etcd/pkg/transport/listener_test.go

/*
   Copyright 2014 CoreOS, Inc.

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
*/

package transport

import (
	"crypto/tls"
	"errors"
	"io/ioutil"
	"net/http"
	"os"
	"testing"
)

func createTempFile(b []byte) (string, error) {
	f, err := ioutil.TempFile("", "etcd-test-tls-")
	if err != nil {
		return "", err
	}
	defer f.Close()

	if _, err = f.Write(b); err != nil {
		return "", err
	}

	return f.Name(), nil
}

func fakeCertificateParserFunc(cert tls.Certificate, err error) func(certPEMBlock, keyPEMBlock []byte) (tls.Certificate, error) {
	return func(certPEMBlock, keyPEMBlock []byte) (tls.Certificate, error) {
		return cert, err
	}
}

// TestNewListenerTLSInfo tests that NewListener with valid TLSInfo returns
// a TLS listerner that accepts TLS connections.
func TestNewListenerTLSInfo(t *testing.T) {
	tmp, err := createTempFile([]byte("XXX"))
	if err != nil {
		t.Fatalf("unable to create tmpfile: %v", err)
	}
	defer os.Remove(tmp)
	tlsInfo := TLSInfo{CertFile: tmp, KeyFile: tmp}
	tlsInfo.parseFunc = fakeCertificateParserFunc(tls.Certificate{}, nil)
	ln, err := NewListener("127.0.0.1:0", "https", tlsInfo)
	if err != nil {
		t.Fatalf("unexpected NewListener error: %v", err)
	}
	defer ln.Close()

	go http.Get("https://" + ln.Addr().String())
	conn, err := ln.Accept()
	if err != nil {
		t.Fatalf("unexpected Accept error: %v", err)
	}
	defer conn.Close()
	if _, ok := conn.(*tls.Conn); !ok {
		t.Errorf("failed to accept *tls.Conn")
	}
}

func TestNewListenerTLSInfoNonexist(t *testing.T) {
	tlsInfo := TLSInfo{CertFile: "@badname", KeyFile: "@badname"}
	_, err := NewListener("127.0.0.1:0", "https", tlsInfo)
	werr := &os.PathError{
		Op:   "open",
		Path: "@badname",
		Err:  errors.New("no such file or directory"),
	}
	if err.Error() != werr.Error() {
		t.Errorf("err = %v, want %v", err, werr)
	}
}

func TestNewTransportTLSInfo(t *testing.T) {
	tmp, err := createTempFile([]byte("XXX"))
	if err != nil {
		t.Fatalf("Unable to prepare tmpfile: %v", err)
	}
	defer os.Remove(tmp)

	tests := []TLSInfo{
		TLSInfo{},
		TLSInfo{
			CertFile: tmp,
			KeyFile:  tmp,
		},
		TLSInfo{
			CertFile: tmp,
			KeyFile:  tmp,
			CAFile:   tmp,
		},
		TLSInfo{
			CAFile: tmp,
		},
	}

	for i, tt := range tests {
		tt.parseFunc = fakeCertificateParserFunc(tls.Certificate{}, nil)
		trans, err := NewTransport(tt)
		if err != nil {
			t.Fatalf("Received unexpected error from NewTransport: %v", err)
		}

		if trans.TLSClientConfig == nil {
			t.Fatalf("#%d: want non-nil TLSClientConfig", i)
		}
	}
}

func TestTLSInfoEmpty(t *testing.T) {
	tests := []struct {
		info TLSInfo
		want bool
	}{
		{TLSInfo{}, true},
		{TLSInfo{CAFile: "baz"}, true},
		{TLSInfo{CertFile: "foo"}, false},
		{TLSInfo{KeyFile: "bar"}, false},
		{TLSInfo{CertFile: "foo", KeyFile: "bar"}, false},
		{TLSInfo{CertFile: "foo", CAFile: "baz"}, false},
		{TLSInfo{KeyFile: "bar", CAFile: "baz"}, false},
		{TLSInfo{CertFile: "foo", KeyFile: "bar", CAFile: "baz"}, false},
	}

	for i, tt := range tests {
		got := tt.info.Empty()
		if tt.want != got {
			t.Errorf("#%d: result of Empty() incorrect: want=%t got=%t", i, tt.want, got)
		}
	}
}

func TestTLSInfoMissingFields(t *testing.T) {
	tmp, err := createTempFile([]byte("XXX"))
	if err != nil {
		t.Fatalf("Unable to prepare tmpfile: %v", err)
	}
	defer os.Remove(tmp)

	tests := []TLSInfo{
		TLSInfo{CertFile: tmp},
		TLSInfo{KeyFile: tmp},
		TLSInfo{CertFile: tmp, CAFile: tmp},
		TLSInfo{KeyFile: tmp, CAFile: tmp},
	}

	for i, info := range tests {
		if _, err := info.ServerConfig(); err == nil {
			t.Errorf("#%d: expected non-nil error from ServerConfig()", i)
		}

		if _, err = info.ClientConfig(); err == nil {
			t.Errorf("#%d: expected non-nil error from ClientConfig()", i)
		}
	}
}

func TestTLSInfoParseFuncError(t *testing.T) {
	tmp, err := createTempFile([]byte("XXX"))
	if err != nil {
		t.Fatalf("Unable to prepare tmpfile: %v", err)
	}
	defer os.Remove(tmp)

	info := TLSInfo{CertFile: tmp, KeyFile: tmp, CAFile: tmp}
	info.parseFunc = fakeCertificateParserFunc(tls.Certificate{}, errors.New("fake"))

	if _, err := info.ServerConfig(); err == nil {
		t.Errorf("expected non-nil error from ServerConfig()")
	}

	if _, err = info.ClientConfig(); err == nil {
		t.Errorf("expected non-nil error from ClientConfig()")
	}
}

func TestTLSInfoConfigFuncs(t *testing.T) {
	tmp, err := createTempFile([]byte("XXX"))
	if err != nil {
		t.Fatalf("Unable to prepare tmpfile: %v", err)
	}
	defer os.Remove(tmp)

	tests := []struct {
		info       TLSInfo
		clientAuth tls.ClientAuthType
		wantCAs    bool
	}{
		{
			info:       TLSInfo{CertFile: tmp, KeyFile: tmp},
			clientAuth: tls.NoClientCert,
			wantCAs:    false,
		},

		{
			info:       TLSInfo{CertFile: tmp, KeyFile: tmp, CAFile: tmp},
			clientAuth: tls.RequireAndVerifyClientCert,
			wantCAs:    true,
		},
	}

	for i, tt := range tests {
		tt.info.parseFunc = fakeCertificateParserFunc(tls.Certificate{}, nil)

		sCfg, err := tt.info.ServerConfig()
		if err != nil {
			t.Errorf("#%d: expected nil error from ServerConfig(), got non-nil: %v", i, err)
		}

		if tt.wantCAs != (sCfg.ClientCAs != nil) {
			t.Errorf("#%d: wantCAs=%t but ClientCAs=%v", i, tt.wantCAs, sCfg.ClientCAs)
		}

		cCfg, err := tt.info.ClientConfig()
		if err != nil {
			t.Errorf("#%d: expected nil error from ClientConfig(), got non-nil: %v", i, err)
		}

		if tt.wantCAs != (cCfg.RootCAs != nil) {
			t.Errorf("#%d: wantCAs=%t but RootCAs=%v", i, tt.wantCAs, sCfg.RootCAs)
		}
	}
}
*: add license header to all source files 2014-10-18 02:41:22 +04:00			`/*`
			`Copyright 2014 CoreOS, Inc.`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`package transport`

			`import (`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`"crypto/tls"`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`"errors"`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`"io/ioutil"`
pkg/transport: add NewListener test 2015-01-10 02:43:25 +03:00			`"net/http"`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`"os"`
			`"testing"`
			`)`

			`func createTempFile(b []byte) (string, error) {`
			`f, err := ioutil.TempFile("", "etcd-test-tls-")`
			`if err != nil {`
			`return "", err`
			`}`
			`defer f.Close()`

			`if _, err = f.Write(b); err != nil {`
			`return "", err`
			`}`

			`return f.Name(), nil`
			`}`

transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`func fakeCertificateParserFunc(cert tls.Certificate, err error) func(certPEMBlock, keyPEMBlock []byte) (tls.Certificate, error) {`
			`return func(certPEMBlock, keyPEMBlock []byte) (tls.Certificate, error) {`
			`return cert, err`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`}`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`}`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00
pkg/transport: add NewListener test 2015-01-10 02:43:25 +03:00			`// TestNewListenerTLSInfo tests that NewListener with valid TLSInfo returns`
			`// a TLS listerner that accepts TLS connections.`
			`func TestNewListenerTLSInfo(t *testing.T) {`
			`tmp, err := createTempFile([]byte("XXX"))`
			`if err != nil {`
			`t.Fatalf("unable to create tmpfile: %v", err)`
			`}`
			`defer os.Remove(tmp)`
			`tlsInfo := TLSInfo{CertFile: tmp, KeyFile: tmp}`
			`tlsInfo.parseFunc = fakeCertificateParserFunc(tls.Certificate{}, nil)`
pkg/transport: tests always listen on 127.0.0.1 This avoids firewall prompts when running tests on OSX. 2015-01-14 21:14:57 +03:00			`ln, err := NewListener("127.0.0.1:0", "https", tlsInfo)`
pkg/transport: add NewListener test 2015-01-10 02:43:25 +03:00			`if err != nil {`
			`t.Fatalf("unexpected NewListener error: %v", err)`
			`}`
			`defer ln.Close()`

			`go http.Get("https://" + ln.Addr().String())`
			`conn, err := ln.Accept()`
			`if err != nil {`
			`t.Fatalf("unexpected Accept error: %v", err)`
			`}`
			`defer conn.Close()`
			`if _, ok := conn.(*tls.Conn); !ok {`
			`t.Errorf("failed to accept *tls.Conn")`
			`}`
			`}`

			`func TestNewListenerTLSInfoNonexist(t *testing.T) {`
			`tlsInfo := TLSInfo{CertFile: "@badname", KeyFile: "@badname"}`
pkg/transport: tests always listen on 127.0.0.1 This avoids firewall prompts when running tests on OSX. 2015-01-14 21:14:57 +03:00			`_, err := NewListener("127.0.0.1:0", "https", tlsInfo)`
pkg/transport: add NewListener test 2015-01-10 02:43:25 +03:00			`werr := &os.PathError{`
			`Op: "open",`
			`Path: "@badname",`
			`Err: errors.New("no such file or directory"),`
			`}`
			`if err.Error() != werr.Error() {`
			`t.Errorf("err = %v, want %v", err, werr)`
			`}`
			`}`

transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`func TestNewTransportTLSInfo(t *testing.T) {`
			`tmp, err := createTempFile([]byte("XXX"))`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`if err != nil {`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`t.Fatalf("Unable to prepare tmpfile: %v", err)`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`}`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`defer os.Remove(tmp)`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00
pkg/transport: generate TLS client config w/ only CAFile 2014-11-06 23:10:04 +03:00			`tests := []TLSInfo{`
			`TLSInfo{},`
			`TLSInfo{`
			`CertFile: tmp,`
			`KeyFile: tmp,`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`},`
pkg/transport: generate TLS client config w/ only CAFile 2014-11-06 23:10:04 +03:00			`TLSInfo{`
			`CertFile: tmp,`
			`KeyFile: tmp,`
			`CAFile: tmp,`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`},`
pkg/transport: generate TLS client config w/ only CAFile 2014-11-06 23:10:04 +03:00			`TLSInfo{`
			`CAFile: tmp,`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`},`
			`}`

			`for i, tt := range tests {`
pkg/transport: generate TLS client config w/ only CAFile 2014-11-06 23:10:04 +03:00			`tt.parseFunc = fakeCertificateParserFunc(tls.Certificate{}, nil)`
			`trans, err := NewTransport(tt)`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`if err != nil {`
			`t.Fatalf("Received unexpected error from NewTransport: %v", err)`
			`}`

pkg/transport: generate TLS client config w/ only CAFile 2014-11-06 23:10:04 +03:00			`if trans.TLSClientConfig == nil {`
			`t.Fatalf("#%d: want non-nil TLSClientConfig", i)`
transport: spot-check NewTransport 2014-09-23 23:14:47 +04:00			`}`
			`}`
			`}`
transport: test TLSInfo.Empty() 2014-09-23 23:19:32 +04:00
			`func TestTLSInfoEmpty(t *testing.T) {`
			`tests := []struct {`
			`info TLSInfo`
			`want bool`
			`}{`
			`{TLSInfo{}, true},`
			`{TLSInfo{CAFile: "baz"}, true},`
			`{TLSInfo{CertFile: "foo"}, false},`
			`{TLSInfo{KeyFile: "bar"}, false},`
			`{TLSInfo{CertFile: "foo", KeyFile: "bar"}, false},`
			`{TLSInfo{CertFile: "foo", CAFile: "baz"}, false},`
			`{TLSInfo{KeyFile: "bar", CAFile: "baz"}, false},`
			`{TLSInfo{CertFile: "foo", KeyFile: "bar", CAFile: "baz"}, false},`
			`}`

			`for i, tt := range tests {`
			`got := tt.info.Empty()`
			`if tt.want != got {`
			`t.Errorf("#%d: result of Empty() incorrect: want=%t got=%t", i, tt.want, got)`
			`}`
			`}`
			`}`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00
			`func TestTLSInfoMissingFields(t *testing.T) {`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`tmp, err := createTempFile([]byte("XXX"))`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`if err != nil {`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`t.Fatalf("Unable to prepare tmpfile: %v", err)`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`}`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`defer os.Remove(tmp)`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00
			`tests := []TLSInfo{`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`TLSInfo{CertFile: tmp},`
			`TLSInfo{KeyFile: tmp},`
			`TLSInfo{CertFile: tmp, CAFile: tmp},`
			`TLSInfo{KeyFile: tmp, CAFile: tmp},`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`}`

			`for i, info := range tests {`
			`if _, err := info.ServerConfig(); err == nil {`
			`t.Errorf("#%d: expected non-nil error from ServerConfig()", i)`
			`}`

			`if _, err = info.ClientConfig(); err == nil {`
			`t.Errorf("#%d: expected non-nil error from ClientConfig()", i)`
			`}`
			`}`
			`}`

transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`func TestTLSInfoParseFuncError(t *testing.T) {`
			`tmp, err := createTempFile([]byte("XXX"))`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`if err != nil {`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`t.Fatalf("Unable to prepare tmpfile: %v", err)`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`}`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`defer os.Remove(tmp)`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`info := TLSInfo{CertFile: tmp, KeyFile: tmp, CAFile: tmp}`
			`info.parseFunc = fakeCertificateParserFunc(tls.Certificate{}, errors.New("fake"))`

			`if _, err := info.ServerConfig(); err == nil {`
			`t.Errorf("expected non-nil error from ServerConfig()")`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`}`

transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`if _, err = info.ClientConfig(); err == nil {`
			`t.Errorf("expected non-nil error from ClientConfig()")`
			`}`
			`}`

			`func TestTLSInfoConfigFuncs(t *testing.T) {`
			`tmp, err := createTempFile([]byte("XXX"))`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`if err != nil {`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`t.Fatalf("Unable to prepare tmpfile: %v", err)`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`}`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`defer os.Remove(tmp)`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00
			`tests := []struct {`
			`info TLSInfo`
			`clientAuth tls.ClientAuthType`
			`wantCAs bool`
			`}{`
			`{`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`info: TLSInfo{CertFile: tmp, KeyFile: tmp},`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`clientAuth: tls.NoClientCert,`
			`wantCAs: false,`
			`},`

			`{`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`info: TLSInfo{CertFile: tmp, KeyFile: tmp, CAFile: tmp},`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`clientAuth: tls.RequireAndVerifyClientCert,`
			`wantCAs: true,`
			`},`
			`}`

			`for i, tt := range tests {`
transport: fake out certificate parser The work being done in the tests is completely wasted, as we do not need to test the udnerlying x509 library. Faking out the parser function allows the tests to run much faster without having to carry massive fixtures, either. 2014-09-24 00:38:57 +04:00			`tt.info.parseFunc = fakeCertificateParserFunc(tls.Certificate{}, nil)`

transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`sCfg, err := tt.info.ServerConfig()`
			`if err != nil {`
			`t.Errorf("#%d: expected nil error from ServerConfig(), got non-nil: %v", i, err)`
			`}`

			`if tt.wantCAs != (sCfg.ClientCAs != nil) {`
*: fix various formatting issues 2014-10-21 04:55:18 +04:00			`t.Errorf("#%d: wantCAs=%t but ClientCAs=%v", i, tt.wantCAs, sCfg.ClientCAs)`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`}`

			`cCfg, err := tt.info.ClientConfig()`
			`if err != nil {`
			`t.Errorf("#%d: expected nil error from ClientConfig(), got non-nil: %v", i, err)`
			`}`

			`if tt.wantCAs != (cCfg.RootCAs != nil) {`
*: fix various formatting issues 2014-10-21 04:55:18 +04:00			`t.Errorf("#%d: wantCAs=%t but RootCAs=%v", i, tt.wantCAs, sCfg.RootCAs)`
transport: exercise TLSInfo.ClientConfig & ServerConfig 2014-09-23 23:52:59 +04:00			`}`
			`}`
			`}`