From 3c7859cb9d7c24b40ed7ca1de4a98ce119832e8b Mon Sep 17 00:00:00 2001 From: Michael Rash Date: Mon, 17 Nov 2014 19:58:47 -0500 Subject: [PATCH] [test suite] start on AFL fuzzing for conf files in addition to SPA pkts --- test/afl/afl-run.sh | 16 ------- .../fuzzing-wrappers/.server-access.sh.swp | Bin 0 -> 12288 bytes test/afl/fuzzing-wrappers/.spa-pkts.sh.swp | Bin 0 -> 12288 bytes .../fuzzing-wrappers/fwknopd-parse-access.sh | 3 ++ .../fwknopd-stdin-test.sh | 0 test/afl/fuzzing-wrappers/server-access.sh | 22 +++++++++ test/afl/fuzzing-wrappers/spa-pkts.sh | 22 +++++++++ test/afl/test-cases/server-access/access.conf | 45 ++++++++++++++++++ .../spa-pkts}/spa.start | 0 .../spa-pkts}/spa2.start | 0 .../spa-pkts}/spa3.start | 0 11 files changed, 92 insertions(+), 16 deletions(-) delete mode 100755 test/afl/afl-run.sh create mode 100644 test/afl/fuzzing-wrappers/.server-access.sh.swp create mode 100644 test/afl/fuzzing-wrappers/.spa-pkts.sh.swp create mode 100755 test/afl/fuzzing-wrappers/fwknopd-parse-access.sh rename test/afl/{ => fuzzing-wrappers}/fwknopd-stdin-test.sh (100%) create mode 100755 test/afl/fuzzing-wrappers/server-access.sh create mode 100755 test/afl/fuzzing-wrappers/spa-pkts.sh create mode 100644 test/afl/test-cases/server-access/access.conf rename test/afl/{afl-fuzzing.in => test-cases/spa-pkts}/spa.start (100%) rename test/afl/{afl-fuzzing.in => test-cases/spa-pkts}/spa2.start (100%) rename test/afl/{afl-fuzzing.in => test-cases/spa-pkts}/spa3.start (100%) diff --git a/test/afl/afl-run.sh b/test/afl/afl-run.sh deleted file mode 100755 index 712e4ca0..00000000 --- a/test/afl/afl-run.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -x - -OLD_DIR=afl-out-archive -OUT_DIR=afl-fuzzing.out - -[ ! -d $OLD_DIR ] && mkdir $OLD_DIR -TS=`date +"%m%d%y%H%M%S"` -[ -d $OUT_DIR ] && mv $OUT_DIR "$OLD_DIR/$OUT_DIR-$TS" -mkdir $OUT_DIR - -### make sure that a basic SPA packet to stdin in fwknopd -A mode works -./fwknopd-stdin-test.sh || exit - -LD_LIBRARY_PATH=../../lib/.libs afl-fuzz -i afl-fuzzing.in -o $OUT_DIR ../../server/.libs/fwknopd -c ../conf/default_fwknopd.conf -a ../conf/default_access.conf -A -f -t - -exit diff --git a/test/afl/fuzzing-wrappers/.server-access.sh.swp b/test/afl/fuzzing-wrappers/.server-access.sh.swp new file mode 100644 index 0000000000000000000000000000000000000000..401633c224246de6b5de9bbf1666e8ea5f64d904 GIT binary patch literal 12288 zcmeI2-A)rh6vq!xJpbNz^}-!^9s9RH8kt zk|UK!ztvJ&ySjaSea>J4OyCLvsR`w)X?XVZ$%4%&h&h~{*}5W`!%Tn)FaajO1egF5 zU;<2l3H*-)%wP&W(#CG(o4cQnQN;06-# z1At$*0cz9KJpKQF_WS?OU4Y-DAEa-jucS|;kfcau(nHcb>E|7Q@1!rJ_oP$O3Tc)! zL)xXU!l<>($Ekvc=>%D|DAmy(XYuD;)&BQTSLCd&QvmuDDuUFV@5XRh%2uoOm&-t6J?C z#onWRoGgk#tTgsxV|S&EupQ*5nH^q95O(@>qo(K5O$*3QqR*)f-d zb-T-!uhk`cyMX-kOTwvdY@TmWz(ng4i+<8-M@LG4rBD(Vz4CEt2ufC_B+iWW6dl+F PD9m}ysPE}E%47HogA52m literal 0 HcmV?d00001 diff --git a/test/afl/fuzzing-wrappers/.spa-pkts.sh.swp b/test/afl/fuzzing-wrappers/.spa-pkts.sh.swp new file mode 100644 index 0000000000000000000000000000000000000000..16ab9b04ee1436a7ef1b1163a4f3cb662722ed8b GIT binary patch literal 12288 zcmeI2F>ljA6vtoLkSHLKm>6C!P6yE0Eg+bJ6lhT+T3RJ(B~(@6VqY4Q#9J_5qhs?k`D519-TCX=6L~-Kgw^keLsotK~%MK62XjhI>l_WYf zo=KEU2G+QyKRq?iU;<2FDuG$JeQR+cpH>lbc=gKW)D=8|2`~XBzyz286JP>NfC(^x ze}{lgX5cj)=UjQDYh^$4M_)d2#{`%F6JP>NfC(@GCcp%k025#WOn?deg#=UpaDEox zB`N>^|M>g==Out2q;I4zq)(&|q=Xcc9+MVH3#9KC0ltzxlHQZvk?xabNf$_ODfgT5 z9Y^_lxG@1Hzyz286JP>NfC(@GCcp&#Hv;+~v;eD1oz=#JX1)2evr%ua)Es*1EH#=) zwrH8#qEUwEG@gvdWQ@-GW_x_^w3eG&%T1I%x~}KPQO^r>Pi1?yQ#h;xHy=c)&cv1P zYh%iA9VJboow#RR*kvMVY!F5=cWaX$8;_1~y!T3_fnF^sUxhq8{tIM6tX(}5wY`5*|>las+V%HZS)cW{0lhx?}k!l^eOt~9om za}1vIh_2FUw*<6XwP%5{8gGi~uo_ffR9C8N)s}ch8Ry11Cl(fYwcn3XY~R?y$)p&> z+F%sh{G7&$deRzFtO{2pi2FIxUU7|0BYjIFdt`@P!t(z;@DVEqe&is%AD5?Bag}` G58yWlwe&~; literal 0 HcmV?d00001 diff --git a/test/afl/fuzzing-wrappers/fwknopd-parse-access.sh b/test/afl/fuzzing-wrappers/fwknopd-parse-access.sh new file mode 100755 index 00000000..9b605223 --- /dev/null +++ b/test/afl/fuzzing-wrappers/fwknopd-parse-access.sh @@ -0,0 +1,3 @@ +#!/bin/sh -x + +LD_LIBRARY_PATH=../../lib/.libs ../../server/.libs/fwknopd -c ../conf/default_fwknopd.conf -a ../conf/default_access.conf -A -f -t --exit-parse-config -D diff --git a/test/afl/fwknopd-stdin-test.sh b/test/afl/fuzzing-wrappers/fwknopd-stdin-test.sh similarity index 100% rename from test/afl/fwknopd-stdin-test.sh rename to test/afl/fuzzing-wrappers/fwknopd-stdin-test.sh diff --git a/test/afl/fuzzing-wrappers/server-access.sh b/test/afl/fuzzing-wrappers/server-access.sh new file mode 100755 index 00000000..062f0fc8 --- /dev/null +++ b/test/afl/fuzzing-wrappers/server-access.sh @@ -0,0 +1,22 @@ +#!/bin/sh -x + +TOP_DIR="fuzzing-output" +FDIR="server-access.out" +ARCHIVE_DIR="$TOP_DIR/archive" +OUT_DIR="$TOP_DIR/$FDIR" +IN_DIR="test-cases/server-access" + +SERVER="../../server/.libs/fwknopd" +LIB_DIR="../../lib/.libs" + +[ ! -d $ARCHIVE_DIR ] && echo "[*] $ARCHIVE_DIR does not exist" && exit +TS=`date +"%m%d%y%H%M%S"` +[ -d $OUT_DIR ] && mv $OUT_DIR "$ARCHIVE_DIR/$FDIR-$TS" +mkdir $OUT_DIR + +### make sure that parsing the access.conf file works +./fuzzing-wrappers/fwknopd-parse-access.sh || exit + +LD_LIBRARY_PATH=$LIB_DIR afl-fuzz -i $IN_DIR -o $OUT_DIR -f $OUT_DIR/afl_access.conf $SERVER -c ../conf/default_fwknopd.conf -a $OUT_DIR/afl_access.conf -A -f -t --exit-parse-config -D + +exit diff --git a/test/afl/fuzzing-wrappers/spa-pkts.sh b/test/afl/fuzzing-wrappers/spa-pkts.sh new file mode 100755 index 00000000..96d1df3e --- /dev/null +++ b/test/afl/fuzzing-wrappers/spa-pkts.sh @@ -0,0 +1,22 @@ +#!/bin/sh -x + +TOP_DIR="fuzzing-output" +FDIR="spa-pkts.out" +ARCHIVE_DIR="$TOP_DIR/archive" +OUT_DIR="$TOP_DIR/$FDIR" +IN_DIR="test-cases/spa-pkts" + +SERVER="../../server/.libs/fwknopd" +LIB_DIR="../../lib/.libs" + +[ ! -d $ARCHIVE_DIR ] && echo "[*] $ARCHIVE_DIR does not exist" && exit +TS=`date +"%m%d%y%H%M%S"` +[ -d $OUT_DIR ] && mv $OUT_DIR "$ARCHIVE_DIR/$FDIR-$TS" +mkdir $OUT_DIR + +### make sure that a basic SPA packet to stdin in fwknopd -A mode works +./fuzzing-wrappers/fwknopd-stdin-test.sh || exit + +LD_LIBRARY_PATH=$LIB_DIR afl-fuzz -i $IN_DIR -o $OUT_DIR $SERVER -c ../conf/default_fwknopd.conf -a ../conf/default_access.conf -A -f -t + +exit diff --git a/test/afl/test-cases/server-access/access.conf b/test/afl/test-cases/server-access/access.conf new file mode 100644 index 00000000..77aac5a6 --- /dev/null +++ b/test/afl/test-cases/server-access/access.conf @@ -0,0 +1,45 @@ +### test comment +SOURCE 4.3.2.0/24, 127.0.0.0/24, 23.43.0.0/16, 10.10.10.10 +KEY test1 +HMAC_KEY test2 +DIGEST_TYPE sha512 +HMAC_DIGEST_TYPE sha256 +OPEN_PORTS udp/6001, tcp/22, tcp/80 +FW_ACCESS_TIMEOUT 2 + +SOURCE ANY +KEY test3 +ACCESS_EXPIRE 3-10-01; ### comment +OPEN_PORTS tcp/80 +FW_ACCESS_TIMEOUT 3 +ENCRYPTION_MODE legacy + +SOURCE ANY +REQUIRE_SOURCE_ADDRESS Y +REQUIRE_USERNAME nouser +KEY test4 +OPEN_PORTS tcp/80 +FORCE_NAT 192.168.1.123 22 + +SOURCE ANY +KEY test5 +HMAC_KEY test6 +OPEN_PORTS tcp/80 +RESTRICT_PORTS tcp/34 +FW_ACCESS_TIMEOUT 3 +ENABLE_CMD_EXEC Y + +SOURCE ANY +KEY fwknoptest +FW_ACCESS_TIMEOUT 3 +GPG_HOME_DIR conf/server-gpg +GPG_DECRYPT_ID 361BBAD4 +GPG_DECRYPT_PW fwknoptest +GPG_REMOTE_ID 6A3FAD56 + +SOURCE ANY +FW_ACCESS_TIMEOUT 3 +GPG_HOME_DIR conf/server-gpg-no-pw +GPG_DECRYPT_ID 361BBAD4 +GPG_ALLOW_NO_PW Y +GPG_FINGERPRINT_ID 00CC95F05BC146B6AC4038C9E36F443C6A3FAD56 diff --git a/test/afl/afl-fuzzing.in/spa.start b/test/afl/test-cases/spa-pkts/spa.start similarity index 100% rename from test/afl/afl-fuzzing.in/spa.start rename to test/afl/test-cases/spa-pkts/spa.start diff --git a/test/afl/afl-fuzzing.in/spa2.start b/test/afl/test-cases/spa-pkts/spa2.start similarity index 100% rename from test/afl/afl-fuzzing.in/spa2.start rename to test/afl/test-cases/spa-pkts/spa2.start diff --git a/test/afl/afl-fuzzing.in/spa3.start b/test/afl/test-cases/spa-pkts/spa3.start similarity index 100% rename from test/afl/afl-fuzzing.in/spa3.start rename to test/afl/test-cases/spa-pkts/spa3.start