aeris
/
cryptcheck
Слідкувати 1
В обрані 0
Форк 0
Код Проблеми 0 Запити на злиття 0 Релізи 0 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
125 Коміти
3 Гілки
875KB
Дерево: c75601dad4
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'c75601dad4'
${ noResults }
cryptcheck/spec/cryptcheck/tls/host_spec.rb

host_spec.rb 5.1KB
Неформатований Звичайний вигляд Історія

Handle corner cases during protocol error
3 роки тому
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129 
  1. describe CryptCheck::Tls::Host do

  2. 	def host(*args, **kargs)

  3. 		do_in_serv *args, **kargs do |host, port|

  4. 			CryptCheck::Tls::Host.new host, port

  5. 		end

  6. 	end

  7. 

  8. 	def servers(*args, **kargs)

  9. 		host(*args, **kargs).servers

  10. 	end

  11. 

  12. 	def error(*args, **kargs)

  13. 		host(*args, **kargs).error

  14. 	end

  15. 

  16. 	it 'return 1 grade with IPv4' do

  17. 		servers = servers()

  18. 		expect(servers.size).to be 1

  19. 		expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, :ipv4

  20. 	end

  21. 

  22. 	it 'return 1 grade with IPv6' do

  23. 		addresses = [Helpers::DEFAULT_IPv6]

  24. 		allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do

  25. 			addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) }

  26. 		end

  27. 

  28. 		servers = servers(host: Helpers::DEFAULT_IPv6)

  29. 		expect(servers.size).to be 1

  30. 		expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6

  31. 	end

  32. 

  33. 	it 'return 2 grades with hostname (IPv4 & IPv6)' do

  34. 		addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6]

  35. 		allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do

  36. 			addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) }

  37. 		end

  38. 

  39. 		servers = servers(host: '::')

  40. 		expect(servers.size).to be 2

  41. 		expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, :ipv4

  42. 		expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6

  43. 	end

  44. 

  45. 	it 'return error if DNS resolution problem' do

  46. 		allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM)

  47. 								   .and_raise SocketError, 'getaddrinfo: Name or service not known'

  48. 

  49. 		error = error()

  50. 		expect_error error, ::SocketError, 'getaddrinfo: Name or service not known'

  51. 	end

  52. 

  53. 	it 'return error if analysis too long' do

  54. 		stub_const 'CryptCheck::Tls::Host::MAX_ANALYSIS_DURATION', 1

  55. 		allow_any_instance_of(CryptCheck::Tls::Host).to receive(:server) { sleep 2 }

  56. 

  57. 		servers = servers()

  58. 		expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT,

  59. 						   'Too long analysis (max 1 second)'

  60. 	end

  61. 

  62. 	it 'return error if unable to connect' do

  63. 		addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6]

  64. 		allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do

  65. 			addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) }

  66. 		end

  67. 

  68. 		servers = servers(host: Helpers::DEFAULT_IPv6)

  69. 		expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT,

  70. 						   'Connection refused - connect(2) for 127.0.0.1:15000'

  71. 		expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6

  72. 	end

  73. 

  74. 	it 'return error if TCP timeout' do

  75. 		stub_const 'CryptCheck::Tls::Engine::TCP_TIMEOUT', 1

  76. 		addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6]

  77. 		allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do

  78. 			addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) }

  79. 		end

  80. 

  81. 		original = IO.method :select

  82. 		allow(IO).to receive(:select) do |*args, &block|

  83. 			socket = [args[0]&.first, args[1]&.first].compact.first

  84. 			next nil if socket.is_a?(Socket) && (socket.local_address.afamily == Socket::AF_INET)

  85. 			original.call *args, &block

  86. 		end

  87. 

  88. 		servers = servers(host: '::')

  89. 		expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT,

  90. 						   'Timeout when connecting to 127.0.0.1:15000 (max 1 second)'

  91. 		expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6

  92. 	end

  93. 

  94. 	it 'return error if TLS timeout' do

  95. 		stub_const 'CryptCheck::Tls::Engine::TLS_TIMEOUT', 1

  96. 		addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6]

  97. 		allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do

  98. 			addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) }

  99. 		end

  100. 

  101. 		original = IO.method :select

  102. 		allow(IO).to receive(:select) do |*args, &block|

  103. 			socket = [args[0]&.first, args[1]&.first].compact.first

  104. 			next nil if socket.is_a?(OpenSSL::SSL::SSLSocket) && (socket.io.local_address.afamily == Socket::AF_INET)

  105. 			original.call *args, &block

  106. 		end

  107. 

  108. 		servers = servers(host: '::')

  109. 		expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT,

  110. 						   'Timeout when TLS connecting to 127.0.0.1:15000 (max 1 second)'

  111. 		expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6

  112. 	end

  113. 

  114. 	it 'return error if plain server' do

  115. 		stub_const 'CryptCheck::Tls::ENGINE::TLS_TIMEOUT', 1

  116. 		addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6]

  117. 		allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do

  118. 			addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) }

  119. 		end

  120. 

  121. 		servers = plain_serv Helpers::DEFAULT_IPv4 do

  122. 			servers(host: Helpers::DEFAULT_IPv6)

  123. 		end

  124. 		expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT,

  125. 						   'TLS seems not supported on this server'

  126. 		expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6

  127. 	end

  128. 

  129. end