3 /* need autokey for some of the tests, or the will create buffer overruns. */
9 #include "networking.h"
10 #include "ntp_stdlib.h"
14 const char * Version = "stub unit test Version string";
16 // Hacks into the key database.
17 extern struct key* key_ptr;
21 void PrepareAuthenticationTest(int key_id,int key_len,const char* type,const void* key_seq);
22 void PrepareAuthenticationTestMD5(int key_id,int key_len,const void* key_seq);
25 void test_TooShortLength(void);
26 void test_LengthNotMultipleOfFour(void);
27 void test_TooShortExtensionFieldLength(void);
28 void test_UnauthenticatedPacketReject(void);
29 void test_CryptoNAKPacketReject(void);
30 void test_AuthenticatedPacketInvalid(void);
31 void test_AuthenticatedPacketUnknownKey(void);
32 void test_ServerVersionTooOld(void);
33 void test_ServerVersionTooNew(void);
34 void test_NonWantedMode(void);
35 void test_KoDRate(void);
36 void test_KoDDeny(void);
37 void test_RejectUnsyncedServer(void);
38 void test_RejectWrongResponseServerMode(void);
39 void test_AcceptNoSentPacketBroadcastMode(void);
40 void test_CorrectUnauthenticatedPacket(void);
41 void test_CorrectAuthenticatedPacketMD5(void);
42 void test_CorrectAuthenticatedPacketSHA1(void);
45 static struct pkt testpkt;
46 static struct pkt testspkt;
47 static sockaddr_u testsock;
52 PrepareAuthenticationTest(
60 snprintf(str, 25, "%d", key_id);
61 ActivateOption("-a", str);
64 key_ptr = emalloc(sizeof(struct key));
66 key_ptr->key_id = key_id;
67 key_ptr->key_len = key_len;
68 memcpy(key_ptr->type, "MD5", 3);
70 TEST_ASSERT_TRUE(key_len < sizeof(key_ptr->key_seq));
72 memcpy(key_ptr->key_seq, key_seq, key_ptr->key_len);
78 PrepareAuthenticationTestMD5(
84 PrepareAuthenticationTest(key_id, key_len, "MD5", key_seq);
95 /* Initialize the test packet and socket,
96 * so they contain at least some valid data.
98 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, NTP_VERSION,
100 testpkt.stratum = STRATUM_REFCLOCK;
101 memcpy(&testpkt.refid, "GPS\0", 4);
103 /* Set the origin timestamp of the received packet to the
104 * same value as the transmit timestamp of the sent packet.
110 HTONL_FP(&tmp, &testpkt.org);
111 HTONL_FP(&tmp, &testspkt.xmt);
124 sntptest_destroy(); /* only on the final test!! if counter == 0 etc... */
129 test_TooShortLength(void)
131 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
132 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1,
133 MODE_SERVER, &testspkt, "UnitTest"));
134 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
135 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1,
136 MODE_BROADCAST, &testspkt, "UnitTest"));
141 test_LengthNotMultipleOfFour(void)
143 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
144 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 6,
145 MODE_SERVER, &testspkt, "UnitTest"));
146 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
147 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 3,
148 MODE_BROADCAST, &testspkt, "UnitTest"));
153 test_TooShortExtensionFieldLength(void)
155 /* The lower 16-bits are the length of the extension field.
156 * This lengths must be multiples of 4 bytes, which gives
157 * a minimum of 4 byte extension field length.
159 testpkt.exten[7] = htonl(3); /* 3 bytes is too short. */
161 /* We send in a pkt_len of header size + 4 byte extension
162 * header + 24 byte MAC, this prevents the length error to
163 * be caught at an earlier stage
165 int pkt_len = LEN_PKT_NOMAC + 4 + 24;
167 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
168 process_pkt(&testpkt, &testsock, pkt_len,
169 MODE_SERVER, &testspkt, "UnitTest"));
174 test_UnauthenticatedPacketReject(void)
176 /* Activate authentication option */
177 ActivateOption("-a", "123");
178 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
180 int pkt_len = LEN_PKT_NOMAC;
182 /* We demand authentication, but no MAC header is present. */
183 TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
184 process_pkt(&testpkt, &testsock, pkt_len,
185 MODE_SERVER, &testspkt, "UnitTest"));
190 test_CryptoNAKPacketReject(void)
192 /* Activate authentication option */
193 ActivateOption("-a", "123");
194 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
196 int pkt_len = LEN_PKT_NOMAC + 4; /* + 4 byte MAC = Crypto-NAK */
198 TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
199 process_pkt(&testpkt, &testsock, pkt_len,
200 MODE_SERVER, &testspkt, "UnitTest"));
205 test_AuthenticatedPacketInvalid(void)
207 /* Activate authentication option */
208 PrepareAuthenticationTestMD5(50, 9, "123456789");
209 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
211 /* Prepare the packet. */
212 int pkt_len = LEN_PKT_NOMAC;
214 testpkt.exten[0] = htonl(50);
215 int mac_len = make_mac(&testpkt, pkt_len,
216 MAX_MD5_LEN, key_ptr,
219 pkt_len += 4 + mac_len;
221 /* Now, alter the MAC so it becomes invalid. */
222 testpkt.exten[1] += 1;
224 TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
225 process_pkt(&testpkt, &testsock, pkt_len,
226 MODE_SERVER, &testspkt, "UnitTest"));
231 test_AuthenticatedPacketUnknownKey(void)
233 /* Activate authentication option */
234 PrepareAuthenticationTestMD5(30, 9, "123456789");
235 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
237 /* Prepare the packet. Note that the Key-ID expected is 30, but
238 * the packet has a key id of 50.
240 int pkt_len = LEN_PKT_NOMAC;
242 testpkt.exten[0] = htonl(50);
243 int mac_len = make_mac(&testpkt, pkt_len,
244 MAX_MD5_LEN, key_ptr,
246 pkt_len += 4 + mac_len;
248 TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
249 process_pkt(&testpkt, &testsock, pkt_len,
250 MODE_SERVER, &testspkt, "UnitTest"));
255 test_ServerVersionTooOld(void)
257 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
259 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
262 TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) < NTP_OLDVERSION);
264 int pkt_len = LEN_PKT_NOMAC;
266 TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
267 process_pkt(&testpkt, &testsock, pkt_len,
268 MODE_SERVER, &testspkt, "UnitTest"));
273 test_ServerVersionTooNew(void)
275 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
277 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
280 TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) > NTP_VERSION);
282 int pkt_len = LEN_PKT_NOMAC;
284 TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
285 process_pkt(&testpkt, &testsock, pkt_len,
286 MODE_SERVER, &testspkt, "UnitTest"));
291 test_NonWantedMode(void)
293 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
295 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
299 /* The packet has a mode of MODE_CLIENT, but process_pkt expects
302 TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
303 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
304 MODE_SERVER, &testspkt, "UnitTest"));
312 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
314 testpkt.stratum = STRATUM_PKT_UNSPEC;
315 memcpy(&testpkt.refid, "RATE", 4);
317 TEST_ASSERT_EQUAL(KOD_RATE,
318 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
319 MODE_SERVER, &testspkt, "UnitTest"));
326 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
328 testpkt.stratum = STRATUM_PKT_UNSPEC;
329 memcpy(&testpkt.refid, "DENY", 4);
331 TEST_ASSERT_EQUAL(KOD_DEMOBILIZE,
332 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
333 MODE_SERVER, &testspkt, "UnitTest"));
338 test_RejectUnsyncedServer(void)
340 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
342 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOTINSYNC,
346 TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
347 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
348 MODE_SERVER, &testspkt, "UnitTest"));
353 test_RejectWrongResponseServerMode(void)
355 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
360 HTONL_FP(&tmp, &testpkt.org);
364 HTONL_FP(&tmp, &testspkt.xmt);
366 TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
367 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
368 MODE_SERVER, &testspkt, "UnitTest"));
373 test_AcceptNoSentPacketBroadcastMode(void)
375 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
377 testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
381 TEST_ASSERT_EQUAL(LEN_PKT_NOMAC,
382 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
383 MODE_BROADCAST, NULL, "UnitTest"));
388 test_CorrectUnauthenticatedPacket(void)
390 TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
392 TEST_ASSERT_EQUAL(LEN_PKT_NOMAC,
393 process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
394 MODE_SERVER, &testspkt, "UnitTest"));
399 test_CorrectAuthenticatedPacketMD5(void)
401 PrepareAuthenticationTestMD5(10, 15, "123456789abcdef");
402 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
404 int pkt_len = LEN_PKT_NOMAC;
406 /* Prepare the packet. */
407 testpkt.exten[0] = htonl(10);
408 int mac_len = make_mac(&testpkt, pkt_len,
409 MAX_MD5_LEN, key_ptr,
412 pkt_len += 4 + mac_len;
414 TEST_ASSERT_EQUAL(pkt_len,
415 process_pkt(&testpkt, &testsock, pkt_len,
416 MODE_SERVER, &testspkt, "UnitTest"));
421 test_CorrectAuthenticatedPacketSHA1(void)
423 PrepareAuthenticationTest(20, 15, "SHA1", "abcdefghijklmno");
424 TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
426 int pkt_len = LEN_PKT_NOMAC;
428 /* Prepare the packet. */
429 testpkt.exten[0] = htonl(20);
430 int mac_len = make_mac(&testpkt, pkt_len,
431 MAX_MAC_LEN, key_ptr,
434 pkt_len += 4 + mac_len;
436 TEST_ASSERT_EQUAL(pkt_len,
437 process_pkt(&testpkt, &testsock, pkt_len,
438 MODE_SERVER, &testspkt, "UnitTest"));