DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,705 Commits 15 Branches 0 Tags
5fadf56af42a6b320a5752cfb048df4697fb190e
Commit Graph

537 Commits

Author SHA1 Message Date
Michael Rash
73490209f7 [test suite] add access.conf file path to a few basic tests 2014-07-22 17:36:31 -04:00
Michael Rash
3df08e3c0e [test suite] handle PF on FreeBSD 2014-07-22 17:35:59 -04:00
Michael Rash
eed3418996 [test suite] update wrapper Makefile gcc -> cc 2014-07-22 17:35:19 -04:00
Michael Rash
9470b3ce21 [test suite] README update to include --enable-complete mode 2014-07-22 11:31:16 -04:00
Michael Rash
3bd1d0742e [test suite] add --gpg-home-dir arg to GPG test 2014-07-08 16:32:26 -05:00
Michael Rash
7e1346c49a [test suite] add variable expansion and fwknopd override tests 2014-07-08 16:31:06 -05:00
Michael Rash
824ebe94f8 [test suite] run interrupt signal test against foreground fwknopd process 2014-07-08 16:28:42 -05:00
Michael Rash
0e5c4644fc [test suite] add GPG test for a manually altered SPA packet 2014-07-07 22:16:47 -05:00
Michael Rash
1b47173906 [test suite] add SYSLOG_FACILITY tests 2014-07-07 21:35:27 -05:00
Michael Rash
5474ced90b [test suite] extend invalid sniff interface test to include promisc mode 2014-07-05 23:10:26 -05:00
Michael Rash
77eb1a763f [test suite] add invalid sniff interface test 2014-07-05 22:44:40 -05:00
Michael Rash
f0285ae2b5 [test suite] add invalid gpg sig ID list 2014-07-04 20:05:54 -04:00
Michael Rash
ffa77a9e54 [test suite] add GPG_DISABLE_SIG test 2014-07-04 19:54:56 -04:00
Michael Rash
a2ff2a396c [server] call clean_exit() upon check_dir_path() error 2014-07-03 10:31:30 -04:00
Michael Rash
5ced103207 [test suite] minor test coverage addition for invalid locale setting 2014-07-03 10:17:52 -04:00
Michael Rash
fed2da3bb0 [test suite] additional valgrind suppression for pcap-file processing 2014-07-03 08:52:48 -04:00
Michael Rash
43b770320a [server] Require sig ID's or fingerprints when sigs are validated 
When validating access.conf stanzas make sure that one of
GPG_REMOTE_ID or GPG_FINGERPRINT_ID is specified whenever GnuPG
signatures are to be verified for incoming SPA packets. Signature
verification is the default, and can only be disabled with
GPG_DISABLE_SIG but this is NOT recommended.
 2014-06-30 11:52:42 -04:00
Michael Rash
77384a904e [server] add access.conf variable GPG_FINGERPRINT_ID 
Add a new GPG_FINGERPRINT_ID variable to the access.conf file
so that full GnuPG fingerprints can be required for incoming SPA packets
in addition to the appreviated GnuPG signatures listed in GPG_REMOTE_ID.
From the test suite, an example fingerprint is

GPG_FINGERPRINT_ID            00CC95F05BC146B6AC4038C9E36F443C6A3FAD56
 2014-06-30 11:11:09 -04:00
Michael Rash
e41e0f5aaf [test suite] added iptables OUTPUT chain test 2014-06-24 22:54:27 -04:00
Michael Rash
a4615a76b5 [test suite] add Rjindael HMAC --no-ipt-check-support test for udp/53 2014-06-24 18:21:46 -04:00
Michael Rash
125f99aa3b [test suite] updated --gdb mode to run the first found fwknop command from an output/*.test file 2014-06-24 17:50:50 -04:00
Michael Rash
3557158620 [test suite] add valgrind suppressions for libfiu 2014-06-16 17:14:52 -04:00
Michael Rash
389e55ddfc [test suite] consolidate valgrind success/failure criteria into a single function 2014-06-16 17:13:54 -04:00
Michael Rash
55a03f3392 [test suite] added suppressions to fko-wrapper/run_valgrind.sh 2014-06-16 17:12:59 -04:00
Michael Rash
4878607254 [libfko] removed fko_new_strdup() fault injection tag since fko_destroy() isn't called 2014-06-16 17:11:52 -04:00
Michael Rash
42a20616b4 [libfko] additional fault injection additions with test suite support 2014-06-14 21:27:18 -04:00
Michael Rash
c00a3e7b26 [test suite] additional fault injection tests 2014-06-12 20:29:54 -04:00
Michael Rash
13ca6261b3 [test suite] minor update to not parse crash messages out of crash test output file 2014-06-12 20:29:24 -04:00
Michael Rash
06ce514111 [test suite] add several fault injection tests 2014-06-12 00:02:18 -04:00
Michael Rash
d8b2ae370a [test suite] always run crash check at the end of test run 2014-06-12 00:01:58 -04:00
Michael Rash
b8ad48eaa9 [test suite] added fiu-run fault injection tests against the fwknopd server 2014-06-10 09:34:48 -04:00
Michael Rash
989d48b7e9 [test suite] make valgrind suppressions slightly more perscriptive 2014-06-08 20:22:19 -04:00
Michael Rash
7fb2f292bc [test suite] in valgrind mode, make tests fail whenever there are 'definitely' or 'indirectly' lost bytes in memory 2014-06-08 20:20:19 -04:00
Michael Rash
dfeecf5c29 [test suite] additional fix for duplicate fault injection tags 2014-06-06 10:31:07 -04:00
Michael Rash
1b4d7f5b19 [test suite] minor fix for duplicate fault injection tags 2014-06-06 10:25:33 -04:00
Michael Rash
6d1d66fe03 add --fault-injection-tag support to the client/server/libfko 
This is a significant commit to add the ability to leverage libfko fault
injections from both the fwknop client and server command lines via a
new option '--fault-injection-tag <tag name>'.  This option is used by
the test suite with the tests/fault_injection.pl tests.
 2014-06-05 23:05:49 -04:00
Michael Rash
6a0af8ed8e [test suite] added coverage_diff.py 
This commit adds support for diff'ing before and after gcov/lcov results
to see when new function/line coverage is added by the test suite.  Here
is an example of its output:

Sun Jun  1 22:28:00 2014 CMD: ./coverage_diff.py
[+] Coverage: /home/mbr/git/fwknop.git/server/config_init.c
[+] new 'fcns' coverage: usage()
[+] new 'lines' coverage: 1015
[+] new 'lines' coverage: 1017
[+] new 'lines' coverage: 1019
[+] new 'lines' coverage: 1059
[+] new 'lines' coverage: 979
[+] Coverage: /home/mbr/git/fwknop.git/server/fw_util_iptables.c
[+] new 'lines' coverage: 560
[+] new 'lines' coverage: 561
 2014-06-01 22:30:54 -04:00
Michael Rash
040b7b10a0 [test suite] add shell escape for /usr/include/* wildcard on lcov command line 2014-05-26 23:15:09 -04:00
Michael Rash
2e150d47a7 restore trustdb.gpg files 2014-05-26 23:06:14 -04:00
Michael Rash
2697bd260c [test suite] fix LD_LIBRARY_PATH for fiu-run execution against fko-wrapper binaries 2014-05-26 22:53:44 -04:00
Michael Rash
ddaf0134d6 use fiu.h instead of fiu-local.h 2014-05-26 15:54:12 -04:00
Michael Rash
e893ecad21 [test suite] added first test to run fwknop client underneath fiu-run for libc fault injection 2014-05-26 15:09:02 -04:00
Michael Rash
a1f1e4b328 [test suite] in --enable-fuzzing-interfaces mode create fko-wrapper/send_spa_payloads file if it does exist 2014-05-26 14:18:27 -04:00
Michael Rash
237602114f [test suite] minor fko_wrapper comment update 2014-05-26 08:40:26 -04:00
Michael Rash
55ae7d5095 [test suite] auto-generate fko-wrapper/fuzz_spa_payload file with spa_fuzzing.py if necessary in --enable-complete/--enable-fuzzing-interfaces mode 2014-05-25 22:10:43 -04:00
Michael Rash
23e8dcfddd [test suite] added configure_max_coverage.sh for --enable-complete mode 2014-05-25 16:23:40 -04:00
Michael Rash
fa53cc62e1 [test suite] SPA packet fuzzer minor comment additions to clearly define SPA packet types 2014-05-25 15:50:09 -04:00
Michael Rash
d625a24a87 [test suite] added fko_new_with_data() call with SPA data that is too short 2014-05-25 15:08:31 -04:00
Michael Rash
00ea2ce0ef [test suite] added --enable-complete option for fuzzing, fault injection, and code coverage 2014-05-25 12:37:35 -04:00
Michael Rash
de03ed702e [test suite] added the ability to run fiu-run fault injection binary against fwknop 2014-05-24 17:55:57 -04:00