| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | package nebula | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							|  |  |  | 	"net" | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 	"net/netip" | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 	"reflect" | 
					
						
							|  |  |  | 	"testing" | 
					
						
							|  |  |  | 	"time" | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	"github.com/sirupsen/logrus" | 
					
						
							|  |  |  | 	"github.com/slackhq/nebula/cert" | 
					
						
							| 
									
										
										
										
											2021-11-10 21:47:38 -06:00
										 |  |  | 	"github.com/slackhq/nebula/test" | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 	"github.com/stretchr/testify/assert" | 
					
						
							|  |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-11-03 20:54:04 -05:00
										 |  |  | func TestControl_GetHostInfoByVpnIp(t *testing.T) { | 
					
						
							| 
									
										
										
										
											2021-11-10 21:47:38 -06:00
										 |  |  | 	l := test.NewLogger() | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 	// Special care must be taken to re-use all objects provided to the hostmap and certificate in the expectedInfo object | 
					
						
							|  |  |  | 	// To properly ensure we are not exposing core memory to the caller | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 	hm := newHostMap(l, netip.Prefix{}) | 
					
						
							|  |  |  | 	hm.preferredRanges.Store(&[]netip.Prefix{}) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	remote1 := netip.MustParseAddrPort("0.0.0.100:4444") | 
					
						
							|  |  |  | 	remote2 := netip.MustParseAddrPort("[1:2:3:4:5:6:7:8]:4444") | 
					
						
							| 
									
										
										
										
											2024-04-03 22:14:51 -05:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 	ipNet := net.IPNet{ | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 		IP:   remote1.Addr().AsSlice(), | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 		Mask: net.IPMask{255, 255, 255, 0}, | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	ipNet2 := net.IPNet{ | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 		IP:   remote2.Addr().AsSlice(), | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 		Mask: net.IPMask{255, 255, 255, 0}, | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	crt := &cert.NebulaCertificate{ | 
					
						
							|  |  |  | 		Details: cert.NebulaCertificateDetails{ | 
					
						
							|  |  |  | 			Name:           "test", | 
					
						
							|  |  |  | 			Ips:            []*net.IPNet{&ipNet}, | 
					
						
							|  |  |  | 			Subnets:        []*net.IPNet{}, | 
					
						
							|  |  |  | 			Groups:         []string{"default-group"}, | 
					
						
							|  |  |  | 			NotBefore:      time.Unix(1, 0), | 
					
						
							|  |  |  | 			NotAfter:       time.Unix(2, 0), | 
					
						
							|  |  |  | 			PublicKey:      []byte{5, 6, 7, 8}, | 
					
						
							|  |  |  | 			IsCA:           false, | 
					
						
							|  |  |  | 			Issuer:         "the-issuer", | 
					
						
							|  |  |  | 			InvertedGroups: map[string]struct{}{"default-group": {}}, | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 		Signature: []byte{1, 2, 1, 2, 1, 3}, | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-05-09 11:22:08 -04:00
										 |  |  | 	remotes := NewRemoteList(nil) | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 	remotes.unlockedPrependV4(netip.IPv4Unspecified(), NewIp4AndPortFromNetIP(remote1.Addr(), remote1.Port())) | 
					
						
							|  |  |  | 	remotes.unlockedPrependV6(netip.IPv4Unspecified(), NewIp6AndPortFromNetIP(remote2.Addr(), remote2.Port())) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	vpnIp, ok := netip.AddrFromSlice(ipNet.IP) | 
					
						
							|  |  |  | 	assert.True(t, ok) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-07-24 12:37:52 -05:00
										 |  |  | 	hm.unlockedAddHostInfo(&HostInfo{ | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 		remote:  remote1, | 
					
						
							| 
									
										
										
										
											2021-04-14 13:50:09 -05:00
										 |  |  | 		remotes: remotes, | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 		ConnectionState: &ConnectionState{ | 
					
						
							| 
									
										
										
										
											2021-03-05 21:18:33 -05:00
										 |  |  | 			peerCert: crt, | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 		}, | 
					
						
							|  |  |  | 		remoteIndexId: 200, | 
					
						
							|  |  |  | 		localIndexId:  201, | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 		vpnIp:         vpnIp, | 
					
						
							| 
									
										
										
										
											2022-06-21 14:35:23 -04:00
										 |  |  | 		relayState: RelayState{ | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 			relays:        map[netip.Addr]struct{}{}, | 
					
						
							|  |  |  | 			relayForByIp:  map[netip.Addr]*Relay{}, | 
					
						
							| 
									
										
										
										
											2022-06-21 14:35:23 -04:00
										 |  |  | 			relayForByIdx: map[uint32]*Relay{}, | 
					
						
							|  |  |  | 		}, | 
					
						
							| 
									
										
										
										
											2023-07-24 12:37:52 -05:00
										 |  |  | 	}, &Interface{}) | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 	vpnIp2, ok := netip.AddrFromSlice(ipNet2.IP) | 
					
						
							|  |  |  | 	assert.True(t, ok) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-07-24 12:37:52 -05:00
										 |  |  | 	hm.unlockedAddHostInfo(&HostInfo{ | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 		remote:  remote1, | 
					
						
							| 
									
										
										
										
											2021-04-14 13:50:09 -05:00
										 |  |  | 		remotes: remotes, | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 		ConnectionState: &ConnectionState{ | 
					
						
							| 
									
										
										
										
											2021-03-05 21:18:33 -05:00
										 |  |  | 			peerCert: nil, | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 		}, | 
					
						
							|  |  |  | 		remoteIndexId: 200, | 
					
						
							|  |  |  | 		localIndexId:  201, | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 		vpnIp:         vpnIp2, | 
					
						
							| 
									
										
										
										
											2022-06-21 14:35:23 -04:00
										 |  |  | 		relayState: RelayState{ | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 			relays:        map[netip.Addr]struct{}{}, | 
					
						
							|  |  |  | 			relayForByIp:  map[netip.Addr]*Relay{}, | 
					
						
							| 
									
										
										
										
											2022-06-21 14:35:23 -04:00
										 |  |  | 			relayForByIdx: map[uint32]*Relay{}, | 
					
						
							|  |  |  | 		}, | 
					
						
							| 
									
										
										
										
											2023-07-24 12:37:52 -05:00
										 |  |  | 	}, &Interface{}) | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	c := Control{ | 
					
						
							|  |  |  | 		f: &Interface{ | 
					
						
							|  |  |  | 			hostMap: hm, | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 		l: logrus.New(), | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 	thi := c.GetHostInfoByVpnIp(vpnIp, false) | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	expectedInfo := ControlHostInfo{ | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 		VpnIp:                  vpnIp, | 
					
						
							| 
									
										
										
										
											2022-06-21 14:35:23 -04:00
										 |  |  | 		LocalIndex:             201, | 
					
						
							|  |  |  | 		RemoteIndex:            200, | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 		RemoteAddrs:            []netip.AddrPort{remote2, remote1}, | 
					
						
							| 
									
										
										
										
											2022-06-21 14:35:23 -04:00
										 |  |  | 		Cert:                   crt.Copy(), | 
					
						
							|  |  |  | 		MessageCounter:         0, | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 		CurrentRemote:          remote1, | 
					
						
							|  |  |  | 		CurrentRelaysToMe:      []netip.Addr{}, | 
					
						
							|  |  |  | 		CurrentRelaysThroughMe: []netip.Addr{}, | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// Make sure we don't have any unexpected fields | 
					
						
							| 
									
										
										
										
											2023-11-02 16:53:59 -05:00
										 |  |  | 	assertFields(t, []string{"VpnIp", "LocalIndex", "RemoteIndex", "RemoteAddrs", "Cert", "MessageCounter", "CurrentRemote", "CurrentRelaysToMe", "CurrentRelaysThroughMe"}, thi) | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 	assert.EqualValues(t, &expectedInfo, thi) | 
					
						
							|  |  |  | 	//TODO: netip.Addr reuses global memory for zone identifiers which breaks our "no reused memory check" here | 
					
						
							|  |  |  | 	//test.AssertDeepCopyEqual(t, &expectedInfo, thi) | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	// Make sure we don't panic if the host info doesn't have a cert yet | 
					
						
							|  |  |  | 	assert.NotPanics(t, func() { | 
					
						
							| 
									
										
										
										
											2024-07-31 10:18:56 -05:00
										 |  |  | 		thi = c.GetHostInfoByVpnIp(vpnIp2, false) | 
					
						
							| 
									
										
										
										
											2020-09-18 09:20:09 -05:00
										 |  |  | 	}) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func assertFields(t *testing.T, expected []string, actualStruct interface{}) { | 
					
						
							|  |  |  | 	val := reflect.ValueOf(actualStruct).Elem() | 
					
						
							|  |  |  | 	fields := make([]string, val.NumField()) | 
					
						
							|  |  |  | 	for i := 0; i < val.NumField(); i++ { | 
					
						
							|  |  |  | 		fields[i] = val.Type().Field(i).Name | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	assert.Equal(t, expected, fields) | 
					
						
							|  |  |  | } |