diff options
author | jpadkins <jacobpadkins@gmail.com> | 2017-04-21 04:01:52 +0300 |
---|---|---|
committer | jpadkins <jacobpadkins@gmail.com> | 2017-04-21 04:01:52 +0300 |
commit | b815188287b6fe48c9bd38baf91adfa692a4f142 (patch) | |
tree | c058deb7be10e0b6d7ec7fd4bf542046830bef2a | |
parent | a1afcfca128ebf7d9a4e81d9696b9fd5c91fc438 (diff) |
Dirty commit - refactoring starttls ad test into three separate ones
22 files changed, 618 insertions, 22 deletions
diff --git a/check/magma/core/core_check.c b/check/magma/core/core_check.c index 1cfc279a..64a34e82 100644 --- a/check/magma/core/core_check.c +++ b/check/magma/core/core_check.c @@ -878,7 +878,7 @@ START_TEST (check_ip_private_s) { bool_t result = true; stringer_t *errmsg = MANAGEDBUF(1024); - if (status()) result = check_ip_private_scheck(errmsg); + if (status()) result = check_ip_private_sthread(errmsg); log_test("CORE / HOST / ADDRESS / PRIVATE / SINGLE THREADED:", errmsg); ck_assert_msg(result, st_char_get(errmsg)); @@ -892,7 +892,7 @@ START_TEST (check_ip_localhost_s) { bool_t result = true; stringer_t *errmsg = MANAGEDBUF(1024); - if (status()) result = check_ip_localhost_scheck(errmsg); + if (status()) result = check_ip_localhost_sthread(errmsg); log_test("CORE / HOST / ADDRESS / LOCAL / SINGLE THREADED:", errmsg); ck_assert_msg(result, st_char_get(errmsg)); diff --git a/check/magma/core/core_check.h b/check/magma/core/core_check.h index c3ee5ca1..3789742d 100644 --- a/check/magma/core/core_check.h +++ b/check/magma/core/core_check.h @@ -51,6 +51,11 @@ void check_inx_append_test(inx_t *); bool_t check_inx_append_sthread(MAGMA_INDEX, stringer_t*); bool_t check_inx_append_mthread(MAGMA_INDEX, stringer_t*); +/// ip_check.c +bool_t check_uint16_to_hex_st(uint16_t val, stringer_t *buff); +bool_t check_ip_private_sthread(stringer_t *errmsg); +bool_t check_ip_localhost_sthread(stringer_t *errmsg); + /// linked_check.c bool_t check_indexes_linked_cursor(char **errmsg); bool_t check_indexes_linked_cursor_compare(uint64_t values[], inx_cursor_t *cursor); diff --git a/check/magma/core/ip_check.c b/check/magma/core/ip_check.c index 7ecb8ba3..e87594d1 100644 --- a/check/magma/core/ip_check.c +++ b/check/magma/core/ip_check.c @@ -7,6 +7,35 @@ #include "magma_check.h" +bool_t check_uint16_to_hex_st(uint16_t val, stringer_t *buff) { + + uint32_t digits[4] = { 0, 0, 0, 0 }; + chr_t *hex_chrs = "0123456789abcdef"; + + if ((st_length_get(buff) + st_avail_get(buff)) < 5) return false; + + digits[0] = val / 4096; + val -= digits[0] * 4096; + + digits[1] = val / 256; + val -= digits[1] * 256; + + digits[2] = val / 16; + val -= digits[2] * 16; + + digits[3] = val; + + st_wipe(buff); + + if (st_sprint(buff, "%c%c%c%c", *(hex_chrs + digits[0]), *(hex_chrs + digits[1]), + *(hex_chrs + digits[2]), *(hex_chrs + digits[3])) == -1) { + + return false; + } + + return true; +} + void check_address_standard_s (int _i CK_ATTRIBUTE_UNUSED) { log_disable(); @@ -319,10 +348,12 @@ void check_address_octet_s (int _i CK_ATTRIBUTE_UNUSED) { ck_assert_msg(!errmsg, st_char_get(errmsg)); } -bool_t check_ip_private_scheck(stringer_t *errmsg) { +bool_t check_ip_private_sthread(stringer_t *errmsg) { - st_sprint(errmsg, "This check needs love. Touch me tender, and finish me off."); - return false; + ip_t ip; + uint16_t segments[4] = { 0, 0, 0, 0 }; + stringer_t *ipstr = MANAGEDBUF(64), *hex_buffs[8] = { MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), + MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5) }; /// MEDIUM: Write the private IP address checks. /// @@ -330,42 +361,355 @@ bool_t check_ip_private_scheck(stringer_t *errmsg) { /// the correct response. /// /// Generate random addresses in the 10.0.0.0/8 range and verify the outcome. + + st_wipe(ipstr); + + segments[0] = 10; + for (size_t i = 0; i < 10; i++) { + + for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256; + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Generate random addresses in the 127.0.0.0/8 range and verify the outcome (localhost). + segments[0] = 127; + for (size_t i = 0; i < 10; i++) { + + for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256; + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Generate random addresses in the 172.16.0.0/12 range and verify the outcome. + segments[0] = 172; + for (size_t i = 0; i < 10; i++) { + + segments[1] = 16 + (rand() % 16); + for (size_t j = 2; j < 4; j++) segments[j] = rand() % 256; + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Generate random addresses in the 192.168.0.0/16 range and verify the outcome. + segments[0] = 192; + segments[1] = 168; + for (size_t i = 0; i < 10; i++) { + + for (size_t j = 2; j < 4; j++) segments[j] = rand() % 256; + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Generate random addresses in the 72.0.0.0/8 and 172.0.0.0/8 ranges then verify the outcome (non-private). - /// + segments[0] = 72; + for (size_t i = 0; i < 10; i++) { + + for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256; + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + + segments[0] = 172; + for (size_t i = 0; i < 10; i++) { + + for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256; + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Generate an address using ::1 and verify the outcome. + if (!ip_addr_st("::1", &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + /// Generate random addresses in the fc00::/7 range and verify the outcome. + for (size_t i = 0; i < 10; i++) { + + for (size_t j = 1; j < 8; j++) check_uint16_to_hex_st(rand() % 65536, hex_buffs[j]); + st_sprint(ipstr, "fc00::%s::%s::%s::%s::%s::%s::%s", st_char_get(hex_buffs[1]), st_char_get(hex_buffs[2]), + st_char_get(hex_buffs[3]), st_char_get(hex_buffs[4]), st_char_get(hex_buffs[5]), st_char_get(hex_buffs[6]), + st_char_get(hex_buffs[7])); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Generate random addresses in the (pick well known non-private prefix)::/7 range and verify the outcome. - /// + + /// Generate random addresses in the private IPv4 ranges above and map them into the IPv4 to IPv6 compatability/translation /// range... ::ffff:0:0/96 and verify the outcome. - /// + + segments[0] = 172; + for (size_t i = 0; i < 10; i++) { + + for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256; + st_sprint(ipstr, "::ffff:%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_private(&ip)) { + st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Finally, call ip_private() using an invalid IP address struct. This includes passing NULL. Providing an IP struct /// with an address family other than AF_INET or AF_INET6 and any other edge case you can think of. + if (!ip_addr_st("0.42.42.42", &ip)) { + + st_sprint(errmsg, "Failed to create invalid ip_t object."); + return false; + } + else if (ip_private(NULL) || ip_private(&ip)) { + + st_sprint(errmsg, "ip_private() failed to return false when passed an invalid ip_t object."); + return false; + } + + return true; } -bool_t check_ip_localhost_scheck(stringer_t *errmsg) { +bool_t check_ip_localhost_sthread(stringer_t *errmsg) { - st_sprint(errmsg, "This check needs love. Touch me tender, and finish me off."); - return false; + ip_t ip; + uint16_t segments[4] = { 0, 0, 0, 0 }; + stringer_t *ipstr = MANAGEDBUF(64);/*, *hex_buffs[8] = { MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), + MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5) };*/ /// MEDIUM: Write the localhost IP address checks. /// /// Use the ip_addr_st() function to turn test addresses into IP address structs and confirm ip_localhost() returns /// the correct response. - /// /// Generate random addresses in the 127.0.0.1/8 range and verify the outcome. + + st_wipe(ipstr); + + segments[0] = 127; + for (size_t i = 0; i < 10; i++) { + + segments[1] = rand() % 256; + segments[2] = rand() % 256; + segments[3] = rand() % 255 + 1; + + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_localhost(&ip)) { + st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Generate random addresses in the 72.0.0.0/8 and 172.0.0.0/8 ranges then verify the outcome (non-private). - /// + + segments[0] = 72; + for (size_t i = 0; i < 10; i++) { + + segments[1] = rand() % 256; + segments[2] = rand() % 256; + segments[3] = rand() % 255 + 1; + + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (ip_localhost(&ip)) { + st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + segments[0] = 172; + for (size_t i = 0; i < 10; i++) { + + segments[1] = rand() % 256; + segments[2] = rand() % 256; + segments[3] = rand() % 255 + 1; + + st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (ip_localhost(&ip)) { + st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Generate an address using ::1 and verify the outcome. + if (!ip_addr_st("::1", &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_localhost(&ip)) { + st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + /// Generate random addresses in the (pick well known non-private prefix)::/7 range and verify the outcome. - /// + + /// Generate IPv4 addresses in the range above and map them into the IPv4 to IPv6 compatability/translation /// range... ::ffff:0:0/96 and verify the outcome. - /// + + segments[0] = 127; + for (size_t i = 0; i < 10; i++) { + + segments[1] = rand() % 256; + segments[2] = rand() % 256; + segments[3] = rand() % 255 + 1; + + st_sprint(ipstr, "::ffff:%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]); + + if (!ip_addr_st(st_char_get(ipstr), &ip)) { + st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + else if (!ip_localhost(&ip)) { + st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }", + st_length_int(ipstr), st_char_get(ipstr)); + return false; + } + + st_wipe(ipstr); + } + /// Finally, call ip_localhost() using an invalid IP address struct. This includes passing NULL. Providing an IP struct /// with an address family other than AF_INET or AF_INET6 and any other edge case you can think of. + + if (!ip_addr_st("0.42.42.42", &ip)) { + + st_sprint(errmsg, "Failed to create invalid ip_t object."); + return false; + } + else if (ip_localhost(NULL) || ip_localhost(&ip)) { + + st_sprint(errmsg, "ip_localhost() failed to return false when passed an invalid ip_t object."); + return false; + } + + return true; } diff --git a/check/magma/regression/regression_check.c b/check/magma/regression/regression_check.c index 83575f41..dce5fefb 100644 --- a/check/magma/regression/regression_check.c +++ b/check/magma/regression/regression_check.c @@ -95,6 +95,26 @@ START_TEST (check_regression_imap_search_range_parsing_s) { } END_TEST +START_TEST (check_regression_http_append_string_s) { + + log_disable(); + bool_t outcome = true; + server_t *server = NULL; + stringer_t *errmsg = MANAGEDBUF(1024); + + if (!(server = servers_get_by_protocol(HTTP, false))) { + st_sprint(errmsg, "No HTTP servers were configured and available for testing."); + outcome = false; + } + else if (status()) { + outcome = check_regression_http_append_string(errmsg, server->network.port); + } + + log_test("REGRESSION / HTTP / APPEND STRING / SINGLE THREADED:", errmsg); + ck_assert_msg(outcome, st_char_get(errmsg)); +} +END_TEST + Suite * suite_check_regression(void) { Suite *s = suite_create("\tRegression"); @@ -102,6 +122,7 @@ Suite * suite_check_regression(void) { suite_check_testcase(s, "REGRESSION", "Regression File Descriptors Leak/M", check_regression_file_descriptors_leak_m); suite_check_testcase(s, "REGRESSION", "Regression SMTP Dot Stuffing/S", check_regression_smtp_dot_stuffing_s); suite_check_testcase(s, "REGRESSION", "Regression IMAP Search Range Parsing/S", check_regression_imap_search_range_parsing_s); + suite_check_testcase(s, "REGRESSION", "Regression HTTP Append String/S", check_regression_http_append_string_s); return s; } diff --git a/check/magma/regression/regression_check.h b/check/magma/regression/regression_check.h index d37d8ae5..8781b6ed 100644 --- a/check/magma/regression/regression_check.h +++ b/check/magma/regression/regression_check.h @@ -12,6 +12,7 @@ void check_regression_file_descriptors_leak_test(void); bool_t check_client_dot_stuff(client_t *client, chr_t *token); bool_t check_regression_smtp_dot_stuffing_sthread(stringer_t *errmsg); bool_t check_regression_imap_search_range_parsing_sthread(stringer_t *errmsg, uint32_t port); +bool_t check_regression_http_append_string(stringer_t *errmsg, uint32_t port); Suite * suite_check_regression(void); diff --git a/check/magma/regression/regression_check_helpers.c b/check/magma/regression/regression_check_helpers.c index 34d3e5d1..f10bf193 100644 --- a/check/magma/regression/regression_check_helpers.c +++ b/check/magma/regression/regression_check_helpers.c @@ -180,3 +180,33 @@ bool_t check_regression_imap_search_range_parsing_sthread(stringer_t *errmsg, ui client_close(client); return true; } + +bool_t check_regression_http_append_string(stringer_t *errmsg, uint32_t port) { + + // The bug that this test checks for should show up in the server log as: + // "The append string appears to be empty." + + client_t *client = NULL; + chr_t *message = "POST /portal/camel HTTP/1.1\r\nHost: localhost:10000\r\nAccept: */*\r\n" \ + "Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 10000\r\n\r\n" \ + "Foo Bar Baz\r\n"; + + // Connect the client. + if (!(client = client_connect("localhost", port)) || !net_set_timeout(client->sockd, 20, 20)) { + + st_sprint(errmsg, "Failed to connect with the IMAP server over TCP."); + client_close(client); + return false; + } + // Send an HTTP message with an improperly long Content-Length header. + else if (client_write(client, NULLER(message)) != ns_length_get(message)) { + + st_sprint(errmsg, "Failed to write the HTTP message to the client."); + client_close(client); + return false; + } + // Force close the connection. + client_close(client); + + return true; +} diff --git a/check/magma/servers/http/http_check.c b/check/magma/servers/http/http_check.c index 53d5b222..2084986a 100644 --- a/check/magma/servers/http/http_check.c +++ b/check/magma/servers/http/http_check.c @@ -55,7 +55,7 @@ START_TEST (check_http_network_options_s) { stringer_t *errmsg = MANAGEDBUF(1024); if (!(server = servers_get_by_protocol(HTTP, true))) { - st_sprint(errmsg, "No HTTP servers were configured to support TCP connections."); + st_sprint(errmsg, "No HTTP servers were configured to support TLS connections."); outcome = false; } else if (status() && !check_http_network_options_sthread(errmsg, server->network.port, true)) { @@ -67,10 +67,31 @@ START_TEST (check_http_network_options_s) { } END_TEST +START_TEST (check_http_mime_types_s) { + + log_disable(); + bool_t outcome = true; + server_t *server = NULL; + stringer_t *errmsg = MANAGEDBUF(1024); + + if (!(server = servers_get_by_protocol(HTTP, true))) { + st_sprint(errmsg, "No HTTP servers were configured to support TLS connections."); + outcome = false; + } + else if (status() && !check_http_mime_types_sthread(errmsg, server->network.port, true)) { + outcome = false; + } + + log_test("HTTP / MIME TYPES / SINGLE THREADED:", errmsg); + ck_assert_msg(outcome, st_char_get(errmsg)); +} +END_TEST + Suite * suite_check_http(void) { Suite *s = suite_create("\tHTTP"); + suite_check_testcase(s, "HTTP", "HTTP MIME Types/S", check_http_mime_types_s); suite_check_testcase(s, "HTTP", "HTTP Network Basic/ TCP/S", check_http_network_basic_tcp_s); suite_check_testcase(s, "HTTP", "HTTP Network Basic/ TLS/S", check_http_network_basic_tls_s); suite_check_testcase(s, "HTTP", "HTTP Network Options/S", check_http_network_options_s); diff --git a/check/magma/servers/http/http_check.h b/check/magma/servers/http/http_check.h index 75387e88..b6982893 100644 --- a/check/magma/servers/http/http_check.h +++ b/check/magma/servers/http/http_check.h @@ -13,6 +13,7 @@ int32_t check_http_content_length_get(client_t *client); bool_t check_http_content_length_test(client_t *client, uint32_t content_length, stringer_t *errmsg); bool_t check_http_network_basic_sthread(stringer_t *errmsg, uint32_t port, bool_t secure); bool_t check_http_network_options_sthread(stringer_t *errmsg, uint32_t port, bool_t secure); +bool_t check_http_mime_types_sthread(stringer_t *errmsg, uint32_t port, bool_t secure); Suite * suite_check_http(void); diff --git a/check/magma/servers/http/http_check_network.c b/check/magma/servers/http/http_check_network.c index 52c2e781..57f2593f 100644 --- a/check/magma/servers/http/http_check_network.c +++ b/check/magma/servers/http/http_check_network.c @@ -166,3 +166,70 @@ bool_t check_http_network_options_sthread(stringer_t *errmsg, uint32_t port, boo return true; } + +bool_t check_http_mime_types_sthread(stringer_t *errmsg, uint32_t port, bool_t secure) { + + size_t delim_index = 0; + media_type_t *media_type = NULL; + stringer_t *content_type = MANAGEDBUF(128), *group = NULL, *sub = NULL; + placer_t header_pl = pl_null(), group_pl = pl_null(), sub_pl = pl_null(); + chr_t *types[] = {"application/octet-stream", "audio/aiff", "audio/aiff", "audio/basic", "video/avi", "image/bmp", + "application/x-bzip", "application/x-bzip2", "text/x-c", "application/java", "text/plain", "text/x-c", "application/x-x509-ca-cert", + "text/css", "text/csv", "application/msword", "application/msword", "video/x-flv", "image/gif", "application/gzip", "text/x-h", + "text/html", "text/html", "image/x-icon", "application/inf", "text/x-java-source", "image/jpeg", "image/jpeg", "image/jpeg", + "image/jpeg", "application/javascript", "application/json", "text/plain", "application/x-lzh", "application/x-lzh", "video/mpeg", + "video/mpeg", "video/mpeg", "audio/midi", "audio/midi", "video/quicktime", "audio/mpeg3", "video/mpeg", "video/mpeg", + "application/ogg", "application/pdf", "text-script.perl", "image/png", "application/mspowerpoint", "application/powerpoint", + "application/postscript", "text/x-script.python", "video/quicktime", "audio/x-realaudio", "application/rss+xml", "text/rtf", + "text/x-asm", "text/x-sgml", "text/x-sgml", "application/x-sh", "text/html", "application/x-shockwave-flash", "application/x-tar", + "application-xtcl", "text/plain", "application/x-compressed", "image/tiff", "image/tiff", "text/plain", "text/x-uuencode", + "text/x-uuencode", "audio/wav", "video/x-ms-wmv", "application/wordperfect", "application/wordperfect", "image/xbm", + "application/excel", "application/excel", "text/xml", "application/x-compressed", "application/zip" + }, *extensions[] = { + "" ".aif", ".aiff", ".au", ".avi", ".bmp", ".bz", ".bz2", ".c", ".class", ".conf", ".cpp", ".crt", ".css", ".csv", ".doc", + ".dot", ".flv", ".gif", ".gz", ".h", ".htm", ".html", ".ico", ".inf", ".java", ".jfif", ".jpe", ".jpeg", ".jpg", ".js", ".json", + ".lst", ".lzh", ".lzs", ".m1v", ".m2v", ".m4v", ".mid", ".midi", ".mov", ".mp3", ".mpeg", ".mpg", ".ogg", ".pdf", ".pl", + ".png", ".pps", ".ppt", ".ps", ".py", ".qt", ".ra", ".rss", ".rtf", ".s", ".sgm", ".smgl", ".sh", ".shtml", ".swf", ".tar", + ".tcl", ".text", ".tgz", ".tif", ".tiff", ".txt", ".uu", ".uue", ".wav", ".wmv", ".wp5", ".wp6", ".xbm", ".xl", ".xls", ".xml", + ".z", ".zip" + }; + + for (size_t i = 0; i < sizeof(types)/sizeof(chr_t *); i++) { + + st_wipe(content_type); + st_sprint(content_type, "Content-Type: %s\r\n", types[i]); + header_pl = pl_init(st_data_get(content_type), st_length_get(content_type)); + + if (!st_search_chr(NULLER(types[i]), '/', &delim_index)) { + + st_sprint(errmsg, "Failed to split mime type."); + return false; + } + + group_pl = pl_init(types[i], delim_index); + sub_pl = pl_init(types[i] + delim_index + 1, ns_length_get(types[i]) - delim_index); + + if (!(group = mail_mime_type_group(header_pl)) || !(sub = mail_mime_type_sub(header_pl)) || + st_cmp_cs_eq(&group_pl, &group) != 0 || st_cmp_cs_ends(&sub_pl, &sub) != 0) { + + st_sprint(errmsg, "Failed to return correct group/sub values from content type header. " \ + "{ header = %.*s , group = %.*s , sub = %.*s }", st_length_int(content_type), st_char_get(content_type), + st_length_int(group), st_char_get(group), st_length_int(sub), st_char_get(sub)); + st_cleanup(group, sub); + return false; + } + + if (!(media_type = mail_mime_get_media_type(extensions[i])) || media_type->name != types[i]) { + + st_sprint(errmsg, "Failed to return the correct media type object for an extension. { extension = %s , type = %s }", + extensions[i], types[i]); + st_cleanup(group, sub); + return false; + } + + st_cleanup(group, sub); + group = sub = NULL; + } + + return true; +} diff --git a/check/magma/servers/imap/imap_check.c b/check/magma/servers/imap/imap_check.c index a74b30d2..398216d8 100644 --- a/check/magma/servers/imap/imap_check.c +++ b/check/magma/servers/imap/imap_check.c @@ -86,6 +86,27 @@ START_TEST (check_imap_network_fetch_s) { } END_TEST +START_TEST (check_imap_network_starttls_ad_s) { + + log_disable(); + bool_t outcome = true; + stringer_t *errmsg = MANAGEDBUF(1024); + server_t *tcp_server = NULL, *tls_server = NULL; + + if (!(tcp_server = servers_get_by_protocol(IMAP, false)) || !(tls_server = servers_get_by_protocol(IMAP, true))) { + st_sprint(errmsg, "No IMAP servers were configured to support TCP connections."); + outcome = false; + } + else if (status() && !check_imap_network_starttls_ad_sthread(errmsg, tcp_server->network.port, + tls_server->network.port)) { + + outcome = false; + } + + log_test("IMAP / NETWORK / STARTTLS AD / SINGLE THREADED:", errmsg); + ck_assert_msg(outcome, st_char_get(errmsg)); +} + Suite * suite_check_imap(void) { Suite *s = suite_create("\tIMAP"); @@ -94,6 +115,7 @@ Suite * suite_check_imap(void) { suite_check_testcase(s, "IMAP", "IMAP Network Basic/ TLS/S", check_imap_network_basic_tls_s); suite_check_testcase(s, "IMAP", "IMAP Network Search/S", check_imap_network_search_s); suite_check_testcase(s, "IMAP", "IMAP Network Fetch/S", check_imap_network_fetch_s); + suite_check_testcase(s, "IMAP", "IMAP Network STARTTLS Ad/S", check_imap_network_starttls_ad_s); return s; } diff --git a/check/magma/servers/imap/imap_check.h b/check/magma/servers/imap/imap_check.h index 05e0bb29..961b3723 100644 --- a/check/magma/servers/imap/imap_check.h +++ b/check/magma/servers/imap/imap_check.h @@ -15,6 +15,7 @@ bool_t check_imap_client_close_logout(client_t *client, uint32_t tag_num, string bool_t check_imap_network_basic_sthread(stringer_t *errmsg, uint32_t port, bool_t secure); bool_t check_imap_network_search_sthread(stringer_t *errmsg, uint32_t port, bool_t secure); bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_t secure); +bool_t check_imap_network_starttls_ad_sthread(stringer_t *errmsg, uint32_t tcp_port, uint32_t tls_port); Suite * suite_check_imap(void); diff --git a/check/magma/servers/imap/imap_check_network.c b/check/magma/servers/imap/imap_check_network.c index 3c0cdd94..9a01ebcd 100644 --- a/check/magma/servers/imap/imap_check_network.c +++ b/check/magma/servers/imap/imap_check_network.c @@ -325,6 +325,7 @@ bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_ if (!(client = client_connect("localhost", port)) || (secure && (client_secure(client) == -1)) || !net_set_timeout(client->sockd, 20, 20) || client_read_line(client) <= 0 || (client->status != 1) || st_cmp_cs_starts(&(client->line), NULLER("* OK"))) { + st_sprint(errmsg, "Failed to connect with the IMAP server."); client_close(client); return false; @@ -346,6 +347,7 @@ bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_ if (!(tag = st_alloc(uint32_digits(tag_num) + 2)) || (st_sprint(tag, "A%u", tag_num) != uint32_digits(tag_num) + 1) || !(success = st_merge("sn", tag, " OK"))) { + st_sprint(errmsg, "Failed to construct the tag or success strings. { i = %d }", i); st_cleanup(tag, success); client_close(client); @@ -354,6 +356,7 @@ bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_ else if (client_print(client, "%s %s\r\n", st_char_get(tag), commands[i]) <= 0 || !check_imap_client_read_end(client, st_char_get(tag)) || client_status(client) != 1 || st_cmp_cs_starts(&(client->line), success)) { + st_sprint(errmsg, "Failed to return a successful status. { command = \"%s\" }", commands[i]); st_cleanup(tag, success); client_close(client); @@ -373,3 +376,24 @@ bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_ return true; } +bool_t check_imap_network_starttls_advertisement_sthread(stringer_t *errmsg, uint32_t tcp_port, uint32_t tls_port) { + + client_t *client = NULL; + + // Check the initial response. + if (!(client = client_connect("localhost", port)) || (secure && (client_secure(client) == -1)) || + !net_set_timeout(client->sockd, 20, 20) || client_read_line(client) <= 0 || (client->status != 1) || + st_cmp_cs_starts(&(client->line), NULLER("* OK"))) { + + st_sprint(errmsg, "Failed to connect with the IMAP server."); + client_close(client); + return false; + } + + // Check for STARTTLS in the capabilities when connected over TCP. + // Reconnect the client via TLS. + // Check for the absense of STARTTLS in the capabilities when connected over TLS. + + client_close(client); + return true; +} diff --git a/check/magma/servers/pop/pop_check.c b/check/magma/servers/pop/pop_check.c index b3b1c45e..6d5d5ea5 100644 --- a/check/magma/servers/pop/pop_check.c +++ b/check/magma/servers/pop/pop_check.c @@ -46,12 +46,32 @@ START_TEST (check_pop_network_basic_tls_s) { } END_TEST +START_TEST (check_pop_network_stls_advertisement_s) { + + log_disable(); + bool_t outcome = true; + stringer_t *errmsg = MANAGEDBUF(1024); + server_t *tcp_server = NULL, tls_server = NULL; + + if (status() && !(tls = servers_get_by_protocol(POP, false)) || !(tls_server = servers_get_by_protocol(POP, true))) { + st_sprint(errmsg, "No POP servers were configured to support TLS connections."); + outcome = false; + } + else if (status() && !check_pop_network_basic_sthread(errmsg, tcp_server->network.port, tls_server->network.port)) { + outcome = false; + } + + log_test("POP / NETWORK / STLS ADVERTISEMENT / SINGLE THREADED:", errmsg); + ck_assert_msg(outcome, st_char_get(errmsg)); +} + Suite * suite_check_pop(void) { Suite *s = suite_create("\tPOP"); suite_check_testcase(s, "POP", "POP Network Basic / TCP/S", check_pop_network_basic_tcp_s); suite_check_testcase(s, "POP", "POP Network Basic / TLS/S", check_pop_network_basic_tls_s); + suite_check_testcase(s, "POP", "POP Network STLS Advertisement/S", check_pop_network_stls_advertisement); return s; } diff --git a/check/magma/servers/pop/pop_check.h b/check/magma/servers/pop/pop_check.h index a5ea7d8c..51a1a12b 100644 --- a/check/magma/servers/pop/pop_check.h +++ b/check/magma/servers/pop/pop_check.h @@ -12,6 +12,7 @@ uint64_t check_pop_client_read_list(client_t *client, stringer_t *errmsg); bool_t check_pop_client_read_end(client_t *client, uint64_t* size, chr_t *token); bool_t check_pop_network_basic_sthread(stringer_t *errmsg, uint32_t port, bool_t secure); bool_t check_pop_client_auth(client_t *client, chr_t *user, chr_t *pass, stringer_t *errmsg); +bool_t check_pop_network_stls_ad(stringer_t *errmsg, uint32_t tcp_port, uint32_t tls_port); /// pop_check.c Suite * suite_check_pop(void); diff --git a/check/magma/servers/pop/pop_check_network.c b/check/magma/servers/pop/pop_check_network.c index 348e683d..b8f953fe 100644 --- a/check/magma/servers/pop/pop_check_network.c +++ b/check/magma/servers/pop/pop_check_network.c @@ -209,3 +209,20 @@ bool_t check_pop_network_basic_sthread(stringer_t *errmsg, uint32_t port, bool_t return true; } + +bool_t check_pop_network_stls_advertisement_sthread(stringer_t *errmsg, uint32_t tcp_port, uint32_t tls_port) { + + client_t *client = NULL; + + // Connect the client. + if (!(client = client_connect("localhost", port)) || (secure && (client_secure(client) == -1)) || + !net_set_timeout(client->sockd, 20, 20) || client_read_line(client) <= 0 || client_status(client) != 1 || + st_cmp_cs_starts(&(client->line), NULLER("+OK"))) { + + st_sprint(errmsg, "Failed to connect with the POP server."); + client_close(client); + return false; + } + + return true; +} diff --git a/check/magma/servers/smtp/checkers_check.c b/check/magma/servers/smtp/checkers_check.c index a031707a..37bc6e13 100644 --- a/check/magma/servers/smtp/checkers_check.c +++ b/check/magma/servers/smtp/checkers_check.c @@ -260,3 +260,9 @@ bool_t check_smtp_checkers_filters_sthread(stringer_t *errmsg, int_t action, int return true; } + +bool_t check_smtp_checkers_rbl_sthread(stringer_t *errmsg) { + + st_sprint(errmsg, "This test is a stub and needs implemented."); + return false; +} diff --git a/check/magma/servers/smtp/smtp_check.c b/check/magma/servers/smtp/smtp_check.c index b9b36c9e..a288c8fc 100644 --- a/check/magma/servers/smtp/smtp_check.c +++ b/check/magma/servers/smtp/smtp_check.c @@ -90,6 +90,19 @@ START_TEST (check_smtp_checkers_filters_s) { } END_TEST +START_TEST (check_smtp_checkers_rbl_s) { + + log_disable(); + bool_t outcome = true; + stringer_t *errmsg = MANAGEDBUF(1024); + + if (status()) outcome = check_smtp_checkers_rbl_sthread(errmsg); + + log_test("SMTP / CHECKERS / RBL / SINGLE THREADED:", errmsg); + ck_assert_msg(outcome, st_char_get(errmsg)); +} +END_TEST + START_TEST (check_smtp_network_auth_plain_s) { log_disable(); @@ -185,6 +198,7 @@ Suite * suite_check_smtp(void) { suite_check_testcase(s, "SMTP", "SMTP Accept Message/S", check_smtp_accept_store_message_s); suite_check_testcase(s, "SMTP", "SMTP Checkers Greylist/S", check_smtp_checkers_greylist_s); suite_check_testcase(s, "SMTP", "SMTP Checkers Filters/S", check_smtp_checkers_filters_s); + suite_check_testcase(s, "SMTP", "SMTP Checkers RBL", check_smtp_checkers_rbl_s); suite_check_testcase(s, "SMTP", "SMTP Network Basic/ TCP/S", check_smtp_network_basic_tcp_s); suite_check_testcase(s, "SMTP", "SMTP Network Basic/ TLS/S", check_smtp_network_basic_tls_s); suite_check_testcase(s, "SMTP", "SMTP Network Auth Plain/S", check_smtp_network_auth_plain_s); diff --git a/check/magma/servers/smtp/smtp_check.h b/check/magma/servers/smtp/smtp_check.h index 440d21db..442bd6f2 100644 --- a/check/magma/servers/smtp/smtp_check.h +++ b/check/magma/servers/smtp/smtp_check.h @@ -14,6 +14,7 @@ bool_t check_smtp_accept_message_sthread(stringer_t *errmsg); bool_t check_smtp_checkers_greylist_sthread(stringer_t *errmsg); bool_t check_smtp_checkers_regex_sthread(stringer_t *errmsg); bool_t check_smtp_checkers_filters_sthread(stringer_t *errmsg, int_t action, int_t expected); +bool_t check_smtp_checkers_rbl_sthread(stringer_t *errmsg); /// smtp_check_network.c bool_t check_smtp_client_read_end(client_t *client); diff --git a/check/magma/servers/smtp/smtp_check_network.c b/check/magma/servers/smtp/smtp_check_network.c index b5d01eec..071176de 100644 --- a/check/magma/servers/smtp/smtp_check_network.c +++ b/check/magma/servers/smtp/smtp_check_network.c @@ -251,11 +251,11 @@ bool_t check_smtp_network_auth_sthread(stringer_t *errmsg, uint32_t port, bool_t return false; } // Try sending mail from an unauthenticated account (ladar@lavabit.com). - else if ((errmsg = NULL) || !check_smtp_client_mail_rcpt_data(client, "ladar@lavabit.com", "princess@example.com", errmsg) || + else if (!check_smtp_client_mail_rcpt_data(client, "ladar@lavabit.com", "princess@example.com", errmsg) || client_print(client, ".\r\n") != 3 || !check_smtp_client_read_end(client) || client_status(client) != 1 || st_cmp_cs_starts(&(client->line), NULLER("550"))) { - if (!errmsg) st_sprint(errmsg, "Failed to return an error status after sending from an unauthenticated account."); + if (st_empty(errmsg)) st_sprint(errmsg, "Failed to return an error status after sending from an unauthenticated account."); client_close(client); return false; } diff --git a/sandbox/etc/magma.sandbox.config b/sandbox/etc/magma.sandbox.config index 6784aac4..ce4cb820 100755 --- a/sandbox/etc/magma.sandbox.config +++ b/sandbox/etc/magma.sandbox.config @@ -73,7 +73,7 @@ magma.web.portal.safeguard = false magma.relay.timeout = 60 magma.relay[1].name = localhost -magma.relay[1].port = 7000 +magma.relay[1].port = 25 magma.servers[1].name = Lavabit Molten magma.servers[1].domain = lavabit.com diff --git a/src/core/host/ip.c b/src/core/host/ip.c index 29a7871e..4d5ca964 100644 --- a/src/core/host/ip.c +++ b/src/core/host/ip.c @@ -509,10 +509,10 @@ bool_t ip_addr_st(chr_t *ipstr, ip_t *out) { size_t i; struct in_addr in4; struct in6_addr in6; - sa_family_t class = -1; + sa_family_t class = 0; // Delimiter of '.' indicates IPv4 address; ':' for IPv6 - for (i = 0; i < ns_length_get(ipstr) && class == -1; i++) { + for (i = 0; i < ns_length_get(ipstr) && class == 0; i++) { if (ipstr[i] == '.') { class = AF_INET; diff --git a/src/core/parsers/token.c b/src/core/parsers/token.c index 7d6f8906..00dcacbb 100644 --- a/src/core/parsers/token.c +++ b/src/core/parsers/token.c @@ -19,7 +19,7 @@ uint64_t tok_get_count_bl(void *block, size_t length, char token) { uint64_t count = 1; #ifdef MAGMA_PEDANTIC - if (!block) log_pedantic("Attempted a token count on a NULL string bugger."); + if (!block) log_pedantic("Attempted a token count on a NULL string buffer."); else if (!length) log_pedantic("Attempted a token count on an empty string."); #endif |