You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

182 lines
8.9 KiB

  1. #!/bin/sh
  2. set -e
  3. TESTDIR="$(readlink -f "$(dirname "$0")")"
  4. . "$TESTDIR/framework"
  5. setupenvironment
  6. # We don't do a real proxy here, we just look how the implementation
  7. # reacts to certain responses from a "proxy" provided by socat
  8. # Checks HTTP, but requesting https instead will check HTTPS (curl) which
  9. # uses different error messages through – also: https://github.com/curl/curl/issues/944
  10. # FIXME: Not run automatically as it uses a hardcoded port (5555)
  11. msgtest 'Check that everything is installed' 'socat'
  12. if dpkg-checkbuilddeps -d 'socat' /dev/null >/dev/null 2>&1; then
  13. msgpass
  14. else
  15. msgskip "$(command dpkg -l socat)"
  16. exit
  17. fi
  18. runclient() {
  19. # this doesn't need to be an actually reachable webserver for this test
  20. # in fact, its better if it isn't.
  21. rm -f index.html
  22. apthelper download-file "http://${2:-localhost:2903}/" index.html \
  23. -o Acquire::http::Proxy="socks5h://${1}localhost:5555" \
  24. -o Acquire::http::Timeout=2 -o Debug::Acquire::http=1 > client.output 2>&1 || true
  25. }
  26. runserver() {
  27. socat -x tcp-listen:5555,reuseaddr \
  28. system:"echo -n '$*' | xxd -r -p; echo 'HTTP/1.1 200 OK'; echo 'Content-Length: 5'; echo 'Connection: close'; echo; echo 'HTML'" \
  29. > server.output 2>&1 &
  30. }
  31. PROXY="socks5h://localhost:5555"
  32. msgmsg 'SOCKS does not run'
  33. runclient
  34. testsuccess grep 'Could not connect to localhost:5555' client.output
  35. msgmsg 'SOCKS greets back with wrong version'
  36. runserver '04 00'
  37. runclient
  38. testsuccess grep 'greets back with wrong version: 4' client.output
  39. msgmsg 'SOCKS tries GSSAPI auth we have not advertised'
  40. runserver '05 01'
  41. runclient
  42. testsuccess grep 'greets back having not found a common authorization method: 1' client.output
  43. msgmsg 'SOCKS tries user&pass auth we have not advertised'
  44. runserver '05 02'
  45. runclient
  46. testsuccess grep 'pass auth, but we had not offered it' client.output
  47. msgmsg 'SOCKS user:pass wrong version'
  48. runserver '05 02' '05 00'
  49. runclient 'user:pass@'
  50. testsuccess grep 'auth status response with wrong version: 5' client.output
  51. msgmsg 'SOCKS user:pass wrong auth'
  52. runserver '05 02' '01 01'
  53. runclient 'user:pass@'
  54. testsuccess grep 'reported authorization failure: username or password incorrect? (1)' client.output
  55. msgmsg 'SOCKS user:pass request not granted no hostname'
  56. runserver '05 02' '01 00' '05 01 00 03 00 1f 90'
  57. runclient 'user:pass@'
  58. testsuccess grep 'could not connect to localhost (:8080) due to: general SOCKS server failure (1)' client.output
  59. msgmsg 'SOCKS user:pass request not granted with hostname'
  60. runserver '05 02' '01 00' '05 01 00 03 09 68 6f 73 74 6c 6f 63 61 6c 1f 90'
  61. runclient 'user:pass@'
  62. testsuccess grep 'could not connect to localhost (hostlocal:8080) due to: general SOCKS server failure (1)' client.output
  63. msgmsg 'SOCKS user:pass request not granted ipv4'
  64. runserver '05 02' '01 00' '05 04 00 01 ac 10 fe 01 1f 90'
  65. runclient 'user:pass@'
  66. testsuccess grep 'could not connect to localhost (172.16.254.1:8080) due to: Host unreachable (4)' client.output
  67. msgmsg 'SOCKS user:pass request not granted ipv6'
  68. runserver '05 02' '01 00' '05 12 00 04 20 01 0d b8 ac 10 fe 00 00 00 00 00 00 00 00 00 1f 90'
  69. runclient 'user:pass@'
  70. testsuccess grep 'could not connect to localhost (\[2001:0DB8:AC10:FE00:0000:0000:0000:0000\]:8080) due to: Unknown error (18)' client.output
  71. msgmsg 'SOCKS user:pass request granted ipv4'
  72. runserver '05 02' '01 00' '05 00 00 01 ac 10 fe 01 1f 90'
  73. runclient 'user:pass@'
  74. testequal "http: SOCKS proxy $PROXY connection established to localhost (172.16.254.1:8080)" head -n 1 client.output
  75. testfileequal index.html 'HTML'
  76. msgmsg 'SOCKS user:pass request granted ipv6'
  77. runserver '05 02' '01 00' '05 00 00 04 20 01 0d b8 ac 10 fe 00 00 00 00 00 00 00 00 00 1f 90'
  78. runclient 'user:pass@'
  79. testequal "http: SOCKS proxy $PROXY connection established to localhost ([2001:0DB8:AC10:FE00:0000:0000:0000:0000]:8080)" head -n 1 client.output
  80. testfileequal index.html 'HTML'
  81. msgmsg 'SOCKS no auth no hostname'
  82. runserver '05 00 05 00 00 03 00 1f 90'
  83. runclient
  84. testequal "http: SOCKS proxy $PROXY connection established to localhost (:8080)" head -n 1 client.output
  85. testfileequal index.html 'HTML'
  86. msgmsg 'SOCKS no auth with hostname'
  87. runserver '05 00 05 00 00 03 09 68 6f 73 74 6c 6f 63 61 6c 1f 90'
  88. runclient
  89. testequal "http: SOCKS proxy $PROXY connection established to localhost (hostlocal:8080)" head -n 1 client.output
  90. testfileequal index.html 'HTML'
  91. msgmsg 'SOCKS user-only request granted ipv4'
  92. runserver '05 02' '01 00' '05 00 00 01 ac 10 fe 01 1f 90'
  93. runclient 'apt@'
  94. testequal "http: SOCKS proxy $PROXY connection established to localhost (172.16.254.1:8080)" head -n 1 client.output
  95. testfileequal index.html 'HTML'
  96. msgmsg 'tor: SOCKS user:pass request not granted'
  97. runserver '05 02' '01 00' '05 04 00 01 00 00 00 00 00 00'
  98. runclient 'user:pass@'
  99. testsuccess grep 'could not connect to localhost (0.0.0.0:0) due to: Host unreachable (4)' client.output
  100. msgmsg 'tor: SOCKS user:pass request tll expired'
  101. runserver '05 02' '01 00' '05 06 00 01 00 00 00 00 00 00'
  102. runclient 'user:pass@'
  103. testsuccess grep 'could not connect to localhost (0.0.0.0:0) due to: TTL expired (6)' client.output
  104. msgmsg 'tor: SOCKS user:pass request service unreachable'
  105. runserver '05 02' '01 00' '05 06 00 01 00 00 00 00 00 00'
  106. runclient 'user:pass@' 'vwakviie2ienjx6t.onion'
  107. testsuccess grep 'could not connect to vwakviie2ienjx6t.onion (0.0.0.0:0) due to: Host unreachable (6)' client.output
  108. msgmsg 'tor: SOCKS user:pass request not granted onion'
  109. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  110. runclient 'user:pass@' 'vwakviie2ienjx6t.onion'
  111. testsuccess grep 'could not connect to vwakviie2ienjx6t.onion (0.0.0.0:0) due to: general SOCKS server failure (1)' client.output
  112. msgmsg 'tor: SOCKS user:pass request not granted subdomain'
  113. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  114. runclient 'user:pass@' 'ftp.vwakviie2ienjx6t.onion'
  115. testsuccess grep 'could not connect to ftp.vwakviie2ienjx6t.onion (0.0.0.0:0) due to: general SOCKS server failure (1)' client.output
  116. msgmsg 'tor: SOCKS user:pass request not granted too short'
  117. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  118. runclient 'user:pass@' 'wakviie2ienjx6t.onion'
  119. testsuccess grep 'could not connect to wakviie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output
  120. msgmsg 'tor: SOCKS user:pass request not granted too long'
  121. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  122. runclient 'user:pass@' 'vwakviie2ienjx6t2.onion'
  123. testsuccess grep 'could not connect to vwakviie2ienjx6t2.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output
  124. msgmsg 'tor: SOCKS user:pass request not granted too short subdomain'
  125. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  126. runclient 'user:pass@' 'a.akviie2ienjx6t.onion'
  127. testsuccess grep 'could not connect to a.akviie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output
  128. msgmsg 'tor: SOCKS user:pass request not granted too short subdomains'
  129. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  130. runclient 'user:pass@' 'a.a.viie2ienjx6t.onion'
  131. testsuccess grep 'could not connect to a.a.viie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output
  132. msgmsg 'tor: SOCKS user:pass request not granted too short'
  133. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  134. runclient 'user:pass@' 'l5satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67oro.onion'
  135. testsuccess grep 'could not connect to l5satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67oro.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output
  136. msgmsg 'tor: SOCKS user:pass request not granted too long'
  137. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  138. runclient 'user:pass@' 'l5satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad2.onion'
  139. testsuccess grep 'could not connect to l5satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad2.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output
  140. msgmsg 'tor: SOCKS user:pass request not granted too short subdomain'
  141. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  142. runclient 'user:pass@' 'a.satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad.onion'
  143. testsuccess grep 'could not connect to a.satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output
  144. msgmsg 'tor: SOCKS user:pass request not granted too short subdomains'
  145. runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00'
  146. runclient 'user:pass@' 'a.a.tjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad.onion'
  147. testsuccess grep 'could not connect to a.a.tjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output