Skip to content

Commit de8e2f5

Browse files
howardjohndjc
howardjohn
authored and
djc
committed
Add tests for holding back alerts
1 parent e6e3525 commit de8e2f5

File tree

1 file changed

+71
-0
lines changed

1 file changed

+71
-0
lines changed

tests/test.rs

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -318,6 +318,77 @@ async fn lazy_config_acceptor_alert() {
318318
assert_eq!(received, fatal_alert_decode_error)
319319
}
320320

321+
#[tokio::test]
322+
async fn lazy_config_acceptor_return_http() {
323+
let (mut cstream, sstream) = tokio::io::duplex(1024);
324+
325+
let (tx, rx) = oneshot::channel();
326+
327+
tokio::spawn(async move {
328+
// This is write instead of write_all because of the short duplex size, which is necessarily
329+
// symmetrical. We never finish writing because the LazyConfigAcceptor returns an error
330+
let _ = cstream.write(b"not tls").await;
331+
let mut buf = Vec::new();
332+
cstream.read_to_end(&mut buf).await.unwrap();
333+
tx.send(buf).unwrap();
334+
});
335+
336+
let acceptor =
337+
LazyConfigAcceptor::new(rustls::server::Acceptor::default(), sstream).send_alert(false);
338+
tokio::pin!(acceptor);
339+
340+
let Ok(accept_result) = time::timeout(Duration::from_secs(3), acceptor.as_mut()).await else {
341+
panic!("timeout");
342+
};
343+
344+
assert!(accept_result.is_err());
345+
let mut io = acceptor.take_io().unwrap();
346+
io.write_all(b"HTTP/1.1 400 Invalid Input\r\n\r\n\r\nNot TLS\n")
347+
.await
348+
.unwrap();
349+
io.shutdown().await.unwrap();
350+
351+
let Ok(Ok(received)) = time::timeout(Duration::from_secs(3), rx).await else {
352+
panic!("failed to receive");
353+
};
354+
355+
let recv = b"HTTP/1.1 400 Invalid Input\r\n\r\n\r\nNot TLS\n";
356+
assert_eq!(received, recv)
357+
}
358+
359+
#[tokio::test]
360+
async fn lazy_config_acceptor_manual_alert() {
361+
let (mut cstream, sstream) = tokio::io::duplex(2);
362+
363+
let (tx, rx) = oneshot::channel();
364+
365+
tokio::spawn(async move {
366+
// This is write instead of write_all because of the short duplex size, which is necessarily
367+
// symmetrical. We never finish writing because the LazyConfigAcceptor returns an error
368+
let _ = cstream.write(b"not tls").await;
369+
let mut buf = Vec::new();
370+
cstream.read_to_end(&mut buf).await.unwrap();
371+
tx.send(buf).unwrap();
372+
});
373+
374+
let acceptor =
375+
LazyConfigAcceptor::new(rustls::server::Acceptor::default(), sstream).send_alert(false);
376+
tokio::pin!(acceptor);
377+
378+
let Ok(accept_result) = time::timeout(Duration::from_secs(3), acceptor.as_mut()).await else {
379+
panic!("timeout");
380+
};
381+
382+
assert!(accept_result.is_err());
383+
acceptor.write_alert().await.unwrap();
384+
let Ok(Ok(received)) = time::timeout(Duration::from_secs(3), rx).await else {
385+
panic!("failed to receive");
386+
};
387+
388+
let fatal_alert_decode_error = b"\x15\x03\x03\x00\x02\x02\x32";
389+
assert_eq!(received, fatal_alert_decode_error)
390+
}
391+
321392
#[tokio::test]
322393
async fn handshake_flush_pending() -> io::Result<()> {
323394
pass_impl(utils::FlushWrapper::new, false).await

0 commit comments

Comments
 (0)