factor/basis/io/unix/sockets/secure/secure-tests.factor

IN: io.sockets.secure.tests
USING: accessors kernel namespaces io io.sockets
io.sockets.secure io.encodings.ascii io.streams.duplex
io.unix.backend classes words destructors threads tools.test
concurrency.promises byte-arrays locals calendar io.timeouts ;

\ <secure-config> must-infer
{ 1 0 } [ [ ] with-secure-context ] must-infer-as

[ ] [ <promise> "port" set ] unit-test

: with-test-context ( quot -- )
    <secure-config>
        "resource:basis/openssl/test/server.pem" >>key-file
        "resource:basis/openssl/test/dh1024.pem" >>dh-file
        "password" >>password
    swap with-secure-context ; inline

:: server-test ( quot -- )
    [
        [
            "127.0.0.1" 0 <inet4> <secure> ascii <server> [
                dup addr>> addrspec>> port>> "port" get fulfill
                accept [
                    quot call
                ] curry with-stream
            ] with-disposal
        ] with-test-context
    ] "SSL server test" spawn drop ;

: client-test ( -- string )
    <secure-config> [
        "127.0.0.1" "port" get ?promise <inet4> <secure> ascii <client> drop contents
    ] with-secure-context ;

[ ] [ [ class name>> write ] server-test ] unit-test

[ "secure" ] [ client-test ] unit-test

! Now, see what happens if the server closes the connection prematurely
[ ] [ <promise> "port" set ] unit-test

[ ] [
    [
        drop
        "hello" write flush
        input-stream get stream>> handle>> f >>connected drop
    ] server-test
] unit-test

[ client-test ] [ premature-close? ] must-fail-with

! Now, try validating the certificate. This should fail because its
! actually an invalid certificate
[ ] [ <promise> "port" set ] unit-test

[ ] [ [ drop "hi" write ] server-test ] unit-test

[
    <secure-config> [
        "localhost" "port" get ?promise <inet> <secure> ascii
        <client> drop dispose
    ] with-secure-context
] [ certificate-verify-error? ] must-fail-with

! Client-side handshake timeout
[ ] [ <promise> "port" set ] unit-test

[ ] [
    [
        "127.0.0.1" 0 <inet4> ascii <server> [
            dup addr>> port>> "port" get fulfill
            accept drop 1 minutes sleep dispose
        ] with-disposal
    ] "Silly server" spawn drop
] unit-test

[
    1 seconds secure-socket-timeout [
        client-test
    ] with-variable
] [ io-timeout? ] must-fail-with

! Server-side handshake timeout
[ ] [ <promise> "port" set ] unit-test

[ ] [
    [
        "127.0.0.1" "port" get ?promise
        <inet4> ascii <client> drop 1 minutes sleep dispose
    ] "Silly client" spawn drop
] unit-test

[
    1 seconds secure-socket-timeout [
        [
            "127.0.0.1" 0 <inet4> <secure> ascii <server> [
                dup addr>> addrspec>> port>> "port" get fulfill
                accept drop dup stream-read1 drop dispose
            ] with-disposal
        ] with-test-context
    ] with-variable
] [ io-timeout? ] must-fail-with

! Client socket shutdown timeout

! Until I sort out two-stage handshaking, I can't do much here
[
    [ ] [ <promise> "port" set ] unit-test
    
    [ ] [
        [
            [
                "127.0.0.1" 0 <inet4> <secure> ascii <server> [
                    dup addr>> addrspec>> port>> "port" get fulfill
                    accept drop 1 minutes sleep dispose
                ] with-disposal
            ] with-test-context
        ] "Silly server" spawn drop
    ] unit-test
    
    [
        1 seconds secure-socket-timeout [
            <secure-config> [
                "127.0.0.1" "port" get ?promise <inet4> <secure>
                ascii <client> drop dispose
            ] with-secure-context
        ] with-variable
    ] [ io-timeout? ] must-fail-with
    
    ! Server socket shutdown timeout
    [ ] [ <promise> "port" set ] unit-test
    
    [ ] [
        [
            [
                "127.0.0.1" "port" get ?promise
                <inet4> <secure> ascii <client> drop 1 minutes sleep dispose
            ] with-test-context
        ] "Silly client" spawn drop
    ] unit-test
    
    [
        1 seconds secure-socket-timeout [
            [
                "127.0.0.1" 0 <inet4> <secure> ascii <server> [
                    dup addr>> addrspec>> port>> "port" get fulfill
                    accept drop dispose
                ] with-disposal
            ] with-test-context
        ] with-variable
    ] [ io-timeout? ] must-fail-with
] drop
Fix SSL shutdown 2008-05-17 18:45:56 -04:00			`IN: io.sockets.secure.tests`
			`USING: accessors kernel namespaces io io.sockets`
			`io.sockets.secure io.encodings.ascii io.streams.duplex`
Fix SSL timeout support and clean up some timeout code 2008-05-21 02:36:30 -04:00			`io.unix.backend classes words destructors threads tools.test`
			`concurrency.promises byte-arrays locals calendar io.timeouts ;`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00
			`\ <secure-config> must-infer`
			`{ 1 0 } [ [ ] with-secure-context ] must-infer-as`

			`[ ] [ <promise> "port" set ] unit-test`

SSL session resumption 2008-06-15 23:49:54 -04:00			`: with-test-context ( quot -- )`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`<secure-config>`
Create basis vocab root 2008-07-28 23:03:13 -04:00			`"resource:basis/openssl/test/server.pem" >>key-file`
			`"resource:basis/openssl/test/dh1024.pem" >>dh-file`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`"password" >>password`
Add a unit test 2008-06-17 01:10:18 -04:00			`swap with-secure-context ; inline`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00
			`:: server-test ( quot -- )`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00			`[`
			`[`
			`"127.0.0.1" 0 <inet4> <secure> ascii <server> [`
			`dup addr>> addrspec>> port>> "port" get fulfill`
			`accept [`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`quot call`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00			`] curry with-stream`
			`] with-disposal`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`] with-test-context`
			`] "SSL server test" spawn drop ;`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00
SSL session resumption 2008-06-15 23:49:54 -04:00			`: client-test ( -- string )`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00			`<secure-config> [`
			`"127.0.0.1" "port" get ?promise <inet4> <secure> ascii <client> drop contents`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`] with-secure-context ;`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00
Builtinn types now use new slot accessors; tuple slot type declaration work in progress 2008-06-28 03:36:20 -04:00			`[ ] [ [ class name>> write ] server-test ] unit-test`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`[ "secure" ] [ client-test ] unit-test`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`! Now, see what happens if the server closes the connection prematurely`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00			`[ ] [ <promise> "port" set ] unit-test`

			`[ ] [`
			`[`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`drop`
			`"hello" write flush`
Server certificate verification, lazy handshake for accept 2008-05-22 01:29:19 -04:00			`input-stream get stream>> handle>> f >>connected drop`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`] server-test`
Fix SSL shutdown 2008-05-17 18:45:56 -04:00			`] unit-test`

Fix potential DoS attack 2008-05-19 21:43:28 -04:00			`[ client-test ] [ premature-close? ] must-fail-with`

			`! Now, try validating the certificate. This should fail because its`
			`! actually an invalid certificate`
			`[ ] [ <promise> "port" set ] unit-test`

Server certificate verification, lazy handshake for accept 2008-05-22 01:29:19 -04:00			`[ ] [ [ drop "hi" write ] server-test ] unit-test`
Fix potential DoS attack 2008-05-19 21:43:28 -04:00
Fix SSL shutdown 2008-05-17 18:45:56 -04:00			`[`
			`<secure-config> [`
			`"localhost" "port" get ?promise <inet> <secure> ascii`
			`<client> drop dispose`
			`] with-secure-context`
			`] [ certificate-verify-error? ] must-fail-with`
Fix SSL timeout support and clean up some timeout code 2008-05-21 02:36:30 -04:00
			`! Client-side handshake timeout`
			`[ ] [ <promise> "port" set ] unit-test`

			`[ ] [`
			`[`
			`"127.0.0.1" 0 <inet4> ascii <server> [`
			`dup addr>> port>> "port" get fulfill`
			`accept drop 1 minutes sleep dispose`
			`] with-disposal`
			`] "Silly server" spawn drop`
			`] unit-test`

			`[`
			`1 seconds secure-socket-timeout [`
			`client-test`
			`] with-variable`
			`] [ io-timeout? ] must-fail-with`

			`! Server-side handshake timeout`
			`[ ] [ <promise> "port" set ] unit-test`

			`[ ] [`
			`[`
			`"127.0.0.1" "port" get ?promise`
			`<inet4> ascii <client> drop 1 minutes sleep dispose`
			`] "Silly client" spawn drop`
			`] unit-test`

			`[`
			`1 seconds secure-socket-timeout [`
			`[`
			`"127.0.0.1" 0 <inet4> <secure> ascii <server> [`
			`dup addr>> addrspec>> port>> "port" get fulfill`
Server certificate verification, lazy handshake for accept 2008-05-22 01:29:19 -04:00			`accept drop dup stream-read1 drop dispose`
Fix SSL timeout support and clean up some timeout code 2008-05-21 02:36:30 -04:00			`] with-disposal`
			`] with-test-context`
			`] with-variable`
			`] [ io-timeout? ] must-fail-with`

			`! Client socket shutdown timeout`

Server certificate verification, lazy handshake for accept 2008-05-22 01:29:19 -04:00			`! Until I sort out two-stage handshaking, I can't do much here`
Fix SSL timeout support and clean up some timeout code 2008-05-21 02:36:30 -04:00			`[`
Server certificate verification, lazy handshake for accept 2008-05-22 01:29:19 -04:00			`[ ] [ <promise> "port" set ] unit-test`

			`[ ] [`
Fix SSL timeout support and clean up some timeout code 2008-05-21 02:36:30 -04:00			`[`
Server certificate verification, lazy handshake for accept 2008-05-22 01:29:19 -04:00			`[`
			`"127.0.0.1" 0 <inet4> <secure> ascii <server> [`
			`dup addr>> addrspec>> port>> "port" get fulfill`
			`accept drop 1 minutes sleep dispose`
			`] with-disposal`
			`] with-test-context`
			`] "Silly server" spawn drop`
			`] unit-test`

			`[`
			`1 seconds secure-socket-timeout [`
			`<secure-config> [`
			`"127.0.0.1" "port" get ?promise <inet4> <secure>`
			`ascii <client> drop dispose`
			`] with-secure-context`
			`] with-variable`
			`] [ io-timeout? ] must-fail-with`

			`! Server socket shutdown timeout`
			`[ ] [ <promise> "port" set ] unit-test`

			`[ ] [`
SSL context is now implicit 2008-05-21 16:54:27 -04:00			`[`
Server certificate verification, lazy handshake for accept 2008-05-22 01:29:19 -04:00			`[`
			`"127.0.0.1" "port" get ?promise`
			`<inet4> <secure> ascii <client> drop 1 minutes sleep dispose`
			`] with-test-context`
			`] "Silly client" spawn drop`
			`] unit-test`

			`[`
			`1 seconds secure-socket-timeout [`
			`[`
			`"127.0.0.1" 0 <inet4> <secure> ascii <server> [`
			`dup addr>> addrspec>> port>> "port" get fulfill`
			`accept drop dispose`
			`] with-disposal`
			`] with-test-context`
			`] with-variable`
			`] [ io-timeout? ] must-fail-with`
			`] drop`