From 864d8948a0453148bca1acbb1f91bf9fa22ad725 Mon Sep 17 00:00:00 2001 From: Piotr Sawicki Date: Tue, 25 Apr 2017 14:48:48 +0200 Subject: [PATCH] Add tests for multicast connections Change-Id: I73dadf9827ce77956c24730bf49085835997feb3 --- src/nether-tests/nether_tests.cpp | 377 ++++++++++++++++++++++++++--- src/nether-tests/setup-nether-tests-nns.sh | 2 + 2 files changed, 339 insertions(+), 40 deletions(-) diff --git a/src/nether-tests/nether_tests.cpp b/src/nether-tests/nether_tests.cpp index a76b6c5..4edcd3a 100644 --- a/src/nether-tests/nether_tests.cpp +++ b/src/nether-tests/nether_tests.cpp @@ -28,6 +28,7 @@ #include #include #include +#include #include #include #include @@ -63,9 +64,14 @@ const int TCP_MESSAGES_COUNT = 20000; const uint16_t UDP_TEST_PORT = 12000; const uint16_t TCP_TEST_PORT = 12000; -const std::string REMOTE_TEST_SERVER_ADDRESS = "10.1.0.2"; -const std::string LOCAL_TEST_SERVER_ADDRESS = "127.0.0.1"; +const std::string REMOTE_INTERFACE_ADDRESS = "10.1.0.2"; +const std::string REMOTE_INTERFACE_NAME = "veth1"; +const std::string LOCAL_HOST_TEST_SERVER_ADDRESS = "127.0.0.1"; +const std::string LOCAL_TEST_MCAST_GROUP = "225.0.0.250"; const std::string DNS_TEST_ADDRESS = "www.samsung.com"; +const std::string ANY_INTERFACE = ""; + +const char TTL_MCAST_RESTRIC_SUBNET = 1; const int MONITOR_TIMEOUT = 1000; // ms @@ -530,6 +536,11 @@ public: return "UDPServer port: " + std::to_string(m_port); } + virtual bool applyExtraSocketOptions(int) + { + return true; + } + virtual int serverProcedure(int pipeFd) override { FdUniquePtr pipePtr(&pipeFd); @@ -556,6 +567,10 @@ public: exit(EXIT_FAILURE); } + if (!applyExtraSocketOptions(sockFd)) { + exit(EXIT_FAILURE); + } + struct sockaddr_in clntAddress; size_t clntAddressLength = sizeof(clntAddress); char receiveBuffer[NET_BUFFER_SIZE]; @@ -617,6 +632,81 @@ private: AppContext m_appContext; }; +class UDPMulticastServer : public UDPServer +{ +public: + UDPMulticastServer(uint16_t port, int protocol, + const std::string &mcastGroup, const std::string &networkInterface) + : UDPServer(port, protocol) + , m_mcastGroup(mcastGroup) + , m_networkInterface(networkInterface) + { + } + + bool applyExtraSocketOptions(int sockFd) override + { + struct ip_mreq multicastRequest; + memset(&multicastRequest, 0, sizeof(multicastRequest)); + + in_addr_t mcastGroupAddr = inet_addr(m_mcastGroup.c_str()); + if (!IN_MULTICAST(mcastGroupAddr)) { + return false; + } + + multicastRequest.imr_multiaddr.s_addr = mcastGroupAddr; + + if (m_networkInterface == ANY_INTERFACE) { + multicastRequest.imr_interface.s_addr = INADDR_ANY; + } else { + struct ifreq interfaceRequest; + memset(&interfaceRequest, 0, sizeof(interfaceRequest)); + + interfaceRequest.ifr_addr.sa_family = AF_INET; + strncpy(interfaceRequest.ifr_name, m_networkInterface.c_str(), IFNAMSIZ); + interfaceRequest.ifr_name[IFNAMSIZ - 1] = '\0'; + + if (ioctl(sockFd, SIOCGIFADDR, &interfaceRequest) == -1) { + return false; + } + + struct sockaddr_in *addr = reinterpret_cast(&interfaceRequest.ifr_addr); + multicastRequest.imr_interface.s_addr = addr->sin_addr.s_addr; + } + + return setsockopt(sockFd, IPPROTO_IP, IP_ADD_MEMBERSHIP, + static_cast(&multicastRequest), sizeof(multicastRequest)) == 0; + } + +private: + std::string m_mcastGroup; + std::string m_networkInterface; +}; + + +class UDPMulticastServerApp : public UDPMulticastServer +{ +public: + UDPMulticastServerApp(uint16_t port, int protocol, const std::string &mcastGroup, const std::string &networkInterface, + const AppContext &appContext) + : UDPMulticastServer(port, protocol, mcastGroup, networkInterface) + , m_appContext(appContext) + { + } + + virtual int serverProcedure(int pipeFd) override + { + Api::setProcessLabel(m_appContext.appId()); + RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(m_appContext.getUID(), m_appContext.getGID()) == 0, + "drop_root_privileges() failed"); + + return UDPServer::serverProcedure(pipeFd); + } + +private: + AppContext m_appContext; +}; + + class TCPServer : public NetServer { public: @@ -769,6 +859,11 @@ public: { } + virtual bool applyExtraSocketOptions(int) + { + return true; + } + private: virtual void clientProcedure() override { @@ -780,6 +875,8 @@ private: RUNNER_ASSERT_MSG(server != nullptr, "Couldn't find host " << m_hostName << " h_errno = " << hstrerror(h_errno)); + RUNNER_ASSERT_MSG (applyExtraSocketOptions(sockFd), "Couldn't prepare socket"); + struct sockaddr_in serverAddress; memset(&serverAddress, 0, sizeof(serverAddress)); serverAddress.sin_family = AF_INET; @@ -810,7 +907,32 @@ private: uint16_t m_port; }; +class UDPMulticastClientApp : public UDPClientApp +{ +public: + UDPMulticastClientApp(const std::string &appPrefix, NetherInternetAccess access, int msgCount, + int protocol, const std::string &hostName, uint16_t port, char ttl, bool enableLoop) + : UDPClientApp(appPrefix, access, msgCount, protocol, hostName, port) + , m_ttl(ttl) + , m_enableLoop(enableLoop) + { + } + + virtual bool applyExtraSocketOptions(int sockFd) override + { + if (setsockopt(sockFd, IPPROTO_IP, IP_MULTICAST_TTL, (void *) &m_ttl, sizeof(m_ttl)) == -1) { + return false; + } + char multicastEnableLoop = m_enableLoop ? 1 : 0; + return setsockopt(sockFd, IPPROTO_IP, IP_MULTICAST_LOOP, static_cast(&multicastEnableLoop), + sizeof(multicastEnableLoop)) == 0; + } + +private: + char m_ttl; + bool m_enableLoop; +}; class TCPClientApp : public NetClient { @@ -842,7 +964,8 @@ private: serverAddress.sin_port = htons(m_port); size_t serverAddressLength = sizeof(serverAddress); - int ret = TEMP_FAILURE_RETRY(connect(sockFd, reinterpret_cast(&serverAddress), serverAddressLength)); + int ret = TEMP_FAILURE_RETRY(connect(sockFd, + reinterpret_cast(&serverAddress),serverAddressLength)); if (ret == -1 && m_expectConnectionError) { return; } @@ -865,7 +988,6 @@ private: } } - int m_protocol; std::string m_hostName; uint16_t m_port; bool m_expectConnectionError; @@ -884,8 +1006,8 @@ RUNNER_CHILD_TEST(nether_check_udp_connection_internet_access_granted) UDPServer udpServer(UDP_TEST_PORT); udpServer.start(NETHER_NETNS_NAME_TEST); - UDPClientApp udpClientApp("nether_test_01", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT, - IPPROTO_UDP, REMOTE_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + UDPClientApp udpClientApp("nether_test_uciag", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT, + IPPROTO_UDP, REMOTE_INTERFACE_ADDRESS, UDP_TEST_PORT); udpClientApp.start(); RUNNER_ASSERT_MSG(udpServer.isAlive(), "UDP server was not running"); @@ -903,8 +1025,8 @@ RUNNER_CHILD_TEST(nether_check_udp_connection_internet_access_denied) UDPServer udpServer(UDP_TEST_PORT); udpServer.start(NETHER_NETNS_NAME_TEST); - UDPClientApp udpClientApp("nether_test_02", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, - IPPROTO_UDP, REMOTE_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + UDPClientApp udpClientApp("nether_test_uciad", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, + IPPROTO_UDP, REMOTE_INTERFACE_ADDRESS, UDP_TEST_PORT); udpClientApp.start(); RUNNER_ASSERT_MSG(udpServer.isAlive(), "UDP server was not running"); @@ -922,8 +1044,8 @@ RUNNER_CHILD_TEST(nether_check_udp_lite_connection_internet_access_granted) UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDPLITE); udpLiteServer.start(NETHER_NETNS_NAME_TEST); - UDPClientApp udpClientApp("nether_test_03", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT, - IPPROTO_UDPLITE, REMOTE_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + UDPClientApp udpClientApp("nether_test_ulciag", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT, + IPPROTO_UDPLITE, REMOTE_INTERFACE_ADDRESS, UDP_TEST_PORT); udpClientApp.start(); RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDPLite server was not running"); @@ -941,8 +1063,8 @@ RUNNER_CHILD_TEST(nether_check_udp_lite_connection_internet_access_denied) UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDPLITE); udpLiteServer.start(NETHER_NETNS_NAME_TEST); - UDPClientApp udpClientApp("nether_test_04", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, - IPPROTO_UDPLITE, REMOTE_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + UDPClientApp udpClientApp("nether_test_ulciad", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, + IPPROTO_UDPLITE, REMOTE_INTERFACE_ADDRESS, UDP_TEST_PORT); udpClientApp.start(); RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running"); @@ -959,8 +1081,8 @@ RUNNER_CHILD_TEST(nether_check_tcp_connection_internet_access_granted) TCPServer tcpServer(TCP_TEST_PORT); tcpServer.start(NETHER_NETNS_NAME_TEST); - TCPClientApp tcpClientApp("nether_test_05", NetherInternetAccess::ACCESS_GRANTED, TCP_MESSAGES_COUNT, - REMOTE_TEST_SERVER_ADDRESS, TCP_TEST_PORT, false); + TCPClientApp tcpClientApp("nether_test_tciag", NetherInternetAccess::ACCESS_GRANTED, TCP_MESSAGES_COUNT, + REMOTE_INTERFACE_ADDRESS, TCP_TEST_PORT, false); tcpClientApp.start(); RUNNER_ASSERT_MSG(tcpServer.isAlive(), "TCP server was not running"); @@ -977,8 +1099,8 @@ RUNNER_CHILD_TEST(nether_check_tcp_connection_internet_access_denied) TCPServer tcpServer(TCP_TEST_PORT); tcpServer.start(NETHER_NETNS_NAME_TEST); - TCPClientApp tcpClientApp("nether_test_06", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT, - REMOTE_TEST_SERVER_ADDRESS, TCP_TEST_PORT, true); + TCPClientApp tcpClientApp("nether_test_tciad", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT, + REMOTE_INTERFACE_ADDRESS, TCP_TEST_PORT, true); tcpClientApp.start(); RUNNER_ASSERT_MSG(tcpServer.isAlive(), "TCP server was not running"); @@ -986,18 +1108,50 @@ RUNNER_CHILD_TEST(nether_check_tcp_connection_internet_access_denied) RUNNER_ASSERT_MSG(tcpServer.getReceivedBytes() == 0, "TCP server received some data"); } - +// Communication between application and local service RUNNER_TEST_GROUP_INIT(NETHER_LOCAL_SERVICE_CONNECTION) +RUNNER_CHILD_TEST(nether_check_udp_local_connection_internet_access_granted) +{ + RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); + UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDP); + udpLiteServer.start(); + + UDPClientApp udpClientApp("nether_test_ulciag", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT, + IPPROTO_UDP, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + udpClientApp.start(); + + RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running"); + udpLiteServer.stop(); + RUNNER_ASSERT_MSG(udpLiteServer.getReceivedBytes() > 0, "UDP server didn't receive any data"); +} + + RUNNER_CHILD_TEST(nether_check_udp_local_connection_internet_access_denied) { RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDP); udpLiteServer.start(); - UDPClientApp udpClientApp("nether_test_07", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, - IPPROTO_UDP, LOCAL_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + UDPClientApp udpClientApp("nether_test_ulciad", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, + IPPROTO_UDP, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + udpClientApp.start(); + + RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running"); + udpLiteServer.stop(); + RUNNER_ASSERT_MSG(udpLiteServer.getReceivedBytes() > 0, "UDP server didn't receive any data"); +} + + +RUNNER_CHILD_TEST(nether_check_udp_lite_local_connection_internet_access_granted) +{ + RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); + UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDPLITE); + udpLiteServer.start(); + + UDPClientApp udpClientApp("nether_test_ullciag", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT, + IPPROTO_UDPLITE, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT); udpClientApp.start(); RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running"); @@ -1012,8 +1166,8 @@ RUNNER_CHILD_TEST(nether_check_udp_lite_local_connection_internet_access_denied) UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDPLITE); udpLiteServer.start(); - UDPClientApp udpClientApp("nether_test_08", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, - IPPROTO_UDPLITE, LOCAL_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + UDPClientApp udpClientApp("nether_test_ullciad", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, + IPPROTO_UDPLITE, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT); udpClientApp.start(); RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running"); @@ -1022,13 +1176,28 @@ RUNNER_CHILD_TEST(nether_check_udp_lite_local_connection_internet_access_denied) } +RUNNER_CHILD_TEST(nether_check_tcp_local_connection_internet_access_granted) +{ + TCPServer tcpServer(TCP_TEST_PORT); + tcpServer.start(); + + TCPClientApp tcpClientApp("nether_test_tlciad", NetherInternetAccess::ACCESS_GRANTED, TCP_MESSAGES_COUNT, + LOCAL_HOST_TEST_SERVER_ADDRESS, TCP_TEST_PORT, false); + tcpClientApp.start(); + + RUNNER_ASSERT_MSG(tcpServer.isAlive(), "TCP server was not running"); + tcpServer.stop(); + RUNNER_ASSERT_MSG(tcpServer.getReceivedBytes() > 0, "TCP server didn't receive any data"); +} + + RUNNER_CHILD_TEST(nether_check_tcp_local_connection_internet_access_denied) { TCPServer tcpServer(TCP_TEST_PORT); tcpServer.start(); - TCPClientApp tcpClientApp("nether_test_09", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT, - LOCAL_TEST_SERVER_ADDRESS, TCP_TEST_PORT, false); + TCPClientApp tcpClientApp("nether_test_tlciad", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT, + LOCAL_HOST_TEST_SERVER_ADDRESS, TCP_TEST_PORT, false); tcpClientApp.start(); RUNNER_ASSERT_MSG(tcpServer.isAlive(), "TCP server was not running"); @@ -1037,56 +1206,185 @@ RUNNER_CHILD_TEST(nether_check_tcp_local_connection_internet_access_denied) } +// Applications mustn't communicate with each other even if access to the Internet is granted. RUNNER_TEST_GROUP_INIT(NETHER_LOCAL_INTER_APP_CONNECTION) +RUNNER_CHILD_TEST(nether_check_udp_local_inter_app_connection_internet_access_granted) +{ + RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); + ScopedAppContext appContext("nether_test_uliaciag_a", NetherInternetAccess::ACCESS_GRANTED); + UDPServerApp udpServerApp(UDP_TEST_PORT, IPPROTO_UDP, appContext); + udpServerApp.start(); + + UDPClientApp udpClientApp("nether_test_uliaciag_b", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT, + IPPROTO_UDP, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + udpClientApp.start(); + + RUNNER_ASSERT_MSG(udpServerApp.isAlive(), "UDP server was not running"); + udpServerApp.stop(); + RUNNER_ASSERT_MSG(udpServerApp.getReceivedBytes() == 0, "UDP server received some data"); +} + + RUNNER_CHILD_TEST(nether_check_udp_local_inter_app_connection_internet_access_denied) { RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); - ScopedAppContext appContext("nether_test_10a", NetherInternetAccess::ACCESS_DENIED); + ScopedAppContext appContext("nether_test_uliaciad_a", NetherInternetAccess::ACCESS_DENIED); UDPServerApp udpServerApp(UDP_TEST_PORT, IPPROTO_UDP, appContext); udpServerApp.start(); - UDPClientApp udpClientApp("nether_test_10b", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, - IPPROTO_UDP, LOCAL_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + UDPClientApp udpClientApp("nether_test_uliaciad_b", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, + IPPROTO_UDP, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT); udpClientApp.start(); RUNNER_ASSERT_MSG(udpServerApp.isAlive(), "UDP server was not running"); udpServerApp.stop(); - RUNNER_ASSERT_MSG(udpServerApp.getReceivedBytes() > 0, "UDP server didn't receive any data"); + RUNNER_ASSERT_MSG(udpServerApp.getReceivedBytes() == 0, "UDP server received some data"); +} + + +RUNNER_CHILD_TEST(nether_check_udp_lite_local_inter_app_connection_internet_access_granted) +{ + RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); + ScopedAppContext appContext("nether_test_ulliaciag_a", NetherInternetAccess::ACCESS_GRANTED); + UDPServerApp udpLiteServerApp(UDP_TEST_PORT, IPPROTO_UDPLITE, appContext); + udpLiteServerApp.start(); + + UDPClientApp udpClientApp("nether_ulliaciag_b", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT, + IPPROTO_UDPLITE, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + udpClientApp.start(); + + RUNNER_ASSERT_MSG(udpLiteServerApp.isAlive(), "UDP server was not running"); + udpLiteServerApp.stop(); + RUNNER_ASSERT_MSG(udpLiteServerApp.getReceivedBytes() == 0, "UDP server received some data"); } RUNNER_CHILD_TEST(nether_check_udp_lite_local_inter_app_connection_internet_access_denied) { RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); - ScopedAppContext appContext("nether_test_11a", NetherInternetAccess::ACCESS_DENIED); + ScopedAppContext appContext("nether_test_ulliaciad_a", NetherInternetAccess::ACCESS_DENIED); UDPServerApp udpLiteServerApp(UDP_TEST_PORT, IPPROTO_UDPLITE, appContext); udpLiteServerApp.start(); - UDPClientApp udpClientApp("nether_test_11b", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, - IPPROTO_UDPLITE, LOCAL_TEST_SERVER_ADDRESS, UDP_TEST_PORT); + UDPClientApp udpClientApp("nether_ulliaciad_b", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT, + IPPROTO_UDPLITE, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT); udpClientApp.start(); RUNNER_ASSERT_MSG(udpLiteServerApp.isAlive(), "UDP server was not running"); udpLiteServerApp.stop(); - RUNNER_ASSERT_MSG(udpLiteServerApp.getReceivedBytes() > 0, "UDP server didn't receive any data"); + RUNNER_ASSERT_MSG(udpLiteServerApp.getReceivedBytes() == 0, "UDP server received some data"); +} + + +RUNNER_CHILD_TEST(nether_check_tcp_local_inter_app_connection_internet_access_granted) +{ + ScopedAppContext appContext("nether_test_tliaciag_a", NetherInternetAccess::ACCESS_GRANTED); + TCPServerApp tcpServerApp(TCP_TEST_PORT, appContext); + tcpServerApp.start(); + + TCPClientApp tcpClientApp("nether_test_tliaciag_b", NetherInternetAccess::ACCESS_GRANTED, TCP_MESSAGES_COUNT, + LOCAL_HOST_TEST_SERVER_ADDRESS, TCP_TEST_PORT, true); + tcpClientApp.start(); + + RUNNER_ASSERT_MSG(tcpServerApp.isAlive(), "TCP server was not running"); + tcpServerApp.stop(); + RUNNER_ASSERT_MSG(tcpServerApp.getReceivedBytes() == 0, "TCP server received some data"); } RUNNER_CHILD_TEST(nether_check_tcp_local_inter_app_connection_internet_access_denied) { - ScopedAppContext appContext("nether_test_12a", NetherInternetAccess::ACCESS_DENIED); + ScopedAppContext appContext("nether_test_tliaciad_a", NetherInternetAccess::ACCESS_DENIED); TCPServerApp tcpServerApp(TCP_TEST_PORT, appContext); tcpServerApp.start(); - TCPClientApp tcpClientApp("nether_test_12b", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT, - LOCAL_TEST_SERVER_ADDRESS, TCP_TEST_PORT, false); + TCPClientApp tcpClientApp("nether_test_tliaciad_b", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT, + LOCAL_HOST_TEST_SERVER_ADDRESS, TCP_TEST_PORT, true); tcpClientApp.start(); RUNNER_ASSERT_MSG(tcpServerApp.isAlive(), "TCP server was not running"); tcpServerApp.stop(); - RUNNER_ASSERT_MSG(tcpServerApp.getReceivedBytes() > 0, "TCP server didn't receive any data"); + RUNNER_ASSERT_MSG(tcpServerApp.getReceivedBytes() == 0, "TCP server received some data"); +} + + +RUNNER_TEST_GROUP_INIT(NETHER_MULTICAST) + + +RUNNER_CHILD_TEST(nether_check_multicast_inter_app_connection_access_granted) +{ + // one app acts as a server (receiver), the second as a sender + RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); + ScopedAppContext appContext("nether_test_miacag_a", NetherInternetAccess::ACCESS_GRANTED); + UDPMulticastServerApp udpMulticastServerApp(UDP_TEST_PORT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, + ANY_INTERFACE, appContext); + udpMulticastServerApp.start(); + + UDPMulticastClientApp udpMulticastClientApp("nether_test_miacag_b", NetherInternetAccess::ACCESS_GRANTED, + UDP_MESSAGES_COUNT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, UDP_TEST_PORT, TTL_MCAST_RESTRIC_SUBNET, true); + udpMulticastClientApp.start(); + + RUNNER_ASSERT_MSG(udpMulticastServerApp.isAlive(), "UDP multicast server was not running"); + udpMulticastServerApp.stop(); + RUNNER_ASSERT_MSG(udpMulticastServerApp.getReceivedBytes() > 0, "UDP multicast server didn't receive any data"); +} + + +RUNNER_CHILD_TEST(nether_check_multicast_inter_app_connection_access_denied) +{ + RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); + ScopedAppContext appContext("nether_test_miacad_a", NetherInternetAccess::ACCESS_DENIED); + UDPMulticastServerApp udpMulticastServerApp(UDP_TEST_PORT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, + ANY_INTERFACE, appContext); + udpMulticastServerApp.start(); + + UDPMulticastClientApp udpMulticastClientApp("nether_test_miacad_b", NetherInternetAccess::ACCESS_DENIED, + UDP_MESSAGES_COUNT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, UDP_TEST_PORT, TTL_MCAST_RESTRIC_SUBNET, true); + udpMulticastClientApp.start(); + + RUNNER_ASSERT_MSG(udpMulticastServerApp.isAlive(), "UDP multicast server was not running"); + udpMulticastServerApp.stop(); + RUNNER_ASSERT_MSG(udpMulticastServerApp.getReceivedBytes() > 0, "UDP multicast server didn't receive any data"); +} + + +RUNNER_CHILD_TEST(nether_check_multicast_remote_connection_app_sender_access_granted) +{ + RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); + ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND, + NETHER_NETNS_TEARDOWN_COMMAND); + + UDPMulticastServer udpMulticastServer(UDP_TEST_PORT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, REMOTE_INTERFACE_NAME); + udpMulticastServer.start(NETHER_NETNS_NAME_TEST); + + UDPMulticastClientApp udpMulticastClientApp("nether_test_mrcasag", NetherInternetAccess::ACCESS_GRANTED, + UDP_MESSAGES_COUNT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, UDP_TEST_PORT, TTL_MCAST_RESTRIC_SUBNET, false); + udpMulticastClientApp.start(); + + RUNNER_ASSERT_MSG(udpMulticastServer.isAlive(), "UDP multicast server was not running"); + udpMulticastServer.stop(); + RUNNER_ASSERT_MSG(udpMulticastServer.getReceivedBytes() > 0, "UDP multicast server didn't receive any data"); +} + + +RUNNER_CHILD_TEST(nether_check_multicast_remote_connection_app_sender_access_denied) +{ + RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished."); + ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND, + NETHER_NETNS_TEARDOWN_COMMAND); + + UDPMulticastServer udpMulticastServer(UDP_TEST_PORT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, REMOTE_INTERFACE_NAME); + udpMulticastServer.start(NETHER_NETNS_NAME_TEST); + + UDPMulticastClientApp udpMulticastClientApp("nether_test_mrcasad", NetherInternetAccess::ACCESS_DENIED, + UDP_MESSAGES_COUNT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, UDP_TEST_PORT, TTL_MCAST_RESTRIC_SUBNET, false); + udpMulticastClientApp.start(); + + RUNNER_ASSERT_MSG(udpMulticastServer.isAlive(), "UDP multicast server was not running"); + udpMulticastServer.stop(); + RUNNER_ASSERT_MSG(udpMulticastServer.getReceivedBytes() == 0, "UDP multicast server received some data"); } @@ -1101,8 +1399,7 @@ RUNNER_CHILD_TEST(nether_check_gethostbyname_internet_access_granted) RUNNER_ASSERT_MSG(server != nullptr, "Couldn't find host " << DNS_TEST_ADDRESS << " h_errno = " << h_errno); }; - - runProcedureInNetAppContext("nether_test_13", getHostAddress, NetherInternetAccess::ACCESS_GRANTED); + runProcedureInNetAppContext("nether_test_giag", getHostAddress, NetherInternetAccess::ACCESS_GRANTED); } @@ -1114,7 +1411,7 @@ RUNNER_CHILD_TEST(nether_check_gethostbyname_internet_access_denied) RUNNER_ASSERT_MSG(server == nullptr, "Host was found " << DNS_TEST_ADDRESS); }; - runProcedureInNetAppContext("nether_test_14", getHostAddress, NetherInternetAccess::ACCESS_DENIED); + runProcedureInNetAppContext("nether_test_giad", getHostAddress, NetherInternetAccess::ACCESS_DENIED); } @@ -1137,13 +1434,13 @@ RUNNER_TEST_GROUP_INIT(NETHER_RAW_SOCKET) RUNNER_CHILD_TEST(nether_check_raw_socket_access_granted) { - runProcedureInNetAppContext("nether_test_15", checkRawSocket, NetherInternetAccess::ACCESS_GRANTED); + runProcedureInNetAppContext("nether_test_rsag", checkRawSocket, NetherInternetAccess::ACCESS_GRANTED); } RUNNER_CHILD_TEST(nether_check_raw_socket_access_denied) { - runProcedureInNetAppContext("nether_test_16", checkRawSocket, NetherInternetAccess::ACCESS_DENIED); + runProcedureInNetAppContext("nether_test_rsad", checkRawSocket, NetherInternetAccess::ACCESS_DENIED); } diff --git a/src/nether-tests/setup-nether-tests-nns.sh b/src/nether-tests/setup-nether-tests-nns.sh index 6da2fb9..29c5274 100644 --- a/src/nether-tests/setup-nether-tests-nns.sh +++ b/src/nether-tests/setup-nether-tests-nns.sh @@ -27,8 +27,10 @@ ip link add veth0 type veth peer name veth1 ip link set veth1 netns $1 ip netns exec $1 ifconfig lo 127.0.0.1 ip netns exec $1 ifconfig veth1 10.1.0.2 netmask 255.255.255.252 +ip netns exec $1 route add -net 224.0.0.0 netmask 224.0.0.0 veth1 ifconfig veth0 10.1.0.1 netmask 255.255.255.252 +route add -net 224.0.0.0 netmask 224.0.0.0 veth0 # force ARP response ping -c 1 10.1.0.2 > /dev/null -- 2.7.4