DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

[test suite] additional rc file code coverage tests

Browse Source
This commit is contained in:
Michael Rash 2014-03-29 22:23:45 -04:00
parent a9fb3c05db
commit 3ca546092b
4 changed files with 70 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Makefile.am
View File

@ -160,6 +160,7 @@ EXTRA_DIST = \
test/conf/gpg_no_pw_hmac_access.conf \
test/conf/fwknoprc_gpg_invalid_exe \
test/conf/fwknoprc_hmac_defaults \
test/conf/fwknoprc_hmac_http_resolve \
test/conf/fwknoprc_gpg_hmac_sha512_key \
test/conf/gpg_hmac_sha512_access.conf \
test/conf/fwknoprc_hmac_sha512_base64_key \

40
test/conf/fwknoprc_hmac_http_resolve Normal file
View File

@ -0,0 +1,40 @@
[default]
ACCESS tcp/22
SPA_SERVER 127.0.0.1
ALLOW_IP resolve
USE_HMAC Y
HMAC_DIGEST_TYPE sha256
KEY_BASE64 wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
HMAC_KEY_BASE64 Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
DIGEST_TYPE sha256
SPA_SERVER_PROTO udp
SPA_SERVER_PORT 62201
SPOOF_USER mbrtest
VERBOSE Y
TIME_OFFSET -1s
ENCRYPTION_MODE CBC
USE_GPG N
USE_GPG_AGENT N
RESOLVE_IP_HTTP Y
HTTP_USER_AGENT FwknopTestSuite/2.6
RESOLVE_URL http://www.cipherdyne.org/cgi-bin/myip
#RAND_PORT
#SPA_SOURCE_PORT
#FW_TIMEOUT
#GPG_RECIPIENT
#GPG_SIGNER
#GPG_HOMEDIR
#GPG_EXE
#GPG_SIGNING_PW
#GPG_SIGNING_PW_BASE64
#GPG_NO_SIGNING_PW
#SPOOF_SOURCE_IP
#KEY
#HMAC_KEY
#KEY_FILE
#HMAC_KEY_FILE
#NAT_ACCESS
#NAT_LOCAL
#NAT_RAND_PORT
#NAT_PORT

4
test/test-fwknop.pl
View File

@ -137,6 +137,7 @@ our %cf = (
'rc_invalid_b64_key' => "$conf_dir/fwknoprc_invalid_base64_key",
'rc_hmac_b64_key' => "$conf_dir/fwknoprc_default_hmac_base64_key",
'rc_hmac_defaults' => "$conf_dir/fwknoprc_hmac_defaults",
'rc_hmac_http_resolve' => "$conf_dir/fwknoprc_hmac_http_resolve",
'rc_hmac_nat_rand_b64_key' => "$conf_dir/fwknoprc_hmac_nat_rand_base64_key",
'rc_hmac_spoof_src_b64_key' => "$conf_dir/fwknoprc_hmac_spoof_src_base64_key",
'rc_hmac_sha512_b64_key' => "$conf_dir/fwknoprc_hmac_sha512_base64_key",
@ -507,6 +508,9 @@ our $default_client_hmac_args = "$default_client_args_no_get_key " .
our $client_hmac_rc_defaults = "$lib_view_str $valgrind_str " .
"$fwknopCmd --no-save-args --rc-file $cf{'rc_hmac_defaults'}";
our $client_hmac_rc_http_resolve = "$lib_view_str $valgrind_str " .
"$fwknopCmd --no-save-args --rc-file $cf{'rc_hmac_http_resolve'}";
our $client_ip_resolve_args = "$lib_view_str $valgrind_str " .
"$fwknopCmd -A tcp/22 -R -D $loopback_ip --get-key " .
"$local_key_file $verbose_str";

25
test/tests/rijndael_hmac.pl
View File

@ -558,6 +558,31 @@
'fw_rule_removed' => $NEW_RULE_REMOVED,
'key_file' => $cf{'rc_hmac_b64_key'},
},
{
'category' => 'Rijndael+HMAC',
'subcategory' => 'client+server',
'detail' => 'client IP resolve URL + user agent',
'function' => \&spa_cycle,
'cmdline' => "$client_ip_resolve_hmac_args --resolve-url $resolve_url_with_port -u FwknopTestSuite/2.6",
'no_ip_check' => 1,
'fwknopd_cmdline' => "$fwknopdCmd $default_server_hmac_conf_args $intf_str",
'fw_rule_created' => $NEW_RULE_REQUIRED,
'fw_rule_removed' => $NEW_RULE_REMOVED,
'key_file' => $cf{'rc_hmac_b64_key'},
},
{
'category' => 'Rijndael+HMAC',
'subcategory' => 'client+server',
'detail' => 'client IP resolve rc file',
'function' => \&spa_cycle,
'cmdline' => $client_hmac_rc_http_resolve,
'no_ip_check' => 1,
'fwknopd_cmdline' => "$fwknopdCmd $default_server_hmac_conf_args $intf_str",
'fw_rule_created' => $NEW_RULE_REQUIRED,
'fw_rule_removed' => $NEW_RULE_REMOVED,
'key_file' => $cf{'rc_hmac_http_resolve'},
},
{
'category' => 'Rijndael+HMAC',
'subcategory' => 'client',