test: improve NTS tests
This commit is contained in:
Miroslav Lichvar
parent
62389b7e50
commit
362d7c517d
2 changed files with 52 additions and 41 deletions
|
|
@ -11,10 +11,11 @@ export CLKNETSIM_START_DATE=$(date -d 'Jan 1 00:00:00 UTC 2010' +'%s')
|
|||
|
||||
cat > tmp/cert.cfg <<EOF
|
||||
cn = "node1.net1.clk"
|
||||
dns_name = "node1.net1.clk"
|
||||
ip_address = "192.168.123.1"
|
||||
serial = 001
|
||||
activation_date = "2010-01-01 00:00:00 UTC"
|
||||
expiration_date = "2010-01-02 00:00:00 UTC"
|
||||
#dns_name = "node1.net1.clk"
|
||||
signing_key
|
||||
encryption_key
|
||||
EOF
|
||||
|
|
@ -122,52 +123,64 @@ check_sync || test_fail
|
|||
|
||||
export CLKNETSIM_START_DATE=$(date -d 'Jan 1 00:00:00 UTC 2010' +'%s')
|
||||
|
||||
server_conf="
|
||||
ntsserverkey tmp/server.key
|
||||
ntsservercert tmp/server.crt
|
||||
ntsprocesses 0
|
||||
ntsrotate 0
|
||||
ntsdumpdir tmp
|
||||
ntsntpserver 192.168.123.2"
|
||||
client_conf="
|
||||
nosystemcert
|
||||
ntstrustedcerts tmp/server.crt
|
||||
ntsrefresh 500"
|
||||
client_server_conf="server node1.net1.clk $client_server_options"
|
||||
|
||||
run_test || test_fail
|
||||
check_chronyd_exit || test_fail
|
||||
check_source_selection && test_fail
|
||||
check_sync && test_fail
|
||||
for dns in 1 0; do
|
||||
server_conf="
|
||||
ntsserverkey tmp/server.key
|
||||
ntsservercert tmp/server.crt
|
||||
ntsprocesses 0
|
||||
ntsrotate 0
|
||||
ntsdumpdir tmp"
|
||||
|
||||
check_file_messages " 2 1 .* 4460 " 50 100 log.packets || test_fail
|
||||
check_file_messages " 2 2 .* 4460 " 0 0 log.packets || test_fail
|
||||
check_log_messages "Source 192.168.123.1 changed to 192.168.123.2" 6 8 || test_fail
|
||||
check_log_messages "Source 192.168.123.2 replaced with 192.168.123.1" 6 8 || test_fail
|
||||
if [ $dns != 0 ]; then
|
||||
server_conf+="
|
||||
ntsntpserver node2.net1.clk"
|
||||
client_server_conf="server node1.net1.clk $client_server_options"
|
||||
else
|
||||
server_conf+="
|
||||
ntsntpserver 192.168.123.2"
|
||||
client_server_conf="server 192.168.123.1 $client_server_options"
|
||||
fi
|
||||
|
||||
servers=2
|
||||
servers=1
|
||||
|
||||
run_test || test_fail
|
||||
check_chronyd_exit || test_fail
|
||||
check_source_selection || test_fail
|
||||
check_sync || test_fail
|
||||
run_test || test_fail
|
||||
check_chronyd_exit || test_fail
|
||||
check_source_selection && test_fail
|
||||
check_sync && test_fail
|
||||
|
||||
check_file_messages " 3 1 .* 4460 " 100 150 log.packets || test_fail
|
||||
check_file_messages " 3 2 .* 4460 " 0 0 log.packets || test_fail
|
||||
check_log_messages "Source 192.168.123.1 changed to 192.168.123.2" 1 1 || test_fail
|
||||
check_log_messages "Source 192.168.123.2 replaced with 192.168.123.1" 0 0 || test_fail
|
||||
check_file_messages " 2 1 .* 4460 " 50 100 log.packets || test_fail
|
||||
check_file_messages " 2 2 .* 4460 " 0 0 log.packets || test_fail
|
||||
check_log_messages "Source 192.168.123.1 changed to 192.168.123.2" 6 8 || test_fail
|
||||
check_log_messages "Source 192.168.123.2 replaced with 192.168.123.1" 6 8 || test_fail
|
||||
|
||||
server_conf+="
|
||||
ntsratelimit interval 12 burst 1 leak 4"
|
||||
servers=2
|
||||
|
||||
client_chronyd_options="-d -d"
|
||||
run_test || test_fail
|
||||
check_chronyd_exit || test_fail
|
||||
check_source_selection && test_fail
|
||||
run_test || test_fail
|
||||
check_chronyd_exit || test_fail
|
||||
check_source_selection || test_fail
|
||||
check_sync || test_fail
|
||||
|
||||
check_file_messages " 3 1 .* 4460 1 0 2" 25 50 log.packets || test_fail
|
||||
check_file_messages " 3 2 .* 4460 " 0 0 log.packets || test_fail
|
||||
check_log_messages "Source 192.168.123.1 changed to 192.168.123.2" 2 6 || test_fail
|
||||
check_log_messages "Source 192.168.123.2 replaced with 192.168.123.1" 1 6 || test_fail
|
||||
check_file_messages " 3 1 .* 4460 " 100 150 log.packets || test_fail
|
||||
check_file_messages " 3 2 .* 4460 " 0 0 log.packets || test_fail
|
||||
check_log_messages "Source 192.168.123.1 changed to 192.168.123.2" 1 1 || test_fail
|
||||
check_log_messages "Source 192.168.123.2 replaced with 192.168.123.1" 0 0 || test_fail
|
||||
|
||||
server_conf+="
|
||||
ntsratelimit interval 12 burst 1 leak 4"
|
||||
|
||||
run_test || test_fail
|
||||
check_chronyd_exit || test_fail
|
||||
check_source_selection && test_fail
|
||||
|
||||
check_file_messages " 3 1 .* 4460 1 0 2" 25 50 log.packets || test_fail
|
||||
check_file_messages " 3 2 .* 4460 " 0 0 log.packets || test_fail
|
||||
check_log_messages "Source 192.168.123.1 changed to 192.168.123.2" 2 6 || test_fail
|
||||
check_log_messages "Source 192.168.123.2 replaced with 192.168.123.1" 1 6 || test_fail
|
||||
done
|
||||
|
||||
test_pass
|
||||
|
|
|
|||
|
|
@ -2,19 +2,17 @@
|
|||
|
||||
. ./test.common
|
||||
|
||||
server_name="chrony-nts-test"
|
||||
|
||||
check_chronyd_features NTS || test_skip "NTS support disabled"
|
||||
certtool --help &> /dev/null || test_skip "certtool missing"
|
||||
sed -i "/ $server_name\$/d" /etc/hosts && echo "$server $server_name" >> /etc/hosts || \
|
||||
test_skip "Cannot modify /etc/hosts"
|
||||
|
||||
check_chronyd_features PRIVDROP && user="nobody"
|
||||
|
||||
test_start "NTS authentication"
|
||||
|
||||
cat > $TEST_DIR/cert.cfg <<EOF
|
||||
cn = "$server_name"
|
||||
cn = "chrony-nts-test"
|
||||
dns_name = "chrony-nts-test"
|
||||
ip_address = "$server"
|
||||
serial = 001
|
||||
activation_date = "$(date -d '1 year ago' +'%Y-%m-%d') 00:00:00 UTC"
|
||||
expiration_date = "$(date -d '1 year' +'%Y-%m-%d') 00:00:00 UTC"
|
||||
Loading…
Reference in a new issue