-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpolicy_additional_test.go
More file actions
92 lines (77 loc) · 2.43 KB
/
Copy pathpolicy_additional_test.go
File metadata and controls
92 lines (77 loc) · 2.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package cloudflared
import (
"context"
"crypto/x509"
"testing"
M "github.com/sagernet/sing/common/metadata"
)
func TestIPRulePolicyAllowsResolvedDomain(t *testing.T) {
t.Parallel()
policy, err := newIPRulePolicy([]IPRule{{
Prefix: "::/0",
Ports: []int{80},
Allow: true,
}})
if err != nil {
t.Fatal(err)
}
allowed, err := policy.Allow(context.Background(), M.ParseSocksaddr("localhost:80"))
if err != nil {
t.Fatal(err)
}
if !allowed {
t.Fatal("expected localhost to match 127.0.0.0/8 allow rule")
}
}
func TestResolvePolicyDestinationRejectsInvalidHost(t *testing.T) {
t.Parallel()
_, err := resolvePolicyDestination(context.Background(), M.Socksaddr{Fqdn: "bad host"})
if err == nil {
t.Fatal("expected invalid host error")
}
}
func TestNewEdgeTLSConfigUsesInputs(t *testing.T) {
t.Parallel()
pool := x509.NewCertPool()
config := newEdgeTLSConfig(pool, "quic.cftunnel.com", []string{"argotunnel"})
if config.RootCAs != pool {
t.Fatal("expected root CA pool to be preserved")
}
if config.ServerName != "quic.cftunnel.com" {
t.Fatalf("unexpected server name %q", config.ServerName)
}
if len(config.NextProtos) != 1 || config.NextProtos[0] != "argotunnel" {
t.Fatalf("unexpected next protos %#v", config.NextProtos)
}
if len(config.CurvePreferences) != 1 {
t.Fatalf("unexpected curve preferences %#v", config.CurvePreferences)
}
}
func TestApplyPostQuantumCurvePreferencesOverridesDefaultCurves(t *testing.T) {
t.Parallel()
config := newEdgeTLSConfig(x509.NewCertPool(), quicEdgeSNI, []string{quicEdgeALPN})
applyPostQuantumCurvePreferences(config, []string{featurePostQuantum})
if len(config.CurvePreferences) != 1 || config.CurvePreferences[0] != x25519MLKEM768PQKex {
t.Fatalf("unexpected post-quantum curves %#v", config.CurvePreferences)
}
}
func TestGetRegionalServiceName(t *testing.T) {
t.Parallel()
if got := getRegionalServiceName(""); got != edgeSRVService {
t.Fatalf("unexpected default service name %q", got)
}
if got := getRegionalServiceName("us"); got != "us-"+edgeSRVService {
t.Fatalf("unexpected regional service name %q", got)
}
}
func TestFilterByIPVersionDropsMismatchedRegions(t *testing.T) {
t.Parallel()
regions := [][]*EdgeAddr{
{{IPVersion: 4}, {IPVersion: 6}},
{{IPVersion: 6}},
}
filtered := FilterByIPVersion(regions, 4)
if len(filtered) != 1 || len(filtered[0]) != 1 || filtered[0][0].IPVersion != 4 {
t.Fatalf("unexpected filtered regions %#v", filtered)
}
}