sources: MTLS and proxy support for ostree

test/mod/test_testutil_net.py

@@ -3,7 +3,7 @@ import pathlib
 import subprocess
 
 from osbuild.testutil import make_fake_tree
-from osbuild.testutil.net import http_serve_directory, https_serve_directory
+from osbuild.testutil.net import http_serve_directory, https_serve_directory, https_serve_directory_mtls
 
 
 def test_http_serve_directory_smoke(tmp_path):
@@ -37,3 +37,30 @@ def test_https_serve_directory_smoke(tmp_path):
              f"https://localhost:{httpd.server_port}/file1"],
         )
         assert output == b"file1 content"
+
+
+def test_https_serve_directory_mtls_smoke(tmp_path):
+    make_fake_tree(tmp_path, {
+        "file1": "file1 content",
+    })
+    cert_dir = pathlib.Path(__file__).parent.parent / "data/certs"
+    cacert = cert_dir / "test-ca.crt"
+    assert cacert.exists()
+    servercert = cert_dir / "localhost-server.crt"
+    assert servercert.exists()
+    serverkey = cert_dir / "localhost-server.key"
+    assert serverkey.exists()
+    clientcert = cert_dir / "client1-client.crt"
+    assert clientcert.exists()
+    clientkey = cert_dir / "client1-client.key"
+    assert clientkey.exists()
+
+    with https_serve_directory_mtls(tmp_path, cacert, servercert, serverkey) as httpd:
+        output = subprocess.check_output(
+            ["curl",
+             "--cacert", os.fspath(cacert),
+             "--cert", os.fspath(clientcert),
+             "--key", os.fspath(clientkey),
+             f"https://localhost:{httpd.server_port}/file1"],
+        )
+        assert output == b"file1 content"