Commit Graph

179 Commits

Author SHA1 Message Date
Pierre Ossman d33f5ce77f Make extended clipboard tests independent
Let's test the full final result instead of assuming specific internal
calls.
2023-05-30 20:48:26 +02:00
Pierre Ossman 8ae789daf0 Add missing tests for message encodings
All of these functions should have units tests, even if they are fairly
minimal.
2023-05-30 20:48:26 +02:00
Pierre Ossman 9c7576a587 Remove bad Websock mock in tests
This small object will not properly fake a Websock in more complex
cases, so let's avoid it and create a real Websock instead.
2023-05-30 20:48:26 +02:00
Pierre Ossman 336ec86997 Remove internal monitoring from Plain tests
Tests should avoid poking in to the internals and should only look at
external behaviour.
2023-05-30 20:11:51 +02:00
Pierre Ossman 0c80c68e92 Avoid hooking in to RFB._fail for tests
This is an internal function so we should not be examining it in the
tests. Instead use the well defined public APIs to check for correct
behaviour.
2023-05-30 20:11:51 +02:00
Pierre Ossman 13fa6b5908 Fix last rect test
Avoid poking in to internals and instead test that the RFB object
responds correctly to new messages.
2023-05-30 20:11:51 +02:00
Pierre Ossman 549ccc7121 Split RSA-AES test data
Make the tests more clear what data is expected in the different stages
of the handshake.
2023-05-30 20:11:51 +02:00
Pierre Ossman 42bc251eb4 Make RSA-AES tests more asynchronous
The code tested here makes heavy use of promises, so it is easier to
test things also using promise centric code.
2023-05-30 20:11:51 +02:00
Pierre Ossman afbb1da4d5 Remove custom RSA-AES event
We shouldn't add extra, undocumented, API just for the tests. They need
to figure out less invasive way to probe things.
2023-05-30 20:11:51 +02:00
Pierre Ossman 458405e05d Merge RSA-AES tests in to RFB tests
These test the RFB class, so they should be with all other tests for
that class.
2023-05-30 20:11:51 +02:00
Pierre Ossman 0ee0e96f34 Fix ARD authentication test to send real data
Stop bypassing the data handling steps in the test as that means those
parts don't get tested.
2023-05-30 20:11:51 +02:00
Pierre Ossman 71bb6f02cd Fix Plain authentication test checks
We should have constants local for the test function when doing
comparisons or we might have false positives because we compare with
buggy values in the code under test.
2023-05-30 20:11:51 +02:00
Pierre Ossman 79f099108f Split Plain authentication tests to own section
VeNCrypt is a multiplexer for many authentication methods, not just
Plain. So let's split it to its own section, just like other types.
2023-05-30 20:11:51 +02:00
Pierre Ossman 0679c8a801 Test credentials using normal API
Avoid poking around in the internals and instead test things using the
official methods and events. This should give us more realistic and
robust tests.
2023-05-30 20:11:51 +02:00
Pierre Ossman 29a50620ff Avoid touching internals in Tight auth tests
We should test using only external manipulation so we don't assume a
specific implementation.
2023-05-30 20:11:51 +02:00
Pierre Ossman c7c293279b Remove commented out Tight test case
This is not something we intend to implement, so remove this never used
test case.
2023-05-30 20:11:51 +02:00
Pierre Ossman cd231e53ed Don't overwrite methods with spies
Spies should just attach without modifying the real method, or we might
get unwanted side effects.
2023-05-30 20:11:51 +02:00
Pierre Ossman 3ef57d1600 Fix security to authentication state test
The "None" authentication will directly progress past authentication, so
it's not a good type for this test.
2023-05-30 20:11:51 +02:00
Pierre Ossman 0dd9678e64 Harmonise extended clipboard tests
Let them all follow the same pattern to make things more clear.
2023-05-30 20:11:51 +02:00
pdlan f974b73137 Cleanup for the cryptographic algorithms that are not supported by SubtleCrypto 2023-01-20 05:54:00 -05:00
Dinglan Peng b776e1495e Add MSLogonII security type 2022-12-21 15:52:31 -05:00
Pierre Ossman 6eb17b27a0 Correctly mask non-BMP clipboard characters
JavaScript strings use UTF-16 encoding under the hood, but we only want
a single '?' per character we replace. So we need to be more careful
which methods we use when iterating over the clipboard string.
2022-10-27 16:24:27 +02:00
Pierre Ossman 6b555f1f74 Mask unsupported clipboard characters
Add a more explicit '?' for characters that the clipboard cannot handle,
instead of getting random junk.
2022-10-27 16:03:22 +02:00
Pierre Ossman 337fb06535 Restore Websock.allocateBuffers() after tests
This was accidentally removed in 0a6aec3578.
2022-10-27 16:02:02 +02:00
Pierre Ossman fee115b13f Update method to limit assertion output
Newer versions of the test framework use the inspect() method instead of
toString() for overriding the default output.
2022-10-27 15:59:48 +02:00
Pierre Ossman df8d005de9 VeNCrypt should handle classical types
VeNCrypt is a superset of the original security types, so it should be
fine to send any of the classical values here as well.
2022-08-18 16:26:33 +02:00
Pierre Ossman 795494ade1 Prefer security types in the server's order
This is how TigerVNC has been behaving for years and has worked well
there, so let's follow them.
2022-08-18 16:26:27 +02:00
Pierre Ossman 6719b932cf Avoiding internal variables for security tests
A good test uses only input and output, so let's avoid assuming internal
variable names or behaviours.
2022-08-18 16:26:09 +02:00
Pierre Ossman 5671072dfe Expect security result for RFB 3.7
The cut off was wrong here. 3.7 will send a security result, but not a
security reason. It also fixes the issue that < 3.7 (e.g. 3.3) supports
VNC authentication as well.
2022-08-18 16:25:59 +02:00
Pierre Ossman 8a7089c0c6 Remove redundant security result tests
The event is the desired behaviour. RFB._fail() being called is just an
internal detail that we shouldn't care about.
2022-08-18 16:24:24 +02:00
Pierre Ossman 42ec5f3321 Merge branch 'appleremotedesktop' of https://github.com/pauldumais/noVNC 2022-04-05 07:55:14 +02:00
Paul Dumais e21ed2e689 Added support for Apple Remote Desktop authentication
Fixed eslint warnings

Fixing tests that failed

Added unit tests for ARD authentication

Fixed an issue with the ARD rfb version number in the unit tests

Fixed issue with username/password lengths

Username and password lengths are now capped at 63 characters each.  Improved code for sign bit on public key bytes.

UTF Encoder username and password before packing it

Change UTF encoding to encode the username and password before packing it to prevent it from being expanded beyond the allowed size.  Public key is truncated to proper key length.

Replaced forge with web crypto for ARD authentication

Changed the way in which the async methods are handled, added unit tests to verify ARD encryption output.

Update .eslintignore
2022-04-04 11:40:19 -04:00
Samuel Mannehed 0ff0844a14 Ignore resize observation caused by server resizes
If we increase the remote screen size from the server in such a way that
it no longer fits the browser window, the browser will probably want to
show scrollbars. The same happens if you enable 'clipping' while the
remote is larger than the browser window. These scrollbars do, in turn,
decrease the available space in the browser window. This causes our
ResizeObserver to trigger.

If the resize observation triggers a requestRemoteResize() we will
overwrite the size and request a new one just because scrollbars have
appeared. We don't want that.

We can save the expected client size after resizing, and then compare
the current client size with the expected one. If there is no change
compared to the expected size, we shouldn't send the request.

Fixes issue #1616.
2021-12-13 11:20:14 +01:00
Samuel Mannehed 6cd69705d6 Make sure we wait for the resizeTimeout in tests
Not waiting for the full timeout can obscure future bugs.
2021-12-13 11:20:14 +01:00
Samuel Mannehed acc30093ad Replace resize events with observations in tests
This was missed in commit 375f36c575,
probably because these unit tests still passed (due to the expectancy
was for the code to not act on the resize events).
2021-12-13 11:20:14 +01:00
Samuel Mannehed c0d4dc8eb3 Breakdown of ExtendedDesktopSize message in tests
Saves time by not requiring the developer to look up the RFB protocol
each time viewing these tests.
2021-12-13 11:20:14 +01:00
Samuel Mannehed a7b96087d7 Add some explanatory comments to test.rfb.js 2021-12-13 11:20:13 +01:00
Pierre Ossman 721eaa4f50 Fix lint error in encodings test 2021-11-26 11:38:01 +01:00
Pierre Ossman 65d6357cdf Add missing ZRLE encoding constant
Also add a unit test to catch omissions like this in the future.
2021-11-26 11:13:06 +01:00
Pierre Ossman 301714928b Avoid scrolling on RFB object focus
Chrome scrolls the view to show as much as possible of the canvas when
we call focus(), which is likely not the desired behaviour.

This also exposes the ability to pass on future options when focusing
the RFB object manually.
2021-11-16 09:38:14 +01:00
Samuel Mannehed 375f36c575 Modify unit tests to work with ResizeObserver 2021-09-03 16:52:20 +02:00
Pierre Ossman dbd519558c Initiate connection from RFB constructor
We need to do this in order to safely attach to existing WebSocket
objects. There may be message events already pending so we must set up
our event handlers before returning.

This means we will now throw errors instead of generating "disconnect"
events on problems as the caller no longer has the opportunity to set up
event handlers.

This might have been the correct approach from the start as it mimics
how e.g. the WebSocket constructor works.
2021-04-18 14:27:57 +02:00
Pierre Ossman de9fc9508c Don't fake open events in Websock
We don't know if the caller is prepared to receive those events right
now as normally they would get them on a fresh new stack later. We also
can't delay delivery since then we might deliver the event after any
pending "message" events.

Better to push the problem one layer up to the caller, which now needs
to be more aware of the state of the WebSocket object it is trying to
use.
2021-04-18 14:26:30 +02:00
Pierre Ossman 9376191fc4 Refuse to use already closed WebSocket objects
We can't do anything useful with them anyway.
2021-04-18 14:26:28 +02:00
Pierre Ossman 42100e8233 Add unit tests for connect/attach errors 2021-04-18 14:25:59 +02:00
Pierre Ossman ae3c01f782 Add unit tests for passing WebSocket objects 2021-04-18 14:25:03 +02:00
Pierre Ossman f0e4908dec Stop explicitly testing connection states
These are internal and we should be testing the externally observable
behaviour.
2021-04-18 14:24:05 +02:00
lhchavez f9a8c4ccd5 Add VeNCrypt Plain authentication tests
This change adds tests for the VeNCrypt Plain authentication. In doing
that, this also fixes a typo that was introduced in a recent change.
2021-03-13 05:40:38 -08:00
Pierre Ossman 6a4c411976 Remove createEvent() fallbacks
We can now rely on proper constructors for our events.
2020-12-07 10:10:53 +01:00
Pierre Ossman 5b5b747494 Remove many small, obsolete, old browser hacks
These are for browsers no longer supported anyway.
2020-12-07 10:10:53 +01:00