From 371ce52aca4e57f27e8a16c38e88f818ec420d89 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Wed, 26 Jun 2024 16:52:16 +0200 Subject: fix tests after breaking change how we start obfsvpn in conjunction with openvpn, switching for socks proxying to transparent proxying --- .../bitmaskclient/base/models/ProviderTest.java | 14 ---------- .../bitmaskclient/eip/GatewaysManagerTest.java | 17 ++++++++++++ .../bitmaskclient/eip/ProviderApiManagerTest.java | 4 +-- .../eip/VpnCertificateValidatorTest.java | 4 +-- .../bitmaskclient/eip/VpnConfigGeneratorTest.java | 30 ++++++++-------------- .../NoErrorBackendResponseAPIv4.java | 2 +- .../TorFallbackBackendResponse.java | 2 +- 7 files changed, 34 insertions(+), 39 deletions(-) (limited to 'app/src/test/java/se/leap/bitmaskclient') diff --git a/app/src/test/java/se/leap/bitmaskclient/base/models/ProviderTest.java b/app/src/test/java/se/leap/bitmaskclient/base/models/ProviderTest.java index 4fcc6bac..ee6cd30f 100644 --- a/app/src/test/java/se/leap/bitmaskclient/base/models/ProviderTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/base/models/ProviderTest.java @@ -117,20 +117,6 @@ public class ProviderTest { assertTrue(p1.supportsExperimentalPluggableTransports()); } - @Test - public void testSupportsPluggableTransports_Obfs4Kcp_noObsvpn_returnsFalse() throws Exception { - Provider p1 = TestSetupHelper.getProvider( - "https://pt.demo.bitmask.net", - null, - null, - null, - null, - null, - "ptdemo_only_experimental_transports_gateways.json", - null); - assertFalse(p1.supportsPluggableTransports()); - } - @Test public void testSupportsPluggableTransports_Obfs4Kcp_obsvpn_returnsTrue() throws Exception { BuildConfigHelper helper = MockHelper.mockBuildConfigHelper(true); diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java index d66fedbe..9286a787 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java @@ -3,6 +3,7 @@ package se.leap.bitmaskclient.eip; import static junit.framework.Assert.assertEquals; import static junit.framework.Assert.assertNull; import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4; import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN; @@ -23,6 +24,7 @@ import org.json.JSONException; import org.json.JSONObject; import org.junit.Before; import org.junit.Test; +import org.junit.function.ThrowingRunnable; import org.mockito.Answers; import org.mockito.Mock; @@ -119,6 +121,21 @@ public class GatewaysManagerTest { assertEquals(0, gatewaysManager.getPosition(profile)); } + @Test + public void TestGetPosition_IncompatibleProviderBridges_returnParseError() throws JSONException, ConfigParser.ConfigParseError, IOException { + Provider provider = getProvider(null, null, null, null, null, null, "ptdemo.bitmask.eip-service.json", null); + JSONObject eipServiceJson = provider.getEipServiceJson(); + JSONObject gateway1 = eipServiceJson.getJSONArray(GATEWAYS).getJSONObject(0); + providerObservable.updateProvider(provider); + GatewaysManager gatewaysManager = new GatewaysManager(mockContext); + + VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration(); + configuration.apiVersion = 3; + configuration.remoteGatewayIP = "37.218.247.60"; + VpnConfigGenerator configGenerator = new VpnConfigGenerator(provider.getDefinition(), secrets, gateway1, configuration); + assertThrows(ConfigParser.ConfigParseError.class, () -> configGenerator.createProfile(OBFS4)); + } + @Test public void TestGetPosition_VpnProfileExistingObfs4FromPresortedList_returnsPositionOne() throws JSONException, ConfigParser.ConfigParseError, IOException { Provider provider = getProvider(null, null, null, null, null, null, "ptdemo_three_mixed_gateways.json", "ptdemo_three_mixed_gateways.geoip.json"); diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java index e78db39c..b8c6d0c9 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java @@ -172,7 +172,7 @@ public class ProviderApiManagerTest { mockContext = mockContext(); mockResources = mockResources(getClass().getClassLoader().getResourceAsStream("error_messages.json")); HandlerProvider handlerProvider = new HandlerProvider((r, delay) -> new Thread(r).start()); - BuildConfigHelper buildConfigHelper = mockBuildConfigHelper(true, true); + BuildConfigHelper buildConfigHelper = mockBuildConfigHelper(true); TorStatusObservable torStatusObservable = TorStatusObservable.getInstance(); TorStatusObservable.setProxyPort(-1); TorStatusObservable.setLastError(null); @@ -461,7 +461,7 @@ public class ProviderApiManagerTest { ProviderApiConnector mockedApiConnector = mockProviderApiConnector(ERROR_CASE_MICONFIGURED_PROVIDER); CertificateHelper certHelper = mockCertificateHelper("a5244308a1374709a9afce95e3ae47c1b44bc2398c0a70ccbf8b3a8a97f29494"); - BuildConfigHelper buildConfigHelper = mockBuildConfigHelper(true, false); + BuildConfigHelper buildConfigHelper = mockBuildConfigHelper(false); providerApiManager = new ProviderApiManager(mockResources, mockClientGenerator(), new TestProviderApiServiceCallback()); diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java index a951f144..09e831dd 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java @@ -25,7 +25,7 @@ public class VpnCertificateValidatorTest { @Test public void test_isValid() throws NoSuchAlgorithmException, CertificateEncodingException, IOException { String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup.net.pem")); - Calendar c = new Calendar.Builder().setDate(2018, 1, 1).setCalendarType("gregorian").build(); + Calendar c = new Calendar.Builder().setDate(2024, 11, 2).setCalendarType("gregorian").build(); CertificateHelper helper = mockCertificateHelper("falseFingerPrint"); VpnCertificateValidator validator = new VpnCertificateValidator(cert); validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis())); @@ -35,7 +35,7 @@ public class VpnCertificateValidatorTest { @Test public void test_isValid_lessThan1day_returnFalse() throws NoSuchAlgorithmException, CertificateEncodingException, IOException { String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup.net.pem")); - Calendar c = new Calendar.Builder().setDate(2024, 3, 28).setCalendarType("gregorian").build(); + Calendar c = new Calendar.Builder().setDate(2026, 11, 2).setCalendarType("gregorian").build(); CertificateHelper helper = mockCertificateHelper("falseFingerPrint"); VpnCertificateValidator validator = new VpnCertificateValidator(cert); validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis())); diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java index b17a51cf..7581a395 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java @@ -255,7 +255,7 @@ public class VpnConfigGeneratorTest { "connect-retry 2 300\n" + "resolv-retry 60\n" + "dev tun\n" + - "remote 127.0.0.1 4430 tcp-client\n" + + "remote 127.0.0.1 8080 udp\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRgwFgYDVQQDDA9CaXRt\n" + @@ -351,7 +351,7 @@ public class VpnConfigGeneratorTest { "connect-retry 2 300\n" + "resolv-retry 60\n" + "dev tun\n" + - "remote 37.218.247.60 23049 tcp-client\n" + + "remote 127.0.0.1 8080 udp\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRgwFgYDVQQDDA9CaXRt\n" + @@ -1217,7 +1217,6 @@ public class VpnConfigGeneratorTest { "management-external-key nopadding pkcs1 pss digest\n" + //"# crl-verify file missing in config profile\n" + "route 192.81.208.164 255.255.255.255 net_gateway\n"+ - "tun-mtu 48000\n"+ "nobind\n"+ "remote-cert-tls server\n" + "data-ciphers AES-256-GCM\n" + @@ -1233,12 +1232,10 @@ public class VpnConfigGeneratorTest { "# You are on your on own here :)\n" + "# These options found in the config file do not map to config settings:\n" + "keepalive 10 30 \n" + - "replay-window 65535 \n" + + "tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \n" + "sndbuf 0 \n" + "rcvbuf 0 \n" + - "tls-version-min 1.2 \n" + - "ping-restart 300 \n" + - "tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \n"; + "tls-version-min 1.2 \n"; String expectedVPNConfig_hopping_pt_portAndIpHopping = "# Config for OpenVPN 2.x\n" + "# Enables connection to GUI\n" + @@ -1323,7 +1320,6 @@ public class VpnConfigGeneratorTest { "route 192.81.208.164 255.255.255.255 net_gateway\n"+ "route 192.81.208.165 255.255.255.255 net_gateway\n"+ "route 192.81.208.166 255.255.255.255 net_gateway\n"+ - "tun-mtu 48000\n"+ "nobind\n"+ "remote-cert-tls server\n" + "data-ciphers AES-256-GCM\n" + @@ -1339,9 +1335,6 @@ public class VpnConfigGeneratorTest { "# You are on your on own here :)\n" + "# These options found in the config file do not map to config settings:\n" + "keepalive 10 30 \n" + - "replay-window 65535 \n" + - "sndbuf 0 \n" + - "rcvbuf 0 \n" + "tls-version-min 1.2 \n" + "ping-restart 300 \n" + "tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \n"; @@ -1408,7 +1401,7 @@ public class VpnConfigGeneratorTest { @Test public void testGenerateVpnProfile_v3_obfs4() throws Exception { BuildConfigHelper buildConfigHelper = MockHelper.mockBuildConfigHelper(false); - gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo.bitmask.eip-service.json"))).getJSONArray("gateways").getJSONObject(0); + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo.bitmask.eip-service-obfsvpn1.0.0.json"))).getJSONArray("gateways").getJSONObject(0); VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration(); configuration.apiVersion = 3; vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration); @@ -1422,7 +1415,7 @@ public class VpnConfigGeneratorTest { @Test public void testGenerateVpnProfile_v3_obfs4_obfsvpn() throws Exception { BuildConfigHelper buildConfigHelper = MockHelper.mockBuildConfigHelper(true); - gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo.bitmask.eip-service.json"))).getJSONArray("gateways").getJSONObject(0); + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo.bitmask.eip-service-obfsvpn1.0.0.json"))).getJSONArray("gateways").getJSONObject(0); VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration(); configuration.apiVersion = 3; vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration); @@ -1557,12 +1550,12 @@ public class VpnConfigGeneratorTest { } /** - * obfs4 cannot be used with UDP, openvpn needs to support TCP + * obfs4 cannot be used with UDP (only TCP or KCP), openvpn needs to support UDP */ @Test - public void testGenerateVpnProfile_v3_obfs4TCP_openvpnUDP_skip() throws Exception { - gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_misconfigured_udp2.json"))).getJSONArray("gateways").getJSONObject(0); - generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_misconfigured_udp2.json"))).getJSONObject(OPENVPN_CONFIGURATION); + public void testGenerateVpnProfile_v3_obfs4TCP_openvpnTCP_skip() throws Exception { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_misconfigured_tcp2.json"))).getJSONArray("gateways").getJSONObject(0); + generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_misconfigured_tcp2.json"))).getJSONObject(OPENVPN_CONFIGURATION); VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration(); configuration.apiVersion = 3; vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration); @@ -1582,7 +1575,6 @@ public class VpnConfigGeneratorTest { assertTrue(vpnProfiles.containsKey(OBFS4)); assertTrue(vpnProfiles.containsKey(OPENVPN)); assertEquals(1, vpnProfiles.get(OBFS4).mConnections.length); - assertFalse(vpnProfiles.get(OBFS4).mConnections[0].isUseUdp()); } @Test @@ -1675,7 +1667,7 @@ public class VpnConfigGeneratorTest { HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); assertFalse("has openvpn profile", vpnProfiles.containsKey(OPENVPN)); assertTrue("has obfs4 profile", vpnProfiles.containsKey(OBFS4)); - assertTrue("bridge is pinned one", vpnProfiles.get(OBFS4).getTransportType() == OBFS4 && !vpnProfiles.get(OBFS4).mConnections[0].isUseUdp() ); + assertTrue("bridge is pinned one", vpnProfiles.get(OBFS4).getTransportType() == OBFS4 && vpnProfiles.get(OBFS4).mConnections[0].isUseUdp()); assertTrue("bridge is running TCP", ((Obfs4Connection) vpnProfiles.get(OBFS4).mConnections[0]).getObfs4Options().transport.getProtocols()[0].equals("tcp")); } diff --git a/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/NoErrorBackendResponseAPIv4.java b/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/NoErrorBackendResponseAPIv4.java index bbbed821..dfdae967 100644 --- a/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/NoErrorBackendResponseAPIv4.java +++ b/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/NoErrorBackendResponseAPIv4.java @@ -59,7 +59,7 @@ public class NoErrorBackendResponseAPIv4 implements ProviderApiConnector.Provide return getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup.geoip.json")); } else if (url.contains("/cert")) { // download vpn key and cert - return getInputAsString(getClass().getClassLoader().getResourceAsStream("v4/riseup.net.cert")); + return getInputAsString(getClass().getClassLoader().getResourceAsStream("v4/generictest.cert")); } return null; diff --git a/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/TorFallbackBackendResponse.java b/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/TorFallbackBackendResponse.java index 45dd36e4..76f6bea4 100644 --- a/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/TorFallbackBackendResponse.java +++ b/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/TorFallbackBackendResponse.java @@ -73,7 +73,7 @@ public class TorFallbackBackendResponse implements ProviderApiConnector.Provider throw new UnknownHostException("DNS blocked by censor ;)"); } // download vpn certificate for authentication - return getInputAsString(getClass().getClassLoader().getResourceAsStream("v4/riseup.net.cert")); + return getInputAsString(getClass().getClassLoader().getResourceAsStream("v4/generictest.cert")); } return null; -- cgit v1.2.3