diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/data/cert.pem | 29 | ||||
| -rwxr-xr-x | tests/data/generate_tls_certs.sh | 2 | ||||
| -rw-r--r-- | tests/data/key.pem | 52 | ||||
| -rw-r--r-- | tests/fixtures/mod.rs | 28 | ||||
| -rw-r--r-- | tests/tls.rs | 53 |
5 files changed, 156 insertions, 8 deletions
diff --git a/tests/data/cert.pem b/tests/data/cert.pem new file mode 100644 index 0000000..c907ef2 --- /dev/null +++ b/tests/data/cert.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFCTCCAvGgAwIBAgIUJUf2QS/pOdHEW4EHTfdXxeTvtM8wDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIxMDgyNzAwMzEyOFoXDTMxMDgy +NTAwMzEyOFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEAwmYOqToI0R30lPyYtF9bSuhIOCp9cp0jl2nuHaO8mpr1 +gMiJKKN4HjAdgac+3hYkTRFqK2mKKpV9QdVKR24Ib7mC45Ek7BlLw3VbxPRKrK/j +rKW3M3ui+453B24yf6K8dH36x9gZo4glzghFxuodFakIX2zNKo6tEx0XVkbhsu/w +vj2s+0L3oToPAYZaiOB/7xYU6Yu9n7Tn6rE9/orDfK1DlrZDP3hzyxLzuf6tqXCh +66cgaPQTh+xyyWZcvl60kbB4H3bdhqbYGMMQO8bUxXTQXjwvUsvl0yn9qCpMIn99 +Pm9xhfDQSF3zawM3CQ/lmn9uFQzdOEfYlO6oaidTqxLtBhVUcEutIcmoW9nmmv2g +Ei49/3OmvWQcEdMWt8xwxSrMvKDSeUdF3rbalTHBFQHJlJiKRX9wTNtSZ5T8FTU7 +4Ip4EzAtP8wY5NDv253mddANoyKsVRGytS35LDFkCS/TxuVDZrjluc86yqUId/jf +HZAzQ7ifpC890aG0JOq/0mmVDvbn7MzdTsTWwhE8UaOiFljTiNQX3QjX3TaEu32M +XHKo5nebNqDVRGnFMFmfXw2ZP8lgQCWk1HxLr0qhRxIy8XmIK1ZUz7Uc4Cba73XB +pSxcIPytpDuuKotslBjoIYu9DY07n1Hu4zYPvpP9DnaunEW6zmANEtjSyrE/TQ0C +AwEAAaNTMFEwHQYDVR0OBBYEFH0VzGnFqGVB+11uyvqea2qXYxQKMB8GA1UdIwQY +MBaAFH0VzGnFqGVB+11uyvqea2qXYxQKMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggIBAA4FqzX34FCU1WYzmBRcq7QHSrc7LcuTbxhESB7mYbI8IPFt +cgrtXL1mTP+nz5nN+E6fyA8Y9zIyXm/6svYpJzXgUTtbdgDW22v5iN+YZvOaQ3Jt +/0eEtkx7wdNjLsN0aM6OjPXDw0mAVFDdevE7wgnra6x6/VHOt6pksNJa76ZVPX5X +dlLj+OU4eQPPMVxhL7p3xdSPFDZzXY7mNfVycO3tK5Fzrwko7OQKqEBMtc0oZxLd +m/FvqcJveHYHfXZl5XKMcsCNO8bG0XXDhwg0CLTf1p0hmp1oLieqplekOWs54Alo +FF4EBNdDaIFdQ4FAYaAU+9KLoPstorTl+3Owj/k3xhDB+0sGwGeX/e88nhs/ppEy +bxOt0j4AruwapkcvkwhQeMpQJRYyOrcvlbUEZqFABozZ9gbGRQvnConDNg7tz5zc +nVUupszA7zs0Vn9b1zVLOcOcS2ziQvoCyh687MsVbjw65Y6tkhvLI35G68zrFKsl +MS5mqnK4DZYFc1gGGI/rjsFUf3dD4ww6PTnwv3Ga2yBvXi7EckEeEqB+dRlVdvob +cH/grVUum3s5Y4PTnxyNAUFZlFNZ8jlOcgXtAFuTnJ/jcvboZdE7Oja2OIMJo53d +rbkqAPNGhQ98QDuTwWjHUq/Th1CQK4ALI/wqoc22TJpSh/mme5Dj4HhB7LWl +-----END CERTIFICATE----- diff --git a/tests/data/generate_tls_certs.sh b/tests/data/generate_tls_certs.sh new file mode 100755 index 0000000..969a38c --- /dev/null +++ b/tests/data/generate_tls_certs.sh @@ -0,0 +1,2 @@ +#!/usr/bin/env bash +openssl req -subj '/CN=localhost' -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -days 3650 diff --git a/tests/data/key.pem b/tests/data/key.pem new file mode 100644 index 0000000..4263815 --- /dev/null +++ b/tests/data/key.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDCZg6pOgjRHfSU +/Ji0X1tK6Eg4Kn1ynSOXae4do7yamvWAyIkoo3geMB2Bpz7eFiRNEWoraYoqlX1B +1UpHbghvuYLjkSTsGUvDdVvE9Eqsr+Ospbcze6L7jncHbjJ/orx0ffrH2BmjiCXO +CEXG6h0VqQhfbM0qjq0THRdWRuGy7/C+Paz7QvehOg8BhlqI4H/vFhTpi72ftOfq +sT3+isN8rUOWtkM/eHPLEvO5/q2pcKHrpyBo9BOH7HLJZly+XrSRsHgfdt2GptgY +wxA7xtTFdNBePC9Sy+XTKf2oKkwif30+b3GF8NBIXfNrAzcJD+Waf24VDN04R9iU +7qhqJ1OrEu0GFVRwS60hyahb2eaa/aASLj3/c6a9ZBwR0xa3zHDFKsy8oNJ5R0Xe +ttqVMcEVAcmUmIpFf3BM21JnlPwVNTvgingTMC0/zBjk0O/bneZ10A2jIqxVEbK1 +LfksMWQJL9PG5UNmuOW5zzrKpQh3+N8dkDNDuJ+kLz3RobQk6r/SaZUO9ufszN1O +xNbCETxRo6IWWNOI1BfdCNfdNoS7fYxccqjmd5s2oNVEacUwWZ9fDZk/yWBAJaTU +fEuvSqFHEjLxeYgrVlTPtRzgJtrvdcGlLFwg/K2kO64qi2yUGOghi70NjTufUe7j +Ng++k/0Odq6cRbrOYA0S2NLKsT9NDQIDAQABAoICAQC9eAEEGQcs4fhXGZav/lyZ +Nqnk7CzWf6eH1Pv6sXKKcUukmE9uZ10UdyrbCimxBX2eC8Ihy7yZYpfxiTPbSLg6 +RGH48Kc+4izAtWqbHMqHYusRg3Z6XB9u9Ny4RkQ7uF3bYEoDa3EZvQGzvMZdaCKu +0M/TSdTxjJvNjEYJlg42e7t1f+FQB2YZIuArSUqGK+ElIq2BLuzDcuuzB8r3g0Gj +C7BbfQswGnMpUzBvcHTMN3Xpmztwb6t1iBQcjYMJHH77nDaH3C9vJMBr6fqxeEo6 +pW7M2fX5ybcXR87tj0QjP4TPTIkl1Z77WW59N2X1lCPhoB+nrqESUJwcFDvbMrdM +yUZoDTdGui/fGa+91Yl2wn7IIB5AzSH3Vkb6Z2cEFKuKCNcfobfNSOVrrnFBj52u +IJGJhOj8FZz0HTYnIBQDpjVE92/+2CaCms5thlihm2ccG6jG2KGyjyNXRw548q/K +NVr65VG3B9IS0PVQ5z5ue5pt36ig057OtmCBGx23fqKwprzSTWQhsgZoUKSH4+UN +aBjqwcuhQJVPf4In6eJtW9Gf04cLDUMAWiaCHUTLVci3kauGqoxjj0Y4ysYbq16j +di51k+XVwas0LLjFf2+eaGfd0nMFHPoXXlfaPGJSl2QAnIQGJ2d1b+/EYHlhswr3 +EPO+V22U5aiAXjBYGEb9IQKCAQEA+GlAJzigOc8F9A1HPXuDYAFZxDYF8TEjQOrW +btFek55RTqO3pPgi5XR7gQLsqpno+3IMwkJPi9LE4HJ04dGlIiLAFsWWWsB7eshE +E/dm9ddfcvUlcMQ5vT0Z8r6kyLZR5NG+x5KMZ5AB4Uv8PLLaXQd2LyXQzysfPX00 +tWs0/6/DA99uVNiAi9K6ebV5ZJxgbEqiDd0wn1W0MH0lvxIJumTKLiWpOR7FlXlL +c+xRmyC0YqcX8LpI880GdnRI13SGPD9cu+/nivgjl18UC+j+WapeBLDCQHRcjaVy +UBKGwOTla3mdx6//jWxFQzZNsapR8dxIxuxY5b+cNUhV7W2LNQKCAQEAyFZkJxQf +Of7fHyBCL9ldzxgu4MHtGIeH/z+0nnJj+/b5HFlWAK9A1lSmTEMwNZ7tSQWAhmQb +lS3DEA4a12JKvqtpamYyj17hdx3dCGe9wU8z2aS08wDuM9L1g5xqhhrn2ewcpJNp +9cqoBKoqLjk9yA2X4GEUCaKuHbOMrkfQAq8jQBgYe3aPWZjMuDAI2RNpGxGwyslR +AM+LnWFskGtgB5q1rBNQduNXEKVqNd5Zsqztd/tkcLmgqLZHbpUWwqYYTaVE3wW9 +cir+9VGTuOi9kKEjZ2P35f4VP2GNA7V3fgU/LYv81V2osQPsngheL5RVA1RVvCqo +XTpsEUKie9WdeQKCAQEAhry34k4xggmLRhupp2yGDp3M7cMLqA4p+/0kgAkqDlGR +8mCUrHM2olRy5MAMVGCU4UW0K+3BraqNxNvwD8ghlIlavT9A1UqP70IOwvGvM+s0 +x2q2exrD4qPwnhzPzlotwzoNC7yuUUHn8ya+0sGD9W+lp98QCj5ufHCcFUboAUN5 +OHGJK5Ye6zhKktde17aGClbU3UY7KEFZMe+/eIq1IhenHi6pQeUx8GhRB7iHbufn +T5coQhcYmLx9I+Tg2ZRHdwg7KWjvow4CaAlXGzquMz5YLp0dT86NoPq7LTlPQ/Mj +iQ73CKeqqi+uxcz/iT1DozcDdnodocgzVyc8DEMdfQKCAQAQ37Xv1LIMoHsKlBz/ +Cr/sAY1xQORHfKLnzOXZsqjZQCQbTyr/Q8OiSd737XDSE2DJFb2NlED+f6w+XfHE +0nKZPLbUT2dSzBsRfWJwosxIy/MCEe1rylhF5S7otvQB96IvqMOA2SnDmh4sxmhn +HEsn3n08WPDnHtyrg8QFqebLUxUVAPKO851/Xm9f1CvqnMftj7/kVLCN8O1BhEMw +ptqfyVgj9jyAxwU+UbBweRn1Aru9r172X6w4iaHanpQcMQE7CQCUCFe8lgKDhyt6 +F6Bf3jKtMq5eoNgJTp4iAdbetnJr066oCgt7XWlAplPIjiXa8e+GudEUiScxDPvC +kmuBAoIBAH/+OwEZBEnMb5c+aWTgxUh3NGtAy6LgD+1cj5IT2s215si6ea4QzPM0 +Ddht4nbs2oPML5kwpym4IKI1OY+07haZJoxt14xo7eLhO8+7+t6yka/Y6SlIuSqP +Cku40Ok2JyWRQxe3n371wmEKKuJyqVMDR1bY5tkwhh1MYUO8xkGbbZcbrUx6GLuJ +E53ybjzdaxFYbHO2ZvqQALZq5h8mb+5IFFhIQjM2PLXHY3Ok3xNgrR9Se1Bb6tZY +x+j6/xEBVw1Yg2J/UgMjRQDzax/wTBzTlUkc1kpp0Xi2iQcxVQSZZ1nQU3opcmwJ +UbBWUEN95O4LnWFuyhEIOIEmp5JtGks= +-----END PRIVATE KEY----- diff --git a/tests/fixtures/mod.rs b/tests/fixtures/mod.rs index a227f84..9f3560d 100644 --- a/tests/fixtures/mod.rs +++ b/tests/fixtures/mod.rs @@ -88,7 +88,7 @@ pub fn port() -> u16 { #[allow(dead_code)] pub fn server<I>(#[default(&[] as &[&str])] args: I) -> TestServer where - I: IntoIterator, + I: IntoIterator + Clone, I::Item: AsRef<std::ffi::OsStr>, { let port = port(); @@ -98,13 +98,16 @@ where .arg(tmpdir.path()) .arg("-p") .arg(port.to_string()) - .args(args) + .args(args.clone()) .stdout(Stdio::null()) .spawn() .expect("Couldn't run test binary"); + let is_tls = args + .into_iter() + .any(|x| x.as_ref().to_str().unwrap().contains("tls")); wait_for_port(port); - TestServer::new(port, tmpdir, child) + TestServer::new(port, tmpdir, child, is_tls) } /// Same as `server()` but ignore stderr @@ -112,7 +115,7 @@ where #[allow(dead_code)] pub fn server_no_stderr<I>(#[default(&[] as &[&str])] args: I) -> TestServer where - I: IntoIterator, + I: IntoIterator + Clone, I::Item: AsRef<std::ffi::OsStr>, { let port = port(); @@ -122,14 +125,17 @@ where .arg(tmpdir.path()) .arg("-p") .arg(port.to_string()) - .args(args) + .args(args.clone()) .stdout(Stdio::null()) .stderr(Stdio::null()) .spawn() .expect("Couldn't run test binary"); + let is_tls = args + .into_iter() + .any(|x| x.as_ref().to_str().unwrap().contains("tls")); wait_for_port(port); - TestServer::new(port, tmpdir, child) + TestServer::new(port, tmpdir, child, is_tls) } /// Wait a max of 1s for the port to become available. @@ -150,23 +156,29 @@ pub struct TestServer { port: u16, tmpdir: TempDir, child: Child, + is_tls: bool, } #[allow(dead_code)] impl TestServer { - pub fn new(port: u16, tmpdir: TempDir, child: Child) -> Self { + pub fn new(port: u16, tmpdir: TempDir, child: Child, is_tls: bool) -> Self { Self { port, tmpdir, child, + is_tls, } } + pub fn url(&self) -> Url { - Url::parse(&format!("http://localhost:{}", self.port)).unwrap() + let protocol = if self.is_tls { "https" } else { "http" }; + Url::parse(&format!("{}://localhost:{}", protocol, self.port)).unwrap() } + pub fn path(&self) -> &std::path::Path { self.tmpdir.path() } + pub fn port(&self) -> u16 { self.port } diff --git a/tests/tls.rs b/tests/tls.rs new file mode 100644 index 0000000..2464e1f --- /dev/null +++ b/tests/tls.rs @@ -0,0 +1,53 @@ +mod fixtures; + +use assert_cmd::Command; +use fixtures::{server, Error, TestServer, FILES}; +use predicates::str::contains; +use reqwest::blocking::ClientBuilder; +use rstest::rstest; +use select::{document::Document, node::Node}; + +/// Can start the server with TLS and receive encrypted responses. +#[rstest] +fn tls_works( + #[with(&[ + "--tls-cert", "tests/data/cert.pem", + "--tls-key", "tests/data/key.pem" + ])] + server: TestServer, +) -> Result<(), Error> { + let client = ClientBuilder::new() + .danger_accept_invalid_certs(true) + .build()?; + let body = client.get(server.url()).send()?.error_for_status()?; + let parsed = Document::from_read(body)?; + for &file in FILES { + assert!(parsed.find(|x: &Node| x.text() == file).next().is_some()); + } + + Ok(()) +} + +/// Wrong path for cert throws error. +#[rstest] +fn wrong_path_cert() -> Result<(), Error> { + Command::cargo_bin("miniserve")? + .args(&["--tls-cert", "wrong", "--tls-key", "tests/data/key.pem"]) + .assert() + .failure() + .stderr(contains("Error: Couldn't access TLS certificate \"wrong\"")); + + Ok(()) +} + +/// Wrong paths for key throws errors. +#[rstest] +fn wrong_path_key() -> Result<(), Error> { + Command::cargo_bin("miniserve")? + .args(&["--tls-cert", "tests/data/cert.pem", "--tls-key", "wrong"]) + .assert() + .failure() + .stderr(contains("Error: Couldn't access TLS key \"wrong\"")); + + Ok(()) +} |