// A hack to avoid issues with our test self signed cert.
// We don't want to require the runner of the test to install the
// self signed CA, so we just manually compare the server cert
// with the what the gnatsd server should return to the client
// in our test.
//
// Getting here means SSL is working in the client.
//
private bool verifyServerCert(object sender,
X509Certificate certificate, X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors == SslPolicyErrors.None)
{
return(true);
}
X509Certificate serverCert = new X509Certificate(
UnitTestUtilities.GetFullCertificatePath("server-cert.pem"));
// UNSAFE hack for testing purposes.
#if NET45
var isOK = serverCert.GetRawCertDataString().Equals(certificate.GetRawCertDataString());
#else
var isOK = serverCert.Issuer.Equals(certificate.Issuer);
#endif
if (isOK)
{
return(true);
}
return(false);
}
public void TestTlsSuccessWithCert()
{
using (NATSServer srv = util.CreateServerWithConfig("tls_1222_verify.conf"))
{
Options opts = util.DefaultTestOptions;
opts.Secure = true;
opts.Url = "nats://localhost:1222";
opts.TLSRemoteCertificationValidationCallback = verifyServerCert;
// .NET requires the private key and cert in the
// same file. 'client.pfx' is generated from:
//
// openssl pkcs12 -export -out client.pfx
// -inkey client-key.pem -in client-cert.pem
X509Certificate2 cert = new X509Certificate2(
UnitTestUtilities.GetFullCertificatePath("client.pfx"), "password");
opts.AddCertificate(cert);
using (IConnection c = new ConnectionFactory().CreateConnection(opts))
{
using (ISyncSubscription s = c.SubscribeSync("foo"))
{
c.Publish("foo", null);
c.Flush();
Msg m = s.NextMessage();
}
}
}
}
public void TestAuthServers()
{
string[] plainServers = new string[] {
"nats://*****:*****@localhost:1224"
};
opts.Servers = authServers;
using (IConnection c = new ConnectionFactory().CreateConnection(opts))
{
Assert.IsTrue(c.ConnectedUrl.Equals(authServers[1]));
}
}
}
public void TestTlsFailWithBadAuth()
{
using (NATSServer srv = util.CreateServerWithConfig(TestContext, "tls_1222_user.conf"))
{
Options opts = ConnectionFactory.GetDefaultOptions();
opts.Secure = true;
opts.Url = "nats://*****:*****@localhost:1222";
opts.TLSRemoteCertificationValidationCallback = verifyServerCert;
// this will fail, because it's not complete - missing the private
// key.
opts.AddCertificate(UnitTestUtilities.GetFullCertificatePath(
TestContext, "client-cert.pem"));
try
{
new ConnectionFactory().CreateConnection(opts);
}
catch (NATSException nae)
{
System.Console.WriteLine("Caught expected exception: " + nae.Message);
System.Console.WriteLine("Exception output:" + nae);
return;
}
Assert.Fail("Did not receive exception.");
}
}
public void TestServersOption()
{
IConnection c = null;
ConnectionFactory cf = new ConnectionFactory();
Options o = ConnectionFactory.GetDefaultOptions();
o.NoRandomize = true;
UnitTestUtilities.testExpectedException(
() => { cf.CreateConnection(); },
typeof(NATSNoServersException));
o.Servers = testServers;
UnitTestUtilities.testExpectedException(
() => { cf.CreateConnection(o); },
typeof(NATSNoServersException));
// Make sure we can connect to first server if running
using (NATSServer ns = utils.CreateServerOnPort(1222))
{
c = cf.CreateConnection(o);
Assert.IsTrue(testServers[0].Equals(c.ConnectedUrl));
c.Close();
}
// make sure we can connect to a non-first server.
using (NATSServer ns = utils.CreateServerOnPort(1227))
{
c = cf.CreateConnection(o);
Assert.IsTrue(testServers[5].Equals(c.ConnectedUrl));
c.Close();
}
}
public void TestClosedConnections()
{
IConnection c = new ConnectionFactory().CreateConnection();
ISyncSubscription s = c.SubscribeSync("foo");
c.Close();
// While we can annotate all the exceptions in the test framework,
// just do it manually.
UnitTestUtilities.testExpectedException(
() => { c.Publish("foo", null); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { c.Publish(new Msg("foo")); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { c.SubscribeAsync("foo"); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { c.SubscribeSync("foo"); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { c.SubscribeAsync("foo", "bar"); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { c.SubscribeSync("foo", "bar"); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { c.Request("foo", null); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { s.NextMessage(); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { s.NextMessage(100); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { s.Unsubscribe(); },
typeof(NATSConnectionClosedException));
UnitTestUtilities.testExpectedException(
() => { s.AutoUnsubscribe(1); },
typeof(NATSConnectionClosedException));
}
public void TestTlsFailWithBadAuth()
{
using (NATSServer srv = util.CreateServerWithConfig("tls_1222_user.conf"))
{
Options opts = util.DefaultTestOptions;
opts.Secure = true;
opts.Url = "nats://*****:*****@localhost:1222";
opts.TLSRemoteCertificationValidationCallback = verifyServerCert;
// this will fail, because it's not complete - missing the private
// key.
opts.AddCertificate(UnitTestUtilities.GetFullCertificatePath("client-cert.pem"));
Assert.ThrowsAny <NATSException>(() => new ConnectionFactory().CreateConnection(opts));
}
}
private void createProcessStartInfo()
{
psInfo = new ProcessStartInfo(SERVEREXE);
if (debug)
{
psInfo.Arguments = " -DV ";
}
else
{
#if NET45
psInfo.WindowStyle = ProcessWindowStyle.Hidden;
#else
psInfo.CreateNoWindow = true;
#endif
}
psInfo.WorkingDirectory = UnitTestUtilities.GetConfigDir();
}
// A hack to avoid issues with our test self signed cert.
// We don't want to require the runner of the test to install the
// self signed CA, so we just manually compare the server cert
// with the what the gnatsd server should return to the client
// in our test.
//
// Getting here means SSL is working in the client.
//
private bool verifyServerCert(object sender,
X509Certificate certificate, X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors == SslPolicyErrors.None)
{
return(true);
}
X509Certificate serverCert = new X509Certificate(
UnitTestUtilities.GetFullCertificatePath(
TestContext, "server-cert.pem"));
// UNSAFE hack for testing purposes.
if (serverCert.GetRawCertDataString().Equals(certificate.GetRawCertDataString()))
{
return(true);
}
return(false);
}
private ProcessStartInfo createProcessStartInfo(TestContext context)
{
string gnatsd = Properties.Settings.Default.gnatsd;
ProcessStartInfo psInfo = new ProcessStartInfo(gnatsd);
if (debug)
{
psInfo.Arguments = " -DV ";
}
else
{
psInfo.WindowStyle = ProcessWindowStyle.Hidden;
}
if (context != null)
{
psInfo.WorkingDirectory =
UnitTestUtilities.GetConfigDir(context);
}
return(psInfo);
}
public void Initialize()
{
UnitTestUtilities.CleanupExistingServers();
}
public void Initialize()
{
UnitTestUtilities.CleanupExistingServers();
utils.StartDefaultServer();
}
