eventmachine 1.0.3-x86-mingw32 → 1.2.0.dev.2-x86-mingw32

data/tests/test_ssl_args.rb

@@ -45,7 +45,7 @@ class TestSslArgs < Test::Unit::TestCase
   def test_tls_params_file_doesnt_exist
     priv_file, cert_file = 'foo_priv_key', 'bar_cert_file'
     [priv_file, cert_file].all? do |f|
-      assert(!File.exists?(f), "Cert file #{f} seems to exist, and should not for the tests")
+      assert(!File.exist?(f), "Cert file #{f} seems to exist, and should not for the tests")
     end
     
     # associate_callback_target is a pain! (build!)
@@ -75,4 +75,4 @@ class TestSslArgs < Test::Unit::TestCase
       assert(false, 'should not have raised an exception')
     end
   end
-end if EM.ssl?
+end if EM.ssl?

data/tests/test_ssl_dhparam.rb

@@ -0,0 +1,83 @@
+require 'em_test_helper'
+
+class TestSslDhParam < Test::Unit::TestCase
+  def setup
+    $dir = File.dirname(File.expand_path(__FILE__)) + '/'
+    $dhparam_file = File.join($dir, 'dhparam.pem')
+  end
+
+  module Client
+    def connection_completed
+      start_tls
+    end
+
+    def ssl_handshake_completed
+      $client_handshake_completed = true
+      $client_cipher_name = get_cipher_name
+      close_connection
+    end
+
+    def unbind
+      EM.stop_event_loop
+    end
+  end
+
+  module Server
+    def post_init
+      start_tls(:dhparam => $dhparam_file, :cipher_list => "DHE,EDH")
+    end
+
+    def ssl_handshake_completed
+      $server_handshake_completed = true
+      $server_cipher_name = get_cipher_name
+    end
+  end
+
+  module NoDhServer
+    def post_init
+      start_tls(:cipher_list => "DHE,EDH")
+    end
+
+    def ssl_handshake_completed
+      $server_handshake_completed = true
+      $server_cipher_name = get_cipher_name
+    end
+  end
+
+  def test_no_dhparam
+    omit_unless(EM.ssl?)
+    omit_if(rbx?)
+
+    $client_handshake_completed, $server_handshake_completed = false, false
+    $server_cipher_name, $client_cipher_name = nil, nil
+
+    EM.run {
+      EM.start_server("127.0.0.1", 16784, NoDhServer)
+      EM.connect("127.0.0.1", 16784, Client)
+    }
+
+    assert(!$client_handshake_completed)
+    assert(!$server_handshake_completed)
+  end
+
+  def test_dhparam
+    omit_unless(EM.ssl?)
+    omit_if(rbx?)
+
+    $client_handshake_completed, $server_handshake_completed = false, false
+    $server_cipher_name, $client_cipher_name = nil, nil
+
+    EM.run {
+      EM.start_server("127.0.0.1", 16784, Server)
+      EM.connect("127.0.0.1", 16784, Client)
+    }
+
+    assert($client_handshake_completed)
+    assert($server_handshake_completed)
+
+    assert($client_cipher_name.length > 0)
+    assert_equal($client_cipher_name, $server_cipher_name)
+
+    assert_match(/^(DHE|EDH)/, $client_cipher_name)
+  end
+end

data/tests/test_ssl_ecdh_curve.rb

@@ -0,0 +1,79 @@
+require 'em_test_helper'
+
+class TestSslEcdhCurve < Test::Unit::TestCase
+  module Client
+    def connection_completed
+      start_tls
+    end
+
+    def ssl_handshake_completed
+      $client_handshake_completed = true
+      $client_cipher_name = get_cipher_name
+      close_connection
+    end
+
+    def unbind
+      EM.stop_event_loop
+    end
+  end
+
+  module Server
+    def post_init
+      start_tls(:ecdh_curve => "prime256v1", :cipher_list => "ECDH")
+    end
+
+    def ssl_handshake_completed
+      $server_handshake_completed = true
+      $server_cipher_name = get_cipher_name
+    end
+  end
+
+  module NoCurveServer
+    def post_init
+      start_tls(:cipher_list => "ECDH")
+    end
+
+    def ssl_handshake_completed
+      $server_handshake_completed = true
+      $server_cipher_name = get_cipher_name
+    end
+  end
+
+  def test_no_ecdh_curve
+    omit_unless(EM.ssl?)
+    omit_if(rbx?)
+
+    $client_handshake_completed, $server_handshake_completed = false, false
+
+    EM.run {
+      EM.start_server("127.0.0.1", 16784, NoCurveServer)
+      EM.connect("127.0.0.1", 16784, Client)
+    }
+
+    assert(!$client_handshake_completed)
+    assert(!$server_handshake_completed)
+  end
+
+  def test_ecdh_curve
+    omit_unless(EM.ssl?)
+    omit_if(rbx?)
+
+    $client_handshake_completed, $server_handshake_completed = false, false
+    $server_cipher_name, $client_cipher_name = nil, nil
+
+    EM.run {
+      EM.start_server("127.0.0.1", 16784, Server)
+      EM.connect("127.0.0.1", 16784, Client)
+    }
+
+    assert($client_handshake_completed)
+    assert($server_handshake_completed)
+
+    assert($client_cipher_name.length > 0)
+    assert_equal($client_cipher_name, $server_cipher_name)
+
+    assert_match(/^(AECDH|ECDHE)/, $client_cipher_name)
+  end
+
+
+end

data/tests/test_ssl_extensions.rb

@@ -0,0 +1,49 @@
+require 'em_test_helper'
+
+require 'socket'
+require 'openssl'
+
+if EM.ssl?
+  class TestSslExtensions < Test::Unit::TestCase
+
+    module Client
+      def ssl_handshake_completed
+        $client_handshake_completed = true
+        close_connection
+      end
+
+      def unbind
+        EM.stop_event_loop
+      end
+
+      def connection_completed
+        start_tls(:ssl_version => :tlsv1, :sni_hostname => 'example.com')
+      end
+    end
+
+    module Server
+      def ssl_handshake_completed
+        $server_handshake_completed = true
+        $server_sni_hostname = get_sni_hostname
+      end
+
+      def post_init
+        start_tls(:ssl_version => :TLSv1)
+      end
+    end
+
+    def test_tlsext_sni_hostname
+      $server_handshake_completed = false
+
+      EM.run do
+        EM.start_server("127.0.0.1", 16784, Server)
+        EM.connect("127.0.0.1", 16784, Client)
+      end
+
+      assert($server_handshake_completed)
+      assert_equal('example.com', $server_sni_hostname)
+    end
+  end
+else
+  warn "EM built without SSL support, skipping tests in #{__FILE__}"
+end

data/tests/test_ssl_methods.rb

@@ -3,7 +3,6 @@ require 'em_test_helper'
 class TestSSLMethods < Test::Unit::TestCase
 
   module ServerHandler
-
     def post_init
       start_tls
     end
@@ -11,12 +10,13 @@ class TestSSLMethods < Test::Unit::TestCase
     def ssl_handshake_completed
       $server_called_back = true
       $server_cert_value = get_peer_cert
+      $server_cipher_bits = get_cipher_bits
+      $server_cipher_name = get_cipher_name
+      $server_cipher_protocol = get_cipher_protocol
     end
-
   end
 
   module ClientHandler
-
     def post_init
       start_tls
     end
@@ -24,14 +24,21 @@ class TestSSLMethods < Test::Unit::TestCase
     def ssl_handshake_completed
       $client_called_back = true
       $client_cert_value = get_peer_cert
+      $client_cipher_bits = get_cipher_bits
+      $client_cipher_name = get_cipher_name
+      $client_cipher_protocol = get_cipher_protocol
       EM.stop_event_loop
     end
-
   end
 
   def test_ssl_methods
+    omit_unless(EM.ssl?)
+    omit_if(rbx?)
     $server_called_back, $client_called_back = false, false
     $server_cert_value, $client_cert_value = nil, nil
+    $server_cipher_bits, $client_cipher_bits = nil, nil
+    $server_cipher_name, $client_cipher_name = nil, nil
+    $server_cipher_protocol, $client_cipher_protocol = nil, nil
 
     EM.run {
       EM.start_server("127.0.0.1", 9999, ServerHandler)
@@ -43,6 +50,16 @@ class TestSSLMethods < Test::Unit::TestCase
 
     assert($server_cert_value.is_a?(NilClass))
     assert($client_cert_value.is_a?(String))
+
+    assert($client_cipher_bits > 0)
+    assert_equal($client_cipher_bits, $server_cipher_bits)
+
+    assert($client_cipher_name.length > 0)
+    assert_match(/AES/, $client_cipher_name)
+    assert_equal($client_cipher_name, $server_cipher_name)
+
+    assert_match(/TLS/, $client_cipher_protocol)
+    assert_equal($client_cipher_protocol, $server_cipher_protocol)
   end
 
-end if EM.ssl?
+end

data/tests/test_ssl_protocols.rb

@@ -0,0 +1,246 @@
+require 'em_test_helper'
+
+require 'socket'
+require 'openssl'
+
+if EM.ssl?
+  class TestSslProtocols < Test::Unit::TestCase
+
+    module Client
+      def ssl_handshake_completed
+        $client_handshake_completed = true
+        close_connection
+      end
+
+      def unbind
+        EM.stop_event_loop
+      end
+    end
+
+    module Server
+      def ssl_handshake_completed
+        $server_handshake_completed = true
+      end
+    end
+
+    module ClientAny
+      include Client
+      def connection_completed
+        start_tls(:ssl_version => %w(sslv2 sslv3 tlsv1 tlsv1_1 tlsv1_2))
+      end
+    end
+
+    module ClientDefault
+      include Client
+      def connection_completed
+        start_tls
+      end
+    end
+
+    module ClientSSLv3
+      include Client
+      def connection_completed
+        start_tls(:ssl_version => %w(SSLv3))
+      end
+    end
+
+    module ServerSSLv3
+      include Server
+      def post_init
+        start_tls(:ssl_version => %w(SSLv3))
+      end
+    end
+
+    module ServerTLSv1CaseInsensitive
+      include Server
+      def post_init
+        start_tls(:ssl_version => %w(tlsv1))
+      end
+    end
+
+    module ServerAny
+      include Server
+      def post_init
+        start_tls(:ssl_version => %w(sslv2 sslv3 tlsv1 tlsv1_1 tlsv1_2))
+      end
+    end
+
+    module ServerDefault
+      include Server
+      def post_init
+        start_tls
+      end
+    end
+
+    module InvalidProtocol
+      include Client
+      def post_init
+        start_tls(:ssl_version => %w(tlsv1 badinput))
+      end
+    end
+
+    def test_invalid_ssl_version
+      assert_raises(RuntimeError, "Unrecognized SSL/TLS Version: badinput") do
+        EM.run do
+          EM.start_server("127.0.0.1", 16784, InvalidProtocol)
+          EM.connect("127.0.0.1", 16784, InvalidProtocol)
+        end
+      end
+    end
+
+    def test_any_to_v3
+      $client_handshake_completed, $server_handshake_completed = false, false
+      EM.run do
+        EM.start_server("127.0.0.1", 16784, ServerSSLv3)
+        EM.connect("127.0.0.1", 16784, ClientAny)
+      end
+
+      assert($client_handshake_completed)
+      assert($server_handshake_completed)
+    end
+
+    def test_case_insensitivity
+      $client_handshake_completed, $server_handshake_completed = false, false
+      EM.run do
+        EM.start_server("127.0.0.1", 16784, ServerTLSv1CaseInsensitive)
+        EM.connect("127.0.0.1", 16784, ClientAny)
+      end
+
+      assert($client_handshake_completed)
+      assert($server_handshake_completed)
+    end
+
+    def test_v3_to_any
+      $client_handshake_completed, $server_handshake_completed = false, false
+      EM.run do
+        EM.start_server("127.0.0.1", 16784, ServerAny)
+        EM.connect("127.0.0.1", 16784, ClientSSLv3)
+      end
+
+      assert($client_handshake_completed)
+      assert($server_handshake_completed)
+    end
+
+    def test_v3_to_v3
+      $client_handshake_completed, $server_handshake_completed = false, false
+      EM.run do
+        EM.start_server("127.0.0.1", 16784, ServerSSLv3)
+        EM.connect("127.0.0.1", 16784, ClientSSLv3)
+      end
+
+      assert($client_handshake_completed)
+      assert($server_handshake_completed)
+    end
+
+    def test_any_to_any
+      $client_handshake_completed, $server_handshake_completed = false, false
+      EM.run do
+        EM.start_server("127.0.0.1", 16784, ServerAny)
+        EM.connect("127.0.0.1", 16784, ClientAny)
+      end
+
+      assert($client_handshake_completed)
+      assert($server_handshake_completed)
+    end
+
+    def test_default_to_default
+      $client_handshake_completed, $server_handshake_completed = false, false
+      EM.run do
+        EM.start_server("127.0.0.1", 16784, ServerDefault)
+        EM.connect("127.0.0.1", 16784, ClientDefault)
+      end
+
+      assert($client_handshake_completed)
+      assert($server_handshake_completed)
+    end
+
+    module ServerV3StopAfterHandshake
+      def post_init
+        start_tls(:ssl_version => %w(SSLv3))
+      end
+
+      def ssl_handshake_completed
+        $server_handshake_completed = true
+        EM.stop_event_loop
+      end
+    end
+
+    module ServerTLSv1StopAfterHandshake
+      def post_init
+        start_tls(:ssl_version => %w(TLSv1))
+      end
+
+      def ssl_handshake_completed
+        $server_handshake_completed = true
+        EM.stop_event_loop
+      end
+    end
+
+    def test_v3_with_external_client
+      $server_handshake_completed = false
+      EM.run do
+        setup_timeout(2)
+        EM.start_server("127.0.0.1", 16784, ServerV3StopAfterHandshake)
+        EM.defer do
+          sock = TCPSocket.new("127.0.0.1", 16784)
+          ctx = OpenSSL::SSL::SSLContext.new
+          ctx.ssl_version = :SSLv3_client
+          ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
+          ssl.connect
+          ssl.close rescue nil
+          sock.close rescue nil
+        end
+      end
+
+      assert($server_handshake_completed)
+    end
+
+    def test_tlsv1_with_external_client
+      $server_handshake_completed = false
+      EM.run do
+        setup_timeout(2)
+        EM.start_server("127.0.0.1", 16784, ServerTLSv1StopAfterHandshake)
+        EM.defer do
+          sock = TCPSocket.new("127.0.0.1", 16784)
+          ctx = OpenSSL::SSL::SSLContext.new
+          ctx.ssl_version = :TLSv1_client
+          ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
+          ssl.connect
+          ssl.close rescue nil
+          sock.close rescue nil
+        end
+      end
+
+      assert($server_handshake_completed)
+    end
+
+    def test_tlsv1_required_with_external_client
+      $server_handshake_completed = false
+
+      EM.run do
+        n = 0
+        EM.add_periodic_timer(0.5) do
+          n += 1
+          (EM.stop rescue nil) if n == 2
+        end
+        EM.start_server("127.0.0.1", 16784, ServerTLSv1StopAfterHandshake)
+        EM.defer do
+          sock = TCPSocket.new("127.0.0.1", 16784)
+          ctx = OpenSSL::SSL::SSLContext.new
+          ctx.ssl_version = :SSLv3_client
+          ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
+          assert_raise OpenSSL::SSL::SSLError do
+            ssl.connect
+          end
+          ssl.close rescue nil
+          sock.close rescue nil
+          EM.stop rescue nil
+        end
+      end
+
+      assert(!$server_handshake_completed)
+    end
+  end
+else
+  warn "EM built without SSL support, skipping tests in #{__FILE__}"
+end