DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,467 Commits 15 Branches 0 Tags
08e5c9252cba9367f1122f834bf79f499ea4e050
Commit Graph

392 Commits

Author SHA1 Message Date
Michael Rash
f3a02b5d2d [test suite] establish new test.log file in --list mode 2014-03-07 16:31:30 -05:00
Michael Rash
f476570b2a [test suite] minor --help update to include missed options 2014-03-07 15:54:59 -05:00
Michael Rash
14dc8c6ea2 [test suite] check for Darwin uname output for Mac OS X 2014-02-09 21:39:52 -05:00
Michael Rash
6409216d34 [test suite] added git branch and commit values to init 2014-02-07 07:58:12 -05:00
Michael Rash
873b06b422 [test suite] added portrange bpf filter test 2014-02-07 07:49:50 -05:00
Michael Rash
8922c279d3 [test suite] buf fix for DYLD_LIBRARY_PATH on Mac OS X systems 2014-02-02 20:29:14 -05:00
Michael Rash
55dec8532a [test suite] minor spelling typo fix 2014-02-02 20:28:02 -05:00
Michael Rash
63a829803e [test suite] added --client-only mode for the test suite 2014-01-17 09:19:13 -05:00
Michael Rash
a347be354d merged android4.4_support branch 2014-01-10 22:46:54 -05:00
Michael Rash
34a3808b99 [test suite] minor display_ctx() call position update 2014-01-01 19:45:02 -05:00
Michael Rash
f5fd8de482 [test suite] better loop output for fko-wrapper 2014-01-01 14:07:39 -05:00
Michael Rash
227d0ab947 [libfko] ensure NULL is handled properly for all fko_get_* functions 2013-12-31 23:27:05 -05:00
Michael Rash
7aa6d37fff [libfko] added NULL check for fko_set_spa_data() data arg 2013-12-30 21:56:08 -05:00
Michael Rash
297d7d00fe [libfko] enc key NULL checks with fko-wrapper test support 2013-12-29 22:44:16 -05:00
Michael Rash
0c6911941b [libfko] reject negative length values 
Integer lengths that are negative are never valid.  This commit also
extends the fuzzing capabilities of the test/fko-wrapper code to
validate libfko calls with negative length arguments, and one crash
scenario with a negative length for the encryption key was found (and
fixed) this way.
 2013-12-29 21:05:04 -05:00
Michael Rash
283c72e463 [test suite] run fko-wrapper without valgrind, closes #113 2013-12-29 19:59:16 -05:00
Michael Rash
8a7ca121e9 [test suite] use ctx_update() where possible for fko-wrapper 2013-12-28 15:22:01 -05:00
Michael Rash
bf9fa57ca8 [test suite] added 'getset' versions of fko_ int/short wrapper functions 2013-12-28 14:56:35 -05:00
Michael Rash
8f3ea42b3f [test suite] update fko-wrapper to use constants from fko.h 2013-12-28 14:20:11 -05:00
Michael Rash
4c42d5575e [test suite] added ctx_update() function to fko-wrapper test 2013-12-28 14:10:47 -05:00
Michael Rash
05eb4ebb7b [test suite] call FKO functions via function pointers (interim commit) 2013-12-27 23:24:05 -05:00
Michael Rash
509dcf93dd [android] added HMAC test along with non-legacy Rijndael test 2013-12-23 23:15:11 -05:00
Michael Rash
6cba5d2ec9 [test suite] bug fix for python FKO extension library path (found on Fedora 19) 2013-12-16 22:33:55 -05:00
Michael Rash
aeed8323f7 [test suite] multi-packet pcap test for pcap_dispatch() validation 
This commit adds a new pcap file to the test suite with an SPA packet after
99 other garbage packets.  This can be used for pcap_dispatch() testing,
though this is not meant to be super instensive - it is just to ensure that
if a PCAP_DISPATCH_COUNT of, say, 10 is selected that the SPA is still seen
by fwknopd.  This commit is in support of #110.
 2013-12-10 21:56:20 -06:00
Michael Rash
5f50ac22db [server] use SIGKILL if necessary for -K 
This change sends SIGKILL to fwknopd under -K if SIGTERM does not do the job
first.  This can be necessary in some cases if libpcap does not properly handle
a packet count of zero in pcap_dispatch() (see github issue #110).  On a side
note, the default packet dispatch count of zero will likely be changed because
of that issue too.
 2013-12-10 14:35:38 -06:00
Michael Rash
3ef9e5645b [test suite] added masquerade exception for non-Linux systems 2013-12-05 23:37:10 -05:00
Michael Rash
0319b72334 [test suite] added missing config files 2013-12-05 23:01:12 -05:00
Michael Rash
46b5f2ecaf [server] added the ability to use FORCE_MASQUERADE to access.conf stanzas 2013-12-05 23:00:19 -05:00
Michael Rash
e0114e60c2 [server] Added FORCE_SNAT to access.conf stanzas. 
Added FORCE_SNAT to the access.conf file so that per-access stanza SNAT
criteria can be specified for SPA access.
 2013-12-04 21:52:07 -05:00
Michael Rash
d7aa820e33 [server] Bug fix for SPA NAT modes on iptables firewalls for chain re-creation 
For SPA NAT modes this commit ensures that custom fwknop chains are re-created
if they get deleted out from under the running fwknopd instance.
 2013-12-03 21:42:23 -05:00
Michael Rash
bd73ceb5bd [test suite] added FreeBSD-9.2 and OpenBSD-5.4 compatibility tests 2013-11-27 21:58:13 -05:00
Michael Rash
c382febf3d [client] use libfko is_valid_ipv4_addr() for IP address validation 2013-11-26 23:48:56 -05:00
Michael Rash
aeb415d0e0 move fuzzing_spa_packets file to perl/FKO/t/ for fuzzing tests 
This change moves the fuzzing_spa_packets file from the test/fuzzing/
directory into the perl FKO extension t/ directory and is now referenced
directly by the t/04_fuzzing.t test file.  The test suite itself also uses
this file for fuzzing tests as well, but having the FKO built-in tests
enables Test::Valgrind memory checks so it is useful to have this included
in the FKO sources.  (When the FKO module is submitted to CPAN, it should
not depend on non-local files, but it's ok for the test suite to reference
the ../perl/FKO/t/ directory.)
 2013-11-26 21:44:53 -05:00
Michael Rash
6dd5ab8e35 [test suite] added --cmd-verbose to control fwknop command verbosity levels 
This commit provides an easy way to control how verbose fwknop command
execution will be.  For example, fwknopd only calls hex_dump() against
SPA packets when --verbose > 2, so invoking the tests suite as follows
will result in hex_dump() being included in fwknopd output (see the
output/1_fwknopd.test file:

./test-fwknop.pl --include "Rijndael.*complete.*22" --test-limit 1 --cmd-verbose "--verbose --verbose --verbose"

[+] candidate SPA packet payload:

  0x0000:  39 62 72 51 58 75 7a 4b  57 54 53 67 57 56 35 66 9brQXuzKWTSgWV5f
  0x0010:  73 63 78 42 35 78 69 51  65 6c 55 4f 53 78 69 45 scxB5xiQelUOSxiE
  0x0020:  51 30 59 6a 41 50 70 31  4f 70 43 62 32 51 4a 4c Q0YjAPp1OpCb2QJL
  0x0030:  48 34 42 65 68 64 6d 47  35 49 31 50 36 2f 5a 69 H4BehdmG5I1P6/Zi
  0x0040:  6a 34 4b 41 62 34 53 68  6a 59 66 4f 71 2b 46 6c j4KAb4ShjYfOq+Fl
  0x0050:  4a 35 52 75 70 33 39 6f  6e 65 42 79 72 51 46 57 J5Rup39oneByrQFW
  0x0060:  61 38 6c 37 63 48 6e 38  5a 54 36 59 6e 55 56 47 a8l7cHn8ZT6YnUVG
  0x0070:  50 36 6e 53 6f 69 30 61  70 72 32 52 39 62 6b 56 P6nSoi0apr2R9bkV
  0x0080:  37 50 61 67 41 61 6b 49  44 63 58 59 44 6b 2f 64 7PagAakIDcXYDk/d
  0x0090:  67 51 45 61 37 39 32 6f  30 4d 38 6e 30 30 6e 35 gQEa792o0M8n00n5
  0x00a0:  55                                               U
 2013-11-22 23:00:20 -05:00
Michael Rash
f396b816a1 [test suite] fix LD_LIBRARY_PATH for perl FKO 'make test' run 2013-11-21 21:01:17 -05:00
Michael Rash
eeda4e0f10 [test suite] better --lib-dir support for non-default LD_LIBRARY_PATH values 
This commit allow the test suite to easily use a non-default LD_LIBRARY_PATH
in order to test mixed combinations of newly compiled fwknop client/server
binaries and previously installed versions of libfko.  This allows backwards
compatibility (and forwards compatibility) to be verified by the test suite.

For example, after compiling the fwknop client and server for the 2.5.2
release, one could use libfko from 2.5.1 to verify compatibility:

./test-fwknop.pl --enable-all --lib-path /home/mbr/install/fwknop-2.0.4/lib

See the --fwknop-path and --fwknopd-path args as well in order to support
arbitrary client/server/libfko combinations.
 2013-11-20 23:14:57 -05:00
Michael Rash
28a915c8c8 [test suite] added short and long IP tests (1.1.1.1 and 123.123.123.123) 2013-11-20 23:10:36 -05:00
Michael Rash
8cb5653d5e [test suite] minor update for SNAT tests to not restrict --fw-list search to 127.0.0.2 2013-11-18 22:22:02 -05:00
Michael Rash
71d19031e6 [test suite] remove init file before starting test run 2013-11-17 22:27:07 -05:00
Michael Rash
93c0faafeb [test suite] extended code structure errstr test to validate python extention error code constants 2013-11-17 20:43:28 -05:00
Michael Rash
eebfa8924d [test suite] extended code structure errstr test to validate perl FKO constants 2013-11-17 19:50:42 -05:00
Michael Rash
a9cc97cd2a [test suite] added tests/code_structure.pl with a test for expected lib/fko.h error code fko_errstr() handling 2013-11-16 23:22:25 -05:00
Michael Rash
cd15502bf1 [test suite] minor addition to fko-wrapper to call fko_errstr() across valid and invalid values 2013-11-16 20:36:39 -05:00
Michael Rash
cb2fc3abbe [test suite] handle LD_LIBRARY_PATH from the main test-fwknop.pl script 2013-11-14 22:47:13 -05:00
Michael Rash
a6f030412f [test suite] added Rijndael/HMAC compatibility tests for Mac OS X 10.9 2013-11-14 10:37:36 -05:00
Michael Rash
6870e65800 [test suite] minor cleanup to remove uncessary 'fatal' test hash keys 2013-11-14 10:24:58 -05:00
Michael Rash
5f51d7b3eb [test suite] added support for 'otool' instead of 'ldd' on Mac OS X systems 2013-11-14 09:59:28 -05:00
Michael Rash
1299a8ee87 [test suite] added DYLD_LIBRARY_PATH for Mac OS X 10.9 2013-11-12 23:05:16 -05:00
Michael Rash
a98317d367 [test suite] minor negative output match addition for Test::Valgrind test 2013-10-27 15:08:01 -04:00
Michael Rash
0451a7394c [test suite] added valgrind output interpretation for Test::Valgrind output for previous run comparisons 2013-10-25 22:38:09 -04:00