1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
// +build go1.6
package xmpp
import (
"crypto/tls"
"io"
. "gopkg.in/check.v1"
"github.com/twstrike/coyim/xmpp/data"
)
func (s *ConnectionXmppSuite) Test_Dial_failsWhenStartingAHandshake(c *C) {
rw := &mockConnIOReaderWriter{read: []byte(
"<?xml version='1.0'?>" +
"<str:stream xmlns:str='http://etherx.jabber.org/streams' version='1.0'>" +
"<str:features>" +
"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>" +
"</starttls>" +
"<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>" +
"<mechanism>PLAIN</mechanism>" +
"</mechanisms>" +
"</str:features>" +
"<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>",
)}
conn := &fullMockedConn{rw: rw}
var tlsC tls.Config
tlsC.Rand = fixedRand([]string{"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"})
d := &dialer{
JID: "user@domain",
password: "pass",
config: data.Config{
TLSConfig: &tlsC,
},
}
_, err := d.setupStream(conn)
c.Assert(err, Equals, io.EOF)
c.Assert(string(rw.write), Equals, ""+
"<?xml version='1.0'?><stream:stream to='domain' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n"+
"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\x16\x03\x01\x00\x8e\x01\x00\x00\x8a\x03\x03\x00\x01\x02\x03\x04\x05\x06\a\b\t\n"+
"\v\f\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x00\x00\x1c\xc0/\xc0+\xc00\xc0,\xc0\x13\xc0\t\xc0\x14\xc0\n"+
"\x00\x9c\x00\x9d\x00/\x005\xc0\x12\x00\n"+
"\x01\x00\x00E\x00\x00\x00\v\x00\t\x00\x00\x06domain\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00\n"+
"\x00\b\x00\x06\x00\x17\x00\x18\x00\x19\x00\v\x00\x02\x01\x00\x00\r\x00\x0e\x00\f\x04\x01\x04\x03\x05\x01\x05\x03\x02\x01\x02\x03\xff\x01\x00\x01\x00\x00\x12\x00\x00",
)
}
func (s *ConnectionXmppSuite) Test_Dial_worksIfTheHandshakeSucceeds(c *C) {
rw := &mockMultiConnIOReaderWriter{read: validTLSExchange}
conn := &fullMockedConn{rw: rw}
var tlsC tls.Config
tlsC.Rand = fixedRand([]string{
"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
"000102030405060708090A0B0C0D0E0F",
"000102030405060708090A0B0C0D0E0F",
})
d := &dialer{
JID: "user@www.olabini.se",
password: "pass",
serverAddress: "www.olabini.se:443",
verifier: &basicTLSVerifier{},
config: data.Config{
TLSConfig: &tlsC,
},
}
_, err := d.setupStream(conn)
c.Assert(err, Equals, io.EOF)
c.Assert(string(rw.write), Equals, ""+
"<?xml version='1.0'?><stream:stream to='www.olabini.se' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n"+
"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\x16\x03\x01\x00\x96\x01\x00\x00\x92\x03\x03\x00\x01\x02\x03\x04\x05\x06\a\b\t\n"+
"\v\f\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x00\x00\x1c\xc0/\xc0+\xc00\xc0,\xc0\x13\xc0\t\xc0\x14\xc0\n"+
"\x00\x9c\x00\x9d\x00/\x005\xc0\x12\x00\n"+
"\x01\x00\x00M\x00\x00\x00\x13\x00\x11\x00\x00\x0ewww.olabini.se\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00\n"+
"\x00\b\x00\x06\x00\x17\x00\x18\x00\x19\x00\v\x00\x02\x01\x00\x00\r\x00\x0e\x00\f\x04\x01\x04\x03\x05\x01\x05\x03\x02\x01\x02\x03\xff\x01\x00\x01\x00\x00\x12\x00\x00\x16\x03\x03\x00F\x10\x00\x00BA\x04\b\xda\xf8\xb0\xab\xae5\t\xf3\\\xe1\xd31\x04\xcb\x01\xb9Qb̹\x18\xba\x1f\x81o8\xd3\x13\x0f\xb8\u007f\x92\xa3\b7\xf8o\x9e\xef\x19\u007fCy\xa5\n"+
"b\x06\x82fy]\xb9\xf83\xea6\x1d\x03\xafT[\xe7\x92\x14\x03\x03\x00\x01\x01\x16\x03\x03\x00(\x00\x00\x00\x00\x00\x00\x00\x00j\xc9\xd4\xef'\xc2ڲ6e\x88JD$\x9d\x15O\x80\x15\u0099-.(T\x99\xb3\xbf\x869~\x11\x17\x03\x03\x00\xa5\x00\x00\x00\x00\x00\x00\x00\x01W'*.\vz\x85%%E\xee\x119\x82\xe4\xfe\xf5o\x111m|\x8d\xbb ģ\x06\xf2a_M\xd3\xebޤ:\xe3\x00\x92A\xd6\\\xa7\xce<\"F?tr\xbc1gȮD\\ՎG\xe7\x9e\xc8\u007f\x9e\x1eD\xdbJ&\xe5T2b\xa5J\xc9\xc99\"Ek\xc0\x0fa\xf4\x9b*\xb1\x9a\x10^^(\x8f\x1b\x8b\xdd\x04\xe8\xe6\xf5\xb6+V\x1d\xd7\xeb512\xc0*\x8e7\x15\xdd\t\x04\x1d-#\xf8\x9d^\x16k\xa4\x1d\xe0s\x90E\x8cNG\x93\xb0\xd5]\x1d\x01B\xe9\x18T\xc7@\x11\x1a\x17\xe3\xb9b\x19\x1a")
}
func (s *ConnectionXmppSuite) Test_Dial_worksIfTheHandshakeSucceedsButFailsOnInvalidCertHash(c *C) {
rw := &mockMultiConnIOReaderWriter{read: validTLSExchange}
conn := &fullMockedConn{rw: rw}
var tlsC tls.Config
tlsC.Rand = fixedRand([]string{
"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
"000102030405060708090A0B0C0D0E0F",
"000102030405060708090A0B0C0D0E0F",
})
d := &dialer{
JID: "user@www.olabini.se",
password: "pass",
serverAddress: "www.olabini.se:443",
verifier: &basicTLSVerifier{[]byte("aaaaa")},
config: data.Config{
TLSConfig: &tlsC,
},
}
_, err := d.setupStream(conn)
c.Assert(err.Error(), Equals, "tls: server certificate does not match expected hash (got: 82454418cb04854aa721bb0596528ff802b1e18a4e3a7767412ac9f108c9d3a7, want: 6161616161)")
}
func (s *ConnectionXmppSuite) Test_Dial_worksIfTheHandshakeSucceedsButSucceedsOnValidCertHash(c *C) {
rw := &mockMultiConnIOReaderWriter{read: validTLSExchange}
conn := &fullMockedConn{rw: rw}
var tlsC tls.Config
tlsC.Rand = fixedRand([]string{
"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
"000102030405060708090A0B0C0D0E0F",
"000102030405060708090A0B0C0D0E0F",
})
d := &dialer{
JID: "user@www.olabini.se",
password: "pass",
serverAddress: "www.olabini.se:443",
verifier: &basicTLSVerifier{bytesFromHex("82454418cb04854aa721bb0596528ff802b1e18a4e3a7767412ac9f108c9d3a7")},
config: data.Config{
TLSConfig: &tlsC,
},
}
_, err := d.setupStream(conn)
c.Assert(err, Equals, io.EOF)
}
|
