gitlord
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Code Issues 0 Releases 671 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
23441 Commits
842 Branches
432 MiB
 
 
 
 
 
 
Branch: develop
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'develop'
${ noResults }
synapse/tests/http/test_simple_client.py

182 lines
6.0 KiB
Raw Permalink Blame History 

  1. # Copyright 2020 The Matrix.org Foundation C.I.C.

  2. #

  3. # Licensed under the Apache License, Version 2.0 (the "License");

  4. # you may not use this file except in compliance with the License.

  5. # You may obtain a copy of the License at

  6. #

  7. #     http://www.apache.org/licenses/LICENSE-2.0

  8. #

  9. # Unless required by applicable law or agreed to in writing, software

  10. # distributed under the License is distributed on an "AS IS" BASIS,

  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  12. # See the License for the specific language governing permissions and

  13. # limitations under the License.

  14. from unittest.mock import Mock

  15. 

  16. from netaddr import IPSet

  17. 

  18. from twisted.internet import defer

  19. from twisted.internet.error import DNSLookupError

  20. from twisted.test.proto_helpers import MemoryReactor

  21. 

  22. from synapse.http import RequestTimedOutError

  23. from synapse.http.client import SimpleHttpClient

  24. from synapse.server import HomeServer

  25. from synapse.util import Clock

  26. 

  27. from tests.unittest import HomeserverTestCase

  28. 

  29. 

  30. class SimpleHttpClientTests(HomeserverTestCase):

  31.     def prepare(self, reactor: MemoryReactor, clock: Clock, hs: "HomeServer") -> None:

  32.         # Add a DNS entry for a test server

  33.         self.reactor.lookups["testserv"] = "1.2.3.4"

  34. 

  35.         self.cl = hs.get_simple_http_client()

  36. 

  37.     def test_dns_error(self) -> None:

  38.         """

  39.         If the DNS lookup returns an error, it will bubble up.

  40.         """

  41.         d = defer.ensureDeferred(self.cl.get_json("http://testserv2:8008/foo/bar"))

  42.         self.pump()

  43. 

  44.         f = self.failureResultOf(d)

  45.         self.assertIsInstance(f.value, DNSLookupError)

  46. 

  47.     def test_client_connection_refused(self) -> None:

  48.         d = defer.ensureDeferred(self.cl.get_json("http://testserv:8008/foo/bar"))

  49. 

  50.         self.pump()

  51. 

  52.         # Nothing happened yet

  53.         self.assertNoResult(d)

  54. 

  55.         clients = self.reactor.tcpClients

  56.         self.assertEqual(len(clients), 1)

  57.         (host, port, factory, _timeout, _bindAddress) = clients[0]

  58.         self.assertEqual(host, "1.2.3.4")

  59.         self.assertEqual(port, 8008)

  60.         e = Exception("go away")

  61.         factory.clientConnectionFailed(None, e)

  62.         self.pump(0.5)

  63. 

  64.         f = self.failureResultOf(d)

  65. 

  66.         self.assertIs(f.value, e)

  67. 

  68.     def test_client_never_connect(self) -> None:

  69.         """

  70.         If the HTTP request is not connected and is timed out, it'll give a

  71.         ConnectingCancelledError or TimeoutError.

  72.         """

  73.         d = defer.ensureDeferred(self.cl.get_json("http://testserv:8008/foo/bar"))

  74. 

  75.         self.pump()

  76. 

  77.         # Nothing happened yet

  78.         self.assertNoResult(d)

  79. 

  80.         # Make sure treq is trying to connect

  81.         clients = self.reactor.tcpClients

  82.         self.assertEqual(len(clients), 1)

  83.         self.assertEqual(clients[0][0], "1.2.3.4")

  84.         self.assertEqual(clients[0][1], 8008)

  85. 

  86.         # Deferred is still without a result

  87.         self.assertNoResult(d)

  88. 

  89.         # Push by enough to time it out

  90.         self.reactor.advance(120)

  91.         f = self.failureResultOf(d)

  92. 

  93.         self.assertIsInstance(f.value, RequestTimedOutError)

  94. 

  95.     def test_client_connect_no_response(self) -> None:

  96.         """

  97.         If the HTTP request is connected, but gets no response before being

  98.         timed out, it'll give a ResponseNeverReceived.

  99.         """

  100.         d = defer.ensureDeferred(self.cl.get_json("http://testserv:8008/foo/bar"))

  101. 

  102.         self.pump()

  103. 

  104.         # Nothing happened yet

  105.         self.assertNoResult(d)

  106. 

  107.         # Make sure treq is trying to connect

  108.         clients = self.reactor.tcpClients

  109.         self.assertEqual(len(clients), 1)

  110.         self.assertEqual(clients[0][0], "1.2.3.4")

  111.         self.assertEqual(clients[0][1], 8008)

  112. 

  113.         conn = Mock()

  114.         client = clients[0][2].buildProtocol(None)

  115.         client.makeConnection(conn)

  116. 

  117.         # Deferred is still without a result

  118.         self.assertNoResult(d)

  119. 

  120.         # Push by enough to time it out

  121.         self.reactor.advance(120)

  122.         f = self.failureResultOf(d)

  123. 

  124.         self.assertIsInstance(f.value, RequestTimedOutError)

  125. 

  126.     def test_client_ip_range_blocklist(self) -> None:

  127.         """Ensure that Synapse does not try to connect to blocked IPs"""

  128. 

  129.         # Add some DNS entries we'll block

  130.         self.reactor.lookups["internal"] = "127.0.0.1"

  131.         self.reactor.lookups["internalv6"] = "fe80:0:0:0:0:8a2e:370:7337"

  132.         ip_blocklist = IPSet(["127.0.0.0/8", "fe80::/64"])

  133. 

  134.         cl = SimpleHttpClient(self.hs, ip_blocklist=ip_blocklist)

  135. 

  136.         # Try making a GET request to a blocked IPv4 address

  137.         # ------------------------------------------------------

  138.         # Make the request

  139.         d = defer.ensureDeferred(cl.get_json("http://internal:8008/foo/bar"))

  140.         self.pump(1)

  141. 

  142.         # Check that it was unable to resolve the address

  143.         clients = self.reactor.tcpClients

  144.         self.assertEqual(len(clients), 0)

  145. 

  146.         self.failureResultOf(d, DNSLookupError)

  147. 

  148.         # Try making a POST request to a blocked IPv6 address

  149.         # -------------------------------------------------------

  150.         # Make the request

  151.         d = defer.ensureDeferred(

  152.             cl.post_json_get_json("http://internalv6:8008/foo/bar", {})

  153.         )

  154. 

  155.         # Move the reactor forwards

  156.         self.pump(1)

  157. 

  158.         # Check that it was unable to resolve the address

  159.         clients = self.reactor.tcpClients

  160.         self.assertEqual(len(clients), 0)

  161. 

  162.         # Check that it was due to a blocked DNS lookup

  163.         self.failureResultOf(d, DNSLookupError)

  164. 

  165.         # Try making a GET request to a non-blocked IPv4 address

  166.         # ----------------------------------------------------------

  167.         # Make the request

  168.         d = defer.ensureDeferred(cl.get_json("http://testserv:8008/foo/bar"))

  169. 

  170.         # Nothing has happened yet

  171.         self.assertNoResult(d)

  172. 

  173.         # Move the reactor forwards

  174.         self.pump(1)

  175. 

  176.         # Check that it was able to resolve the address

  177.         clients = self.reactor.tcpClients

  178.         self.assertNotEqual(len(clients), 0)

  179. 

  180.         # Connection will still fail as this IP address does not resolve to anything

  181.         self.failureResultOf(d, RequestTimedOutError)