wechaty-puppet-service
Version:
Puppet Service for Wechaty
115 lines • 4.4 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const tstest_1 = require("tstest");
const https_1 = __importDefault(require("https"));
const envVar = __importStar(require("./env-vars.js"));
const ca_js_1 = require("./ca.js");
(0, tstest_1.test)('CA smoke testing', async (t) => {
const ca = envVar.WECHATY_PUPPET_SERVICE_TLS_CA_CERT() || ca_js_1.TLS_CA_CERT;
const cert = envVar.WECHATY_PUPPET_SERVICE_TLS_SERVER_CERT() || ca_js_1.TLS_INSECURE_SERVER_CERT;
const key = envVar.WECHATY_PUPPET_SERVICE_TLS_SERVER_KEY() || ca_js_1.TLS_INSECURE_SERVER_KEY;
const server = https_1.default.createServer({
cert,
key,
});
const ALIVE = 'Alive!\n';
server.on('request', (_req, res) => {
res.writeHead(200);
res.end(ALIVE);
});
server.listen();
const port = server.address().port;
const reply = await new Promise((resolve, reject) => {
https_1.default.request({
ca,
hostname: '127.0.0.1',
method: 'GET',
path: '/',
port,
servername: ca_js_1.TLS_INSECURE_SERVER_CERT_COMMON_NAME,
}, res => {
res.on('data', chunk => resolve(chunk.toString()));
res.on('error', reject);
}).end();
});
server.close();
t.equal(reply, ALIVE, 'should get https server reply');
});
(0, tstest_1.test)('CA SNI tests', async (t) => {
const ca = envVar.WECHATY_PUPPET_SERVICE_TLS_CA_CERT() || ca_js_1.TLS_CA_CERT;
const cert = envVar.WECHATY_PUPPET_SERVICE_TLS_SERVER_CERT() || ca_js_1.TLS_INSECURE_SERVER_CERT;
const key = envVar.WECHATY_PUPPET_SERVICE_TLS_SERVER_KEY() || ca_js_1.TLS_INSECURE_SERVER_KEY;
const server = https_1.default.createServer({
cert,
key,
});
server.on('request', (_req, res) => {
res.writeHead(200);
res.end(ALIVE);
});
server.listen();
const port = server.address().port;
const ALIVE = 'Alive!\n';
const SNI_TEST_LIST = [
[
ca_js_1.TLS_INSECURE_SERVER_CERT_COMMON_NAME,
true,
],
[
'invalid-sni',
false,
"Hostname/IP does not match certificate's altnames: Host: invalid-sni. is not cert's CN: insecure",
],
];
for (const [SNI, EXPECT, MSG] of SNI_TEST_LIST) {
const result = await new Promise((resolve, reject) => {
https_1.default.request({
ca,
hostname: '127.0.0.1',
method: 'GET',
path: '/',
port,
servername: SNI,
}, res => {
res.on('data', chunk => resolve(chunk.toString() === ALIVE));
res.on('error', reject);
})
.on('error', e => {
// console.info(e.message)
t.equal(e.message, MSG, 'should get the error for invalid SNI: ' + SNI);
resolve(false);
})
.end();
});
t.equal(result, EXPECT, 'should check the SNI: ' + SNI);
}
server.close();
});
//# sourceMappingURL=ca.spec.js.map