DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

[test suite] Added Rijndael+HMAC command execution test

Browse Source
This commit is contained in:
Michael Rash 2014-03-12 23:56:12 -04:00
parent 0bae1a5a1b
commit 83595bdabb
5 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -6,6 +6,7 @@ fwknop-2.6.1 (//2014):
header which references both the AUTHORS and CREDITS files. The header which references both the AUTHORS and CREDITS files. The
specific language in this header was created by the Debian legal team at specific language in this header was created by the Debian legal team at
the request of Franck Joncourt. the request of Franck Joncourt.
- [test suite] Added Rijndael+HMAC command execution test.
fwknop-2.6.0 (01/12/2014): fwknop-2.6.0 (01/12/2014):
- (Radostan Riedel) Added an AppArmor policy for fwknopd that is known to - (Radostan Riedel) Added an AppArmor policy for fwknopd that is known to

2
Makefile.am
View File

@ -165,6 +165,7 @@ EXTRA_DIST = \
test/conf/no_flush_exit_fwknopd.conf \ test/conf/no_flush_exit_fwknopd.conf \
test/conf/no_flush_init_or_exit_fwknopd.conf \ test/conf/no_flush_init_or_exit_fwknopd.conf \
test/conf/hmac_access.conf \ test/conf/hmac_access.conf \
test/conf/hmac_cmd_access.conf \
test/conf/hmac_get_key_access.conf \ test/conf/hmac_get_key_access.conf \
test/conf/hmac_no_b64_access.conf \ test/conf/hmac_no_b64_access.conf \
test/conf/hmac_equal_keys_access.conf \ test/conf/hmac_equal_keys_access.conf \
@ -295,6 +296,7 @@ EXTRA_DIST = \
test/tests/code_structure.pl \ test/tests/code_structure.pl \
test/tests/basic_operations.pl \ test/tests/basic_operations.pl \
test/tests/rijndael_hmac.pl \ test/tests/rijndael_hmac.pl \
test/tests/rijndael_hmac_cmd_exec.pl \
test/tests/rijndael_backwards_compatibility.pl \ test/tests/rijndael_backwards_compatibility.pl \
test/tests/os_compatibility.pl \ test/tests/os_compatibility.pl \
test/tests/gpg_hmac.pl \ test/tests/gpg_hmac.pl \

5
test/conf/hmac_cmd_access.conf Normal file
View File

@ -0,0 +1,5 @@
SOURCE ANY
KEY_BASE64 wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
HMAC_KEY_BASE64 Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
ENABLE_CMD_EXEC Y
FW_ACCESS_TIMEOUT 3

6
test/test-fwknop.pl
View File

@ -43,6 +43,7 @@ our %cf = (
'def_access' => "$conf_dir/default_access.conf", 'def_access' => "$conf_dir/default_access.conf",
'portrange_filter' => "$conf_dir/portrange_fwknopd.conf", 'portrange_filter' => "$conf_dir/portrange_fwknopd.conf",
'hmac_access' => "$conf_dir/hmac_access.conf", 'hmac_access' => "$conf_dir/hmac_access.conf",
'hmac_cmd_access' => "$conf_dir/hmac_cmd_access.conf",
'hmac_get_key_access' => "$conf_dir/hmac_get_key_access.conf", 'hmac_get_key_access' => "$conf_dir/hmac_get_key_access.conf",
'hmac_equal_keys_access' => "$conf_dir/hmac_equal_keys_access.conf", 'hmac_equal_keys_access' => "$conf_dir/hmac_equal_keys_access.conf",
'hmac_no_b64_access' => "$conf_dir/hmac_no_b64_access.conf", 'hmac_no_b64_access' => "$conf_dir/hmac_no_b64_access.conf",
@ -216,6 +217,7 @@ my @test_files = (
"$tests_dir/basic_operations.pl", "$tests_dir/basic_operations.pl",
"$tests_dir/rijndael.pl", "$tests_dir/rijndael.pl",
"$tests_dir/rijndael_cmd_exec.pl", "$tests_dir/rijndael_cmd_exec.pl",
"$tests_dir/rijndael_hmac_cmd_exec.pl",
"$tests_dir/rijndael_replay_attacks.pl", "$tests_dir/rijndael_replay_attacks.pl",
"$tests_dir/rijndael_fuzzing.pl", "$tests_dir/rijndael_fuzzing.pl",
"$tests_dir/rijndael_backwards_compatibility.pl", "$tests_dir/rijndael_backwards_compatibility.pl",
@ -238,6 +240,7 @@ our @code_structure_errstr = (); ### from tests/code_structure.pl (may includ
our @basic_operations = (); ### from tests/basic_operations.pl our @basic_operations = (); ### from tests/basic_operations.pl
our @rijndael = (); ### from tests/rijndael.pl our @rijndael = (); ### from tests/rijndael.pl
our @rijndael_cmd_exec = (); ### from tests/rijndael_cmd_exec.pl our @rijndael_cmd_exec = (); ### from tests/rijndael_cmd_exec.pl
our @rijndael_hmac_cmd_exec = (); ### from tests/rijndael_hmac_cmd_exec.pl
our @rijndael_replay_attacks = (); ### from tests/rijndael_replay_attacks.pl our @rijndael_replay_attacks = (); ### from tests/rijndael_replay_attacks.pl
our @rijndael_hmac = (); ### from tests/rijndael_hmac.pl our @rijndael_hmac = (); ### from tests/rijndael_hmac.pl
our @rijndael_fuzzing = (); ### from tests/rijndael_fuzzing.pl our @rijndael_fuzzing = (); ### from tests/rijndael_fuzzing.pl
@ -564,6 +567,7 @@ my @tests = (
@basic_operations, @basic_operations,
@rijndael, @rijndael,
@rijndael_cmd_exec, @rijndael_cmd_exec,
@rijndael_hmac_cmd_exec,
@rijndael_replay_attacks, @rijndael_replay_attacks,
@rijndael_backwards_compatibility, @rijndael_backwards_compatibility,
@rijndael_fuzzing, @rijndael_fuzzing,
@ -3803,6 +3807,8 @@ sub get_mod_paths() {
sub spa_cmd_exec_cycle() { sub spa_cmd_exec_cycle() {
my $test_hr = shift; my $test_hr = shift;
unlink $cmd_exec_test_file if -e $cmd_exec_test_file;
my $rv = &spa_cycle($test_hr); my $rv = &spa_cycle($test_hr);
if (-e $cmd_exec_test_file) { if (-e $cmd_exec_test_file) {

18
test/tests/rijndael_hmac_cmd_exec.pl Normal file
View File

@ -0,0 +1,18 @@
### need to add a lot more tests to this
@rijndael_hmac_cmd_exec = (
### command execution tests
{
'category' => 'Rijndael+HMAC',
'subcategory' => 'client+server',
'detail' => 'command execution',
'function' => \&spa_cmd_exec_cycle,
'cmdline' => qq|$fwknopCmd --server-cmd "echo fwknoptest > $cmd_exec_test_file" | .
"-a $fake_ip -D $loopback_ip --rc-file $cf{'rc_hmac_b64_key'} ".
"$verbose_str",
'fwknopd_cmdline' => "$fwknopdCmd -c $cf{'def'} -a $cf{'hmac_cmd_access'} " .
"-d $default_digest_file -p $default_pid_file $intf_str",
'fw_rule_created' => $REQUIRE_NO_NEW_RULE,
},
);