1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
require 'em_test_helper'
if EM.ssl?
class TestSslVerify < Test::Unit::TestCase
def setup
$dir = File.dirname(File.expand_path(__FILE__)) + '/'
$cert_from_file = File.read($dir+'client.crt')
end
module Client
def connection_completed
start_tls(:private_key_file => $dir+'client.key', :cert_chain_file => $dir+'client.crt')
end
def ssl_handshake_completed
$client_handshake_completed = true
close_connection
end
def unbind
EM.stop_event_loop
end
end
module AcceptServer
def post_init
start_tls(:verify_peer => true)
end
def ssl_verify_peer(cert)
$cert_from_server = cert
true
end
def ssl_handshake_completed
$server_handshake_completed = true
end
end
module DenyServer
def post_init
start_tls(:verify_peer => true)
end
def ssl_verify_peer(cert)
$cert_from_server = cert
# Do not accept the peer. This should now cause the connection to shut down without the SSL handshake being completed.
false
end
def ssl_handshake_completed
$server_handshake_completed = true
end
end
def test_accept_server
$client_handshake_completed, $server_handshake_completed = false, false
EM.run {
EM.start_server("127.0.0.1", 16784, AcceptServer)
EM.connect("127.0.0.1", 16784, Client).instance_variable_get("@signature")
}
assert_equal($cert_from_file, $cert_from_server)
assert($client_handshake_completed)
assert($server_handshake_completed)
end
def test_deny_server
$client_handshake_completed, $server_handshake_completed = false, false
EM.run {
EM.start_server("127.0.0.1", 16784, DenyServer)
EM.connect("127.0.0.1", 16784, Client)
}
assert_equal($cert_from_file, $cert_from_server)
assert(!$client_handshake_completed)
assert(!$server_handshake_completed)
end
end
else
warn "EM built without SSL support, skipping tests in #{__FILE__}"
end
|
