packetProcessing.c revision 1.1.1.4
1 #include "config.h" 2 #include "sntptest.h" 3 #include "networking.h" 4 #include "ntp_stdlib.h" 5 #include "unity.h" 6 7 8 const char * Version = "stub unit test Version string"; 9 10 // Hacks into the key database. 11 extern struct key* key_ptr; 12 extern int key_cnt; 13 14 15 void PrepareAuthenticationTest(int key_id,int key_len,const char* type,const void* key_seq); 16 void PrepareAuthenticationTestMD5(int key_id,int key_len,const void* key_seq); 17 void setUp(void); 18 void tearDown(void); 19 void test_TooShortLength(void); 20 void test_LengthNotMultipleOfFour(void); 21 void test_TooShortExtensionFieldLength(void); 22 void test_UnauthenticatedPacketReject(void); 23 void test_CryptoNAKPacketReject(void); 24 void test_AuthenticatedPacketInvalid(void); 25 void test_AuthenticatedPacketUnknownKey(void); 26 void test_ServerVersionTooOld(void); 27 void test_ServerVersionTooNew(void); 28 void test_NonWantedMode(void); 29 void test_KoDRate(void); 30 void test_KoDDeny(void); 31 void test_RejectUnsyncedServer(void); 32 void test_RejectWrongResponseServerMode(void); 33 void test_AcceptNoSentPacketBroadcastMode(void); 34 void test_CorrectUnauthenticatedPacket(void); 35 void test_CorrectAuthenticatedPacketMD5(void); 36 void test_CorrectAuthenticatedPacketSHA1(void); 37 38 39 static struct pkt testpkt; 40 static struct pkt testspkt; 41 static sockaddr_u testsock; 42 bool restoreKeyDb; 43 44 45 void 46 PrepareAuthenticationTest(int key_id, 47 int key_len, 48 const char* type, 49 const void* key_seq) { 50 char str[25]; 51 snprintf(str, 25, "%d", key_id); 52 ActivateOption("-a", str); 53 54 key_cnt = 1; 55 key_ptr = emalloc(sizeof(struct key)); 56 key_ptr->next = NULL; 57 key_ptr->key_id = key_id; 58 key_ptr->key_len = key_len; 59 memcpy(key_ptr->type, "MD5", 3); 60 61 TEST_ASSERT_TRUE(key_len < sizeof(key_ptr->key_seq)); 62 63 memcpy(key_ptr->key_seq, key_seq, key_ptr->key_len); 64 restoreKeyDb = true; 65 } 66 67 68 void 69 PrepareAuthenticationTestMD5(int key_id, 70 int key_len, 71 const void* key_seq) { 72 PrepareAuthenticationTest(key_id, key_len, "MD5", key_seq); 73 } 74 75 76 void 77 setUp(void) { 78 79 sntptest(); 80 restoreKeyDb = false; 81 82 /* Initialize the test packet and socket, 83 * so they contain at least some valid data. */ 84 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, NTP_VERSION, 85 MODE_SERVER); 86 testpkt.stratum = STRATUM_REFCLOCK; 87 memcpy(&testpkt.refid, "GPS\0", 4); 88 89 /* Set the origin timestamp of the received packet to the 90 * same value as the transmit timestamp of the sent packet. */ 91 l_fp tmp; 92 tmp.l_ui = 1000UL; 93 tmp.l_uf = 0UL; 94 95 HTONL_FP(&tmp, &testpkt.org); 96 HTONL_FP(&tmp, &testspkt.xmt); 97 } 98 99 100 void 101 tearDown(void) { 102 103 if (restoreKeyDb) { 104 key_cnt = 0; 105 free(key_ptr); 106 key_ptr = NULL; 107 } 108 109 sntptest_destroy(); //only on the final test!! if counter == 0 etc... 110 } 111 112 113 114 void 115 test_TooShortLength(void) { 116 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 117 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1, 118 MODE_SERVER, &testspkt, "UnitTest")); 119 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 120 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1, 121 MODE_BROADCAST, &testspkt, "UnitTest")); 122 } 123 124 125 void 126 test_LengthNotMultipleOfFour(void) { 127 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 128 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 6, 129 MODE_SERVER, &testspkt, "UnitTest")); 130 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 131 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 3, 132 MODE_BROADCAST, &testspkt, "UnitTest")); 133 } 134 135 136 void 137 test_TooShortExtensionFieldLength(void) { 138 /* The lower 16-bits are the length of the extension field. 139 * This lengths must be multiples of 4 bytes, which gives 140 * a minimum of 4 byte extension field length. */ 141 testpkt.exten[7] = htonl(3); // 3 bytes is too short. 142 143 /* We send in a pkt_len of header size + 4 byte extension 144 * header + 24 byte MAC, this prevents the length error to 145 * be caught at an earlier stage */ 146 int pkt_len = LEN_PKT_NOMAC + 4 + 24; 147 148 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 149 process_pkt(&testpkt, &testsock, pkt_len, 150 MODE_SERVER, &testspkt, "UnitTest")); 151 } 152 153 154 void 155 test_UnauthenticatedPacketReject(void) { 156 //sntptest(); 157 // Activate authentication option 158 ActivateOption("-a", "123"); 159 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 160 161 int pkt_len = LEN_PKT_NOMAC; 162 163 // We demand authentication, but no MAC header is present. 164 TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL, 165 process_pkt(&testpkt, &testsock, pkt_len, 166 MODE_SERVER, &testspkt, "UnitTest")); 167 } 168 169 170 void 171 test_CryptoNAKPacketReject(void) { 172 // Activate authentication option 173 ActivateOption("-a", "123"); 174 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 175 176 int pkt_len = LEN_PKT_NOMAC + 4; // + 4 byte MAC = Crypto-NAK 177 178 TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL, 179 process_pkt(&testpkt, &testsock, pkt_len, 180 MODE_SERVER, &testspkt, "UnitTest")); 181 } 182 183 184 void 185 test_AuthenticatedPacketInvalid(void) { 186 // Activate authentication option 187 PrepareAuthenticationTestMD5(50, 9, "123456789"); 188 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 189 190 // Prepare the packet. 191 int pkt_len = LEN_PKT_NOMAC; 192 193 testpkt.exten[0] = htonl(50); 194 int mac_len = make_mac((char*)&testpkt, pkt_len, 195 MAX_MD5_LEN, key_ptr, 196 (char*)&testpkt.exten[1]); 197 198 pkt_len += 4 + mac_len; 199 200 // Now, alter the MAC so it becomes invalid. 201 testpkt.exten[1] += 1; 202 203 TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL, 204 process_pkt(&testpkt, &testsock, pkt_len, 205 MODE_SERVER, &testspkt, "UnitTest")); 206 } 207 208 209 void 210 test_AuthenticatedPacketUnknownKey(void) { 211 // Activate authentication option 212 PrepareAuthenticationTestMD5(30, 9, "123456789"); 213 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 214 215 // Prepare the packet. Observe that the Key-ID expected is 30, 216 // but the packet has a key id of 50. 217 int pkt_len = LEN_PKT_NOMAC; 218 219 testpkt.exten[0] = htonl(50); 220 int mac_len = make_mac((char*)&testpkt, pkt_len, 221 MAX_MD5_LEN, key_ptr, 222 (char*)&testpkt.exten[1]); 223 pkt_len += 4 + mac_len; 224 225 TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL, 226 process_pkt(&testpkt, &testsock, pkt_len, 227 MODE_SERVER, &testspkt, "UnitTest")); 228 } 229 230 231 void 232 test_ServerVersionTooOld(void) { 233 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 234 235 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, 236 NTP_OLDVERSION - 1, 237 MODE_CLIENT); 238 TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) < NTP_OLDVERSION); 239 240 int pkt_len = LEN_PKT_NOMAC; 241 242 TEST_ASSERT_EQUAL(SERVER_UNUSEABLE, 243 process_pkt(&testpkt, &testsock, pkt_len, 244 MODE_SERVER, &testspkt, "UnitTest")); 245 } 246 247 248 void 249 test_ServerVersionTooNew(void) { 250 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 251 252 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, 253 NTP_VERSION + 1, 254 MODE_CLIENT); 255 TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) > NTP_VERSION); 256 257 int pkt_len = LEN_PKT_NOMAC; 258 259 TEST_ASSERT_EQUAL(SERVER_UNUSEABLE, 260 process_pkt(&testpkt, &testsock, pkt_len, 261 MODE_SERVER, &testspkt, "UnitTest")); 262 } 263 264 265 void 266 test_NonWantedMode(void) { 267 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 268 269 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, 270 NTP_VERSION, 271 MODE_CLIENT); 272 273 // The packet has a mode of MODE_CLIENT, but process_pkt expects MODE_SERVER 274 275 TEST_ASSERT_EQUAL(SERVER_UNUSEABLE, 276 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 277 MODE_SERVER, &testspkt, "UnitTest")); 278 } 279 280 281 /* Tests bug 1597 */ 282 void 283 test_KoDRate(void) { 284 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 285 286 testpkt.stratum = STRATUM_PKT_UNSPEC; 287 memcpy(&testpkt.refid, "RATE", 4); 288 289 TEST_ASSERT_EQUAL(KOD_RATE, 290 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 291 MODE_SERVER, &testspkt, "UnitTest")); 292 } 293 294 295 void 296 test_KoDDeny(void) { 297 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 298 299 testpkt.stratum = STRATUM_PKT_UNSPEC; 300 memcpy(&testpkt.refid, "DENY", 4); 301 302 TEST_ASSERT_EQUAL(KOD_DEMOBILIZE, 303 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 304 MODE_SERVER, &testspkt, "UnitTest")); 305 } 306 307 308 void 309 test_RejectUnsyncedServer(void) { 310 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 311 312 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOTINSYNC, 313 NTP_VERSION, 314 MODE_SERVER); 315 316 TEST_ASSERT_EQUAL(SERVER_UNUSEABLE, 317 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 318 MODE_SERVER, &testspkt, "UnitTest")); 319 } 320 321 322 void 323 test_RejectWrongResponseServerMode(void) { 324 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 325 326 l_fp tmp; 327 tmp.l_ui = 1000UL; 328 tmp.l_uf = 0UL; 329 HTONL_FP(&tmp, &testpkt.org); 330 331 tmp.l_ui = 2000UL; 332 tmp.l_uf = 0UL; 333 HTONL_FP(&tmp, &testspkt.xmt); 334 335 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE, 336 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 337 MODE_SERVER, &testspkt, "UnitTest")); 338 } 339 340 341 void 342 test_AcceptNoSentPacketBroadcastMode(void) { 343 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 344 345 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, 346 NTP_VERSION, 347 MODE_BROADCAST); 348 349 TEST_ASSERT_EQUAL(LEN_PKT_NOMAC, 350 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 351 MODE_BROADCAST, NULL, "UnitTest")); 352 } 353 354 355 void 356 test_CorrectUnauthenticatedPacket(void) { 357 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION)); 358 359 TEST_ASSERT_EQUAL(LEN_PKT_NOMAC, 360 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC, 361 MODE_SERVER, &testspkt, "UnitTest")); 362 } 363 364 365 void 366 test_CorrectAuthenticatedPacketMD5(void) { 367 PrepareAuthenticationTestMD5(10, 15, "123456789abcdef"); 368 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 369 370 int pkt_len = LEN_PKT_NOMAC; 371 372 // Prepare the packet. 373 testpkt.exten[0] = htonl(10); 374 int mac_len = make_mac((char*)&testpkt, pkt_len, 375 MAX_MD5_LEN, key_ptr, 376 (char*)&testpkt.exten[1]); 377 378 pkt_len += 4 + mac_len; 379 380 TEST_ASSERT_EQUAL(pkt_len, 381 process_pkt(&testpkt, &testsock, pkt_len, 382 MODE_SERVER, &testspkt, "UnitTest")); 383 384 } 385 386 387 void 388 test_CorrectAuthenticatedPacketSHA1(void) { 389 PrepareAuthenticationTest(20, 15, "SHA1", "abcdefghijklmno"); 390 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION)); 391 392 int pkt_len = LEN_PKT_NOMAC; 393 394 // Prepare the packet. 395 testpkt.exten[0] = htonl(20); 396 int mac_len = make_mac((char*)&testpkt, pkt_len, 397 MAX_MAC_LEN, key_ptr, 398 (char*)&testpkt.exten[1]); 399 400 pkt_len += 4 + mac_len; 401 402 TEST_ASSERT_EQUAL(pkt_len, 403 process_pkt(&testpkt, &testsock, pkt_len, 404 MODE_SERVER, &testspkt, "UnitTest")); 405 } 406
Indexes created Mon Mar 16 00:23:04 UTC 2026