From d9c1eb8f5134fe0d2be895e22f53a14d4016951b Mon Sep 17 00:00:00 2001 From: Michael Rash Date: Mon, 7 Apr 2014 22:31:56 -0400 Subject: [PATCH] [test suite] more client/config_init.c test coverage --- Makefile.am | 3 + test/invalid.key | 2 + test/invalid2.key | 1 + test/invalid3.key | 1 + test/test-fwknop.pl | 3 + test/tests/basic_operations.pl | 124 +++++++++++++++++++++++++++++++++ 6 files changed, 134 insertions(+) create mode 100644 test/invalid.key create mode 100644 test/invalid2.key create mode 100644 test/invalid3.key diff --git a/Makefile.am b/Makefile.am index d9b57305..89caf5d1 100644 --- a/Makefile.am +++ b/Makefile.am @@ -322,6 +322,9 @@ EXTRA_DIST = \ test/tests/rijndael_cmd_exec.pl \ test/hardening-check \ test/local_spa.key \ + test/invalid.key \ + test/invalid2.key \ + test/invalid3.key \ test/long_spa.key \ test/test-fwknop.pl \ test/fko-python.py \ diff --git a/test/invalid.key b/test/invalid.key new file mode 100644 index 00000000..fec2d8eb --- /dev/null +++ b/test/invalid.key @@ -0,0 +1,2 @@ +### 1.1.1.1: + 1.1.1.1: diff --git a/test/invalid2.key b/test/invalid2.key new file mode 100644 index 00000000..304d2499 --- /dev/null +++ b/test/invalid2.key @@ -0,0 +1 @@ +127.0.0.1: diff --git a/test/invalid3.key b/test/invalid3.key new file mode 100644 index 00000000..7b9ad531 --- /dev/null +++ b/test/invalid3.key @@ -0,0 +1 @@ +127.0.0.1 diff --git a/test/test-fwknop.pl b/test/test-fwknop.pl index 3f78813a..f9c206d1 100755 --- a/test/test-fwknop.pl +++ b/test/test-fwknop.pl @@ -208,6 +208,9 @@ our $force_nat_host2 = '123.4.4.4'; our $force_snat_host = '33.3.3.3'; our $default_spa_port = 62201; our $non_std_spa_port = 12345; +our $invalid_key_file = 'invalid.key'; +our $invalid_key_file2 = 'invalid2.key'; +our $invalid_key_file3 = 'invalid2.key'; our $spoof_user = 'testuser'; diff --git a/test/tests/basic_operations.pl b/test/tests/basic_operations.pl index 923a1f28..f40a7584 100644 --- a/test/tests/basic_operations.pl +++ b/test/tests/basic_operations.pl @@ -166,6 +166,43 @@ 'cmdline' => "$default_client_args_no_get_key " . "--key-base64-rijndael aaaaaaaaaaaaa --key-base64-hmac a%aaaaaaa" }, + { + 'category' => 'basic operations', + 'subcategory' => 'client', + 'detail' => 'invalid key file path', + 'function' => \&generic_exec, + 'exec_err' => $YES, + 'cmdline' => "$lib_view_str $valgrind_str $fwknopCmd -A tcp/22 -a $fake_ip " . + "-D $loopback_ip --get-key invalidpath --no-save-args $verbose_str" + }, + { + 'category' => 'basic operations', + 'subcategory' => 'client', + 'detail' => 'invalid key file format', + 'function' => \&generic_exec, + 'exec_err' => $YES, + 'cmdline' => "$lib_view_str $valgrind_str $fwknopCmd -A tcp/22 -a $fake_ip " . + "-D $loopback_ip --get-key $invalid_key_file --no-save-args $verbose_str" + }, + { + 'category' => 'basic operations', + 'subcategory' => 'client', + 'detail' => 'invalid key file format (2)', + 'function' => \&generic_exec, + 'exec_err' => $YES, + 'cmdline' => "$lib_view_str $valgrind_str $fwknopCmd -A tcp/22 -a $fake_ip " . + "-D $loopback_ip --get-key $invalid_key_file2 --no-save-args $verbose_str" + }, + { + 'category' => 'basic operations', + 'subcategory' => 'client', + 'detail' => 'invalid key file format (3)', + 'function' => \&generic_exec, + 'exec_err' => $YES, + 'cmdline' => "$lib_view_str $valgrind_str $fwknopCmd -A tcp/22 -a $fake_ip " . + "-D $loopback_ip --get-key $invalid_key_file3 --no-save-args $verbose_str" + }, + { 'category' => 'basic operations', 'subcategory' => 'client', @@ -174,6 +211,15 @@ 'exec_err' => $YES, 'cmdline' => "$default_client_args --rc-file invalidpath --stanza-list" }, + { + 'category' => 'basic operations', + 'subcategory' => 'client', + 'detail' => 'invalid rc file path /dev/null', + 'function' => \&generic_exec, + 'exec_err' => $YES, + 'cmdline' => "$fwknopCmd --rc-file /dev/null" + }, + { 'category' => 'basic operations', 'subcategory' => 'client', @@ -228,6 +274,19 @@ 'exec_err' => $YES, 'positive_output_matches' => [qr/Invalid\sentry/], }, + { + 'category' => 'basic operations', + 'subcategory' => 'client rc file', + 'detail' => 'invalid verbose val', + 'function' => \&client_rc_file, + 'cmdline' => $client_rewrite_rc_args, + 'write_rc_file' => [{'name' => 'default', + 'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'SHA1', + 'VERBOSE' => 100}}], + 'exec_err' => $YES, + 'positive_output_matches' => [qr/Parameter\serror/], + }, + { 'category' => 'basic operations', 'subcategory' => 'client rc file', @@ -564,6 +623,21 @@ 'positive_output_matches' => [qr/Digest\sType\:\s.*SHA1/], 'rc_positive_output_matches' => [qr/DIGEST_TYPE.*MD5/, qr/DIGEST_TYPE.*SHA1/], }, + { + 'category' => 'basic operations', + 'subcategory' => 'client save rc file', + 'detail' => 'non-default update (2)', + 'function' => \&client_rc_file, + 'cmdline' => "$client_save_rc_args -n nondefault --digest-type SHA1", + 'save_rc_stanza' => [ + {'name' => 'default', 'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'MD5'}}, + {'name' => 'nondefault', 'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'MD5'}}, + {'name' => 'nondefault2', 'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'MD5'}} + ], + 'positive_output_matches' => [qr/Digest\sType\:\s.*SHA1/], + 'rc_positive_output_matches' => [qr/DIGEST_TYPE.*MD5/, qr/DIGEST_TYPE.*SHA1/], + }, + { 'category' => 'basic operations', 'subcategory' => 'client save rc file', @@ -796,6 +870,20 @@ 'positive_output_matches' => [qr/Unrecognized\sproto/], 'rc_positive_output_matches' => [qr/SPOOF_SOURCE_IP.*invalid/], }, + { + 'category' => 'basic operations', + 'subcategory' => 'client save rc file', + 'detail' => '--spoof-src.. invalid -P', + 'function' => \&client_rc_file, + 'cmdline' => "$client_save_rc_args -n default -P tcp --spoof-source 3.3.3.3", + 'save_rc_stanza' => [{'name' => 'default', + 'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest', + 'HMAC_DIGEST_TYPE' => 'SHA1', + 'SPOOF_SOURCE_IP' => 'invalid'}}], + 'exec_err' => $YES, + 'positive_output_matches' => [qr/Must\sset.*udpraw/], + 'rc_positive_output_matches' => [qr/SPOOF_SOURCE_IP.*invalid/], + }, { 'category' => 'basic operations', @@ -1044,6 +1132,42 @@ 'positive_output_matches' => [qr/Resolved/], 'rc_positive_output_matches' => [qr/RESOLVE_IP_HTTP.*Y/, qr/RESOLVE_URL.*cipherdyne.org.*myip/], }, + { + 'category' => 'basic operations', + 'subcategory' => 'client save rc file', + 'detail' => '-R resolve http (2)', + 'function' => \&client_rc_file, + 'cmdline' => "$client_save_rc_args -n default -R --resolve-url www.cipherdyne.org/cgi-bin/myip", + 'save_rc_stanza' => [{'name' => 'default', + 'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest', + 'HMAC_DIGEST_TYPE' => 'SHA1'}}], + 'positive_output_matches' => [qr/Resolved/], + 'rc_positive_output_matches' => [qr/RESOLVE_IP_HTTP.*Y/, qr/RESOLVE_URL.*cipherdyne.org.*myip/], + }, + { + 'category' => 'basic operations', + 'subcategory' => 'client save rc file', + 'detail' => '-R resolve invalid url (1)', + 'function' => \&client_rc_file, + 'cmdline' => "$client_save_rc_args -n default -R --resolve-url http://127.0.0.1" . '1'x300 . '/test.cgi', + 'save_rc_stanza' => [{'name' => 'default', + 'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest', + 'HMAC_DIGEST_TYPE' => 'SHA1'}}], + 'exec_err' => $YES, + 'positive_output_matches' => [qr/Error\sparsing/], + }, + { + 'category' => 'basic operations', + 'subcategory' => 'client save rc file', + 'detail' => '-R resolve invalid url (2)', + 'function' => \&client_rc_file, + 'cmdline' => "$client_save_rc_args -n default -R --resolve-url http://127.0.0.1/" . 'A'x1200, + 'save_rc_stanza' => [{'name' => 'default', + 'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest', + 'HMAC_DIGEST_TYPE' => 'SHA1'}}], + 'exec_err' => $YES, + 'positive_output_matches' => [qr/Error\sparsing/], + }, { 'category' => 'basic operations',