costan-rtunnel 0.4.0

data/test/protocol_mocks.rb

@@ -0,0 +1,43 @@
+# Mocks the sending end of an EventMachine connection.
+# The sent data is concatenated in a string available by calling #string.
+class EmSendMock  
+  attr_reader :string
+  
+  def initialize
+    @string = ''
+  end
+  
+  def send_data(data)
+    @string << data
+  end
+end
+
+# Mocks the receiving end of an EventMachine connection.
+# The data to be received is passed as an array of strings to the constructor.
+# Calling #replay mocks receiving the data.
+class EmReceiveMock
+  attr_accessor :strings
+  attr_accessor :objects
+  
+  def initialize(strings = [''])
+    @strings = strings
+    @objects = []
+  end
+  
+  def replay
+    @strings.each { |str| receive_data str }
+    self
+  end
+
+  def receive_object(object)
+    @objects << object
+  end
+  
+  # Declares the name of the object to be received. For instance, a frame
+  # protocol would use :frame for name. This generates a receive_frame method,
+  # and a frames accessor.
+  def self.object_name(name)
+    alias_method "receive_#{name}".to_sym, :receive_object
+    alias_method "#{name}s".to_sym, :objects
+  end
+end

data/test/scenario_connection.rb

@@ -0,0 +1,109 @@
+require 'rubygems'
+require 'eventmachine'
+
+# Event Machine connection that runs a fixed send-expect scenario.
+class ScenarioConnection < EventMachine::Connection
+  def initialize(test_case, scenario = nil)
+    super()
+
+    @test_case = test_case
+    @scenario = scenario || yield
+    @ignore_unbind = false
+    next_step
+  end
+
+  def post_init
+    scenario_can_send
+  end
+
+  def receive_data(data)
+    scenario_received data
+  end
+
+  def unbind
+    return if @ignore_unbind
+
+    unless @step and @step.first == :unbind
+      scenario_fail "Received unexpected unbind\n"
+    end
+    next_step
+    while @step and @step.first == :proc
+      @step.last.call
+      next_step
+    end
+    if @step and @step.first == :stop
+      scenario_stop @step.last
+    end
+  end
+
+  # Called when data is received. Plays the connection scenario.
+  def scenario_received(data)
+    unless @step and @step.first == :recv
+      scenario_fail "Received unexpected data: #{data}\n"
+    end
+
+    @test_case.send :assert_equal, @step.last, data
+    next_step
+    scenario_can_send
+  end
+
+  # Called when data can be sent. Plays the connection scenario.
+  def scenario_can_send
+    while @step
+      case @step.first
+      when :proc
+        @step.last.call
+      when :send
+        send_data @step.last
+      else
+        break
+      end
+      next_step
+    end
+
+    unless @step
+      # EM might stifle this exception and reraise
+      msg = "Scenario completed prematurely"
+      $stderr.puts msg
+      fail msg
+    end
+
+    case @step.first
+    when :receive
+      # wait to receive
+      return
+    when :unbind
+      # wait for unbind
+      return
+    when :close
+      @ignore_unbind = true
+      close_connection_after_writing
+      next_step
+    end
+  end
+
+  def scenario_fail(fail_message)
+    if @step
+      fail_message << "Expected to #{@step.inspect}"
+    else
+      fail_message << "Scenario was completed\n"
+    end
+    @test_case.send :fail, fail_message
+  end
+
+  def scenario_stop(stop_proc)
+    if stop_proc.kind_of? Proc
+      # call the proc, then give em time to stop all its servers
+      stop_proc.call
+      EventMachine.add_timer 0.1 do
+        EventMachine.stop_event_loop
+      end
+    else
+      EventMachine.stop_event_loop
+    end
+  end
+
+  def next_step
+    @step = @scenario.shift
+  end
+end

data/test/test_client.rb

@@ -0,0 +1,48 @@
+require 'rtunnel'
+
+require 'openssl'
+require 'resolv'
+require 'test/unit'
+
+class ClientTest < Test::Unit::TestCase
+  def setup
+    @client = RTunnel::Client.new(:control_address => 'localhost',
+                                  :remote_listen_address => '9199',
+                                  :tunnel_to_address => '4444',
+                                  :private_key => 'test_data/ssh_host_rsa_key',
+                                  :tunnel_timeout => 5)
+    @localhost_addr = Resolv.getaddress 'localhost'
+  end
+  
+  def test_options
+    client = RTunnel::Client
+    assert_equal "18.241.3.100:#{RTunnel::DEFAULT_CONTROL_PORT}",
+                 client.extract_control_address('18.241.3.100')                 
+    assert_equal "18.241.3.100:9199",
+                 client.extract_control_address('18.241.3.100:9199')
+    assert_equal "#{@localhost_addr}:#{RTunnel::DEFAULT_CONTROL_PORT}",
+                 client.extract_control_address('localhost')                 
+    assert_equal "#{@localhost_addr}:9199",
+                 client.extract_control_address('localhost:9199')
+
+    assert_equal "0.0.0.0:9199",
+                 client.extract_remote_listen_address('9199')                 
+    assert_equal "18.241.3.100:9199",
+                 client.extract_remote_listen_address('18.241.3.100:9199')                 
+    assert_equal "#{@localhost_addr}:9199",
+                 client.extract_remote_listen_address('localhost:9199')
+
+    assert_equal "18.241.3.100:9199",
+                 client.extract_tunnel_to_address('18.241.3.100:9199')                 
+    assert_equal "#{@localhost_addr}:9199",
+                 client.extract_tunnel_to_address('9199')
+                 
+    assert_equal RTunnel::TUNNEL_TIMEOUT, client.extract_tunnel_timeout(nil)
+    assert_equal 29, client.extract_tunnel_timeout(29)
+    
+    assert_equal nil, client.extract_private_key(nil)
+    key = client.extract_private_key 'test_data/ssh_host_rsa_key'
+    assert_equal OpenSSL::PKey::RSA, key.class
+    assert_equal File.read('test_data/ssh_host_rsa_key'), key.to_pem
+  end
+end

data/test/test_command_protocol.rb

@@ -0,0 +1,82 @@
+require 'rtunnel'
+
+require 'test/unit'
+
+require 'test/command_stubs.rb'
+require 'test/protocol_mocks.rb'
+
+# Send mock for commands.
+class EmSendCommandsMock < EmSendMock
+  include RTunnel::CommandProtocol
+end
+
+# Receive mock for commands.
+class EmReceiveCommandsMock < EmReceiveMock
+  include RTunnel::CommandProtocol
+  object_name :command
+end
+
+class CommandProtocolTest < Test::Unit::TestCase
+  include CommandStubs
+  C = RTunnel::Crypto
+  
+  def setup
+    super
+    @send_mock = EmSendCommandsMock.new
+  end
+  
+  def teardown
+    super
+  end
+  
+  def commandset_test(names)
+    @send_mock.outgoing_command_hasher = @hasher if @hasher
+    names.each do |name|
+      command = self.send "generate_#{name}".to_sym
+      @send_mock.send_command command
+    end
+    receive_mock = EmReceiveCommandsMock.new([@send_mock.string])
+    receive_mock.incoming_command_hasher = C::Hasher.new(@hasher.key) if @hasher
+    o_commands = receive_mock.replay.commands
+    self.assert_equal names.length, o_commands.length
+    names.each_index do |i|
+      self.send "verify_#{names[i]}", o_commands[i]
+    end
+  end
+  
+  CommandStubs.command_names.each do |name|
+    define_method "test_#{name}".to_sym do
+      commandset_test [name]
+    end
+
+    define_method "test_signed_#{name}".to_sym do
+      @hasher = C::Hasher.new
+      commandset_test [name]
+    end
+    
+    define_method "test_signed_#{name}_has_signature".to_sym do
+      sig_send_mock = EmSendCommandsMock.new
+      sig_send_mock.outgoing_command_hasher = C::Hasher.new
+      outputs = [@send_mock, sig_send_mock].map do |mock|
+        mock.send_command self.send("generate_#{name}".to_sym)
+        mock.string
+      end
+      assert outputs.first.length < outputs.last.length,
+             "No signature generated"
+    end
+    
+    define_method "test_signed_#{name}_enforces_signature".to_sym do
+      @send_mock.outgoing_command_hasher = hasher = C::Hasher.new
+      @send_mock.send_command self.send("generate_#{name}".to_sym)      
+      signed_str = @send_mock.string
+      
+      0.upto(signed_str.length - 1) do |i|
+        bad_str = signed_str.dup
+        bad_str[i] ^= 0x01
+        recv_mock = EmReceiveCommandsMock.new([bad_str])
+        recv_mock.incoming_command_hasher = C::Hasher.new hasher.key
+        assert_equal [], recv_mock.replay.commands
+      end      
+    end
+  end
+end

data/test/test_commands.rb

@@ -0,0 +1,49 @@
+require 'rtunnel'
+
+require 'stringio'
+require 'test/unit'
+
+require 'test/command_stubs.rb'
+
+class CommandsTest < Test::Unit::TestCase
+  include CommandStubs
+  
+  def setup
+    super
+    @str = StringIO.new
+  end
+    
+  CommandStubs.command_names.each do |cmd|
+    define_method "test_#{cmd}_encode" do
+      command = self.send "generate_#{cmd}"
+      command.encode @str
+      @str.rewind
+      decoded_command = RTunnel::Command.decode @str
+      self.send "verify_#{cmd}", decoded_command
+      assert_equal "", @str.read, "Command #{cmd} did not consume its entire outpt"
+    end
+    
+    define_method "test_#{cmd}_to_encoded_str" do
+      command = self.send "generate_#{cmd}"
+      command.encode @str
+      @str.rewind
+      assert_equal @str.read, command.to_encoded_str
+    end    
+  end
+  
+  def test_all_encodes
+    sequence = CommandStubs.command_test_sequence
+    sequence.each { |cmd| self.send("generate_#{cmd}").encode @str }
+    @str.rewind
+    sequence.each do |cmd|
+      command = RTunnel::Command.decode(@str)
+      self.send "verify_#{cmd}", command
+    end
+    assert_equal "", @str.read
+  end
+  
+  def test_codes
+    # TODO(not_me): it'd be nice to have more than a smoke test here
+    assert_equal String, RTunnel::Command.printable_codes.class
+  end
+end

data/test/test_connection_id.rb

@@ -0,0 +1,30 @@
+require 'rtunnel'
+
+require 'test/unit'
+
+class ConnectionIdTest < Test::Unit::TestCase
+  class CidWrapper
+    include RTunnel::ConnectionId
+  end
+
+  def setup
+    @server = CidWrapper.new
+  end
+
+  def test_ids_are_unique
+    n_ids = 1024
+    ids = (0...n_ids).map { @server.new_connection_id }
+    assert_equal n_ids, ids.uniq.length
+  end
+    
+  def test_id_sequences_are_not_trivial
+    n_servers = 256
+    n_ids = 16
+    sequences = (0...n_servers).map { CidWrapper.new }.map do |server|
+      (0...n_ids).map { server.new_connection_id }
+    end
+    0.upto(n_ids - 1) do |i|
+      assert_equal n_servers, sequences.map { |seq| seq[i] }.uniq.length
+    end
+  end
+end

data/test/test_crypto.rb

@@ -0,0 +1,127 @@
+require 'rtunnel'
+
+require 'openssl'
+require 'test/unit'
+
+class CryptoTest < Test::Unit::TestCase
+  C = RTunnel::Crypto
+  
+  @@rsa_key_path = 'test_data/ssh_host_rsa_key' 
+  @@dsa_key_path = 'test_data/ssh_host_dsa_key' 
+  @@known_hosts_path = 'test_data/known_hosts' 
+  @@authorized_keys_path = 'test_data/authorized_keys2'
+  
+  def test_read_private_key
+    key = C.read_private_key @@rsa_key_path
+    assert_equal File.read(@@rsa_key_path), key.to_pem
+    assert_equal OpenSSL::PKey::RSA, key.class
+
+    key = C.read_private_key @@dsa_key_path
+    assert_equal File.read(@@dsa_key_path), key.to_pem
+    assert_equal OpenSSL::PKey::DSA, key.class
+  end
+  
+  def test_read_known_hosts
+    keys = C.read_authorized_keys @@known_hosts_path    
+    verify_authorized_keys keys    
+  end
+
+  def test_read_authorized_keys
+    keys = C.read_authorized_keys @@authorized_keys_path
+    verify_authorized_keys keys    
+  end
+  
+  def verify_authorized_keys(keys)
+    assert_equal 4, keys.length
+    assert_equal [OpenSSL::PKey::RSA] * 3 + [OpenSSL::PKey::DSA],
+                 keys.map { |k| k.class }
+    assert_equal C.read_private_key(@@rsa_key_path).public_key.to_pem,
+                 keys[1].to_pem
+    assert_equal C.read_private_key(@@dsa_key_path).public_key.to_pem,
+                 keys[3].to_pem    
+  end
+  
+  def test_key_fingerprint
+    keys = C.read_authorized_keys @@known_hosts_path
+
+    assert_equal 4, keys.map { |k| C.key_fingerprint k }.uniq.length
+    keys.each { |k| assert_equal C.key_fingerprint(k), C.key_fingerprint(k) }
+  end
+  
+  def test_load_public_keys
+    keyset = C.load_public_keys @@known_hosts_path
+    rsa_key = C.read_private_key @@rsa_key_path
+    dsa_key = C.read_private_key @@dsa_key_path
+    
+    assert_equal rsa_key.public_key.to_pem,
+                 keyset[C.key_fingerprint(rsa_key)].to_pem
+    assert_equal dsa_key.public_key.to_pem,
+                 keyset[C.key_fingerprint(dsa_key)].to_pem
+  end
+  
+  def test_key_encryption
+    test_data = 'qwertyuiopasdfghjklzxcvbnm' * 2
+    rsa_key = C.read_private_key @@rsa_key_path
+    dsa_key = C.read_private_key @@rsa_key_path
+    
+    [rsa_key, dsa_key].each do |key|
+      encrypted_data = C.encrypt_with_key key.public_key, test_data
+      decrypted_data = C.decrypt_with_key key, encrypted_data
+      
+      assert_equal test_data, decrypted_data
+      0.upto(test_data.length - 4) do |i|
+        assert !encrypted_data.index(test_data[i, 4]),
+               'Encryption did not wipe the original pattern'
+      end
+    end
+  end
+  
+  def test_encryption_depends_on_key
+    num_keys = 16
+    test_data = 'qwertyuiopasdfghjklzxcvbnm' * 2
+    keys = (0...num_keys).map { OpenSSL::PKey::RSA.generate 1024, 35 }
+    assert_equal num_keys, keys.map { |k| C.encrypt_with_key k, test_data }.
+                                uniq.length
+  end
+  
+  def test_hasher_random_keys_are_random
+    num_keys = 1024
+    assert_equal num_keys, (0...num_keys).map { C::Hasher.random_key }.
+                                          uniq.length
+  end
+  
+  def test_hasher_random_keys_yield_random_results
+    num_keys = 1024
+    test_data = 'qwertyuiopasdfghjklzxcvbnm' * 2
+    assert_equal num_keys, (0...num_keys).map { C::Hasher.new.hash test_data }.
+                                          uniq.length
+  end
+  
+  def test_hasher_hashes_are_finite
+    num_blocks = 64
+    block = 'qwertyuiopasdfghjklzxcvbnm'
+    
+    hasher = C::Hasher.new
+    hash_length = hasher.hash('').length
+    1.upto(num_blocks) { |n| assert_equal hash_length, hasher.hash(block * n).
+                                                              length }
+  end
+  
+  def test_hasher_has_state
+    num_blocks = 1024
+    block = 'qwertyuiopasdfghjklzxcvbnm'
+    hasher = C::Hasher.new
+    
+    assert_equal num_blocks, (0...num_blocks).map { hasher.hash block}.uniq.
+                                               length
+  end
+  
+  def test_hasher_is_reproducible
+    hasher = C::Hasher.new
+    hasher2 = C::Hasher.new hasher.key
+    
+    num_blocks = 128
+    block = 'qwertyuiopasdfghjklzxcvbnm'
+    1.upto(num_blocks) { assert_equal hasher.hash(block), hasher2.hash(block) }
+  end
+end