tokio-rustls/tests/badssl.rs

98 lines
2.8 KiB
Rust
Raw Normal View History

[DRAFT] update `tokio-rustls` to `rustls` 0.20.x (#64) * update to rustls 0.20 Signed-off-by: Eliza Weisman <eliza@buoyant.io> * track simple renamings in rustls Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use reader/writer methods Signed-off-by: Eliza Weisman <eliza@buoyant.io> * fix find and replace Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use rustls-pemfile crate for pem file parsing Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update misc api breakage Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update client example with api changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update server example with new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update test_stream test Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update tests to use new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * rm unused imports Signed-off-by: Eliza Weisman <eliza@buoyant.io> * handle rustls `WouldBlock` on eof Signed-off-by: Eliza Weisman <eliza@buoyant.io> * expect rustls to return wouldblock in tests Signed-off-by: Eliza Weisman <eliza@buoyant.io> * i think this is *actually* the right EOF behavior Signed-off-by: Eliza Weisman <eliza@buoyant.io> * bump version Signed-off-by: Eliza Weisman <eliza@buoyant.io> * okay that seems to fix it Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update to track builder API changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * actually shutdown read side on close notify Signed-off-by: Eliza Weisman <eliza@buoyant.io> * Further updates to rustls 0.20 (#68) * Adapt to RootCertStore API changes * Handle UnexpectedEof errors * Rename would_block to io_pending * Try to make badssl test failures more verbose * Rebuild AsyncRead impl * Upgrade to current rustls * Revert to using assert!() * Update to rustls 0.20 * Forward rustls features Co-authored-by: Dirkjan Ochtman <dirkjan@ochtman.nl>
2021-09-28 17:01:37 +00:00
use std::convert::TryFrom;
2019-02-18 12:01:37 +00:00
use std::io;
use std::net::ToSocketAddrs;
use std::sync::Arc;
use tokio::io::{AsyncReadExt, AsyncWriteExt};
2019-08-10 16:00:49 +00:00
use tokio::net::TcpStream;
[DRAFT] update `tokio-rustls` to `rustls` 0.20.x (#64) * update to rustls 0.20 Signed-off-by: Eliza Weisman <eliza@buoyant.io> * track simple renamings in rustls Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use reader/writer methods Signed-off-by: Eliza Weisman <eliza@buoyant.io> * fix find and replace Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use rustls-pemfile crate for pem file parsing Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update misc api breakage Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update client example with api changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update server example with new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update test_stream test Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update tests to use new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * rm unused imports Signed-off-by: Eliza Weisman <eliza@buoyant.io> * handle rustls `WouldBlock` on eof Signed-off-by: Eliza Weisman <eliza@buoyant.io> * expect rustls to return wouldblock in tests Signed-off-by: Eliza Weisman <eliza@buoyant.io> * i think this is *actually* the right EOF behavior Signed-off-by: Eliza Weisman <eliza@buoyant.io> * bump version Signed-off-by: Eliza Weisman <eliza@buoyant.io> * okay that seems to fix it Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update to track builder API changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * actually shutdown read side on close notify Signed-off-by: Eliza Weisman <eliza@buoyant.io> * Further updates to rustls 0.20 (#68) * Adapt to RootCertStore API changes * Handle UnexpectedEof errors * Rename would_block to io_pending * Try to make badssl test failures more verbose * Rebuild AsyncRead impl * Upgrade to current rustls * Revert to using assert!() * Update to rustls 0.20 * Forward rustls features Co-authored-by: Dirkjan Ochtman <dirkjan@ochtman.nl>
2021-09-28 17:01:37 +00:00
use tokio_rustls::{
client::TlsStream,
rustls::{self, ClientConfig, OwnedTrustAnchor},
TlsConnector,
};
2019-02-18 12:01:37 +00:00
async fn get(
config: Arc<ClientConfig>,
domain: &str,
port: u16,
) -> io::Result<(TlsStream<TcpStream>, String)> {
2019-10-01 08:27:42 +00:00
let connector = TlsConnector::from(config);
2019-02-18 12:01:37 +00:00
let input = format!("GET / HTTP/1.0\r\nHost: {}\r\n\r\n", domain);
let addr = (domain, port).to_socket_addrs()?.next().unwrap();
[DRAFT] update `tokio-rustls` to `rustls` 0.20.x (#64) * update to rustls 0.20 Signed-off-by: Eliza Weisman <eliza@buoyant.io> * track simple renamings in rustls Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use reader/writer methods Signed-off-by: Eliza Weisman <eliza@buoyant.io> * fix find and replace Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use rustls-pemfile crate for pem file parsing Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update misc api breakage Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update client example with api changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update server example with new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update test_stream test Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update tests to use new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * rm unused imports Signed-off-by: Eliza Weisman <eliza@buoyant.io> * handle rustls `WouldBlock` on eof Signed-off-by: Eliza Weisman <eliza@buoyant.io> * expect rustls to return wouldblock in tests Signed-off-by: Eliza Weisman <eliza@buoyant.io> * i think this is *actually* the right EOF behavior Signed-off-by: Eliza Weisman <eliza@buoyant.io> * bump version Signed-off-by: Eliza Weisman <eliza@buoyant.io> * okay that seems to fix it Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update to track builder API changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * actually shutdown read side on close notify Signed-off-by: Eliza Weisman <eliza@buoyant.io> * Further updates to rustls 0.20 (#68) * Adapt to RootCertStore API changes * Handle UnexpectedEof errors * Rename would_block to io_pending * Try to make badssl test failures more verbose * Rebuild AsyncRead impl * Upgrade to current rustls * Revert to using assert!() * Update to rustls 0.20 * Forward rustls features Co-authored-by: Dirkjan Ochtman <dirkjan@ochtman.nl>
2021-09-28 17:01:37 +00:00
let domain = rustls::ServerName::try_from(domain).unwrap();
2019-05-18 16:48:56 +00:00
let mut buf = Vec::new();
let stream = TcpStream::connect(&addr).await?;
let mut stream = connector.connect(domain, stream).await?;
stream.write_all(input.as_bytes()).await?;
stream.flush().await?;
2019-05-18 16:48:56 +00:00
stream.read_to_end(&mut buf).await?;
2019-02-18 12:01:37 +00:00
2019-05-18 16:48:56 +00:00
Ok((stream, String::from_utf8(buf).unwrap()))
2019-02-18 12:01:37 +00:00
}
2019-08-10 16:00:49 +00:00
#[tokio::test]
2019-10-01 08:27:42 +00:00
async fn test_tls12() -> io::Result<()> {
[DRAFT] update `tokio-rustls` to `rustls` 0.20.x (#64) * update to rustls 0.20 Signed-off-by: Eliza Weisman <eliza@buoyant.io> * track simple renamings in rustls Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use reader/writer methods Signed-off-by: Eliza Weisman <eliza@buoyant.io> * fix find and replace Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use rustls-pemfile crate for pem file parsing Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update misc api breakage Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update client example with api changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update server example with new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update test_stream test Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update tests to use new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * rm unused imports Signed-off-by: Eliza Weisman <eliza@buoyant.io> * handle rustls `WouldBlock` on eof Signed-off-by: Eliza Weisman <eliza@buoyant.io> * expect rustls to return wouldblock in tests Signed-off-by: Eliza Weisman <eliza@buoyant.io> * i think this is *actually* the right EOF behavior Signed-off-by: Eliza Weisman <eliza@buoyant.io> * bump version Signed-off-by: Eliza Weisman <eliza@buoyant.io> * okay that seems to fix it Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update to track builder API changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * actually shutdown read side on close notify Signed-off-by: Eliza Weisman <eliza@buoyant.io> * Further updates to rustls 0.20 (#68) * Adapt to RootCertStore API changes * Handle UnexpectedEof errors * Rename would_block to io_pending * Try to make badssl test failures more verbose * Rebuild AsyncRead impl * Upgrade to current rustls * Revert to using assert!() * Update to rustls 0.20 * Forward rustls features Co-authored-by: Dirkjan Ochtman <dirkjan@ochtman.nl>
2021-09-28 17:01:37 +00:00
let mut root_store = rustls::RootCertStore::empty();
root_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
OwnedTrustAnchor::from_subject_spki_name_constraints(
ta.subject,
ta.spki,
ta.name_constraints,
)
}));
let config = rustls::ClientConfig::builder()
.with_safe_default_cipher_suites()
.with_safe_default_kx_groups()
.with_protocol_versions(&[&rustls::version::TLS12])
.unwrap()
.with_root_certificates(root_store)
.with_no_client_auth();
2019-02-18 12:01:37 +00:00
let config = Arc::new(config);
2019-10-01 08:27:42 +00:00
let domain = "tls-v1-2.badssl.com";
2019-02-18 12:01:37 +00:00
2019-10-01 08:27:42 +00:00
let (_, output) = get(config.clone(), domain, 1012).await?;
[DRAFT] update `tokio-rustls` to `rustls` 0.20.x (#64) * update to rustls 0.20 Signed-off-by: Eliza Weisman <eliza@buoyant.io> * track simple renamings in rustls Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use reader/writer methods Signed-off-by: Eliza Weisman <eliza@buoyant.io> * fix find and replace Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use rustls-pemfile crate for pem file parsing Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update misc api breakage Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update client example with api changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update server example with new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update test_stream test Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update tests to use new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * rm unused imports Signed-off-by: Eliza Weisman <eliza@buoyant.io> * handle rustls `WouldBlock` on eof Signed-off-by: Eliza Weisman <eliza@buoyant.io> * expect rustls to return wouldblock in tests Signed-off-by: Eliza Weisman <eliza@buoyant.io> * i think this is *actually* the right EOF behavior Signed-off-by: Eliza Weisman <eliza@buoyant.io> * bump version Signed-off-by: Eliza Weisman <eliza@buoyant.io> * okay that seems to fix it Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update to track builder API changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * actually shutdown read side on close notify Signed-off-by: Eliza Weisman <eliza@buoyant.io> * Further updates to rustls 0.20 (#68) * Adapt to RootCertStore API changes * Handle UnexpectedEof errors * Rename would_block to io_pending * Try to make badssl test failures more verbose * Rebuild AsyncRead impl * Upgrade to current rustls * Revert to using assert!() * Update to rustls 0.20 * Forward rustls features Co-authored-by: Dirkjan Ochtman <dirkjan@ochtman.nl>
2021-09-28 17:01:37 +00:00
assert!(
output.contains("<title>tls-v1-2.badssl.com</title>"),
"failed badssl test, output: {}",
output
);
2019-02-18 12:01:37 +00:00
2019-10-01 08:27:42 +00:00
Ok(())
}
2019-10-31 16:04:06 +00:00
#[ignore]
2019-10-01 08:27:42 +00:00
#[should_panic]
#[test]
fn test_tls13() {
unimplemented!("todo https://github.com/chromium/badssl.com/pull/373");
}
2019-02-18 12:01:37 +00:00
2019-10-01 08:27:42 +00:00
#[tokio::test]
async fn test_modern() -> io::Result<()> {
[DRAFT] update `tokio-rustls` to `rustls` 0.20.x (#64) * update to rustls 0.20 Signed-off-by: Eliza Weisman <eliza@buoyant.io> * track simple renamings in rustls Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use reader/writer methods Signed-off-by: Eliza Weisman <eliza@buoyant.io> * fix find and replace Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use rustls-pemfile crate for pem file parsing Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update misc api breakage Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update client example with api changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update server example with new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update test_stream test Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update tests to use new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * rm unused imports Signed-off-by: Eliza Weisman <eliza@buoyant.io> * handle rustls `WouldBlock` on eof Signed-off-by: Eliza Weisman <eliza@buoyant.io> * expect rustls to return wouldblock in tests Signed-off-by: Eliza Weisman <eliza@buoyant.io> * i think this is *actually* the right EOF behavior Signed-off-by: Eliza Weisman <eliza@buoyant.io> * bump version Signed-off-by: Eliza Weisman <eliza@buoyant.io> * okay that seems to fix it Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update to track builder API changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * actually shutdown read side on close notify Signed-off-by: Eliza Weisman <eliza@buoyant.io> * Further updates to rustls 0.20 (#68) * Adapt to RootCertStore API changes * Handle UnexpectedEof errors * Rename would_block to io_pending * Try to make badssl test failures more verbose * Rebuild AsyncRead impl * Upgrade to current rustls * Revert to using assert!() * Update to rustls 0.20 * Forward rustls features Co-authored-by: Dirkjan Ochtman <dirkjan@ochtman.nl>
2021-09-28 17:01:37 +00:00
let mut root_store = rustls::RootCertStore::empty();
root_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
OwnedTrustAnchor::from_subject_spki_name_constraints(
ta.subject,
ta.spki,
ta.name_constraints,
)
}));
let config = rustls::ClientConfig::builder()
.with_safe_defaults()
.with_root_certificates(root_store)
.with_no_client_auth();
2019-10-01 08:27:42 +00:00
let config = Arc::new(config);
let domain = "mozilla-modern.badssl.com";
let (_, output) = get(config.clone(), domain, 443).await?;
[DRAFT] update `tokio-rustls` to `rustls` 0.20.x (#64) * update to rustls 0.20 Signed-off-by: Eliza Weisman <eliza@buoyant.io> * track simple renamings in rustls Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use reader/writer methods Signed-off-by: Eliza Weisman <eliza@buoyant.io> * fix find and replace Signed-off-by: Eliza Weisman <eliza@buoyant.io> * use rustls-pemfile crate for pem file parsing Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update misc api breakage Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update client example with api changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update server example with new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update test_stream test Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update tests to use new APIs Signed-off-by: Eliza Weisman <eliza@buoyant.io> * rm unused imports Signed-off-by: Eliza Weisman <eliza@buoyant.io> * handle rustls `WouldBlock` on eof Signed-off-by: Eliza Weisman <eliza@buoyant.io> * expect rustls to return wouldblock in tests Signed-off-by: Eliza Weisman <eliza@buoyant.io> * i think this is *actually* the right EOF behavior Signed-off-by: Eliza Weisman <eliza@buoyant.io> * bump version Signed-off-by: Eliza Weisman <eliza@buoyant.io> * okay that seems to fix it Signed-off-by: Eliza Weisman <eliza@buoyant.io> * update to track builder API changes Signed-off-by: Eliza Weisman <eliza@buoyant.io> * actually shutdown read side on close notify Signed-off-by: Eliza Weisman <eliza@buoyant.io> * Further updates to rustls 0.20 (#68) * Adapt to RootCertStore API changes * Handle UnexpectedEof errors * Rename would_block to io_pending * Try to make badssl test failures more verbose * Rebuild AsyncRead impl * Upgrade to current rustls * Revert to using assert!() * Update to rustls 0.20 * Forward rustls features Co-authored-by: Dirkjan Ochtman <dirkjan@ochtman.nl>
2021-09-28 17:01:37 +00:00
assert!(
output.contains("<title>mozilla-modern.badssl.com</title>"),
"failed badssl test, output: {}",
output
);
2019-08-10 16:00:49 +00:00
Ok(())
2019-02-18 12:01:37 +00:00
}