mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
Adding test coverage for server-mux.go by creating TestListenAndServeTLS(). (#2493)
Editing config.go to add lock on customConfigPath to avoid race condition when setGlobalConfigPath() and getConfigPath() are called concurrently.
This commit is contained in:
parent
a8052889fe
commit
f2fd8b0265
@ -19,20 +19,27 @@ package cmd
|
|||||||
import (
|
import (
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
"sync"
|
||||||
|
|
||||||
"github.com/minio/go-homedir"
|
"github.com/minio/go-homedir"
|
||||||
)
|
)
|
||||||
|
|
||||||
// configPath for custom config path only for testing purposes
|
// configPath for custom config path only for testing purposes
|
||||||
var customConfigPath string
|
var customConfigPath string
|
||||||
|
var configMu sync.Mutex
|
||||||
|
|
||||||
// Sets a new config path.
|
// Sets a new config path.
|
||||||
func setGlobalConfigPath(configPath string) {
|
func setGlobalConfigPath(configPath string) {
|
||||||
|
configMu.Lock()
|
||||||
|
defer configMu.Unlock()
|
||||||
customConfigPath = configPath
|
customConfigPath = configPath
|
||||||
}
|
}
|
||||||
|
|
||||||
// getConfigPath get server config path
|
// getConfigPath get server config path
|
||||||
func getConfigPath() (string, error) {
|
func getConfigPath() (string, error) {
|
||||||
|
configMu.Lock()
|
||||||
|
defer configMu.Unlock()
|
||||||
|
|
||||||
if customConfigPath != "" {
|
if customConfigPath != "" {
|
||||||
return customConfigPath, nil
|
return customConfigPath, nil
|
||||||
}
|
}
|
||||||
|
@ -18,12 +18,22 @@ package cmd
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"bufio"
|
"bufio"
|
||||||
|
"crypto/rand"
|
||||||
|
"crypto/rsa"
|
||||||
|
"crypto/tls"
|
||||||
|
"crypto/x509"
|
||||||
|
"crypto/x509/pkix"
|
||||||
|
"encoding/pem"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"math/big"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
|
"os"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
"sync"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
@ -147,30 +157,33 @@ func TestListenAndServe(t *testing.T) {
|
|||||||
wait := make(chan struct{})
|
wait := make(chan struct{})
|
||||||
addr := "127.0.0.1:" + strconv.Itoa(getFreePort())
|
addr := "127.0.0.1:" + strconv.Itoa(getFreePort())
|
||||||
errc := make(chan error)
|
errc := make(chan error)
|
||||||
|
once := &sync.Once{}
|
||||||
|
|
||||||
// Create ServerMux and when we receive a request we stop waiting
|
// Create ServerMux and when we receive a request we stop waiting
|
||||||
m := NewMuxServer(addr, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
m := NewMuxServer(addr, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
fmt.Fprint(w, "hello")
|
fmt.Fprint(w, "hello")
|
||||||
close(wait)
|
once.Do(func() { close(wait) })
|
||||||
}))
|
}))
|
||||||
|
|
||||||
// ListenAndServe in a goroutine, but we don't know when it's ready
|
// ListenAndServe in a goroutine, but we don't know when it's ready
|
||||||
go func() { errc <- m.ListenAndServe() }()
|
go func() { errc <- m.ListenAndServe() }()
|
||||||
|
|
||||||
// Make sure we don't block by closing wait after a timeout
|
// Make sure we don't block by closing wait after a timeout
|
||||||
tf := time.AfterFunc(time.Millisecond*100, func() { close(wait) })
|
tf := time.AfterFunc(time.Millisecond*500, func() { errc <- errors.New("Unable to connect to server") })
|
||||||
|
|
||||||
// Keep trying the server until it's accepting connections
|
// Keep trying the server until it's accepting connections
|
||||||
client := http.Client{Timeout: time.Millisecond * 10}
|
go func() {
|
||||||
ok := false
|
client := http.Client{Timeout: time.Millisecond * 10}
|
||||||
for !ok {
|
ok := false
|
||||||
res, _ := client.Get("http://" + addr)
|
for !ok {
|
||||||
if res != nil && res.StatusCode == http.StatusOK {
|
res, _ := client.Get("http://" + addr)
|
||||||
ok = true
|
if res != nil && res.StatusCode == http.StatusOK {
|
||||||
|
ok = true
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
tf.Stop() // Cancel the timeout since we made a successful request
|
tf.Stop() // Cancel the timeout since we made a successful request
|
||||||
|
}()
|
||||||
|
|
||||||
// Block until we get an error or wait closed
|
// Block until we get an error or wait closed
|
||||||
select {
|
select {
|
||||||
@ -183,3 +196,126 @@ func TestListenAndServe(t *testing.T) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestListenAndServeTLS(t *testing.T) {
|
||||||
|
wait := make(chan struct{})
|
||||||
|
addr := "127.0.0.1:" + strconv.Itoa(getFreePort())
|
||||||
|
errc := make(chan error)
|
||||||
|
once := &sync.Once{}
|
||||||
|
|
||||||
|
// Create ServerMux and when we receive a request we stop waiting
|
||||||
|
m := NewMuxServer(addr, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
fmt.Fprint(w, "hello")
|
||||||
|
once.Do(func() { close(wait) })
|
||||||
|
}))
|
||||||
|
|
||||||
|
// Create a cert
|
||||||
|
err := createCertsPath()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
certFile := mustGetCertFile()
|
||||||
|
keyFile := mustGetKeyFile()
|
||||||
|
defer os.RemoveAll(certFile)
|
||||||
|
defer os.RemoveAll(keyFile)
|
||||||
|
|
||||||
|
err = generateTestCert(addr)
|
||||||
|
if err != nil {
|
||||||
|
t.Error(err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// ListenAndServe in a goroutine, but we don't know when it's ready
|
||||||
|
go func() { errc <- m.ListenAndServeTLS(certFile, keyFile) }()
|
||||||
|
|
||||||
|
// Make sure we don't block by closing wait after a timeout
|
||||||
|
tf := time.AfterFunc(time.Millisecond*500, func() { errc <- errors.New("Unable to connect to server") })
|
||||||
|
|
||||||
|
// Keep trying the server until it's accepting connections
|
||||||
|
go func() {
|
||||||
|
tr := &http.Transport{
|
||||||
|
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
|
||||||
|
}
|
||||||
|
client := http.Client{
|
||||||
|
Timeout: time.Millisecond * 10,
|
||||||
|
Transport: tr,
|
||||||
|
}
|
||||||
|
ok := false
|
||||||
|
for !ok {
|
||||||
|
res, _ := client.Get("https://" + addr)
|
||||||
|
if res != nil && res.StatusCode == http.StatusOK {
|
||||||
|
ok = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
tf.Stop() // Cancel the timeout since we made a successful request
|
||||||
|
}()
|
||||||
|
|
||||||
|
// Block until we get an error or wait closed
|
||||||
|
select {
|
||||||
|
case err := <-errc:
|
||||||
|
if err != nil {
|
||||||
|
t.Error(err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
case <-wait:
|
||||||
|
m.Close() // Shutdown the ServerMux
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// generateTestCert creates a cert and a key used for testing only
|
||||||
|
func generateTestCert(host string) error {
|
||||||
|
certPath := mustGetCertFile()
|
||||||
|
keyPath := mustGetKeyFile()
|
||||||
|
priv, err := rsa.GenerateKey(rand.Reader, 2048)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
|
||||||
|
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
template := x509.Certificate{
|
||||||
|
SerialNumber: serialNumber,
|
||||||
|
Subject: pkix.Name{
|
||||||
|
Organization: []string{"Minio Test Cert"},
|
||||||
|
},
|
||||||
|
NotBefore: time.Now(),
|
||||||
|
NotAfter: time.Now().Add(time.Minute * 1),
|
||||||
|
|
||||||
|
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
|
||||||
|
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
|
||||||
|
BasicConstraintsValid: true,
|
||||||
|
}
|
||||||
|
|
||||||
|
if ip := net.ParseIP(host); ip != nil {
|
||||||
|
template.IPAddresses = append(template.IPAddresses, ip)
|
||||||
|
}
|
||||||
|
|
||||||
|
template.IsCA = true
|
||||||
|
template.KeyUsage |= x509.KeyUsageCertSign
|
||||||
|
|
||||||
|
derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
certOut, err := os.Create(certPath)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
|
||||||
|
certOut.Close()
|
||||||
|
|
||||||
|
keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
|
||||||
|
keyOut.Close()
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user