diff options
| author |  Miek Gieben <miek@miek.nl>
| 2016-08-19 17:14:17 -0700 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2016-08-19 17:14:17 -0700 |
| commit | 9ac3cab1b7b1b1e78f86ce3c6a80fbee312162e6 (patch) | |
| tree | 437e9755927c33af16276ad2602a6da115f948cb /core/https/handshake_test.go | |
| parent | a1989c35231b0e5ea271b2f68d82c1a63e697cd0 (diff) | |
| download | coredns-9ac3cab1b7b1b1e78f86ce3c6a80fbee312162e6.tar.gz coredns-9ac3cab1b7b1b1e78f86ce3c6a80fbee312162e6.tar.zst coredns-9ac3cab1b7b1b1e78f86ce3c6a80fbee312162e6.zip | |
Make CoreDNS a server type plugin for Caddy (#220)
* Make CoreDNS a server type plugin for Caddy
Remove code we don't need and port all middleware over. Fix all tests
and rework the documentation.
Also make `go generate` build a caddy binary which we then copy into
our directory. This means `go build`-builds remain working as-is.
And new etc instances in each etcd test for better isolation.
Fix more tests and rework test.Server with the newer support Caddy offers.
Fix Makefile to support new mode of operation.
Diffstat (limited to 'core/https/handshake_test.go')
| -rw-r--r-- | core/https/handshake_test.go | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/core/https/handshake_test.go b/core/https/handshake_test.go deleted file mode 100644 index cf70eb17d..000000000 --- a/core/https/handshake_test.go +++ /dev/null @@ -1,54 +0,0 @@ -package https - -import ( - "crypto/tls" - "crypto/x509" - "testing" -) - -func TestGetCertificate(t *testing.T) { - defer func() { certCache = make(map[string]Certificate) }() - - hello := &tls.ClientHelloInfo{ServerName: "example.com"} - helloSub := &tls.ClientHelloInfo{ServerName: "sub.example.com"} - helloNoSNI := &tls.ClientHelloInfo{} - helloNoMatch := &tls.ClientHelloInfo{ServerName: "nomatch"} - - // When cache is empty - if cert, err := GetCertificate(hello); err == nil { - t.Errorf("GetCertificate should return error when cache is empty, got: %v", cert) - } - if cert, err := GetCertificate(helloNoSNI); err == nil { - t.Errorf("GetCertificate should return error when cache is empty even if server name is blank, got: %v", cert) - } - - // When cache has one certificate in it (also is default) - defaultCert := Certificate{Names: []string{"example.com", ""}, Certificate: tls.Certificate{Leaf: &x509.Certificate{DNSNames: []string{"example.com"}}}} - certCache[""] = defaultCert - certCache["example.com"] = defaultCert - if cert, err := GetCertificate(hello); err != nil { - t.Errorf("Got an error but shouldn't have, when cert exists in cache: %v", err) - } else if cert.Leaf.DNSNames[0] != "example.com" { - t.Errorf("Got wrong certificate with exact match; expected 'example.com', got: %v", cert) - } - if cert, err := GetCertificate(helloNoSNI); err != nil { - t.Errorf("Got an error with no SNI but shouldn't have, when cert exists in cache: %v", err) - } else if cert.Leaf.DNSNames[0] != "example.com" { - t.Errorf("Got wrong certificate for no SNI; expected 'example.com' as default, got: %v", cert) - } - - // When retrieving wildcard certificate - certCache["*.example.com"] = Certificate{Names: []string{"*.example.com"}, Certificate: tls.Certificate{Leaf: &x509.Certificate{DNSNames: []string{"*.example.com"}}}} - if cert, err := GetCertificate(helloSub); err != nil { - t.Errorf("Didn't get wildcard cert, got: cert=%v, err=%v ", cert, err) - } else if cert.Leaf.DNSNames[0] != "*.example.com" { - t.Errorf("Got wrong certificate, expected wildcard: %v", cert) - } - - // When no certificate matches, the default is returned - if cert, err := GetCertificate(helloNoMatch); err != nil { - t.Errorf("Expected default certificate with no error when no matches, got err: %v", err) - } else if cert.Leaf.DNSNames[0] != "example.com" { - t.Errorf("Expected default cert with no matches, got: %v", cert) - } -} |