blvm-node 0.1.17

Bitcoin Commons BLVM: Minimal Bitcoin node implementation using blvm-protocol and blvm-consensus
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

//! Regression tests for `NodeConfig::validate_security` warning strings.

use std::net::SocketAddr;

use blvm_node::config::{NodeConfig, RpcAuthConfig};

fn addr(s: &str) -> SocketAddr {
    s.parse().expect("socket addr")
}

#[test]
fn validate_security_warns_rpc_non_loopback_without_auth() {
    let cfg = NodeConfig::default();
    let warns = cfg.validate_security(addr("0.0.0.0:8332"), None);
    assert_eq!(warns.len(), 1);
    assert!(warns[0].contains("RPC server is binding"));
    assert!(warns[0].contains("without authentication"));
}

#[test]
fn validate_security_warns_rpc_required_but_no_tokens_or_certs() {
    let mut cfg = NodeConfig::default();
    cfg.rpc_auth = Some(RpcAuthConfig {
        required: true,
        ..Default::default()
    });
    let warns = cfg.validate_security(addr("127.0.0.1:8332"), None);
    assert_eq!(warns.len(), 1);
    assert!(warns[0].contains("authentication is required"));
    assert!(warns[0].contains("no tokens or certificates"));
}

#[test]
fn validate_security_warns_rest_non_loopback_without_auth() {
    let cfg = NodeConfig::default();
    let warns = cfg.validate_security(addr("127.0.0.1:8332"), Some(addr("0.0.0.0:8080")));
    assert_eq!(warns.len(), 1);
    assert!(warns[0].contains("REST API is binding"));
    assert!(warns[0].contains("without authentication"));
}

#[test]
fn validate_security_warns_rest_non_loopback_when_auth_not_required() {
    let mut cfg = NodeConfig::default();
    cfg.rpc_auth = Some(RpcAuthConfig {
        required: false,
        ..Default::default()
    });
    let warns = cfg.validate_security(addr("127.0.0.1:8332"), Some(addr("0.0.0.0:8080")));
    assert_eq!(warns.len(), 1);
    assert!(warns[0].contains("REST API is binding"));
    assert!(warns[0].contains("authentication is not required"));
}

#[test]
fn validate_security_no_warnings_loopback_rpc_only() {
    let cfg = NodeConfig::default();
    assert!(cfg
        .validate_security(addr("127.0.0.1:8332"), None)
        .is_empty());
}

#[test]
fn validate_security_no_warnings_ipv6_loopback_rpc_only() {
    let cfg = NodeConfig::default();
    assert!(cfg.validate_security(addr("[::1]:8332"), None).is_empty());
}