DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

[test suite] additional --save-rc-stanza tests for vars not printed in fwknop client decode output

Browse Source
This commit is contained in:
Michael Rash 2013-06-10 21:18:37 -04:00
parent 0c19e5170a
commit f9df2f6eca
2 changed files with 136 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
test/test-fwknop.pl
View File

@ -405,12 +405,19 @@ our $default_client_args_no_get_key = "LD_LIBRARY_PATH=$lib_dir " .
"$valgrind_str $fwknopCmd -A tcp/22 -a $fake_ip -D $loopback_ip " .
"--no-save-args --verbose --verbose";
our $default_client_args_no_verbose = "LD_LIBRARY_PATH=$lib_dir " .
"$valgrind_str $fwknopCmd -A tcp/22 -a $fake_ip -D $loopback_ip " .
'--no-save-args ';
our $client_rewrite_rc_args = "$default_client_args_no_get_key " .
"--rc-file $rewrite_rc_file --test";
our $client_save_rc_args = "$default_client_args_no_get_key " .
"--rc-file $save_rc_file --save-rc-stanza --force-stanza --test";
our $client_save_rc_args_no_verbose = "$default_client_args_no_verbose " .
"--rc-file $save_rc_file --save-rc-stanza --force-stanza --test";
our $default_client_hmac_args = "$default_client_args_no_get_key " .
"--rc-file $cf{'rc_hmac_b64_key'}";
@ -1075,31 +1082,34 @@ sub expected_code_version() {
return 0;
}
sub write_rc_file() {
my ($rc_hr, $rc_file) = @_;
open RC, "> $rc_file"
or die "[*] Could not open $rc_file: $!";
for my $hr (@$rc_hr) {
print RC "[$hr->{'name'}]\n";
for my $var (keys %{$hr->{'vars'}}) {
print RC "$var $hr->{'vars'}->{$var}\n";
}
}
close RC;
return;
}
sub client_rc_file() {
my $test_hr = shift;
my $rv = 1;
my $rc_file = '';
if ($test_hr->{'write_rc_file'}) {
open RC, "> $rewrite_rc_file"
or die "[*] Could not open $rewrite_rc_file: $!";
for my $hr (@{$test_hr->{'write_rc_file'}}) {
print RC "[$hr->{'name'}]\n";
for my $var (keys %{$hr->{'vars'}}) {
print RC "$var $hr->{'vars'}->{$var}\n";
}
}
close RC;
&write_rc_file($test_hr->{'write_rc_file'}, $rewrite_rc_file);
$rc_file = $rewrite_rc_file;
} elsif ($test_hr->{'save_rc_stanza'}) {
open RC, "> $save_rc_file"
or die "[*] Could not open $save_rc_file: $!";
for my $hr (@{$test_hr->{'save_rc_stanza'}}) {
print RC "[$hr->{'name'}]\n";
for my $var (keys %{$hr->{'vars'}}) {
print RC "$var $hr->{'vars'}->{$var}\n";
}
}
close RC;
&write_rc_file($test_hr->{'save_rc_stanza'}, $save_rc_file);
$rc_file = $save_rc_file;
} else {
&write_test_file(
"[-] test hash does not include 'write_rc_file' or 'save_rc_stanza'\n",
@ -1109,8 +1119,11 @@ sub client_rc_file() {
$rv = 0 unless &run_cmd($test_hr->{'cmdline'},
$cmd_out_tmp, $curr_test_file);
$rv = 0 unless &file_find_regex([qr/final\spacked/i],
$MATCH_ALL, $NO_APPEND_RESULTS, $curr_test_file);
unless ($test_hr->{'cmdline'} =~ /key\-gen/ or $test_hr->{'cmdline'} =~ /\-k/) {
$rv = 0 unless &file_find_regex([qr/final\spacked/i],
$MATCH_ALL, $NO_APPEND_RESULTS, $curr_test_file);
}
if ($test_hr->{'positive_output_matches'}) {
unless (&file_find_regex(
@ -1141,6 +1154,28 @@ sub client_rc_file() {
$rv = 0;
}
if ($test_hr->{'rc_positive_output_matches'}) {
unless (&file_find_regex(
$test_hr->{'rc_positive_output_matches'},
$MATCH_ALL, $NO_APPEND_RESULTS, $rc_file)) {
&write_test_file(
"[-] rc_positive_output_matches not met, setting rv=0\n",
$curr_test_file);
$rv = 0;
}
}
if ($test_hr->{'rc_negative_output_matches'}) {
if (&file_find_regex(
$test_hr->{'rc_negative_output_matches'},
$MATCH_ANY, $NO_APPEND_RESULTS, $rc_file)) {
&write_test_file(
"[-] rc_negative_output_matches not met, setting rv=0\n",
$curr_test_file);
$rv = 0;
}
}
return $rv;
}
@ -5008,7 +5043,9 @@ sub validate_test_hashes() {
'insert_rule_before_exec' => $OPTIONAL,
'insert_rule_while_running' => $OPTIONAL,
'search_for_rule_after_exit' => $OPTIONAL,
'mv_and_restore_replay_cache' => $OPTIONAL,
'rc_positive_output_matches' => $OPTIONAL,
'rc_negative_output_matches' => $OPTIONAL,
'mv_and_restore_replay_cache' => $OPTIONAL,
'server_positive_output_matches' => $OPTIONAL,
'server_negative_output_matches' => $OPTIONAL,
'replay_positive_output_matches' => $OPTIONAL,

78
test/tests/basic_operations.pl
View File

@ -339,6 +339,7 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'SHA1'}}],
'positive_output_matches' => [qr/Digest\sType\:\s.*MD5/],
'rc_positive_output_matches' => [qr/DIGEST_TYPE.*MD5/],
'fatal' => $NO
},
{
@ -350,6 +351,7 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'MD5'}}],
'positive_output_matches' => [qr/Digest\sType\:\s.*SHA1/],
'rc_positive_output_matches' => [qr/DIGEST_TYPE.*SHA1/],
'fatal' => $NO
},
{
@ -361,6 +363,7 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'MD5'}}],
'positive_output_matches' => [qr/Digest\sType\:\s.*SHA256/],
'rc_positive_output_matches' => [qr/DIGEST_TYPE.*SHA256/],
'fatal' => $NO
},
{
@ -372,6 +375,7 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'MD5'}}],
'positive_output_matches' => [qr/Digest\sType\:\s.*SHA384/],
'rc_positive_output_matches' => [qr/DIGEST_TYPE.*SHA384/],
'fatal' => $NO
},
{
@ -383,6 +387,7 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'DIGEST_TYPE' => 'MD5'}}],
'positive_output_matches' => [qr/Digest\sType\:\s.*SHA512/],
'rc_positive_output_matches' => [qr/DIGEST_TYPE.*SHA512/],
'fatal' => $NO
},
{
@ -395,6 +400,7 @@
'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest',
'HMAC_DIGEST_TYPE' => 'SHA1'}}],
'positive_output_matches' => [qr/HMAC\sType\:\s.*MD5/],
'rc_positive_output_matches' => [qr/HMAC_DIGEST_TYPE.*MD5/, qw/USE_HMAC.*Y/],
'fatal' => $NO
},
{
@ -407,6 +413,7 @@
'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest',
'HMAC_DIGEST_TYPE' => 'MD5'}}],
'positive_output_matches' => [qr/HMAC\sType\:\s.*SHA1/],
'rc_positive_output_matches' => [qr/HMAC_DIGEST_TYPE.*SHA1/],
'fatal' => $NO
},
{
@ -419,6 +426,7 @@
'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest',
'HMAC_DIGEST_TYPE' => 'MD5'}}],
'positive_output_matches' => [qr/HMAC\sType\:\s.*SHA256/],
'rc_positive_output_matches' => [qr/HMAC_DIGEST_TYPE.*SHA256/],
'fatal' => $NO
},
{
@ -431,6 +439,7 @@
'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest',
'HMAC_DIGEST_TYPE' => 'MD5'}}],
'positive_output_matches' => [qr/HMAC\sType\:\s.*SHA384/],
'rc_positive_output_matches' => [qr/HMAC_DIGEST_TYPE.*SHA384/],
'fatal' => $NO
},
{
@ -443,6 +452,7 @@
'vars' => {'KEY' => 'testtest', 'HMAC_KEY' => 'hmactest',
'HMAC_DIGEST_TYPE' => 'MD5'}}],
'positive_output_matches' => [qr/HMAC\sType\:\s.*SHA512/],
'rc_positive_output_matches' => [qr/HMAC_DIGEST_TYPE.*SHA512/],
'fatal' => $NO
},
{
@ -454,6 +464,8 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'SPA_SERVER_PROTO' => 'TCP'}}],
'positive_output_matches' => [qr/protocol:\sudp/],
'rc_positive_output_matches' => [qr/SPA_SERVER_PROTO.*udp/],
'rc_negative_output_matches' => [qr/USE_HMAC/],
'fatal' => $NO
},
{
@ -465,6 +477,8 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'SPA_SERVER_PROTO' => 'UDP'}}],
'positive_output_matches' => [qr/protocol:\stcp/],
'rc_positive_output_matches' => [qr/SPA_SERVER_PROTO.*tcp/],
'rc_negative_output_matches' => [qr/USE_HMAC/],
'fatal' => $NO
},
{
@ -476,6 +490,8 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'SPA_SERVER_PROTO' => 'UDP'}}],
'positive_output_matches' => [qr/protocol:\shttp/],
'rc_positive_output_matches' => [qr/SPA_SERVER_PROTO.*http/],
'rc_negative_output_matches' => [qr/USE_HMAC/],
'fatal' => $NO
},
{
@ -487,6 +503,8 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'SPA_SERVER_PROTO' => 'UDP'}}],
'positive_output_matches' => [qr/protocol:\stcpraw/],
'rc_positive_output_matches' => [qr/SPA_SERVER_PROTO.*tcpraw/],
'rc_negative_output_matches' => [qr/USE_HMAC/],
'fatal' => $NO
},
{
@ -498,6 +516,8 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'SPA_SERVER_PROTO' => 'UDP'}}],
'positive_output_matches' => [qr/protocol:\sicmp/],
'rc_positive_output_matches' => [qr/SPA_SERVER_PROTO.*icmp/],
'rc_negative_output_matches' => [qr/USE_HMAC/],
'fatal' => $NO
},
{
@ -509,6 +529,8 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'SPA_SOURCE_PORT' => '65531'}}],
'positive_output_matches' => [qr/source\sport:\s65421/],
'rc_positive_output_matches' => [qr/SPA_SOURCE_PORT.*65421/],
'rc_negative_output_matches' => [qr/USE_HMAC/],
'fatal' => $NO
},
{
@ -520,6 +542,8 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'SPA_SERVER_PORT' => '65531'}}],
'positive_output_matches' => [qr/destination\sport:\s65421/],
'rc_positive_output_matches' => [qr/SPA_SERVER_PORT.*65421/],
'rc_negative_output_matches' => [qr/USE_HMAC/],
'fatal' => $NO
},
{
@ -531,6 +555,60 @@
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'FW_TIMEOUT' => '30'}}],
'positive_output_matches' => [qr/Client\sTimeout:\s1234/],
'rc_positive_output_matches' => [qr/FW_TIMEOUT.*1234/],
'rc_negative_output_matches' => [qr/USE_HMAC/],
'fatal' => $NO
},
{
'category' => 'basic operations',
'subcategory' => 'client save rc file',
'detail' => '--verbose',
'function' => \&client_rc_file,
'cmdline' => "$client_save_rc_args_no_verbose -n default --fw-timeout 1234 --verbose",
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'FW_TIMEOUT' => '30'}}],
'positive_output_matches' => [qr/Client\sTimeout:\s1234/],
'rc_positive_output_matches' => [qr/VERBOSE.*Y/],
'fatal' => $NO
},
{
'category' => 'basic operations',
'subcategory' => 'client save rc file',
'detail' => '--verbose --verbose',
'function' => \&client_rc_file,
'cmdline' => "$client_save_rc_args_no_verbose -n default " .
"--fw-timeout 1234 --verbose --verbose",
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'FW_TIMEOUT' => '30'}}],
'positive_output_matches' => [qr/Client\sTimeout:\s1234/],
'rc_positive_output_matches' => [qr/VERBOSE.*2/],
'fatal' => $NO
},
{
'category' => 'basic operations',
'subcategory' => 'client save rc file',
'detail' => 'no --verbose',
'function' => \&client_rc_file,
'cmdline' => "$client_save_rc_args_no_verbose -n default " .
"--fw-timeout 1234",
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'FW_TIMEOUT' => '30'}}],
'positive_output_matches' => [qr/Client\sTimeout:\s1234/],
'rc_negative_output_matches' => [qr/VERBOSE/],
'fatal' => $NO
},
{
'category' => 'basic operations',
'subcategory' => 'client save rc file',
'detail' => '--use-hmac --key-gen',
'function' => \&client_rc_file,
'cmdline' => "$client_save_rc_args_no_verbose -n default " .
"--fw-timeout 1234 --verbose --use-hmac --key-gen",
'save_rc_stanza' => [{'name' => 'default',
'vars' => {'KEY' => 'testtest', 'FW_TIMEOUT' => '30'}}],
'positive_output_matches' => [qr/Wrote.*HMAC.*keys/],
'rc_positive_output_matches' => [qr/VERBOSE.*Y/,
qr/USE_HMAC.*Y/, qr/KEY_BASE64/, qr/HMAC_KEY_BASE64/],
'fatal' => $NO
},