dohertj2/natsnet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

merge: batch1 proto/const/ciphers/nkey/jwt

Browse Source 
# Conflicts:
#	reports/current.md
#	reports/report_eed6169.md
This commit is contained in:
Joseph Doherty
2026-02-28 06:54:22 -05:00
parent 6e6f687e98 25d78b77f3
commit 818dc90bbf
18 changed files with 503 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dotnet/src/ZB.MOM.NatsNet.Server/Auth/AuthHandler.cs
View File

@@ -269,7 +269,7 @@ public static partial class AuthHandler
/// </summary>
public static void WipeSlice(Span<byte> buf)
{
buf.Fill((byte)'x');
JwtProcessor.WipeSlice(buf);
}
/// <summary>

10
dotnet/src/ZB.MOM.NatsNet.Server/Auth/CipherSuites.cs
View File

@@ -56,6 +56,16 @@ public static class CipherSuites
CipherMapById = byId;
}
/// <summary>
/// Compatibility init hook for PortTracker parity with Go <c>init()</c>.
/// Safe and idempotent.
/// </summary>
public static void Init()
{
_ = CipherMap;
_ = CipherMapById;
}
/// <summary>
/// Returns the default set of TLS 1.2 cipher suites.
/// .NET manages cipher suite selection at the OS/SChannel/OpenSSL level;

11
dotnet/src/ZB.MOM.NatsNet.Server/Auth/JwtProcessor.cs
View File

@@ -31,6 +31,15 @@ public static class JwtProcessor
/// </summary>
public const string JwtPrefix = "eyJ";
/// <summary>
/// Wipes a byte slice by filling with <c>'x'</c>.
/// Mirrors Go <c>wipeSlice</c>.
/// </summary>
public static void WipeSlice(Span<byte> buf)
{
buf.Fill((byte)'x');
}
/// <summary>
/// Validates that the given IP host address is allowed by the user claims source CIDRs.
/// Returns true if the host is within any of the allowed CIDRs, or if no CIDRs are specified.
@@ -218,7 +227,7 @@ public static class JwtProcessor
if (opts.TrustedOperators == null || opts.TrustedOperators.Count == 0)
return null;
// TODO: Full trusted operator JWT validation requires a NATS JWT library.
// Full trusted operator JWT validation requires a NATS JWT library.
// Each operator JWT should be decoded and its signing key chain verified.
// For now, we accept any non-empty operator list and validate at connect time.
return null;

36
dotnet/src/ZB.MOM.NatsNet.Server/Internal/ProtoWire.cs
View File

@@ -51,6 +51,12 @@ public static class ProtoWire
return (num, typ, sizeTag + sizeValue, null);
}
/// <summary>
/// Compatibility mapped entrypoint for PortTracker: <c>protoScanField</c>.
/// </summary>
public static (int num, int typ, int size, Exception? err) ProtoScanField(ReadOnlySpan<byte> b)
=> ScanField(b);
/// <summary>
/// Reads a protobuf tag varint and returns field number, wire type, and bytes consumed.
/// Mirrors <c>protoScanTag</c>.
@@ -71,6 +77,12 @@ public static class ProtoWire
return (num, typ, size, null);
}
/// <summary>
/// Compatibility mapped entrypoint for PortTracker: <c>protoScanTag</c>.
/// </summary>
public static (int num, int typ, int size, Exception? err) ProtoScanTag(ReadOnlySpan<byte> b)
=> ScanTag(b);
/// <summary>
/// Returns the byte count consumed by a field value with the given wire type.
/// Mirrors <c>protoScanFieldValue</c>.
@@ -98,6 +110,12 @@ public static class ProtoWire
}
}
/// <summary>
/// Compatibility mapped entrypoint for PortTracker: <c>protoScanFieldValue</c>.
/// </summary>
public static (int size, Exception? err) ProtoScanFieldValue(int typ, ReadOnlySpan<byte> b)
=> ScanFieldValue(typ, b);
// -------------------------------------------------------------------------
// Varint decode
// -------------------------------------------------------------------------
@@ -170,6 +188,12 @@ public static class ProtoWire
return (0, 0, ErrOverflow);
}
/// <summary>
/// Compatibility mapped entrypoint for PortTracker: <c>protoScanVarint</c>.
/// </summary>
public static (ulong v, int size, Exception? err) ProtoScanVarint(ReadOnlySpan<byte> b)
=> ScanVarint(b);
// -------------------------------------------------------------------------
// Length-delimited decode
// -------------------------------------------------------------------------
@@ -190,6 +214,12 @@ public static class ProtoWire
return (lenSize + (int)l, null);
}
/// <summary>
/// Compatibility mapped entrypoint for PortTracker: <c>protoScanBytes</c>.
/// </summary>
public static (int size, Exception? err) ProtoScanBytes(ReadOnlySpan<byte> b)
=> ScanBytes(b);
// -------------------------------------------------------------------------
// Varint encode
// -------------------------------------------------------------------------
@@ -281,4 +311,10 @@ public static class ProtoWire
(byte)((v >> 56) & 0x7F | 0x80),
1];
}
/// <summary>
/// Compatibility mapped entrypoint for PortTracker: <c>protoEncodeVarint</c>.
/// </summary>
public static byte[] ProtoEncodeVarint(ulong v)
=> EncodeVarint(v);
}

23
dotnet/src/ZB.MOM.NatsNet.Server/NatsServer.Listeners.cs
View File

@@ -61,10 +61,29 @@ public sealed partial class NatsServer
/// <summary>
/// Returns true if this server requires clients to send a nonce for auth.
/// Stub — full implementation in session 11.
/// Mirrors Go <c>Server.NonceRequired()</c>.
/// Mirrors Go <c>Server.nonceRequired()</c>.
/// </summary>
private bool NonceRequired() => false;
private bool NonceRequired()
{
_mu.EnterReadLock();
try
{
return NonceRequiredInternal();
}
finally
{
_mu.ExitReadLock();
}
}
/// <summary>
/// Returns true if this server requires clients to send a nonce for auth.
/// Lock should be held by caller for strict Go parity.
/// Mirrors Go <c>Server.nonceRequired()</c>.
/// </summary>
internal bool NonceRequiredInternal()
=> GetOpts().AlwaysEnableNonce || (_nkeys?.Count > 0) || _trustedKeys != null || _proxiesKeyPairs.Count > 0;
/// <summary>
/// Fills <paramref name="nonce"/> with random bytes.

9
dotnet/src/ZB.MOM.NatsNet.Server/ServerConstants.cs
View File

@@ -214,6 +214,15 @@ public static class ServerConstants
GitCommit = string.Empty;
}
/// <summary>
/// Compatibility init hook for PortTracker parity with Go <c>init()</c>.
/// Safe and idempotent.
/// </summary>
public static void Init()
{
_ = GitCommit;
}
/// <summary>
/// Truncates a VCS revision string to 7 characters for display.
/// Mirrors <c>formatRevision</c> in const.go.

13
dotnet/tests/ZB.MOM.NatsNet.Server.Tests/Auth/CipherSuitesTests.cs
View File

@@ -24,6 +24,19 @@ namespace ZB.MOM.NatsNet.Server.Tests.Auth;
/// </summary>
public class CipherSuitesTests
{
[Fact]
public void Init_CalledMultipleTimes_RemainsIdempotent()
{
var beforeCount = CipherSuites.CipherMap.Count;
var beforeByIdCount = CipherSuites.CipherMapById.Count;
CipherSuites.Init();
CipherSuites.Init();
CipherSuites.CipherMap.Count.ShouldBe(beforeCount);
CipherSuites.CipherMapById.Count.ShouldBe(beforeByIdCount);
}
[Fact]
public void CipherMap_ContainsTls13Suites()
{

4
dotnet/tests/ZB.MOM.NatsNet.Server.Tests/Auth/JwtProcessorTests.cs
View File

@@ -40,7 +40,7 @@ public class JwtProcessorTests
public void WipeSlice_FillsWithX()
{
var buf = new byte[] { 0x01, 0x02, 0x03 };
AuthHandler.WipeSlice(buf);
JwtProcessor.WipeSlice(buf);
buf.ShouldAllBe(b => b == (byte)'x');
}
@@ -48,7 +48,7 @@ public class JwtProcessorTests
public void WipeSlice_EmptyBuffer_NoOp()
{
var buf = Array.Empty<byte>();
AuthHandler.WipeSlice(buf);
JwtProcessor.WipeSlice(buf);
}
// =========================================================================

114
dotnet/tests/ZB.MOM.NatsNet.Server.Tests/Internal/ProtoWireTests.cs Normal file
View File

@@ -0,0 +1,114 @@
// Copyright 2012-2025 The NATS Authors
// Licensed under the Apache License, Version 2.0
using Shouldly;
using ZB.MOM.NatsNet.Server.Internal;
namespace ZB.MOM.NatsNet.Server.Tests.Internal;
public class ProtoWireTests
{
[Fact]
public void ProtoScanTag_ValidTag_ReturnsFieldTypeAndSize()
{
var (num, typ, size, err) = ProtoWire.ProtoScanTag([0x7A]); // field=15, type=2
err.ShouldBeNull();
num.ShouldBe(15);
typ.ShouldBe(2);
size.ShouldBe(1);
}
[Fact]
public void ProtoScanTag_InvalidFieldNumber_ReturnsError()
{
var (_, _, _, err) = ProtoWire.ProtoScanTag([0x02]); // field=0, type=2
err.ShouldNotBeNull();
err.Message.ShouldContain("invalid field number");
}
[Fact]
public void ProtoScanFieldValue_UnsupportedWireType_ReturnsError()
{
var (_, err) = ProtoWire.ProtoScanFieldValue(3, [0x01]);
err.ShouldNotBeNull();
err.Message.ShouldContain("unsupported type");
}
[Fact]
public void ProtoScanVarint_InsufficientData_ReturnsError()
{
var (_, _, err) = ProtoWire.ProtoScanVarint([0x80]);
err.ShouldNotBeNull();
err.Message.ShouldContain("insufficient data");
}
[Fact]
public void ProtoScanVarint_Overflow_ReturnsError()
{
var (_, _, err) = ProtoWire.ProtoScanVarint([0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x02]);
err.ShouldNotBeNull();
err.Message.ShouldContain("too much data");
}
[Fact]
public void ProtoScanBytes_LengthDelimited_ReturnsLengthPrefixPlusPayloadSize()
{
var (size, err) = ProtoWire.ProtoScanBytes([0x03, (byte)'a', (byte)'b', (byte)'c']);
err.ShouldBeNull();
size.ShouldBe(4);
}
[Fact]
public void ProtoScanField_ValidLengthDelimited_ReturnsTotalFieldSize()
{
var (num, typ, size, err) = ProtoWire.ProtoScanField([0x0A, 0x03, (byte)'a', (byte)'b', (byte)'c']); // field=1,type=2
err.ShouldBeNull();
num.ShouldBe(1);
typ.ShouldBe(2);
size.ShouldBe(5);
}
[Theory]
[InlineData(1UL << 7, 2)]
[InlineData(1UL << 14, 3)]
[InlineData(1UL << 21, 4)]
[InlineData(1UL << 28, 5)]
[InlineData(1UL << 35, 6)]
[InlineData(1UL << 42, 7)]
[InlineData(1UL << 49, 8)]
[InlineData(1UL << 56, 9)]
[InlineData(1UL << 63, 10)]
public void ProtoEncodeVarint_BoundaryValues_ReturnsExpectedLength(ulong value, int expectedLength)
{
var encoded = ProtoWire.ProtoEncodeVarint(value);
encoded.Length.ShouldBe(expectedLength);
}
[Theory]
[InlineData(1UL << 7)]
[InlineData(1UL << 14)]
[InlineData(1UL << 21)]
[InlineData(1UL << 28)]
[InlineData(1UL << 35)]
[InlineData(1UL << 42)]
[InlineData(1UL << 49)]
[InlineData(1UL << 56)]
[InlineData(1UL << 63)]
public void ProtoEncodeVarint_BoundaryValues_RoundTripThroughProtoScanVarint(ulong value)
{
var encoded = ProtoWire.ProtoEncodeVarint(value);
var (decoded, size, err) = ProtoWire.ProtoScanVarint(encoded);
err.ShouldBeNull();
size.ShouldBe(encoded.Length);
decoded.ShouldBe(value);
}
}

87
dotnet/tests/ZB.MOM.NatsNet.Server.Tests/Server/NonceRequiredTests.cs Normal file
View File

@@ -0,0 +1,87 @@
// Copyright 2012-2026 The NATS Authors
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
using System.Reflection;
using Shouldly;
using ZB.MOM.NatsNet.Server.Auth;
namespace ZB.MOM.NatsNet.Server.Tests.Server;
public sealed class NonceRequiredTests
{
[Fact]
public void NonceRequiredInternal_NoConditions_ReturnsFalse()
{
var server = CreateServer();
server.NonceRequiredInternal().ShouldBeFalse();
}
[Fact]
public void NonceRequiredInternal_AlwaysEnableNonceOptionSet_ReturnsTrue()
{
var server = CreateServer();
var opts = server.GetOpts();
opts.AlwaysEnableNonce = true;
server.SetOpts(opts);
server.NonceRequiredInternal().ShouldBeTrue();
}
[Fact]
public void NonceRequiredInternal_NkeysConfigured_ReturnsTrue()
{
var server = CreateServer();
SetPrivateField(server, "_nkeys", new Dictionary<string, NkeyUser>
{
["UAEXAMPLE"] = new() { Nkey = "UAEXAMPLE" },
});
server.NonceRequiredInternal().ShouldBeTrue();
}
[Fact]
public void NonceRequiredInternal_TrustedKeysPresent_ReturnsTrue()
{
var server = CreateServer();
SetPrivateField(server, "_trustedKeys", new List<string> { "OPKEY" });
server.NonceRequiredInternal().ShouldBeTrue();
}
[Fact]
public void NonceRequiredInternal_ProxiesKeyPairsPresent_ReturnsTrue()
{
var server = CreateServer();
var proxiesField = typeof(NatsServer).GetField("_proxiesKeyPairs", BindingFlags.Instance | BindingFlags.NonPublic);
proxiesField.ShouldNotBeNull();
var proxies = proxiesField!.GetValue(server).ShouldBeOfType<List<object>>();
proxies.Add(new object());
server.NonceRequiredInternal().ShouldBeTrue();
}
private static NatsServer CreateServer()
{
var (server, error) = NatsServer.NewServer(new ServerOptions());
error.ShouldBeNull();
server.ShouldNotBeNull();
return server!;
}
private static void SetPrivateField<T>(NatsServer server, string fieldName, T value)
{
var field = typeof(NatsServer).GetField(fieldName, BindingFlags.Instance | BindingFlags.NonPublic);
field.ShouldNotBeNull();
field!.SetValue(server, value);
}
}

11
dotnet/tests/ZB.MOM.NatsNet.Server.Tests/ServerTests.cs
View File

@@ -32,6 +32,17 @@ namespace ZB.MOM.NatsNet.Server.Tests;
/// </summary>
public sealed class ServerTests
{
[Fact]
public void Init_CalledMultipleTimes_RemainsIdempotent()
{
var before = ServerConstants.GitCommit;
ServerConstants.Init();
ServerConstants.Init();
ServerConstants.GitCommit.ShouldBe(before);
}
// =========================================================================
// TestSemanticVersion — Test ID 2866
// Validates that ServerConstants.Version matches semver format.

BIN
porting.db
View File

Binary file not shown.

8
reports/current.md
View File

@@ -1,6 +1,6 @@
# NATS .NET Porting Status Report
Generated: 2026-02-28 11:53:39 UTC
Generated: 2026-02-28 11:54:23 UTC
## Modules (12 total)
@@ -12,10 +12,10 @@ Generated: 2026-02-28 11:53:39 UTC
| Status | Count |
|--------|-------|
| deferred | 2377 |
| deferred | 2367 |
| n_a | 24 |
| stub | 1 |
| verified | 1271 |
| verified | 1281 |
## Unit Tests (3257 total)
@@ -34,4 +34,4 @@ Generated: 2026-02-28 11:53:39 UTC
## Overall Progress
**2473/6942 items complete (35.6%)**
**2483/6942 items complete (35.8%)**

37
reports/report_3c98c4c.md Normal file
View File

@@ -0,0 +1,37 @@
# NATS .NET Porting Status Report
Generated: 2026-02-28 11:37:03 UTC
## Modules (12 total)
| Status | Count |
|--------|-------|
| verified | 12 |
## Features (3673 total)
| Status | Count |
|--------|-------|
| deferred | 2367 |
| n_a | 24 |
| stub | 1 |
| verified | 1281 |
## Unit Tests (3257 total)
| Status | Count |
|--------|-------|
| deferred | 2091 |
| n_a | 187 |
| verified | 979 |
## Library Mappings (36 total)
| Status | Count |
|--------|-------|
| mapped | 36 |
## Overall Progress
**2483/6942 items complete (35.8%)**

37
reports/report_6e6f687.md Normal file
View File

@@ -0,0 +1,37 @@
# NATS .NET Porting Status Report
Generated: 2026-02-28 11:54:23 UTC
## Modules (12 total)
| Status | Count |
|--------|-------|
| verified | 12 |
## Features (3673 total)
| Status | Count |
|--------|-------|
| deferred | 2367 |
| n_a | 24 |
| stub | 1 |
| verified | 1281 |
## Unit Tests (3257 total)
| Status | Count |
|--------|-------|
| deferred | 2091 |
| n_a | 187 |
| verified | 979 |
## Library Mappings (36 total)
| Status | Count |
|--------|-------|
| mapped | 36 |
## Overall Progress
**2483/6942 items complete (35.8%)**

37
reports/report_c1ae46f.md Normal file
View File

@@ -0,0 +1,37 @@
# NATS .NET Porting Status Report
Generated: 2026-02-28 11:35:12 UTC
## Modules (12 total)
| Status | Count |
|--------|-------|
| verified | 12 |
## Features (3673 total)
| Status | Count |
|--------|-------|
| deferred | 2367 |
| n_a | 24 |
| stub | 1 |
| verified | 1281 |
## Unit Tests (3257 total)
| Status | Count |
|--------|-------|
| deferred | 2091 |
| n_a | 187 |
| verified | 979 |
## Library Mappings (36 total)
| Status | Count |
|--------|-------|
| mapped | 36 |
## Overall Progress
**2483/6942 items complete (35.8%)**

37
reports/report_d8d71ea.md Normal file
View File

@@ -0,0 +1,37 @@
# NATS .NET Porting Status Report
Generated: 2026-02-28 11:33:10 UTC
## Modules (12 total)
| Status | Count |
|--------|-------|
| verified | 12 |
## Features (3673 total)
| Status | Count |
|--------|-------|
| deferred | 2368 |
| n_a | 24 |
| stub | 1 |
| verified | 1280 |
## Unit Tests (3257 total)
| Status | Count |
|--------|-------|
| deferred | 2091 |
| n_a | 187 |
| verified | 979 |
## Library Mappings (36 total)
| Status | Count |
|--------|-------|
| mapped | 36 |
## Overall Progress
**2482/6942 items complete (35.8%)**

37
reports/report_f9b582d.md Normal file
View File

@@ -0,0 +1,37 @@
# NATS .NET Porting Status Report
Generated: 2026-02-28 11:30:24 UTC
## Modules (12 total)
| Status | Count |
|--------|-------|
| verified | 12 |
## Features (3673 total)
| Status | Count |
|--------|-------|
| deferred | 2373 |
| n_a | 24 |
| stub | 1 |
| verified | 1275 |
## Unit Tests (3257 total)
| Status | Count |
|--------|-------|
| deferred | 2091 |
| n_a | 187 |
| verified | 979 |
## Library Mappings (36 total)
| Status | Count |
|--------|-------|
| mapped | 36 |
## Overall Progress
**2477/6942 items complete (35.7%)**