Add test server for TLS handshake unit tests

scan/testdata/server.crt

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB/jCCAWICCQDscdUxw16XFDAJBgcqhkjOPQQBMEUxCzAJBgNVBAYTAkFVMRMw
+EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0
+eSBMdGQwHhcNMTIxMTE0MTI0MDQ4WhcNMTUxMTE0MTI0MDQ4WjBFMQswCQYDVQQG
+EwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lk
+Z2l0cyBQdHkgTHRkMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBY9+my9OoeSUR
+lDQdV/x8LsOuLilthhiS1Tz4aGDHIPwC1mlvnf7fg5lecYpMCrLLhauAc1UJXcgl
+01xoLuzgtAEAgv2P/jgytzRSpUYvgLBt1UA0leLYBy6mQQbrNEuqT3INapKIcUv8
+XxYP0xMEUksLPq6Ca+CRSqTtrd/23uTnapkwCQYHKoZIzj0EAQOBigAwgYYCQXJo
+A7Sl2nLVf+4Iu/tAX/IF4MavARKC4PPHK3zfuGfPR3oCCcsAoz3kAzOeijvd0iXb
+H5jBImIxPL4WxQNiBTexAkF8D1EtpYuWdlVQ80/h/f4pBcGiXPqX5h2PQSQY7hP1
++jwM1FGS4fREIOvlBYr/SzzQRtwrvrzGYxDEDbsC0ZGRnA==
+-----END CERTIFICATE-----

scan/testdata/server.key

@@ -0,0 +1,10 @@
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIBrsoKp0oqcv6/JovJJDoDVSGWdirrkgCWxrprGlzB9o0X8fV675X0
+NwuBenXFfeZvVcwluO7/Q9wkYoPd/t3jGImgBwYFK4EEACOhgYkDgYYABAFj36bL
+06h5JRGUNB1X/Hwuw64uKW2GGJLVPPhoYMcg/ALWaW+d/t+DmV5xikwKssuFq4Bz
+VQldyCXTXGgu7OC0AQCC/Y/+ODK3NFKlRi+AsG3VQDSV4tgHLqZBBus0S6pPcg1q
+kohxS/xfFg/TEwRSSws+roJr4JFKpO2t3/be5OdqmQ==
+-----END EC PRIVATE KEY-----

scan/tls_handshake_test.go

@@ -0,0 +1,97 @@
+package scan
+
+import (
+	"crypto/rand"
+	"crypto/tls"
+	"net"
+	"testing"
+	"time"
+)
+
+const TestTimeout = 5 // seconds
+const TLSServerAddr = "127.0.0.1:4443"
+
+// tlsServer starts up a test TLS server that accepts new connections
+// The server will run until TestTimeout seconds have elapsed
+func tlsServer(t *testing.T, done chan bool) {
+	// Set the maximimum timeout before any test will fail
+	go func() {
+		time.Sleep(time.Second * TestTimeout)
+		t.Errorf("server test timed out.")
+		done <- true
+	}()
+
+	// Load the x509 server certificates
+	cert, err := tls.LoadX509KeyPair("./testdata/server.crt", "./testdata/server.key")
+	if err != nil {
+		t.Errorf("server loadkeys: %s", err)
+		done <- true
+	}
+	config := tls.Config{Certificates: []tls.Certificate{cert}}
+	config.Rand = rand.Reader
+
+	// Create a TLS connection listener
+	listener, err := tls.Listen("tcp", TLSServerAddr, &config)
+	if err != nil {
+        t.Errorf("server error starting TLS server: %s", err)
+		done <- true
+	}
+	defer listener.Close()
+
+	// Accept all incoming TLS connections
+	for {
+		conn, err := listener.Accept()
+		if err != nil {
+            t.Errorf("server error at Accept(): %s", err)
+			done <- true
+		}
+		defer conn.Close()
+		go func(conn net.Conn) {
+			defer conn.Close()
+            // Read some bytes but don't do anything with them yet
+			buf := make([]byte, 512)
+			for {
+				_, err := conn.Read(buf)
+				if err != nil {
+					break
+				}
+			}
+		}(conn)
+	}
+}
+
+// createTLSTestServer creates a TLS server for making test connections
+// Returns a bool goroutine channel; tests send `true` to the channel when complete
+func createTLSTestServer(t *testing.T) chan bool {
+	done := make(chan bool)
+	go tlsServer(t, done)
+	time.Sleep(time.Second)
+	return done
+}
+
+// Sanity test to ensure that the testing server/framework works
+func TestTLSConnection(t *testing.T) {
+    // Start up the test server and retrieve a 'done' channel for test completion
+	done := createTLSTestServer(t)
+	go func() {
+
+        // Create a new TLS config and try to dial the server
+		config := tls.Config{InsecureSkipVerify: true}
+		conn, err := tls.Dial("tcp", TLSServerAddr, &config)
+		if err != nil {
+			t.Errorf("client error at Dial(): %s", err)
+			done <- true
+			return
+		}
+		defer conn.Close()
+
+        // Test that we successfully connected to the server we wanted
+		if conn.RemoteAddr().String() != TLSServerAddr {
+			t.Errorf("client error at Dial(): %s", conn.RemoteAddr())
+			done <- true
+			return
+		}
+		done <- true
+	}()
+	<-done
+}