blob: 16790e1bcbee53434e2969d783572edaf4ba72cd [file] [log] [blame]
// Copyright (c) 2022, the Dart project authors. Please see the AUTHORS file
// for details. All rights reserved. Use of this source code is governed by a
// BSD-style license that can be found in the LICENSE file.
//
// VMOptions=
// VMOptions=--short_socket_read
// VMOptions=--short_socket_write
// VMOptions=--short_socket_read --short_socket_write
// OtherResources=certificates/server_chain.pem
// OtherResources=certificates/server_key.pem
// OtherResources=certificates/trusted_certs.pem
//
// It is not possible to initiate TLS-renegotiation from a pure-Dart server so
// just test that the `allowLegacyUnsafeRenegotiation` in `SecurityContext`
// does not affect connections that do *not* do renegotiation.
// @dart = 2.9
import "dart:async";
import 'dart:convert';
import "dart:io";
import "package:async_helper/async_helper.dart";
import "package:expect/expect.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
Future<SecureServerSocket> startEchoServer() {
return SecureServerSocket.bind(HOST, 0, serverContext).then((server) {
server.listen((SecureSocket client) {
client.fold<List<int>>(
<int>[], (message, data) => message..addAll(data)).then((message) {
client.add(message);
client.close();
});
});
return server;
});
}
testSuccess(SecureServerSocket server) async {
// NOTE: this test only verifies that `allowLegacyUnsafeRenegotiation` does
// not cause incorrect behavior when enabled - the server does *not* actually
// trigger TLS renegotiation.
SecurityContext clientContext = new SecurityContext()
..allowLegacyUnsafeRenegotiation = true
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
await SecureSocket.connect(HOST, server.port, context: clientContext)
.then((socket) async {
socket.write("Hello server.");
socket.close();
Expect.isTrue(await utf8.decoder.bind(socket).contains("Hello server."));
});
}
testProperty() {
SecurityContext context = new SecurityContext();
Expect.isFalse(context.allowLegacyUnsafeRenegotiation);
context.allowLegacyUnsafeRenegotiation = true;
Expect.isTrue(context.allowLegacyUnsafeRenegotiation);
context.allowLegacyUnsafeRenegotiation = false;
Expect.isFalse(context.allowLegacyUnsafeRenegotiation);
}
void main() async {
asyncStart();
await InternetAddress.lookup("localhost").then((hosts) => HOST = hosts.first);
final server = await startEchoServer();
await testSuccess(server);
testProperty();
await server.close();
asyncEnd();
}