sntp/tests/packetProcessing.c

1.1  christos #include "config.h"
1.1  christos #include "sntptest.h"
1.1  christos #include "networking.h"
1.1  christos #include "ntp_stdlib.h"
1.1  christos #include "unity.h"
1.1  christos
1.1  christos const char * Version = "stub unit test Version string";
1.1  christos
1.1  christos // Hacks into the key database.
1.1  christos extern struct key* key_ptr;
1.1  christos extern int key_cnt;
1.1  christos
1.1  christos
1.1  christos static struct pkt testpkt;
1.1  christos static struct pkt testspkt;
1.1  christos static sockaddr_u testsock;
1.1  christos bool restoreKeyDb;
1.1  christos
1.1  christos void PrepareAuthenticationTest(int key_id,
1.1  christos 							   int key_len,
1.1  christos 							   const char* type,
1.1  christos 							   const void* key_seq) {
1.1  christos 	char str[25];
1.1  christos 	sprintf(str, "%d", key_id);
1.1  christos 	ActivateOption("-a", str);
1.1  christos
1.1  christos 	key_cnt = 1;
1.1  christos 	key_ptr = malloc(sizeof(struct key));
1.1  christos 	key_ptr->next = NULL;
1.1  christos 	key_ptr->key_id = key_id;
1.1  christos 	key_ptr->key_len = key_len;
1.1  christos 	memcpy(key_ptr->type, "MD5", 3);
1.1  christos
1.1  christos 	TEST_ASSERT_TRUE(key_len < sizeof(key_ptr->key_seq));
1.1  christos
1.1  christos 	memcpy(key_ptr->key_seq, key_seq, key_ptr->key_len);
1.1  christos 	restoreKeyDb = true;
1.1  christos }
1.1  christos
1.1  christos void PrepareAuthenticationTestMD5(int key_id,
1.1  christos 							   int key_len,
1.1  christos 							   const void* key_seq) {
1.1  christos 	PrepareAuthenticationTest(key_id, key_len, "MD5", key_seq);
1.1  christos }
1.1  christos
1.1  christos void setUp() {
1.1  christos
1.1  christos 	sntptest();
1.1  christos 	restoreKeyDb = false;
1.1  christos
1.1  christos 	/* Initialize the test packet and socket,
1.1  christos 	 * so they contain at least some valid data. */
1.1  christos 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, NTP_VERSION,
1.1  christos 										MODE_SERVER);
1.1  christos 	testpkt.stratum = STRATUM_REFCLOCK;
1.1  christos 	memcpy(&testpkt.refid, "GPS\0", 4);
1.1  christos
1.1  christos 	/* Set the origin timestamp of the received packet to the
1.1  christos 	 * same value as the transmit timestamp of the sent packet. */
1.1  christos 	l_fp tmp;
1.1  christos 	tmp.l_ui = 1000UL;
1.1  christos 	tmp.l_uf = 0UL;
1.1  christos
1.1  christos 	HTONL_FP(&tmp, &testpkt.org);
1.1  christos 	HTONL_FP(&tmp, &testspkt.xmt);
1.1  christos
1.1  christos }
1.1  christos
1.1  christos void tearDown() {
1.1  christos
1.1  christos 	if (restoreKeyDb) {
1.1  christos 		key_cnt = 0;
1.1  christos 		free(key_ptr);
1.1  christos 		key_ptr = NULL;
1.1  christos 	}
1.1  christos
1.1  christos 	sntptest_destroy(); //only on the final test!! if counter == 0 etc...
1.1  christos
1.1  christos }
1.1  christos
1.1  christos
1.1  christos
1.1  christos void test_TooShortLength(void) {
1.1  christos 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1,
1.1  christos 						  MODE_BROADCAST, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_LengthNotMultipleOfFour(void) {
1.1  christos 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 6,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 3,
1.1  christos 						  MODE_BROADCAST, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_TooShortExtensionFieldLength(void) {
1.1  christos 	/* The lower 16-bits are the length of the extension field.
1.1  christos 	 * This lengths must be multiples of 4 bytes, which gives
1.1  christos 	 * a minimum of 4 byte extension field length. */
1.1  christos 	testpkt.exten[7] = htonl(3); // 3 bytes is too short.
1.1  christos
1.1  christos 	/* We send in a pkt_len of header size + 4 byte extension
1.1  christos 	 * header + 24 byte MAC, this prevents the length error to
1.1  christos 	 * be caught at an earlier stage */
1.1  christos 	int pkt_len = LEN_PKT_NOMAC + 4 + 24;
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_UnauthenticatedPacketReject(void) {
1.1  christos 	//sntptest();
1.1  christos 	// Activate authentication option
1.1  christos 	ActivateOption("-a", "123");
1.1  christos 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	int pkt_len = LEN_PKT_NOMAC;
1.1  christos
1.1  christos 	// We demand authentication, but no MAC header is present.
1.1  christos 	TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_CryptoNAKPacketReject(void) {
1.1  christos 	// Activate authentication option
1.1  christos 	ActivateOption("-a", "123");
1.1  christos 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	int pkt_len = LEN_PKT_NOMAC + 4; // + 4 byte MAC = Crypto-NAK
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_AuthenticatedPacketInvalid(void) {
1.1  christos 	// Activate authentication option
1.1  christos 	PrepareAuthenticationTestMD5(50, 9, "123456789");
1.1  christos 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	// Prepare the packet.
1.1  christos 	int pkt_len = LEN_PKT_NOMAC;
1.1  christos
1.1  christos 	testpkt.exten[0] = htonl(50);
1.1  christos 	int mac_len = make_mac((char*)&testpkt, pkt_len,
1.1  christos 						   MAX_MD5_LEN, key_ptr,
1.1  christos 						   (char*)&testpkt.exten[1]);
1.1  christos
1.1  christos 	pkt_len += 4 + mac_len;
1.1  christos
1.1  christos 	// Now, alter the MAC so it becomes invalid.
1.1  christos 	testpkt.exten[1] += 1;
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_AuthenticatedPacketUnknownKey(void) {
1.1  christos 	// Activate authentication option
1.1  christos 	PrepareAuthenticationTestMD5(30, 9, "123456789");
1.1  christos 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	// Prepare the packet. Observe that the Key-ID expected is 30,
1.1  christos 	// but the packet has a key id of 50.
1.1  christos 	int pkt_len = LEN_PKT_NOMAC;
1.1  christos
1.1  christos 	testpkt.exten[0] = htonl(50);
1.1  christos 	int mac_len = make_mac((char*)&testpkt, pkt_len,
1.1  christos 						   MAX_MD5_LEN, key_ptr,
1.1  christos 						   (char*)&testpkt.exten[1]);
1.1  christos 	pkt_len += 4 + mac_len;
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_ServerVersionTooOld(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
1.1  christos 										NTP_OLDVERSION - 1,
1.1  christos 										MODE_CLIENT);
1.1  christos 	TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) < NTP_OLDVERSION);
1.1  christos
1.1  christos 	int pkt_len = LEN_PKT_NOMAC;
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_ServerVersionTooNew(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
1.1  christos 										NTP_VERSION + 1,
1.1  christos 										MODE_CLIENT);
1.1  christos 	TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) > NTP_VERSION);
1.1  christos
1.1  christos 	int pkt_len = LEN_PKT_NOMAC;
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_NonWantedMode(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
1.1  christos 										NTP_VERSION,
1.1  christos 										MODE_CLIENT);
1.1  christos
1.1  christos 	// The packet has a mode of MODE_CLIENT, but process_pkt expects MODE_SERVER
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos /* Tests bug 1597 */
1.1  christos void test_KoDRate(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	testpkt.stratum = STRATUM_PKT_UNSPEC;
1.1  christos 	memcpy(&testpkt.refid, "RATE", 4);
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(KOD_RATE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_KoDDeny(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	testpkt.stratum = STRATUM_PKT_UNSPEC;
1.1  christos 	memcpy(&testpkt.refid, "DENY", 4);
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(KOD_DEMOBILIZE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_RejectUnsyncedServer(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOTINSYNC,
1.1  christos 										NTP_VERSION,
1.1  christos 										MODE_SERVER);
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_RejectWrongResponseServerMode(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	l_fp tmp;
1.1  christos 	tmp.l_ui = 1000UL;
1.1  christos 	tmp.l_uf = 0UL;
1.1  christos 	HTONL_FP(&tmp, &testpkt.org);
1.1  christos
1.1  christos 	tmp.l_ui = 2000UL;
1.1  christos 	tmp.l_uf = 0UL;
1.1  christos 	HTONL_FP(&tmp, &testspkt.xmt);
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_AcceptNoSentPacketBroadcastMode(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
1.1  christos 					    NTP_VERSION,
1.1  christos 					    MODE_BROADCAST);
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(LEN_PKT_NOMAC,
1.1  christos 		  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
1.1  christos 			      MODE_BROADCAST, NULL, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_CorrectUnauthenticatedPacket(void) {
1.1  christos 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(LEN_PKT_NOMAC,
1.1  christos 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }
1.1  christos
1.1  christos void test_CorrectAuthenticatedPacketMD5(void) {
1.1  christos 	PrepareAuthenticationTestMD5(10, 15, "123456789abcdef");
1.1  christos 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	int pkt_len = LEN_PKT_NOMAC;
1.1  christos
1.1  christos 	// Prepare the packet.
1.1  christos 	testpkt.exten[0] = htonl(10);
1.1  christos 	int mac_len = make_mac((char*)&testpkt, pkt_len,
1.1  christos 						   MAX_MD5_LEN, key_ptr,
1.1  christos 						   (char*)&testpkt.exten[1]);
1.1  christos
1.1  christos 	pkt_len += 4 + mac_len;
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(pkt_len,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos
1.1  christos }
1.1  christos
1.1  christos void test_CorrectAuthenticatedPacketSHA1(void) {
1.1  christos 	PrepareAuthenticationTest(20, 15, "SHA1", "abcdefghijklmno");
1.1  christos 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
1.1  christos
1.1  christos 	int pkt_len = LEN_PKT_NOMAC;
1.1  christos
1.1  christos 	// Prepare the packet.
1.1  christos 	testpkt.exten[0] = htonl(20);
1.1  christos 	int mac_len = make_mac((char*)&testpkt, pkt_len,
1.1  christos 						   MAX_MAC_LEN, key_ptr,
1.1  christos 						   (char*)&testpkt.exten[1]);
1.1  christos
1.1  christos 	pkt_len += 4 + mac_len;
1.1  christos
1.1  christos 	TEST_ASSERT_EQUAL(pkt_len,
1.1  christos 			  process_pkt(&testpkt, &testsock, pkt_len,
1.1  christos 						  MODE_SERVER, &testspkt, "UnitTest"));
1.1  christos }