forked from mitchellh/go-vnc
-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathsecurity_test.go
99 lines (86 loc) · 2.6 KB
/
security_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
package vnc
import (
"encoding/hex"
"io"
"strings"
"testing"
)
func TestClientAuthNone_Impl(t *testing.T) {
var raw interface{}
raw = new(ClientAuthNone)
if _, ok := raw.(ClientAuth); !ok {
t.Fatal("ClientAuthNone doesn't implement ClientAuth")
}
}
func TestClientAuthVNC_Impl(t *testing.T) {
var raw interface{}
raw = new(ClientAuthVNC)
if _, ok := raw.(ClientAuth); !ok {
t.Fatal("ClientAuthVNC doesn't implement ClientAuth")
}
}
// wiresharkToChallenge converts VNC authentication challenge and response
// values captured with Wireshark (https://www.wireshark.org) into usable byte
// streams.
func wiresharkToChallenge(h string) vncAuthChallenge {
var ch vncAuthChallenge
r := strings.NewReplacer(":", "")
b, err := hex.DecodeString(r.Replace(h))
if err != nil {
return ch
}
copy(ch[:], b)
return ch
}
type clientAuthVNCTest struct {
pw, ch, res string
}
var clientAuthVNCTests []clientAuthVNCTest = []clientAuthVNCTest{
{".", "7f:e2:e1:3d:a4:ae:10:9c:54:c5:5f:52:74:aa:db:31", "1d:86:92:71:1f:00:24:35:02:d3:91:ef:e9:bc:c5:d5"},
{"12345678", "13:8e:a4:2e:0e:66:f3:ad:2d:f3:08:c3:04:cd:c4:2a", "5b:e1:56:fa:49:49:ef:56:d3:f8:44:97:73:27:95:9f"},
{"abc123", "c6:30:45:d2:57:9e:e7:f2:f9:0c:62:3e:52:40:86:c6", "a3:63:59:e4:28:c8:7f:b3:45:2c:d7:e0:ca:d6:70:3e"},
}
func TestClientAuthVNC_Handshake(t *testing.T) {
mockConn := &MockConn{}
conn := NewClientConn(mockConn, &ClientConfig{})
for _, tt := range clientAuthVNCTests {
mockConn.Reset()
// Send challenge.
ch := wiresharkToChallenge(tt.ch)
if err := conn.send(ch); err != nil {
t.Errorf("error sending challenge: %v", err)
continue
}
// Perform handshake.
auth := ClientAuthVNC{tt.pw}
if err := auth.Handshake(conn); err != nil {
t.Errorf("error performing handshake: %v", err)
}
// Validate response.
var res vncAuthChallenge
if err := conn.receive(&res); err != nil {
t.Errorf("error reading response: %v", err)
}
if got, want := res, wiresharkToChallenge(tt.res); got != want {
t.Errorf("incorrect response; got = %v, want = %v", got, want)
}
// Ensure nothing extra was sent.
var buf []byte
if err := conn.receiveN(&buf, 1024); err != io.EOF {
t.Errorf("expected EOF; got = %v", err)
}
}
}
func TestClientAuthVNC_encode(t *testing.T) {
for i, tt := range clientAuthVNCTests {
ch := wiresharkToChallenge(tt.ch)
a := ClientAuthVNC{tt.pw}
if err := a.encode(&ch); err != nil {
t.Errorf("%v: error encoding response: %v", i, err)
}
res := wiresharkToChallenge(tt.res)
if got, want := ch, res; got != want {
t.Errorf("%v: encode failed; got = %v, want = %v", i, got, want)
}
}
}