mirror of
https://github.com/golang/go
synced 2024-09-28 17:24:28 -06:00
[release-branch.go1.12] crypto/tls: remove TestVerifyHostnameResumed
Session resumption is not a reliable TLS behavior: the server can decide
to reject a session ticket for a number of reasons, or no reason at all.
This makes this non-hermetic test extremely brittle.
It's currently broken on the builders for both TLS 1.2 and TLS 1.3, and
I could reproduce the issue for TLS 1.3 only. As I was debugging it, it
started passing entirely on my machine.
In practice, it doesn't get us any coverage as resumption is already
tested with the recorded exchange tests, and TestVerifyHostname still
provides a smoke test checking that we can in fact talk TLS.
Updates #32978
Change-Id: I63505e22ff7704f25ad700d46e4ff14850ba5d3c
Reviewed-on: https://go-review.googlesource.com/c/go/+/186239
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
(cherry-picked from 20e4540e90
)
Reviewed-on: https://go-review.googlesource.com/c/go/+/186277
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
This commit is contained in:
parent
7f416b4f04
commit
8759b53147
@ -370,47 +370,6 @@ func TestVerifyHostname(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestVerifyHostnameResumed(t *testing.T) {
|
||||
t.Run("TLSv12", func(t *testing.T) { testVerifyHostnameResumed(t, VersionTLS12) })
|
||||
t.Run("TLSv13", func(t *testing.T) { testVerifyHostnameResumed(t, VersionTLS13) })
|
||||
}
|
||||
|
||||
func testVerifyHostnameResumed(t *testing.T, version uint16) {
|
||||
testenv.MustHaveExternalNetwork(t)
|
||||
|
||||
config := &Config{
|
||||
MaxVersion: version,
|
||||
ClientSessionCache: NewLRUClientSessionCache(32),
|
||||
}
|
||||
for i := 0; i < 2; i++ {
|
||||
c, err := Dial("tcp", "mail.google.com:https", config)
|
||||
if err != nil {
|
||||
t.Fatalf("Dial #%d: %v", i, err)
|
||||
}
|
||||
cs := c.ConnectionState()
|
||||
if i > 0 && !cs.DidResume {
|
||||
t.Fatalf("Subsequent connection unexpectedly didn't resume")
|
||||
}
|
||||
if cs.Version != version {
|
||||
t.Fatalf("Unexpectedly negotiated version %x", cs.Version)
|
||||
}
|
||||
if cs.VerifiedChains == nil {
|
||||
t.Fatalf("Dial #%d: cs.VerifiedChains == nil", i)
|
||||
}
|
||||
if err := c.VerifyHostname("mail.google.com"); err != nil {
|
||||
t.Fatalf("verify mail.google.com #%d: %v", i, err)
|
||||
}
|
||||
// Give the client a chance to read the server session tickets.
|
||||
c.SetReadDeadline(time.Now().Add(500 * time.Millisecond))
|
||||
if _, err := c.Read(make([]byte, 1)); err != nil {
|
||||
if err, ok := err.(net.Error); !ok || !err.Timeout() {
|
||||
t.Fatal(err)
|
||||
}
|
||||
}
|
||||
c.Close()
|
||||
}
|
||||
}
|
||||
|
||||
func TestConnCloseBreakingWrite(t *testing.T) {
|
||||
ln := newLocalListener(t)
|
||||
defer ln.Close()
|
||||
|
Loading…
Reference in New Issue
Block a user