123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136 |
- // Copyright (c) 2019 Shivaram Lingamneni
- // released under the MIT license
-
- package cloaks
-
- import (
- "net"
- "reflect"
- "testing"
- )
-
- func assertEqual(supplied, expected interface{}, t *testing.T) {
- if !reflect.DeepEqual(supplied, expected) {
- t.Errorf("expected %v but got %v", expected, supplied)
- }
- }
-
- func easyParseIP(ipstr string) (result net.IP) {
- result = net.ParseIP(ipstr)
- if result == nil {
- panic(ipstr)
- }
- return
- }
-
- func cloakConfForTesting() CloakConfig {
- config := CloakConfig{
- Enabled: true,
- Netname: "oragono",
- secret: "_BdVPWB5sray7McbFmeuJL996yaLgG4l9tEyficGXKg",
- CidrLenIPv4: 32,
- CidrLenIPv6: 64,
- NumBits: 80,
- }
- config.Initialize()
- return config
- }
-
- func TestCloakDeterminism(t *testing.T) {
- config := cloakConfForTesting()
-
- v4ip := easyParseIP("8.8.8.8").To4()
- assertEqual(config.ComputeCloak(v4ip), "d2z5guriqhzwazyr.oragono", t)
- // use of the 4-in-6 mapping should not affect the cloak
- v6mappedIP := v4ip.To16()
- assertEqual(config.ComputeCloak(v6mappedIP), "d2z5guriqhzwazyr.oragono", t)
-
- v6ip := easyParseIP("2001:0db8::1")
- assertEqual(config.ComputeCloak(v6ip), "w7ren6nxii6f3i3d.oragono", t)
- // same CIDR, so same cloak:
- v6ipsamecidr := easyParseIP("2001:0db8::2")
- assertEqual(config.ComputeCloak(v6ipsamecidr), "w7ren6nxii6f3i3d.oragono", t)
- v6ipdifferentcidr := easyParseIP("2001:0db9::1")
- // different CIDR, different cloak:
- assertEqual(config.ComputeCloak(v6ipdifferentcidr), "ccmptyrjwsxv4f4d.oragono", t)
-
- // cloak values must be sensitive to changes in the secret key
- config.SetSecret("HJcXK4lLawxBE4-9SIdPji_21YiL3N5r5f5-SPNrGVY")
- assertEqual(config.ComputeCloak(v4ip), "4khy3usk8mfu42pe.oragono", t)
- assertEqual(config.ComputeCloak(v6mappedIP), "4khy3usk8mfu42pe.oragono", t)
- assertEqual(config.ComputeCloak(v6ip), "mxpk3c83vdxkek9j.oragono", t)
- assertEqual(config.ComputeCloak(v6ipsamecidr), "mxpk3c83vdxkek9j.oragono", t)
- }
-
- func TestCloakShortv4Cidr(t *testing.T) {
- config := CloakConfig{
- Enabled: true,
- Netname: "oragono",
- secret: "_BdVPWB5sray7McbFmeuJL996yaLgG4l9tEyficGXKg",
- CidrLenIPv4: 24,
- CidrLenIPv6: 64,
- NumBits: 60,
- }
- config.Initialize()
-
- v4ip := easyParseIP("8.8.8.8")
- assertEqual(config.ComputeCloak(v4ip), "3cay3zc72tnui.oragono", t)
- v4ipsamecidr := easyParseIP("8.8.8.9")
- assertEqual(config.ComputeCloak(v4ipsamecidr), "3cay3zc72tnui.oragono", t)
- }
-
- func TestCloakZeroBits(t *testing.T) {
- config := cloakConfForTesting()
- config.NumBits = 0
- config.Netname = "example.com"
- config.Initialize()
-
- v4ip := easyParseIP("8.8.8.8").To4()
- assertEqual(config.ComputeCloak(v4ip), "example.com", t)
- }
-
- func TestCloakDisabled(t *testing.T) {
- config := cloakConfForTesting()
- config.Enabled = false
- v4ip := easyParseIP("8.8.8.8").To4()
- assertEqual(config.ComputeCloak(v4ip), "", t)
- }
-
- func BenchmarkCloaks(b *testing.B) {
- config := cloakConfForTesting()
- v6ip := easyParseIP("2001:0db8::1")
- b.ResetTimer()
- for i := 0; i < b.N; i++ {
- config.ComputeCloak(v6ip)
- }
- }
-
- func TestAccountCloak(t *testing.T) {
- config := cloakConfForTesting()
-
- // just assert that we get all distinct values
- assertEqual(config.ComputeAccountCloak("shivaram"), "8yu8kunudb45ztxm.oragono", t)
- assertEqual(config.ComputeAccountCloak("dolph🐬n"), "hhgeqsvzeagv3wjw.oragono", t)
- assertEqual(config.ComputeAccountCloak("SHIVARAM"), "bgx32x4r7qzih4uh.oragono", t)
- assertEqual(config.ComputeAccountCloak("ed"), "j5autmgxtdjdyzf4.oragono", t)
- }
-
- func TestAccountCloakCollisions(t *testing.T) {
- config := cloakConfForTesting()
-
- v4ip := easyParseIP("97.97.97.97")
- v4cloak := config.ComputeCloak(v4ip)
- // "aaaa" is the same bytestring as 97.97.97.97
- aaaacloak := config.ComputeAccountCloak("aaaa")
- if v4cloak == aaaacloak {
- t.Errorf("cloak collision between 97.97.97.97 and aaaa: %s", v4cloak)
- }
- }
-
- func BenchmarkAccountCloaks(b *testing.B) {
- config := cloakConfForTesting()
- b.ResetTimer()
- for i := 0; i < b.N; i++ {
- config.ComputeAccountCloak("shivaram")
- }
- }
|