|
|
@@ -57,50 +57,72 @@ func TestMeekModePlaintextRoundTrip(t *testing.T) {
|
|
|
t.Fatalf("parameters.NewParameters failed: %v", err)
|
|
|
}
|
|
|
|
|
|
- meekConfig := &MeekConfig{
|
|
|
- Parameters: params,
|
|
|
- Mode: MeekModePlaintextRoundTrip,
|
|
|
- DialAddress: serverAddr,
|
|
|
- UseHTTPS: true,
|
|
|
- SNIServerName: "not-" + serverName,
|
|
|
- VerifyServerName: serverName,
|
|
|
- VerifyPins: []string{rootCACertificatePin, serverCertificatePin},
|
|
|
+ testCases := []struct {
|
|
|
+ description string
|
|
|
+ meekMode MeekMode
|
|
|
+ verifyServerName string
|
|
|
+ verifyPins []string
|
|
|
+ }{
|
|
|
+ {
|
|
|
+ meekMode: MeekModePlaintextRoundTrip,
|
|
|
+ verifyServerName: serverName,
|
|
|
+ verifyPins: []string{rootCACertificatePin, serverCertificatePin},
|
|
|
+ },
|
|
|
+ {
|
|
|
+ meekMode: MeekModeWrappedPlaintextRoundTrip,
|
|
|
+ verifyServerName: "",
|
|
|
+ verifyPins: nil,
|
|
|
+ },
|
|
|
}
|
|
|
|
|
|
- dialConfig := &DialConfig{
|
|
|
- TrustedCACertificatesFilename: rootCAsFileName,
|
|
|
- CustomDialer: dialer,
|
|
|
- }
|
|
|
-
|
|
|
- for _, tlsFragmentClientHello := range []bool{false, true} {
|
|
|
-
|
|
|
- ctx, cancelFunc := context.WithTimeout(context.Background(), 1*time.Second)
|
|
|
- defer cancelFunc()
|
|
|
-
|
|
|
- meekConfig.TLSFragmentClientHello = tlsFragmentClientHello
|
|
|
-
|
|
|
- meekConn, err := DialMeek(ctx, meekConfig, dialConfig)
|
|
|
- if err != nil {
|
|
|
- t.Fatalf("DialMeek failed: %v", err)
|
|
|
- }
|
|
|
-
|
|
|
- client := &http.Client{
|
|
|
- Transport: meekConn,
|
|
|
- }
|
|
|
-
|
|
|
- response, err := client.Get("https://" + serverAddr + "/")
|
|
|
- if err != nil {
|
|
|
- t.Fatalf("http.Client.Get failed: %v", err)
|
|
|
- }
|
|
|
- response.Body.Close()
|
|
|
-
|
|
|
- if response.StatusCode != http.StatusOK {
|
|
|
- t.Fatalf("unexpected response code: %v", response.StatusCode)
|
|
|
- }
|
|
|
-
|
|
|
- err = meekConn.Close()
|
|
|
- if err != nil {
|
|
|
- t.Fatalf("MeekConn.Close failed: %v", err)
|
|
|
- }
|
|
|
+ for _, testCase := range testCases {
|
|
|
+ t.Run(testCase.description, func(t *testing.T) {
|
|
|
+ meekConfig := &MeekConfig{
|
|
|
+ Parameters: params,
|
|
|
+ Mode: testCase.meekMode,
|
|
|
+ DialAddress: serverAddr,
|
|
|
+ UseHTTPS: true,
|
|
|
+ SNIServerName: "not-" + serverName,
|
|
|
+ VerifyServerName: testCase.verifyServerName,
|
|
|
+ VerifyPins: testCase.verifyPins,
|
|
|
+ }
|
|
|
+
|
|
|
+ dialConfig := &DialConfig{
|
|
|
+ TrustedCACertificatesFilename: rootCAsFileName,
|
|
|
+ CustomDialer: dialer,
|
|
|
+ }
|
|
|
+
|
|
|
+ for _, tlsFragmentClientHello := range []bool{false, true} {
|
|
|
+
|
|
|
+ ctx, cancelFunc := context.WithTimeout(context.Background(), 1*time.Second)
|
|
|
+ defer cancelFunc()
|
|
|
+
|
|
|
+ meekConfig.TLSFragmentClientHello = tlsFragmentClientHello
|
|
|
+
|
|
|
+ meekConn, err := DialMeek(ctx, meekConfig, dialConfig)
|
|
|
+ if err != nil {
|
|
|
+ t.Fatalf("DialMeek failed: %v", err)
|
|
|
+ }
|
|
|
+
|
|
|
+ client := &http.Client{
|
|
|
+ Transport: meekConn,
|
|
|
+ }
|
|
|
+
|
|
|
+ response, err := client.Get("https://" + serverAddr + "/")
|
|
|
+ if err != nil {
|
|
|
+ t.Fatalf("http.Client.Get failed: %v", err)
|
|
|
+ }
|
|
|
+ response.Body.Close()
|
|
|
+
|
|
|
+ if response.StatusCode != http.StatusOK {
|
|
|
+ t.Fatalf("unexpected response code: %v", response.StatusCode)
|
|
|
+ }
|
|
|
+
|
|
|
+ err = meekConn.Close()
|
|
|
+ if err != nil {
|
|
|
+ t.Fatalf("MeekConn.Close failed: %v", err)
|
|
|
+ }
|
|
|
+ }
|
|
|
+ })
|
|
|
}
|
|
|
}
|
Miro