Save cookies
This commit is contained in:
parent
e8b08c53c7
commit
d16eb53bc0
|
@ -25,10 +25,7 @@ defmodule Chronoscope.NTS.KeyEstablishment do
|
||||||
end
|
end
|
||||||
|
|
||||||
def parse_response(response) do
|
def parse_response(response) do
|
||||||
response
|
{:ok, do_parse_response(response, %{})}
|
||||||
|> do_parse_response(%{})
|
|
||||||
|> Map.update(:cookies, 0, &length/1)
|
|
||||||
|> then(&{:ok, &1})
|
|
||||||
end
|
end
|
||||||
|
|
||||||
defp do_parse_response([], acc) do
|
defp do_parse_response([], acc) do
|
||||||
|
|
|
@ -13,16 +13,16 @@ defmodule ChronoscopeWeb.API.V1.NTS.KeyEstablishmentController do
|
||||||
|
|
||||||
case NTS.key_establishment(host, port) do
|
case NTS.key_establishment(host, port) do
|
||||||
{:ok, configuration} ->
|
{:ok, configuration} ->
|
||||||
ok_response(conn, %{status: :ok, configuration: configuration})
|
json(conn, %{status: :ok, configuration: format_configuration(configuration)})
|
||||||
|
|
||||||
{:error, error} ->
|
{:error, error} ->
|
||||||
ok_response(conn, %{status: :error, reason: to_string(error)})
|
json(conn, %{status: :error, reason: to_string(error)})
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp ok_response(conn, body) do
|
defp format_configuration(configuration) do
|
||||||
conn
|
configuration
|
||||||
|> Plug.Conn.put_resp_content_type("application/json")
|
|> Map.take([:aead_algorithms, :cookie_length, :cookies, :next_protocols, :port, :server])
|
||||||
|> Plug.Conn.send_resp(:ok, Jason.encode!(body))
|
|> Map.update(:cookies, 0, &length/1)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -9,96 +9,99 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles empty response" do
|
test "handles empty response" do
|
||||||
assert KeyEstablishment.parse_response([]) == {:ok, %{cookies: 0}}
|
assert KeyEstablishment.parse_response([]) == {:ok, %{}}
|
||||||
|
end
|
||||||
|
|
||||||
|
test "ignores unkown record" do
|
||||||
|
assert KeyEstablishment.parse_response([0x80, 0x21, 0x00, 0x04, 0x00, 0x01, 0x02, 0x03]) == {:ok, %{}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles end of message record" do
|
test "handles end of message record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x00, 0x00, 0x00]) == {:ok, %{cookies: 0}}
|
assert KeyEstablishment.parse_response([0x80, 0x00, 0x00, 0x00]) == {:ok, %{}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles next protocol negotiation record" do
|
test "handles next protocol negotiation record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x02, 0x00, 0x00]) ==
|
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x02, 0x00, 0x00]) == {:ok, %{next_protocols: ["NTPv4"]}}
|
||||||
{:ok, %{cookies: 0, next_protocols: ["NTPv4"]}}
|
|
||||||
end
|
end
|
||||||
|
|
||||||
test "does not handle next protocol negotiation record without critical bit" do
|
test "does not handle next protocol negotiation record without critical bit" do
|
||||||
assert KeyEstablishment.parse_response([0x00, 0x01, 0x00, 0x02, 0x00, 0x00]) == {:ok, %{cookies: 0}}
|
assert KeyEstablishment.parse_response([0x00, 0x01, 0x00, 0x02, 0x00, 0x00]) == {:ok, %{}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles empty next protocols" do
|
test "handles empty next protocols" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x00]) == {:ok, %{cookies: 0, next_protocols: []}}
|
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x00]) == {:ok, %{next_protocols: []}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles multiple next protocols" do
|
test "handles multiple next protocols" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x06, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00]) ==
|
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x06, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00]) ==
|
||||||
{:ok, %{cookies: 0, next_protocols: ["NTPv4", "UNASSIGNED", "NTPv4"]}}
|
{:ok, %{next_protocols: ["NTPv4", "UNASSIGNED", "NTPv4"]}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles aead algorithm negotiation record" do
|
test "handles aead algorithm negotiation record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x02, 0x00, 0x0F]) ==
|
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x02, 0x00, 0x0F]) ==
|
||||||
{:ok, %{cookies: 0, aead_algorithms: ["AEAD_AES_SIV_CMAC_256"]}}
|
{:ok, %{aead_algorithms: ["AEAD_AES_SIV_CMAC_256"]}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles aead algorithm negotiation record without critical bit" do
|
test "handles aead algorithm negotiation record without critical bit" do
|
||||||
assert KeyEstablishment.parse_response([0x00, 0x04, 0x00, 0x02, 0x00, 0x1E]) ==
|
assert KeyEstablishment.parse_response([0x00, 0x04, 0x00, 0x02, 0x00, 0x1E]) ==
|
||||||
{:ok, %{cookies: 0, aead_algorithms: ["AEAD_AES_128_GCM_SIV"]}}
|
{:ok, %{aead_algorithms: ["AEAD_AES_128_GCM_SIV"]}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles empty aead algorithms" do
|
test "handles empty aead algorithms" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x00]) == {:ok, %{cookies: 0, aead_algorithms: []}}
|
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x00]) == {:ok, %{aead_algorithms: []}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles multiple aead algorithms" do
|
test "handles multiple aead algorithms" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F]) ==
|
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F]) ==
|
||||||
{:ok, %{cookies: 0, aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"]}}
|
{:ok, %{aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"]}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles error record" do
|
test "handles error record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x02, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{cookies: 0, error: "Bad Request"}}
|
assert KeyEstablishment.parse_response([0x80, 0x02, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{error: "Bad Request"}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles unknown error record" do
|
test "handles unknown error record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x02, 0x00, 0x02, 0x00, 0x99]) == {:ok, %{cookies: 0, error: "153"}}
|
assert KeyEstablishment.parse_response([0x80, 0x02, 0x00, 0x02, 0x00, 0x99]) == {:ok, %{error: "153"}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "does not handle error record without critical bit" do
|
test "does not handle error record without critical bit" do
|
||||||
assert KeyEstablishment.parse_response([0x00, 0x02, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{cookies: 0}}
|
assert KeyEstablishment.parse_response([0x00, 0x02, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles warning record" do
|
test "handles warning record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x03, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{cookies: 0, warning: "1"}}
|
assert KeyEstablishment.parse_response([0x80, 0x03, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{warning: "1"}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "does not handle warning record without critical bit" do
|
test "does not handle warning record without critical bit" do
|
||||||
assert KeyEstablishment.parse_response([0x00, 0x03, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{cookies: 0}}
|
assert KeyEstablishment.parse_response([0x00, 0x03, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles server record" do
|
test "handles server record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1]) ==
|
assert KeyEstablishment.parse_response([0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1]) ==
|
||||||
{:ok, %{cookies: 0, server: "127.0.0.1"}}
|
{:ok, %{server: "127.0.0.1"}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles server record without critical bit" do
|
test "handles server record without critical bit" do
|
||||||
assert KeyEstablishment.parse_response([0x00, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1]) ==
|
assert KeyEstablishment.parse_response([0x00, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1]) ==
|
||||||
{:ok, %{cookies: 0, server: "127.0.0.1"}}
|
{:ok, %{server: "127.0.0.1"}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles port record" do
|
test "handles port record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x07, 0x00, 0x02, 0x04, 0xCE]) == {:ok, %{cookies: 0, port: 1230}}
|
assert KeyEstablishment.parse_response([0x80, 0x07, 0x00, 0x02, 0x04, 0xCE]) == {:ok, %{port: 1230}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles port record without critical bit" do
|
test "handles port record without critical bit" do
|
||||||
assert KeyEstablishment.parse_response([0x00, 0x07, 0x00, 0x02, 0x04, 0xCE]) == {:ok, %{cookies: 0, port: 1230}}
|
assert KeyEstablishment.parse_response([0x00, 0x07, 0x00, 0x02, 0x04, 0xCE]) == {:ok, %{port: 1230}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles cookie record" do
|
test "handles cookie record" do
|
||||||
assert KeyEstablishment.parse_response([0x80, 0x05, 0x00, 0x0E, ?c, ?h, ?o, ?c, ?o, ?l, ?a, ?t, ?e, ?_, ?c, ?h, ?i, ?p]) ==
|
assert KeyEstablishment.parse_response([0x80, 0x05, 0x00, 0x0E, ?c, ?h, ?o, ?c, ?o, ?l, ?a, ?t, ?e, ?_, ?c, ?h, ?i, ?p]) ==
|
||||||
{:ok, %{cookies: 1, cookie_length: 14}}
|
{:ok, %{cookies: ['chocolate_chip'], cookie_length: 14}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles cookie record without critical bit" do
|
test "handles cookie record without critical bit" do
|
||||||
assert KeyEstablishment.parse_response([0x00, 0x05, 0x00, 0x0E, ?c, ?h, ?o, ?c, ?o, ?l, ?a, ?t, ?e, ?_, ?c, ?h, ?i, ?p]) ==
|
assert KeyEstablishment.parse_response([0x00, 0x05, 0x00, 0x0E, ?c, ?h, ?o, ?c, ?o, ?l, ?a, ?t, ?e, ?_, ?c, ?h, ?i, ?p]) ==
|
||||||
{:ok, %{cookies: 1, cookie_length: 14}}
|
{:ok, %{cookies: ['chocolate_chip'], cookie_length: 14}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "sets cookie length to longest cookie" do
|
test "sets cookie length to longest cookie" do
|
||||||
|
@ -107,7 +110,7 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
|
||||||
[0x80, 0x05, 0x00, 0x03, ?c, ?c, ?c] ++
|
[0x80, 0x05, 0x00, 0x03, ?c, ?c, ?c] ++
|
||||||
[0x80, 0x05, 0x00, 0x01, ?c]
|
[0x80, 0x05, 0x00, 0x01, ?c]
|
||||||
) ==
|
) ==
|
||||||
{:ok, %{cookies: 3, cookie_length: 3}}
|
{:ok, %{cookies: ['c', 'ccc', 'c'], cookie_length: 3}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "handles full response" do
|
test "handles full response" do
|
||||||
|
@ -115,13 +118,14 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
|
||||||
[0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++
|
[0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++
|
||||||
[0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F] ++
|
[0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F] ++
|
||||||
[0x80, 0x05, 0x00, 0x01, ?c] ++
|
[0x80, 0x05, 0x00, 0x01, ?c] ++
|
||||||
|
[0x00, 0x21, 0x00, 0x04, 0x00, 0x01, 0x02, 0x03] ++
|
||||||
[0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1] ++
|
[0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1] ++
|
||||||
[0x80, 0x07, 0x00, 0x02, 0x04, 0xCE] ++
|
[0x80, 0x07, 0x00, 0x02, 0x04, 0xCE] ++
|
||||||
[0x80, 0x00, 0x00, 0x00]
|
[0x80, 0x00, 0x00, 0x00]
|
||||||
) ==
|
) ==
|
||||||
{:ok,
|
{:ok,
|
||||||
%{
|
%{
|
||||||
cookies: 1,
|
cookies: ['c'],
|
||||||
aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"],
|
aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"],
|
||||||
cookie_length: 1,
|
cookie_length: 1,
|
||||||
next_protocols: ["NTPv4"],
|
next_protocols: ["NTPv4"],
|
||||||
|
@ -133,6 +137,7 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
|
||||||
test "doesn't read past end of message record" do
|
test "doesn't read past end of message record" do
|
||||||
assert KeyEstablishment.parse_response(
|
assert KeyEstablishment.parse_response(
|
||||||
[0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++
|
[0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++
|
||||||
|
[0x00, 0x21, 0x00, 0x04, 0x00, 0x01, 0x02, 0x03] ++
|
||||||
[0x80, 0x04, 0x00, 0x02, 0x00, 0x1E] ++
|
[0x80, 0x04, 0x00, 0x02, 0x00, 0x1E] ++
|
||||||
[0x80, 0x00, 0x00, 0x00] ++
|
[0x80, 0x00, 0x00, 0x00] ++
|
||||||
[0x80, 0x05, 0x00, 0x01, ?c] ++
|
[0x80, 0x05, 0x00, 0x01, ?c] ++
|
||||||
|
@ -141,7 +146,6 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
|
||||||
) ==
|
) ==
|
||||||
{:ok,
|
{:ok,
|
||||||
%{
|
%{
|
||||||
cookies: 0,
|
|
||||||
aead_algorithms: ["AEAD_AES_128_GCM_SIV"],
|
aead_algorithms: ["AEAD_AES_128_GCM_SIV"],
|
||||||
next_protocols: ["NTPv4"]
|
next_protocols: ["NTPv4"]
|
||||||
}}
|
}}
|
||||||
|
|
Loading…
Reference in New Issue