1 /* $NetBSD: ntp_restrict.c,v 1.1.1.3 2016/01/08 21:21:33 christos Exp $ */ 2 3 #include "config.h" 4 5 #include "ntpd.h" 6 #include "ntp_lists.h" 7 8 #include "unity.h" 9 10 /* Helper functions */ 11 12 sockaddr_u 13 create_sockaddr_u(short sin_family, unsigned short sin_port, char* ip_addr) { 14 sockaddr_u sockaddr; 15 16 sockaddr.sa4.sin_family = AF_INET; 17 sockaddr.sa4.sin_port = htons(sin_port); 18 memset(sockaddr.sa4.sin_zero, 0, 8); 19 sockaddr.sa4.sin_addr.s_addr = inet_addr(ip_addr); 20 21 return sockaddr; 22 } 23 24 25 void 26 setUp(void) { 27 init_restrict(); 28 } 29 30 31 void 32 tearDown(void) { 33 restrict_u *empty_restrict = malloc(sizeof(restrict_u)); 34 memset(empty_restrict, 0, sizeof(restrict_u)); 35 36 restrict_u *current; 37 38 do { 39 UNLINK_HEAD_SLIST(current, restrictlist4, link); 40 if (current != NULL) 41 { 42 *current = *empty_restrict; 43 } 44 } while (current != NULL); 45 46 do { 47 UNLINK_HEAD_SLIST(current, restrictlist6, link); 48 if (current != NULL) 49 { 50 *current = *empty_restrict; 51 } 52 } while (current != NULL); 53 54 free(empty_restrict); 55 } 56 57 58 /* Tests */ 59 60 61 void 62 test_RestrictionsAreEmptyAfterInit(void) { 63 64 restrict_u *rl4 = malloc(sizeof(restrict_u)); 65 restrict_u *rl6 = malloc(sizeof(restrict_u)); 66 67 memset(rl4, 0, sizeof(restrict_u)); 68 memset(rl6, 0, sizeof(restrict_u)); 69 70 TEST_ASSERT_EQUAL(rl4->count, restrictlist4->count); 71 TEST_ASSERT_EQUAL(rl4->flags, restrictlist4->flags); 72 TEST_ASSERT_EQUAL(rl4->mflags, restrictlist4->mflags); 73 TEST_ASSERT_EQUAL(rl4->expire, restrictlist4->expire); 74 TEST_ASSERT_EQUAL(rl4->u.v4.addr, restrictlist4->u.v4.addr); 75 TEST_ASSERT_EQUAL(rl4->u.v4.mask, restrictlist4->u.v4.mask); 76 77 TEST_ASSERT_EQUAL(rl6->count, restrictlist6->count); 78 TEST_ASSERT_EQUAL(rl6->flags, restrictlist6->flags); 79 TEST_ASSERT_EQUAL(rl6->mflags, restrictlist6->mflags); 80 TEST_ASSERT_EQUAL(rl6->expire, restrictlist6->expire); 81 82 free(rl4); 83 free(rl6); 84 } 85 86 87 void 88 test_ReturnsCorrectDefaultRestrictions(void) { 89 sockaddr_u sockaddr = create_sockaddr_u(AF_INET, 90 54321, "63.161.169.137"); 91 92 u_short retval = restrictions(&sockaddr); 93 94 TEST_ASSERT_EQUAL(0, retval); 95 } 96 97 98 void 99 test_HackingDefaultRestriction(void) { 100 /* 101 * We change the flag of the default restriction, 102 * and check if restriction() returns that flag 103 */ 104 105 const u_short flags = 42; 106 107 sockaddr_u resaddr = create_sockaddr_u(AF_INET, 108 54321, "0.0.0.0"); 109 sockaddr_u resmask = create_sockaddr_u(AF_INET, 110 54321, "0.0.0.0"); 111 112 hack_restrict(RESTRICT_FLAGS, &resaddr, &resmask, 0, flags, 0); 113 114 sockaddr_u sockaddr = create_sockaddr_u(AF_INET, 115 54321, "111.123.251.124"); 116 117 TEST_ASSERT_EQUAL(flags, restrictions(&sockaddr)); 118 } 119 120 121 void 122 test_CantRemoveDefaultEntry(void) { 123 sockaddr_u resaddr = create_sockaddr_u(AF_INET, 54321, "0.0.0.0"); 124 sockaddr_u resmask = create_sockaddr_u(AF_INET, 54321, "0.0.0.0"); 125 126 hack_restrict(RESTRICT_REMOVE, &resaddr, &resmask, 0, 0, 0); 127 128 TEST_ASSERT_EQUAL(0, restrictions(&resaddr)); 129 } 130 131 132 void 133 test_AddingNewRestriction(void) { 134 sockaddr_u resaddr = create_sockaddr_u(AF_INET, 54321, "11.22.33.44"); 135 sockaddr_u resmask = create_sockaddr_u(AF_INET, 54321, "128.0.0.0"); 136 137 const u_short flags = 42; 138 139 hack_restrict(RESTRICT_FLAGS, &resaddr, &resmask, 0, flags, 0); 140 141 TEST_ASSERT_EQUAL(flags, restrictions(&resaddr)); 142 } 143 144 145 void 146 test_TheMostFittingRestrictionIsMatched(void) { 147 sockaddr_u resaddr_target = create_sockaddr_u(AF_INET, 54321, "11.22.33.44"); 148 149 sockaddr_u resaddr_not_matching = create_sockaddr_u(AF_INET, 54321, "11.99.33.44"); 150 sockaddr_u resmask_not_matching = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 151 152 sockaddr_u resaddr_best_match = create_sockaddr_u(AF_INET, 54321, "11.22.30.20"); 153 sockaddr_u resmask_best_match = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 154 155 /* it also matches, but we prefer the one above, as it's more specific */ 156 sockaddr_u resaddr_second_match = create_sockaddr_u(AF_INET, 54321, "11.99.33.44"); 157 sockaddr_u resmask_second_match = create_sockaddr_u(AF_INET, 54321, "255.0.0.0"); 158 159 hack_restrict(RESTRICT_FLAGS, &resaddr_not_matching, &resmask_not_matching, 0, 11, 0); 160 hack_restrict(RESTRICT_FLAGS, &resaddr_best_match, &resmask_best_match, 0, 22, 0); 161 hack_restrict(RESTRICT_FLAGS, &resaddr_second_match, &resmask_second_match, 0, 128, 0); 162 163 TEST_ASSERT_EQUAL(22, restrictions(&resaddr_target)); 164 } 165 166 167 void 168 test_DeletedRestrictionIsNotMatched(void) { 169 sockaddr_u resaddr_target = create_sockaddr_u(AF_INET, 54321, "11.22.33.44"); 170 171 sockaddr_u resaddr_not_matching = create_sockaddr_u(AF_INET, 54321, "11.99.33.44"); 172 sockaddr_u resmask_not_matching = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 173 174 sockaddr_u resaddr_best_match = create_sockaddr_u(AF_INET, 54321, "11.22.30.20"); 175 sockaddr_u resmask_best_match = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 176 177 sockaddr_u resaddr_second_match = create_sockaddr_u(AF_INET, 54321, "11.99.33.44"); 178 sockaddr_u resmask_second_match = create_sockaddr_u(AF_INET, 54321, "255.0.0.0"); 179 180 hack_restrict(RESTRICT_FLAGS, &resaddr_not_matching, &resmask_not_matching, 0, 11, 0); 181 hack_restrict(RESTRICT_FLAGS, &resaddr_best_match, &resmask_best_match, 0, 22, 0); 182 hack_restrict(RESTRICT_FLAGS, &resaddr_second_match, &resmask_second_match, 0, 128, 0); 183 184 /* deleting the best match*/ 185 hack_restrict(RESTRICT_REMOVE, &resaddr_best_match, &resmask_best_match, 0, 22, 0); 186 187 TEST_ASSERT_EQUAL(128, restrictions(&resaddr_target)); 188 } 189 190 191 void 192 test_RestrictUnflagWorks(void) { 193 sockaddr_u resaddr = create_sockaddr_u(AF_INET, 54321, "11.22.30.20"); 194 sockaddr_u resmask = create_sockaddr_u(AF_INET, 54321, "255.255.0.0"); 195 196 hack_restrict(RESTRICT_FLAGS, &resaddr, &resmask, 0, 11, 0); 197 198 hack_restrict(RESTRICT_UNFLAG, &resaddr, &resmask, 0, 10, 0); 199 200 TEST_ASSERT_EQUAL(1, restrictions(&resaddr)); 201 } 202