/
test_binder.rb
183 lines (135 loc) · 4.99 KB
/
test_binder.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
# frozen_string_literal: true
require_relative "helper"
require "puma/binder"
require "puma/puma_http11"
class TestBinderBase < Minitest::Test
def setup
@events = Puma::Events.strings
@binder = Puma::Binder.new(@events)
end
private
def key
@key ||= File.expand_path "../../examples/puma/puma_keypair.pem", __FILE__
end
def cert
@cert ||= File.expand_path "../../examples/puma/cert_puma.pem", __FILE__
end
def ssl_context_for_binder(binder)
binder.instance_variable_get(:@ios)[0].instance_variable_get(:@ctx)
end
end
class TestBinder < TestBinderBase
def test_localhost_addresses_dont_alter_listeners_for_tcp_addresses
@binder.parse(["tcp://localhost:10001"], @events)
assert_equal [], @binder.instance_variable_get(:@listeners)
end
def test_correct_zero_port
@binder.parse(["tcp://localhost:0"], @events)
m = %r!tcp://127.0.0.1:(\d+)!.match(@events.stdout.string)
port = m[1].to_i
refute_equal 0, port
end
def test_logs_all_localhost_bindings
@binder.parse(["tcp://localhost:0"], @events)
assert_match %r!tcp://127.0.0.1:(\d+)!, @events.stdout.string
if @binder.loopback_addresses.include?("::1")
assert_match %r!tcp://\[::1\]:(\d+)!, @events.stdout.string
end
end
def test_correct_zero_port_ssl
skip("Implement in 4.3")
@binder.parse(["ssl://localhost:0?key=#{key}&cert=#{cert}"], @events)
stdout = @events.stdout.string
m = %r!tcp://127.0.0.1:(\d+)!.match(stdout)
port = m[1].to_i
refute_equal 0, port
assert_match %r!ssl://127.0.0.1:(\d+)!, stdout
if @binder.loopback_addresses.include?("::1")
assert_match %r!ssl://\[::1\]:(\d+)!, stdout
end
end
def test_correct_doublebind
@binder.parse(["ssl://localhost:0?key=#{key}&cert=#{cert}", "tcp://localhost:0"], @events)
stdout = @events.stdout.string
%w[tcp ssl].each do |prot|
assert_match %r!#{prot}://127.0.0.1:(\d+)!, stdout
if @binder.loopback_addresses.include?("::1")
assert_match %r!#{prot}://\[::1\]:(\d+)!, stdout
end
end
end
def test_allows_both_unix_and_tcp
assert_parsing_logs_uri [:unix, :tcp]
end
def test_allows_both_tcp_and_unix
assert_parsing_logs_uri [:tcp, :unix]
end
private
def assert_parsing_logs_uri(order = [:unix, :tcp])
skip UNIX_SKT_MSG unless UNIX_SKT_EXIST
path_unix = "test/#{name}_server.sock"
uri_unix = "unix://#{path_unix}"
uri_tcp = "tcp://127.0.0.1:#{UniquePort.call}"
if order == [:unix, :tcp]
@binder.parse([uri_tcp, uri_unix], @events)
elsif order == [:tcp, :unix]
@binder.parse([uri_unix, uri_tcp], @events)
else
raise ArgumentError
end
stdout = @events.stdout.string
assert stdout.include?(uri_unix), "\n#{stdout}\n"
assert stdout.include?(uri_tcp) , "\n#{stdout}\n"
ensure
@binder.close_unix_paths if UNIX_SKT_EXIST
end
end
class TestBinderJRuby < TestBinderBase
def setup
super
skip_unless :jruby
end
def test_binder_parses_jruby_ssl_options
keystore = File.expand_path "../../examples/puma/keystore.jks", __FILE__
ssl_cipher_list = "TLS_DHE_RSA_WITH_DES_CBC_SHA,TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
@binder.parse(["ssl://0.0.0.0:8080?keystore=#{keystore}&keystore-pass=&ssl_cipher_list=#{ssl_cipher_list}"], @events)
assert_equal keystore, ssl_context_for_binder(@binder).keystore
assert_equal ssl_cipher_list, ssl_context_for_binder(@binder).ssl_cipher_list
end
end
class TestBinderMRI < TestBinderBase
def setup
super
skip_on :jruby
end
def test_localhost_addresses_dont_alter_listeners_for_ssl_addresses
@binder.parse(["ssl://localhost:10002?key=#{key}&cert=#{cert}"], @events)
assert_equal [], @binder.instance_variable_get(:@listeners)
end
def test_binder_parses_ssl_cipher_filter
ssl_cipher_filter = "AES@STRENGTH"
@binder.parse(["ssl://0.0.0.0?key=#{key}&cert=#{cert}&ssl_cipher_filter=#{ssl_cipher_filter}"], @events)
assert_equal ssl_cipher_filter, ssl_context_for_binder(@binder).ssl_cipher_filter
end
def test_binder_parses_tlsv1_disabled
@binder.parse(["ssl://0.0.0.0?key=#{key}&cert=#{cert}&no_tlsv1=true"], @events)
assert ssl_context_for_binder(@binder).no_tlsv1
end
def test_binder_parses_tlsv1_enabled
@binder.parse(["ssl://0.0.0.0?key=#{key}&cert=#{cert}&no_tlsv1=false"], @events)
refute ssl_context_for_binder(@binder).no_tlsv1
end
def test_binder_parses_tlsv1_tlsv1_1_unspecified_defaults_to_enabled
@binder.parse(["ssl://0.0.0.0?key=#{key}&cert=#{cert}"], @events)
refute ssl_context_for_binder(@binder).no_tlsv1
refute ssl_context_for_binder(@binder).no_tlsv1_1
end
def test_binder_parses_tlsv1_1_disabled
@binder.parse(["ssl://0.0.0.0?key=#{key}&cert=#{cert}&no_tlsv1_1=true"], @events)
assert ssl_context_for_binder(@binder).no_tlsv1_1
end
def test_binder_parses_tlsv1_1_enabled
@binder.parse(["ssl://0.0.0.0?key=#{key}&cert=#{cert}&no_tlsv1_1=false"], @events)
refute ssl_context_for_binder(@binder).no_tlsv1_1
end
end