-
Notifications
You must be signed in to change notification settings - Fork 1.4k
/
test_integration_ssl.rb
117 lines (96 loc) · 2.91 KB
/
test_integration_ssl.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
require_relative 'helper'
require_relative "helpers/integration"
# These tests are used to verify that Puma works with SSL sockets. Only
# integration tests isolate the server from the test environment, so there
# should be a few SSL tests.
#
# For instance, since other tests make use of 'client' SSLSockets created by
# net/http, OpenSSL is loaded in the CI process. By shelling out with IO.popen,
# the server process isn't affected by whatever is loaded in the CI process.
class TestIntegrationSSL < TestIntegration
parallelize_me! if ::Puma.mri?
require "net/http"
require "openssl"
def setup
@bind_port = UniquePort.call
@control_tcp_port = UniquePort.call
@default_config = <<RUBY
if ::Puma.jruby?
keystore = '#{File.expand_path '../examples/puma/keystore.jks', __dir__}'
keystore_pass = 'jruby_puma'
ssl_bind '#{HOST}', '#{@bind_port}', {
keystore: keystore,
keystore_pass: keystore_pass,
verify_mode: 'none'
}
else
key = '#{File.expand_path '../examples/puma/puma_keypair.pem', __dir__}'
cert = '#{File.expand_path '../examples/puma/cert_puma.pem', __dir__}'
ssl_bind '#{HOST}', '#{@bind_port}', {
cert: cert,
key: key,
verify_mode: 'none'
}
end
activate_control_app 'tcp://#{HOST}:#{@control_tcp_port}', { auth_token: '#{TOKEN}' }
app do |env|
[200, {}, [env['rack.url_scheme']]]
end
RUBY
@localhost_config = <<RUBY
require 'localhost/authority'
ssl_bind '#{HOST}', '#{@bind_port}'
activate_control_app 'tcp://#{HOST}:#{@control_tcp_port}', { auth_token: '#{TOKEN}' }
app do |env|
[200, {}, [env['rack.url_scheme']]]
end
RUBY
super
end
def teardown
@server.close unless @server.closed?
@server = nil
super
end
def generate_config(config)
config_file = Tempfile.new %w(config .rb)
config_file.write(config)
config_file.close
config_file.path
end
def start_server(cmd)
@server = IO.popen cmd, 'r'
wait_for_server_to_boot
@pid = @server.pid
@http = Net::HTTP.new HOST, @bind_port
@http.use_ssl = true
@http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end
def stop_server
sock = TCPSocket.new HOST, @control_tcp_port
@ios_to_close << sock
sock.syswrite "GET /stop?token=#{TOKEN} HTTP/1.1\r\n\r\n"
sock.read
assert_match 'Goodbye!', @server.read
end
def test_ssl_run
body = nil
start_server("#{BASE} bin/puma -C #{generate_config(@default_config)}")
@http.start do
req = Net::HTTP::Get.new '/', {}
@http.request(req) { |resp| body = resp.body }
end
assert_equal 'https', body
stop_server
end
def test_ssl_run_with_localhost_authority
body = nil
start_server("#{BASE} bin/puma -C #{generate_config(@localhost_config)}")
@http.start do
req = Net::HTTP::Get.new '/', {}
@http.request(req) { |resp| body = resp.body }
end
assert_equal 'https', body
stop_server
end unless ::Puma::IS_JRUBY
end if ::Puma::HAS_SSL