon Jul 4 18:34:03 2016 +0200
----------------------------------------------------------------------
3rdparty/libprocess/include/process/ssl/gtest.hpp | 3 ++-
3rdparty/libprocess/src/tests/ssl_tests.cpp | 16 ++++++++++++----
2 files changed, 14 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/ae0504c3/3rdparty/libprocess/include/process/ssl/gtest.hpp
----------------------------------------------------------------------
diff --git a/3rdparty/libprocess/include/process/ssl/gtest.hpp b/3rdparty/libprocess/include/process/ssl/gtest.hpp
index 3faf4d6..a929cc9 100644
--- a/3rdparty/libprocess/include/process/ssl/gtest.hpp
+++ b/3rdparty/libprocess/include/process/ssl/gtest.hpp
@@ -267,7 +267,8 @@ protected:
* SSLTest::launch_client that factor out common behavior used in
* tests.
*/
-class SSLTest : public SSLTemporaryDirectoryTest
+class SSLTest : public SSLTemporaryDirectoryTest,
+ public ::testing::WithParamInterface<const char*>
{
protected:
SSLTest() : data("Hello World!") {}
http://git-wip-us.apache.org/repos/asf/mesos/blob/ae0504c3/3rdparty/libprocess/src/tests/ssl_tests.cpp
----------------------------------------------------------------------
diff --git a/3rdparty/libprocess/src/tests/ssl_tests.cpp b/3rdparty/libprocess/src/tests/ssl_tests.cpp
index 6fc9038..72432ec 100644
--- a/3rdparty/libprocess/src/tests/ssl_tests.cpp
+++ b/3rdparty/libprocess/src/tests/ssl_tests.cpp
@@ -102,6 +102,11 @@ Future<Nothing> await_subprocess(
}
+INSTANTIATE_TEST_CASE_P(SSLVerifyIPAdd,
+ SSLTest,
+ ::testing::Values("false", "true"));
+
+
// Ensure that we can't create an SSL socket when SSL is not enabled.
TEST(SSL, Disabled)
{
@@ -113,7 +118,7 @@ TEST(SSL, Disabled)
// Test a basic back-and-forth communication within the same OS
// process.
-TEST_F(SSLTest, BasicSameProcess)
+TEST_P(SSLTest, BasicSameProcess)
{
os::setenv("SSL_ENABLED", "true");
os::setenv("SSL_KEY_FILE", key_path().string());
@@ -121,6 +126,7 @@ TEST_F(SSLTest, BasicSameProcess)
os::setenv("SSL_REQUIRE_CERT", "true");
os::setenv("SSL_CA_DIR", os::getcwd());
os::setenv("SSL_CA_FILE", certificate_path().string());
+ os::setenv("SSL_VERIFY_IPADD", GetParam());
openssl::reinitialize();
@@ -348,20 +354,22 @@ TEST_F(SSLTest, VerifyCertificate)
// Ensure that a certificate that WAS generated using the certificate
// authority is NOT allowed to communicate when the SSL_REQUIRE_CERT
// flag is enabled.
-TEST_F(SSLTest, RequireCertificate)
+TEST_P(SSLTest, RequireCertificate)
{
Try<Socket> server = setup_server({
{"SSL_ENABLED", "true"},
{"SSL_KEY_FILE", key_path().string()},
{"SSL_CERT_FILE", certificate_path().string()},
- {"SSL_REQUIRE_CERT", "true"}});
+ {"SSL_REQUIRE_CERT", "true"},
+ {"SSL_VERIFY_IPADD", GetParam()}});
ASSERT_SOME(server);
Try<Subprocess> client = launch_client({
{"SSL_ENABLED", "true"},
{"SSL_KEY_FILE", key_path().string()},
{"SSL_CERT_FILE", certificate_path().string()},
- {"SSL_REQUIRE_CERT", "true"}},
+ {"SSL_REQUIRE_CERT", "true"},
+ {"SSL_VERIFY_IPADD", GetParam()}},
server.get(),
true);
ASSERT_SOME(client);