func TestLogstashTLS(t *testing.T) { certName := "ca_test" ip := net.IP{127, 0, 0, 1} timeout := 2 * time.Second transptest.GenCertsForIPIfMIssing(t, ip, certName) server := transptest.NewMockServerTLS(t, timeout, certName, nil) config := map[string]interface{}{ "hosts": []string{server.Addr()}, "index": testLogstashIndex("logstash-conn-tls"), "timeout": 2, "ssl.certificate_authorities": []string{certName + ".pem"}, } testConnectionType(t, server, testOutputerFactory(t, "", config)) }
func TestLogstashInvalidTLSInsecure(t *testing.T) { certName := "ca_invalid_test" ip := net.IP{1, 2, 3, 4} timeout := 2 * time.Second transptest.GenCertsForIPIfMIssing(t, ip, certName) server := transptest.NewMockServerTLS(t, timeout, certName, nil) config := map[string]interface{}{ "hosts": []string{server.Addr()}, "index": testLogstashIndex("logstash-conn-tls-invalid"), "timeout": 2, "max_retries": 1, "ssl.verification_mode": "none", "ssl.certificate_authorities": []string{certName + ".pem"}, } testConnectionType(t, server, testOutputerFactory(t, "", config)) }
func TestLogstashInvalidTLS(t *testing.T) { certName := "ca_invalid_test" ip := net.IP{1, 2, 3, 4} timeout := 2 * time.Second transptest.GenCertsForIPIfMIssing(t, ip, certName) server := newMockTLSServer(t, timeout, certName) config := map[string]interface{}{ "hosts": []string{server.Addr()}, "index": testLogstashIndex("logstash-tls-invalid"), "timeout": 1, "max_retries": 0, "tls.certificate_authorities": []string{certName + ".pem"}, } var result struct { err error handshakeFail bool signal bool } var wg struct { ready sync.WaitGroup finish sync.WaitGroup } wg.ready.Add(1) // server signaling readiness to client worker wg.finish.Add(2) // server/client signaling test end // server loop go func() { defer wg.finish.Done() wg.ready.Done() client := server.Accept() if server.Err != nil { t.Fatalf("server error: %v", server.Err) } server.Handshake(client) result.handshakeFail = server.Err != nil }() // client loop go func() { defer wg.finish.Done() wg.ready.Wait() output := newTestLumberjackOutput(t, "", config) signal := op.NewSignalChannel() output.PublishEvent(signal, testOptions, testEvent()) result.signal = signal.Wait() == op.SignalCompleted }() // wait shutdown wg.finish.Wait() server.Close() // validate output assert.True(t, result.handshakeFail) assert.False(t, result.signal) }