File: badssl.rs

package info (click to toggle)
rust-futures-rustls 0.26.0-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 260 kB
  • sloc: makefile: 7; sh: 1
file content (100 lines) | stat: -rw-r--r-- 2,990 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
use std::convert::TryFrom;
use std::io;
use std::net::ToSocketAddrs;
use std::sync::Arc;
use futures_util::io::{AsyncReadExt, AsyncWriteExt};
use rustls::pki_types::CertificateDer;
use rustls_native_certs::load_native_certs;
use smol::net::TcpStream;
use futures_rustls::{
    client::TlsStream,
    rustls::{self, ClientConfig},
    pki_types::{ServerName},
    TlsConnector,
};

async fn get(
    config: Arc<ClientConfig>,
    domain: &str,
    port: u16,
) -> io::Result<(TlsStream<TcpStream>, String)> {
    let connector = TlsConnector::from(config);
    let input = format!("GET / HTTP/1.0\r\nHost: {}\r\n\r\n", domain);

    let addr = (domain, port).to_socket_addrs()?.next().unwrap();
    let domain = ServerName::try_from(domain).unwrap().to_owned();
    let mut buf = Vec::new();

    let stream = TcpStream::connect(&addr).await?;
    let mut stream = connector.connect(domain, stream).await?;
    stream.write_all(input.as_bytes()).await?;
    stream.flush().await?;
    stream.read_to_end(&mut buf).await?;

    Ok((stream, String::from_utf8(buf).unwrap()))
}

#[test]
#[cfg(feature = "tls12")]
#[ignore]
fn test_tls12() -> io::Result<()> {
    let fut = async {
        let mut root_store = rustls::RootCertStore::empty();
        for cert in load_native_certs().expect("could not load platform certs") {
            root_store.add(CertificateDer::from_slice(&cert.0))
                .expect("could not add certificate");
        };
        let config = rustls::ClientConfig::builder_with_protocol_versions(&[&rustls::version::TLS12])
            .with_root_certificates(root_store)
            .with_no_client_auth();

        let config = Arc::new(config);
        let domain = "tls-v1-2.badssl.com";

        let (_, output) = get(config.clone(), domain, 1012).await?;
        assert!(
            output.contains("<title>tls-v1-2.badssl.com</title>"),
            "failed badssl test, output: {}",
            output
        );

        Ok(())
    };

    smol::block_on(fut)
}

#[ignore]
#[should_panic]
#[test]
fn test_tls13() {
    unimplemented!("todo https://github.com/chromium/badssl.com/pull/373");
}

#[test]
#[ignore]
fn test_modern() -> io::Result<()> {
    let fut = async {
        let mut root_store = rustls::RootCertStore::empty();
        for cert in load_native_certs().expect("could not load platform certs") {
            root_store.add(CertificateDer::from_slice(&cert.0))
                .expect("could not add certificate");
        };
        let config = rustls::ClientConfig::builder()
            .with_root_certificates(root_store)
            .with_no_client_auth();
        let config = Arc::new(config);
        let domain = "mozilla-modern.badssl.com";

        let (_, output) = get(config.clone(), domain, 443).await?;
        assert!(
            output.contains("<title>mozilla-modern.badssl.com</title>"),
            "failed badssl test, output: {}",
            output
        );

        Ok(())
    };

    smol::block_on(fut)
}