mirror of
https://github.com/apernet/OpenGFW.git
synced 2024-11-11 04:49:22 +08:00
c0e2483f6c
Tests performed on real-like packets secure expected behavior.
70 lines
2.9 KiB
Go
70 lines
2.9 KiB
Go
package tcp
|
|
|
|
import (
|
|
"reflect"
|
|
"testing"
|
|
|
|
"github.com/apernet/OpenGFW/analyzer"
|
|
)
|
|
|
|
func TestTlsStreamParsing_ClientHello(t *testing.T) {
|
|
// example packet taken from <https://tls12.xargs.org/#client-hello/annotated>
|
|
clientHello := []byte{
|
|
0x16, 0x03, 0x01, 0x00, 0xa5, 0x01, 0x00, 0x00, 0xa1, 0x03, 0x03, 0x00,
|
|
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
|
|
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
|
|
0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x00, 0x00, 0x20, 0xcc, 0xa8,
|
|
0xcc, 0xa9, 0xc0, 0x2f, 0xc0, 0x30, 0xc0, 0x2b, 0xc0, 0x2c, 0xc0, 0x13,
|
|
0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9c, 0x00, 0x9d, 0x00, 0x2f,
|
|
0x00, 0x35, 0xc0, 0x12, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x58, 0x00, 0x00,
|
|
0x00, 0x18, 0x00, 0x16, 0x00, 0x00, 0x13, 0x65, 0x78, 0x61, 0x6d, 0x70,
|
|
0x6c, 0x65, 0x2e, 0x75, 0x6c, 0x66, 0x68, 0x65, 0x69, 0x6d, 0x2e, 0x6e,
|
|
0x65, 0x74, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00,
|
|
0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x12, 0x00,
|
|
0x10, 0x04, 0x01, 0x04, 0x03, 0x05, 0x01, 0x05, 0x03, 0x06, 0x01, 0x06,
|
|
0x03, 0x02, 0x01, 0x02, 0x03, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x12,
|
|
0x00, 0x00,
|
|
}
|
|
want := analyzer.PropMap{
|
|
"ciphers": []uint16{52392, 52393, 49199, 49200, 49195, 49196, 49171, 49161, 49172, 49162, 156, 157, 47, 53, 49170, 10},
|
|
"compression": []uint8{0},
|
|
"random": []uint8{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31},
|
|
"session": []uint8{},
|
|
"sni": "example.ulfheim.net",
|
|
"version": uint16(771),
|
|
}
|
|
|
|
s := newTLSStream(nil)
|
|
u, _ := s.Feed(false, false, false, 0, clientHello)
|
|
got := u.M.Get("req")
|
|
if !reflect.DeepEqual(got, want) {
|
|
t.Errorf("%d B parsed = %v, want %v", len(clientHello), got, want)
|
|
}
|
|
}
|
|
|
|
func TestTlsStreamParsing_ServerHello(t *testing.T) {
|
|
// example packet taken from <https://tls12.xargs.org/#server-hello/annotated>
|
|
serverHello := []byte{
|
|
0x16, 0x03, 0x03, 0x00, 0x31, 0x02, 0x00, 0x00, 0x2d, 0x03, 0x03, 0x70,
|
|
0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c,
|
|
0x7d, 0x7e, 0x7f, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88,
|
|
0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x00, 0xc0, 0x13, 0x00, 0x00,
|
|
0x05, 0xff, 0x01, 0x00, 0x01, 0x00,
|
|
}
|
|
want := analyzer.PropMap{
|
|
"cipher": uint16(49171),
|
|
"compression": uint8(0),
|
|
"random": []uint8{112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143},
|
|
"session": []uint8{},
|
|
"version": uint16(771),
|
|
}
|
|
|
|
s := newTLSStream(nil)
|
|
u, _ := s.Feed(true, false, false, 0, serverHello)
|
|
got := u.M.Get("resp")
|
|
if !reflect.DeepEqual(got, want) {
|
|
t.Errorf("%d B parsed = %v, want %v", len(serverHello), got, want)
|
|
}
|
|
}
|