1 // Copyright 2012 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
26 var rsaCertPEM = `-----BEGIN CERTIFICATE-----
27 MIIB0zCCAX2gAwIBAgIJAI/M7BYjwB+uMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
28 BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
29 aWRnaXRzIFB0eSBMdGQwHhcNMTIwOTEyMjE1MjAyWhcNMTUwOTEyMjE1MjAyWjBF
30 MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
31 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANLJ
32 hPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wok/4xIA+ui35/MmNa
33 rtNuC+BdZ1tMuVCPFZcCAwEAAaNQME4wHQYDVR0OBBYEFJvKs8RfJaXTH08W+SGv
34 zQyKn0H8MB8GA1UdIwQYMBaAFJvKs8RfJaXTH08W+SGvzQyKn0H8MAwGA1UdEwQF
35 MAMBAf8wDQYJKoZIhvcNAQEFBQADQQBJlffJHybjDGxRMqaRmDhX0+6v02TUKZsW
36 r5QuVbpQhH6u+0UgcW0jp9QwpxoPTLTWGXEWBBBurxFwiCBhkQ+V
37 -----END CERTIFICATE-----
40 var rsaKeyPEM = testingKey(`-----BEGIN RSA TESTING KEY-----
41 MIIBOwIBAAJBANLJhPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wo
42 k/4xIA+ui35/MmNartNuC+BdZ1tMuVCPFZcCAwEAAQJAEJ2N+zsR0Xn8/Q6twa4G
43 6OB1M1WO+k+ztnX/1SvNeWu8D6GImtupLTYgjZcHufykj09jiHmjHx8u8ZZB/o1N
44 MQIhAPW+eyZo7ay3lMz1V01WVjNKK9QSn1MJlb06h/LuYv9FAiEA25WPedKgVyCW
45 SmUwbPw8fnTcpqDWE3yTO3vKcebqMSsCIBF3UmVue8YU3jybC3NxuXq3wNm34R8T
46 xVLHwDXh/6NJAiEAl2oHGGLz64BuAfjKrqwz7qMYr9HCLIe/YsoWq/olzScCIQDi
47 D2lWusoe2/nEqfDVVWGWlyJ7yOmqaVm/iNUN9B2N2g==
48 -----END RSA TESTING KEY-----
51 // keyPEM is the same as rsaKeyPEM, but declares itself as just
52 // "PRIVATE KEY", not "RSA PRIVATE KEY". https://golang.org/issue/4477
53 var keyPEM = testingKey(`-----BEGIN TESTING KEY-----
54 MIIBOwIBAAJBANLJhPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wo
55 k/4xIA+ui35/MmNartNuC+BdZ1tMuVCPFZcCAwEAAQJAEJ2N+zsR0Xn8/Q6twa4G
56 6OB1M1WO+k+ztnX/1SvNeWu8D6GImtupLTYgjZcHufykj09jiHmjHx8u8ZZB/o1N
57 MQIhAPW+eyZo7ay3lMz1V01WVjNKK9QSn1MJlb06h/LuYv9FAiEA25WPedKgVyCW
58 SmUwbPw8fnTcpqDWE3yTO3vKcebqMSsCIBF3UmVue8YU3jybC3NxuXq3wNm34R8T
59 xVLHwDXh/6NJAiEAl2oHGGLz64BuAfjKrqwz7qMYr9HCLIe/YsoWq/olzScCIQDi
60 D2lWusoe2/nEqfDVVWGWlyJ7yOmqaVm/iNUN9B2N2g==
61 -----END TESTING KEY-----
64 var ecdsaCertPEM = `-----BEGIN CERTIFICATE-----
65 MIIB/jCCAWICCQDscdUxw16XFDAJBgcqhkjOPQQBMEUxCzAJBgNVBAYTAkFVMRMw
66 EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0
67 eSBMdGQwHhcNMTIxMTE0MTI0MDQ4WhcNMTUxMTE0MTI0MDQ4WjBFMQswCQYDVQQG
68 EwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lk
69 Z2l0cyBQdHkgTHRkMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBY9+my9OoeSUR
70 lDQdV/x8LsOuLilthhiS1Tz4aGDHIPwC1mlvnf7fg5lecYpMCrLLhauAc1UJXcgl
71 01xoLuzgtAEAgv2P/jgytzRSpUYvgLBt1UA0leLYBy6mQQbrNEuqT3INapKIcUv8
72 XxYP0xMEUksLPq6Ca+CRSqTtrd/23uTnapkwCQYHKoZIzj0EAQOBigAwgYYCQXJo
73 A7Sl2nLVf+4Iu/tAX/IF4MavARKC4PPHK3zfuGfPR3oCCcsAoz3kAzOeijvd0iXb
74 H5jBImIxPL4WxQNiBTexAkF8D1EtpYuWdlVQ80/h/f4pBcGiXPqX5h2PQSQY7hP1
75 +jwM1FGS4fREIOvlBYr/SzzQRtwrvrzGYxDEDbsC0ZGRnA==
76 -----END CERTIFICATE-----
79 var ecdsaKeyPEM = testingKey(`-----BEGIN EC PARAMETERS-----
81 -----END EC PARAMETERS-----
82 -----BEGIN EC TESTING KEY-----
83 MIHcAgEBBEIBrsoKp0oqcv6/JovJJDoDVSGWdirrkgCWxrprGlzB9o0X8fV675X0
84 NwuBenXFfeZvVcwluO7/Q9wkYoPd/t3jGImgBwYFK4EEACOhgYkDgYYABAFj36bL
85 06h5JRGUNB1X/Hwuw64uKW2GGJLVPPhoYMcg/ALWaW+d/t+DmV5xikwKssuFq4Bz
86 VQldyCXTXGgu7OC0AQCC/Y/+ODK3NFKlRi+AsG3VQDSV4tgHLqZBBus0S6pPcg1q
87 kohxS/xfFg/TEwRSSws+roJr4JFKpO2t3/be5OdqmQ==
88 -----END EC TESTING KEY-----
91 var keyPairTests = []struct {
96 {"ECDSA", ecdsaCertPEM, ecdsaKeyPEM},
97 {"RSA", rsaCertPEM, rsaKeyPEM},
98 {"RSA-untyped", rsaCertPEM, keyPEM}, // golang.org/issue/4477
101 func TestX509KeyPair(t *testing.T) {
104 for _, test := range keyPairTests {
105 pem = []byte(test.cert + test.key)
106 if _, err := X509KeyPair(pem, pem); err != nil {
107 t.Errorf("Failed to load %s cert followed by %s key: %s", test.algo, test.algo, err)
109 pem = []byte(test.key + test.cert)
110 if _, err := X509KeyPair(pem, pem); err != nil {
111 t.Errorf("Failed to load %s key followed by %s cert: %s", test.algo, test.algo, err)
116 func TestX509KeyPairErrors(t *testing.T) {
117 _, err := X509KeyPair([]byte(rsaKeyPEM), []byte(rsaCertPEM))
119 t.Fatalf("X509KeyPair didn't return an error when arguments were switched")
121 if subStr := "been switched"; !strings.Contains(err.Error(), subStr) {
122 t.Fatalf("Expected %q in the error when switching arguments to X509KeyPair, but the error was %q", subStr, err)
125 _, err = X509KeyPair([]byte(rsaCertPEM), []byte(rsaCertPEM))
127 t.Fatalf("X509KeyPair didn't return an error when both arguments were certificates")
129 if subStr := "certificate"; !strings.Contains(err.Error(), subStr) {
130 t.Fatalf("Expected %q in the error when both arguments to X509KeyPair were certificates, but the error was %q", subStr, err)
133 const nonsensePEM = `
134 -----BEGIN NONSENSE-----
136 -----END NONSENSE-----
139 _, err = X509KeyPair([]byte(nonsensePEM), []byte(nonsensePEM))
141 t.Fatalf("X509KeyPair didn't return an error when both arguments were nonsense")
143 if subStr := "NONSENSE"; !strings.Contains(err.Error(), subStr) {
144 t.Fatalf("Expected %q in the error when both arguments to X509KeyPair were nonsense, but the error was %q", subStr, err)
148 func TestX509MixedKeyPair(t *testing.T) {
149 if _, err := X509KeyPair([]byte(rsaCertPEM), []byte(ecdsaKeyPEM)); err == nil {
150 t.Error("Load of RSA certificate succeeded with ECDSA private key")
152 if _, err := X509KeyPair([]byte(ecdsaCertPEM), []byte(rsaKeyPEM)); err == nil {
153 t.Error("Load of ECDSA certificate succeeded with RSA private key")
157 func newLocalListener(t testing.TB) net.Listener {
158 ln, err := net.Listen("tcp", "127.0.0.1:0")
160 ln, err = net.Listen("tcp6", "[::1]:0")
168 func TestDialTimeout(t *testing.T) {
170 t.Skip("skipping in short mode")
172 listener := newLocalListener(t)
174 addr := listener.Addr().String()
175 defer listener.Close()
177 complete := make(chan bool)
178 defer close(complete)
181 conn, err := listener.Accept()
190 dialer := &net.Dialer{
191 Timeout: 10 * time.Millisecond,
195 if _, err = DialWithDialer(dialer, "tcp", addr, nil); err == nil {
196 t.Fatal("DialWithTimeout completed successfully")
199 if !isTimeoutError(err) {
200 t.Errorf("resulting error not a timeout: %v\nType %T: %#v", err, err, err)
204 func isTimeoutError(err error) bool {
205 if ne, ok := err.(net.Error); ok {
211 // tests that Conn.Read returns (non-zero, io.EOF) instead of
212 // (non-zero, nil) when a Close (alertCloseNotify) is sitting right
213 // behind the application data in the buffer.
214 func TestConnReadNonzeroAndEOF(t *testing.T) {
215 // This test is racy: it assumes that after a write to a
216 // localhost TCP connection, the peer TCP connection can
217 // immediately read it. Because it's racy, we skip this test
218 // in short mode, and then retry it several times with an
219 // increasing sleep in between our final write (via srv.Close
220 // below) and the following read.
222 t.Skip("skipping in short mode")
225 for delay := time.Millisecond; delay <= 64*time.Millisecond; delay *= 2 {
226 if err = testConnReadNonzeroAndEOF(t, delay); err == nil {
233 func testConnReadNonzeroAndEOF(t *testing.T, delay time.Duration) error {
234 ln := newLocalListener(t)
237 srvCh := make(chan *Conn, 1)
240 sconn, err := ln.Accept()
246 serverConfig := testConfig.Clone()
247 srv := Server(sconn, serverConfig)
248 if err := srv.Handshake(); err != nil {
249 serr = fmt.Errorf("handshake: %v", err)
256 clientConfig := testConfig.Clone()
257 // In TLS 1.3, alerts are encrypted and disguised as application data, so
258 // the opportunistic peek won't work.
259 clientConfig.MaxVersion = VersionTLS12
260 conn, err := Dial("tcp", ln.Addr().String(), clientConfig)
271 buf := make([]byte, 6)
273 srv.Write([]byte("foobar"))
274 n, err := conn.Read(buf)
275 if n != 6 || err != nil || string(buf) != "foobar" {
276 return fmt.Errorf("Read = %d, %v, data %q; want 6, nil, foobar", n, err, buf)
279 srv.Write([]byte("abcdef"))
282 n, err = conn.Read(buf)
283 if n != 6 || string(buf) != "abcdef" {
284 return fmt.Errorf("Read = %d, buf= %q; want 6, abcdef", n, buf)
287 return fmt.Errorf("Second Read error = %v; want io.EOF", err)
292 func TestTLSUniqueMatches(t *testing.T) {
293 ln := newLocalListener(t)
296 serverTLSUniques := make(chan []byte)
298 for i := 0; i < 2; i++ {
299 sconn, err := ln.Accept()
304 serverConfig := testConfig.Clone()
305 serverConfig.MaxVersion = VersionTLS12 // TLSUnique is not defined in TLS 1.3
306 srv := Server(sconn, serverConfig)
307 if err := srv.Handshake(); err != nil {
311 serverTLSUniques <- srv.ConnectionState().TLSUnique
315 clientConfig := testConfig.Clone()
316 clientConfig.ClientSessionCache = NewLRUClientSessionCache(1)
317 conn, err := Dial("tcp", ln.Addr().String(), clientConfig)
321 if !bytes.Equal(conn.ConnectionState().TLSUnique, <-serverTLSUniques) {
322 t.Error("client and server channel bindings differ")
326 conn, err = Dial("tcp", ln.Addr().String(), clientConfig)
331 if !conn.ConnectionState().DidResume {
332 t.Error("second session did not use resumption")
334 if !bytes.Equal(conn.ConnectionState().TLSUnique, <-serverTLSUniques) {
335 t.Error("client and server channel bindings differ when session resumption is used")
339 func TestVerifyHostname(t *testing.T) {
340 testenv.MustHaveExternalNetwork(t)
342 c, err := Dial("tcp", "www.google.com:https", nil)
346 if err := c.VerifyHostname("www.google.com"); err != nil {
347 t.Fatalf("verify www.google.com: %v", err)
349 if err := c.VerifyHostname("www.yahoo.com"); err == nil {
350 t.Fatalf("verify www.yahoo.com succeeded")
353 c, err = Dial("tcp", "www.google.com:https", &Config{InsecureSkipVerify: true})
357 if err := c.VerifyHostname("www.google.com"); err == nil {
358 t.Fatalf("verify www.google.com succeeded with InsecureSkipVerify=true")
362 func TestConnCloseBreakingWrite(t *testing.T) {
363 ln := newLocalListener(t)
366 srvCh := make(chan *Conn, 1)
371 sconn, err = ln.Accept()
377 serverConfig := testConfig.Clone()
378 srv := Server(sconn, serverConfig)
379 if err := srv.Handshake(); err != nil {
380 serr = fmt.Errorf("handshake: %v", err)
387 cconn, err := net.Dial("tcp", ln.Addr().String())
393 conn := &changeImplConn{
397 clientConfig := testConfig.Clone()
398 tconn := Client(conn, clientConfig)
399 if err := tconn.Handshake(); err != nil {
409 connClosed := make(chan struct{})
410 conn.closeFunc = func() error {
415 inWrite := make(chan bool, 1)
416 var errConnClosed = errors.New("conn closed for test")
417 conn.writeFunc = func(p []byte) (n int, err error) {
420 return 0, errConnClosed
423 closeReturned := make(chan bool, 1)
426 tconn.Close() // test that this doesn't block forever.
427 closeReturned <- true
430 _, err = tconn.Write([]byte("foo"))
431 if err != errConnClosed {
432 t.Errorf("Write error = %v; want errConnClosed", err)
436 if err := tconn.Close(); err != errClosed {
437 t.Errorf("Close error = %v; want errClosed", err)
441 func TestConnCloseWrite(t *testing.T) {
442 ln := newLocalListener(t)
445 clientDoneChan := make(chan struct{})
447 serverCloseWrite := func() error {
448 sconn, err := ln.Accept()
450 return fmt.Errorf("accept: %v", err)
454 serverConfig := testConfig.Clone()
455 srv := Server(sconn, serverConfig)
456 if err := srv.Handshake(); err != nil {
457 return fmt.Errorf("handshake: %v", err)
461 data, err := ioutil.ReadAll(srv)
466 return fmt.Errorf("Read data = %q; want nothing", data)
469 if err := srv.CloseWrite(); err != nil {
470 return fmt.Errorf("server CloseWrite: %v", err)
473 // Wait for clientCloseWrite to finish, so we know we
474 // tested the CloseWrite before we defer the
475 // sconn.Close above, which would also cause the
476 // client to unblock like CloseWrite.
481 clientCloseWrite := func() error {
482 defer close(clientDoneChan)
484 clientConfig := testConfig.Clone()
485 conn, err := Dial("tcp", ln.Addr().String(), clientConfig)
489 if err := conn.Handshake(); err != nil {
494 if err := conn.CloseWrite(); err != nil {
495 return fmt.Errorf("client CloseWrite: %v", err)
498 if _, err := conn.Write([]byte{0}); err != errShutdown {
499 return fmt.Errorf("CloseWrite error = %v; want errShutdown", err)
502 data, err := ioutil.ReadAll(conn)
507 return fmt.Errorf("Read data = %q; want nothing", data)
512 errChan := make(chan error, 2)
514 go func() { errChan <- serverCloseWrite() }()
515 go func() { errChan <- clientCloseWrite() }()
517 for i := 0; i < 2; i++ {
519 case err := <-errChan:
523 case <-time.After(10 * time.Second):
528 // Also test CloseWrite being called before the handshake is
531 ln2 := newLocalListener(t)
534 netConn, err := net.Dial("tcp", ln2.Addr().String())
538 defer netConn.Close()
539 conn := Client(netConn, testConfig.Clone())
541 if err := conn.CloseWrite(); err != errEarlyCloseWrite {
542 t.Errorf("CloseWrite error = %v; want errEarlyCloseWrite", err)
547 func TestWarningAlertFlood(t *testing.T) {
548 ln := newLocalListener(t)
551 server := func() error {
552 sconn, err := ln.Accept()
554 return fmt.Errorf("accept: %v", err)
558 serverConfig := testConfig.Clone()
559 srv := Server(sconn, serverConfig)
560 if err := srv.Handshake(); err != nil {
561 return fmt.Errorf("handshake: %v", err)
565 _, err = ioutil.ReadAll(srv)
567 return errors.New("unexpected lack of error from server")
569 const expected = "too many ignored"
570 if str := err.Error(); !strings.Contains(str, expected) {
571 return fmt.Errorf("expected error containing %q, but saw: %s", expected, str)
577 errChan := make(chan error, 1)
578 go func() { errChan <- server() }()
580 clientConfig := testConfig.Clone()
581 clientConfig.MaxVersion = VersionTLS12 // there are no warning alerts in TLS 1.3
582 conn, err := Dial("tcp", ln.Addr().String(), clientConfig)
587 if err := conn.Handshake(); err != nil {
591 for i := 0; i < maxUselessRecords+1; i++ {
592 conn.sendAlert(alertNoRenegotiation)
595 if err := <-errChan; err != nil {
600 func TestCloneFuncFields(t *testing.T) {
601 const expectedCount = 5
605 Time: func() time.Time {
609 GetCertificate: func(*ClientHelloInfo) (*Certificate, error) {
613 GetClientCertificate: func(*CertificateRequestInfo) (*Certificate, error) {
617 GetConfigForClient: func(*ClientHelloInfo) (*Config, error) {
621 VerifyPeerCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
630 c2.GetCertificate(nil)
631 c2.GetClientCertificate(nil)
632 c2.GetConfigForClient(nil)
633 c2.VerifyPeerCertificate(nil, nil)
635 if called != (1<<expectedCount)-1 {
636 t.Fatalf("expected %d calls but saw calls %b", expectedCount, called)
640 func TestCloneNonFuncFields(t *testing.T) {
642 v := reflect.ValueOf(&c1).Elem()
645 for i := 0; i < typ.NumField(); i++ {
648 // unexported field; not cloned.
652 // testing/quick can't handle functions or interfaces and so
654 switch fn := typ.Field(i).Name; fn {
656 f.Set(reflect.ValueOf(io.Reader(os.Stdin)))
657 case "Time", "GetCertificate", "GetConfigForClient", "VerifyPeerCertificate", "GetClientCertificate":
658 // DeepEqual can't compare functions. If you add a
659 // function field to this list, you must also change
660 // TestCloneFuncFields to ensure that the func field is
663 f.Set(reflect.ValueOf([]Certificate{
664 {Certificate: [][]byte{{'b'}}},
666 case "NameToCertificate":
667 f.Set(reflect.ValueOf(map[string]*Certificate{"a": nil}))
668 case "RootCAs", "ClientCAs":
669 f.Set(reflect.ValueOf(x509.NewCertPool()))
670 case "ClientSessionCache":
671 f.Set(reflect.ValueOf(NewLRUClientSessionCache(10)))
673 f.Set(reflect.ValueOf(io.Writer(os.Stdout)))
675 f.Set(reflect.ValueOf([]string{"a", "b"}))
677 f.Set(reflect.ValueOf("b"))
679 f.Set(reflect.ValueOf(VerifyClientCertIfGiven))
680 case "InsecureSkipVerify", "SessionTicketsDisabled", "DynamicRecordSizingDisabled", "PreferServerCipherSuites":
681 f.Set(reflect.ValueOf(true))
682 case "MinVersion", "MaxVersion":
683 f.Set(reflect.ValueOf(uint16(VersionTLS12)))
684 case "SessionTicketKey":
685 f.Set(reflect.ValueOf([32]byte{}))
687 f.Set(reflect.ValueOf([]uint16{1, 2}))
688 case "CurvePreferences":
689 f.Set(reflect.ValueOf([]CurveID{CurveP256}))
690 case "Renegotiation":
691 f.Set(reflect.ValueOf(RenegotiateOnceAsClient))
693 t.Errorf("all fields must be accounted for, but saw unknown field %q", fn)
698 // DeepEqual also compares unexported fields, thus c2 needs to have run
699 // serverInit in order to be DeepEqual to c1. Cloning it and discarding
700 // the result is sufficient.
703 if !reflect.DeepEqual(&c1, c2) {
704 t.Errorf("clone failed to copy a field")
708 // changeImplConn is a net.Conn which can change its Write and Close
710 type changeImplConn struct {
712 writeFunc func([]byte) (int, error)
713 closeFunc func() error
716 func (w *changeImplConn) Write(p []byte) (n int, err error) {
717 if w.writeFunc != nil {
718 return w.writeFunc(p)
720 return w.Conn.Write(p)
723 func (w *changeImplConn) Close() error {
724 if w.closeFunc != nil {
727 return w.Conn.Close()
730 func throughput(b *testing.B, version uint16, totalBytes int64, dynamicRecordSizingDisabled bool) {
731 ln := newLocalListener(b)
736 // Less than 64KB because Windows appears to use a TCP rwin < 64KB.
738 const bufsize = 32 << 10
741 buf := make([]byte, bufsize)
742 for i := 0; i < N; i++ {
743 sconn, err := ln.Accept()
745 // panic rather than synchronize to avoid benchmark overhead
746 // (cannot call b.Fatal in goroutine)
747 panic(fmt.Errorf("accept: %v", err))
749 serverConfig := testConfig.Clone()
750 serverConfig.CipherSuites = nil // the defaults may prefer faster ciphers
751 serverConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled
752 srv := Server(sconn, serverConfig)
753 if err := srv.Handshake(); err != nil {
754 panic(fmt.Errorf("handshake: %v", err))
756 if _, err := io.CopyBuffer(srv, srv, buf); err != nil {
757 panic(fmt.Errorf("copy buffer: %v", err))
762 b.SetBytes(totalBytes)
763 clientConfig := testConfig.Clone()
764 clientConfig.CipherSuites = nil // the defaults may prefer faster ciphers
765 clientConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled
766 clientConfig.MaxVersion = version
768 buf := make([]byte, bufsize)
769 chunks := int(math.Ceil(float64(totalBytes) / float64(len(buf))))
770 for i := 0; i < N; i++ {
771 conn, err := Dial("tcp", ln.Addr().String(), clientConfig)
775 for j := 0; j < chunks; j++ {
776 _, err := conn.Write(buf)
780 _, err = io.ReadFull(conn, buf)
789 func BenchmarkThroughput(b *testing.B) {
790 for _, mode := range []string{"Max", "Dynamic"} {
791 for size := 1; size <= 64; size <<= 1 {
792 name := fmt.Sprintf("%sPacket/%dMB", mode, size)
793 b.Run(name, func(b *testing.B) {
794 b.Run("TLSv12", func(b *testing.B) {
795 throughput(b, VersionTLS12, int64(size<<20), mode == "Max")
797 b.Run("TLSv13", func(b *testing.B) {
798 throughput(b, VersionTLS13, int64(size<<20), mode == "Max")
805 type slowConn struct {
810 func (c *slowConn) Write(p []byte) (int, error) {
817 time.Sleep(100 * time.Microsecond)
818 allowed := int(time.Since(t0).Seconds()*float64(c.bps)) / 8
819 if allowed > len(p) {
823 n, err := c.Conn.Write(p[wrote:allowed])
833 func latency(b *testing.B, version uint16, bps int, dynamicRecordSizingDisabled bool) {
834 ln := newLocalListener(b)
840 for i := 0; i < N; i++ {
841 sconn, err := ln.Accept()
843 // panic rather than synchronize to avoid benchmark overhead
844 // (cannot call b.Fatal in goroutine)
845 panic(fmt.Errorf("accept: %v", err))
847 serverConfig := testConfig.Clone()
848 serverConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled
849 srv := Server(&slowConn{sconn, bps}, serverConfig)
850 if err := srv.Handshake(); err != nil {
851 panic(fmt.Errorf("handshake: %v", err))
857 clientConfig := testConfig.Clone()
858 clientConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled
859 clientConfig.MaxVersion = version
861 buf := make([]byte, 16384)
862 peek := make([]byte, 1)
864 for i := 0; i < N; i++ {
865 conn, err := Dial("tcp", ln.Addr().String(), clientConfig)
869 // make sure we're connected and previous connection has stopped
870 if _, err := conn.Write(buf[:1]); err != nil {
873 if _, err := io.ReadFull(conn, peek); err != nil {
876 if _, err := conn.Write(buf); err != nil {
879 if _, err = io.ReadFull(conn, peek); err != nil {
886 func BenchmarkLatency(b *testing.B) {
887 for _, mode := range []string{"Max", "Dynamic"} {
888 for _, kbps := range []int{200, 500, 1000, 2000, 5000} {
889 name := fmt.Sprintf("%sPacket/%dkbps", mode, kbps)
890 b.Run(name, func(b *testing.B) {
891 b.Run("TLSv12", func(b *testing.B) {
892 latency(b, VersionTLS12, kbps*1000, mode == "Max")
894 b.Run("TLSv13", func(b *testing.B) {
895 latency(b, VersionTLS13, kbps*1000, mode == "Max")
902 func TestConnectionStateMarshal(t *testing.T) {
903 cs := &ConnectionState{}
904 _, err := json.Marshal(cs)
906 t.Errorf("json.Marshal failed on ConnectionState: %v", err)
910 func TestConnectionState(t *testing.T) {
911 issuer, err := x509.ParseCertificate(testRSACertificateIssuer)
915 rootCAs := x509.NewCertPool()
916 rootCAs.AddCert(issuer)
918 now := func() time.Time { return time.Unix(1476984729, 0) }
920 const alpnProtocol = "golang"
921 const serverName = "example.golang"
922 var scts = [][]byte{[]byte("dummy sct 1"), []byte("dummy sct 2")}
923 var ocsp = []byte("dummy ocsp")
925 for _, v := range []uint16{VersionTLS12, VersionTLS13} {
933 t.Run(name, func(t *testing.T) {
937 Certificates: make([]Certificate, 1),
941 ClientAuth: RequireAndVerifyClientCert,
942 NextProtos: []string{alpnProtocol},
943 ServerName: serverName,
945 config.Certificates[0].Certificate = [][]byte{testRSACertificate}
946 config.Certificates[0].PrivateKey = testRSAPrivateKey
947 config.Certificates[0].SignedCertificateTimestamps = scts
948 config.Certificates[0].OCSPStaple = ocsp
950 ss, cs, err := testHandshake(t, config, config)
952 t.Fatalf("Handshake failed: %v", err)
955 if ss.Version != v || cs.Version != v {
956 t.Errorf("Got versions %x (server) and %x (client), expected %x", ss.Version, cs.Version, v)
959 if !ss.HandshakeComplete || !cs.HandshakeComplete {
960 t.Errorf("Got HandshakeComplete %v (server) and %v (client), expected true", ss.HandshakeComplete, cs.HandshakeComplete)
963 if ss.DidResume || cs.DidResume {
964 t.Errorf("Got DidResume %v (server) and %v (client), expected false", ss.DidResume, cs.DidResume)
967 if ss.CipherSuite == 0 || cs.CipherSuite == 0 {
968 t.Errorf("Got invalid cipher suite: %v (server) and %v (client)", ss.CipherSuite, cs.CipherSuite)
971 if ss.NegotiatedProtocol != alpnProtocol || cs.NegotiatedProtocol != alpnProtocol {
972 t.Errorf("Got negotiated protocol %q (server) and %q (client), expected %q", ss.NegotiatedProtocol, cs.NegotiatedProtocol, alpnProtocol)
975 if !cs.NegotiatedProtocolIsMutual {
976 t.Errorf("Got false NegotiatedProtocolIsMutual on the client side")
978 // NegotiatedProtocolIsMutual on the server side is unspecified.
980 if ss.ServerName != serverName {
981 t.Errorf("Got server name %q, expected %q", ss.ServerName, serverName)
983 if cs.ServerName != "" {
984 t.Errorf("Got unexpected server name on the client side")
987 if len(ss.PeerCertificates) != 1 || len(cs.PeerCertificates) != 1 {
988 t.Errorf("Got %d (server) and %d (client) peer certificates, expected %d", len(ss.PeerCertificates), len(cs.PeerCertificates), 1)
991 if len(ss.VerifiedChains) != 1 || len(cs.VerifiedChains) != 1 {
992 t.Errorf("Got %d (server) and %d (client) verified chains, expected %d", len(ss.VerifiedChains), len(cs.VerifiedChains), 1)
993 } else if len(ss.VerifiedChains[0]) != 2 || len(cs.VerifiedChains[0]) != 2 {
994 t.Errorf("Got %d (server) and %d (client) long verified chain, expected %d", len(ss.VerifiedChains[0]), len(cs.VerifiedChains[0]), 2)
997 if len(cs.SignedCertificateTimestamps) != 2 {
998 t.Errorf("Got %d SCTs, expected %d", len(cs.SignedCertificateTimestamps), 2)
1000 if !bytes.Equal(cs.OCSPResponse, ocsp) {
1001 t.Errorf("Got OCSPs %x, expected %x", cs.OCSPResponse, ocsp)
1003 // Only TLS 1.3 supports OCSP and SCTs on client certs.
1004 if v == VersionTLS13 {
1005 if len(ss.SignedCertificateTimestamps) != 2 {
1006 t.Errorf("Got %d client SCTs, expected %d", len(ss.SignedCertificateTimestamps), 2)
1008 if !bytes.Equal(ss.OCSPResponse, ocsp) {
1009 t.Errorf("Got client OCSPs %x, expected %x", ss.OCSPResponse, ocsp)
1013 if v == VersionTLS13 {
1014 if ss.TLSUnique != nil || cs.TLSUnique != nil {
1015 t.Errorf("Got TLSUnique %x (server) and %x (client), expected nil in TLS 1.3", ss.TLSUnique, cs.TLSUnique)
1018 if ss.TLSUnique == nil || cs.TLSUnique == nil {
1019 t.Errorf("Got TLSUnique %x (server) and %x (client), expected non-nil", ss.TLSUnique, cs.TLSUnique)
1026 // TestEscapeRoute tests that the library will still work if support for TLS 1.3
1027 // is dropped later in the Go 1.12 cycle.
1028 func TestEscapeRoute(t *testing.T) {
1029 defer func(savedSupportedVersions []uint16) {
1030 supportedVersions = savedSupportedVersions
1031 }(supportedVersions)
1032 supportedVersions = []uint16{
1039 expectVersion(t, testConfig, testConfig, VersionTLS12)
1042 func expectVersion(t *testing.T, clientConfig, serverConfig *Config, v uint16) {
1043 ss, cs, err := testHandshake(t, clientConfig, serverConfig)
1045 t.Fatalf("Handshake failed: %v", err)
1047 if ss.Version != v {
1048 t.Errorf("Server negotiated version %x, expected %x", cs.Version, v)
1050 if cs.Version != v {
1051 t.Errorf("Client negotiated version %x, expected %x", cs.Version, v)
1055 // TestTLS13Switch checks the behavior of GODEBUG=tls13=[0|1]. See Issue 30055.
1056 func TestTLS13Switch(t *testing.T) {
1057 defer func(savedGODEBUG string) {
1058 os.Setenv("GODEBUG", savedGODEBUG)
1059 }(os.Getenv("GODEBUG"))
1061 os.Setenv("GODEBUG", "tls13=0")
1062 tls13Support.Once = sync.Once{} // reset the cache
1064 tls12Config := testConfig.Clone()
1065 tls12Config.MaxVersion = VersionTLS12
1066 expectVersion(t, testConfig, testConfig, VersionTLS12)
1067 expectVersion(t, tls12Config, testConfig, VersionTLS12)
1068 expectVersion(t, testConfig, tls12Config, VersionTLS12)
1069 expectVersion(t, tls12Config, tls12Config, VersionTLS12)
1071 os.Setenv("GODEBUG", "tls13=1")
1072 tls13Support.Once = sync.Once{} // reset the cache
1074 expectVersion(t, testConfig, testConfig, VersionTLS13)
1075 expectVersion(t, tls12Config, testConfig, VersionTLS12)
1076 expectVersion(t, testConfig, tls12Config, VersionTLS12)
1077 expectVersion(t, tls12Config, tls12Config, VersionTLS12)
1080 // Issue 28744: Ensure that we don't modify memory
1081 // that Config doesn't own such as Certificates.
1082 func TestBuildNameToCertificate_doesntModifyCertificates(t *testing.T) {
1084 Certificate: [][]byte{testRSACertificate},
1085 PrivateKey: testRSAPrivateKey,
1088 Certificate: [][]byte{testSNICertificate},
1089 PrivateKey: testRSAPrivateKey,
1091 config := testConfig.Clone()
1092 config.Certificates = []Certificate{c0, c1}
1094 config.BuildNameToCertificate()
1095 got := config.Certificates
1096 want := []Certificate{c0, c1}
1097 if !reflect.DeepEqual(got, want) {
1098 t.Fatalf("Certificates were mutated by BuildNameToCertificate\nGot: %#v\nWant: %#v\n", got, want)
1102 func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") }