[test suite] additional client/config_init.c code coverage test for fwknoprc file...
authorMichael Rash <mbr@cipherdyne.org>
Sun, 30 Mar 2014 01:44:24 +0000 (21:44 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sun, 30 Mar 2014 01:44:24 +0000 (21:44 -0400)
Makefile.am
test/conf/fwknoprc_hmac_defaults [new file with mode: 0644]
test/test-fwknop.pl
test/tests/rijndael_hmac.pl

index cf88907..8d4c604 100644 (file)
@@ -159,6 +159,7 @@ EXTRA_DIST = \
     test/conf/gpg_no_pw_access.conf \
     test/conf/gpg_no_pw_hmac_access.conf \
     test/conf/fwknoprc_gpg_invalid_exe \
+    test/conf/fwknoprc_hmac_defaults \
     test/conf/fwknoprc_gpg_hmac_sha512_key \
     test/conf/gpg_hmac_sha512_access.conf \
     test/conf/fwknoprc_hmac_sha512_base64_key \
diff --git a/test/conf/fwknoprc_hmac_defaults b/test/conf/fwknoprc_hmac_defaults
new file mode 100644 (file)
index 0000000..d35e7bd
--- /dev/null
@@ -0,0 +1,40 @@
+[default]
+ACCESS                      tcp/22
+SPA_SERVER                  127.0.0.1
+ALLOW_IP                    127.0.0.2
+USE_HMAC                    Y
+HMAC_DIGEST_TYPE            sha256
+KEY_BASE64                  wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
+HMAC_KEY_BASE64             Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
+DIGEST_TYPE                 sha256
+SPA_SERVER_PROTO            udp
+SPA_SERVER_PORT             62201
+SPOOF_USER                  mbrtest
+VERBOSE                     Y
+RESOLVE_IP_HTTP             N
+TIME_OFFSET                 -1s
+ENCRYPTION_MODE             CBC
+USE_GPG                     N
+USE_GPG_AGENT               N
+
+#RAND_PORT
+#SPA_SOURCE_PORT
+#FW_TIMEOUT
+#GPG_RECIPIENT
+#GPG_SIGNER
+#GPG_HOMEDIR
+#GPG_EXE
+#GPG_SIGNING_PW
+#GPG_SIGNING_PW_BASE64
+#GPG_NO_SIGNING_PW
+#SPOOF_SOURCE_IP
+#KEY
+#HMAC_KEY
+#KEY_FILE
+#HMAC_KEY_FILE
+#RESOLVE_URL
+#NAT_ACCESS
+#HTTP_USER_AGENT
+#NAT_LOCAL
+#NAT_RAND_PORT
+#NAT_PORT
index 3153787..d6e9faa 100755 (executable)
@@ -136,6 +136,7 @@ our %cf = (
     'rc_hmac_equal_keys'           => "$conf_dir/fwknoprc_hmac_equal_keys",
     'rc_invalid_b64_key'           => "$conf_dir/fwknoprc_invalid_base64_key",
     'rc_hmac_b64_key'              => "$conf_dir/fwknoprc_default_hmac_base64_key",
+    'rc_hmac_defaults'             => "$conf_dir/fwknoprc_hmac_defaults",
     'rc_hmac_nat_rand_b64_key'     => "$conf_dir/fwknoprc_hmac_nat_rand_base64_key",
     'rc_hmac_spoof_src_b64_key'    => "$conf_dir/fwknoprc_hmac_spoof_src_base64_key",
     'rc_hmac_sha512_b64_key'       => "$conf_dir/fwknoprc_hmac_sha512_base64_key",
@@ -503,6 +504,9 @@ our $client_save_rc_args_no_verbose = "$default_client_args_no_verbose " .
 our $default_client_hmac_args = "$default_client_args_no_get_key " .
     "--rc-file $cf{'rc_hmac_b64_key'}";
 
+our $client_hmac_rc_defaults = "$lib_view_str $valgrind_str " .
+    "$fwknopCmd --no-save-args --rc-file $cf{'rc_hmac_defaults'}";
+
 our $client_ip_resolve_args = "$lib_view_str $valgrind_str " .
     "$fwknopCmd -A tcp/22 -R -D $loopback_ip --get-key " .
     "$local_key_file $verbose_str";
index 9159d75..8a1168a 100644 (file)
     {
         'category' => 'Rijndael+HMAC',
         'subcategory' => 'client+server',
+        'detail'   => 'complete cycle rc defaults',
+        'function' => \&spa_cycle,
+        'cmdline'  => $client_hmac_rc_defaults,
+        'fwknopd_cmdline' => "$fwknopdCmd -c $cf{'def'} -a $cf{'hmac_access'} " .
+            "-d $default_digest_file -p $default_pid_file $intf_str",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'key_file' => $cf{'rc_hmac_defaults'},
+    },
+
+    {
+        'category' => 'Rijndael+HMAC',
+        'subcategory' => 'client+server',
         'detail'   => 'replay attack detection',
         'function' => \&replay_detection,
         'cmdline'  => $default_client_hmac_args,