66e097e3e6
Add more assertions and comments, refactor initialization of the helper, and make other changes to make the code more robust.
176 lines
4.9 KiB
C
176 lines
4.9 KiB
C
/*
|
|
**********************************************************************
|
|
* Copyright (C) Miroslav Lichvar 2020
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of version 2 of the GNU General Public License as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
*
|
|
**********************************************************************
|
|
*/
|
|
|
|
#include <config.h>
|
|
#include "test.h"
|
|
|
|
#ifdef FEAT_NTS
|
|
|
|
#include <local.h>
|
|
#include <sched.h>
|
|
|
|
#include <nts_ntp_server.c>
|
|
|
|
static void
|
|
prepare_request(NTP_Packet *packet, NTP_PacketInfo *info, int valid, int nak)
|
|
{
|
|
unsigned char uniq_id[NTS_MIN_UNIQ_ID_LENGTH], nonce[NTS_MIN_UNPADDED_NONCE_LENGTH];
|
|
SIV_Instance siv;
|
|
NKE_Context context;
|
|
NKE_Cookie cookie;
|
|
int i, index, cookie_start, auth_start;
|
|
|
|
context.algorithm = SERVER_SIV;
|
|
context.c2s.length = SIV_GetKeyLength(context.algorithm);
|
|
UTI_GetRandomBytes(&context.c2s.key, context.c2s.length);
|
|
context.s2c.length = SIV_GetKeyLength(context.algorithm);
|
|
UTI_GetRandomBytes(&context.s2c.key, context.s2c.length);
|
|
|
|
TEST_CHECK(NKS_GenerateCookie(&context, &cookie));
|
|
|
|
UTI_GetRandomBytes(uniq_id, sizeof (uniq_id));
|
|
UTI_GetRandomBytes(nonce, sizeof (nonce));
|
|
|
|
memset(packet, 0, sizeof (*packet));
|
|
packet->lvm = NTP_LVM(0, 4, MODE_CLIENT);
|
|
memset(info, 0, sizeof (*info));
|
|
info->version = 4;
|
|
info->mode = MODE_CLIENT;
|
|
info->length = NTP_HEADER_LENGTH;
|
|
|
|
if (valid)
|
|
index = -1;
|
|
else
|
|
index = random() % 3;
|
|
|
|
DEBUG_LOG("valid=%d nak=%d index=%d", valid, nak, index);
|
|
|
|
if (index != 0)
|
|
TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_UNIQUE_IDENTIFIER,
|
|
uniq_id, sizeof (uniq_id)));
|
|
|
|
cookie_start = info->length;
|
|
|
|
if (index != 1)
|
|
TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_COOKIE,
|
|
cookie.cookie, cookie.length));
|
|
|
|
for (i = random() % 4; i > 0; i--)
|
|
TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_COOKIE_PLACEHOLDER,
|
|
cookie.cookie, cookie.length));
|
|
|
|
auth_start = info->length;
|
|
|
|
if (index != 2) {
|
|
siv = SIV_CreateInstance(context.algorithm);
|
|
TEST_CHECK(SIV_SetKey(siv, context.c2s.key, context.c2s.length));
|
|
TEST_CHECK(NNA_GenerateAuthEF(packet, info, siv, nonce, sizeof (nonce),
|
|
(const unsigned char *)"", 0, 0));
|
|
SIV_DestroyInstance(siv);
|
|
}
|
|
|
|
if (nak)
|
|
((unsigned char *)packet)[(index == 2 ? cookie_start :
|
|
(index == 1 ? auth_start :
|
|
(random() % 2 ? cookie_start : auth_start))) +
|
|
4 + random() % 16]++;
|
|
}
|
|
|
|
static void
|
|
init_response(NTP_Packet *packet, NTP_PacketInfo *info)
|
|
{
|
|
memset(packet, 0, sizeof (*packet));
|
|
packet->lvm = NTP_LVM(0, 4, MODE_SERVER);
|
|
memset(info, 0, sizeof (*info));
|
|
info->version = 4;
|
|
info->mode = MODE_SERVER;
|
|
info->length = NTP_HEADER_LENGTH;
|
|
}
|
|
|
|
void
|
|
test_unit(void)
|
|
{
|
|
NTP_PacketInfo req_info, res_info;
|
|
NTP_Packet request, response;
|
|
int i, valid, nak;
|
|
uint32_t kod;
|
|
|
|
char conf[][100] = {
|
|
"ntsport 0",
|
|
"ntsprocesses 0",
|
|
"ntsserverkey nts_ke.key",
|
|
"ntsservercert nts_ke.crt",
|
|
};
|
|
|
|
CNF_Initialise(0, 0);
|
|
for (i = 0; i < sizeof conf / sizeof conf[0]; i++)
|
|
CNF_ParseLine(NULL, i + 1, conf[i]);
|
|
|
|
LCL_Initialise();
|
|
TST_RegisterDummyDrivers();
|
|
SCH_Initialise();
|
|
NKS_PreInitialise(0, 0, 0);
|
|
NKS_Initialise();
|
|
NNS_Initialise();
|
|
|
|
for (i = 0; i < 50000; i++) {
|
|
valid = random() % 2;
|
|
nak = random() % 2;
|
|
prepare_request(&request, &req_info, valid, nak);
|
|
|
|
TEST_CHECK(NNS_CheckRequestAuth(&request, &req_info, &kod) == (valid && !nak));
|
|
|
|
if (valid && !nak) {
|
|
TEST_CHECK(kod == 0);
|
|
TEST_CHECK(server->num_cookies > 0);
|
|
|
|
init_response(&response, &res_info);
|
|
TEST_CHECK(NNS_GenerateResponseAuth(&request, &req_info, &response, &res_info, kod));
|
|
|
|
TEST_CHECK(res_info.ext_fields == 2);
|
|
TEST_CHECK(server->num_cookies == 0);
|
|
} else if (valid && nak) {
|
|
TEST_CHECK(kod == NTP_KOD_NTS_NAK);
|
|
TEST_CHECK(server->num_cookies == 0);
|
|
|
|
init_response(&response, &res_info);
|
|
TEST_CHECK(NNS_GenerateResponseAuth(&request, &req_info, &response, &res_info, kod));
|
|
|
|
TEST_CHECK(res_info.ext_fields == 1);
|
|
TEST_CHECK(server->num_cookies == 0);
|
|
} else {
|
|
TEST_CHECK(kod == 0);
|
|
TEST_CHECK(server->num_cookies == 0);
|
|
}
|
|
}
|
|
|
|
NNS_Finalise();
|
|
NKS_Finalise();
|
|
SCH_Finalise();
|
|
LCL_Finalise();
|
|
CNF_Finalise();
|
|
}
|
|
#else
|
|
void
|
|
test_unit(void)
|
|
{
|
|
TEST_REQUIRE(0);
|
|
}
|
|
#endif
|