Remove LeakRule protocol for now, improve leak test names

Author: buggmagnet

ios/MullvadVPN.xcodeproj/project.pbxproj

@@ -4276,14 +4276,14 @@
 		85557B0C2B591B0F00795FE1 /* Networking */ = {
 			isa = PBXGroup;
 			children = (
-				85607C882D131CCD00037E34 /* TestRouterAPIClient.swift */,
-				8555C65F2D102FFE0092DAD0 /* LeakCheck.swift */,
 				85557B0D2B591B2600795FE1 /* FirewallClient.swift */,
 				85557B0F2B59215F00795FE1 /* FirewallRule.swift */,
+				8555C65F2D102FFE0092DAD0 /* LeakCheck.swift */,
 				85557B132B5983CF00795FE1 /* MullvadAPIWrapper.swift */,
 				85E3BDE42B70E18C00FA71FD /* Networking.swift */,
-				856952DB2BD2922A008C1F84 /* PartnerAPIClient.swift */,
 				85978A532BE0F10E00F999A7 /* PacketCapture.swift */,
+				856952DB2BD2922A008C1F84 /* PartnerAPIClient.swift */,
+				85607C882D131CCD00037E34 /* TestRouterAPIClient.swift */,
 				8590A5432C2AF43400B9BF7B /* TrafficGenerator.swift */,
 			);
 			path = Networking;

ios/MullvadVPNUITests/Base/BaseUITestCase.swift

@@ -227,11 +227,11 @@ class BaseUITestCase: XCTestCase {
                 packetCaptureClient.stopCapture(session: packetCaptureSession)
             }
 
-            let pcap = packetCaptureClient.getPCAP(session: packetCaptureSession)
+            let pcapFileContents = packetCaptureClient.getPCAP(session: packetCaptureSession)
             let parsedCapture = packetCaptureClient.getParsedCapture(session: packetCaptureSession)
             self.packetCaptureSession = nil
 
-            let pcapAttachment = XCTAttachment(data: pcap)
+            let pcapAttachment = XCTAttachment(data: pcapFileContents)
             pcapAttachment.name = self.name + ".pcap"
             pcapAttachment.lifetime = .keepAlways
             self.add(pcapAttachment)

ios/MullvadVPNUITests/LeakTests.swift

@@ -9,13 +9,22 @@
 import XCTest
 
 class LeakTests: LoggedInWithTimeUITestCase {
+    static let capturedStreamStartTimestamp: Double = 8
+    static let capturedStreamEndTimestamp: Double = 3
+
     override func tearDown() {
         FirewallClient().removeRules()
         super.tearDown()
     }
 
-    /// Send UDP traffic to a host, connect to relay and make sure while connected to relay no traffic  leaked went directly to the host
-    func testNoLeak() throws {
+    /// Send UDP traffic to a host, connect to relay and make sure - while connected to relay -
+    /// that no leaked traffic went directly to the host
+    func testConnectionStartedBeforeTunnelShouldNotLeakOutside() throws {
+        let skipReason = """
+        Connections started before the packet tunnel will leak as long as
+        includeAllNetworks is not set to true when starting the tunnel.
+        """
+        try XCTSkipIf(true, skipReason)
         let targetIPAddress = Networking.getAlwaysReachableIPAddress()
         startPacketCapture()
         let trafficGenerator = TrafficGenerator(destinationHost: targetIPAddress, port: 80)
@@ -39,12 +48,16 @@ class LeakTests: LoggedInWithTimeUITestCase {
 
         var capturedStreams = stopPacketCapture()
         // For now cut the beginning and and end of the stream to trim out the part where the tunnel connection was not up
-        capturedStreams = PacketCaptureClient.trimPackets(streams: capturedStreams, secondsStart: 8, secondsEnd: 3)
+        capturedStreams = PacketCaptureClient.trimPackets(
+            streams: capturedStreams,
+            secondsStart: Self.capturedStreamStartTimestamp,
+            secondsEnd: Self.capturedStreamEndTimestamp
+        )
         LeakCheck.assertNoLeaks(streams: capturedStreams, rules: [NoTrafficToHostLeakRule(host: targetIPAddress)])
     }
 
     /// Send UDP traffic to a host, connect to relay and then disconnect to intentionally leak traffic and make sure that the test catches the leak
-    func testShouldLeak() throws {
+    func testTrafficCapturedOutsideOfTunnelShouldLeak() throws {
         let targetIPAddress = Networking.getAlwaysReachableIPAddress()
         startPacketCapture()
         let trafficGenerator = TrafficGenerator(destinationHost: targetIPAddress, port: 80)
@@ -72,7 +85,6 @@ class LeakTests: LoggedInWithTimeUITestCase {
         // Keep the tunnel connection for a while
         RunLoop.current.run(until: .now + 5)
 
-        app.launch()
         TunnelControlPage(app)
             .tapDisconnectButton()
 
@@ -82,7 +94,11 @@ class LeakTests: LoggedInWithTimeUITestCase {
 
         var capturedStreams = stopPacketCapture()
         // For now cut the beginning and and end of the stream to trim out the part where the tunnel connection was not up
-        capturedStreams = PacketCaptureClient.trimPackets(streams: capturedStreams, secondsStart: 8, secondsEnd: 3)
+        capturedStreams = PacketCaptureClient.trimPackets(
+            streams: capturedStreams,
+            secondsStart: Self.capturedStreamStartTimestamp,
+            secondsEnd: Self.capturedStreamEndTimestamp
+        )
         LeakCheck.assertLeaks(streams: capturedStreams, rules: [NoTrafficToHostLeakRule(host: targetIPAddress)])
     }
 }

ios/MullvadVPNUITests/Networking/LeakCheck.swift

@@ -9,30 +9,26 @@
 import XCTest
 
 class LeakCheck {
-    static func assertNoLeaks(streams: [Stream], rules: [LeakRule]) {
+    static func assertNoLeaks(streams: [Stream], rules: [NoTrafficToHostLeakRule]) {
         XCTAssertFalse(streams.isEmpty, "No streams to leak check")
         XCTAssertFalse(rules.isEmpty, "No leak rules to check")
 
         for rule in rules where rule.isViolated(streams: streams) {
-            XCTFail("Leak rule violated")
+            XCTFail("Leaked traffic destined to \(rule.host) outside of the tunnel connection")
         }
     }
 
-    static func assertLeaks(streams: [Stream], rules: [LeakRule]) {
+    static func assertLeaks(streams: [Stream], rules: [NoTrafficToHostLeakRule]) {
         XCTAssertFalse(streams.isEmpty, "No streams to leak check")
         XCTAssertFalse(rules.isEmpty, "No leak rules to check")
 
         for rule in rules where rule.isViolated(streams: streams) == false {
-            XCTFail("Leak rule unexpectedly not violated when asserting leak")
+            XCTFail("Expected to leak traffic to \(rule.host) outside of tunnel")
         }
     }
 }
 
-protocol LeakRule {
-    func isViolated(streams: [Stream]) -> Bool
-}
-
-class NoTrafficToHostLeakRule: LeakRule {
+class NoTrafficToHostLeakRule {
     let host: String
 
     init(host: String) {

ios/MullvadVPNUITests/Networking/PacketCapture.swift

@@ -164,6 +164,8 @@ class PacketCaptureClient: TestRouterAPIClient {
         var collectionStartDate: Date?
         var collectionEndDate: Date?
 
+        XCTAssertTrue(streams.count >= 1, "Captured streams are empty, expected at least 1")
+
         for stream in streams {
             if collectionStartDate != nil {
                 collectionStartDate = min(collectionStartDate!, stream.dateInterval.start)

ios/MullvadVPNUITests/Networking/TestRouterAPIClient.swift

@@ -9,16 +9,8 @@
 import XCTest
 
 class TestRouterAPIClient {
-    // swiftlint:disable force_cast
-    static let baseURL = URL(
-        string:
-        Bundle(for: FirewallClient.self).infoDictionary?["FirewallApiBaseURL"] as! String
-    )!
-    // swiftlint:enable force_cast
-
-    static func getIPAddress() throws -> String {
-        return ""
-    }
+    // swiftlint:disable:next force_cast
+    static let baseURL = URL(string: Bundle(for: FirewallClient.self).infoDictionary?["FirewallApiBaseURL"] as! String)!
 
     /// Gets the IP address of the device under test
     public func getDeviceIPAddress() throws -> String {

ios/MullvadVPNUITests/Networking/TrafficGenerator.swift

@@ -35,12 +35,12 @@ class TrafficGenerator {
         print("Attempting to reconnect")
         connection.forceCancel()
 
-        connection = recreateConnection()
+        connection = createConnection()
         setupConnection()
         setupOtherHandlers()
     }
 
-    func recreateConnection() -> NWConnection {
+    func createConnection() -> NWConnection {
         let params = NWParameters.udp
         return NWConnection(
             host: NWEndpoint.Host(destinationHost),