[test suite] additional rc file code coverage tests
authorMichael Rash <mbr@cipherdyne.org>
Sun, 30 Mar 2014 02:23:45 +0000 (22:23 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sun, 30 Mar 2014 02:23:45 +0000 (22:23 -0400)
Makefile.am
test/conf/fwknoprc_hmac_http_resolve [new file with mode: 0644]
test/test-fwknop.pl
test/tests/rijndael_hmac.pl

index 8d4c604..b587569 100644 (file)
@@ -160,6 +160,7 @@ EXTRA_DIST = \
     test/conf/gpg_no_pw_hmac_access.conf \
     test/conf/fwknoprc_gpg_invalid_exe \
     test/conf/fwknoprc_hmac_defaults \
+    test/conf/fwknoprc_hmac_http_resolve \
     test/conf/fwknoprc_gpg_hmac_sha512_key \
     test/conf/gpg_hmac_sha512_access.conf \
     test/conf/fwknoprc_hmac_sha512_base64_key \
diff --git a/test/conf/fwknoprc_hmac_http_resolve b/test/conf/fwknoprc_hmac_http_resolve
new file mode 100644 (file)
index 0000000..cd84361
--- /dev/null
@@ -0,0 +1,40 @@
+[default]
+ACCESS                      tcp/22
+SPA_SERVER                  127.0.0.1
+ALLOW_IP                    resolve
+USE_HMAC                    Y
+HMAC_DIGEST_TYPE            sha256
+KEY_BASE64                  wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
+HMAC_KEY_BASE64             Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
+DIGEST_TYPE                 sha256
+SPA_SERVER_PROTO            udp
+SPA_SERVER_PORT             62201
+SPOOF_USER                  mbrtest
+VERBOSE                     Y
+TIME_OFFSET                 -1s
+ENCRYPTION_MODE             CBC
+USE_GPG                     N
+USE_GPG_AGENT               N
+RESOLVE_IP_HTTP             Y
+HTTP_USER_AGENT             FwknopTestSuite/2.6
+RESOLVE_URL                 http://www.cipherdyne.org/cgi-bin/myip
+
+#RAND_PORT
+#SPA_SOURCE_PORT
+#FW_TIMEOUT
+#GPG_RECIPIENT
+#GPG_SIGNER
+#GPG_HOMEDIR
+#GPG_EXE
+#GPG_SIGNING_PW
+#GPG_SIGNING_PW_BASE64
+#GPG_NO_SIGNING_PW
+#SPOOF_SOURCE_IP
+#KEY
+#HMAC_KEY
+#KEY_FILE
+#HMAC_KEY_FILE
+#NAT_ACCESS
+#NAT_LOCAL
+#NAT_RAND_PORT
+#NAT_PORT
index d6e9faa..7945c12 100755 (executable)
@@ -137,6 +137,7 @@ our %cf = (
     'rc_invalid_b64_key'           => "$conf_dir/fwknoprc_invalid_base64_key",
     'rc_hmac_b64_key'              => "$conf_dir/fwknoprc_default_hmac_base64_key",
     'rc_hmac_defaults'             => "$conf_dir/fwknoprc_hmac_defaults",
+    'rc_hmac_http_resolve'         => "$conf_dir/fwknoprc_hmac_http_resolve",
     'rc_hmac_nat_rand_b64_key'     => "$conf_dir/fwknoprc_hmac_nat_rand_base64_key",
     'rc_hmac_spoof_src_b64_key'    => "$conf_dir/fwknoprc_hmac_spoof_src_base64_key",
     'rc_hmac_sha512_b64_key'       => "$conf_dir/fwknoprc_hmac_sha512_base64_key",
@@ -507,6 +508,9 @@ our $default_client_hmac_args = "$default_client_args_no_get_key " .
 our $client_hmac_rc_defaults = "$lib_view_str $valgrind_str " .
     "$fwknopCmd --no-save-args --rc-file $cf{'rc_hmac_defaults'}";
 
+our $client_hmac_rc_http_resolve = "$lib_view_str $valgrind_str " .
+    "$fwknopCmd --no-save-args --rc-file $cf{'rc_hmac_http_resolve'}";
+
 our $client_ip_resolve_args = "$lib_view_str $valgrind_str " .
     "$fwknopCmd -A tcp/22 -R -D $loopback_ip --get-key " .
     "$local_key_file $verbose_str";
index 8a1168a..d2c6910 100644 (file)
     },
     {
         'category' => 'Rijndael+HMAC',
+        'subcategory' => 'client+server',
+        'detail'   => 'client IP resolve URL + user agent',
+        'function' => \&spa_cycle,
+        'cmdline'  => "$client_ip_resolve_hmac_args --resolve-url $resolve_url_with_port -u FwknopTestSuite/2.6",
+        'no_ip_check' => 1,
+        'fwknopd_cmdline' => "$fwknopdCmd $default_server_hmac_conf_args $intf_str",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'key_file' => $cf{'rc_hmac_b64_key'},
+    },
+    {
+        'category' => 'Rijndael+HMAC',
+        'subcategory' => 'client+server',
+        'detail'   => 'client IP resolve rc file',
+        'function' => \&spa_cycle,
+        'cmdline'  => $client_hmac_rc_http_resolve,
+        'no_ip_check' => 1,
+        'fwknopd_cmdline' => "$fwknopdCmd $default_server_hmac_conf_args $intf_str",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'key_file' => $cf{'rc_hmac_http_resolve'},
+    },
+
+    {
+        'category' => 'Rijndael+HMAC',
         'subcategory' => 'client',
         'detail'   => 'client IP resolve HTTPS unsupported',
         'function' => \&generic_exec,