luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

connect: fix test for go1.16 

There is no way to compare x509.CertPools now that it has an unexpected
function field. This comparison is as close as we can get.

See https://github.com/golang/go/issues/26614 for a related issue.
This commit is contained in:
Daniel Nephin 2021-04-13 13:25:45 -04:00
parent 6df4d60675
commit 7f65880829
1 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
connect/tls_test.go
View File

@ -6,13 +6,15 @@ import (
"encoding/pem"
"testing"
"github.com/hashicorp/consul/sdk/testutil"
"github.com/hashicorp/consul/testrpc"
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
"github.com/stretchr/testify/require"
"github.com/hashicorp/consul/agent"
"github.com/hashicorp/consul/agent/connect"
"github.com/hashicorp/consul/api"
"github.com/stretchr/testify/require"
"github.com/hashicorp/consul/sdk/testutil"
"github.com/hashicorp/consul/testrpc"
)
func Test_verifyServerCertMatchesURI(t *testing.T) {
@ -266,7 +268,7 @@ func TestServerSideVerifier(t *testing.T) {
func requireEqualTLSConfig(t *testing.T, expect, got *tls.Config) {
require := require.New(t)
require.Equal(expect.RootCAs, got.RootCAs)
require.Equal(expect.ClientCAs, got.ClientCAs)
assertDeepEqual(t, expect.ClientCAs, got.ClientCAs, cmpCertPool)
require.Equal(expect.InsecureSkipVerify, got.InsecureSkipVerify)
require.Equal(expect.MinVersion, got.MinVersion)
require.Equal(expect.CipherSuites, got.CipherSuites)
@ -293,6 +295,19 @@ func requireEqualTLSConfig(t *testing.T, expect, got *tls.Config) {
require.Equal(expectLeaf, gotLeaf)
}
// lazyCerts has a func field which can't be compared.
var cmpCertPool = cmp.Options{
cmpopts.IgnoreFields(x509.CertPool{}, "lazyCerts"),
cmp.AllowUnexported(x509.CertPool{}),
}
func assertDeepEqual(t *testing.T, x, y interface{}, opts ...cmp.Option) {
t.Helper()
if diff := cmp.Diff(x, y, opts...); diff != "" {
t.Fatalf("assertion failed: values are not equal\n--- expected\n+++ actual\n%v", diff)
}
}
// requireCorrectVerifier invokes got.VerifyPeerCertificate and expects the
// tls.Config arg to be returned on the provided channel. This ensures the
// correct verifier func was attached to got.