9 changed files with 267 additions and 215 deletions
@ -1,135 +0,0 @@ |
|||
RSpec.shared_examples :analysis do |
|||
describe '#analyze' do |
|||
it 'return 1 grade with IPv4' do |
|||
grades = server host: '127.0.0.1' do |
|||
analyze '127.0.0.1', 5000 |
|||
end |
|||
|
|||
expect(grades.size).to be 1 |
|||
expect_grade grades, '127.0.0.1', '127.0.0.1', 5000, :ipv4 |
|||
end |
|||
|
|||
it 'return 1 grade with IPv6' do |
|||
grades = server host: '::1' do |
|||
analyze '::1', 5000 |
|||
end |
|||
|
|||
expect(grades.size).to be 1 |
|||
expect_grade grades, '::1', '::1', 5000, :ipv6 |
|||
end |
|||
|
|||
it 'return 2 grades with hostname (IPv4 & IPv6)' do |
|||
addresses = %w(127.0.0.1 ::1) |
|||
allow(Addrinfo).to receive(:getaddrinfo).with('localhost', nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
grades = server host: '::' do |
|||
analyze 'localhost', 5000 |
|||
end |
|||
|
|||
expect_grade grades, 'localhost', '127.0.0.1', 5000, :ipv4 |
|||
expect_grade grades, 'localhost', '::1', 5000, :ipv6 |
|||
end |
|||
|
|||
it 'return error if DNS resolution problem' do |
|||
allow(Addrinfo).to receive(:getaddrinfo).with('localhost', nil, nil, :STREAM) |
|||
.and_raise SocketError, 'getaddrinfo: Name or service not known' |
|||
|
|||
grades = server do |
|||
analyze 'localhost', 5000 |
|||
end |
|||
|
|||
expect_grade_error grades, 'localhost', nil, 5000, 'Unable to resolve localhost' |
|||
end |
|||
|
|||
it 'return error if analysis too long' do |
|||
stub_const 'CryptCheck::MAX_ANALYSIS_DURATION', 1 |
|||
allow(CryptCheck::Tls::Server).to receive(:new) { sleep 2 } |
|||
|
|||
grades = server do |
|||
analyze 'localhost', 5000 |
|||
end |
|||
|
|||
expect_grade_error grades, 'localhost', '127.0.0.1', 5000, |
|||
'Too long analysis (max 1 second)' |
|||
end |
|||
|
|||
it 'return error if unable to connect' do |
|||
addresses = %w(127.0.0.1 ::1) |
|||
allow(Addrinfo).to receive(:getaddrinfo).with('localhost', nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
grades = server host: '::1' do |
|||
analyze 'localhost', 5000 |
|||
end |
|||
|
|||
expect_grade_error grades, 'localhost', '127.0.0.1', 5000, |
|||
'Connection refused - connect(2) for 127.0.0.1:5000' |
|||
expect_grade grades, 'localhost', '::1', 5000, :ipv6 |
|||
end |
|||
|
|||
it 'return error if TCP timeout' do |
|||
stub_const 'CryptCheck::Tls::Server::TCP_TIMEOUT', 1 |
|||
addresses = %w(127.0.0.1 ::1) |
|||
allow(Addrinfo).to receive(:getaddrinfo).with('localhost', nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
original = IO.method :select |
|||
allow(IO).to receive(:select) do |*args, &block| |
|||
socket = [args[0]&.first, args[1]&.first].compact.first |
|||
next nil if socket.is_a?(Socket) && (socket.local_address.afamily == Socket::AF_INET) |
|||
original.call *args, &block |
|||
end |
|||
|
|||
grades = server host: '::' do |
|||
analyze 'localhost', 5000 |
|||
end |
|||
|
|||
expect_grade_error grades, 'localhost', '127.0.0.1', 5000, |
|||
'Timeout when connect to 127.0.0.1:5000 (max 1 second)' |
|||
expect_grade grades, 'localhost', '::1', 5000, :ipv6 |
|||
end |
|||
|
|||
it 'return error if TLS timeout' do |
|||
stub_const 'CryptCheck::Tls::Server::SSL_TIMEOUT', 1 |
|||
addresses = %w(127.0.0.1 ::1) |
|||
allow(Addrinfo).to receive(:getaddrinfo).with('localhost', nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
original = IO.method :select |
|||
allow(IO).to receive(:select) do |*args, &block| |
|||
socket = [args[0]&.first, args[1]&.first].compact.first |
|||
next nil if socket.is_a?(OpenSSL::SSL::SSLSocket) && (socket.io.local_address.afamily == Socket::AF_INET) |
|||
original.call *args, &block |
|||
end |
|||
|
|||
grades = server host: '::' do |
|||
analyze 'localhost', 5000 |
|||
end |
|||
|
|||
expect_grade_error grades, 'localhost', '127.0.0.1', 5000, |
|||
'Timeout when TLS connect to 127.0.0.1:5000 (max 1 second)' |
|||
expect_grade grades, 'localhost', '::1', 5000, :ipv6 |
|||
end |
|||
|
|||
it 'return error if plain server' do |
|||
stub_const 'CryptCheck::Tls::Server::SSL_TIMEOUT', 1 |
|||
addresses = %w(127.0.0.1 ::1) |
|||
allow(Addrinfo).to receive(:getaddrinfo).with('localhost', nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
grades = plain_server host: '127.0.0.1' do |
|||
server host: '::1' do |
|||
analyze 'localhost', 5000 |
|||
end |
|||
end |
|||
|
|||
expect_grade_error grades, 'localhost', '127.0.0.1', 5000, |
|||
'TLS seems not supported on this server' |
|||
expect_grade grades, 'localhost', '::1', 5000, :ipv6 |
|||
end |
|||
end |
|||
end |
@ -0,0 +1,129 @@ |
|||
describe CryptCheck::Tls::Host do |
|||
def host(*args, **kargs) |
|||
do_in_serv *args, **kargs do |host, port| |
|||
CryptCheck::Tls::Host.new host, port |
|||
end |
|||
end |
|||
|
|||
def servers(*args, **kargs) |
|||
host(*args, **kargs).servers |
|||
end |
|||
|
|||
def error(*args, **kargs) |
|||
host(*args, **kargs).error |
|||
end |
|||
|
|||
it 'return 1 grade with IPv4' do |
|||
servers = servers() |
|||
expect(servers.size).to be 1 |
|||
expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, :ipv4 |
|||
end |
|||
|
|||
it 'return 1 grade with IPv6' do |
|||
addresses = [Helpers::DEFAULT_IPv6] |
|||
allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
servers = servers(host: Helpers::DEFAULT_IPv6) |
|||
expect(servers.size).to be 1 |
|||
expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6 |
|||
end |
|||
|
|||
it 'return 2 grades with hostname (IPv4 & IPv6)' do |
|||
addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6] |
|||
allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
servers = servers(host: '::') |
|||
expect(servers.size).to be 2 |
|||
expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, :ipv4 |
|||
expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6 |
|||
end |
|||
|
|||
it 'return error if DNS resolution problem' do |
|||
allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) |
|||
.and_raise SocketError, 'getaddrinfo: Name or service not known' |
|||
|
|||
error = error() |
|||
expect_error error, ::SocketError, 'getaddrinfo: Name or service not known' |
|||
end |
|||
|
|||
it 'return error if analysis too long' do |
|||
stub_const 'CryptCheck::Tls::Host::MAX_ANALYSIS_DURATION', 1 |
|||
allow_any_instance_of(CryptCheck::Tls::Host).to receive(:server) { sleep 2 } |
|||
|
|||
servers = servers() |
|||
expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, |
|||
'Too long analysis (max 1 second)' |
|||
end |
|||
|
|||
it 'return error if unable to connect' do |
|||
addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6] |
|||
allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
servers = servers(host: Helpers::DEFAULT_IPv6) |
|||
expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, |
|||
'Connection refused - connect(2) for 127.0.0.1:15000' |
|||
expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6 |
|||
end |
|||
|
|||
it 'return error if TCP timeout' do |
|||
stub_const 'CryptCheck::Tls::Engine::TCP_TIMEOUT', 1 |
|||
addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6] |
|||
allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
original = IO.method :select |
|||
allow(IO).to receive(:select) do |*args, &block| |
|||
socket = [args[0]&.first, args[1]&.first].compact.first |
|||
next nil if socket.is_a?(Socket) && (socket.local_address.afamily == Socket::AF_INET) |
|||
original.call *args, &block |
|||
end |
|||
|
|||
servers = servers(host: '::') |
|||
expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, |
|||
'Timeout when connecting to 127.0.0.1:15000 (max 1 second)' |
|||
expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6 |
|||
end |
|||
|
|||
it 'return error if TLS timeout' do |
|||
stub_const 'CryptCheck::Tls::Engine::TLS_TIMEOUT', 1 |
|||
addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6] |
|||
allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
original = IO.method :select |
|||
allow(IO).to receive(:select) do |*args, &block| |
|||
socket = [args[0]&.first, args[1]&.first].compact.first |
|||
next nil if socket.is_a?(OpenSSL::SSL::SSLSocket) && (socket.io.local_address.afamily == Socket::AF_INET) |
|||
original.call *args, &block |
|||
end |
|||
|
|||
servers = servers(host: '::') |
|||
expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, |
|||
'Timeout when TLS connecting to 127.0.0.1:15000 (max 1 second)' |
|||
expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6 |
|||
end |
|||
|
|||
it 'return error if plain server' do |
|||
stub_const 'CryptCheck::Tls::ENGINE::TLS_TIMEOUT', 1 |
|||
addresses = [Helpers::DEFAULT_IPv4, Helpers::DEFAULT_IPv6] |
|||
allow(Addrinfo).to receive(:getaddrinfo).with(Helpers::DEFAULT_HOST, nil, nil, :STREAM) do |
|||
addresses.collect { |a| Addrinfo.new Socket.sockaddr_in(nil, a) } |
|||
end |
|||
|
|||
servers = plain_serv Helpers::DEFAULT_IPv4 do |
|||
servers(host: Helpers::DEFAULT_IPv6) |
|||
end |
|||
expect_grade_error servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv4, Helpers::DEFAULT_PORT, |
|||
'TLS seems not supported on this server' |
|||
expect_grade servers, Helpers::DEFAULT_HOST, Helpers::DEFAULT_IPv6, Helpers::DEFAULT_PORT, :ipv6 |
|||
end |
|||
|
|||
end |
Loading…
Reference in new issue