mirror of
https://github.com/dart-lang/sdk
synced 2024-09-18 22:01:19 +00:00
c286b76c2d
TESTED=unit + manually tested user issue. Bug: https://github.com/dart-lang/sdk/issues/47841 Change-Id: Iad13899135fd34f15abba3a499132d88e7f597dc Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/234821 Reviewed-by: Alexander Aprelev <aam@google.com> Commit-Queue: Brian Quinlan <bquinlan@google.com>
84 lines
2.7 KiB
Dart
84 lines
2.7 KiB
Dart
// Copyright (c) 2022, the Dart project authors. Please see the AUTHORS file
|
|
// for details. All rights reserved. Use of this source code is governed by a
|
|
// BSD-style license that can be found in the LICENSE file.
|
|
//
|
|
// VMOptions=
|
|
// VMOptions=--short_socket_read
|
|
// VMOptions=--short_socket_write
|
|
// VMOptions=--short_socket_read --short_socket_write
|
|
// OtherResources=certificates/server_chain.pem
|
|
// OtherResources=certificates/server_key.pem
|
|
// OtherResources=certificates/trusted_certs.pem
|
|
//
|
|
// It is not possible to initiate TLS-renegotiation from a pure-Dart server so
|
|
// just test that the `allowLegacyUnsafeRenegotiation` in `SecurityContext`
|
|
// does not affect connections that do *not* do renegotiation.
|
|
|
|
// @dart = 2.9
|
|
|
|
import "dart:async";
|
|
import 'dart:convert';
|
|
import "dart:io";
|
|
|
|
import "package:async_helper/async_helper.dart";
|
|
import "package:expect/expect.dart";
|
|
|
|
InternetAddress HOST;
|
|
|
|
String localFile(path) => Platform.script.resolve(path).toFilePath();
|
|
|
|
SecurityContext serverContext = new SecurityContext()
|
|
..useCertificateChain(localFile('certificates/server_chain.pem'))
|
|
..usePrivateKey(localFile('certificates/server_key.pem'),
|
|
password: 'dartdart');
|
|
|
|
Future<SecureServerSocket> startEchoServer() {
|
|
return SecureServerSocket.bind(HOST, 0, serverContext).then((server) {
|
|
server.listen((SecureSocket client) {
|
|
client.fold<List<int>>(
|
|
<int>[], (message, data) => message..addAll(data)).then((message) {
|
|
client.add(message);
|
|
client.close();
|
|
});
|
|
});
|
|
return server;
|
|
});
|
|
}
|
|
|
|
testSuccess(SecureServerSocket server) async {
|
|
// NOTE: this test only verifies that `allowLegacyUnsafeRenegotiation` does
|
|
// not cause incorrect behavior when enabled - the server does *not* actually
|
|
// trigger TLS renegotiation.
|
|
SecurityContext clientContext = new SecurityContext()
|
|
..allowLegacyUnsafeRenegotiation = true
|
|
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
|
|
|
|
await SecureSocket.connect(HOST, server.port, context: clientContext)
|
|
.then((socket) async {
|
|
socket.write("Hello server.");
|
|
socket.close();
|
|
Expect.isTrue(await utf8.decoder.bind(socket).contains("Hello server."));
|
|
});
|
|
}
|
|
|
|
testProperty() {
|
|
SecurityContext context = new SecurityContext();
|
|
Expect.isFalse(context.allowLegacyUnsafeRenegotiation);
|
|
context.allowLegacyUnsafeRenegotiation = true;
|
|
Expect.isTrue(context.allowLegacyUnsafeRenegotiation);
|
|
context.allowLegacyUnsafeRenegotiation = false;
|
|
Expect.isFalse(context.allowLegacyUnsafeRenegotiation);
|
|
}
|
|
|
|
void main() async {
|
|
asyncStart();
|
|
await InternetAddress.lookup("localhost").then((hosts) => HOST = hosts.first);
|
|
final server = await startEchoServer();
|
|
|
|
await testSuccess(server);
|
|
testProperty();
|
|
|
|
await server.close();
|
|
asyncEnd();
|
|
}
|