-
Notifications
You must be signed in to change notification settings - Fork 47
/
conn_test.go
411 lines (339 loc) · 10.4 KB
/
conn_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
package apns_test
import (
"bytes"
"crypto/tls"
"fmt"
"io"
"io/ioutil"
"log"
"net"
"os"
"strings"
"time"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
"github.com/timehop/apns"
)
var DummyCert = `-----BEGIN CERTIFICATE-----
MIIC9TCCAd+gAwIBAgIQf3bEgFWUb+q6eK5ySkV/gjALBgkqhkiG9w0BAQUwEjEQ
MA4GA1UEChMHQWNtZSBDbzAeFw0xNDA2MzAwNDI5MDhaFw0xNTA2MzAwNDI5MDha
MBIxEDAOBgNVBAoTB0FjbWUgQ28wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhAgWrrFZBtCfVEPg1tSIr9fuSUoeundb556IUr9uOmOHaYK7r3/I43acw
bVIfaenFxwUUf8YakQzTjOa5qSfK/Eylyw2ezBJtNUEqcHw0f+y66+jJbZa4clPa
tL6ezaMS/syXPpvNU8+16jdVdTJzqdBdSGAZMOCeumUWDNdlfBmHPVq1JMy0uGmO
XDoZK2Ir0/3LUfjk9R2wdm1VLrJAml7F0L0FhBHHXgHOSFM2ixjGflffaiuTCxhW
1z1NTo9XjWUQh2iM9Udf+xVnJLGLZ0EMFr2qihuK604Fp4SlNHEF+UWUn+j0PYo+
LbzM9oKJcdVD0XI36vrn3rGPHO9vAgMBAAGjSzBJMA4GA1UdDwEB/wQEAwIAoDAT
BgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuCCWxv
Y2FsaG9zdDALBgkqhkiG9w0BAQUDggEBAGJ/3I4KKlbEwLAC5ut4ZZ9V8WF4sHkI
Lj7e4vx2pPi6hf9miV1ff01NrpfUna7flwL9yD7Ybl7jRRIB4rIcKk+U5djGsT3H
ScGkbIMKrr08drWw1g4JU6PBH7xTfzGxNRERrnmrbJV0jCo9Tt8i53IpPtp6Z2Q1
8ydtPhU+Bpe2YoNr1w1fSV1JHXqjKV8RlGkCNSi4ozPOO8RbAYnBT3d9XSGoX//q
RGJUf3wC/rCxJkN63Moxuy3vxV2TmiqccHOrXJSJ8P/4PpPV/xuBk5k4HS1Nfmew
d9WHHn6bMJE9arVvWAiu9teCadVffuS2cl2cicN4XB6Ui0aDqhG2Exw=
-----END CERTIFICATE-----`
var DummyKey = `-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA4QIFq6xWQbQn1RD4NbUiK/X7klKHrp3W+eeiFK/bjpjh2mCu
69/yON2nMG1SH2npxccFFH/GGpEM04zmuaknyvxMpcsNnswSbTVBKnB8NH/suuvo
yW2WuHJT2rS+ns2jEv7Mlz6bzVPPteo3VXUyc6nQXUhgGTDgnrplFgzXZXwZhz1a
tSTMtLhpjlw6GStiK9P9y1H45PUdsHZtVS6yQJpexdC9BYQRx14BzkhTNosYxn5X
32orkwsYVtc9TU6PV41lEIdojPVHX/sVZySxi2dBDBa9qoobiutOBaeEpTRxBflF
lJ/o9D2KPi28zPaCiXHVQ9FyN+r6596xjxzvbwIDAQABAoIBAFzW+cIA5MJNdFX8
n32BlGzxHPEd7nAFHmuUwJKqkPwAZsg1NleK2qXOByr7IHRnvhZl7Nmtcu8JRHKR
Y63ddtbRTUrnQmJwL3YyEAZTzVvYILRrnGxoNFU8jw7hnvllPdEbow0QvzZ0S3Lz
BgvTxJJm0dt7fnNGcJftrsHvYHy1dptaR4hPv0xV5G7RPrbTl94llKfi745tp5Wd
xGpnjcBXoAnzCVRij1tHfSYubRJ2MJV0kzG3oVdRV2P/zWaout8BlhLCURv4sRUX
7FfCNa/z+G6AlROjCKJUP9YIUbxBEa/aP8YlSiyLRi1jFbMWcnKWQUdqS19m73Ap
a1LJFPECgYEA+Ve5DegcrWnUb2HsHD38HlmEg6S+/jg2P4TsuLZBtvO4/vzRx/qq
pwuuMm2CsvXr4nVmMEsMlSzYdsnaXIlWqyVDCOwIWR5VYT2GDWqQLaIXPlFaISzN
27tHd64KUtR1fMJUwQVK/MUORUbpYoAnSIil2SlYkWUhF024fNP8CxcCgYEA5wP4
HLiqU2rqe7vSAF/8fHwPleTzuCfMCVZm0aegUzQQQtklZoVE/BBwEGHdXflq1veq
pHeC8bNR4BF6ZgeSWgbLVF3msquy47QeNElHA2muJd3qmNWz4LXo1Pxb8KXcnXri
QZ+r3Y8obWTFQYq7gGQGPLXGTV3bhLGIyrT4lWkCgYAgZ2MYSJL5gmhmNT6fCPsr
4oxTI2Ti2uFJ7fdppd3ybcgb8zU8HPpyjRUNXqf+o/EM1B78pbQz6skS3vau0fZe
dZA5p5sKIeQMqBc0xSWJmKgWpDHnX9A8/yCxj/+tdgjytrqW/x4YrW9GV4nbEDaK
uZ98EmB9PLxJMAOKzW3S7wKBgQDD4PCy4b3CR2iVC9dva/P5VXQdo+knX884p6M8
58YgZofXNqnouN2aYRG0QlbiBMcbiRqOo6tK58JnnEpNUuQ8I4Cqg4hGPSHMwv/N
U8i70xLPltABUUpZIcVPOr92WBytBvHrtMiUb3tW7lf3T/vWTHmhZnvDQ+8LH0Ge
pz4T6QKBgQCoBJKOd781IQmT6i5hHSYJlsP6ymaaaQniJPVpnci/jf8+2QtponQY
scgnaBLBasLQ6GfKSRtcyidEi9wwxpVj0tw2p567jeNcIveD0TOYFf0RHEfrs+D4
VdRgai/v2NbFZLDnzeGVuYypXu6R78isJfHtz/a0aEave8yB3CRiDw==
-----END RSA PRIVATE KEY-----`
// To be able to run in parallel
var mockPort = 50000
// Mock Addr
type mockAddr struct {
}
func (m mockAddr) Network() string {
return "localhost:56789"
}
func (m mockAddr) String() string {
return "localhost:56789"
}
// Mock TLS connection
type mockTLSNetConn struct {
bb *bytes.Buffer
err error
}
func (t mockTLSNetConn) Read(p []byte) (int, error) {
r := bytes.NewReader(t.bb.Bytes())
return r.Read(p)
}
func (t mockTLSNetConn) Write(p []byte) (int, error) {
return t.bb.Write(p)
}
func (t mockTLSNetConn) Close() error {
return t.err
}
func (m mockTLSNetConn) LocalAddr() net.Addr {
return mockAddr{}
}
func (m mockTLSNetConn) RemoteAddr() net.Addr {
return mockAddr{}
}
func (m mockTLSNetConn) SetDeadline(t time.Time) error {
return nil
}
func (m mockTLSNetConn) SetReadDeadline(t time.Time) error {
return nil
}
func (m mockTLSNetConn) SetWriteDeadline(t time.Time) error {
return nil
}
type serverAction struct {
action string
data []byte
cb func(s serverAction)
}
const (
readAction = "read"
writeAction = "write"
closeAction = "close"
)
type mockTLSServer struct {
Port int
Server net.Listener
ConnectionActionGroups [][]serverAction
}
func (m *mockTLSServer) portStr() string {
if m.Port == 0 {
mockPort = mockPort + 1
m.Port = mockPort
}
return fmt.Sprint(m.Port)
}
func (m *mockTLSServer) Address() string {
return "localhost:" + m.portStr()
}
func (m *mockTLSServer) start() {
cert, err := tls.X509KeyPair([]byte(DummyCert), []byte(DummyKey))
if err != nil {
log.Panic(err)
}
config := tls.Config{Certificates: []tls.Certificate{cert}, ClientAuth: tls.RequireAnyClientCert}
m.Server, err = tls.Listen("tcp", "localhost:"+m.portStr(), &config)
go func() {
for i := 0; i < len(m.ConnectionActionGroups); i++ {
g := m.ConnectionActionGroups[i]
// Wait for a connection.
conn, err := m.Server.Accept()
if err != nil {
if strings.Contains(err.Error(), "use of closed network connection") {
return
} else {
log.Fatal(err)
}
}
// Handle the connection in a new goroutine.
// The loop then returns to accepting, so that
// multiple connections may be served concurrently.
go func(c net.Conn) {
for j := 0; j < len(g); j++ {
a := g[j]
switch a.action {
case readAction:
c.Read(a.data)
case writeAction:
c.Write(a.data)
case closeAction:
c.Close()
if a.cb != nil {
a.cb(a)
}
return
}
if a.cb != nil {
a.cb(a)
}
}
}(conn)
}
// No more connection action groups
}()
}
func (m *mockTLSServer) stop() {
if m.Server != nil {
m.Server.Close()
}
}
var withMockServer = func(as [][]serverAction, cb func(s *mockTLSServer)) {
d := make(chan interface{})
withMockServerAsync(as, d, func(s *mockTLSServer) {
cb(s)
close(d)
})
}
var withMockServerAsync = func(as [][]serverAction, d chan interface{}, cb func(s *mockTLSServer)) {
s := &mockTLSServer{}
s.ConnectionActionGroups = as
s.start()
cb(s)
<-d
s.stop()
}
// Tests
var _ = Describe("Conn", func() {
Describe(".NewConn", func() {
Context("bad key/cert pair", func() {
It("should return an error", func() {
_, err := apns.NewConn(apns.SandboxGateway, "missing", "missing")
Expect(err).NotTo(BeNil())
})
})
Context("valid key/cert pair", func() {
It("should not return an error", func() {
_, err := apns.NewConn(apns.SandboxGateway, DummyCert, DummyKey)
Expect(err).To(BeNil())
})
})
})
Describe(".NewConnWithFiles", func() {
Context("missing files", func() {
It("should return an error", func() {
_, err := apns.NewConnWithFiles(apns.SandboxGateway, "missing.pem", "missing.pem")
Expect(err).NotTo(BeNil())
})
})
Context("with valid cert/key pair", func() {
var certFile, keyFile *os.File
var err error
BeforeEach(func() {
certFile, _ = ioutil.TempFile("", "cert.pem")
certFile.Write([]byte(DummyCert))
certFile.Close()
keyFile, _ = ioutil.TempFile("", "key.pem")
keyFile.Write([]byte(DummyKey))
keyFile.Close()
})
AfterEach(func() {
if certFile != nil {
os.Remove(certFile.Name())
}
if keyFile != nil {
os.Remove(keyFile.Name())
}
})
It("should returning a connection", func() {
_, err = apns.NewConnWithFiles(apns.SandboxGateway, certFile.Name(), keyFile.Name())
Expect(err).To(BeNil())
})
})
})
Describe("#Connect()", func() {
Context("server not up", func() {
conn, _ := apns.NewConnWithFiles(apns.SandboxGateway, "missing.pem", "missing.pem")
It("should return an error", func() {
err := conn.Connect()
Expect(err).NotTo(BeNil())
})
})
Context("server up", func() {
as := [][]serverAction{[]serverAction{serverAction{action: readAction, data: []byte{}}}}
Context("with untrusted certs", func() {
It("should return an error", func(d Done) {
withMockServer(as, func(s *mockTLSServer) {
conn, _ := apns.NewConn(s.Address(), DummyCert, DummyKey)
err := conn.Connect()
Expect(err).NotTo(BeNil())
close(d)
})
})
})
Context("trusting the certs", func() {
It("should not return an error", func(d Done) {
withMockServer(as, func(s *mockTLSServer) {
conn, _ := apns.NewConn(s.Address(), DummyCert, DummyKey)
conn.Conf.InsecureSkipVerify = true
err := conn.Connect()
Expect(err).To(BeNil())
close(d)
})
})
})
Context("with existing connection", func() {
It("should not return an error", func(d Done) {
as = [][]serverAction{
[]serverAction{serverAction{action: readAction, data: []byte{}}},
[]serverAction{serverAction{action: readAction, data: []byte{}}},
}
withMockServer(as, func(s *mockTLSServer) {
conn, _ := apns.NewConn(s.Address(), DummyCert, DummyKey)
conn.Conf.InsecureSkipVerify = true
conn.Connect()
err := conn.Connect()
Expect(err).To(BeNil())
close(d)
})
})
})
})
})
Describe("#Read", func() {
rwc := mockTLSNetConn{bb: bytes.NewBuffer([]byte("hello!"))}
pp := make([]byte, 6)
bytes.NewReader(rwc.bb.Bytes()).Read(pp)
conn, _ := apns.NewConn(apns.ProductionGateway, DummyCert, DummyKey)
conn.NetConn = rwc
It("should read out 'hello!'", func() {
p := make([]byte, 6)
conn.Read(p)
Expect(p).To(Equal([]byte("hello!")))
})
})
Describe("#Write", func() {
rwc := mockTLSNetConn{bb: bytes.NewBuffer([]byte{})}
conn, _ := apns.NewConn(apns.ProductionGateway, DummyCert, DummyKey)
conn.NetConn = rwc
It("should write out 'world!'", func() {
conn.Write([]byte("world!"))
Expect(rwc.bb.String()).To(Equal("world!"))
})
})
Describe("#Close", func() {
Context("with connection", func() {
Context("no error", func() {
rwc := mockTLSNetConn{bb: bytes.NewBuffer([]byte{})}
conn, _ := apns.NewConn(apns.ProductionGateway, DummyCert, DummyKey)
conn.NetConn = rwc
It("should return no error", func() {
Expect(rwc.Close()).To(BeNil())
})
})
Context("with error", func() {
rwc := mockTLSNetConn{bb: bytes.NewBuffer([]byte{})}
conn, _ := apns.NewConn(apns.ProductionGateway, DummyCert, DummyKey)
conn.NetConn = rwc
rwc.err = io.EOF
It("should return that error", func() {
Expect(rwc.Close()).To(Equal(io.EOF))
})
})
})
Context("without connection", func() {
c, _ := apns.NewConn(apns.ProductionGateway, DummyCert, DummyKey)
It("should not return an error", func() {
Expect(c.Close()).To(BeNil())
})
})
})
})