diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2015-07-20 16:53:17 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2015-07-20 16:53:17 +0900 |
commit | 1caf200f2ac59d9ee3384c9bc08457affa76d453 (patch) | |
tree | 44ac2dbe78a6b5621ad74e6d3adc09f4f108f907 | |
parent | 3eb1f1bafd64c5a41b1579391a938a69fab7d6b9 (diff) | |
download | plum-1caf200f2ac59d9ee3384c9bc08457affa76d453.tar.gz |
test: add test for invalid client preface magic
-rw-r--r-- | test/server.crt | 19 | ||||
-rw-r--r-- | test/server.csr | 16 | ||||
-rw-r--r-- | test/server.key | 27 | ||||
-rw-r--r-- | test/server_state_test.rb | 65 | ||||
-rw-r--r-- | test/test_helper.rb | 3 |
5 files changed, 130 insertions, 0 deletions
diff --git a/test/server.crt b/test/server.crt new file mode 100644 index 0000000..6ac1880 --- /dev/null +++ b/test/server.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDADCCAegCCQCasnaEkilFpDANBgkqhkiG9w0BAQsFADBCMQswCQYDVQQGEwJK +UDEOMAwGA1UECAwFVG9reW8xDzANBgNVBAoMBnJoZS5qcDESMBAGA1UEAwwJbG9j +YWxob3N0MB4XDTE1MDcyMDA2NTc1N1oXDTI1MDcxNzA2NTc1N1owQjELMAkGA1UE +BhMCSlAxDjAMBgNVBAgMBVRva3lvMQ8wDQYDVQQKDAZyaGUuanAxEjAQBgNVBAMM +CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTOiEAW +dc+SQ5DOXd/C6fFCj9Ykfk1ykFaYainKYjDkzdPC1oX7h0HCF7v5CJ4gPObuKtT0 +YhQ74kiD0NbJGO0+KscZmmYaLbAmhNi1DDpv5c0mYmwzHR7I5qRbfbUlOnhHvwRX +XIzzUVVYTGExEYgrVLaLnVva+dRAs+yKGUkqwTG4lo7XVVS/f7UXLn8pJiRRzC34 +kFoEwybWgjme1liC1M+oUft8rkrvZtgLsbZTifkM8uql9ytcIYVMxRteIy3d4W7I +Lh60SGMoRBSIC5T1OwuM2jjsMJTcmIntmRHutRKH62gqryyZzNqf7O/o28g3M/E0 +0qDCKqL0JjNM/m8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAW3bWpzS5p+QurVBt +wMgePDkv1OGb5suCYI3OHOry5j5uUSbZFMoQGxFDWlQkmRbPvWvkGB2lozcNy0Gd +qgknNgpxnv2gM6rBX93UE3Xez6q9H6+jlC4cdsGXqw/mC8VzxH/YkdkCfn2CrR/H +/dUy2++NtEKqbRBETRDB6tWM43K0fV1Ow/TketCBBztMTV0+smqc3dhKtv7wqcvD +E024K17wDStFp/pB6ZXY0K9wEZt+NFdyYo8IXmkyGKzIksDrvjL+2D4PdagEbz7J +bWhOWkMrJIawnhJm9+jf9I8c4VqumphM1lWcI1ZySTxVZV7jxOichE9PJJBpKiG8 +9jBWDg== +-----END CERTIFICATE----- diff --git a/test/server.csr b/test/server.csr new file mode 100644 index 0000000..c9854a4 --- /dev/null +++ b/test/server.csr @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIChzCCAW8CAQAwQjELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMQ8wDQYD +VQQKDAZyaGUuanAxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAMTOiEAWdc+SQ5DOXd/C6fFCj9Ykfk1ykFaYainKYjDk +zdPC1oX7h0HCF7v5CJ4gPObuKtT0YhQ74kiD0NbJGO0+KscZmmYaLbAmhNi1DDpv +5c0mYmwzHR7I5qRbfbUlOnhHvwRXXIzzUVVYTGExEYgrVLaLnVva+dRAs+yKGUkq +wTG4lo7XVVS/f7UXLn8pJiRRzC34kFoEwybWgjme1liC1M+oUft8rkrvZtgLsbZT +ifkM8uql9ytcIYVMxRteIy3d4W7ILh60SGMoRBSIC5T1OwuM2jjsMJTcmIntmRHu +tRKH62gqryyZzNqf7O/o28g3M/E00qDCKqL0JjNM/m8CAwEAAaAAMA0GCSqGSIb3 +DQEBCwUAA4IBAQA0SapSebe5VEfJ5fzNXufuhOUUdspm6bFN6uZgq7i3ayISvfL9 +8gsqAyUzsRCMlejUDgRzIHDJCrN9gWCs4+IrqC4YkIoetxH4hs9gxAS9wATcLQPN +iqe8/kJiput5kFjp+XPH21VSiDDCaJGuXmBMMywPvJwT2G4WbPZe1VbHplb3x50j +A/OZjh+Uvlej+gHWWP9YVoQmp4oLPfUpksF00z4gw6h8tgMoww4T0cGF/z/qa5Vy +yMJpRVGcQavhwV8lGpN6cNgtQQIal1kaKYcyOx9bDiWmzuMYAVUZ3KreqT5HpSVx +PT/yMIBzcSI/9rjTAlnyMbjxQFnrZYWsb/6e +-----END CERTIFICATE REQUEST----- diff --git a/test/server.key b/test/server.key new file mode 100644 index 0000000..08e19f7 --- /dev/null +++ b/test/server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAxM6IQBZ1z5JDkM5d38Lp8UKP1iR+TXKQVphqKcpiMOTN08LW +hfuHQcIXu/kIniA85u4q1PRiFDviSIPQ1skY7T4qxxmaZhotsCaE2LUMOm/lzSZi +bDMdHsjmpFt9tSU6eEe/BFdcjPNRVVhMYTERiCtUtoudW9r51ECz7IoZSSrBMbiW +jtdVVL9/tRcufykmJFHMLfiQWgTDJtaCOZ7WWILUz6hR+3yuSu9m2AuxtlOJ+Qzy +6qX3K1whhUzFG14jLd3hbsguHrRIYyhEFIgLlPU7C4zaOOwwlNyYie2ZEe61Eofr +aCqvLJnM2p/s7+jbyDcz8TTSoMIqovQmM0z+bwIDAQABAoIBAHXtY8szKijU9dOB +NNLt0oyUW+fvOhdiPIcHESY1dRzjHUp0h2MFUwjeKqaiFL3bh2LA971fKp4BPBhD +lBH/sgYGqE9hUhk4OoRAsH3CDq+9eS+yfmtjPWHC9CEsCWlQA3crVpRdXMHA0s2W ++T2Lz3uOq1Yu1n3B+s1qb+We4oPqIkYj3qHpP+BxQYrL9y4L8Hk+dJZviYanlrcG +MV8CH8WnwqbwkQRDwxE04qALrOWeIE44zY/ZzNCOs8Q4MzyLRFSyAOURECoh4V// +1eNZd0ojiyxRlpRuDkVt7zn6+FdxZrRySuJxEwFQ5Qanl37yMJb/NN8ill3D8T9L +vjRTwXECgYEA974PL0IVZmhuk5FcyObFaNDSL196evgUAnPxMQwATwXMzKPw6azE +rRnBopoS4zq4XWXWR/GAIskmF8vag9zf/za9f8QlJzqT3eQE4mGZeZfpic2WYtBZ +AojLgEwMGcof4TGHv0dCdSjuw95dXvL7qUopqfiB95TLSv2VXkW6arMCgYEAy13Z +K2RUt0DLafs/nmNywYDt/isMTTkL0tf4QjdB8Os4C1WcyMUSd1yYblrmsNN8/eWe +gOHrFt/zwD/kz0z5f/LBsIoEI3ZmJWjL29FQhSllM8q3JfkwCOfH5TmNDF/aAA1t +b0g+LSSxoUwttLu2euJk64uTGTWXrU+7BxVWq1UCgYAtaVRFOFrN28SxHgsg9FQp +Q2XTsy+zTLf2PyRt9iI0Wf7RYBev7bBbfoYk9RMTPdc/n4QoydbQCYkHAaH7W8hf +crxHqD+bMjyahspyaKuGQ1dWoC25zTETqtmKmeX58Dfpwnd8k2ZWLXuewarh1a5V +uLdsZZYFOOwOwe7YSfXCywKBgQCU2HCd2MZEhhEb1b/fjowsYtBOKnXLg4hK3rWe +yVDjI1YWvaeOLudwI36RrsiP/YrLTievzyrAyFNgj6NJst4eLrBjJPEYf40NrmEe +11mmzQB8Ys+f5H2q1vIwrOm2d+VYCnvhai/P3L6B/v6o/Ib39AHHgJW+asJEIEoU +SiLwLQKBgHEY7WLyqs7dPf9ZxJErZH2eTstMtj649750GsfQGqr0Ul/zWWSq6QPJ +lzVB2B+g/m6xnPQjn7dXPLeZ3lLbmcLTpl5O9T65qDXgVIzKPX4Ybd4ozjDOfHW5 +u5vKC+xEwJK+17JJ78Mb8XH7vmujCmKLueEuZtgrT6P9Cke26yEN +-----END RSA PRIVATE KEY----- diff --git a/test/server_state_test.rb b/test/server_state_test.rb new file mode 100644 index 0000000..9d3d526 --- /dev/null +++ b/test/server_state_test.rb @@ -0,0 +1,65 @@ +require "test_helper" + +class ServerStateTest < Minitest::Test + def test_server_must_repond_cprotocol_error_on_invalid_magic + invalid_magic = "HELLO" * 10 + start_server do + start_client do |sock| + sock.write(invalid_magic) + ret = Plum::BinaryString.new(sock.readpartial(1024)) + frame = Plum::Frame.parse!(ret) + assert_equal(:goaway, frame.type) # connection error + assert_equal(0x01, frame.payload.uint32(4)) # protocol error + end + end + end + + private + # Starts a HTTP/2 server and returns Thread object + def start_server(server_handler = nil, &blk) + ctx = OpenSSL::SSL::SSLContext.new + ctx.alpn_select_cb = -> protocols { "h2" } + ctx.cert = OpenSSL::X509::Certificate.new File.read(File.expand_path("../server.crt", __FILE__)) + ctx.key = OpenSSL::PKey::RSA.new File.read(File.expand_path("../server.key", __FILE__)) + tcp_server = TCPServer.new("127.0.0.1", LISTEN_PORT) + ssl_server = OpenSSL::SSL::SSLServer.new(tcp_server, ctx) + + server_thread = Thread.new { + begin + timeout(3) { + sock = ssl_server.accept + plum = Plum::ServerConnection.new(sock) + server_handler.call(plum) if server_handler + plum.start + } + rescue TimeoutError + flunk "server timeout" + ensure + tcp_server.close + end + } + client_thread = Thread.new { + begin + timeout(3) { blk.call } + rescue TimeoutError + flunk "client timeout" + end + } + client_thread.join + server_thread.join + end + + # Connect to server and returns client socket + def start_client(ctx = nil, &blk) + ctx ||= OpenSSL::SSL::SSLContext.new.tap {|ctx| + ctx.alpn_protocols = ["h2"] + } + + sock = TCPSocket.new("127.0.0.1", LISTEN_PORT) + ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) + ssl.connect + blk.call(ssl) + ensure + ssl.close + end +end diff --git a/test/test_helper.rb b/test/test_helper.rb index 361fd12..88cf453 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -1,5 +1,8 @@ require "plum" +require "timeout" require "minitest" require "minitest/unit" require "minitest/autorun" require "minitest/pride" + +LISTEN_PORT = ENV["PLUM_LISTEN_PORT"] || 40444 |