tribes/parrhesia
1
0
Fork 0
Code Issues Pull Requests Actions Releases 1 Activity

Strengthening the TLS reload test

Browse Source
This commit is contained in:
Steffen
2026-03-17 12:42:08 +01:00
parent 101ded43cb
commit e13c08fd5a
1 changed files with 43 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
test/parrhesia/web/tls_e2e_test.exs
View File

@@ -28,8 +28,8 @@ defmodule Parrhesia.Web.TLSE2ETest do
active_certfile = Path.join(tmp_dir, "active-server.cert.pem") active_certfile = Path.join(tmp_dir, "active-server.cert.pem")
active_keyfile = Path.join(tmp_dir, "active-server.key.pem") active_keyfile = Path.join(tmp_dir, "active-server.key.pem")
File.cp!(server_a.certfile, active_certfile) replace_file!(server_a.certfile, active_certfile)
File.cp!(server_a.keyfile, active_keyfile) replace_file!(server_a.keyfile, active_keyfile)
port = free_port() port = free_port()
endpoint_name = unique_name("TLSEndpointReload") endpoint_name = unique_name("TLSEndpointReload")
@@ -73,11 +73,30 @@ defmodule Parrhesia.Web.TLSE2ETest do
5_000 5_000
) )
File.cp!(server_b.certfile, active_certfile) {:ok, first_listener_pid} = listener_pid(endpoint_name, listener_id)
File.cp!(server_b.keyfile, active_keyfile)
replace_file!(server_b.certfile, active_certfile)
replace_file!(server_b.keyfile, active_keyfile)
assert :ok = Endpoint.reload_listener(endpoint_name, listener_id) assert :ok = Endpoint.reload_listener(endpoint_name, listener_id)
assert_eventually(
fn ->
case listener_pid(endpoint_name, listener_id) do
{:ok, listener_pid} -> listener_pid != first_listener_pid
_other -> false
end
end,
5_000
)
assert_eventually(
fn ->
nip11_request(port, ca.certfile) == {:ok, 200}
end,
5_000
)
expected_reloaded_fingerprint = TLSCerts.cert_sha256!(server_b.certfile) expected_reloaded_fingerprint = TLSCerts.cert_sha256!(server_b.certfile)
assert_eventually( assert_eventually(
@@ -303,6 +322,26 @@ defmodule Parrhesia.Web.TLSE2ETest do
end end
end end
defp listener_pid(endpoint_name, listener_id) do
case Enum.find(Supervisor.which_children(endpoint_name), fn {id, _pid, _type, _modules} ->
id == {:listener, listener_id}
end) do
{{:listener, ^listener_id}, pid, _type, _modules} when is_pid(pid) -> {:ok, pid}
_other -> {:error, :listener_not_running}
end
end
defp replace_file!(source, destination) do
staged_destination =
Path.join(
Path.dirname(destination),
".#{Path.basename(destination)}.#{System.unique_integer([:positive, :monotonic])}.tmp"
)
File.write!(staged_destination, File.read!(source))
File.rename!(staged_destination, destination)
end
defp ca_certs(certfile) do defp ca_certs(certfile) do
certfile certfile
|> File.read!() |> File.read!()