diff --git a/libknet/tests/api-check.mk b/libknet/tests/api-check.mk index 247ed582..427c3880 100644 --- a/libknet/tests/api-check.mk +++ b/libknet/tests/api-check.mk @@ -1,258 +1,274 @@ # # Copyright (C) 2016-2019 Red Hat, Inc. All rights reserved. # # Authors: Fabio M. Di Nitto # # This software licensed under GPL-2.0+, LGPL-2.0+ # api_checks = \ api_knet_handle_new_test \ api_knet_handle_free_test \ api_knet_handle_compress_test \ api_knet_handle_crypto_test \ api_knet_handle_setfwd_test \ api_knet_handle_enable_access_lists_test \ api_knet_handle_enable_filter_test \ api_knet_handle_enable_sock_notify_test \ api_knet_handle_add_datafd_test \ api_knet_handle_remove_datafd_test \ api_knet_handle_get_channel_test \ api_knet_handle_get_datafd_test \ api_knet_handle_get_stats_test \ api_knet_get_crypto_list_test \ api_knet_get_compress_list_test \ api_knet_handle_clear_stats_test \ api_knet_get_transport_list_test \ api_knet_get_transport_name_by_id_test \ api_knet_get_transport_id_by_name_test \ api_knet_handle_set_transport_reconnect_interval_test \ api_knet_handle_get_transport_reconnect_interval_test \ api_knet_recv_test \ api_knet_send_test \ api_knet_send_crypto_test \ api_knet_send_compress_test \ api_knet_send_sync_test \ api_knet_send_loopback_test \ api_knet_handle_pmtud_setfreq_test \ api_knet_handle_pmtud_getfreq_test \ api_knet_handle_enable_pmtud_notify_test \ api_knet_handle_pmtud_get_test \ api_knet_host_add_test \ api_knet_host_remove_test \ api_knet_host_set_name_test \ api_knet_host_get_name_by_host_id_test \ api_knet_host_get_id_by_host_name_test \ api_knet_host_get_host_list_test \ api_knet_host_set_policy_test \ api_knet_host_get_policy_test \ api_knet_host_get_status_test \ api_knet_host_enable_status_change_notify_test \ api_knet_log_get_subsystem_name_test \ api_knet_log_get_subsystem_id_test \ api_knet_log_get_loglevel_name_test \ api_knet_log_get_loglevel_id_test \ api_knet_log_set_loglevel_test \ api_knet_log_get_loglevel_test \ api_knet_strtoaddr_test \ api_knet_addrtostr_test \ api_knet_link_set_config_test \ api_knet_link_clear_config_test \ api_knet_link_get_config_test \ api_knet_link_set_ping_timers_test \ api_knet_link_get_ping_timers_test \ api_knet_link_set_pong_count_test \ api_knet_link_get_pong_count_test \ api_knet_link_set_priority_test \ api_knet_link_get_priority_test \ api_knet_link_set_enable_test \ api_knet_link_get_enable_test \ api_knet_link_get_link_list_test \ - api_knet_link_get_status_test + api_knet_link_get_status_test \ + api_knet_link_add_acl_test \ + api_knet_link_insert_acl_test \ + api_knet_link_rm_acl_test \ + api_knet_link_clear_acl_test api_knet_handle_new_test_SOURCES = api_knet_handle_new.c \ test-common.c api_knet_handle_free_test_SOURCES = api_knet_handle_free.c \ test-common.c api_knet_handle_new_limit_test_SOURCES = api_knet_handle_new_limit.c \ test-common.c api_knet_handle_compress_test_SOURCES = api_knet_handle_compress.c \ test-common.c api_knet_handle_crypto_test_SOURCES = api_knet_handle_crypto.c \ test-common.c api_knet_handle_setfwd_test_SOURCES = api_knet_handle_setfwd.c \ test-common.c api_knet_handle_enable_access_lists_test_SOURCES = api_knet_handle_enable_access_lists.c \ test-common.c api_knet_handle_enable_filter_test_SOURCES = api_knet_handle_enable_filter.c \ test-common.c api_knet_handle_enable_sock_notify_test_SOURCES = api_knet_handle_enable_sock_notify.c \ test-common.c api_knet_handle_add_datafd_test_SOURCES = api_knet_handle_add_datafd.c \ test-common.c api_knet_handle_remove_datafd_test_SOURCES = api_knet_handle_remove_datafd.c \ test-common.c api_knet_handle_get_channel_test_SOURCES = api_knet_handle_get_channel.c \ test-common.c api_knet_handle_get_datafd_test_SOURCES = api_knet_handle_get_datafd.c \ test-common.c api_knet_handle_get_stats_test_SOURCES = api_knet_handle_get_stats.c \ test-common.c api_knet_get_crypto_list_test_SOURCES = api_knet_get_crypto_list.c \ test-common.c api_knet_get_compress_list_test_SOURCES = api_knet_get_compress_list.c \ test-common.c api_knet_handle_clear_stats_test_SOURCES = api_knet_handle_clear_stats.c \ test-common.c api_knet_get_transport_list_test_SOURCES = api_knet_get_transport_list.c \ test-common.c api_knet_get_transport_name_by_id_test_SOURCES = api_knet_get_transport_name_by_id.c \ test-common.c api_knet_get_transport_id_by_name_test_SOURCES = api_knet_get_transport_id_by_name.c \ test-common.c api_knet_handle_set_transport_reconnect_interval_test_SOURCES = api_knet_handle_set_transport_reconnect_interval.c \ test-common.c api_knet_handle_get_transport_reconnect_interval_test_SOURCES = api_knet_handle_get_transport_reconnect_interval.c \ test-common.c api_knet_recv_test_SOURCES = api_knet_recv.c \ test-common.c api_knet_send_test_SOURCES = api_knet_send.c \ test-common.c api_knet_send_compress_test_SOURCES = api_knet_send_compress.c \ test-common.c api_knet_send_crypto_test_SOURCES = api_knet_send_crypto.c \ test-common.c api_knet_send_loopback_test_SOURCES = api_knet_send_loopback.c \ test-common.c api_knet_send_sync_test_SOURCES = api_knet_send_sync.c \ test-common.c api_knet_handle_pmtud_setfreq_test_SOURCES = api_knet_handle_pmtud_setfreq.c \ test-common.c api_knet_handle_pmtud_getfreq_test_SOURCES = api_knet_handle_pmtud_getfreq.c \ test-common.c api_knet_handle_enable_pmtud_notify_test_SOURCES = api_knet_handle_enable_pmtud_notify.c \ test-common.c api_knet_handle_pmtud_get_test_SOURCES = api_knet_handle_pmtud_get.c \ test-common.c api_knet_host_add_test_SOURCES = api_knet_host_add.c \ test-common.c api_knet_host_remove_test_SOURCES = api_knet_host_remove.c \ test-common.c api_knet_host_set_name_test_SOURCES = api_knet_host_set_name.c \ test-common.c api_knet_host_get_name_by_host_id_test_SOURCES = api_knet_host_get_name_by_host_id.c \ test-common.c api_knet_host_get_id_by_host_name_test_SOURCES = api_knet_host_get_id_by_host_name.c \ test-common.c api_knet_host_get_host_list_test_SOURCES = api_knet_host_get_host_list.c \ test-common.c api_knet_host_set_policy_test_SOURCES = api_knet_host_set_policy.c \ test-common.c api_knet_host_get_policy_test_SOURCES = api_knet_host_get_policy.c \ test-common.c api_knet_host_get_status_test_SOURCES = api_knet_host_get_status.c \ test-common.c api_knet_host_enable_status_change_notify_test_SOURCES = api_knet_host_enable_status_change_notify.c \ test-common.c api_knet_log_get_subsystem_name_test_SOURCES = api_knet_log_get_subsystem_name.c \ test-common.c api_knet_log_get_subsystem_id_test_SOURCES = api_knet_log_get_subsystem_id.c \ test-common.c api_knet_log_get_loglevel_name_test_SOURCES = api_knet_log_get_loglevel_name.c \ test-common.c api_knet_log_get_loglevel_id_test_SOURCES = api_knet_log_get_loglevel_id.c \ test-common.c api_knet_log_set_loglevel_test_SOURCES = api_knet_log_set_loglevel.c \ test-common.c api_knet_log_get_loglevel_test_SOURCES = api_knet_log_get_loglevel.c \ test-common.c api_knet_strtoaddr_test_SOURCES = api_knet_strtoaddr.c api_knet_addrtostr_test_SOURCES = api_knet_addrtostr.c api_knet_link_set_config_test_SOURCES = api_knet_link_set_config.c \ test-common.c api_knet_link_clear_config_test_SOURCES = api_knet_link_clear_config.c \ test-common.c api_knet_link_get_config_test_SOURCES = api_knet_link_get_config.c \ test-common.c api_knet_link_set_ping_timers_test_SOURCES = api_knet_link_set_ping_timers.c \ test-common.c api_knet_link_get_ping_timers_test_SOURCES = api_knet_link_get_ping_timers.c \ test-common.c api_knet_link_set_pong_count_test_SOURCES = api_knet_link_set_pong_count.c \ test-common.c api_knet_link_get_pong_count_test_SOURCES = api_knet_link_get_pong_count.c \ test-common.c api_knet_link_set_priority_test_SOURCES = api_knet_link_set_priority.c \ test-common.c api_knet_link_get_priority_test_SOURCES = api_knet_link_get_priority.c \ test-common.c api_knet_link_set_enable_test_SOURCES = api_knet_link_set_enable.c \ test-common.c api_knet_link_get_enable_test_SOURCES = api_knet_link_get_enable.c \ test-common.c api_knet_link_get_link_list_test_SOURCES = api_knet_link_get_link_list.c \ test-common.c api_knet_link_get_status_test_SOURCES = api_knet_link_get_status.c \ test-common.c + +api_knet_link_add_acl_test_SOURCES = api_knet_link_add_acl.c \ + test-common.c + +api_knet_link_insert_acl_test_SOURCES = api_knet_link_insert_acl.c \ + test-common.c + +api_knet_link_rm_acl_test_SOURCES = api_knet_link_rm_acl.c \ + test-common.c + +api_knet_link_clear_acl_test_SOURCES = api_knet_link_clear_acl.c \ + test-common.c diff --git a/libknet/tests/api_knet_link_add_acl.c b/libknet/tests/api_knet_link_add_acl.c new file mode 100644 index 00000000..b0181652 --- /dev/null +++ b/libknet/tests/api_knet_link_add_acl.c @@ -0,0 +1,246 @@ +/* + * Copyright (C) 2016-2018 Red Hat, Inc. All rights reserved. + * + * Authors: Fabio M. Di Nitto + * + * This software licensed under GPL-2.0+, LGPL-2.0+ + */ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "libknet.h" + +#include "internals.h" +#include "netutils.h" +#include "test-common.h" + +static void test(void) +{ + knet_handle_t knet_h; + int logfds[2]; + struct knet_host *host; + struct knet_link *link; + struct sockaddr_storage lo, lo6; + + if (make_local_sockaddr(&lo, 0) < 0) { + printf("Unable to convert loopback to sockaddr: %s\n", strerror(errno)); + exit(FAIL); + } + + if (make_local_sockaddr6(&lo6, 0) < 0) { + printf("Unable to convert loopback to sockaddr: %s\n", strerror(errno)); + exit(FAIL); + } + + printf("Test knet_link_add_acl incorrect knet_h\n"); + + if ((!knet_link_add_acl(NULL, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted invalid knet_h or returned incorrect error: %s\n", strerror(errno)); + exit(FAIL); + } + + setup_logpipes(logfds); + + knet_h = knet_handle_start(logfds, KNET_LOG_DEBUG); + + printf("Test knet_link_add_acl with unconfigured host\n"); + + if ((!knet_link_add_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted unconfigured host or returned incorrect error: %s\n", strerror(errno)); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_add_acl with unconfigured link\n"); + + if (knet_host_add(knet_h, 1) < 0) { + printf("knet_host_add failed: %s\n", strerror(errno)); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if ((!knet_link_add_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted unconfigured link or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_add_acl with invalid link\n"); + + if ((!knet_link_add_acl(knet_h, 1, KNET_MAX_LINK, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted invalid link or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_add_acl with invalid ss1\n"); + + if ((!knet_link_add_acl(knet_h, 1, 0, NULL, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted invalid ss1 or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_add_acl with invalid ss2\n"); + + if ((!knet_link_add_acl(knet_h, 1, 0, &lo, NULL, CHECK_TYPE_RANGE, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted invalid ss2 or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_add_acl with non matching families\n"); + + if ((!knet_link_add_acl(knet_h, 1, 0, &lo, &lo6, CHECK_TYPE_RANGE, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted non matching families or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_add_acl with wrong check_type\n"); + + if ((!knet_link_add_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_RANGE + CHECK_TYPE_MASK + CHECK_TYPE_ADDRESS + 1, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted incorrect check_type or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_add_acl with wrong acceptreject\n"); + + if ((!knet_link_add_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT + CHECK_REJECT + 1)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted incorrect check_type or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_add_acl with point to point link\n"); + + if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &lo, &lo, 0) < 0) { + printf("Unable to configure link: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if ((!knet_link_add_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_add_acl accepted point ot point link or returned incorrect error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + knet_link_clear_config(knet_h, 1, 0); + + printf("Test knet_link_add_acl with dynamic link\n"); + + if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &lo, NULL, 0) < 0) { + printf("Unable to configure link: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + host = knet_h->host_index[1]; + link = &host->link[0]; + + if (knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list not empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (knet_link_add_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT) < 0) { + printf("knet_link_add_acl did not accept dynamic link error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (!knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); +} + +int main(int argc, char *argv[]) +{ + test(); + + return PASS; +} diff --git a/libknet/tests/api_knet_link_clear_acl.c b/libknet/tests/api_knet_link_clear_acl.c new file mode 100644 index 00000000..78b7d79e --- /dev/null +++ b/libknet/tests/api_knet_link_clear_acl.c @@ -0,0 +1,196 @@ +/* + * Copyright (C) 2016-2018 Red Hat, Inc. All rights reserved. + * + * Authors: Fabio M. Di Nitto + * + * This software licensed under GPL-2.0+, LGPL-2.0+ + */ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "libknet.h" + +#include "internals.h" +#include "netutils.h" +#include "test-common.h" + +static void test(void) +{ + knet_handle_t knet_h; + int logfds[2]; + struct knet_host *host; + struct knet_link *link; + struct sockaddr_storage lo; + + if (make_local_sockaddr(&lo, 0) < 0) { + printf("Unable to convert loopback to sockaddr: %s\n", strerror(errno)); + exit(FAIL); + } + + printf("Test knet_link_clear_acl incorrect knet_h\n"); + + if ((!knet_link_clear_acl(NULL, 1, 0)) || (errno != EINVAL)) { + printf("knet_link_clear_acl accepted invalid knet_h or returned incorrect error: %s\n", strerror(errno)); + exit(FAIL); + } + + setup_logpipes(logfds); + + knet_h = knet_handle_start(logfds, KNET_LOG_DEBUG); + + printf("Test knet_link_clear_acl with unconfigured host\n"); + + if ((!knet_link_clear_acl(knet_h, 1, 0)) || (errno != EINVAL)) { + printf("knet_link_clear_acl accepted unconfigured host or returned incorrect error: %s\n", strerror(errno)); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_clear_acl with unconfigured link\n"); + + if (knet_host_add(knet_h, 1) < 0) { + printf("knet_host_add failed: %s\n", strerror(errno)); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if ((!knet_link_clear_acl(knet_h, 1, 0)) || (errno != EINVAL)) { + printf("knet_link_clear_acl accepted unconfigured link or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_clear_acl with invalid link\n"); + + if ((!knet_link_clear_acl(knet_h, 1, KNET_MAX_LINK)) || (errno != EINVAL)) { + printf("knet_link_clear_acl accepted invalid link or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_clear_acl with point to point link\n"); + + if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &lo, &lo, 0) < 0) { + printf("Unable to configure link: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if ((!knet_link_clear_acl(knet_h, 1, 0)) || (errno != EINVAL)) { + printf("knet_link_clear_acl accepted point ot point link or returned incorrect error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + knet_link_clear_config(knet_h, 1, 0); + + printf("Test knet_link_clear_acl with dynamic link\n"); + + if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &lo, NULL, 0) < 0) { + printf("Unable to configure link: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + host = knet_h->host_index[1]; + link = &host->link[0]; + + if (knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list NOT empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (knet_link_add_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT) < 0) { + printf("knet_link_clear_acl did not accept dynamic link error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (!knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (knet_link_clear_acl(knet_h, 1, 0) < 0) { + printf("knet_link_clear_acl failed to clear. error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list NOT empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); +} + +int main(int argc, char *argv[]) +{ + test(); + + return PASS; +} diff --git a/libknet/tests/api_knet_link_insert_acl.c b/libknet/tests/api_knet_link_insert_acl.c new file mode 100644 index 00000000..547f92bb --- /dev/null +++ b/libknet/tests/api_knet_link_insert_acl.c @@ -0,0 +1,246 @@ +/* + * Copyright (C) 2016-2018 Red Hat, Inc. All rights reserved. + * + * Authors: Fabio M. Di Nitto + * + * This software licensed under GPL-2.0+, LGPL-2.0+ + */ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "libknet.h" + +#include "internals.h" +#include "netutils.h" +#include "test-common.h" + +static void test(void) +{ + knet_handle_t knet_h; + int logfds[2]; + struct knet_host *host; + struct knet_link *link; + struct sockaddr_storage lo, lo6; + + if (make_local_sockaddr(&lo, 0) < 0) { + printf("Unable to convert loopback to sockaddr: %s\n", strerror(errno)); + exit(FAIL); + } + + if (make_local_sockaddr6(&lo6, 0) < 0) { + printf("Unable to convert loopback to sockaddr: %s\n", strerror(errno)); + exit(FAIL); + } + + printf("Test knet_link_insert_acl incorrect knet_h\n"); + + if ((!knet_link_insert_acl(NULL, 1, 0, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted invalid knet_h or returned incorrect error: %s\n", strerror(errno)); + exit(FAIL); + } + + setup_logpipes(logfds); + + knet_h = knet_handle_start(logfds, KNET_LOG_DEBUG); + + printf("Test knet_link_insert_acl with unconfigured host\n"); + + if ((!knet_link_insert_acl(knet_h, 1, 0, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted unconfigured host or returned incorrect error: %s\n", strerror(errno)); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_insert_acl with unconfigured link\n"); + + if (knet_host_add(knet_h, 1) < 0) { + printf("knet_host_add failed: %s\n", strerror(errno)); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if ((!knet_link_insert_acl(knet_h, 1, 0, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted unconfigured link or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_insert_acl with invalid link\n"); + + if ((!knet_link_insert_acl(knet_h, 1, KNET_MAX_LINK, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted invalid link or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_insert_acl with invalid ss1\n"); + + if ((!knet_link_insert_acl(knet_h, 1, 0, 0, NULL, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted invalid ss1 or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_insert_acl with invalid ss2\n"); + + if ((!knet_link_insert_acl(knet_h, 1, 0, 0, &lo, NULL, CHECK_TYPE_RANGE, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted invalid ss2 or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_insert_acl with non matching families\n"); + + if ((!knet_link_insert_acl(knet_h, 1, 0, 0, &lo, &lo6, CHECK_TYPE_RANGE, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted non matching families or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_insert_acl with wrong check_type\n"); + + if ((!knet_link_insert_acl(knet_h, 1, 0, 0, &lo, &lo, CHECK_TYPE_RANGE + CHECK_TYPE_MASK + CHECK_TYPE_ADDRESS + 1, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted incorrect check_type or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_insert_acl with wrong acceptreject\n"); + + if ((!knet_link_insert_acl(knet_h, 1, 0, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT + CHECK_REJECT + 1)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted incorrect check_type or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_insert_acl with point to point link\n"); + + if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &lo, &lo, 0) < 0) { + printf("Unable to configure link: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if ((!knet_link_insert_acl(knet_h, 1, 0, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_insert_acl accepted point ot point link or returned incorrect error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + knet_link_clear_config(knet_h, 1, 0); + + printf("Test knet_link_insert_acl with dynamic link\n"); + + if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &lo, NULL, 0) < 0) { + printf("Unable to configure link: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + host = knet_h->host_index[1]; + link = &host->link[0]; + + if (knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list not empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (knet_link_insert_acl(knet_h, 1, 0, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT) < 0) { + printf("knet_link_insert_acl did not accept dynamic link error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (!knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); +} + +int main(int argc, char *argv[]) +{ + test(); + + return PASS; +} diff --git a/libknet/tests/api_knet_link_rm_acl.c b/libknet/tests/api_knet_link_rm_acl.c new file mode 100644 index 00000000..49a82d97 --- /dev/null +++ b/libknet/tests/api_knet_link_rm_acl.c @@ -0,0 +1,256 @@ +/* + * Copyright (C) 2016-2018 Red Hat, Inc. All rights reserved. + * + * Authors: Fabio M. Di Nitto + * + * This software licensed under GPL-2.0+, LGPL-2.0+ + */ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "libknet.h" + +#include "internals.h" +#include "netutils.h" +#include "test-common.h" + +static void test(void) +{ + knet_handle_t knet_h; + int logfds[2]; + struct knet_host *host; + struct knet_link *link; + struct sockaddr_storage lo, lo6; + + if (make_local_sockaddr(&lo, 0) < 0) { + printf("Unable to convert loopback to sockaddr: %s\n", strerror(errno)); + exit(FAIL); + } + + if (make_local_sockaddr6(&lo6, 0) < 0) { + printf("Unable to convert loopback to sockaddr: %s\n", strerror(errno)); + exit(FAIL); + } + + printf("Test knet_link_rm_acl incorrect knet_h\n"); + + if ((!knet_link_rm_acl(NULL, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted invalid knet_h or returned incorrect error: %s\n", strerror(errno)); + exit(FAIL); + } + + setup_logpipes(logfds); + + knet_h = knet_handle_start(logfds, KNET_LOG_DEBUG); + + printf("Test knet_link_rm_acl with unconfigured host\n"); + + if ((!knet_link_rm_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted unconfigured host or returned incorrect error: %s\n", strerror(errno)); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_rm_acl with unconfigured link\n"); + + if (knet_host_add(knet_h, 1) < 0) { + printf("knet_host_add failed: %s\n", strerror(errno)); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if ((!knet_link_rm_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted unconfigured link or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_rm_acl with invalid link\n"); + + if ((!knet_link_rm_acl(knet_h, 1, KNET_MAX_LINK, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted invalid link or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_rm_acl with invalid ss1\n"); + + if ((!knet_link_rm_acl(knet_h, 1, 0, NULL, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted invalid ss1 or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_rm_acl with invalid ss2\n"); + + if ((!knet_link_rm_acl(knet_h, 1, 0, &lo, NULL, CHECK_TYPE_RANGE, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted invalid ss2 or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_rm_acl with non matching families\n"); + + if ((!knet_link_rm_acl(knet_h, 1, 0, &lo, &lo6, CHECK_TYPE_RANGE, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted non matching families or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_rm_acl with wrong check_type\n"); + + if ((!knet_link_rm_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_RANGE + CHECK_TYPE_MASK + CHECK_TYPE_ADDRESS + 1, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted incorrect check_type or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_rm_acl with wrong acceptreject\n"); + + if ((!knet_link_rm_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT + CHECK_REJECT + 1)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted incorrect check_type or returned incorrect error: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + printf("Test knet_link_rm_acl with point to point link\n"); + + if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &lo, &lo, 0) < 0) { + printf("Unable to configure link: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if ((!knet_link_rm_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT)) || (errno != EINVAL)) { + printf("knet_link_rm_acl accepted point ot point link or returned incorrect error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + + knet_link_clear_config(knet_h, 1, 0); + + printf("Test knet_link_rm_acl with dynamic link\n"); + + if (knet_link_set_config(knet_h, 1, 0, KNET_TRANSPORT_UDP, &lo, NULL, 0) < 0) { + printf("Unable to configure link: %s\n", strerror(errno)); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + host = knet_h->host_index[1]; + link = &host->link[0]; + + if (knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list not empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (knet_link_add_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT) < 0) { + printf("Failed to add an access list: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (knet_link_rm_acl(knet_h, 1, 0, &lo, &lo, CHECK_TYPE_ADDRESS, CHECK_ACCEPT) < 0) { + printf("knet_link_rm_acl did not accept dynamic link error: %s\n", strerror(errno)); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + if (knet_h->knet_transport_fd_tracker[link->outsock].access_list_match_entry_head) { + printf("match list NOT empty!"); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); + exit(FAIL); + } + + flush_logs(logfds[0], stdout); + knet_link_clear_config(knet_h, 1, 0); + knet_host_remove(knet_h, 1); + knet_handle_free(knet_h); + flush_logs(logfds[0], stdout); + close_logpipes(logfds); +} + +int main(int argc, char *argv[]) +{ + test(); + + return PASS; +}