Added a test for SPA over TCP

mrash · Oct 5, 2012 · 66741b3 · 66741b3
1 parent ecce80b
commit 66741b3
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 0 deletions.
diff --git a/test/conf/tcp_server_fwknopd.conf b/test/conf/tcp_server_fwknopd.conf
@@ -0,0 +1,7 @@
+#
+# The default fwknopd.conf contains only comments since defaults are defined in
+# code and modified via the config file
+#
+PCAP_FILTER                 tcp port 62201;
+ENABLE_TCP_SERVER           Y;
+TCPSERV_PORT                62201;
diff --git a/test/test-fwknop.pl b/test/test-fwknop.pl
@@ -35,6 +35,7 @@
     'dual_key_access'         => "$conf_dir/dual_key_usage_access.conf",
     'gpg_access'              => "$conf_dir/gpg_access.conf",
     'gpg_no_pw_access'        => "$conf_dir/gpg_no_pw_access.conf",
+    'tcp_server'              => "$conf_dir/tcp_server_fwknopd.conf",
     'tcp_pcap_filter'         => "$conf_dir/tcp_pcap_filter_fwknopd.conf",
     'icmp_pcap_filter'        => "$conf_dir/icmp_pcap_filter_fwknopd.conf",
     'open_ports_access'       => "$conf_dir/open_ports_access.conf",
@@ -863,6 +864,23 @@
         'fatal'    => $NO
     },
 
+    ### SPA over TCP (not really "single" packet auth since a TCP connection
+    ### is established)
+    {
+        'category' => 'Rijndael SPA',
+        'subcategory' => 'client+server',
+        'detail'   => "SPA over TCP connection",
+        'err_msg'  => "could not send/process SPA packet over TCP connection",
+        'function' => \&spa_cycle,
+        'cmdline'  => "$default_client_args -P tcp",
+        'fwknopd_cmdline'  => "LD_LIBRARY_PATH=$lib_dir $valgrind_str " .
+            "$fwknopdCmd -c $cf{'tcp_server'} -a $cf{'def_access'} " .
+            "-d $default_digest_file -p $default_pid_file $intf_str",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'fatal'    => $NO
+    },
+
     {
         'category' => 'Rijndael SPA',
         'subcategory' => 'client+server',