packetProcessing.c revision 1.1.1.5
1 1.1.1.5 christos /* $NetBSD: packetProcessing.c,v 1.1.1.5 2016/01/08 21:21:33 christos Exp $ */ 2 1.1.1.5 christos 3 1.1 christos #include "config.h" 4 1.1 christos #include "sntptest.h" 5 1.1 christos #include "networking.h" 6 1.1 christos #include "ntp_stdlib.h" 7 1.1 christos #include "unity.h" 8 1.1 christos 9 1.1.1.3 christos 10 1.1 christos const char * Version = "stub unit test Version string"; 11 1.1 christos 12 1.1 christos // Hacks into the key database. 13 1.1 christos extern struct key* key_ptr; 14 1.1 christos extern int key_cnt; 15 1.1 christos 16 1.1 christos 17 1.1.1.3 christos void PrepareAuthenticationTest(int key_id,int key_len,const char* type,const void* key_seq); 18 1.1.1.3 christos void PrepareAuthenticationTestMD5(int key_id,int key_len,const void* key_seq); 19 1.1.1.3 christos void setUp(void); 20 1.1.1.3 christos void tearDown(void); 21 1.1.1.3 christos void test_TooShortLength(void); 22 1.1.1.3 christos void test_LengthNotMultipleOfFour(void); 23 1.1.1.3 christos void test_TooShortExtensionFieldLength(void); 24 1.1.1.3 christos void test_UnauthenticatedPacketReject(void); 25 1.1.1.3 christos void test_CryptoNAKPacketReject(void); 26 1.1.1.3 christos void test_AuthenticatedPacketInvalid(void); 27 1.1.1.3 christos void test_AuthenticatedPacketUnknownKey(void); 28 1.1.1.3 christos void test_ServerVersionTooOld(void); 29 1.1.1.3 christos void test_ServerVersionTooNew(void); 30 1.1.1.3 christos void test_NonWantedMode(void); 31 1.1.1.3 christos void test_KoDRate(void); 32 1.1.1.3 christos void test_KoDDeny(void); 33 1.1.1.3 christos void test_RejectUnsyncedServer(void); 34 1.1.1.3 christos void test_RejectWrongResponseServerMode(void); 35 1.1.1.3 christos void test_AcceptNoSentPacketBroadcastMode(void); 36 1.1.1.3 christos void test_CorrectUnauthenticatedPacket(void); 37 1.1.1.3 christos void test_CorrectAuthenticatedPacketMD5(void); 38 1.1.1.3 christos void test_CorrectAuthenticatedPacketSHA1(void); 39 1.1.1.3 christos 40 1.1.1.3 christos 41 1.1 christos static struct pkt testpkt; 42 1.1 christos static struct pkt testspkt; 43 1.1 christos static sockaddr_u testsock; 44 1.1 christos bool restoreKeyDb; 45 1.1 christos 46 1.1.1.3 christos 47 1.1.1.3 christos void 48 1.1.1.3 christos PrepareAuthenticationTest(int key_id, 49 1.1 christos int key_len, 50 1.1 christos const char* type, 51 1.1 christos const void* key_seq) { 52 1.1 christos char str[25]; 53 1.1.1.3 christos snprintf(str, 25, "%d", key_id); 54 1.1 christos ActivateOption("-a", str); 55 1.1 christos 56 1.1 christos key_cnt = 1; 57 1.1.1.3 christos key_ptr = emalloc(sizeof(struct key)); 58 1.1 christos key_ptr->next = NULL; 59 1.1 christos key_ptr->key_id = key_id; 60 1.1 christos key_ptr->key_len = key_len; 61 1.1 christos memcpy(key_ptr->type, "MD5", 3); 62 1.1 christos 63 1.1 christos TEST_ASSERT_TRUE(key_len < sizeof(key_ptr->key_seq)); 64 1.1 christos 65 1.1 christos memcpy(key_ptr->key_seq, key_seq, key_ptr->key_len); 66 1.1 christos restoreKeyDb = true; 67 1.1 christos } 68 1.1 christos 69 1.1.1.3 christos 70 1.1.1.3 christos void 71 1.1.1.3 christos PrepareAuthenticationTestMD5(int key_id, 72 1.1 christos int key_len, 73 1.1 christos const void* key_seq) { 74 1.1 christos PrepareAuthenticationTest(key_id, key_len, "MD5", key_seq); 75 1.1 christos } 76 1.1 christos 77 1.1.1.3 christos 78 1.1.1.3 christos void 79 1.1.1.3 christos setUp(void) { 80 1.1 christos 81 1.1 christos sntptest(); 82 1.1 christos restoreKeyDb = false; 83 1.1 christos 84 1.1 christos /* Initialize the test packet and socket, 85 1.1 christos * so they contain at least some valid data. */ 86 1.1 christos testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, NTP_VERSION, 87 1.1 christos MODE_SERVER); 88 1.1 christos testpkt.stratum = STRATUM_REFCLOCK; 89 1.1 christos memcpy(&testpkt.refid, "GPS\0", 4); 90 1.1 christos 91 1.1 christos /* Set the origin timestamp of the received packet to the 92 1.1 christos * same value as the transmit timestamp of the sent packet. */ 93 1.1 christos l_fp tmp; 94 1.1 christos tmp.l_ui = 1000UL; 95 1.1 christos tmp.l_uf = 0UL; 96 1.1 christos 97 1.1 christos HTONL_FP(&tmp, &testpkt.org); 98 1.1 christos HTONL_FP(&tmp, &testspkt.xmt); 99 1.1 christos } 100 1.1 christos 101 1.1.1.3 christos 102 1.1.1.3 christos void 103 1.1.1.3 christos tearDown(void) { 104 1.1 christos 105 1.1 christos if (restoreKeyDb) { 106 1.1 christos key_cnt = 0; 107 1.1 christos free(key_ptr); 108 1.1 christos key_ptr = NULL; 109 1.1 christos } 110 1.1 christos 111 1.1 christos sntptest_destroy(); //only on the final test!! if counter == 0 etc... 112 1.1 christos } 113 1.1 christos 114 1.1 christos 115 1.1 christos 116 1.1.1.3 christos void 117 1.1.1.3 christos test_TooShortLength(void) { 118 1.1 christos TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 119 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1, 120 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 121 1.1 christos TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 122 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1, 123 1.1 christos MODE_BROADCAST, &testspkt, "UnitTest")); 124 1.1 christos } 125 1.1 christos 126 1.1.1.3 christos 127 1.1.1.3 christos void 128 1.1.1.3 christos test_LengthNotMultipleOfFour(void) { 129 1.1 christos TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 130 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 6, 131 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 132 1.1 christos TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 133 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 3, 134 1.1 christos MODE_BROADCAST, &testspkt, "UnitTest")); 135 1.1 christos } 136 1.1 christos 137 1.1.1.3 christos 138 1.1.1.3 christos void 139 1.1.1.3 christos test_TooShortExtensionFieldLength(void) { 140 1.1 christos /* The lower 16-bits are the length of the extension field. 141 1.1 christos * This lengths must be multiples of 4 bytes, which gives 142 1.1 christos * a minimum of 4 byte extension field length. */ 143 1.1 christos testpkt.exten[7] = htonl(3); // 3 bytes is too short. 144 1.1 christos 145 1.1 christos /* We send in a pkt_len of header size + 4 byte extension 146 1.1 christos * header + 24 byte MAC, this prevents the length error to 147 1.1 christos * be caught at an earlier stage */ 148 1.1 christos int pkt_len = LEN_PKT_NOMAC + 4 + 24; 149 1.1 christos 150 1.1 christos TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 151 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 152 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 153 1.1 christos } 154 1.1 christos 155 1.1.1.3 christos 156 1.1.1.3 christos void 157 1.1.1.3 christos test_UnauthenticatedPacketReject(void) { 158 1.1 christos //sntptest(); 159 1.1 christos // Activate authentication option 160 1.1 christos ActivateOption("-a", "123"); 161 1.1 christos TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 162 1.1 christos 163 1.1 christos int pkt_len = LEN_PKT_NOMAC; 164 1.1 christos 165 1.1 christos // We demand authentication, but no MAC header is present. 166 1.1 christos TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL, 167 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 168 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 169 1.1 christos } 170 1.1 christos 171 1.1.1.3 christos 172 1.1.1.3 christos void 173 1.1.1.3 christos test_CryptoNAKPacketReject(void) { 174 1.1 christos // Activate authentication option 175 1.1 christos ActivateOption("-a", "123"); 176 1.1 christos TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 177 1.1 christos 178 1.1 christos int pkt_len = LEN_PKT_NOMAC + 4; // + 4 byte MAC = Crypto-NAK 179 1.1 christos 180 1.1 christos TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL, 181 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 182 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 183 1.1 christos } 184 1.1 christos 185 1.1.1.3 christos 186 1.1.1.3 christos void 187 1.1.1.3 christos test_AuthenticatedPacketInvalid(void) { 188 1.1 christos // Activate authentication option 189 1.1 christos PrepareAuthenticationTestMD5(50, 9, "123456789"); 190 1.1 christos TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 191 1.1 christos 192 1.1 christos // Prepare the packet. 193 1.1 christos int pkt_len = LEN_PKT_NOMAC; 194 1.1 christos 195 1.1 christos testpkt.exten[0] = htonl(50); 196 1.1 christos int mac_len = make_mac((char*)&testpkt, pkt_len, 197 1.1 christos MAX_MD5_LEN, key_ptr, 198 1.1 christos (char*)&testpkt.exten[1]); 199 1.1 christos 200 1.1 christos pkt_len += 4 + mac_len; 201 1.1 christos 202 1.1 christos // Now, alter the MAC so it becomes invalid. 203 1.1 christos testpkt.exten[1] += 1; 204 1.1 christos 205 1.1 christos TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL, 206 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 207 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 208 1.1 christos } 209 1.1 christos 210 1.1.1.3 christos 211 1.1.1.3 christos void 212 1.1.1.3 christos test_AuthenticatedPacketUnknownKey(void) { 213 1.1 christos // Activate authentication option 214 1.1 christos PrepareAuthenticationTestMD5(30, 9, "123456789"); 215 1.1 christos TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 216 1.1 christos 217 1.1 christos // Prepare the packet. Observe that the Key-ID expected is 30, 218 1.1 christos // but the packet has a key id of 50. 219 1.1 christos int pkt_len = LEN_PKT_NOMAC; 220 1.1 christos 221 1.1 christos testpkt.exten[0] = htonl(50); 222 1.1 christos int mac_len = make_mac((char*)&testpkt, pkt_len, 223 1.1 christos MAX_MD5_LEN, key_ptr, 224 1.1 christos (char*)&testpkt.exten[1]); 225 1.1 christos pkt_len += 4 + mac_len; 226 1.1 christos 227 1.1 christos TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL, 228 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 229 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 230 1.1 christos } 231 1.1 christos 232 1.1.1.3 christos 233 1.1.1.3 christos void 234 1.1.1.3 christos test_ServerVersionTooOld(void) { 235 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 236 1.1 christos 237 1.1 christos testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, 238 1.1 christos NTP_OLDVERSION - 1, 239 1.1 christos MODE_CLIENT); 240 1.1 christos TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) < NTP_OLDVERSION); 241 1.1 christos 242 1.1 christos int pkt_len = LEN_PKT_NOMAC; 243 1.1 christos 244 1.1 christos TEST_ASSERT_EQUAL(SERVER_UNUSEABLE, 245 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 246 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 247 1.1 christos } 248 1.1 christos 249 1.1.1.3 christos 250 1.1.1.3 christos void 251 1.1.1.3 christos test_ServerVersionTooNew(void) { 252 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 253 1.1 christos 254 1.1 christos testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, 255 1.1 christos NTP_VERSION + 1, 256 1.1 christos MODE_CLIENT); 257 1.1 christos TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) > NTP_VERSION); 258 1.1 christos 259 1.1 christos int pkt_len = LEN_PKT_NOMAC; 260 1.1 christos 261 1.1 christos TEST_ASSERT_EQUAL(SERVER_UNUSEABLE, 262 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 263 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 264 1.1 christos } 265 1.1 christos 266 1.1.1.3 christos 267 1.1.1.3 christos void 268 1.1.1.3 christos test_NonWantedMode(void) { 269 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 270 1.1 christos 271 1.1 christos testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, 272 1.1 christos NTP_VERSION, 273 1.1 christos MODE_CLIENT); 274 1.1 christos 275 1.1 christos // The packet has a mode of MODE_CLIENT, but process_pkt expects MODE_SERVER 276 1.1 christos 277 1.1 christos TEST_ASSERT_EQUAL(SERVER_UNUSEABLE, 278 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 279 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 280 1.1 christos } 281 1.1 christos 282 1.1.1.3 christos 283 1.1 christos /* Tests bug 1597 */ 284 1.1.1.3 christos void 285 1.1.1.3 christos test_KoDRate(void) { 286 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 287 1.1 christos 288 1.1 christos testpkt.stratum = STRATUM_PKT_UNSPEC; 289 1.1 christos memcpy(&testpkt.refid, "RATE", 4); 290 1.1 christos 291 1.1 christos TEST_ASSERT_EQUAL(KOD_RATE, 292 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 293 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 294 1.1 christos } 295 1.1 christos 296 1.1.1.3 christos 297 1.1.1.3 christos void 298 1.1.1.3 christos test_KoDDeny(void) { 299 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 300 1.1 christos 301 1.1 christos testpkt.stratum = STRATUM_PKT_UNSPEC; 302 1.1 christos memcpy(&testpkt.refid, "DENY", 4); 303 1.1 christos 304 1.1 christos TEST_ASSERT_EQUAL(KOD_DEMOBILIZE, 305 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 306 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 307 1.1 christos } 308 1.1 christos 309 1.1.1.3 christos 310 1.1.1.3 christos void 311 1.1.1.3 christos test_RejectUnsyncedServer(void) { 312 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 313 1.1 christos 314 1.1 christos testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOTINSYNC, 315 1.1 christos NTP_VERSION, 316 1.1 christos MODE_SERVER); 317 1.1 christos 318 1.1 christos TEST_ASSERT_EQUAL(SERVER_UNUSEABLE, 319 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 320 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 321 1.1 christos } 322 1.1 christos 323 1.1.1.3 christos 324 1.1.1.3 christos void 325 1.1.1.3 christos test_RejectWrongResponseServerMode(void) { 326 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 327 1.1 christos 328 1.1 christos l_fp tmp; 329 1.1 christos tmp.l_ui = 1000UL; 330 1.1 christos tmp.l_uf = 0UL; 331 1.1 christos HTONL_FP(&tmp, &testpkt.org); 332 1.1 christos 333 1.1 christos tmp.l_ui = 2000UL; 334 1.1 christos tmp.l_uf = 0UL; 335 1.1 christos HTONL_FP(&tmp, &testspkt.xmt); 336 1.1 christos 337 1.1 christos TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 338 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 339 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 340 1.1 christos } 341 1.1 christos 342 1.1.1.3 christos 343 1.1.1.3 christos void 344 1.1.1.3 christos test_AcceptNoSentPacketBroadcastMode(void) { 345 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 346 1.1 christos 347 1.1 christos testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, 348 1.1 christos NTP_VERSION, 349 1.1 christos MODE_BROADCAST); 350 1.1 christos 351 1.1 christos TEST_ASSERT_EQUAL(LEN_PKT_NOMAC, 352 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 353 1.1 christos MODE_BROADCAST, NULL, "UnitTest")); 354 1.1 christos } 355 1.1 christos 356 1.1.1.3 christos 357 1.1.1.3 christos void 358 1.1.1.3 christos test_CorrectUnauthenticatedPacket(void) { 359 1.1 christos TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 360 1.1 christos 361 1.1 christos TEST_ASSERT_EQUAL(LEN_PKT_NOMAC, 362 1.1 christos process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 363 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 364 1.1 christos } 365 1.1 christos 366 1.1.1.3 christos 367 1.1.1.3 christos void 368 1.1.1.3 christos test_CorrectAuthenticatedPacketMD5(void) { 369 1.1 christos PrepareAuthenticationTestMD5(10, 15, "123456789abcdef"); 370 1.1 christos TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 371 1.1 christos 372 1.1 christos int pkt_len = LEN_PKT_NOMAC; 373 1.1 christos 374 1.1 christos // Prepare the packet. 375 1.1 christos testpkt.exten[0] = htonl(10); 376 1.1 christos int mac_len = make_mac((char*)&testpkt, pkt_len, 377 1.1 christos MAX_MD5_LEN, key_ptr, 378 1.1 christos (char*)&testpkt.exten[1]); 379 1.1 christos 380 1.1 christos pkt_len += 4 + mac_len; 381 1.1 christos 382 1.1 christos TEST_ASSERT_EQUAL(pkt_len, 383 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 384 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 385 1.1 christos 386 1.1 christos } 387 1.1 christos 388 1.1.1.3 christos 389 1.1.1.3 christos void 390 1.1.1.3 christos test_CorrectAuthenticatedPacketSHA1(void) { 391 1.1 christos PrepareAuthenticationTest(20, 15, "SHA1", "abcdefghijklmno"); 392 1.1 christos TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 393 1.1 christos 394 1.1 christos int pkt_len = LEN_PKT_NOMAC; 395 1.1 christos 396 1.1 christos // Prepare the packet. 397 1.1 christos testpkt.exten[0] = htonl(20); 398 1.1 christos int mac_len = make_mac((char*)&testpkt, pkt_len, 399 1.1 christos MAX_MAC_LEN, key_ptr, 400 1.1 christos (char*)&testpkt.exten[1]); 401 1.1 christos 402 1.1 christos pkt_len += 4 + mac_len; 403 1.1 christos 404 1.1 christos TEST_ASSERT_EQUAL(pkt_len, 405 1.1 christos process_pkt(&testpkt, &testsock, pkt_len, 406 1.1 christos MODE_SERVER, &testspkt, "UnitTest")); 407 1.1 christos } 408
Indexes created Mon Mar 16 00:23:04 UTC 2026