[server] negative testing for ENABLE_NAT_DNS

2016-05-27 23:30:01 -07:00 · 2016-05-27 23:30:01 -07:00 · 8366e118e2
commit 8366e118e2
parent 919156fdf0
4 changed files with 21 additions and 0 deletions
--- a/Makefile.am
+++ b/Makefile.am
@ -138,6 +138,7 @@ EXTRA_DIST = \
    test/conf/default_fwknopd.conf \
    test/conf/portrange_fwknopd.conf \
    test/conf/prepend_fwknopd.conf \
+    test/conf/no_nat_dns_fwknopd.conf \
    test/conf/ipt_custom_input_chain_fwknopd.conf \
    test/conf/firewd_custom_input_chain_fwknopd.conf \
    test/conf/ipt_custom_nat_chain_fwknopd.conf \
--- a/test/conf/no_nat_dns_fwknopd.conf
+++ b/test/conf/no_nat_dns_fwknopd.conf
@ -0,0 +1,3 @@
+# default config - no variables set to allow defaults to be preserved
+
+ENABLE_NAT_DNS         N;
--- a/test/test-fwknop.pl
+++ b/test/test-fwknop.pl
@ -435,6 +435,7 @@ our %cf = (
    'include_def_hmac_access'      => "$conf_dir/include_def_hmac_access.conf",
    'include_keys1_hmac_access'    => "$conf_dir/include_keys1_hmac_access.conf",
    'prepend_fwknopd'              => "$conf_dir/prepend_fwknopd.conf",
+    'no_nat_dns_fwknopd'           => "$conf_dir/no_nat_dns_fwknopd.conf",
    'hmac_cmd_access'              => "$conf_dir/hmac_cmd_access.conf",
    'hmac_cmd_setuid_access'       => "$conf_dir/hmac_cmd_setuid_access.conf",
    'hmac_cmd_giduid_access'       => "$conf_dir/hmac_cmd_giduid_access.conf",
--- a/test/tests/rijndael_hmac.pl
+++ b/test/tests/rijndael_hmac.pl
@ -1622,6 +1622,22 @@
        'key_file' => $cf{'rc_hmac_b64_key'},
        'server_conf' => $cf{"${fw_conf_prefix}_nat"},
    },
+    {
+        'category' => 'Rijndael+HMAC',
+        'subcategory' => 'client+server',
+        'detail'   => "NAT_DNS disabled",
+        'function' => \&spa_cycle,
+        'cmdline'  => "$default_client_args_no_get_key --rc-file " .
+            "$cf{'rc_hmac_b64_key'} -N somehost:22",
+        'fwknopd_cmdline' => qq/$fwknopdCmd -c $cf{'no_nat_dns_fwknopd'} -a $cf{'hmac_open_ports_access'} / .
+            "-d $default_digest_file -p $default_pid_file $intf_str",
+        'server_positive_output_matches' => [
+            qr/requested NAT.*\snot enabled/],
+        'fw_rule_created' => $REQUIRE_NO_NEW_RULE,
+        'key_file' => $cf{'rc_hmac_b64_key'},
+        'server_conf' => $cf{'no_nat_dns_fwknopd'}
+    },
+
    {
        'category' => 'Rijndael+HMAC',
        'subcategory' => 'client+server',