From d09027caf606532330b837114843b7e7fdea68f9 Mon Sep 17 00:00:00 2001 From: Daniel Nephin Date: Thu, 24 Jun 2021 13:43:15 -0400 Subject: [PATCH] tlsutils: more test cases for OutgoingTLSConfigForCheck --- tlsutil/config_test.go | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/tlsutil/config_test.go b/tlsutil/config_test.go index f63a02d051..42116c985c 100644 --- a/tlsutil/config_test.go +++ b/tlsutil/config_test.go @@ -937,6 +937,13 @@ func TestConfigurator_OutgoingTLSConfigForCheck(t *testing.T) { } testCases := []testCase{ + { + name: "default tls", + conf: func() (*Configurator, error) { + return NewConfigurator(Config{}, nil) + }, + expected: &tls.Config{}, + }, { name: "default tls, skip verify, no server name", conf: func() (*Configurator, error) { @@ -955,6 +962,7 @@ func TestConfigurator_OutgoingTLSConfigForCheck(t *testing.T) { TLSMinVersion: "tls12", EnableAgentTLSForChecks: false, ServerName: "servername", + NodeName: "nodename", }, nil) }, skipVerify: true, @@ -977,19 +985,34 @@ func TestConfigurator_OutgoingTLSConfigForCheck(t *testing.T) { }, }, { - name: "agent tls, skip verify, default server name", + name: "agent tls, default server name", conf: func() (*Configurator, error) { return NewConfigurator(Config{ TLSMinVersion: "tls12", EnableAgentTLSForChecks: true, + NodeName: "nodename", ServerName: "servername", }, nil) }, + expected: &tls.Config{ + MinVersion: tls.VersionTLS12, + ServerName: "servername", + }, + }, + { + name: "agent tls, skip verify, node name for server name", + conf: func() (*Configurator, error) { + return NewConfigurator(Config{ + TLSMinVersion: "tls12", + EnableAgentTLSForChecks: true, + NodeName: "nodename", + }, nil) + }, skipVerify: true, expected: &tls.Config{ InsecureSkipVerify: true, MinVersion: tls.VersionTLS12, - ServerName: "servername", + ServerName: "nodename", }, }, {