1 /* $NetBSD: ntp_restrict.c,v 1.1.1.1 2015/10/23 17:47:45 christos Exp $ */ 2 3 #include "config.h" 4 5 #include "ntpd.h" 6 #include "ntp_lists.h" 7 8 #include "unity.h" 9 10 /* Helper functions */ 11 12 sockaddr_u 13 create_sockaddr_u(short sin_family, unsigned short sin_port, char* ip_addr) { 14 sockaddr_u sockaddr; 15 16 sockaddr.sa4.sin_family = AF_INET; 17 sockaddr.sa4.sin_port = htons(sin_port); 18 memset(sockaddr.sa4.sin_zero, 0, 8); 19 sockaddr.sa4.sin_addr.s_addr = inet_addr(ip_addr); 20 21 return sockaddr; 22 } 23 24 25 void 26 setUp(void) { 27 init_restrict(); 28 } 29 30 31 tearDown(void) { 32 restrict_u *empty_restrict = malloc(sizeof(restrict_u)); 33 memset(empty_restrict, 0, sizeof(restrict_u)); 34 35 restrict_u *current; 36 37 do { 38 UNLINK_HEAD_SLIST(current, restrictlist4, link); 39 if (current != NULL) 40 { 41 *current = *empty_restrict; 42 } 43 } while (current != NULL); 44 45 do { 46 UNLINK_HEAD_SLIST(current, restrictlist6, link); 47 if (current != NULL) 48 { 49 *current = *empty_restrict; 50 } 51 } while (current != NULL); 52 53 free(empty_restrict); 54 } 55 56 57 /* Tests */ 58 59 60 void 61 test_RestrictionsAreEmptyAfterInit(void) { 62 63 restrict_u *rl4 = malloc(sizeof(restrict_u)); 64 restrict_u *rl6 = malloc(sizeof(restrict_u)); 65 66 memset(rl4, 0, sizeof(restrict_u)); 67 memset(rl6, 0, sizeof(restrict_u)); 68 69 TEST_ASSERT_EQUAL(rl4->count, restrictlist4->count); 70 TEST_ASSERT_EQUAL(rl4->flags, restrictlist4->flags); 71 TEST_ASSERT_EQUAL(rl4->mflags, restrictlist4->mflags); 72 TEST_ASSERT_EQUAL(rl4->expire, restrictlist4->expire); 73 TEST_ASSERT_EQUAL(rl4->u.v4.addr, restrictlist4->u.v4.addr); 74 TEST_ASSERT_EQUAL(rl4->u.v4.mask, restrictlist4->u.v4.mask); 75 76 TEST_ASSERT_EQUAL(rl6->count, restrictlist6->count); 77 TEST_ASSERT_EQUAL(rl6->flags, restrictlist6->flags); 78 TEST_ASSERT_EQUAL(rl6->mflags, restrictlist6->mflags); 79 TEST_ASSERT_EQUAL(rl6->expire, restrictlist6->expire); 80 81 free(rl4); 82 free(rl6); 83 } 84 85 86 void 87 test_ReturnsCorrectDefaultRestrictions(void) { 88 sockaddr_u sockaddr = create_sockaddr_u(AF_INET, 89 54321, "63.161.169.137"); 90 91 u_short retval = restrictions(&sockaddr); 92 93 TEST_ASSERT_EQUAL(0, retval); 94 } 95 96 97 void 98 test_HackingDefaultRestriction(void) { 99 /* 100 * We change the flag of the default restriction, 101 * and check if restriction() returns that flag 102 */ 103 104 const u_short flags = 42; 105 106 sockaddr_u resaddr = create_sockaddr_u(AF_INET, 107 54321, "0.0.0.0"); 108 sockaddr_u resmask = create_sockaddr_u(AF_INET, 109 54321, "0.0.0.0"); 110 111 hack_restrict(RESTRICT_FLAGS, &resaddr, &resmask, 0, flags, 0); 112 113 sockaddr_u sockaddr = create_sockaddr_u(AF_INET, 114 54321, "111.123.251.124"); 115 116 TEST_ASSERT_EQUAL(flags, restrictions(&sockaddr)); 117 } 118 119 120 void 121 test_CantRemoveDefaultEntry(void) { 122 sockaddr_u resaddr = create_sockaddr_u(AF_INET, 54321, "0.0.0.0"); 123 sockaddr_u resmask = create_sockaddr_u(AF_INET, 54321, "0.0.0.0"); 124 125 hack_restrict(RESTRICT_REMOVE, &resaddr, &resmask, 0, 0, 0); 126 127 TEST_ASSERT_EQUAL(0, restrictions(&resaddr)); 128 } 129 130 131 void 132 test_AddingNewRestriction(void) { 133 sockaddr_u resaddr = create_sockaddr_u(AF_INET, 54321, "11.22.33.44"); 134 sockaddr_u resmask = create_sockaddr_u(AF_INET, 54321, "128.0.0.0"); 135 136 const u_short flags = 42; 137 138 hack_restrict(RESTRICT_FLAGS, &resaddr, &resmask, 0, flags, 0); 139 140 TEST_ASSERT_EQUAL(flags, restrictions(&resaddr)); 141 } 142 143 144 void 145 test_TheMostFittingRestrictionIsMatched(void) { 146 sockaddr_u resaddr_target = create_sockaddr_u(AF_INET, 54321, "11.22.33.44"); 147 148 sockaddr_u resaddr_not_matching = create_sockaddr_u(AF_INET, 54321, "11.99.33.44"); 149 sockaddr_u resmask_not_matching = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 150 151 sockaddr_u resaddr_best_match = create_sockaddr_u(AF_INET, 54321, "11.22.30.20"); 152 sockaddr_u resmask_best_match = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 153 154 /* it also matches, but we prefer the one above, as it's more specific */ 155 sockaddr_u resaddr_second_match = create_sockaddr_u(AF_INET, 54321, "11.99.33.44"); 156 sockaddr_u resmask_second_match = create_sockaddr_u(AF_INET, 54321, "255.0.0.0"); 157 158 hack_restrict(RESTRICT_FLAGS, &resaddr_not_matching, &resmask_not_matching, 0, 11, 0); 159 hack_restrict(RESTRICT_FLAGS, &resaddr_best_match, &resmask_best_match, 0, 22, 0); 160 hack_restrict(RESTRICT_FLAGS, &resaddr_second_match, &resmask_second_match, 0, 128, 0); 161 162 TEST_ASSERT_EQUAL(22, restrictions(&resaddr_target)); 163 } 164 165 166 void 167 test_DeletedRestrictionIsNotMatched(void) { 168 sockaddr_u resaddr_target = create_sockaddr_u(AF_INET, 54321, "11.22.33.44"); 169 170 sockaddr_u resaddr_not_matching = create_sockaddr_u(AF_INET, 54321, "11.99.33.44"); 171 sockaddr_u resmask_not_matching = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 172 173 sockaddr_u resaddr_best_match = create_sockaddr_u(AF_INET, 54321, "11.22.30.20"); 174 sockaddr_u resmask_best_match = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 175 176 sockaddr_u resaddr_second_match = create_sockaddr_u(AF_INET, 54321, "11.99.33.44"); 177 sockaddr_u resmask_second_match = create_sockaddr_u(AF_INET, 54321, "255.0.0.0"); 178 179 hack_restrict(RESTRICT_FLAGS, &resaddr_not_matching, &resmask_not_matching, 0, 11, 0); 180 hack_restrict(RESTRICT_FLAGS, &resaddr_best_match, &resmask_best_match, 0, 22, 0); 181 hack_restrict(RESTRICT_FLAGS, &resaddr_second_match, &resmask_second_match, 0, 128, 0); 182 183 /* deleting the best match*/ 184 hack_restrict(RESTRICT_REMOVE, &resaddr_best_match, &resmask_best_match, 0, 22, 0); 185 186 TEST_ASSERT_EQUAL(128, restrictions(&resaddr_target)); 187 } 188 189 190 void 191 test_RestrictUnflagWorks(void) { 192 sockaddr_u resaddr = create_sockaddr_u(AF_INET, 54321, "11.22.30.20"); 193 sockaddr_u resmask = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 194 195 hack_restrict(RESTRICT_FLAGS, &resaddr, &resmask, 0, 11, 0); 196 197 hack_restrict(RESTRICT_UNFLAG, &resaddr, &resmask, 0, 10, 0); 198 199 TEST_ASSERT_EQUAL(1, restrictions(&resaddr)); 200 } 201