From 05fe7f44a899288a8a69b9a46793513b87f8d228 Mon Sep 17 00:00:00 2001 From: kali Date: Tue, 26 Mar 2013 02:55:55 +0900 Subject: workaround for srp server timing out on consecutive runs --- src/leap/crypto/tests/test_srpregister.py | 107 ++++++++++++++++++++++++------ 1 file changed, 86 insertions(+), 21 deletions(-) (limited to 'src/leap/crypto/tests/test_srpregister.py') diff --git a/src/leap/crypto/tests/test_srpregister.py b/src/leap/crypto/tests/test_srpregister.py index b065958d..a59f71cb 100644 --- a/src/leap/crypto/tests/test_srpregister.py +++ b/src/leap/crypto/tests/test_srpregister.py @@ -15,7 +15,9 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . """ -Tests for leap/crypto/srpregister.py +Tests for: + * leap/crypto/srpregister.py + * leap/crypto/srpauth.py """ try: import unittest @@ -30,7 +32,7 @@ from twisted.python import log from leap.common.testing.https_server import where from leap.config.providerconfig import ProviderConfig -from leap.crypto import srpregister +from leap.crypto import srpregister, srpauth from leap.crypto.tests import fake_provider log.startLogging(sys.stdout) @@ -48,11 +50,11 @@ class ImproperlyConfiguredError(Exception): """ -class SRPRegisterTestCase(unittest.TestCase): +class SRPTestCase(unittest.TestCase): """ - Tests for the SRP Register class + Tests for the SRP Register and Auth classes """ - __name__ = "SRPRegister tests" + __name__ = "SRPRegister and SRPAuth tests" @classmethod def setUpClass(cls): @@ -60,30 +62,39 @@ class SRPRegisterTestCase(unittest.TestCase): Sets up this TestCase with a simple and faked provider instance: * runs a threaded reactor + * loads a mocked ProviderConfig that points to the certs in the + leap.common.testing module. """ factory = fake_provider.get_provider_factory() - reactor.listenTCP(8000, factory) - reactor.listenSSL( - 8443, factory, + http = reactor.listenTCP(8001, factory) + https = reactor.listenSSL( + 0, factory, fake_provider.OpenSSLServerContextFactory()) - threaded_reactor() - - def setUp(self): - """ - Sets up common parameters for each test: + get_port = lambda p: p.getHost().port + cls.http_port = get_port(http) + cls.https_port = get_port(https) - * loads a mocked ProviderConfig that points to the certs in the - leap.common.testing module. - """ provider = ProviderConfig() provider.get_ca_cert_path = MagicMock() provider.get_ca_cert_path.return_value = _get_capath() + + provider.get_api_uri = MagicMock() + provider.get_api_uri.return_value = cls._get_https_uri() + loaded = provider.load(path=os.path.join( _here, "test_provider.json")) if not loaded: raise ImproperlyConfiguredError( "Could not load test provider config") - self.register = srpregister.SRPRegister(provider_config=provider) + cls.register = srpregister.SRPRegister(provider_config=provider) + + cls.auth = srpauth.SRPAuth(provider) + cls._auth_instance = cls.auth.__dict__['_SRPAuth__instance'] + cls.authenticate = cls._auth_instance.authenticate + cls.logout = cls._auth_instance.logout + + # run! + threaded_reactor() @classmethod def tearDownClass(cls): @@ -92,6 +103,17 @@ class SRPRegisterTestCase(unittest.TestCase): """ stop_reactor() + # helper methods + + @classmethod + def _get_https_uri(cls): + """ + Returns a https uri with the right https port initialized + """ + return "https://localhost:%s" % (cls.https_port,) + + # Register tests + def test_register_user(self): """ Checks if the registration of an unused name works as expected when @@ -109,15 +131,13 @@ class SRPRegisterTestCase(unittest.TestCase): # FIXME currently we are catching this in an upper layer, # we could bring the error validation to the SRPRegister class ok = self.register.register_user("foouser_second", "barpass") - # XXX - #self.assertFalse(ok) def test_correct_http_uri(self): """ Checks that registration autocorrect http uris to https ones. """ - HTTP_URI = "http://localhost:8443" - HTTPS_URI = "https://localhost:8443/1/users" + HTTP_URI = "http://localhost:%s" % (self.https_port, ) + HTTPS_URI = "https://localhost:%s/1/users" % (self.https_port, ) provider = ProviderConfig() provider.get_ca_cert_path = MagicMock() provider.get_ca_cert_path.return_value = _get_capath() @@ -130,6 +150,7 @@ class SRPRegisterTestCase(unittest.TestCase): if not loaded: raise ImproperlyConfiguredError( "Could not load test provider config") + self.register = srpregister.SRPRegister(provider_config=provider) # ... and we check that we're correctly taking the HTTPS protocol @@ -140,3 +161,47 @@ class SRPRegisterTestCase(unittest.TestCase): self.assertTrue(ok) # XXX need to assert that _get_registration_uri was called too + + # Auth tests + + def test_auth(self): + """ + Checks whether a pair of valid credentials is able to be authenticated. + """ + TEST_USER = "register_test_auth" + TEST_PASS = "pass" + + # pristine registration, should go well + ok = self.register.register_user(TEST_USER, TEST_PASS) + self.assertTrue(ok) + + self.authenticate(TEST_USER, TEST_PASS) + with self.assertRaises(AssertionError): + # AssertionError: already logged in + # We probably could take this as its own exception + self.authenticate(TEST_USER, TEST_PASS) + + self.logout() + + # cannot log out two times in a row (there's no session) + with self.assertRaises(AssertionError): + self.logout() + + def test_auth_with_bad_credentials(self): + """ + Checks that auth does not succeed with bad credentials. + """ + TEST_USER = "register_test_auth" + TEST_PASS = "pass" + + # non-existent credentials, should fail + with self.assertRaises(srpauth.SRPAuthenticationError): + self.authenticate("baduser_1", "passwrong") + + # good user, bad password, should fail + with self.assertRaises(srpauth.SRPAuthenticationError): + self.authenticate(TEST_USER, "passwrong") + + # bad user, good password, should fail too :) + with self.assertRaises(srpauth.SRPAuthenticationError): + self.authenticate("myunclejoe", TEST_PASS) -- cgit v1.2.3