Skip to content

Commit a9f4234

Browse files
JeremiahM37JeremiahM37
committed
add tests for fenrir fixes
1 parent d468e41 commit a9f4234

1 file changed

Lines changed: 126 additions & 0 deletions

File tree

tests/unittests.c

Lines changed: 126 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1573,6 +1573,16 @@ static int test_static_routes(void) {
15731573

15741574
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_route_default_policy_set(WOLFSENTRY_CONTEXT_ARGS_OUT, WOLFSENTRY_ACTION_RES_NONE));
15751575

1576+
/* non-decisional default_policy values (STOP/ERROR alone) must be rejected. */
1577+
WOLFSENTRY_EXIT_UNLESS_EXPECTED_FAILURE(
1578+
INVALID_ARG,
1579+
wolfsentry_route_default_policy_set(WOLFSENTRY_CONTEXT_ARGS_OUT, WOLFSENTRY_ACTION_RES_STOP));
1580+
WOLFSENTRY_EXIT_UNLESS_EXPECTED_FAILURE(
1581+
INVALID_ARG,
1582+
wolfsentry_route_default_policy_set(WOLFSENTRY_CONTEXT_ARGS_OUT, WOLFSENTRY_ACTION_RES_ERROR));
1583+
WOLFSENTRY_EXIT_UNLESS_EXPECTED_FAILURE(
1584+
INVALID_ARG,
1585+
wolfsentry_route_default_policy_set(WOLFSENTRY_CONTEXT_ARGS_OUT, WOLFSENTRY_ACTION_RES_STOP | WOLFSENTRY_ACTION_RES_ERROR));
15761586

15771587
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_route_insert(WOLFSENTRY_CONTEXT_ARGS_OUT, NULL /* caller_arg */, &remote.sa, &local.sa, flags, 0 /* event_label_len */, 0 /* event_label */, &id, &action_results));
15781588

@@ -2747,6 +2757,65 @@ static int test_static_routes(void) {
27472757
&action_results));
27482758
}
27492759

2760+
/* max_connection_count == 0 means "no limit": CONNECT dispatches must not
2761+
* be rejected regardless of how many times we fire them.
2762+
*/
2763+
{
2764+
struct wolfsentry_eventconfig nolimit_config = config;
2765+
wolfsentry_ent_id_t nolimit_event_id, nolimit_route_id;
2766+
wolfsentry_route_flags_t nolimit_flags;
2767+
unsigned int i;
2768+
2769+
nolimit_config.max_connection_count = 0;
2770+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_event_insert(
2771+
WOLFSENTRY_CONTEXT_ARGS_OUT,
2772+
"nolimit-conn-test",
2773+
WOLFSENTRY_LENGTH_NULL_TERMINATED,
2774+
0 /* priority */,
2775+
&nolimit_config,
2776+
WOLFSENTRY_EVENT_FLAG_NONE,
2777+
&nolimit_event_id));
2778+
2779+
WOLFSENTRY_CLEAR_ALL_BITS(nolimit_flags);
2780+
WOLFSENTRY_SET_BITS(nolimit_flags, WOLFSENTRY_ROUTE_FLAG_TCPLIKE_PORT_NUMBERS
2781+
| WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN
2782+
| WOLFSENTRY_ROUTE_FLAG_GREENLISTED);
2783+
memcpy(remote.sa.addr, "\7\10\11\12", sizeof remote.addr_buf);
2784+
memcpy(local.sa.addr, "\377\376\375\374", sizeof local.addr_buf);
2785+
2786+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_route_insert(
2787+
WOLFSENTRY_CONTEXT_ARGS_OUT,
2788+
NULL /* caller_arg */,
2789+
&remote.sa, &local.sa, nolimit_flags,
2790+
"nolimit-conn-test",
2791+
WOLFSENTRY_LENGTH_NULL_TERMINATED,
2792+
&nolimit_route_id, &action_results));
2793+
2794+
for (i = 0; i < 20; ++i) {
2795+
WOLFSENTRY_CLEAR_ALL_BITS(action_results);
2796+
WOLFSENTRY_SET_BITS(action_results, WOLFSENTRY_ACTION_RES_CONNECT);
2797+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_route_event_dispatch_with_inited_result(
2798+
WOLFSENTRY_CONTEXT_ARGS_OUT,
2799+
&remote.sa, &local.sa, nolimit_flags,
2800+
NULL /* event_label */, 0 /* event_label_len */,
2801+
NULL /* caller_arg */,
2802+
&id, &inexact_matches, &action_results));
2803+
WOLFSENTRY_EXIT_ON_TRUE(WOLFSENTRY_CHECK_BITS(action_results, WOLFSENTRY_ACTION_RES_REJECT));
2804+
}
2805+
2806+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_route_delete_by_id(
2807+
WOLFSENTRY_CONTEXT_ARGS_OUT,
2808+
NULL /* caller_arg */,
2809+
nolimit_route_id,
2810+
NULL /* event_label */, 0 /* event_label_len */,
2811+
&action_results));
2812+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_event_delete(
2813+
WOLFSENTRY_CONTEXT_ARGS_OUT,
2814+
"nolimit-conn-test",
2815+
WOLFSENTRY_LENGTH_NULL_TERMINATED,
2816+
&action_results));
2817+
}
2818+
27502819
printf("all subtests succeeded -- %u distinct ents inserted and deleted.\n",wolfsentry->mk_id_cb_state.id_counter);
27512820

27522821
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX(&wolfsentry)));
@@ -3703,6 +3772,44 @@ static int test_user_values(void) {
37033772

37043773
}
37053774

3775+
#ifdef WOLFSENTRY_HAVE_JSON_DOM
3776+
/* strings rendered as JSON must escape quotes and backslashes. */
3777+
{
3778+
static const char raw[] = "a\"b\\c";
3779+
const struct wolfsentry_kv_pair *kv_exports;
3780+
char render_buf[64];
3781+
int render_buf_space = (int)sizeof render_buf;
3782+
3783+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_user_value_store_string(
3784+
WOLFSENTRY_CONTEXT_ARGS_OUT,
3785+
"json_escape_string",
3786+
WOLFSENTRY_LENGTH_NULL_TERMINATED,
3787+
raw,
3788+
WOLFSENTRY_LENGTH_NULL_TERMINATED,
3789+
0));
3790+
{
3791+
const char *value = NULL;
3792+
int value_len = -1;
3793+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_user_value_get_string(
3794+
WOLFSENTRY_CONTEXT_ARGS_OUT,
3795+
"json_escape_string",
3796+
WOLFSENTRY_LENGTH_NULL_TERMINATED,
3797+
&value, &value_len, &kv_ref));
3798+
}
3799+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_context_lock_shared(WOLFSENTRY_CONTEXT_ARGS_OUT));
3800+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_kv_pair_export(WOLFSENTRY_CONTEXT_ARGS_OUT, kv_ref, &kv_exports));
3801+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_kv_render_value(WOLFSENTRY_CONTEXT_ARGS_OUT, kv_exports, render_buf, &render_buf_space));
3802+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_context_unlock(WOLFSENTRY_CONTEXT_ARGS_OUT));
3803+
WOLFSENTRY_EXIT_ON_FALSE(strstr(render_buf, "\\\"") != NULL);
3804+
WOLFSENTRY_EXIT_ON_FALSE(strstr(render_buf, "\\\\") != NULL);
3805+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_user_value_release_record(WOLFSENTRY_CONTEXT_ARGS_OUT, &kv_ref));
3806+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_user_value_delete(
3807+
WOLFSENTRY_CONTEXT_ARGS_OUT,
3808+
"json_escape_string",
3809+
WOLFSENTRY_LENGTH_NULL_TERMINATED));
3810+
}
3811+
#endif /* WOLFSENTRY_HAVE_JSON_DOM */
3812+
37063813
WOLFSENTRY_EXIT_UNLESS_EXPECTED_FAILURE(
37073814
BAD_VALUE,
37083815
wolfsentry_user_value_store_string(
@@ -4086,6 +4193,25 @@ static int test_user_addr_families(void) {
40864193
family_number,
40874194
&bits));
40884195
WOLFSENTRY_EXIT_ON_FALSE(bits == 48);
4196+
4197+
/* LINK64 must roundtrip through pton → ntop → verify label. */
4198+
{
4199+
struct wolfsentry_addr_family_bynumber *addr_family = NULL;
4200+
const char *family_name = NULL;
4201+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_addr_family_pton(
4202+
WOLFSENTRY_CONTEXT_ARGS_OUT,
4203+
"LINK64",
4204+
WOLFSENTRY_LENGTH_NULL_TERMINATED,
4205+
&family_number));
4206+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_addr_family_ntop(
4207+
WOLFSENTRY_CONTEXT_ARGS_OUT,
4208+
family_number,
4209+
&addr_family,
4210+
&family_name));
4211+
WOLFSENTRY_EXIT_ON_FALSE((family_name != NULL) && (! strcmp(family_name, "LINK64")));
4212+
if (addr_family)
4213+
WOLFSENTRY_EXIT_ON_FAILURE(wolfsentry_addr_family_drop_reference(WOLFSENTRY_CONTEXT_ARGS_OUT, addr_family, &action_results));
4214+
}
40894215
}
40904216
#endif /* WOLFSENTRY_PROTOCOL_NAMES */
40914217

0 commit comments

Comments
 (0)