DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

[test suite] add test for access.conf include directive

Browse Source
This commit is contained in:
Michael Rash 2015-12-08 19:51:51 -08:00
parent 947dbfe6ae
commit ae1e804ea1
7 changed files with 60 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Makefile.am
View File

@ -153,6 +153,9 @@ EXTRA_DIST = \
test/conf/fuzzing_restrict_ports_access.conf \
test/conf/fuzzing_source_access.conf \
test/conf/hmac_fuzzing_access.conf \
test/conf/include1_hmac_access.conf \
test/conf/include2_hmac_access.conf \
test/conf/include3_hmac_access.conf \
test/conf/gpg_access.conf \
test/conf/gpg_hmac_access.conf \
test/conf/gpg_no_pw_access.conf \

3
server/access.c
View File

@ -1424,7 +1424,6 @@ parse_access_file(fko_srv_options_t *opts, char *access_filename, int *depth)
if(IS_EMPTY_LINE(access_line_buf[0]))
continue;
if(sscanf(access_line_buf, "%s %[^;\n\r]", var, val) != 2)
{
log_msg(LOG_ERR,
@ -1465,6 +1464,8 @@ parse_access_file(fko_srv_options_t *opts, char *access_filename, int *depth)
{
if ((*depth) < 3)
{
log_msg(LOG_ERR, "[+] Processing include directive for file: '%s'",
val);
if (parse_access_file(opts, val, depth) == EXIT_FAILURE)
{
fclose(file_ptr);

12
test/conf/include1_hmac_access.conf Normal file
View File

@ -0,0 +1,12 @@
SOURCE ANY
KEY_BASE64 wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
HMAC_KEY_BASE64 Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
FW_ACCESS_TIMEOUT 3
%include conf/include2_hmac_access.conf
SOURCE 99.9.9.9
KEY_BASE64 wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
HMAC_KEY_BASE64 Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
FW_ACCESS_TIMEOUT 3

12
test/conf/include2_hmac_access.conf Normal file
View File

@ -0,0 +1,12 @@
%include conf/include3_hmac_access.conf
SOURCE 9.9.9.9
KEY_BASE64 wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
HMAC_KEY_BASE64 Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
FW_ACCESS_TIMEOUT 3
SOURCE 123.3.3.3
KEY 12341234
HMAC_KEY asdf1234
FW_ACCESS_TIMEOUT 3

10
test/conf/include3_hmac_access.conf Normal file
View File

@ -0,0 +1,10 @@
SOURCE 7.7.7.7
KEY_BASE64 wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
HMAC_KEY_BASE64 Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
FW_ACCESS_TIMEOUT 3
SOURCE 6.6.6.6
KEY 12341234
HMAC_KEY asdf1234
FW_ACCESS_TIMEOUT 3

2
test/test-fwknop.pl
View File

@ -409,6 +409,8 @@ our %cf = (
'def_access' => "$conf_dir/default_access.conf",
'portrange_filter' => "$conf_dir/portrange_fwknopd.conf",
'hmac_access' => "$conf_dir/hmac_access.conf",
'include1_hmac_access' => "$conf_dir/include1_hmac_access.conf",
'include2_hmac_access' => "$conf_dir/include2_hmac_access.conf",
'hmac_cmd_access' => "$conf_dir/hmac_cmd_access.conf",
'hmac_cmd_setuid_access' => "$conf_dir/hmac_cmd_setuid_access.conf",
'hmac_cmd_giduid_access' => "$conf_dir/hmac_cmd_giduid_access.conf",

19
test/tests/rijndael_hmac.pl
View File

@ -136,6 +136,25 @@
'key_file' => $cf{'rc_hmac_b64_key'},
'client_cycles_per_server_instance' => 3,
},
{
'category' => 'Rijndael+HMAC',
'subcategory' => 'client+server',
'detail' => 'complete cycle, include (1)',
'function' => \&spa_cycle,
'cmdline' => $default_client_hmac_args,
'fwknopd_cmdline' => "$fwknopdCmd -c $cf{'def'} -a $cf{'include1_hmac_access'} " .
"-d $default_digest_file -p $default_pid_file $intf_str",
'fw_rule_created' => $NEW_RULE_REQUIRED,
'fw_rule_removed' => $NEW_RULE_REMOVED,
'key_file' => $cf{'rc_hmac_b64_key'},
'server_positive_output_matches' => [
qr/SOURCE\s.*9\.9\.9\.9/,
qr/SOURCE\s.*ANY/,
qr/SOURCE\s.*99\.9\.9\.9/,
qr/SOURCE\s.*123\.3\.3\.3/
],
},
{
'category' => 'Rijndael+HMAC',
'subcategory' => 'client+server',