diff options
author | Harald Musum <musum@oath.com> | 2018-12-18 13:17:13 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-12-18 13:17:13 +0100 |
commit | baa612a865886c5473bdb07e54696fb0a527b1c9 (patch) | |
tree | bb1cf4cd8f2aebf8bc62e9a60fc0621bcee2051b /vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp | |
parent | 89d7fe502befea2d85e14d15116270cba6c8a71d (diff) |
Revert "Add TLS statistics to vespalib and expose as metrics via storageserver"
Diffstat (limited to 'vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp')
-rw-r--r-- | vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp b/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp index f70c5670bc9..69e0d44147e 100644 --- a/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp +++ b/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp @@ -4,7 +4,6 @@ #include <vespa/vespalib/data/smart_buffer.h> #include <vespa/vespalib/net/tls/authorization_mode.h> #include <vespa/vespalib/net/tls/crypto_codec.h> -#include <vespa/vespalib/net/tls/statistics.h> #include <vespa/vespalib/net/tls/tls_context.h> #include <vespa/vespalib/net/tls/transport_security_options.h> #include <vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.h> @@ -620,37 +619,6 @@ TEST_F("Disabled insecure authorization mode ignores verification result", CertF EXPECT_TRUE(f.handshake()); } -TEST_F("Failure statistics are incremented on authorization failures", CertFixture) { - reset_peers_with_server_authz_mode(f, AuthorizationMode::Enforce); - auto server_before = ConnectionStatistics::get(true).snapshot(); - auto client_before = ConnectionStatistics::get(false).snapshot(); - EXPECT_FALSE(f.handshake()); - auto server_stats = ConnectionStatistics::get(true).snapshot().subtract(server_before); - auto client_stats = ConnectionStatistics::get(false).snapshot().subtract(client_before); - - EXPECT_EQUAL(1u, server_stats.invalid_peer_credentials); - EXPECT_EQUAL(0u, client_stats.invalid_peer_credentials); - EXPECT_EQUAL(1u, server_stats.failed_tls_handshakes); - EXPECT_EQUAL(0u, server_stats.tls_connections); - EXPECT_EQUAL(0u, client_stats.tls_connections); -} - -TEST_F("Success statistics are incremented on OK authorization", CertFixture) { - reset_peers_with_server_authz_mode(f, AuthorizationMode::Disable); - auto server_before = ConnectionStatistics::get(true).snapshot(); - auto client_before = ConnectionStatistics::get(false).snapshot(); - EXPECT_TRUE(f.handshake()); - auto server_stats = ConnectionStatistics::get(true).snapshot().subtract(server_before); - auto client_stats = ConnectionStatistics::get(false).snapshot().subtract(client_before); - - EXPECT_EQUAL(0u, server_stats.invalid_peer_credentials); - EXPECT_EQUAL(0u, client_stats.invalid_peer_credentials); - EXPECT_EQUAL(0u, server_stats.failed_tls_handshakes); - EXPECT_EQUAL(0u, client_stats.failed_tls_handshakes); - EXPECT_EQUAL(1u, server_stats.tls_connections); - EXPECT_EQUAL(1u, client_stats.tls_connections); -} - // TODO we can't test embedded nulls since the OpenSSL v3 extension APIs // take in null terminated strings as arguments... :I |