1. docker
  2. Commit db1d5f7ea37c2a3b0bedc9dbcbf5bd3b32258219
Browse code

Add test to verify that response hijacking always works over TLS.

Signed-off-by: David Calavera <david.calavera@gmail.com>

David Calavera authored on 2016/01/14 10:18:06
Showing 1 changed files
integration-cli/docker_cli_daemon_test.go
History View file @ db1d5f7
... ... 
@@ -1439,6 +1439,29 @@ func (s *DockerDaemonSuite) TestHttpsInfo(c *check.C) {
1439 1439 
 	}
1440 1440 
 }
1441 1441
1442 
+// TestHttpsRun connects via two-way authenticated HTTPS to the create, attach, start, and wait endpoints.
1443 
+// https://github.com/docker/docker/issues/19280
1444 
+func (s *DockerDaemonSuite) TestHttpsRun(c *check.C) {
1445 
+	const (
1446 
+		testDaemonHTTPSAddr = "tcp://localhost:4271"
1447 
+	)
1448 
+
1449 
+	if err := s.d.StartWithBusybox("--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/server-cert.pem",
1450 
+		"--tlskey", "fixtures/https/server-key.pem", "-H", testDaemonHTTPSAddr); err != nil {
1451 
+		c.Fatalf("Could not start daemon with busybox: %v", err)
1452 
+	}
1453 
+
1454 
+	daemonArgs := []string{"--host", testDaemonHTTPSAddr, "--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/client-cert.pem", "--tlskey", "fixtures/https/client-key.pem"}
1455 
+	out, err := s.d.CmdWithArgs(daemonArgs, "run", "busybox", "echo", "TLS response")
1456 
+	if err != nil {
1457 
+		c.Fatalf("Error Occurred: %s and output: %s", err, out)
1458 
+	}
1459 
+
1460 
+	if !strings.Contains(out, "TLS response") {
1461 
+		c.Fatalf("expected output to include `TLS response`, got %v", out)
1462 
+	}
1463 
+}
1464 
+
1442 1465 
 // TestTlsVerify verifies that --tlsverify=false turns on tls
1443 1466 
 func (s *DockerDaemonSuite) TestTlsVerify(c *check.C) {
1444 1467 
 	out, err := exec.Command(dockerBinary, "daemon", "--tlsverify=false").CombinedOutput()