diff options
Diffstat (limited to 'tests/unit_tests/openvpn')
-rw-r--r-- | tests/unit_tests/openvpn/Makefile.am | 3 | ||||
-rw-r--r-- | tests/unit_tests/openvpn/Makefile.in | 22 | ||||
-rw-r--r-- | tests/unit_tests/openvpn/mock_msg.c | 2 | ||||
-rw-r--r-- | tests/unit_tests/openvpn/test_argv.c | 18 | ||||
-rw-r--r-- | tests/unit_tests/openvpn/test_buffer.c | 183 | ||||
-rw-r--r-- | tests/unit_tests/openvpn/test_packet_id.c | 2 | ||||
-rw-r--r-- | tests/unit_tests/openvpn/test_tls_crypt.c | 22 |
7 files changed, 192 insertions, 60 deletions
diff --git a/tests/unit_tests/openvpn/Makefile.am b/tests/unit_tests/openvpn/Makefile.am index 3bd382c..7b44f42 100644 --- a/tests/unit_tests/openvpn/Makefile.am +++ b/tests/unit_tests/openvpn/Makefile.am @@ -54,5 +54,4 @@ tls_crypt_testdriver_SOURCES = test_tls_crypt.c mock_msg.c \ $(openvpn_srcdir)/crypto_openssl.c \ $(openvpn_srcdir)/otime.c \ $(openvpn_srcdir)/packet_id.c \ - $(openvpn_srcdir)/platform.c \ - $(openvpn_srcdir)/tls_crypt.c + $(openvpn_srcdir)/platform.c diff --git a/tests/unit_tests/openvpn/Makefile.in b/tests/unit_tests/openvpn/Makefile.in index 3055aad..0114d5c 100644 --- a/tests/unit_tests/openvpn/Makefile.in +++ b/tests/unit_tests/openvpn/Makefile.in @@ -159,8 +159,7 @@ am_tls_crypt_testdriver_OBJECTS = \ tls_crypt_testdriver-crypto_openssl.$(OBJEXT) \ tls_crypt_testdriver-otime.$(OBJEXT) \ tls_crypt_testdriver-packet_id.$(OBJEXT) \ - tls_crypt_testdriver-platform.$(OBJEXT) \ - tls_crypt_testdriver-tls_crypt.$(OBJEXT) + tls_crypt_testdriver-platform.$(OBJEXT) tls_crypt_testdriver_OBJECTS = $(am_tls_crypt_testdriver_OBJECTS) tls_crypt_testdriver_LDADD = $(LDADD) tls_crypt_testdriver_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ @@ -423,6 +422,7 @@ plugindir = @plugindir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +runstatedir = @runstatedir@ sampledir = @sampledir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ @@ -483,8 +483,7 @@ tls_crypt_testdriver_SOURCES = test_tls_crypt.c mock_msg.c \ $(openvpn_srcdir)/crypto_openssl.c \ $(openvpn_srcdir)/otime.c \ $(openvpn_srcdir)/packet_id.c \ - $(openvpn_srcdir)/platform.c \ - $(openvpn_srcdir)/tls_crypt.c + $(openvpn_srcdir)/platform.c all: all-am @@ -575,7 +574,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_crypt_testdriver-packet_id.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_crypt_testdriver-platform.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_crypt_testdriver-test_tls_crypt.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_crypt_testdriver-tls_crypt.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -934,20 +932,6 @@ tls_crypt_testdriver-platform.obj: $(openvpn_srcdir)/platform.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_crypt_testdriver_CFLAGS) $(CFLAGS) -c -o tls_crypt_testdriver-platform.obj `if test -f '$(openvpn_srcdir)/platform.c'; then $(CYGPATH_W) '$(openvpn_srcdir)/platform.c'; else $(CYGPATH_W) '$(srcdir)/$(openvpn_srcdir)/platform.c'; fi` -tls_crypt_testdriver-tls_crypt.o: $(openvpn_srcdir)/tls_crypt.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_crypt_testdriver_CFLAGS) $(CFLAGS) -MT tls_crypt_testdriver-tls_crypt.o -MD -MP -MF $(DEPDIR)/tls_crypt_testdriver-tls_crypt.Tpo -c -o tls_crypt_testdriver-tls_crypt.o `test -f '$(openvpn_srcdir)/tls_crypt.c' || echo '$(srcdir)/'`$(openvpn_srcdir)/tls_crypt.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/tls_crypt_testdriver-tls_crypt.Tpo $(DEPDIR)/tls_crypt_testdriver-tls_crypt.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$(openvpn_srcdir)/tls_crypt.c' object='tls_crypt_testdriver-tls_crypt.o' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_crypt_testdriver_CFLAGS) $(CFLAGS) -c -o tls_crypt_testdriver-tls_crypt.o `test -f '$(openvpn_srcdir)/tls_crypt.c' || echo '$(srcdir)/'`$(openvpn_srcdir)/tls_crypt.c - -tls_crypt_testdriver-tls_crypt.obj: $(openvpn_srcdir)/tls_crypt.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_crypt_testdriver_CFLAGS) $(CFLAGS) -MT tls_crypt_testdriver-tls_crypt.obj -MD -MP -MF $(DEPDIR)/tls_crypt_testdriver-tls_crypt.Tpo -c -o tls_crypt_testdriver-tls_crypt.obj `if test -f '$(openvpn_srcdir)/tls_crypt.c'; then $(CYGPATH_W) '$(openvpn_srcdir)/tls_crypt.c'; else $(CYGPATH_W) '$(srcdir)/$(openvpn_srcdir)/tls_crypt.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/tls_crypt_testdriver-tls_crypt.Tpo $(DEPDIR)/tls_crypt_testdriver-tls_crypt.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$(openvpn_srcdir)/tls_crypt.c' object='tls_crypt_testdriver-tls_crypt.obj' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_crypt_testdriver_CFLAGS) $(CFLAGS) -c -o tls_crypt_testdriver-tls_crypt.obj `if test -f '$(openvpn_srcdir)/tls_crypt.c'; then $(CYGPATH_W) '$(openvpn_srcdir)/tls_crypt.c'; else $(CYGPATH_W) '$(srcdir)/$(openvpn_srcdir)/tls_crypt.c'; fi` - mostlyclean-libtool: -rm -f *.lo diff --git a/tests/unit_tests/openvpn/mock_msg.c b/tests/unit_tests/openvpn/mock_msg.c index 4bd11ca..140e637 100644 --- a/tests/unit_tests/openvpn/mock_msg.c +++ b/tests/unit_tests/openvpn/mock_msg.c @@ -5,7 +5,7 @@ * packet encryption, packet authentication, and * packet compression. * - * Copyright (C) 2016-2017 Fox Crypto B.V. <openvpn@fox-it.com> + * Copyright (C) 2016-2018 Fox Crypto B.V. <openvpn@fox-it.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 diff --git a/tests/unit_tests/openvpn/test_argv.c b/tests/unit_tests/openvpn/test_argv.c index 8c90eb9..4a3ba55 100644 --- a/tests/unit_tests/openvpn/test_argv.c +++ b/tests/unit_tests/openvpn/test_argv.c @@ -13,24 +13,6 @@ #include "argv.h" #include "buffer.h" -/* - * This is defined here to prevent #include'ing misc.h - * which makes things difficult beyond any recognition - */ -size_t -adjust_power_of_2(size_t u) -{ - size_t ret = 1; - - while (ret < u) - { - ret <<= 1; - assert(ret > 0); - } - - return ret; -} - /* Defines for use in the tests and the mock parse_line() */ #define PATH1 "/s p a c e" #define PATH2 "/foo bar/baz" diff --git a/tests/unit_tests/openvpn/test_buffer.c b/tests/unit_tests/openvpn/test_buffer.c index 69bb2e5..d083b78 100644 --- a/tests/unit_tests/openvpn/test_buffer.c +++ b/tests/unit_tests/openvpn/test_buffer.c @@ -5,7 +5,7 @@ * packet encryption, packet authentication, and * packet compression. * - * Copyright (C) 2016-2017 Fox Crypto B.V. <openvpn@fox-it.com> + * Copyright (C) 2016-2018 Fox Crypto B.V. <openvpn@fox-it.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -35,7 +35,7 @@ #include "buffer.h" static void -buffer_strprefix(void **state) +test_buffer_strprefix(void **state) { assert_true(strprefix("123456", "123456")); assert_true(strprefix("123456", "123")); @@ -44,11 +44,188 @@ buffer_strprefix(void **state) assert_false(strprefix("12", "123")); } +#define testsep "," +#define testnosep "" +#define teststr1 "one" +#define teststr2 "two" +#define teststr3 "three" +#define teststr4 "four" + +#define assert_buf_equals_str(buf, str) \ + assert_int_equal(BLEN(buf), strlen(str)); \ + assert_memory_equal(BPTR(buf), str, BLEN(buf)); + +struct test_buffer_list_aggregate_ctx { + struct buffer_list *empty; + struct buffer_list *one_two_three; + struct buffer_list *zero_length_strings; + struct buffer_list *empty_buffers; +}; + +static int test_buffer_list_setup(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = calloc(1, sizeof(*ctx)); + ctx->empty = buffer_list_new(0); + + ctx->one_two_three = buffer_list_new(3); + buffer_list_push(ctx->one_two_three, teststr1); + buffer_list_push(ctx->one_two_three, teststr2); + buffer_list_push(ctx->one_two_three, teststr3); + + ctx->zero_length_strings = buffer_list_new(2); + buffer_list_push(ctx->zero_length_strings, ""); + buffer_list_push(ctx->zero_length_strings, ""); + + ctx->empty_buffers = buffer_list_new(2); + uint8_t data = 0; + buffer_list_push_data(ctx->empty_buffers, &data, 0); + buffer_list_push_data(ctx->empty_buffers, &data, 0); + + *state = ctx; + return 0; +} + +static int test_buffer_list_teardown(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + + buffer_list_free(ctx->empty); + buffer_list_free(ctx->one_two_three); + buffer_list_free(ctx->zero_length_strings); + buffer_list_free(ctx->empty_buffers); + free(ctx); + return 0; +} + +static void +test_buffer_list_full(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + + /* list full */ + assert_int_equal(ctx->one_two_three->size, 3); + buffer_list_push(ctx->one_two_three, teststr4); + assert_int_equal(ctx->one_two_three->size, 3); +} + +static void +test_buffer_list_aggregate_separator_empty(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + + /* aggregating an empty buffer list results in an empty buffer list */ + buffer_list_aggregate_separator(ctx->empty, 3, testsep); + assert_null(ctx->empty->head); +} + +static void +test_buffer_list_aggregate_separator_noop(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + + /* With a max length of 2, no aggregation should take place */ + buffer_list_aggregate_separator(ctx->one_two_three, 2, testsep); + assert_int_equal(ctx->one_two_three->size, 3); + struct buffer *buf = buffer_list_peek(ctx->one_two_three); + assert_buf_equals_str(buf, teststr1); +} + +static void +test_buffer_list_aggregate_separator_two(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + const char *expected = teststr1 testsep teststr2 testsep; + + /* Aggregate the first two elements + * (add 1 to max_len to test if "three" is not sneaked in too) + */ + buffer_list_aggregate_separator(ctx->one_two_three, strlen(expected) + 1, + testsep); + assert_int_equal(ctx->one_two_three->size, 2); + struct buffer *buf = buffer_list_peek(ctx->one_two_three); + assert_buf_equals_str(buf, expected); +} + +static void +test_buffer_list_aggregate_separator_all(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + + /* Aggregate all */ + buffer_list_aggregate_separator(ctx->one_two_three, 1<<16, testsep); + assert_int_equal(ctx->one_two_three->size, 1); + struct buffer *buf = buffer_list_peek(ctx->one_two_three); + assert_buf_equals_str(buf, + teststr1 testsep teststr2 testsep teststr3 testsep); +} + +static void +test_buffer_list_aggregate_separator_nosep(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + + /* Aggregate all */ + buffer_list_aggregate_separator(ctx->one_two_three, 1<<16, testnosep); + assert_int_equal(ctx->one_two_three->size, 1); + struct buffer *buf = buffer_list_peek(ctx->one_two_three); + assert_buf_equals_str(buf, teststr1 teststr2 teststr3); +} + +static void +test_buffer_list_aggregate_separator_zerolen(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + struct buffer_list *bl_zerolen = ctx->zero_length_strings; + + /* Aggregate all */ + buffer_list_aggregate_separator(bl_zerolen, 1<<16, testnosep); + assert_int_equal(bl_zerolen->size, 1); + struct buffer *buf = buffer_list_peek(bl_zerolen); + assert_buf_equals_str(buf, ""); +} + +static void +test_buffer_list_aggregate_separator_emptybuffers(void **state) +{ + struct test_buffer_list_aggregate_ctx *ctx = *state; + struct buffer_list *bl_emptybuffers = ctx->empty_buffers; + + /* Aggregate all */ + buffer_list_aggregate_separator(bl_emptybuffers, 1<<16, testnosep); + assert_int_equal(bl_emptybuffers->size, 1); + struct buffer *buf = buffer_list_peek(bl_emptybuffers); + assert_int_equal(BLEN(buf), 0); +} + int main(void) { const struct CMUnitTest tests[] = { - cmocka_unit_test(buffer_strprefix), + cmocka_unit_test(test_buffer_strprefix), + cmocka_unit_test_setup_teardown(test_buffer_list_full, + test_buffer_list_setup, + test_buffer_list_teardown), + cmocka_unit_test_setup_teardown(test_buffer_list_aggregate_separator_empty, + test_buffer_list_setup, + test_buffer_list_teardown), + cmocka_unit_test_setup_teardown(test_buffer_list_aggregate_separator_noop, + test_buffer_list_setup, + test_buffer_list_teardown), + cmocka_unit_test_setup_teardown(test_buffer_list_aggregate_separator_two, + test_buffer_list_setup, + test_buffer_list_teardown), + cmocka_unit_test_setup_teardown(test_buffer_list_aggregate_separator_all, + test_buffer_list_setup, + test_buffer_list_teardown), + cmocka_unit_test_setup_teardown(test_buffer_list_aggregate_separator_nosep, + test_buffer_list_setup, + test_buffer_list_teardown), + cmocka_unit_test_setup_teardown(test_buffer_list_aggregate_separator_zerolen, + test_buffer_list_setup, + test_buffer_list_teardown), + cmocka_unit_test_setup_teardown(test_buffer_list_aggregate_separator_emptybuffers, + test_buffer_list_setup, + test_buffer_list_teardown), }; return cmocka_run_group_tests_name("buffer", tests, NULL, NULL); diff --git a/tests/unit_tests/openvpn/test_packet_id.c b/tests/unit_tests/openvpn/test_packet_id.c index 0a785ad..ba420c4 100644 --- a/tests/unit_tests/openvpn/test_packet_id.c +++ b/tests/unit_tests/openvpn/test_packet_id.c @@ -5,7 +5,7 @@ * packet encryption, packet authentication, and * packet compression. * - * Copyright (C) 2016 Fox Crypto B.V. <openvpn@fox-it.com> + * Copyright (C) 2016-2018 Fox Crypto B.V. <openvpn@fox-it.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 diff --git a/tests/unit_tests/openvpn/test_tls_crypt.c b/tests/unit_tests/openvpn/test_tls_crypt.c index 9b82035..f5618f8 100644 --- a/tests/unit_tests/openvpn/test_tls_crypt.c +++ b/tests/unit_tests/openvpn/test_tls_crypt.c @@ -5,7 +5,7 @@ * packet encryption, packet authentication, and * packet compression. * - * Copyright (C) 2016-2017 Fox Crypto B.V. <openvpn@fox-it.com> + * Copyright (C) 2016-2018 Fox Crypto B.V. <openvpn@fox-it.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -39,7 +39,7 @@ #include <setjmp.h> #include <cmocka.h> -#include "tls_crypt.h" +#include "tls_crypt.c" #include "mock_msg.h" @@ -60,23 +60,13 @@ setup(void **state) { struct test_context *ctx = calloc(1, sizeof(*ctx)); *state = ctx; - ctx->kt.cipher = cipher_kt_get("AES-256-CTR"); - ctx->kt.digest = md_kt_get("SHA256"); - if (!ctx->kt.cipher) - { - printf("No AES-256-CTR support, skipping test.\n"); - return 0; - } - if (!ctx->kt.digest) + struct key key = { 0 }; + + ctx->kt = tls_crypt_kt(); + if (!ctx->kt.cipher || !ctx->kt.digest) { - printf("No HMAC-SHA256 support, skipping test.\n"); return 0; } - ctx->kt.cipher_length = cipher_kt_key_size(ctx->kt.cipher); - ctx->kt.hmac_length = md_kt_size(ctx->kt.digest); - - struct key key = { 0 }; - init_key_ctx(&ctx->co.key_ctx_bi.encrypt, &key, &ctx->kt, true, "TEST"); init_key_ctx(&ctx->co.key_ctx_bi.decrypt, &key, &ctx->kt, false, "TEST"); |