Added a test for SPA over TCP
authorMichael Rash <mbr@cipherdyne.org>
Fri, 5 Oct 2012 01:05:55 +0000 (21:05 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Fri, 5 Oct 2012 01:05:55 +0000 (21:05 -0400)
test/conf/tcp_server_fwknopd.conf [new file with mode: 0644]
test/test-fwknop.pl

diff --git a/test/conf/tcp_server_fwknopd.conf b/test/conf/tcp_server_fwknopd.conf
new file mode 100644 (file)
index 0000000..e4832d0
--- /dev/null
@@ -0,0 +1,7 @@
+#
+# The default fwknopd.conf contains only comments since defaults are defined in
+# code and modified via the config file
+#
+PCAP_FILTER                 tcp port 62201;
+ENABLE_TCP_SERVER           Y;
+TCPSERV_PORT                62201;
index 2f4e61b..cdc2b7d 100755 (executable)
@@ -35,6 +35,7 @@ my %cf = (
     'dual_key_access'         => "$conf_dir/dual_key_usage_access.conf",
     'gpg_access'              => "$conf_dir/gpg_access.conf",
     'gpg_no_pw_access'        => "$conf_dir/gpg_no_pw_access.conf",
+    'tcp_server'              => "$conf_dir/tcp_server_fwknopd.conf",
     'tcp_pcap_filter'         => "$conf_dir/tcp_pcap_filter_fwknopd.conf",
     'icmp_pcap_filter'        => "$conf_dir/icmp_pcap_filter_fwknopd.conf",
     'open_ports_access'       => "$conf_dir/open_ports_access.conf",
@@ -863,6 +864,23 @@ my @tests = (
         'fatal'    => $NO
     },
 
+    ### SPA over TCP (not really "single" packet auth since a TCP connection
+    ### is established)
+    {
+        'category' => 'Rijndael SPA',
+        'subcategory' => 'client+server',
+        'detail'   => "SPA over TCP connection",
+        'err_msg'  => "could not send/process SPA packet over TCP connection",
+        'function' => \&spa_cycle,
+        'cmdline'  => "$default_client_args -P tcp",
+        'fwknopd_cmdline'  => "LD_LIBRARY_PATH=$lib_dir $valgrind_str " .
+            "$fwknopdCmd -c $cf{'tcp_server'} -a $cf{'def_access'} " .
+            "-d $default_digest_file -p $default_pid_file $intf_str",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'fatal'    => $NO
+    },
+
     {
         'category' => 'Rijndael SPA',
         'subcategory' => 'client+server',