fix(security): 收紧路径与 Gateway 清理策略

2026-06-25 09:34:01 +08:00 · 2026-06-15 16:20:35 +08:00
parent d585402b69
commit 0a65ea7c7e
13 changed files with 424 additions and 60 deletions
--- a/tests/calibration-source-policy.test.js
+++ b/tests/calibration-source-policy.test.js
@@ -0,0 +1,34 @@
+import test from 'node:test'
+import assert from 'node:assert/strict'
+
+import { selectCalibrationSource } from '../scripts/dev-api.js'
+
+test('calibration source keeps non-empty current config even when backup is richer', () => {
+  const current = {
+    models: { providers: {} },
+    gateway: { auth: { mode: 'token', token: 'current-secret' } },
+  }
+  const backup = {
+    models: { providers: { old: { type: 'openai', apiKey: 'old' } } },
+    agents: { defaults: { workspace: '/tmp/work' }, list: [{ id: 'old-agent' }] },
+    channels: { telegram: { enabled: true } },
+    gateway: {
+      auth: { mode: 'token', token: 'backup-secret' },
+      controlUi: { allowedOrigins: ['http://localhost:3000'] },
+    },
+  }
+
+  const [source, seed] = selectCalibrationSource(current, backup)
+
+  assert.equal(source, 'current')
+  assert.equal(seed, current)
+})
+
+test('calibration source falls back to backup only when current is empty', () => {
+  const backup = { models: { providers: { old: { type: 'openai', apiKey: 'old' } } } }
+
+  const [source, seed] = selectCalibrationSource({}, backup)
+
+  assert.equal(source, 'backup')
+  assert.equal(seed, backup)
+})
--- a/tests/gateway-linux-cleanup-policy.test.js
+++ b/tests/gateway-linux-cleanup-policy.test.js
@@ -0,0 +1,25 @@
+import test from 'node:test'
+import assert from 'node:assert/strict'
+import { readFileSync } from 'node:fs'
+
+const service = readFileSync(new URL('../src-tauri/src/commands/service.rs', import.meta.url), 'utf8')
+
+test('Linux Gateway cleanup verifies process identity before killing listeners', () => {
+  const linuxStart = service.indexOf('#[cfg(target_os = "linux")]')
+  const fallbackStart = service.indexOf('#[cfg(target_os = "windows")]\npub fn invalidate_cli_detection_cache', linuxStart)
+  const linux = linuxStart >= 0 && fallbackStart > linuxStart
+    ? service.slice(linuxStart, fallbackStart)
+    : ''
+  const cleanupStart = linux.indexOf('fn cleanup_zombie_gateway_processes()')
+  const cleanupEnd = linux.indexOf('async fn gateway_command', cleanupStart)
+  const cleanup = cleanupStart >= 0 && cleanupEnd > cleanupStart
+    ? linux.slice(cleanupStart, cleanupEnd)
+    : ''
+
+  assert.ok(cleanup, 'Linux cleanup function must exist')
+  assert.doesNotMatch(cleanup, /Command::new\("fuser"\)/)
+  assert.match(cleanup, /read_process_command_line\(pid\)/)
+  assert.match(cleanup, /is_gateway_command_line\(&cmdline\)/)
+  assert.match(cleanup, /is_gateway_port_responsive_with_retry/)
+  assert.match(cleanup, /Command::new\("kill"\)/)
+})