/
envoy.istio
/
mosn
GigaCode
beta
ОбзорЦентр заботыВойти

mosn

Форк
0
Ветки: 7Коммиты: 5251Теги: 39
mosn
/test
/cases
/tls
/
host_tls_test.go 
183 строки · 6.7 Кб
1
//go:build MOSNTest
2
// +build MOSNTest
3


4
package tls
5


6
import (
7
	"testing"
8


9
	. "mosn.io/mosn/test/framework"
10
	"mosn.io/mosn/test/lib"
11
	"mosn.io/mosn/test/lib/mosn"
12
	"mosn.io/mosn/test/lib/xprotocol/boltv1"
13
)
14


15
func TestUpdateHostTLSConfig(t *testing.T) {
16
	Scenario(t, "update host config to tls states", func() {
17
		var m *mosn.MosnOperator
18
		m, _ = lib.InitMosn(hostTLSConfig, lib.CreateConfig(MockBoltServerConfig))
19
		client := lib.CreateClient("bolt", &boltv1.BoltClientConfig{
20
			TargetAddr: "127.0.0.1:2045",
21
			Verify: &boltv1.VerifyConfig{
22
				ExpectedStatusCode: 0,
23
			},
24
		})
25
		Case("make tls connection", func() {
26
			Verify(client.SyncCall(), Equal, true)
27
			Verify(GetTLSConnpoolMetrics(t, m), Equal, int64(0))
28
		})
29
		Case("disable global tls", func() {
30
			DisableTLS(t, true)
31
			// request will be failed
32
			Verify(client.SyncCall(), Equal, false)
33
			Verify(GetTLSConnpoolMetrics(t, m), Equal, int64(1))
34
		})
35
		Case("update router, route to another cluster which tls config is changed", func() {
36
			config := `{
37
				"router_config_name":"router_to_mosn",
38
				"virtual_hosts":[{
39
					"name":"mosn_hosts",
40
					"domains": ["*"],
41
					"routers": [
42
						{
43
							"match":{"headers":[{"name":"service","value":".*"}]},
44
							"route":{"cluster_name":"mosn_cluster_new"}
45
						}
46
					]
47
				}]
48


49
			}`
50
			err := m.UpdateConfig(34901, "router", config)
51
			Verify(err, Equal, nil)
52
			Verify(client.SyncCall(), Equal, false)
53
			Verify(GetTLSConnpoolMetrics(t, m), Equal, int64(2))
54
		})
55
		Case("enable global tls", func() {
56
			DisableTLS(t, false)
57
			Verify(client.SyncCall(), Equal, false)
58
			Verify(GetTLSConnpoolMetrics(t, m), Equal, int64(2))
59
		})
60
	})
61
}
62


63
const hostTLSConfig = `{
64
	"servers":[
65
		{
66
			"default_log_path":"stdout",
67
			"default_log_level": "INFO",
68
			"routers":[
69
				{
70
					"router_config_name":"router_to_mosn",
71
					"virtual_hosts":[{
72
						"name":"mosn_hosts",
73
						"domains": ["*"],
74
						"routers": [
75
							{
76
								"match":{"headers":[{"name":"service","value":".*"}]},
77
								"route":{"cluster_name":"mosn_cluster"}
78
							}
79
						]
80
					}]
81
				},
82
				{
83
					"router_config_name":"router_to_server",
84
					"virtual_hosts":[{
85
						"name":"server_hosts",
86
						"domains": ["*"],
87
						"routers": [
88
							{
89
								"match":{"headers":[{"name":"service","value":".*"}]},
90
								"route":{"cluster_name":"server_cluster"}
91
							}
92
						]
93
					}]
94
				}
95
			],
96
			"listeners":[
97
				{
98
					"address":"127.0.0.1:2045",
99
					"bind_port": true,
100
					"filter_chains": [{
101
						"filters": [
102
							{
103
								"type": "proxy",
104
								"config": {
105
									"downstream_protocol": "X",
106
									"upstream_protocol": "X",
107
									"extend_config": {
108
										 "sub_protocol": "bolt"
109
									},
110
									"router_config_name":"router_to_mosn"
111
								}
112
							}
113
						]
114
					}]
115
				},
116
				{
117
					"address":"127.0.0.1:2046",
118
					"bind_port": true,
119
					"filter_chains": [{
120
						"tls_context":{
121
							"status": true,
122
							"cert_chain": "-----BEGIN CERTIFICATE-----\nMIIDJTCCAg0CAQEwDQYJKoZIhvcNAQELBQAwWzELMAkGA1UEBhMCQ04xCjAIBgNV\nBAgMAWExCjAIBgNVBAcMAWExCjAIBgNVBAoMAWExCjAIBgNVBAsMAWExCjAIBgNV\nBAMMAWExEDAOBgkqhkiG9w0BCQEWAWEwHhcNMTgwNjE0MDMxMzQyWhcNMTkwNjE0\nMDMxMzQyWjBWMQswCQYDVQQGEwJDTjEKMAgGA1UECAwBYTEKMAgGA1UECgwBYTEK\nMAgGA1UECwwBYTERMA8GA1UEAwwIdGVzdC5jb20xEDAOBgkqhkiG9w0BCQEWAWEw\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrPq+Mo0nS3dJU1qGFwlIB\ni9HqRm5RGcfps+0W5LjEhqUKxKUweRrwDaIxpiSqjKeehz9DtLUpXBD29pHuxODU\nVsMH2U1AGWn9l4jMnP6G5iTMPJ3ZTXszeqALe8lm/f807ZA0C7moc+t7/d3+b6d2\nlnwR+yWbIZJUu2qw+HrR0qPpNlBP3EMtlQBOqf4kCl6TfpqrGfc9lW0JjuE6Taq3\ngSIIgzCsoUFe30Yemho/Pp4zA9US97DZjScQLQAGiTsCRDBASxXGzODQOfZL3bCs\n2w//1lqGjmhp+tU1nR4MRN+euyNX42ioEz111iB8y0VzuTIsFBWwRTKK1SF7YSEb\nAgMBAAEwDQYJKoZIhvcNAQELBQADggEBABnRM9JJ21ZaujOTunONyVLHtmxUmrdr\n74OJW8xlXYEMFu57Wi40+4UoeEIUXHviBnONEfcITJITYUdqve2JjQsH2Qw3iBUr\nmsFrWS25t/Krk2FS2cKg8B9azW2+p1mBNm/FneMv2DMWHReGW0cBp3YncWD7OwQL\n9NcYfXfgBgHdhykctEQ97SgLHDKUCU8cPJv14eZ+ehIPiv8cDWw0mMdMeVK9q71Y\nWn2EgP7HzVgdbj17nP9JJjNvets39gD8bU0g2Lw3wuyb/j7CHPBBzqxh+a8pihI5\n3dRRchuVeMQkMuukyR+/A8UrBMA/gCTkXIcP6jKO1SkKq5ZwlMmapPc=\n-----END CERTIFICATE-----\n",
123
							"private_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAqz6vjKNJ0t3SVNahhcJSAYvR6kZuURnH6bPtFuS4xIalCsSl\nMHka8A2iMaYkqoynnoc/Q7S1KVwQ9vaR7sTg1FbDB9lNQBlp/ZeIzJz+huYkzDyd\n2U17M3qgC3vJZv3/NO2QNAu5qHPre/3d/m+ndpZ8EfslmyGSVLtqsPh60dKj6TZQ\nT9xDLZUATqn+JApek36aqxn3PZVtCY7hOk2qt4EiCIMwrKFBXt9GHpoaPz6eMwPV\nEvew2Y0nEC0ABok7AkQwQEsVxszg0Dn2S92wrNsP/9Zaho5oafrVNZ0eDETfnrsj\nV+NoqBM9ddYgfMtFc7kyLBQVsEUyitUhe2EhGwIDAQABAoIBAG2Bj5ca0Fmk+hzA\nh9fWdMSCWgE7es4n81wyb/nE15btF1t0dsIxn5VE0qR3P1lEyueoSz+LrpG9Syfy\nc03B3phKxzscrbbAybOeFJ/sASPYxk1IshRE5PT9hJzzUs6mvG1nQWDW4qmjP0Iy\nDKTpV6iRANQqy1iRtlay5r42l6vWwHfRfwAv4ExSS+RgkYcavqOp3e9If2JnFJuo\n7Zds2i7Ux8dURX7lHqKxTt6phgoMmMpvO3lFYVGos7F13OR9NKElzjiefAQbweAt\nt8R+6A1rlIwnfywxET9ZXglfOFK6Q0nqCJhcEcKzT/Xfkd+h9XPACjOObJh3a2+o\nwg9GBFECgYEA2a6JYuFanKzvajFPbSeN1csfI9jPpK2+tB5+BB72dE74B4rjygiG\n0Rb26UjovkYfJJqKuKr4zDL5ziSlJk199Ae2f6T7t7zmyhMlWQtVT12iTQvBINTz\nNerKi5HNVBsCSGj0snbwo8u4QRgTjaIoVqTlOlUQuGqYuZ75l8g35IkCgYEAyWOM\nKagzpGmHWq/0ThN4kkwWOdujxuqrPf4un2WXsir+L90UV7X9wY4mO19pe5Ga2Upu\nXFDsxAZsanf8SbzkTGHvzUobFL7eqsiwaUSGB/cGEtkIyVlAdyW9DhiZFt3i9mEF\nbBsHnEDHPHL4tu+BB8G3WahHjWOnbWZ3NTtP94MCgYEAi3XRmSLtjYER5cPvsevs\nZ7M5oRqvdT7G9divPW6k0MEjEJn/9BjgXqbKy4ylZ/m+zBGinEsVGKXz+wjpMY/m\nCOjEGCUYC5AfgAkiHVkwb6d6asgEFEe6BaoF18MyfBbNsJxlYMzowNeslS+an1vr\nYg9EuMl06+GHNSzPlVl1zZkCgYEAxXx8N2F9eu4NUK4ZafMIGpbIeOZdHbSERp+b\nAq5yasJkT3WB/F04QXVvImv3Gbj4W7r0rEyjUbtm16Vf3sOAMTMdIHhaRCbEXj+9\nVw1eTjM8XoE8b465e92jHk6a2WSvq6IK2i9LcDvJ5QptwZ7uLjgV37L4r7sYtVx0\n69uFGJcCgYEAot7im+Yi7nNsh1dJsDI48liKDjC6rbZoCeF7Tslp8Lt+4J9CA9Ux\nSHyKjg9ujbjkzCWrPU9hkugOidDOmu7tJAxB5cS00qJLRqB5lcPxjOWcBXCdpBkO\n0tdT/xRY/MYLf3wbT95enaPlhfeqBBXKNQDya6nISbfwbMLfNxdZPJ8=\n-----END RSA PRIVATE KEY-----\n"
124
						},
125
						"filters": [
126
							{
127
								 "type": "proxy",
128
								 "config": {
129
									 "downstream_protocol": "X",
130
									 "upstream_protocol": "X",
131
									 "extend_config": {
132
										 "sub_protocol": "bolt"
133
									 },
134
									 "router_config_name":"router_to_server"
135
								 }
136
							}
137
						]
138
					}]
139
				}
140
			]
141
		}
142
	],
143
	"cluster_manager": {
144
		"clusters":[
145
			{
146
				"name": "mosn_cluster",
147
				"type": "SIMPLE",
148
				"lb_type": "LB_RANDOM",
149
				"tls_context": {
150
					"status": true,
151
					"insecure_skip": true
152
				},
153
				"hosts":[
154
					{"address":"127.0.0.1:2046"}
155
				]
156
			},
157
			{
158
				"name": "mosn_cluster_new",
159
				"type": "SIMPLE",
160
				"lb_type": "LB_RANDOM",
161
				"hosts":[
162
					{"address":"127.0.0.1:2046"}
163
				]
164
			},
165
			{
166
				"name": "server_cluster",
167
				"type": "SIMPLE",
168
				"lb_type": "LB_RANDOM",
169
				"hosts":[
170
					{"address":"127.0.0.1:8080"}
171
				]
172
			}
173
		]
174
	},
175
	"admin": {
176
		"address": {
177
			"socket_address": {
178
				"address": "127.0.0.1",
179
				"port_value": 34901
180
			}
181
		}
182
	}
183
}`
184

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.