subject:"\[Openvpn\-devel\] \[PATCH v6 7\/7\] Implement unit tests for auth\-gen\-token"

Re: [Openvpn-devel] [PATCH v6 7/7] Implement unit tests for auth-gen-token

2019-09-13 Thread David Sommerseth

On 08/08/2019 16:54, Arne Schwabe wrote:
> From: Arne Schwabe 
> 
> Patch V2: adapt unit tests to other V2 patches
> Patch V4: Resolve rebase conflicts
> Patch V5: Add \ lost in rebase that broke compilation
> ---
>  tests/unit_tests/openvpn/Makefile.am   |  18 +-
>  tests/unit_tests/openvpn/test_auth_token.c | 375 +
>  2 files changed, 392 insertions(+), 1 deletion(-)
>  create mode 100644 tests/unit_tests/openvpn/test_auth_token.c

Code generally looks good.  But I do have some nitpicks here though.

* Many of the lines break our 80 chars per line rule
* The "dummy" functions added at the end of the test_auth_token.c file should
  be declared higher up and not after the main() function.

And finally ... the unit test doesn't pass for me :/

--
[==] Running 8 test(s).
[ RUN  ] auth_token_basic_test
[   OK ] auth_token_basic_test
[ RUN  ] auth_token_fail_invalid_key
--auth-token-gen: HMAC on token from client failed (test user name)
[   OK ] auth_token_fail_invalid_key
[ RUN  ] auth_token_test_known_keys
[   OK ] auth_token_test_known_keys
[ RUN  ] auth_token_test_empty_user
[  ERROR   ] --- 0x3 != 0x7
[   LINE   ] --- test_auth_token.c:265: error: Failure!
[  FAILED  ] auth_token_test_empty_user
[ RUN  ] auth_token_test_env
[   OK ] auth_token_test_env
[ RUN  ] auth_token_test_random_keys
[   OK ] auth_token_test_random_keys
[ RUN  ] auth_token_test_key_load
--auth-token-gen: HMAC on token from client failed (test user name)
[   OK ] auth_token_test_key_load
[ RUN  ] auth_token_test_timeout
[   OK ] auth_token_test_timeout
[==] 8 test(s) run.
[  PASSED  ] 7 test(s).
[  FAILED  ] 1 test(s), listed below:
[  FAILED  ] auth_token_test_empty_user

 1 FAILED TEST(S)
--

Seems like the verify_auth_token() call doesn't add
AUTH_TOKEN_VALID_EMPTYUSER flag.  I didn't dive deep enough to try to
understand why.


-- 
kind regards,

David Sommerseth
OpenVPN Inc



___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH v6 7/7] Implement unit tests for auth-gen-token

2019-08-08 Thread Arne Schwabe

From: Arne Schwabe 

Patch V2: adapt unit tests to other V2 patches
Patch V4: Resolve rebase conflicts
Patch V5: Add \ lost in rebase that broke compilation
---
 tests/unit_tests/openvpn/Makefile.am   |  18 +-
 tests/unit_tests/openvpn/test_auth_token.c | 375 +
 2 files changed, 392 insertions(+), 1 deletion(-)
 create mode 100644 tests/unit_tests/openvpn/test_auth_token.c

diff --git a/tests/unit_tests/openvpn/Makefile.am 
b/tests/unit_tests/openvpn/Makefile.am
index d015b293..60e84639 100644
--- a/tests/unit_tests/openvpn/Makefile.am
+++ b/tests/unit_tests/openvpn/Makefile.am
@@ -6,7 +6,7 @@ if HAVE_LD_WRAP_SUPPORT
 test_binaries += argv_testdriver buffer_testdriver
 endif
 
-test_binaries += crypto_testdriver packet_id_testdriver
+test_binaries += crypto_testdriver packet_id_testdriver auth_token_testdriver
 if HAVE_LD_WRAP_SUPPORT
 test_binaries += tls_crypt_testdriver
 endif
@@ -94,3 +94,19 @@ networking_testdriver_SOURCES = test_networking.c mock_msg.c 
\
$(openvpn_srcdir)/packet_id.c \
$(openvpn_srcdir)/platform.c
 endif
+
+auth_token_testdriver_CFLAGS  = @TEST_CFLAGS@ \
+   -I$(openvpn_includedir) -I$(compat_srcdir) -I$(openvpn_srcdir) \
+   $(OPTIONAL_CRYPTO_CFLAGS)
+auth_token_testdriver_LDFLAGS = @TEST_LDFLAGS@ \
+   $(OPTIONAL_CRYPTO_LIBS)
+
+auth_token_testdriver_SOURCES = test_auth_token.c mock_msg.c \
+   $(openvpn_srcdir)/buffer.c \
+   $(openvpn_srcdir)/crypto.c \
+   $(openvpn_srcdir)/crypto_mbedtls.c \
+   $(openvpn_srcdir)/crypto_openssl.c \
+   $(openvpn_srcdir)/otime.c \
+   $(openvpn_srcdir)/packet_id.c \
+   $(openvpn_srcdir)/platform.c \
+   $(openvpn_srcdir)/base64.c
diff --git a/tests/unit_tests/openvpn/test_auth_token.c 
b/tests/unit_tests/openvpn/test_auth_token.c
new file mode 100644
index ..a3591b4a
--- /dev/null
+++ b/tests/unit_tests/openvpn/test_auth_token.c
@@ -0,0 +1,375 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ *  Copyright (C) 2016-2018 Fox Crypto B.V. 
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License along
+ *  with this program; if not, write to the Free Software Foundation, Inc.,
+ *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#elif defined(_MSC_VER)
+#include "config-msvc.h"
+#endif
+
+#include "syshead.h"
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "auth_token.c"
+
+#include "mock_msg.h"
+
+struct test_context {
+struct tls_multi multi;
+struct key_type kt;
+struct user_pass up;
+struct tls_session session;
+};
+
+static const char *now0key0 = 
"SESS_ID_AT_0123456789abcdefAE5JsQJOVfo8jnI3RL3tBaR5NkE4yPfcylFUHmHSc5Bu";
+
+static const char *zeroinline = "-BEGIN OpenVPN auth-token server 
key-\n"
+
"\n"
+
"\n"
+
"AAA=\n"
+"-END OpenVPN auth-token server key-";
+
+static const char *allx01inline = "-BEGIN OpenVPN auth-token server 
key-\n"
+  
"AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB\n"
+  
"AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB\n"
+  
"AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQE=\n"
+  "-END OpenVPN auth-token server 
key-";
+
+static const char *random_key = "-BEGIN OpenVPN auth-token server 
key-\n"
+
"+mmmf7IQ5cymtMVjKYTWk8IOcYanRlpQmV9Tb3EjkHYxueBVDg3yqRgzeBlVGzNLD//rAPiOVhau\n"
+
"3NDBjNOQB8951bfs7Cc2mYfay92Bh2gRJ5XEM/DMfzCWN+7uU6NWoTTHr4FuojnIQtjtqVAj/JS9\n"
+
"w+dTSp/vYHl+c7uHd19uVRu/qLqV85+rm4tUGIjO7FfYuwyPqwmhuIsi3hs9QkSimh888FmBpoKY\n"
+
"/tbKVTJZmSERKti9KEwtV2eVAR0znN5KW7lCB3mHVAhN7bUpcoDjfCzYIFARxwswTFu9gFkwqUMY\n"
+"I1KUOgIsVN

Re: [Openvpn-devel] [PATCH v6 7/7] Implement unit tests for auth-gen-token

[Openvpn-devel] [PATCH v6 7/7] Implement unit tests for auth-gen-token

2 matches

Site Navigation

Mail list logo

Footer information