d2c04fcca5
Move TLS, OCSP, WebSocket, Networking, and IO test files from NATS.Server.Tests into a dedicated NATS.Server.Transport.Tests project. Update namespaces, replace private GetFreePort/ReadUntilAsync with shared TestUtilities helpers, extract TestCertHelper to TestUtilities, and replace Task.Delay polling loops with PollHelper.WaitUntilAsync/YieldForAsync for proper synchronization.
98 lines
2.6 KiB
C#
98 lines
2.6 KiB
C#
using NATS.Server.Tls;
|
|
|
|
namespace NATS.Server.Transport.Tests;
|
|
|
|
public class OcspStaplingTests
|
|
{
|
|
[Fact]
|
|
public void OcspMode_Must_is_strictest()
|
|
{
|
|
var config = new OcspConfig { Mode = OcspMode.Must };
|
|
config.Mode.ShouldBe(OcspMode.Must);
|
|
}
|
|
|
|
[Fact]
|
|
public void OcspMode_Never_disables_all()
|
|
{
|
|
var config = new OcspConfig { Mode = OcspMode.Never };
|
|
config.Mode.ShouldBe(OcspMode.Never);
|
|
}
|
|
|
|
[Fact]
|
|
public void OcspPeerVerify_default_is_false()
|
|
{
|
|
var options = new NatsOptions();
|
|
options.OcspPeerVerify.ShouldBeFalse();
|
|
}
|
|
|
|
[Fact]
|
|
public void OcspConfig_default_mode_is_Auto()
|
|
{
|
|
var config = new OcspConfig();
|
|
config.Mode.ShouldBe(OcspMode.Auto);
|
|
}
|
|
|
|
[Fact]
|
|
public void OcspConfig_default_OverrideUrls_is_empty()
|
|
{
|
|
var config = new OcspConfig();
|
|
config.OverrideUrls.ShouldBeEmpty();
|
|
}
|
|
|
|
[Fact]
|
|
public void BuildCertificateContext_returns_null_when_no_tls()
|
|
{
|
|
var options = new NatsOptions
|
|
{
|
|
OcspConfig = new OcspConfig { Mode = OcspMode.Always },
|
|
};
|
|
// HasTls is false because TlsCert and TlsKey are not set
|
|
options.HasTls.ShouldBeFalse();
|
|
var context = TlsHelper.BuildCertificateContext(options);
|
|
context.ShouldBeNull();
|
|
}
|
|
|
|
[Fact]
|
|
public void BuildCertificateContext_returns_null_when_mode_is_Never()
|
|
{
|
|
var options = new NatsOptions
|
|
{
|
|
TlsCert = "server.pem",
|
|
TlsKey = "server-key.pem",
|
|
OcspConfig = new OcspConfig { Mode = OcspMode.Never },
|
|
};
|
|
// OcspMode.Never must short-circuit even when TLS cert paths are set
|
|
var context = TlsHelper.BuildCertificateContext(options);
|
|
context.ShouldBeNull();
|
|
}
|
|
|
|
[Fact]
|
|
public void BuildCertificateContext_returns_null_when_OcspConfig_is_null()
|
|
{
|
|
var options = new NatsOptions
|
|
{
|
|
TlsCert = "server.pem",
|
|
TlsKey = "server-key.pem",
|
|
OcspConfig = null,
|
|
};
|
|
var context = TlsHelper.BuildCertificateContext(options);
|
|
context.ShouldBeNull();
|
|
}
|
|
|
|
[Fact]
|
|
public void OcspPeerVerify_can_be_enabled()
|
|
{
|
|
var options = new NatsOptions { OcspPeerVerify = true };
|
|
options.OcspPeerVerify.ShouldBeTrue();
|
|
}
|
|
|
|
[Fact]
|
|
public void OcspMode_values_have_correct_ordinals()
|
|
{
|
|
((int)OcspMode.Auto).ShouldBe(0);
|
|
((int)OcspMode.Always).ShouldBe(1);
|
|
((int)OcspMode.Must).ShouldBe(2);
|
|
((int)OcspMode.Never).ShouldBe(3);
|
|
}
|
|
}
|