private void testProxy(ProxyType proxyType) throws Exception { startProxy(null, proxyType); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(proxyType).pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "localhost:4043", proxy.getLastUri()); }
@Test public void testCrlInvalidPath() throws Exception { HttpClientOptions clientOptions = new HttpClientOptions(); clientOptions.setTrustOptions(Trust.SERVER_PEM_ROOT_CA.get()); clientOptions.setSsl(true); clientOptions.addCrlPath("/invalid.pem"); try { vertx.createHttpClient(clientOptions); fail("Was expecting a failure"); } catch (VertxException e) { assertNotNull(e.getCause()); assertEquals(NoSuchFileException.class, e.getCause().getCause().getClass()); } }
@Test // Access https server via socks5 proxy with authentication public void testHttpsSocksAuth() throws Exception { startProxy("username", ProxyType.SOCKS5); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(ProxyType.SOCKS5).useProxyAuth().pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "localhost:4043", proxy.getLastUri()); }
@Test // Access https server via socks proxy with a hostname that doesn't resolve // the hostname may resolve at the proxy if that is accessing another DNS // we simulate this by mapping the hostname to localhost:xxx in the test proxy code public void testSocksProxyUnknownHost() throws Exception { startProxy(null, ProxyType.SOCKS5); proxy.setForceUri("localhost:4043"); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(ProxyType.SOCKS5) .connectHostname("doesnt-resolve.host-name").clientTrustAll().clientVerifyHost(false).pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "doesnt-resolve.host-name:4043", proxy.getLastUri()); } }
@Test // Access https server via connect proxy with proxy auth required public void testHttpsProxyAuth() throws Exception { startProxy("username", ProxyType.HTTP); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(ProxyType.HTTP).useProxyAuth().pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "localhost:4043", proxy.getLastUri()); assertEquals("Host header doesn't contain target host", "localhost:4043", proxy.getLastRequestHeaders().get("Host")); assertEquals("Host header doesn't contain target host", HttpMethod.CONNECT, proxy.getLastMethod()); }
private void testProxyWithSNI(ProxyType proxyType) throws Exception { startProxy(null, proxyType); X509Certificate cert = testTLS(Cert.NONE, Trust.SNI_JKS_HOST2, Cert.SNI_JKS, Trust.NONE) .serverSni() .useProxy(proxyType) .requestOptions(new RequestOptions().setSsl(true).setPort(4043).setHost("host2.com")) .pass() .clientPeerCert(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "host2.com:4043", proxy.getLastUri()); assertEquals("host2.com", TestUtils.cnOf(cert)); }
@Test // Access https server via connect proxy with a hostname that doesn't resolve // the hostname may resolve at the proxy if that is accessing another DNS // we simulate this by mapping the hostname to localhost:xxx in the test proxy code public void testHttpsProxyUnknownHost() throws Exception { startProxy(null, ProxyType.HTTP); proxy.setForceUri("localhost:4043"); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(ProxyType.HTTP) .connectHostname("doesnt-resolve.host-name").clientTrustAll().clientVerifyHost(false).pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "doesnt-resolve.host-name:4043", proxy.getLastUri()); assertEquals("Host header doesn't contain target host", "doesnt-resolve.host-name:4043", proxy.getLastRequestHeaders().get("Host")); assertEquals("Host header doesn't contain target host", HttpMethod.CONNECT, proxy.getLastMethod()); }
@Test public void testCrlInvalidPath() throws Exception { HttpClientOptions clientOptions = new HttpClientOptions(); clientOptions.setTrustOptions(Trust.SERVER_PEM_ROOT_CA.get()); clientOptions.setSsl(true); clientOptions.addCrlPath("/invalid.pem"); try { vertx.createHttpClient(clientOptions); fail("Was expecting a failure"); } catch (VertxException e) { assertNotNull(e.getCause()); assertEquals(NoSuchFileException.class, e.getCause().getCause().getClass()); } }
private void testProxy(ProxyType proxyType) throws Exception { startProxy(null, proxyType); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(proxyType).pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "localhost:4043", proxy.getLastUri()); }
@Test // Access https server via socks5 proxy with authentication public void testHttpsSocksAuth() throws Exception { startProxy("username", ProxyType.SOCKS5); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(ProxyType.SOCKS5).useProxyAuth().pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "localhost:4043", proxy.getLastUri()); }
@Test // Access https server via socks proxy with a hostname that doesn't resolve // the hostname may resolve at the proxy if that is accessing another DNS // we simulate this by mapping the hostname to localhost:xxx in the test proxy code public void testSocksProxyUnknownHost() throws Exception { startProxy(null, ProxyType.SOCKS5); proxy.setForceUri("localhost:4043"); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(ProxyType.SOCKS5) .connectHostname("doesnt-resolve.host-name").clientTrustAll().clientVerifyHost(false).pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "doesnt-resolve.host-name:4043", proxy.getLastUri()); } }
@Test // Access https server via connect proxy with proxy auth required public void testHttpsProxyAuth() throws Exception { startProxy("username", ProxyType.HTTP); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(ProxyType.HTTP).useProxyAuth().pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "localhost:4043", proxy.getLastUri()); assertEquals("Host header doesn't contain target host", "localhost:4043", proxy.getLastRequestHeaders().get("Host")); assertEquals("Host header doesn't contain target host", HttpMethod.CONNECT, proxy.getLastMethod()); }
private void testProxyWithSNI(ProxyType proxyType) throws Exception { startProxy(null, proxyType); X509Certificate cert = testTLS(Cert.NONE, Trust.SNI_JKS_HOST2, Cert.SNI_JKS, Trust.NONE) .serverSni() .useProxy(proxyType) .requestOptions(new RequestOptions().setSsl(true).setPort(4043).setHost("host2.com")) .pass() .clientPeerCert(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "host2.com:4043", proxy.getLastUri()); assertEquals("host2.com", TestUtils.cnOf(cert)); }
@Test // Access https server via connect proxy with a hostname that doesn't resolve // the hostname may resolve at the proxy if that is accessing another DNS // we simulate this by mapping the hostname to localhost:xxx in the test proxy code public void testHttpsProxyUnknownHost() throws Exception { startProxy(null, ProxyType.HTTP); proxy.setForceUri("localhost:4043"); testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SERVER_JKS, Trust.NONE).useProxy(ProxyType.HTTP) .connectHostname("doesnt-resolve.host-name").clientTrustAll().clientVerifyHost(false).pass(); assertNotNull("connection didn't access the proxy", proxy.getLastUri()); assertEquals("hostname resolved but it shouldn't be", "doesnt-resolve.host-name:4043", proxy.getLastUri()); assertEquals("Host header doesn't contain target host", "doesnt-resolve.host-name:4043", proxy.getLastRequestHeaders().get("Host")); assertEquals("Host header doesn't contain target host", HttpMethod.CONNECT, proxy.getLastMethod()); }