test(transport): add tests

Author: st0o0

src/Servus.Akka.Tests/Transport/Tcp/Listener/TcpServerStateMachineSpec.cs

@@ -23,6 +23,16 @@ private static (TcpServerStateMachine Sm, MockTransportOperations Ops) CreateSta
         return (sm, ops);
     }
 
+    private static (TcpServerStateMachine Sm, MockTransportOperations Ops) CreateStateMachineWithTls(
+        bool allowDelayedNegotiation)
+    {
+        var ops = new MockTransportOperations();
+        var state = new ClientState(Stream.Null);
+        var sm = new TcpServerStateMachine(ops, ActorRefs.Nobody, state, TestConnectionInfo,
+            sslStream: null, allowDelayedNegotiation: allowDelayedNegotiation);
+        return (sm, ops);
+    }
+
     private static TransportBuffer CreateTestBuffer(params byte[] data)
     {
         var buf = TransportBuffer.Rent(data.Length);
@@ -289,4 +299,40 @@ public void Dispatch_InboundComplete_error_should_push_error_disconnected()
         var disconnected = Assert.IsType<TransportDisconnected>(ops.PushedInbound[0]);
         Assert.Equal(DisconnectReason.Error, disconnected.Reason);
     }
+
+    [Fact(Timeout = 5000)]
+    public void Start_should_not_emit_TransportTlsState_without_tls()
+    {
+        var (sm, ops) = CreateStateMachine();
+
+        sm.Start();
+
+        Assert.Single(ops.PushedInbound);
+        Assert.IsType<TransportConnected>(ops.PushedInbound[0]);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void Start_should_emit_TransportTlsState_when_allow_delayed_is_true()
+    {
+        var (sm, ops) = CreateStateMachineWithTls(allowDelayedNegotiation: true);
+
+        sm.Start();
+
+        Assert.Equal(2, ops.PushedInbound.Count);
+        Assert.IsType<TransportConnected>(ops.PushedInbound[0]);
+        var tlsState = Assert.IsType<TransportTlsState>(ops.PushedInbound[1]);
+        Assert.True(tlsState.AllowDelayedNegotiation);
+        Assert.Null(tlsState.SslStream);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void Start_should_not_emit_TransportTlsState_when_no_ssl_and_no_delay()
+    {
+        var (sm, ops) = CreateStateMachineWithTls(allowDelayedNegotiation: false);
+
+        sm.Start();
+
+        Assert.Single(ops.PushedInbound);
+        Assert.IsType<TransportConnected>(ops.PushedInbound[0]);
+    }
 }

src/Servus.Akka.Tests/Transport/TcpListenerOptionsSpec.cs

@@ -0,0 +1,44 @@
+using System.Net.Security;
+using Servus.Akka.Transport;
+
+namespace Servus.Akka.Tests.Transport;
+
+public sealed class TcpListenerOptionsSpec
+{
+    [Fact(Timeout = 5000)]
+    public void TcpListenerOptions_should_default_client_certificate_mode_to_no_certificate()
+    {
+        var options = new TcpListenerOptions { Host = "localhost", Port = 443 };
+
+        Assert.Equal(ClientCertificateMode.NoCertificate, options.ClientCertificateMode);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void TcpListenerOptions_should_default_handshake_callback_to_null()
+    {
+        var options = new TcpListenerOptions { Host = "localhost", Port = 443 };
+
+        Assert.Null(options.HandshakeCallback);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void TcpListenerOptions_should_default_server_certificate_selector_to_null()
+    {
+        var options = new TcpListenerOptions { Host = "localhost", Port = 443 };
+
+        Assert.Null(options.ServerCertificateSelector);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void TcpListenerOptions_should_allow_setting_client_certificate_mode()
+    {
+        var options = new TcpListenerOptions
+        {
+            Host = "localhost",
+            Port = 443,
+            ClientCertificateMode = ClientCertificateMode.RequireCertificate
+        };
+
+        Assert.Equal(ClientCertificateMode.RequireCertificate, options.ClientCertificateMode);
+    }
+}

src/Servus.Akka.Tests/Transport/TransportMessagesSpec.cs

@@ -127,4 +127,82 @@ public void ConnectionInfo_should_allow_null_security()
 
         Assert.Null(info.Security);
     }
+
+    [Fact(Timeout = 5000)]
+    public void SecurityInfo_should_default_negotiated_cipher_suite_to_null()
+    {
+        var info = new SecurityInfo(SslProtocols.Tls13, SslApplicationProtocol.Http2);
+
+        Assert.Null(info.NegotiatedCipherSuite);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void SecurityInfo_should_default_hostname_to_null()
+    {
+        var info = new SecurityInfo(SslProtocols.Tls13, SslApplicationProtocol.Http2);
+
+        Assert.Null(info.HostName);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void SecurityInfo_should_store_negotiated_cipher_suite()
+    {
+        var info = new SecurityInfo(
+            SslProtocols.Tls13,
+            SslApplicationProtocol.Http2,
+            TlsCipherSuite.TLS_AES_256_GCM_SHA384);
+
+        Assert.Equal(TlsCipherSuite.TLS_AES_256_GCM_SHA384, info.NegotiatedCipherSuite);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void SecurityInfo_should_store_hostname()
+    {
+        var info = new SecurityInfo(
+            SslProtocols.Tls13,
+            SslApplicationProtocol.Http2,
+            HostName: "example.com");
+
+        Assert.Equal("example.com", info.HostName);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void SecurityInfo_should_store_all_fields()
+    {
+        var info = new SecurityInfo(
+            SslProtocols.Tls13,
+            SslApplicationProtocol.Http2,
+            TlsCipherSuite.TLS_AES_128_GCM_SHA256,
+            "host.example.com");
+
+        Assert.Equal(SslProtocols.Tls13, info.Protocol);
+        Assert.Equal(SslApplicationProtocol.Http2, info.ApplicationProtocol);
+        Assert.Equal(TlsCipherSuite.TLS_AES_128_GCM_SHA256, info.NegotiatedCipherSuite);
+        Assert.Equal("host.example.com", info.HostName);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void TransportTlsState_should_implement_ITransportInbound()
+    {
+        ITransportInbound msg = new TransportTlsState(SslStream: null, AllowDelayedNegotiation: false);
+
+        Assert.IsType<TransportTlsState>(msg);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void TransportTlsState_should_carry_allow_delayed_flag()
+    {
+        var msg = new TransportTlsState(SslStream: null, AllowDelayedNegotiation: true);
+
+        Assert.True(msg.AllowDelayedNegotiation);
+    }
+
+    [Fact(Timeout = 5000)]
+    public void TransportTlsState_should_allow_null_ssl_stream()
+    {
+        var msg = new TransportTlsState(SslStream: null, AllowDelayedNegotiation: false);
+
+        Assert.Null(msg.SslStream);
+        Assert.False(msg.AllowDelayedNegotiation);
+    }
 }

src/Servus.Akka/Transport/Tcp/Listener/TcpListenerStage.cs

@@ -48,7 +48,7 @@ public Logic(TcpListenerStage stage) : base(stage.Shape)
         {
             _stage = stage;
 
-            SetHandler(stage._out, onPull: () => TryPush());
+            SetHandler(stage._out, onPull: TryPush);
         }
 
         public override void PreStart()
@@ -167,17 +167,6 @@ private async Task InitializeConnectionAsync(TcpClient client)
             var localEndPoint = client.Client.LocalEndPoint!;
             var remoteEndPoint = client.Client.RemoteEndPoint!;
 
-            SecurityInfo? security = null;
-            var protocol = TransportProtocol.Tcp;
-
-            if (stream is SslStream sslStream)
-            {
-                security = new SecurityInfo(
-                    sslStream.SslProtocol,
-                    sslStream.NegotiatedApplicationProtocol);
-                protocol = TransportProtocol.Tls;
-            }
-
             var connectionInfo = new ConnectionInfo(
                 localEndPoint,
                 remoteEndPoint,
@@ -220,8 +209,8 @@ private async Task<TlsConnectionResult> GetTlsStreamAsync(TcpClient client)
             return await AuthenticateWithOptionsAsync(client, options);
         }
 
-        private async Task<TlsConnectionResult> AuthenticateWithCallbackAsync(
-            TcpClient client, TcpListenerOptions options)
+        private static async Task<TlsConnectionResult> AuthenticateWithCallbackAsync(TcpClient client,
+            TcpListenerOptions options)
         {
             var sslStream = new SslStream(
                 client.GetStream(),
@@ -232,7 +221,7 @@ private async Task<TlsConnectionResult> AuthenticateWithCallbackAsync(
             var allowDelayed = false;
 
             await sslStream.AuthenticateAsServerAsync(
-                async (stream, clientHelloInfo, state, ct) =>
+                async (_, clientHelloInfo, _, ct) =>
                 {
                     hostname = clientHelloInfo.ServerName;
                     var context = new TlsHandshakeContext(
@@ -323,4 +312,4 @@ private void OnAcceptError(Exception ex)
             FailStage(ex);
         }
     }
-}
+}