tordam

A library for peer discovery inside the Tor network
git clone https://git.parazyd.org/tordam
Log | Files | Refs | README | LICENSE
commit 82e1c2d9f4921c221ca43f9c10a5c21072fb2942
parent 4c72b03422135d1cb54a4f625ea2f73ed26e1cbc
Author: parazyd <parazyd@dyne.org>
Date:   Tue, 12 Dec 2017 03:14:10 +0100

Reformat and reenable all tests.

Diffstat:

Mcmd/dam-dir/main_test.go | 105+++++++++++++++++++++++++++++++++++++++++++------------------------------------


Mpkg/damlib/validate.go | 1+


2 files changed, 58 insertions(+), 48 deletions(-)

diff --git a/cmd/dam-dir/main_test.go b/cmd/dam-dir/main_test.go
@@ -61,26 +61,19 @@ func firstAnnValid() (*http.Response, error) {
 }
 
 func TestValidFirstHandshake(t *testing.T) {
-	t.SkipNow()
+	//t.SkipNow()
 	resp, err := firstAnnValid()
 	if err != nil {
 		t.Fatal(err)
 	}
-	if resp.StatusCode == 500 {
-		// Couldn't get a descriptor.
-		m, err := getRespText(resp)
-		if err != nil {
-			t.Fatal(err)
-		}
-		t.Skipf("Server replied: %s\n", m.Secret)
-	} else if resp.StatusCode != 200 {
-		t.Log(resp.StatusCode)
-		t.Fatal("Server did not respond with HTTP 200")
-	}
 	m, err := getRespText(resp)
 	if err != nil {
 		t.Fatal(err)
 	}
+	if m.Secret == "Could not get a descriptor. Try later." {
+		t.Skipf("Server replied: %s\n", m.Secret)
+	}
+
 	decodedSecret, err := base64.StdEncoding.DecodeString(m.Secret)
 	if err != nil {
 		t.Fatal(err)
@@ -88,30 +81,30 @@ func TestValidFirstHandshake(t *testing.T) {
 	if len(decodedSecret) != 128 {
 		t.Fatal("decodedSecret is not of correct length.")
 	}
+	if resp.StatusCode != 200 {
+		t.Log(resp.StatusCode)
+		t.Fatal("Server did not respond with HTTP 200")
+	}
 	t.Log("Server replied:", m.Secret)
 }
 
 func TestValidSecondHandshake(t *testing.T) {
-	t.SkipNow()
+	//t.SkipNow()
 	resp, err := firstAnnValid()
 	if err != nil {
 		t.Fatal(err)
 	}
-	if resp.StatusCode == 500 {
-		// Couldn't get a descriptor.
-		m, err := getRespText(resp)
-		if err != nil {
-			t.Fatal(err)
-		}
-		t.Skipf("Server replied: %s\n", m.Secret)
-	} else if resp.StatusCode != 200 {
-		t.Log(resp.StatusCode)
-		t.Fatal("Server did not respond with HTTP 200")
-	}
 	m, err := getRespText(resp)
 	if err != nil {
 		t.Fatal(err)
 	}
+	if m.Secret == "Could not get a descriptor. Try later." {
+		t.Skipf("Server replied: %s\n", m.Secret)
+	}
+	if resp.StatusCode != 200 {
+		t.Log(resp.StatusCode)
+		t.Fatal("Server did not respond with HTTP 200")
+	}
 	decodedSecret, err := base64.StdEncoding.DecodeString(m.Secret)
 	if err != nil {
 		t.Fatal(err)
@@ -155,8 +148,13 @@ func TestValidSecondHandshake(t *testing.T) {
 
 func TestInvalidNodetypeFirst(t *testing.T) {
 	//t.SkipNow()
-	vals := ValidFirst
-	vals["nodetype"] = "foobar"
+	var vals = map[string]string{
+		"nodetype":  "foobar", // Invalid.
+		"address":   "22mobp7vrb7a4gt2.onion",
+		"message":   "I am a DAM node!",
+		"signature": "BuB/Dv8E44CLzUX88K2Ab0lUNS9A0GSkHPtrFNNWZMihPMWN0ORhwMZBRnMJ8woPO3wSONBvEvaCXA2hvsVrUJTa+hnevQNyQXCRhdTVVuVXEpjyFzkMamxb6InrGqbsGGkEUqGMSr9aaQ85N02MMrM6T6JuyqSSssFg2xuO+P4=",
+		"secret":    "",
+	}
 	resp, err := postReq(vals)
 	if err != nil {
 		t.Fatal(err)
@@ -176,8 +174,13 @@ func TestInvalidNodetypeFirst(t *testing.T) {
 
 func TestInvalidAddressFirst(t *testing.T) {
 	//t.SkipNow()
-	vals := ValidFirst
-	vals["address"] = "foobar.onion"
+	var vals = map[string]string{
+		"nodetype":  "node",
+		"address":   "foobar.onion", // Invalid.
+		"message":   "I am a DAM node!",
+		"signature": "BuB/Dv8E44CLzUX88K2Ab0lUNS9A0GSkHPtrFNNWZMihPMWN0ORhwMZBRnMJ8woPO3wSONBvEvaCXA2hvsVrUJTa+hnevQNyQXCRhdTVVuVXEpjyFzkMamxb6InrGqbsGGkEUqGMSr9aaQ85N02MMrM6T6JuyqSSssFg2xuO+P4=",
+		"secret":    "",
+	}
 	resp, err := postReq(vals)
 	if err != nil {
 		t.Fatal(err)
@@ -198,17 +201,26 @@ func TestInvalidAddressFirst(t *testing.T) {
 func TestInvalidMessageFirst(t *testing.T) {
 	//t.SkipNow()
 	// Valid message and signature, but the signature did not sign this message.
-	vals := ValidFirst
-	vals["message"] = "foobar"
+	var vals = map[string]string{
+		"nodetype":  "node",
+		"address":   "22mobp7vrb7a4gt2.onion",
+		"message":   "I am a MAD node!", // Not matching the below signature.
+		"signature": "BuB/Dv8E44CLzUX88K2Ab0lUNS9A0GSkHPtrFNNWZMihPMWN0ORhwMZBRnMJ8woPO3wSONBvEvaCXA2hvsVrUJTa+hnevQNyQXCRhdTVVuVXEpjyFzkMamxb6InrGqbsGGkEUqGMSr9aaQ85N02MMrM6T6JuyqSSssFg2xuO+P4=",
+		"secret":    "",
+	}
 	resp, err := postReq(vals)
 	if err != nil {
 		t.Fatal(err)
 	}
+
 	m, err := getRespText(resp)
 	if err != nil {
 		t.Fatal(err)
 	}
-	if m.Secret != "Request is not valid." {
+	if m.Secret == "Could not get a descriptor. Try later." {
+		t.Skipf("Server replied: %s\n", m.Secret)
+	}
+	if m.Secret != "Signature verification failure." {
 		t.Fatal("Server replied:", m.Secret)
 	}
 	if resp.StatusCode != 400 {
@@ -218,10 +230,15 @@ func TestInvalidMessageFirst(t *testing.T) {
 }
 
 func TestInvalidSignatureFirst(t *testing.T) {
-	t.SkipNow()
+	//t.SkipNow()
 	// Invalid signature format.
-	vals := ValidFirst
-	vals["signature"] = "ThisIsNotBase64=="
+	var vals = map[string]string{
+		"nodetype":  "node",
+		"address":   "22mobp7vrb7a4gt2.onion",
+		"message":   "I am a DAM node!",
+		"signature": "ThisIsnotbasE64==", // Invalid.
+		"secret":    "",
+	}
 	resp, err := postReq(vals)
 	if err != nil {
 		t.Fatal(err)
@@ -230,7 +247,7 @@ func TestInvalidSignatureFirst(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	if strings.HasPrefix(m.Secret, "illegal base64 data at input byte ") {
+	if !(strings.HasPrefix(m.Secret, "illegal base64 data at input byte ")) {
 		t.Fatal("Server replied:", m.Secret)
 	}
 	if resp.StatusCode != 400 {
@@ -240,7 +257,7 @@ func TestInvalidSignatureFirst(t *testing.T) {
 }
 
 func TestInvalidSecond(t *testing.T) {
-	t.SkipNow()
+	//t.SkipNow()
 	// Try to jump in the second handshake without doing the first.
 	// The values below are valid.
 	vals := ValidFirst
@@ -251,24 +268,16 @@ func TestInvalidSecond(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	if resp.StatusCode == 500 {
-		// Couldn't get a descriptor.
-		m, err := getRespText(resp)
-		if err != nil {
-			t.Fatal(err)
-		}
-		t.Skipf("Server replied: %s\n", m.Secret)
-	} else if resp.StatusCode != 400 {
-		//	t.Fatal("Server did not respond with HTTP 400")
-	}
-
 	m, err := getRespText(resp)
 	if err != nil {
 		t.Fatal(err)
 	}
-	if m.Secret != "Verification Failed. Bye." {
+	if m.Secret != "We have not seen you before. Please authenticate properly." {
 		t.Fatal("Server replied:", m.Secret)
 	}
+	if resp.StatusCode != 400 {
+		t.Fatal("Server did not respond with HTTP 400")
+	}
 	t.Log("Server replied:", m.Secret)
 }
 
diff --git a/pkg/damlib/validate.go b/pkg/damlib/validate.go
@@ -190,6 +190,7 @@ func ValidateSecond(req map[string]string) (bool, string) {
 			CheckError(errors.New("Invalid data fetched from redis when requesting pubkey"))
 		}
 	} else {
+		log.Printf("%s tried to jump in 2/2 handshake before doing the first.\n", req["address"])
 		return false, "We have not seen you before. Please authenticate properly."
 	}