DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

[test suite] [client] added --key-gen and --key-gen-file tests

Browse Source
This commit is contained in:
Michael Rash 2012-07-27 13:05:29 -04:00
parent 16348aaccd
commit ab52476bfc
3 changed files with 56 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
client/config_init.c
View File

@ -801,6 +801,10 @@ config_init(fko_cli_options_t *options, int argc, char **argv)
case 'k': case 'k':
options->key_gen = 1; options->key_gen = 1;
break; break;
case 'K':
options->key_gen = 1;
strlcpy(options->key_gen_file, optarg, MAX_PATH_LEN);
break;
case 'l': case 'l':
options->run_last_command = 1; options->run_last_command = 1;
break; break;
@ -1008,6 +1012,9 @@ usage(void)
" line args as the last time it was executed\n" " line args as the last time it was executed\n"
" (args are read from the ~/.fwknop.run file).\n" " (args are read from the ~/.fwknop.run file).\n"
" -G, --get-key Load an encryption key/password from a file.\n" " -G, --get-key Load an encryption key/password from a file.\n"
" -k, --key-gen Generate SPA Rijndael + HMAC keys.\n"
" -K, --key-gen-file Write generated Rijndael + HMAC keys to a\n"
" file\n"
" -r, --rand-port Send the SPA packet over a randomly assigned\n" " -r, --rand-port Send the SPA packet over a randomly assigned\n"
" port (requires a broader pcap filter on the\n" " port (requires a broader pcap filter on the\n"
" server side than the default of udp 62201).\n" " server side than the default of udp 62201).\n"

21
client/fwknop.c
View File

@ -61,6 +61,7 @@ main(int argc, char **argv)
char key[MAX_KEY_LEN+1] = {0}; char key[MAX_KEY_LEN+1] = {0};
char hmac_key[MAX_KEY_LEN+1] = {0}; char hmac_key[MAX_KEY_LEN+1] = {0};
int key_len = 0, hmac_key_len = 0; int key_len = 0, hmac_key_len = 0;
FILE *key_gen_file_ptr = NULL;
fko_cli_options_t options; fko_cli_options_t options;
@ -92,7 +93,25 @@ main(int argc, char **argv)
if(options.key_gen) if(options.key_gen)
{ {
fko_key_gen(options.key_base64, options.hmac_key_base64); fko_key_gen(options.key_base64, options.hmac_key_base64);
printf("KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n", options.key_base64, options.hmac_key_base64);
if(options.key_gen_file != NULL && options.key_gen_file[0] != '\0')
{
if ((key_gen_file_ptr = fopen(options.key_gen_file, "w")) == NULL)
{
fprintf(stderr, "Unable to create key gen file: %s: %s\n",
options.key_gen_file, strerror(errno));
return(EXIT_FAILURE);
}
fprintf(key_gen_file_ptr, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
options.key_base64, options.hmac_key_base64);
fclose(key_gen_file_ptr);
printf("[+] Wrote Rijndael and HMAC keys to: %s\n",
options.key_gen_file);
}
else
{
printf("KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n", options.key_base64, options.hmac_key_base64);
}
return(EXIT_SUCCESS); return(EXIT_SUCCESS);
} }

45
test/test-fwknop.pl
View File

@ -100,6 +100,7 @@ my $loopback_intf = '';
my $anonymize_results = 0; my $anonymize_results = 0;
my $curr_test_file = "$output_dir/init"; my $curr_test_file = "$output_dir/init";
my $tarfile = 'test_fwknop.tar.gz'; my $tarfile = 'test_fwknop.tar.gz';
my $key_gen_file = "$output_dir/key_gen";
my $server_test_file = ''; my $server_test_file = '';
my $use_valgrind = 0; my $use_valgrind = 0;
my $valgrind_str = ''; my $valgrind_str = '';
@ -815,6 +816,28 @@ my @tests = (
"--rc-file $cf{'rc_file_hmac_b64_key'}", "--rc-file $cf{'rc_file_hmac_b64_key'}",
'fatal' => $NO 'fatal' => $NO
}, },
{
'category' => 'Rijndael SPA',
'subcategory' => 'client',
'detail' => '--key-gen',
'err_msg' => 'SPA packet not generated',
'function' => \&generic_exec,
'cmdline' => "LD_LIBRARY_PATH=$lib_dir " .
"$valgrind_str $fwknopCmd --key-gen",
'positive_output_matches' => [qr/BASE64/, qw/HMAC/, qw/KEY/],
'fatal' => $NO
},
{
'category' => 'Rijndael SPA',
'subcategory' => 'client',
'detail' => '--key-gen to file',
'err_msg' => 'SPA packet not generated',
'function' => \&generic_exec,
'cmdline' => "LD_LIBRARY_PATH=$lib_dir " .
"$valgrind_str $fwknopCmd --key-gen --key-gen-file $key_gen_file",
'positive_output_matches' => [qr/Wrote.*\skeys/],
'fatal' => $NO
},
{ {
'category' => 'Rijndael SPA', 'category' => 'Rijndael SPA',
@ -2959,26 +2982,16 @@ sub init() {
$saved_last_results = 1; $saved_last_results = 1;
} }
unless (-d $output_dir) { for my $dir ($output_dir, $run_dir) {
mkdir $output_dir or die "[*] Could not mkdir $output_dir: $!"; next if -d $dir;
} mkdir $dir or die "[*] Could not mkdir $dir: $!";
unless (-d $run_dir) {
mkdir $run_dir or die "[*] Could not mkdir $run_dir: $!";
} }
for my $file (glob("$output_dir/*.test")) { for my $file (glob("$output_dir/*.test"), "$output_dir/init",
$tmp_rc_file, $logfile, $key_gen_file) {
next unless -d $file;
unlink $file or die "[*] Could not unlink($file)"; unlink $file or die "[*] Could not unlink($file)";
} }
if (-e "$output_dir/init") {
unlink "$output_dir/init" or die $!;
}
if (-e $tmp_rc_file) {
unlink $tmp_rc_file or die $!;
}
if (-e $logfile) {
unlink $logfile or die $!;
}
if ($test_include) { if ($test_include) {
@tests_to_include = split /\s*,\s*/, $test_include; @tests_to_include = split /\s*,\s*/, $test_include;