unom/punktfunk
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases 4 Wiki Activity
Files
6fdf7d1511edd3aa73e081dd75b5d5d7996b7576
punktfunk/clients/apple/Tests/PunktfunkKitTests/LoopbackIntegrationTests.swift
T
enricobuehler 0494e0200a
ci / rust (push) Has been cancelled
Details
feat(apple): adapt the macOS client to ABI v2 — client identity + SPAKE2 PIN pairing 
The pairing/renegotiation batch bumped the punktfunk/1 ABI to v2 and the host now
hard-rejects v1 Hellos (m3.rs), so streaming from the Mac was dead until the bundled
PunktfunkCore.xcframework is rebuilt — it is gitignored, so that is a per-checkout step:
bash scripts/build-xcframework.sh. The Swift wrapper itself was already adapted upstream;
this lands the app on top of it.

- ClientIdentityStore: persistent client identity in the login Keychain, presented on
  every connect so paired hosts recognize this Mac. Keychain access failure throws
  instead of regenerating (a fresh identity would silently un-pair this Mac from every
  --require-pairing host); a lost first-run race resolves toward the stored identity;
  pairing uses the strict loadForPairing() so a memory-only identity can't strand a
  ceremony.
- PairSheet: the SPAKE2 PIN ceremony, reachable from a host card's context menu and from
  the trust prompt's "Pair with PIN instead…" (which drops the live session first — the
  host's accept loop is sequential). Success pins the verified fingerprint and connects;
  an in-flight ceremony self-discards when the sheet is dismissed, so a late success
  can't pin + auto-connect behind the user's back. Wrong PIN and Keychain failures get
  distinct, actionable error text.
- Tests: identity unit tests; the full pairing ceremony + --require-pairing gate on
  loopback (test-loopback.sh arms a second host, parses its PIN from the log, and gives
  both hosts throwaway config homes — no more writes to the real ~/.config/punktfunk);
  remote pairing + pinned stream over the LAN (PUNKTFUNK_REMOTE_PIN, _PORT).

Validated live against the box: SPAKE2 ceremony with the host's arming PIN → verified
fingerprint → pinned + identified 720p60 session (host persisted the client identity);
first light 60/60 AUs decoded to pixels; vkcube on glass through the app.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-10 21:49:43 +02:00

121 lines
5.4 KiB
Swift
Raw Blame History

// Integration: the Swift wrapper against a real punktfunk/1 host over QUIC + UDP on loopback
// the Swift twin of punktfunk-host's m3.rs::c_abi_connection_roundtrip, this time through the
// statically linked xcframework. Driven by clients/apple/test-loopback.sh, which builds and
// starts `punktfunk-host m3-host --source synthetic` and sets PUNKTFUNK_LOOPBACK_PORT.
import XCTest
@testable import PunktfunkKit
final class LoopbackIntegrationTests: XCTestCase {
func testSyntheticStreamRoundTrip() throws {
guard let portStr = ProcessInfo.processInfo.environment["PUNKTFUNK_LOOPBACK_PORT"],
let port = UInt16(portStr)
else {
throw XCTSkip("needs a running m3-host — use clients/apple/test-loopback.sh")
}
let conn = try PunktfunkConnection(
host: "127.0.0.1", port: port, width: 1280, height: 720, refreshHz: 60)
XCTAssertEqual(conn.width, 1280)
XCTAssertEqual(conn.height, 720)
XCTAssertEqual(conn.refreshHz, 60)
// Pull 25 synthetic frames and byte-verify the documented pattern:
// u32 LE frame index, then data[i] = (idx as u8) &+ (i as u8).
var got = 0
var lastIndex: UInt32 = 0
let deadline = Date().addingTimeInterval(30)
while got < 25 {
XCTAssertLessThan(Date(), deadline, "timed out after \(got) frames")
guard let au = try conn.nextAU(timeoutMs: 2000) else { continue }
let idx = au.data.prefix(4).reversed().reduce(UInt32(0)) { ($0 << 8) | UInt32($1) }
for (i, byte) in au.data.enumerated().dropFirst(4) {
let expected = UInt8(truncatingIfNeeded: idx) &+ UInt8(truncatingIfNeeded: i)
if byte != expected {
XCTFail("frame \(idx) corrupt at offset \(i)")
break
}
}
XCTAssertGreaterThan(au.ptsNs, 0)
lastIndex = idx
got += 1
}
XCTAssertGreaterThanOrEqual(lastIndex, 24)
// Input goes the other way (enqueue-only; the host logs the count on close).
conn.send(.mouseMove(dx: 1, dy: 2))
conn.send(.key(0x41, down: true))
conn.send(.key(0x41, down: false))
conn.close()
XCTAssertThrowsError(try conn.nextAU(timeoutMs: 10)) { error in
guard case PunktfunkClientError.closed = error else {
return XCTFail("expected .closed, got \(error)")
}
}
}
func testConnectFailureThrows() {
// Nothing listens on this port; connect must fail within its timeout, not hang.
XCTAssertThrowsError(
try PunktfunkConnection(
host: "127.0.0.1", port: 9, width: 640, height: 480, refreshHz: 30,
timeoutMs: 2000))
}
/// The PIN pairing ceremony + the --require-pairing gate through the Swift wrapper:
/// anonymous rejection, the single wrong-PIN online guess, the real ceremony, and a
/// paired + pinned session. Driven by test-loopback.sh, which arms a second host with
/// --require-pairing and parses its random PIN out of the log.
func testPairingCeremonyAndRequirePairingGate() throws {
let env = ProcessInfo.processInfo.environment
guard let portStr = env["PUNKTFUNK_PAIRING_PORT"], let port = UInt16(portStr),
let pin = env["PUNKTFUNK_PAIRING_PIN"]
else {
throw XCTSkip("needs an armed m3-host — use clients/apple/test-loopback.sh")
}
let identity = try generateIdentity()
// 1. Unpaired clients don't get sessions from a --require-pairing host.
XCTAssertThrowsError(
try PunktfunkConnection(
host: "127.0.0.1", port: port, width: 1280, height: 720, refreshHz: 60,
identity: identity, timeoutMs: 5000),
"unpaired client must be rejected")
// 2. A wrong PIN is exactly one failed online guess distinguishable from
// transport errors so the UI can say "try again".
XCTAssertThrowsError(
try pair(
host: "127.0.0.1", port: port, identity: identity,
pin: pin == "0000" ? "9999" : "0000", name: "wrong-pin", timeoutMs: 5000)
) { error in
guard case PunktfunkClientError.wrongPIN = error else {
return XCTFail("expected .wrongPIN, got \(error)")
}
}
// 3. The real ceremony (after the host's 2 s pairing cooldown).
Thread.sleep(forTimeInterval: 2.2)
let fingerprint = try pair(
host: "127.0.0.1", port: port, identity: identity,
pin: pin, name: "loopback-test", timeoutMs: 5000)
XCTAssertEqual(fingerprint.count, 32)
// 4. Paired + pinned: the same identity now gets a session, and the ceremony's
// fingerprint matches the certificate the host actually serves.
let conn = try PunktfunkConnection(
host: "127.0.0.1", port: port, width: 1280, height: 720, refreshHz: 60,
pinSHA256: fingerprint, identity: identity, timeoutMs: 5000)
XCTAssertEqual(conn.hostFingerprint, fingerprint)
var got = 0
let deadline = Date().addingTimeInterval(15)
while got < 5, Date() < deadline {
if try conn.nextAU(timeoutMs: 2000) != nil { got += 1 }
}
conn.close()
XCTAssertGreaterThanOrEqual(got, 5, "paired session must stream")
}
}
Reference in New Issue View Git Blame Copy Permalink