tests: Backport tls for etcdctl

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
This commit is contained in:
Marek Siarkowicz
2023-03-16 13:47:34 +01:00
parent 46d6c1d7b2
commit 00e1e5db21
8 changed files with 41 additions and 19 deletions

View File

@@ -84,7 +84,7 @@ var (
// member, ensuring restarted members can listen on the same port again.
localListenCount = int64(0)
testTLSInfo = transport.TLSInfo{
TestTLSInfo = transport.TLSInfo{
KeyFile: MustAbsPath("../fixtures/server.key.insecure"),
CertFile: MustAbsPath("../fixtures/server.crt"),
TrustedCAFile: MustAbsPath("../fixtures/ca.crt"),

View File

@@ -52,7 +52,7 @@ func testCluster(t *testing.T, size int) {
func TestTLSClusterOf3(t *testing.T) {
BeforeTest(t)
c := NewClusterByConfig(t, &ClusterConfig{Size: 3, PeerTLS: &testTLSInfo})
c := NewClusterByConfig(t, &ClusterConfig{Size: 3, PeerTLS: &TestTLSInfo})
c.Launch(t)
defer c.Terminate(t)
clusterMustProgress(t, c.Members)
@@ -111,7 +111,7 @@ func TestTLSClusterOf3UsingDiscovery(t *testing.T) {
c := NewClusterByConfig(t,
&ClusterConfig{
Size: 3,
PeerTLS: &testTLSInfo,
PeerTLS: &TestTLSInfo,
DiscoveryURL: dc.URL(0) + "/v2/keys"},
)
c.Launch(t)
@@ -136,7 +136,7 @@ func testDoubleClusterSize(t *testing.T, size int) {
func TestDoubleTLSClusterSizeOf3(t *testing.T) {
BeforeTest(t)
c := NewClusterByConfig(t, &ClusterConfig{Size: 3, PeerTLS: &testTLSInfo})
c := NewClusterByConfig(t, &ClusterConfig{Size: 3, PeerTLS: &TestTLSInfo})
c.Launch(t)
defer c.Terminate(t)

View File

@@ -121,8 +121,8 @@ func TestAuthority(t *testing.T) {
func setupTLS(t *testing.T, useTLS bool, cfg ClusterConfig) (ClusterConfig, *tls.Config) {
t.Helper()
if useTLS {
cfg.ClientTLS = &testTLSInfo
tlsConfig, err := testTLSInfo.ClientConfig()
cfg.ClientTLS = &TestTLSInfo
tlsConfig, err := TestTLSInfo.ClientConfig()
if err != nil {
t.Fatal(err)
}

View File

@@ -1554,7 +1554,7 @@ func newClusterV3NoClients(t *testing.T, cfg *ClusterConfig) *ClusterV3 {
func TestTLSGRPCRejectInsecureClient(t *testing.T) {
BeforeTest(t)
cfg := ClusterConfig{Size: 3, ClientTLS: &testTLSInfo}
cfg := ClusterConfig{Size: 3, ClientTLS: &TestTLSInfo}
clus := newClusterV3NoClients(t, &cfg)
defer clus.Terminate(t)
@@ -1593,7 +1593,7 @@ func TestTLSGRPCRejectSecureClient(t *testing.T) {
clus := newClusterV3NoClients(t, &cfg)
defer clus.Terminate(t)
clus.Members[0].ClientTLSInfo = &testTLSInfo
clus.Members[0].ClientTLSInfo = &TestTLSInfo
clus.Members[0].DialOptions = []grpc.DialOption{grpc.WithBlock()}
clus.Members[0].grpcURL = strings.Replace(clus.Members[0].grpcURL, "http://", "https://", 1)
client, err := NewClientV3(clus.Members[0])
@@ -1609,7 +1609,7 @@ func TestTLSGRPCRejectSecureClient(t *testing.T) {
func TestTLSGRPCAcceptSecureAll(t *testing.T) {
BeforeTest(t)
cfg := ClusterConfig{Size: 3, ClientTLS: &testTLSInfo}
cfg := ClusterConfig{Size: 3, ClientTLS: &TestTLSInfo}
clus := newClusterV3NoClients(t, &cfg)
defer clus.Terminate(t)
@@ -1649,7 +1649,7 @@ func TestTLSReloadAtomicReplace(t *testing.T) {
defer os.RemoveAll(certsDirExp)
cloneFunc := func() transport.TLSInfo {
tlsInfo, terr := copyTLSFiles(testTLSInfo, certsDir)
tlsInfo, terr := copyTLSFiles(TestTLSInfo, certsDir)
if terr != nil {
t.Fatal(terr)
}
@@ -1695,7 +1695,7 @@ func TestTLSReloadCopy(t *testing.T) {
defer os.RemoveAll(certsDir)
cloneFunc := func() transport.TLSInfo {
tlsInfo, terr := copyTLSFiles(testTLSInfo, certsDir)
tlsInfo, terr := copyTLSFiles(TestTLSInfo, certsDir)
if terr != nil {
t.Fatal(terr)
}
@@ -1707,7 +1707,7 @@ func TestTLSReloadCopy(t *testing.T) {
}
}
revertFunc := func() {
if _, err = copyTLSFiles(testTLSInfo, certsDir); err != nil {
if _, err = copyTLSFiles(TestTLSInfo, certsDir); err != nil {
t.Fatal(err)
}
}

View File

@@ -41,7 +41,7 @@ func testTLSCipherSuites(t *testing.T, valid bool) {
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
}
srvTLS, cliTLS := testTLSInfo, testTLSInfo
srvTLS, cliTLS := TestTLSInfo, TestTLSInfo
if valid {
srvTLS.CipherSuites, cliTLS.CipherSuites = cipherSuites, cipherSuites
} else {
@@ -112,7 +112,7 @@ func TestTLSMinMaxVersion(t *testing.T) {
}
// Configure server to support TLS 1.3 only.
srvTLS := testTLSInfo
srvTLS := TestTLSInfo
srvTLS.MinVersion = tls.VersionTLS13
srvTLS.MaxVersion = tls.VersionTLS13
clus := NewClusterV3(t, &ClusterConfig{Size: 1, ClientTLS: &srvTLS})
@@ -120,7 +120,7 @@ func TestTLSMinMaxVersion(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
cc, err := testTLSInfo.ClientConfig()
cc, err := TestTLSInfo.ClientConfig()
assert.NoError(t, err)
cc.MinVersion = tt.minVersion