DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

[test suite] added python->C HMAC test

Browse Source
This commit is contained in:
Michael Rash 2013-04-08 20:45:14 -04:00
parent 57773993e4
commit 748715acf8
5 changed files with 76 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Makefile.am
View File

@ -161,6 +161,7 @@ EXTRA_DIST = \
test/conf/hmac_sha384_long_key_access.conf \ test/conf/hmac_sha384_long_key_access.conf \
test/conf/hmac_sha512_access.conf \ test/conf/hmac_sha512_access.conf \
test/conf/hmac_sha512_short_key_access.conf \ test/conf/hmac_sha512_short_key_access.conf \
test/conf/hmac_sha512_short_key2_access.conf \
test/conf/hmac_sha512_long_key_access.conf \ test/conf/hmac_sha512_long_key_access.conf \
test/conf/hmac_simple_keys_access.conf \ test/conf/hmac_simple_keys_access.conf \
test/conf/hmac_sha256_open_ports_access.conf \ test/conf/hmac_sha256_open_ports_access.conf \

5
test/conf/hmac_sha512_short_key2_access.conf Normal file
View File

@ -0,0 +1,5 @@
SOURCE: ANY;
KEY_BASE64: dGVzdGtleTE=
HMAC_KEY_BASE64: dGVzdGtleTI=
HMAC_DIGEST_TYPE: sha512;
FW_ACCESS_TIMEOUT: 3;

6
test/fko-python.py
View File

@ -13,15 +13,15 @@ fko.hmac_type(FKO_HMAC_SHA512)
# Set the SPA message (Note: Access request is default if not specified). # Set the SPA message (Note: Access request is default if not specified).
# #
fko.spa_message("0.0.0.0,tcp/22") fko.spa_message("127.0.0.2,tcp/22")
# Create the final SPA data message string. # Create the final SPA data message string.
# #
fko.spa_data_final("testtest", "blah") fko.spa_data_final("testkey1", "testkey2")
# print the spa message. # print the spa message.
# #
print fko.spa_data() print "SPA packet data:", fko.spa_data()
# Print some of the data: # Print some of the data:
# #

55
test/test-fwknop.pl
View File

@ -50,6 +50,7 @@ our %cf = (
'hmac_sha384_long_key_access' => "$conf_dir/hmac_sha384_long_key_access.conf", 'hmac_sha384_long_key_access' => "$conf_dir/hmac_sha384_long_key_access.conf",
'hmac_sha512_access' => "$conf_dir/hmac_sha512_access.conf", 'hmac_sha512_access' => "$conf_dir/hmac_sha512_access.conf",
'hmac_sha512_short_key_access' => "$conf_dir/hmac_sha512_short_key_access.conf", 'hmac_sha512_short_key_access' => "$conf_dir/hmac_sha512_short_key_access.conf",
'hmac_sha512_short_key2_access' => "$conf_dir/hmac_sha512_short_key2_access.conf",
'hmac_sha512_long_key_access' => "$conf_dir/hmac_sha512_long_key_access.conf", 'hmac_sha512_long_key_access' => "$conf_dir/hmac_sha512_long_key_access.conf",
'hmac_simple_keys_access' => "$conf_dir/hmac_simple_keys_access.conf", 'hmac_simple_keys_access' => "$conf_dir/hmac_simple_keys_access.conf",
'hmac_invalid_type_access' => "$conf_dir/hmac_invalid_type_access.conf", 'hmac_invalid_type_access' => "$conf_dir/hmac_invalid_type_access.conf",
@ -224,6 +225,7 @@ our $valgrind_str = '';
my %prev_valgrind_cov = (); my %prev_valgrind_cov = ();
my %prev_valgrind_file_titles = (); my %prev_valgrind_file_titles = ();
my $fko_wrapper_dir = 'fko-wrapper'; my $fko_wrapper_dir = 'fko-wrapper';
my $python_spa_packet = '';
my $enable_client_ip_resolve_test = 0; my $enable_client_ip_resolve_test = 0;
my $enable_all = 0; my $enable_all = 0;
my $saved_last_results = 0; my $saved_last_results = 0;
@ -1234,6 +1236,59 @@ sub python_fko_basic_exec() {
"PYTHONPATH=$site_dir ./$python_script", $cmd_out_tmp, "PYTHONPATH=$site_dir ./$python_script", $cmd_out_tmp,
$curr_test_file); $curr_test_file);
if ($rv) {
$python_spa_packet = '';
### get the SPA packet data
open F, "< $curr_test_file" or die $!;
while (<F>) {
if (/SPA\spacket\sdata\:\s(\S+)/) {
$python_spa_packet = $1;
last;
}
}
close F;
unless ($python_spa_packet) {
&write_test_file("[-] could not acquite SPA packet from python output\n",
$curr_test_file);
$rv = 0;
}
}
return $rv;
}
sub python_fko_client_to_C_server() {
my $test_hr = shift;
my @packets = (
{
'proto' => 'udp',
'port' => $default_spa_port,
'dst_ip' => $loopback_ip,
'data' => $python_spa_packet,
},
);
my ($rv, $server_was_stopped, $fw_rule_created, $fw_rule_removed)
= &client_server_interaction($test_hr, \@packets, $USE_PREDEF_PKTS);
$rv = 0 unless $server_was_stopped;
if ($test_hr->{'fw_rule_created'} eq $NEW_RULE_REQUIRED) {
$rv = 0 unless $fw_rule_created;
} elsif ($test_hr->{'fw_rule_created'} eq $REQUIRE_NO_NEW_RULE) {
$rv = 0 if $fw_rule_created;
}
if ($test_hr->{'fw_rule_removed'} eq $NEW_RULE_REMOVED) {
$rv = 0 unless $fw_rule_removed;
} elsif ($test_hr->{'fw_rule_removed'} eq $REQUIRE_NO_NEW_REMOVED) {
$rv = 0 if $fw_rule_removed;
}
return $rv; return $rv;
} }

12
test/tests/python_fko.pl
View File

@ -13,5 +13,17 @@
'function' => \&python_fko_basic_exec, 'function' => \&python_fko_basic_exec,
'fatal' => $NO 'fatal' => $NO
}, },
{
'category' => 'python fko extension',
'subcategory' => 'compatibility',
'detail' => 'python->C',
'function' => \&python_fko_client_to_C_server,
'fwknopd_cmdline' => "LD_LIBRARY_PATH=$lib_dir $valgrind_str " .
"$fwknopdCmd -c $cf{'def'} -a $cf{'hmac_sha512_short_key2_access'} " .
"-d $default_digest_file -p $default_pid_file $intf_str",
'fw_rule_created' => $NEW_RULE_REQUIRED,
'fw_rule_removed' => $NEW_RULE_REMOVED,
'fatal' => $NO
},
); );