From 7ed6d220176be60ace521a1a11a309f6537c0489 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= Date: Tue, 8 Mar 2022 13:55:51 +0100 Subject: Add tests for SNI --- test/gun_SUITE.erl | 28 ++++++++++++++++++++++++++++ test/gun_test.erl | 4 +++- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/test/gun_SUITE.erl b/test/gun_SUITE.erl index a35006b..1a15b01 100644 --- a/test/gun_SUITE.erl +++ b/test/gun_SUITE.erl @@ -419,6 +419,34 @@ retry_timeout(_) -> {_, terminate, _} = receive_event(ConnPid), ok. +server_name_indication_custom(_) -> + doc("Ensure a custom server_name_indication is accepted."), + do_server_name_indication("localhost", net_adm:localhost(), #{ + tls_opts => [{server_name_indication, net_adm:localhost()}] + }). + +server_name_indication_default(_) -> + doc("Ensure a default server_name_indication is accepted."), + do_server_name_indication(net_adm:localhost(), net_adm:localhost(), #{}). + +do_server_name_indication(Host, Expected, GunOpts) -> + Self = self(), + {ok, OriginPid, OriginPort} = init_origin(tls, http, + fun(_, ClientSocket, _) -> + {ok, Info} = ssl:connection_information(ClientSocket), + Msg = {sni_hostname, _} = lists:keyfind(sni_hostname, 1, Info), + Self ! Msg + end), + {ok, ConnPid} = gun:open(Host, OriginPort, GunOpts#{ + transport => tls, + retry => 0 + }), + handshake_completed = receive_from(OriginPid), + %% The connection will succeed, look up the SNI hostname + %% and send it to us as a message, where we can check it. + {sni_hostname, Expected} = receive Msg = {sni_hostname, _} -> Msg end, + gun:close(ConnPid). + set_owner(_) -> doc("The owner of the connection can be changed."), Self = self(), diff --git a/test/gun_test.erl b/test/gun_test.erl index ad352c3..79f70c9 100644 --- a/test/gun_test.erl +++ b/test/gun_test.erl @@ -58,10 +58,12 @@ init_origin(Parent, Transport, Protocol, Fun) Fun(Parent, ClientSocket, gen_tcp); init_origin(Parent, tls, Protocol, Fun) -> Opts0 = ct_helper:get_certs_from_ets(), - Opts = case Protocol of + Opts1 = case Protocol of http2 -> [{alpn_preferred_protocols, [<<"h2">>]}|Opts0]; _ -> Opts0 end, + %% sni_hosts is necessary for SNI tests to succeed. + Opts = [{sni_hosts, [{net_adm:localhost(), []}]}|Opts1], {ok, ListenSocket} = ssl:listen(0, [binary, {active, false}|Opts]), {ok, {_, Port}} = ssl:sockname(ListenSocket), Parent ! {self(), Port}, -- cgit v1.2.3