Test TLS connections.

spec/faye/websocket/client_spec.rb

@@ -3,9 +3,9 @@
 require "spec_helper"
 
 WebSocketSteps = EM::RSpec.async_steps do
-  def server(port, &callback)
+  def server(port, secure, &callback)
     @server = EchoServer.new
-    @server.listen(port)
+    @server.listen(port, secure)
     @port = port
     EM.add_timer(0.1, &callback)
   end
@@ -74,48 +74,73 @@ end
 describe Faye::WebSocket::Client do
   include WebSocketSteps
   
+  let(:plain_text_url) { "ws://0.0.0.0:8000/"  }
+  let(:secure_url)     { "wss://0.0.0.0:8000/" }
+  
   before do
     Thread.new { EM.run }
     sleep(0.1) until EM.reactor_running?
-
-    server 8000
-    sync
   end
   
-  after { sync ; stop }
-  
-  it "can open a connection" do
-    open_socket "ws://localhost:8000/"
-    check_open
-  end
-  
-  it "can close the connection" do
-    open_socket "ws://localhost:8000/"
-    close_socket
-    check_closed
-  end
-  
-  describe "in the OPEN state" do
-    before { open_socket "ws://localhost:8000/" }
-    
-    it "can send and receive messages" do
-      listen_for_message
-      send_message
-      check_response
+  shared_examples_for "socket client" do
+    it "can open a connection" do
+      open_socket(socket_url)
+      check_open
     end
-  end
-  
-  describe "in the CLOSED state" do
-    before do
-      open_socket "ws://localhost:8000/"
+    
+    it "cannot open a connection to the wrong host" do
+      open_socket(blocked_url)
+      check_closed
+    end
+    
+    it "can close the connection" do
+      open_socket(socket_url)
       close_socket
+      check_closed
     end
     
-    it "cannot send and receive messages" do
-      listen_for_message
-      send_message
-      check_no_response
+    describe "in the OPEN state" do
+      before { open_socket(socket_url) }
+      
+      it "can send and receive messages" do
+        listen_for_message
+        send_message
+        check_response
+      end
     end
+    
+    describe "in the CLOSED state" do
+      before do
+        open_socket(socket_url)
+        close_socket
+      end
+      
+      it "cannot send and receive messages" do
+        listen_for_message
+        send_message
+        check_no_response
+      end
+    end
+  end
+  
+  describe "with a plain-text server" do
+    let(:socket_url)  { plain_text_url }
+    let(:blocked_url) { secure_url }
+    
+    before { server 8000, false }
+    after  { sync ; stop }
+    
+    it_should_behave_like "socket client"
+  end
+  
+  describe "with a secure server" do
+    let(:socket_url)  { secure_url }
+    let(:blocked_url) { plain_text_url }
+    
+    before { server 8000, true }
+    after  { sync ; stop }
+    
+    it_should_behave_like "socket client"
   end
 end
 

spec/server.crt

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICZTCCAc4CCQDxyrJZrFA0vjANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJV
+SzEPMA0GA1UECBMGTG9uZG9uMQ8wDQYDVQQHEwZMb25kb24xDTALBgNVBAoTBEZh
+eWUxFTATBgNVBAMTDEphbWVzIENvZ2xhbjEgMB4GCSqGSIb3DQEJARYRamNvZ2xh
+bkBnbWFpbC5jb20wHhcNMTEwODMwMTIzOTM2WhcNMTIwODI5MTIzOTM2WjB3MQsw
+CQYDVQQGEwJVSzEPMA0GA1UECBMGTG9uZG9uMQ8wDQYDVQQHEwZMb25kb24xDTAL
+BgNVBAoTBEZheWUxFTATBgNVBAMTDEphbWVzIENvZ2xhbjEgMB4GCSqGSIb3DQEJ
+ARYRamNvZ2xhbkBnbWFpbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+AMDjU5fAK7fvUCZIYHcGXDZD/m9bY+B/UcwGcowk0hMQGYNlLKrpiK7xXBmZpDb6
+r8n+7L/epBeSumbRIm4TDzeNHhuQGYLIeGQy7JNLoPBr6GxubjuJhKOOBnCqcupR
+CLGG7Zw5oL4UvtZVH6kL9XnjyokQQbxxeoV9DqtqOaHHAgMBAAEwDQYJKoZIhvcN
+AQEFBQADgYEAvQjSpzE1ahaeH1CmbLwckTxvWMZfxcZOrxTruK1po3cNnDOjGqFQ
+KEkNj3K5WfwTBD4QgUdYDykhDX2m6HaMz4JEbgrwQv8M8FiswIA3dyGsbOifOk8H
+r3GPNKMzm4o6vrn6RGOpt9q6bsWUBUHfNpP93uU2C9QEwDua3cFjDA0=
+-----END CERTIFICATE-----

spec/server.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDA41OXwCu371AmSGB3Blw2Q/5vW2Pgf1HMBnKMJNITEBmDZSyq
+6Yiu8VwZmaQ2+q/J/uy/3qQXkrpm0SJuEw83jR4bkBmCyHhkMuyTS6Dwa+hsbm47
+iYSjjgZwqnLqUQixhu2cOaC+FL7WVR+pC/V548qJEEG8cXqFfQ6rajmhxwIDAQAB
+AoGABlk1DiCQD8y7mZb2PdSiwlJ4lFewsNnf6lQn/v7TPzdfb5ir4LAxBHkDLACH
+jBuyH3bZefMs+W2l3u5xMKhF7uJqYcUlJdH2UwRfNG54Hn4SGAjQOK3ONer99sUf
+USlsWSX1HjAAFMCBwUfKxMZA3VNQfYKTPdm0jSVf85kHO1ECQQD3s6ksm3QpfD0L
+eG9EoDrqmwnEfpKoWPpz1O0i5tY9VcmhmLwS5Zpd7lB1qjTqzZk4RygU73T/BseJ
+azehIHK5AkEAx1mSXt+ec8RfzVi/io6oqi2vOcACXRbOG4NQmqUWPnumdwsJjsjR
+RzEoDFC2lu6448p9sgEq+CkbmgVeiyp4fwJAQnmgySve/NMuvslPcyddKGD7OhSN
+30ghzrwx98/jZwqC1i9bKeccimDOjwVitjD/Ea9m/ldVGqwDGMoBX+iJYQJAEIOO
+CYfyw1pQKV2huGOq+zX/nwQV7go2lrbhFX55gkGR/6iNaSOfmosq6yJAje5GqLAc
+i4NnQNl+7NpnA5ZIFwJBAI1+OsZyjbRI99pYkTdOpa5IPlIb3j3JbSfjAWHLxlRY
+0HLvN3Q1mE9kbB+uKH6syF/S7nALgsLgq7eHYvIaE/A=
+-----END RSA PRIVATE KEY-----

spec/spec_helper.rb

@@ -30,9 +30,16 @@ class EchoServer
     [-1, {}, []]
   end
   
-  def listen(port)
-    Rack::Handler.get('thin').run(self, :Port => port) do |server|
-      @server = server
+  def listen(port, ssl = false)
+    Rack::Handler.get('thin').run(self, :Port => port) do |s|
+      if ssl
+        s.ssl = true
+        s.ssl_options = {
+          :private_key_file => File.expand_path('../server.key', __FILE__),
+          :cert_chain_file  => File.expand_path('../server.crt', __FILE__)
+        }
+      end
+      @server = s
     end
   end