1 // Copyright 2019 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
14 "golang.org/x/mod/sumdb/note"
15 "golang.org/x/mod/sumdb/tlog"
19 testName = "localhost.localdev/sumdb"
20 testVerifierKey = "localhost.localdev/sumdb+00000c67+AcTrnkbUA+TU4heY3hkjiSES/DSQniBqIeQ/YppAUtK6"
21 testSignerKey = "PRIVATE+KEY+localhost.localdev/sumdb+00000c67+AXu6+oaVaOYuQOFrf1V59JK1owcFlJcHwwXHDfDGxSPk"
24 func TestClientLookup(t *testing.T) {
25 tc := newTestClient(t)
29 tc.mustLookup("rsc.io/sampler", "v1.3.0", "rsc.io/sampler v1.3.0 h1:7uVkIFmeBqHfdjD+gZwtXXI+RODJ2Wc4O7MPEh/QiW4=")
32 // Everything should now be cached, both for the original package and its /go.mod.
34 tc.mustLookup("rsc.io/sampler", "v1.3.0", "rsc.io/sampler v1.3.0 h1:7uVkIFmeBqHfdjD+gZwtXXI+RODJ2Wc4O7MPEh/QiW4=")
35 tc.mustLookup("rsc.io/sampler", "v1.3.0/go.mod", "rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=")
38 tc.getTileOK = false // the cache has what we need
40 // Lookup with multiple returned lines.
41 tc.mustLookup("rsc.io/quote", "v1.5.2", "rsc.io/quote v1.5.2 h1:w5fcysjrx7yqtD/aO+QwRjYZOKnaM9Uh2b40tElTs3Y=\nrsc.io/quote v1.5.2 h2:xyzzy")
44 // Lookup with need for !-encoding.
45 // rsc.io/Quote is the only record written after rsc.io/samper,
46 // so it is the only one that should need more tiles.
48 tc.mustLookup("rsc.io/Quote", "v1.5.2", "rsc.io/Quote v1.5.2 h1:uppercase!=")
52 func TestClientBadTiles(t *testing.T) {
53 tc := newTestClient(t)
56 for url, data := range tc.remote {
57 if strings.Contains(url, "/tile/") {
65 // Bad tiles in initial download.
68 _, err := tc.client.Lookup("rsc.io/sampler", "v1.3.0")
69 tc.mustError(err, "rsc.io/sampler@v1.3.0: initializing sumdb.Client: checking tree#1: downloaded inconsistent tile")
72 tc.mustLookup("rsc.io/sampler", "v1.3.0", "rsc.io/sampler v1.3.0 h1:7uVkIFmeBqHfdjD+gZwtXXI+RODJ2Wc4O7MPEh/QiW4=")
74 // Bad tiles after initial download.
76 _, err = tc.client.Lookup("rsc.io/Quote", "v1.5.2")
77 tc.mustError(err, "rsc.io/Quote@v1.5.2: checking tree#3 against tree#4: downloaded inconsistent tile")
80 tc.mustLookup("rsc.io/Quote", "v1.5.2", "rsc.io/Quote v1.5.2 h1:uppercase!=")
82 // Bad starting tree hash looks like bad tiles.
84 text := tlog.FormatTree(tlog.Tree{N: 1, Hash: tlog.Hash{}})
85 data, err := note.Sign(¬e.Note{Text: string(text)}, tc.signer)
89 tc.config[testName+"/latest"] = data
90 _, err = tc.client.Lookup("rsc.io/sampler", "v1.3.0")
91 tc.mustError(err, "rsc.io/sampler@v1.3.0: initializing sumdb.Client: checking tree#1: downloaded inconsistent tile")
94 func TestClientFork(t *testing.T) {
95 tc := newTestClient(t)
98 tc.addRecord("rsc.io/pkg1@v1.5.2", `rsc.io/pkg1 v1.5.2 h1:hash!=
100 tc.addRecord("rsc.io/pkg1@v1.5.4", `rsc.io/pkg1 v1.5.4 h1:hash!=
102 tc.mustLookup("rsc.io/pkg1", "v1.5.2", "rsc.io/pkg1 v1.5.2 h1:hash!=")
104 tc2.addRecord("rsc.io/pkg1@v1.5.3", `rsc.io/pkg1 v1.5.3 h1:hash!=
106 tc2.addRecord("rsc.io/pkg1@v1.5.4", `rsc.io/pkg1 v1.5.4 h1:hash!=
108 tc2.mustLookup("rsc.io/pkg1", "v1.5.4", "rsc.io/pkg1 v1.5.4 h1:hash!=")
110 key := "/lookup/rsc.io/pkg1@v1.5.2"
111 tc2.remote[key] = tc.remote[key]
112 _, err := tc2.client.Lookup("rsc.io/pkg1", "v1.5.2")
113 tc2.mustError(err, ErrSecurity.Error())
117 go.sum database server misbehavior detected!
120 go.sum database tree!
122 nWzN20+pwMt62p7jbv1/NlN95ePTlHijabv5zO/s36w=
124 — localhost.localdev/sumdb AAAMZ5/2FVAdMH58kmnz/0h299pwyskEbzDzoa2/YaPdhvLya4YWDFQQxu2TQb5GpwAH4NdWnTwuhILafisyf3CNbgg=
129 wc4SkQt52o5W2nQ8To2ARs+mWuUJjss+sdleoiqxMmM=
131 — localhost.localdev/sumdb AAAMZ6oRNswlEZ6ZZhxrCvgl1MBy+nusq4JU+TG6Fe2NihWLqOzb+y2c2kzRLoCr4tvw9o36ucQEnhc20e4nA4Qc/wc=
133 proof of misbehavior:
134 T7i+H/8ER4nXOiw4Bj0koZOkGjkxoNvlI34GpvhHhQg=
135 Nsuejv72de9hYNM5bqFv8rv3gm3zJQwv/DT/WNbLDLA=
136 mOmqqZ1aI/lzS94oq/JSbj7pD8Rv9S+xDyi12BtVSHo=
137 /7Aw5jVSMM9sFjQhaMg+iiDYPMk6decH7QLOGrL9Lx0=
142 "go.sum database server misbehavior detected!",
143 "old database:\n\tgo.sum database tree\n\t5\n",
144 "— localhost.localdev/sumdb AAAMZ5/2FVAd",
145 "new database:\n\tgo.sum database tree\n\t6\n",
146 "— localhost.localdev/sumdb AAAMZ6oRNswl",
147 "proof of misbehavior:\n\tT7i+H/8ER4nXOiw4Bj0k",
149 text := tc2.security.String()
150 for _, want := range wants {
151 if !strings.Contains(text, want) {
152 t.Fatalf("cannot find %q in security text:\n%s", want, text)
157 func TestClientGONOSUMDB(t *testing.T) {
158 tc := newTestClient(t)
159 tc.client.SetGONOSUMDB("p,*/q")
160 tc.client.Lookup("rsc.io/sampler", "v1.3.0") // initialize before we turn off network
177 for _, path := range ok {
178 _, err := tc.client.Lookup(path, "v1.0.0")
179 if err == ErrGONOSUMDB {
180 t.Errorf("Lookup(%q): ErrGONOSUMDB, wanted failed actual lookup", path)
183 for _, path := range skip {
184 _, err := tc.client.Lookup(path, "v1.0.0")
185 if err != ErrGONOSUMDB {
186 t.Errorf("Lookup(%q): %v, wanted ErrGONOSUMDB", path, err)
191 // A testClient is a self-contained client-side testing environment.
192 type testClient struct {
193 t *testing.T // active test
194 client *Client // client being tested
195 tileHeight int // tile height to use (default 2)
196 getOK bool // should tc.GetURL succeed?
197 getTileOK bool // should tc.GetURL of tiles succeed?
200 remote map[string][]byte
203 // mu protects config, cache, log, security
204 // during concurrent use of the exported methods
205 // by the client itself (testClient is the Client's ClientOps,
206 // and the Client methods can both read and write these fields).
207 // Unexported methods invoked directly by the test
208 // (for example, addRecord) need not hold the mutex:
209 // for proper test execution those methods should only
210 // be called when the Client is idle and not using its ClientOps.
211 // Not holding the mutex in those methods ensures
212 // that if a mistake is made, go test -race will report it.
213 // (Holding the mutex would eliminate the race report but
214 // not the underlying problem.)
215 // Similarly, the get map is not protected by the mutex,
216 // because the Client methods only read it.
217 mu sync.Mutex // prot
218 config map[string][]byte
219 cache map[string][]byte
220 security bytes.Buffer
223 // newTestClient returns a new testClient that will call t.Fatal on error
224 // and has a few records already available on the remote server.
225 func newTestClient(t *testing.T) *testClient {
231 config: make(map[string][]byte),
232 cache: make(map[string][]byte),
233 remote: make(map[string][]byte),
236 tc.config["key"] = []byte(testVerifierKey + "\n")
238 tc.signer, err = note.NewSigner(testSignerKey)
245 tc.addRecord("rsc.io/quote@v1.5.2", `rsc.io/quote v1.5.2 h1:w5fcysjrx7yqtD/aO+QwRjYZOKnaM9Uh2b40tElTs3Y=
246 rsc.io/quote v1.5.2/go.mod h1:LzX7hefJvL54yjefDEDHNONDjII0t9xZLPXsUe+TKr0=
247 rsc.io/quote v1.5.2 h2:xyzzy
250 tc.addRecord("golang.org/x/text@v0.0.0-20170915032832-14c0d48ead0c", `golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c h1:qgOY6WgZOaTkIIMiVjBQcw93ERBE4m30iBm00nkL0i8=
251 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
253 tc.addRecord("rsc.io/sampler@v1.3.0", `rsc.io/sampler v1.3.0 h1:7uVkIFmeBqHfdjD+gZwtXXI+RODJ2Wc4O7MPEh/QiW4=
254 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
256 tc.config[testName+"/latest"] = tc.signTree(1)
258 tc.addRecord("rsc.io/!quote@v1.5.2", `rsc.io/Quote v1.5.2 h1:uppercase!=
263 // newClient resets the Client associated with tc.
264 // This clears any in-memory cache from the Client
265 // but not tc's on-disk cache.
266 func (tc *testClient) newClient() {
267 tc.client = NewClient(tc)
268 tc.client.SetTileHeight(tc.tileHeight)
271 // mustLookup does a lookup for path@vers and checks that the lines that come back match want.
272 func (tc *testClient) mustLookup(path, vers, want string) {
274 lines, err := tc.client.Lookup(path, vers)
278 if strings.Join(lines, "\n") != want {
279 tc.t.Fatalf("Lookup(%q, %q):\n\t%s\nwant:\n\t%s", path, vers, strings.Join(lines, "\n\t"), strings.Replace(want, "\n", "\n\t", -1))
283 // mustHaveLatest checks that the on-disk configuration
284 // for latest is a tree of size n.
285 func (tc *testClient) mustHaveLatest(n int64) {
288 latest := tc.config[testName+"/latest"]
289 lines := strings.Split(string(latest), "\n")
290 if len(lines) < 2 || lines[1] != fmt.Sprint(n) {
291 tc.t.Fatalf("/latest should have tree %d, but has:\n%s", n, latest)
295 // mustError checks that err's error string contains the text.
296 func (tc *testClient) mustError(err error, text string) {
298 if err == nil || !strings.Contains(err.Error(), text) {
299 tc.t.Fatalf("err = %v, want %q", err, text)
303 // fork returns a copy of tc.
304 // Changes made to the new copy or to tc are not reflected in the other.
305 func (tc *testClient) fork() *testClient {
309 getTileOK: tc.getTileOK,
310 tileHeight: tc.tileHeight,
311 treeSize: tc.treeSize,
312 hashes: append([]tlog.Hash{}, tc.hashes...),
314 config: copyMap(tc.config),
315 cache: copyMap(tc.cache),
316 remote: copyMap(tc.remote),
322 func copyMap(m map[string][]byte) map[string][]byte {
323 m2 := make(map[string][]byte)
324 for k, v := range m {
330 // ReadHashes is tc's implementation of tlog.HashReader, for use with
331 // tlog.TreeHash and so on.
332 func (tc *testClient) ReadHashes(indexes []int64) ([]tlog.Hash, error) {
334 for _, id := range indexes {
335 list = append(list, tc.hashes[id])
340 // addRecord adds a log record using the given (!-encoded) key and data.
341 func (tc *testClient) addRecord(key, data string) {
344 // Create record, add hashes to log tree.
347 rec, err := tlog.FormatRecord(id, []byte(data))
351 hashes, err := tlog.StoredHashesForRecordHash(id, tlog.RecordHash([]byte(data)), tc)
355 tc.hashes = append(tc.hashes, hashes...)
357 // Create lookup result.
358 tc.remote["/lookup/"+key] = append(rec, tc.signTree(tc.treeSize)...)
361 tiles := tlog.NewTiles(tc.tileHeight, id, tc.treeSize)
362 for _, tile := range tiles {
363 data, err := tlog.ReadTileData(tile, tc)
367 tc.remote["/"+tile.Path()] = data
368 // TODO delete old partial tiles
372 // signTree returns the signed head for the tree of the given size.
373 func (tc *testClient) signTree(size int64) []byte {
374 h, err := tlog.TreeHash(size, tc)
378 text := tlog.FormatTree(tlog.Tree{N: size, Hash: h})
379 data, err := note.Sign(¬e.Note{Text: string(text)}, tc.signer)
386 // ReadRemote is for tc's implementation of Client.
387 func (tc *testClient) ReadRemote(path string) ([]byte, error) {
388 // No mutex here because only the Client should be running
389 // and the Client cannot change tc.get.
391 return nil, fmt.Errorf("disallowed remote read %s", path)
393 if strings.Contains(path, "/tile/") && !tc.getTileOK {
394 return nil, fmt.Errorf("disallowed remote tile read %s", path)
397 data, ok := tc.remote[path]
399 return nil, fmt.Errorf("no remote path %s", path)
404 // ReadConfig is for tc's implementation of Client.
405 func (tc *testClient) ReadConfig(file string) ([]byte, error) {
409 data, ok := tc.config[file]
411 return nil, fmt.Errorf("no config %s", file)
416 // WriteConfig is for tc's implementation of Client.
417 func (tc *testClient) WriteConfig(file string, old, new []byte) error {
421 data := tc.config[file]
422 if !bytes.Equal(old, data) {
423 return ErrWriteConflict
425 tc.config[file] = new
429 // ReadCache is for tc's implementation of Client.
430 func (tc *testClient) ReadCache(file string) ([]byte, error) {
434 data, ok := tc.cache[file]
436 return nil, fmt.Errorf("no cache %s", file)
441 // WriteCache is for tc's implementation of Client.
442 func (tc *testClient) WriteCache(file string, data []byte) {
446 tc.cache[file] = data
449 // Log is for tc's implementation of Client.
450 func (tc *testClient) Log(msg string) {
454 // SecurityError is for tc's implementation of Client.
455 func (tc *testClient) SecurityError(msg string) {
459 fmt.Fprintf(&tc.security, "%s\n", strings.TrimRight(msg, "\n"))