March 2014 - tor-commits - lists.torproject.org

[bridgedb/master] Rearrange logging calls during pygeoip import in HTTPServer.py.
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit e2044209095f1a00ae65c998dc93f64796dd9e6e Author: Isis Lovecruft <isis(a)torproject.org> Date: Mon Mar 17 22:56:51 2014 +0000 Rearrange logging calls during pygeoip import in HTTPServer.py. --- lib/bridgedb/HTTPServer.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/bridgedb/HTTPServer.py b/lib/bridgedb/HTTPServer.py index 2744193..96ee029 100644 --- a/lib/bridgedb/HTTPServer.py +++ b/lib/bridgedb/HTTPServer.py @@ -72,12 +72,10 @@ try: # geoip-database packages. import pygeoip geoip = pygeoip.GeoIP(_geoipdb, flags=pygeoip.MEMORY_CACHE) + logging.info("GeoIP database loaded") except Exception as err: - logging.debug("Error while loading geoip module: %r" % err) - logging.warn("GeoIP database not found") + logging.warn("Error while loading geoip module: %r" % err) geoip = None -else: - logging.info("GeoIP database loaded") def replaceErrorPage(error, template_name=None):

1 0

[bridgedb/master] Update documentation for CaptchaProtectedResource.getCaptchaImage().
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit 573996bd57420ccf5d009a95f20fdc6367edd24a Author: Isis Lovecruft <isis(a)torproject.org> Date: Tue Mar 18 04:48:06 2014 +0000 Update documentation for CaptchaProtectedResource.getCaptchaImage(). --- lib/bridgedb/HTTPServer.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/bridgedb/HTTPServer.py b/lib/bridgedb/HTTPServer.py index a67d5ae..47009df 100644 --- a/lib/bridgedb/HTTPServer.py +++ b/lib/bridgedb/HTTPServer.py @@ -139,8 +139,8 @@ class CaptchaProtectedResource(twisted.web.resource.Resource): :returns: A 2-tuple of ``(image, challenge)``, where ``image`` is a binary, JPEG-encoded image, and ``challenge`` is a unique - string. If unable to retrieve a CAPTCHA, returns - ``(None, None)``. + string. If unable to retrieve a CAPTCHA, returns a tuple + containing two empty strings. """ return ('', '')

1 0

[bridgedb/master] Fix CaptchaProtectedResourceTests.test_render_GET_noCaptcha unittest.
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit 7753289270a992dd51326164803ff4c7076e4da8 Author: Isis Lovecruft <isis(a)torproject.org> Date: Tue Mar 18 04:39:38 2014 +0000 Fix CaptchaProtectedResourceTests.test_render_GET_noCaptcha unittest. We shouldn't return ``(None, None)`` in a stub method when all the other methods and child classes expect ``(str, str)``. --- lib/bridgedb/HTTPServer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/bridgedb/HTTPServer.py b/lib/bridgedb/HTTPServer.py index 96ee029..a67d5ae 100644 --- a/lib/bridgedb/HTTPServer.py +++ b/lib/bridgedb/HTTPServer.py @@ -142,7 +142,7 @@ class CaptchaProtectedResource(twisted.web.resource.Resource): string. If unable to retrieve a CAPTCHA, returns ``(None, None)``. """ - return (None, None) + return ('', '') def extractClientSolution(self, request): """Extract the client's CAPTCHA solution from a POST request.

1 0

[bridgedb/master] Add optional debugging logs to test_HTTPServer.py.
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit 619d0a588f0c0fe6cd9a2d1a812258c8042acb30 Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed Mar 19 17:43:28 2014 +0000 Add optional debugging logs to test_HTTPServer.py. --- lib/bridgedb/test/test_HTTPServer.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/bridgedb/test/test_HTTPServer.py b/lib/bridgedb/test/test_HTTPServer.py index da910c6..e0c81f8 100644 --- a/lib/bridgedb/test/test_HTTPServer.py +++ b/lib/bridgedb/test/test_HTTPServer.py @@ -11,6 +11,7 @@ """Unittests for :mod:`bridgedb.HTTPServer`.""" +import logging import os import shutil @@ -25,8 +26,11 @@ from twisted.web.test import requesthelper from bridgedb import HTTPServer -import logging + +# For additional logger output for debugging, comment out the following: logging.disable(50) +# and then uncomment the following line: +#HTTPServer.logging.getLogger().setLevel(10) class ReplaceErrorPageTests(unittest.TestCase):

1 0

[bridgedb/master] Start writing unittests for the bridgedb.HTTPServer module.
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit 9a4bd295a89f2be7f700bfa68d34bcba03954e40 Author: Isis Lovecruft <isis(a)torproject.org> Date: Tue Mar 18 04:12:46 2014 +0000 Start writing unittests for the bridgedb.HTTPServer module. The ReCaptchaProtectedResourceTests.test_render_POST_* unittests expose the bug in #11231. --- lib/bridgedb/test/test_HTTPServer.py | 371 ++++++++++++++++++++++++++++++++++ 1 file changed, 371 insertions(+) diff --git a/lib/bridgedb/test/test_HTTPServer.py b/lib/bridgedb/test/test_HTTPServer.py new file mode 100644 index 0000000..da910c6 --- /dev/null +++ b/lib/bridgedb/test/test_HTTPServer.py @@ -0,0 +1,371 @@ +# -*- encoding: utf-8 -*- +#_____________________________________________________________________________ +# +# This file is part of BridgeDB, a Tor bridge distribution system. +# +# :authors: Isis Lovecruft 0xA3ADB67A2CDB8B35 <isis(a)torproject.org> +# :copyright: (c) 2014, Isis Lovecruft +# (c) 2014, The Tor Project, Inc. +# :license: see LICENSE for licensing information +#_____________________________________________________________________________ + +"""Unittests for :mod:`bridgedb.HTTPServer`.""" + +import os +import shutil + +import ipaddr + +from BeautifulSoup import BeautifulSoup + +from twisted.internet import reactor +from twisted.trial import unittest +from twisted.web.resource import Resource +from twisted.web.test import requesthelper + +from bridgedb import HTTPServer + +import logging +logging.disable(50) + + +class ReplaceErrorPageTests(unittest.TestCase): + """Tests for :func:`bridgedb.HTTPServer.replaceErrorPage`.""" + + def test_replaceErrorPage(self): + """``replaceErrorPage`` should return the expected html.""" + exc = Exception("vegan gümmibären") + errorPage = HTTPServer.replaceErrorPage(exc) + self.assertSubstring("Something went wrong", errorPage) + self.assertNotSubstring("vegan gümmibären", errorPage) + + +class CaptchaProtectedResourceTests(unittest.TestCase): + """Tests for :mod:`bridgedb.HTTPServer.CaptchaProtectedResource`.""" + + def setUp(self): + self.dist = None + self.sched = None + self.pagename = b'somepage.html' + self.root = Resource() + self.protectedResource = HTTPServer.WebResourceBridges(self.dist, + self.sched) + self.captchaResource = HTTPServer.CaptchaProtectedResource( + useForwardedHeader=True, resource=self.protectedResource) + self.root.putChild(self.pagename, self.captchaResource) + + def test_render_GET_noCaptcha(self): + """render_GET() should return a page without a CAPTCHA, which has the + image alt text. + """ + request = requesthelper.DummyRequest([self.pagename]) + request.method = b'GET' + page = self.captchaResource.render_GET(request) + self.assertSubstring( + "Your browser is not displaying images properly", page) + + def test_render_GET_missingTemplate(self): + """render_GET() with a missing template should raise an error and + return the result of replaceErrorPage(). + """ + oldLookup = HTTPServer.lookup + try: + HTTPServer.lookup = None + request = requesthelper.DummyRequest([self.pagename]) + request.method = b'GET' + page = self.captchaResource.render_GET(request) + errorPage = HTTPServer.replaceErrorPage(Exception('kablam')) + self.assertEqual(page, errorPage) + finally: + HTTPServer.lookup = oldLookup + + def test_getClientIP_XForwardedFor(self): + """CaptchaProtectedResource.getClientIP() should return the IP address + from the 'X-Forwarded-For' header when ``useForwardedHeader=True``. + """ + requestIP = b'6.6.6.6' + request = requesthelper.DummyRequest([self.pagename]) + request.setHeader(b'X-Forwarded-For', requestIP) + request.method = b'GET' + + #child = root.getChild(pagename, request) + page = self.captchaResource.render_GET(request) + clientIP = self.captchaResource.getClientIP(request) + #self.assertEquals(requestIP, clientIP) + + def test_render_POST(self): + """render_POST() with a wrong 'captcha_response_field' should return + a redirect to the CaptchaProtectedResource page. + """ + pagename = 'captcha.html' + self.root.putChild(pagename, self.captchaResource) + + def redirect(request): + newRequest = type(request) + newRequest.uri = pagename + return newRequest + + request = requesthelper.DummyRequest(['captcha.html']) + request.method = b'POST' + request.redirect = redirect(request) + + page = self.captchaResource.render_POST(request) + self.assertEqual(BeautifulSoup(page).find('meta')['http-equiv'], + 'refresh') + + +class GimpCaptchaProtectedResourceTests(unittest.TestCase): + """Tests for :mod:`bridgedb.HTTPServer.GimpCaptchaProtectedResource`.""" + + def setUp(self): + """Create a :class:`HTTPServer.WebResourceBridges` and protect it with + a :class:`GimpCaptchaProtectedResource`. + """ + # Create our cached CAPTCHA directory: + self.captchaDir = 'captchas' + if not os.path.isdir(self.captchaDir): + os.makedirs(self.captchaDir) + + # Set up our resources to fake a minimal HTTP(S) server: + self.pagename = b'captcha.html' + self.root = Resource() + # (None, None) is the (distributor, scheduleInterval): + self.protectedResource = HTTPServer.WebResourceBridges(None, None) + self.captchaResource = HTTPServer.GimpCaptchaProtectedResource( + secretKey='42', + publicKey='23', + hmacKey='abcdefghijklmnopqrstuvwxyz012345', + captchaDir='captchas', + useForwardedHeader=True, + resource=self.protectedResource) + + self.root.putChild(self.pagename, self.captchaResource) + + # Set up the basic parts of our faked request: + self.request = requesthelper.DummyRequest([self.pagename]) + self.request.URLPath = lambda: request.uri # Fake the URLPath too + self.request.redirect = self.doRedirect(self.request) + + def doRedirect(self, request): + """Stub method to add a redirect() to DummyResponse.""" + newRequest = type(request) + newRequest.uri = self.pagename + return newRequest + + def tearDown(self): + """Delete the cached CAPTCHA directory if it still exists.""" + if os.path.isdir(self.captchaDir): + shutil.rmtree(self.captchaDir) + + def test_extractClientSolution(self): + """A (challenge, sollution) pair extracted from a request resulting + from a POST should have the same unmodified (challenge, sollution) as + the client originally POSTed. + """ + expectedChallenge = '23232323232323232323' + expectedResponse = 'awefawefaefawefaewf' + + self.request.method = b'POST' + self.request.addArg('captcha_challenge_field', expectedChallenge) + self.request.addArg('captcha_response_field', expectedResponse) + + response = self.captchaResource.extractClientSolution(self.request) + (challenge, response) = response + self.assertEqual(challenge, expectedChallenge) + self.assertEqual(response, expectedResponse) + + def test_checkSolution(self): + """checkSolution() should return False is the solution is invalid.""" + expectedChallenge = '23232323232323232323' + expectedResponse = 'awefawefaefawefaewf' + + self.request.method = b'POST' + self.request.addArg('captcha_challenge_field', expectedChallenge) + self.request.addArg('captcha_response_field', expectedResponse) + + valid = self.captchaResource.checkSolution(self.request) + self.assertFalse(valid) + + def test_getCaptchaImage(self): + """Retrieving a (captcha, challenge) pair with an empty captchaDir + should return None for both of the (captcha, challenge) strings. + """ + self.request.method = b'GET' + response = self.captchaResource.getCaptchaImage(self.request) + (image, challenge) = response + # Because we created the directory, there weren't any CAPTCHAs to + # retrieve from it: + self.assertIs(image, None) + self.assertIs(challenge, None) + + def test_getCaptchaImage_noCaptchaDir(self): + """Retrieving a (captcha, challenge) with an missing captchaDir should + raise a bridgedb.captcha.GimpCaptchaError. + """ + shutil.rmtree(self.captchaDir) + self.request.method = b'GET' + self.assertRaises(HTTPServer.captcha.GimpCaptchaError, + self.captchaResource.getCaptchaImage, self.request) + + def test_render_GET_missingTemplate(self): + """render_GET() with a missing template should raise an error and + return the result of replaceErrorPage(). + """ + oldLookup = HTTPServer.lookup + try: + HTTPServer.lookup = None + self.request.method = b'GET' + page = self.captchaResource.render_GET(self.request) + errorPage = HTTPServer.replaceErrorPage(Exception('kablam')) + self.assertEqual(page, errorPage) + finally: + HTTPServer.lookup = oldLookup + + def test_render_POST_blankFields(self): + """render_POST() with a blank 'captcha_response_field' should return + a redirect to the CaptchaProtectedResource page. + """ + self.request.method = b'POST' + self.request.addArg('captcha_challenge_field', '') + self.request.addArg('captcha_response_field', '') + + page = self.captchaResource.render_POST(self.request) + self.assertEqual(BeautifulSoup(page).find('meta')['http-equiv'], + 'refresh') + + def test_render_POST_wrongSolution(self): + """render_POST() with a wrong 'captcha_response_field' should return + a redirect to the CaptchaProtectedResource page. + """ + expectedChallenge = '23232323232323232323' + expectedResponse = 'awefawefaefawefaewf' + + self.request.method = b'POST' + self.request.addArg('captcha_challenge_field', expectedChallenge) + self.request.addArg('captcha_response_field', expectedResponse) + + page = self.captchaResource.render_POST(self.request) + self.assertEqual(BeautifulSoup(page).find('meta')['http-equiv'], + 'refresh') + + +class ReCaptchaProtectedResourceTests(unittest.TestCase): + """Tests for :mod:`bridgedb.HTTPServer.ReCaptchaProtectedResource`.""" + + def setUp(self): + """Create a :class:`HTTPServer.WebResourceBridges` and protect it with + a :class:`ReCaptchaProtectedResource`. + """ + # Create our cached CAPTCHA directory: + self.captchaDir = 'captchas' + if not os.path.isdir(self.captchaDir): + os.makedirs(self.captchaDir) + + # Set up our resources to fake a minimal HTTP(S) server: + self.pagename = b'captcha.html' + self.root = Resource() + # (None, None) is the (distributor, scheduleInterval): + self.protectedResource = HTTPServer.WebResourceBridges(None, None) + self.captchaResource = HTTPServer.ReCaptchaProtectedResource( + recaptchaPrivKey='42', + recaptchaPubKey='23', + remoteip='111.111.111.111', + useForwardedHeader=True, + resource=self.protectedResource) + + self.root.putChild(self.pagename, self.captchaResource) + + # Set up the basic parts of our faked request: + self.request = requesthelper.DummyRequest([self.pagename]) + self.request.URLPath = lambda: request.uri # Fake the URLPath too + self.request.redirect = self.doRedirect(self.request) + + def doRedirect(self, request): + """Stub method to add a redirect() to DummyResponse.""" + newRequest = type(request) + newRequest.uri = self.pagename + return newRequest + + def tearDown(self): + """Cleanup method for removing timed out connections on the reactor. + + This seems to be the solution for the dirty reactor due to + ``DelayedCall``s which is mentioned at the beginning of this + file. There doesn't seem to be any documentation anywhere which + proposes this solution, although this seems to solve the problem. + """ + for delay in reactor.getDelayedCalls(): + try: + delay.cancel() + except (AlreadyCalled, AlreadyCancelled): + pass + + def test_checkSolution_blankFields(self): + """:meth:`HTTPServer.ReCaptchaProtectedResource.checkSolution` should + return a redirect if is the solution field is blank. + """ + self.request.method = b'POST' + self.request.addArg('captcha_challenge_field', '') + self.request.addArg('captcha_response_field', '') + + self.assertIsInstance( + self.captchaResource.checkSolution(self.request), + HTTPServer.txrecaptcha.RecaptchaResponse) + + def test_getRemoteIP_useRandomIP(self): + """Check that removing our remoteip setting produces a random IP.""" + self.captchaResource.recaptchaRemoteIP = None + ip = self.captchaResource.getRemoteIP() + realishIP = ipaddr.IPv4Address(ip).compressed + self.assertTrue(realishIP) + self.assertNotEquals(realishIP, '111.111.111.111') + + def test_getRemoteIP_useConfiguredIP(self): + """Check that our remoteip setting is used if configured.""" + ip = self.captchaResource.getRemoteIP() + realishIP = ipaddr.IPv4Address(ip).compressed + self.assertTrue(realishIP) + self.assertEquals(realishIP, '111.111.111.111') + + def test_render_GET_missingTemplate(self): + """render_GET() with a missing template should raise an error and + return the result of replaceErrorPage(). + """ + oldLookup = HTTPServer.lookup + try: + HTTPServer.lookup = None + self.request.method = b'GET' + page = self.captchaResource.render_GET(self.request) + errorPage = HTTPServer.replaceErrorPage(Exception('kablam')) + self.assertEqual(page, errorPage) + finally: + HTTPServer.lookup = oldLookup + + def test_render_POST_blankFields(self): + """render_POST() with a blank 'captcha_response_field' should return + a redirect to the CaptchaProtectedResource page. + """ + self.request.method = b'POST' + self.request.addArg('captcha_challenge_field', '') + self.request.addArg('captcha_response_field', '') + + page = self.captchaResource.render_POST(self.request) + print page + self.assertEqual(BeautifulSoup(page).find('meta')['http-equiv'], + 'refresh') + + def test_render_POST_wrongSolution(self): + """render_POST() with a wrong 'captcha_response_field' should return + a redirect to the CaptchaProtectedResource page. + """ + expectedChallenge = '23232323232323232323' + expectedResponse = 'awefawefaefawefaewf' + + self.request.method = b'POST' + self.request.addArg('captcha_challenge_field', expectedChallenge) + self.request.addArg('captcha_response_field', expectedResponse) + + page = self.captchaResource.render_POST(self.request) + print page + self.assertEqual(BeautifulSoup(page).find('meta')['http-equiv'], + 'refresh')

1 0

[bridgedb/master] Explicitly require CaptchaProtectedResource.checkSolution() to be True.
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit acf37dc00b4d9e2b8e3619a56f1711bb503d9e5b Author: Isis Lovecruft <isis(a)torproject.org> Date: Tue Mar 18 04:50:04 2014 +0000 Explicitly require CaptchaProtectedResource.checkSolution() to be True. * FIXES #11231. --- lib/bridgedb/HTTPServer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/bridgedb/HTTPServer.py b/lib/bridgedb/HTTPServer.py index 47009df..27dd61e 100644 --- a/lib/bridgedb/HTTPServer.py +++ b/lib/bridgedb/HTTPServer.py @@ -215,7 +215,7 @@ class CaptchaProtectedResource(twisted.web.resource.Resource): :returns: A rendered HTML page containing a ReCaptcha challenge image for the client to solve. """ - if self.checkSolution(request): + if self.checkSolution(request) is True: try: rendered = self.resource.render(request) except Exception as err:

1 0

[bridgedb/master] Change the requested pagename in CaptchaProtectedResourceTests unittests.
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit 25eb893487855f7449610c60895b7bd79f6458e3 Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed Mar 19 17:44:36 2014 +0000 Change the requested pagename in CaptchaProtectedResourceTests unittests. --- lib/bridgedb/test/test_HTTPServer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/bridgedb/test/test_HTTPServer.py b/lib/bridgedb/test/test_HTTPServer.py index e0c81f8..119d2fc 100644 --- a/lib/bridgedb/test/test_HTTPServer.py +++ b/lib/bridgedb/test/test_HTTPServer.py @@ -50,7 +50,7 @@ class CaptchaProtectedResourceTests(unittest.TestCase): def setUp(self): self.dist = None self.sched = None - self.pagename = b'somepage.html' + self.pagename = b'bridges.html' self.root = Resource() self.protectedResource = HTTPServer.WebResourceBridges(self.dist, self.sched)

1 0

[bridgedb/master] Fix X-Forwarded-For unittests in CaptchaProtectedResourceTests.
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit bbfa41304d0b4a7ec30bceadfc6bc5b3b923a7d7 Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed Mar 19 18:00:49 2014 +0000 Fix X-Forwarded-For unittests in CaptchaProtectedResourceTests. Apparently, we can't do: request.setHeader('X-Forwarded-For', '1.1.1.1') because then BridgeDB never finds the header. Instead, we must do: request.headers.update({'X-Forwarded-For': '1.1.1.1'}) --- lib/bridgedb/test/test_HTTPServer.py | 34 +++++++++++++++++++++++++++------- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/lib/bridgedb/test/test_HTTPServer.py b/lib/bridgedb/test/test_HTTPServer.py index cd55b46..507b1f0 100644 --- a/lib/bridgedb/test/test_HTTPServer.py +++ b/lib/bridgedb/test/test_HTTPServer.py @@ -86,19 +86,39 @@ class CaptchaProtectedResourceTests(unittest.TestCase): finally: HTTPServer.lookup = oldLookup + def createRequestWithIPs(self): + """Set the IP address returned from ``request.getClientIP()`` to + '3.3.3.3', and the IP address reported in the 'X-Forwarded-For' header + to '2.2.2.2'. + """ + request = DummyRequest([self.pagename]) + # Since we do not set ``request.getClientIP`` here like we do in some + # of the other unittests, an exception would be raised here if + # ``getBridgesForRequest()`` is unable to get the IP address from this + # 'X-Forwarded-For' header (because ``ip`` would get set to ``None``). + request.headers.update({'x-forwarded-for': '2.2.2.2'}) + # See :api:`twisted.test.requesthelper.DummyRequest.getClientIP` + request.client = requesthelper.IPv4Address('TCP', '3.3.3.3', 443) + request.method = b'GET' + return request + def test_getClientIP_XForwardedFor(self): """CaptchaProtectedResource.getClientIP() should return the IP address from the 'X-Forwarded-For' header when ``useForwardedHeader=True``. """ - requestIP = b'6.6.6.6' - request = requesthelper.DummyRequest([self.pagename]) - request.setHeader(b'X-Forwarded-For', requestIP) - request.method = b'GET' + self.captchaResource.useForwardedHeader = True + request = self.createRequestWithIPs() + clientIP = self.captchaResource.getClientIP(request) + self.assertEqual(clientIP, '2.2.2.2') - #child = root.getChild(pagename, request) - page = self.captchaResource.render_GET(request) + def test_getClientIP_fromRequest(self): + """CaptchaProtectedResource.getClientIP() should return the IP address + from the request instance when ``useForwardedHeader=False``. + """ + self.captchaResource.useForwardedHeader = False + request = self.createRequestWithIPs() clientIP = self.captchaResource.getClientIP(request) - #self.assertEquals(requestIP, clientIP) + self.assertEqual(clientIP, '3.3.3.3') def test_render_POST(self): """render_POST() with a wrong 'captcha_response_field' should return

1 0

[bridgedb/master] Always expect a Deferred from ReCaptcha.checkSolution().
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit 738101ac291235cc1415f4db5c9c023b6521e34f Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed Mar 19 18:03:15 2014 +0000 Always expect a Deferred from ReCaptcha.checkSolution(). Currently, we `checkSolution()` will return a RecaptchaResponse if the HTTP POST argument fields are blank. Otherwise, it returns a deferred. This is bad. It means we have to do all kinds of checks to see if we can add callbacks on the returned object. It should always return a deferred which callbacks with a RecaptchaResponse, and so we should test for that and fail if that is not what is happening. --- lib/bridgedb/test/test_HTTPServer.py | 6 +++--- lib/bridgedb/test/test_txrecaptcha.py | 21 +++++++++++++++------ 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/lib/bridgedb/test/test_HTTPServer.py b/lib/bridgedb/test/test_HTTPServer.py index 507b1f0..9b5a6e4 100644 --- a/lib/bridgedb/test/test_HTTPServer.py +++ b/lib/bridgedb/test/test_HTTPServer.py @@ -309,9 +309,9 @@ class ReCaptchaProtectedResourceTests(unittest.TestCase): self.request.addArg('captcha_challenge_field', '') self.request.addArg('captcha_response_field', '') - self.assertIsInstance( - self.captchaResource.checkSolution(self.request), - HTTPServer.txrecaptcha.RecaptchaResponse) + self.assertIs(False, + self.successResultOf( + self.captchaResource.checkSolution(self.request))) def test_getRemoteIP_useRandomIP(self): """Check that removing our remoteip setting produces a random IP.""" diff --git a/lib/bridgedb/test/test_txrecaptcha.py b/lib/bridgedb/test/test_txrecaptcha.py index c7dcbb1..81484dc 100644 --- a/lib/bridgedb/test/test_txrecaptcha.py +++ b/lib/bridgedb/test/test_txrecaptcha.py @@ -181,12 +181,21 @@ class SubmitTests(unittest.TestCase): self.ip = "1.2.3.4" def test_submit_emptyResponseField(self): - """An empty 'recaptcha_response_field' should immediately return a - RecaptchaResponse whose error_code is 'incorrect-captcha-sol'.""" - response = txrecaptcha.submit(self.challenge, '', self.key, self.ip) - self.assertIsInstance(response, txrecaptcha.RecaptchaResponse) - self.assertIs(response.is_valid, False) - self.assertEqual(response.error_code, 'incorrect-captcha-sol') + """An empty 'recaptcha_response_field' should return a deferred which + callbacks with a RecaptchaResponse whose error_code is + 'incorrect-captcha-sol'. + """ + def checkResponse(response): + """Check that the response is a + :class:`txcaptcha.RecaptchaResponse`. + """ + self.assertIsInstance(response, txrecaptcha.RecaptchaResponse) + self.assertIs(response.is_valid, False) + self.assertEqual(response.error_code, 'incorrect-captcha-sol') + + d = txrecaptcha.submit(self.challenge, '', self.key, self.ip) + d.addCallback(checkResponse) + return d def test_submit_returnsDeferred(self): """:func:`txrecaptcha.submit` should return a deferred."""

1 0

[bridgedb/master] Add unittests for HTTPServer.WebResourceBridges.
by isis＠torproject.org 26 Mar '14

26 Mar '14

commit a4dd886c34ce6f1c30d752d68f42dd8eefd260fc Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed Mar 19 18:08:26 2014 +0000 Add unittests for HTTPServer.WebResourceBridges. --- lib/bridgedb/test/test_HTTPServer.py | 136 ++++++++++++++++++++++++++++++++++ 1 file changed, 136 insertions(+) diff --git a/lib/bridgedb/test/test_HTTPServer.py b/lib/bridgedb/test/test_HTTPServer.py index 9b5a6e4..9f241d9 100644 --- a/lib/bridgedb/test/test_HTTPServer.py +++ b/lib/bridgedb/test/test_HTTPServer.py @@ -28,6 +28,7 @@ from twisted.web.resource import Resource from twisted.web.test import requesthelper from bridgedb import HTTPServer +from bridgedb.Time import IntervalSchedule # For additional logger output for debugging, comment out the following: @@ -459,3 +460,138 @@ class DummyRequest(requesthelper.DummyRequest): newRequest = type(request) newRequest.uri = request.uri return newRequest + + +class WebResourceBridgesTests(unittest.TestCase): + """Tests for :class:`HTTPServer.WebResourceBridges`.""" + + def setUp(self): + """Set up our resources to fake a minimal HTTP(S) server.""" + self.pagename = b'bridges.html' + self.root = Resource() + + self.dist = DummyIPBasedDistributor() + self.sched = IntervalSchedule('hour', 1) + self.nBridgesPerRequest = 2 + self.bridgesResource = HTTPServer.WebResourceBridges( + self.dist, self.sched, N=2, + #useForwardedHeader=True, + includeFingerprints=True) + + self.root.putChild(self.pagename, self.bridgesResource) + + def parseBridgesFromHTMLPage(self, page): + """Utility to pull the bridge lines out of an HTML response page. + + :param str page: A rendered HTML page, as a string. + :raises: Any error which might occur. + :rtype: list + :returns: A list of the bridge lines contained on the **page**. + """ + # The bridge lines are contained in a <pre> tag: + soup = BeautifulSoup(page).find('pre') + soup = str(soup).replace('<pre>', '').strip() + soup = str(soup).replace('</pre>', '').strip() + bridges = [b.strip() for b in soup.splitlines()] + return bridges + + def test_render_GET_vanilla(self): + """Test rendering a request for normal, vanilla bridges.""" + request = DummyRequest([self.pagename]) + request.method = b'GET' + request.getClientIP = lambda: '1.1.1.1' + + page = self.bridgesResource.render(request) + + # The response should explain how to use the bridge lines: + self.assertSubstring("To use the above lines", page) + + for b in self.parseBridgesFromHTMLPage(page): + # Check that each bridge line had the expected number of fields: + fields = b.split(' ') + self.assertEqual(len(fields), 2) + + # Check that the IP and port seem okay: + ip, port = fields[0].rsplit(':') + self.assertIsInstance(ipaddr.IPv4Address(ip), ipaddr.IPv4Address) + self.assertIsInstance(int(port), int) + self.assertGreater(int(port), 0) + self.assertLessEqual(int(port), 65535) + + def test_render_GET_XForwardedFor(self): + """The client's IP address should be obtainable from the + 'X-Forwarded-For' header in the request. + """ + self.bridgesResource.useForwardedHeader = True + request = DummyRequest([self.pagename]) + request.method = b'GET' + # Since we do not set ``request.getClientIP`` here like we do in some + # of the other unittests, an exception would be raised here if + # ``getBridgesForRequest()`` is unable to get the IP address from this + # 'X-Forwarded-For' header (because ``ip`` would get set to ``None``). + request.headers.update({'x-forwarded-for': '2.2.2.2'}) + + page = self.bridgesResource.render(request) + self.bridgesResource.useForwardedHeader = False # Reset it + self.assertSubstring("To use the above lines", page) + + def test_render_GET_RTLlang(self): + """Test rendering a request for obfs3 bridges in Arabic.""" + request = DummyRequest(["bridges?transport=obfs3"]) + request.method = b'GET' + request.getClientIP = lambda: '3.3.3.3' + request.headers.update({'accept-language': 'ar'}) + # We actually have to set the request args manually when using a + # DummyRequest: + request.args.update({'transport': 'obfs3'}) + + page = self.bridgesResource.render(request) + self.assertSubstring("direction: rtl", page) + self.assertSubstring("لاستخدام الأسطر أعلاه", page) + + for bridgeLine in self.parseBridgesFromHTMLPage(page): + # Check that each bridge line had the expected number of fields: + bridgeLine = bridgeLine.split(' ') + self.assertEqual(len(bridgeLine), 3) + + print(""" + FIXME: The first field should be the transport method: + DummyBridge.getConfigLine() receives transport='o', not 'obfs3'. + What the hell? + """) + #self.assertEqual(bridgeLine[0], 'obfs3') + + # Check that the IP and port seem okay: + ip, port = bridgeLine[1].rsplit(':') + self.assertIsInstance(ipaddr.IPv4Address(ip), ipaddr.IPv4Address) + self.assertIsInstance(int(port), int) + self.assertGreater(int(port), 0) + self.assertLessEqual(int(port), 65535) + + def test_renderAnswer_textplain(self): + """If the request format specifies 'plain', we should return content + with mimetype 'text/plain'. + """ + request = DummyRequest([self.pagename]) + request.args.update({'format': 'plain'}) + request.getClientIP = lambda: '4.4.4.4' + request.method = b'GET' + + page = self.bridgesResource.render(request) + + print(""" + FIXME: The result page should have a mimetype of 'text/plain', and yet + it's still HTML. + """) + #self.assertNotSubstring("html", page) + + for bridgeLine in self.parseBridgesFromHTMLPage(page): + bridgeLine = bridgeLine.split(' ') + self.assertEqual(len(bridgeLine), 2) + + # Check that the IP and port seem okay: + ip, port = bridgeLine[0].rsplit(':') + self.assertIsInstance(ipaddr.IPv4Address(ip), ipaddr.IPv4Address) + self.assertIsInstance(int(port), int) + self.assertGreater(int(port), 0) + self.assertLessEqual(int(port), 65535)

1 0