[test suite] added python->C HMAC test
authorMichael Rash <mbr@cipherdyne.org>
Tue, 9 Apr 2013 00:45:14 +0000 (20:45 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Tue, 9 Apr 2013 00:45:14 +0000 (20:45 -0400)
Makefile.am
test/conf/hmac_sha512_short_key2_access.conf [new file with mode: 0644]
test/fko-python.py
test/test-fwknop.pl
test/tests/python_fko.pl

index 62a9729..0376b18 100644 (file)
@@ -161,6 +161,7 @@ EXTRA_DIST = \
     test/conf/hmac_sha384_long_key_access.conf \
     test/conf/hmac_sha512_access.conf \
     test/conf/hmac_sha512_short_key_access.conf \
+    test/conf/hmac_sha512_short_key2_access.conf \
     test/conf/hmac_sha512_long_key_access.conf \
     test/conf/hmac_simple_keys_access.conf \
     test/conf/hmac_sha256_open_ports_access.conf \
diff --git a/test/conf/hmac_sha512_short_key2_access.conf b/test/conf/hmac_sha512_short_key2_access.conf
new file mode 100644 (file)
index 0000000..ef5827d
--- /dev/null
@@ -0,0 +1,5 @@
+SOURCE: ANY;
+KEY_BASE64:         dGVzdGtleTE=
+HMAC_KEY_BASE64:    dGVzdGtleTI=
+HMAC_DIGEST_TYPE:   sha512;
+FW_ACCESS_TIMEOUT:  3;
index 096a20a..e44437f 100755 (executable)
@@ -13,15 +13,15 @@ fko.hmac_type(FKO_HMAC_SHA512)
 
 # Set the SPA message (Note: Access request is default if not specified).
 #
-fko.spa_message("0.0.0.0,tcp/22")
+fko.spa_message("127.0.0.2,tcp/22")
 
 # Create the final SPA data message string.
 #
-fko.spa_data_final("testtest", "blah")
+fko.spa_data_final("testkey1", "testkey2")
 
 # print the spa message.
 #
-print fko.spa_data()
+print "SPA packet data:", fko.spa_data()
 
 # Print some of the data:
 #
index 3266bac..ab3fe8b 100755 (executable)
@@ -50,6 +50,7 @@ our %cf = (
     'hmac_sha384_long_key_access'  => "$conf_dir/hmac_sha384_long_key_access.conf",
     'hmac_sha512_access'           => "$conf_dir/hmac_sha512_access.conf",
     'hmac_sha512_short_key_access' => "$conf_dir/hmac_sha512_short_key_access.conf",
+    'hmac_sha512_short_key2_access' => "$conf_dir/hmac_sha512_short_key2_access.conf",
     'hmac_sha512_long_key_access'  => "$conf_dir/hmac_sha512_long_key_access.conf",
     'hmac_simple_keys_access'      => "$conf_dir/hmac_simple_keys_access.conf",
     'hmac_invalid_type_access'     => "$conf_dir/hmac_invalid_type_access.conf",
@@ -224,6 +225,7 @@ our $valgrind_str = '';
 my %prev_valgrind_cov = ();
 my %prev_valgrind_file_titles = ();
 my $fko_wrapper_dir = 'fko-wrapper';
+my $python_spa_packet = '';
 my $enable_client_ip_resolve_test = 0;
 my $enable_all = 0;
 my $saved_last_results = 0;
@@ -1234,6 +1236,59 @@ sub python_fko_basic_exec() {
         "PYTHONPATH=$site_dir ./$python_script", $cmd_out_tmp,
         $curr_test_file);
 
+    if ($rv) {
+
+        $python_spa_packet = '';
+
+        ### get the SPA packet data
+        open F, "< $curr_test_file" or die $!;
+        while (<F>) {
+            if (/SPA\spacket\sdata\:\s(\S+)/) {
+                $python_spa_packet = $1;
+                last;
+            }
+        }
+        close F;
+
+        unless ($python_spa_packet) {
+            &write_test_file("[-] could not acquite SPA packet from python output\n",
+                $curr_test_file);
+            $rv = 0;
+        }
+    }
+
+    return $rv;
+}
+
+sub python_fko_client_to_C_server() {
+    my $test_hr = shift;
+
+    my @packets = (
+        {
+            'proto'  => 'udp',
+            'port'   => $default_spa_port,
+            'dst_ip' => $loopback_ip,
+            'data'   => $python_spa_packet,
+        },
+    );
+
+    my ($rv, $server_was_stopped, $fw_rule_created, $fw_rule_removed)
+        = &client_server_interaction($test_hr, \@packets, $USE_PREDEF_PKTS);
+
+    $rv = 0 unless $server_was_stopped;
+
+    if ($test_hr->{'fw_rule_created'} eq $NEW_RULE_REQUIRED) {
+        $rv = 0 unless $fw_rule_created;
+    } elsif ($test_hr->{'fw_rule_created'} eq $REQUIRE_NO_NEW_RULE) {
+        $rv = 0 if $fw_rule_created;
+    }
+
+    if ($test_hr->{'fw_rule_removed'} eq $NEW_RULE_REMOVED) {
+        $rv = 0 unless $fw_rule_removed;
+    } elsif ($test_hr->{'fw_rule_removed'} eq $REQUIRE_NO_NEW_REMOVED) {
+        $rv = 0 if $fw_rule_removed;
+    }
+
     return $rv;
 }
 
index 8400db0..c839da6 100644 (file)
         'function' => \&python_fko_basic_exec,
         'fatal'    => $NO
     },
+    {
+        'category' => 'python fko extension',
+        'subcategory' => 'compatibility',
+        'detail'   => 'python->C',
+        'function' => \&python_fko_client_to_C_server,
+        'fwknopd_cmdline'  => "LD_LIBRARY_PATH=$lib_dir $valgrind_str " .
+            "$fwknopdCmd -c $cf{'def'} -a $cf{'hmac_sha512_short_key2_access'} " .
+            "-d $default_digest_file -p $default_pid_file $intf_str",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'fatal'    => $NO
+    },
 
 );