summaryrefslogtreecommitdiffstats
path: root/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp')
-rw-r--r--vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp32
1 files changed, 0 insertions, 32 deletions
diff --git a/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp b/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp
index f70c5670bc9..69e0d44147e 100644
--- a/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp
+++ b/vespalib/src/tests/net/tls/openssl_impl/openssl_impl_test.cpp
@@ -4,7 +4,6 @@
#include <vespa/vespalib/data/smart_buffer.h>
#include <vespa/vespalib/net/tls/authorization_mode.h>
#include <vespa/vespalib/net/tls/crypto_codec.h>
-#include <vespa/vespalib/net/tls/statistics.h>
#include <vespa/vespalib/net/tls/tls_context.h>
#include <vespa/vespalib/net/tls/transport_security_options.h>
#include <vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.h>
@@ -620,37 +619,6 @@ TEST_F("Disabled insecure authorization mode ignores verification result", CertF
EXPECT_TRUE(f.handshake());
}
-TEST_F("Failure statistics are incremented on authorization failures", CertFixture) {
- reset_peers_with_server_authz_mode(f, AuthorizationMode::Enforce);
- auto server_before = ConnectionStatistics::get(true).snapshot();
- auto client_before = ConnectionStatistics::get(false).snapshot();
- EXPECT_FALSE(f.handshake());
- auto server_stats = ConnectionStatistics::get(true).snapshot().subtract(server_before);
- auto client_stats = ConnectionStatistics::get(false).snapshot().subtract(client_before);
-
- EXPECT_EQUAL(1u, server_stats.invalid_peer_credentials);
- EXPECT_EQUAL(0u, client_stats.invalid_peer_credentials);
- EXPECT_EQUAL(1u, server_stats.failed_tls_handshakes);
- EXPECT_EQUAL(0u, server_stats.tls_connections);
- EXPECT_EQUAL(0u, client_stats.tls_connections);
-}
-
-TEST_F("Success statistics are incremented on OK authorization", CertFixture) {
- reset_peers_with_server_authz_mode(f, AuthorizationMode::Disable);
- auto server_before = ConnectionStatistics::get(true).snapshot();
- auto client_before = ConnectionStatistics::get(false).snapshot();
- EXPECT_TRUE(f.handshake());
- auto server_stats = ConnectionStatistics::get(true).snapshot().subtract(server_before);
- auto client_stats = ConnectionStatistics::get(false).snapshot().subtract(client_before);
-
- EXPECT_EQUAL(0u, server_stats.invalid_peer_credentials);
- EXPECT_EQUAL(0u, client_stats.invalid_peer_credentials);
- EXPECT_EQUAL(0u, server_stats.failed_tls_handshakes);
- EXPECT_EQUAL(0u, client_stats.failed_tls_handshakes);
- EXPECT_EQUAL(1u, server_stats.tls_connections);
- EXPECT_EQUAL(1u, client_stats.tls_connections);
-}
-
// TODO we can't test embedded nulls since the OpenSSL v3 extension APIs
// take in null terminated strings as arguments... :I