diff options
Diffstat (limited to 'testing/fulltests')
173 files changed, 10219 insertions, 0 deletions
diff --git a/testing/fulltests/default/Sv1config b/testing/fulltests/default/Sv1config new file mode 100644 index 0000000..f3c045b --- /dev/null +++ b/testing/fulltests/default/Sv1config @@ -0,0 +1,4 @@ +#!/bin/sh + +snmp_version=v1 +. ./Svanyconfig diff --git a/testing/fulltests/default/Sv2cconfig b/testing/fulltests/default/Sv2cconfig new file mode 100644 index 0000000..375e087 --- /dev/null +++ b/testing/fulltests/default/Sv2cconfig @@ -0,0 +1,4 @@ +#!/bin/sh + +snmp_version=v2c +. ./Svanyconfig diff --git a/testing/fulltests/default/Sv3config b/testing/fulltests/default/Sv3config new file mode 100644 index 0000000..55df5b4 --- /dev/null +++ b/testing/fulltests/default/Sv3config @@ -0,0 +1,46 @@ +#!/bin/sh + +SKIPIFNOT NETSNMP_SECMOD_USM + +[ "x$SNMP_SMUX_SOCKET" = "x" ] && SNMP_SMUX_SOCKET=1.0.0.0 + +CONFIGAGENT [snmp] persistentdir $SNMP_TMP_PERSISTENTDIR +CONFIGAGENT smuxsocket $SNMP_SMUX_SOCKET + +# XXX: auto-switch to a supported protocol instead. +if test "x$DEFAUTHTYPE" = "x"; then + if grep '^#define NETSNMP_USE_OPENSSL 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null ; then + DEFAUTHTYPE="SHA" + else + DEFAUTHTYPE="MD5" + fi +fi + +if test "x$DEFPRIVTYPE" = "x"; then + # XXX: HAVE_AES depends on cpp logic, so we need to test for lower-level stuff + if grep '^#define NETSNMP_USE_OPENSSL 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null ; then + if grep '^#define HAVE_OPENSSL_AES_H 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null ; then + if grep '^#define HAVE_AES_CFB128_ENCRYPT 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null ; then + DEFPRIVTYPE="AES" + else + DEFPRIVTYPE="DES" + fi + else + DEFPRIVTYPE="DES" + fi + else + DEFPRIVTYPE="" + fi +fi + +CONFIGAGENT createUser initial $DEFAUTHTYPE initial_test_pass_auth $DEFPRIVTYPE +CONFIGAGENT createUser template $DEFAUTHTYPE template_test_pass_auth $DEFPRIVTYPE +CONFIGAGENT rwuser initial noauth +CONFIGAGENT rwuser newtestuser + +NOAUTHTESTARGS="-l nanp -u initial -v 3" +AUTHTESTARGS="-l anp -u initial -v 3 -a $DEFAUTHTYPE -A initial_test_pass_auth" +PRIVTESTARGS="-l ap -u initial -v 3 -a $DEFAUTHTYPE -A initial_test_pass_auth -x $DEFPRIVTYPE -X initial_test_pass_auth" + +AUTHNOPASSTESTARGS="-l anp -u initial -v 3 -a $DEFAUTHTYPE" +PRIVNOPASSTESTARGS="-l ap -u initial -v 3 -a $DEFAUTHTYPE -x $DEFPRIVTYPE" diff --git a/testing/fulltests/default/Sv3usmconfigagent b/testing/fulltests/default/Sv3usmconfigagent new file mode 100644 index 0000000..72aaffa --- /dev/null +++ b/testing/fulltests/default/Sv3usmconfigagent @@ -0,0 +1,23 @@ +#!/bin/sh +# +# SNMPv3 USM config for snmpd +# + +## common SNMPv3 USM config +. ./Sv3usmconfigbase + +## standard config +CONFIGAGENT [snmp] persistentdir $SNMP_TMP_PERSISTENTDIR +[ "x$SNMP_SMUX_SOCKET" = "x" ] && SNMP_SMUX_SOCKET=1.0.0.0 +CONFIGAGENT smuxsocket $SNMP_SMUX_SOCKET +[ "x$CREATEAUTHUSER" != "x" ] && CONFIGAGENT $CREATEAUTHUSER +[ "x$CREATEAUTHUSER2" != "x" ] && CONFIGAGENT $CREATEAUTHUSER2 +[ "x$CREATEPRIVUSER" != "x" ] && CONFIGAGENT $CREATEPRIVUSER +[ "x$CREATEPRIVUSER2" != "x" ] && CONFIGAGENT $CREATEPRIVUSER2 +CONFIGAGENT rwuser $TESTAUTHUSER auth +CONFIGAGENT rwuser $TESTPRIVUSER priv + +CONFIGAGENT_ENGINEID() { + AGENT_ENGINEID=0x80001f88801ff4905ea7804943 + CONFIGAGENT oldEngineID $AGENT_ENGINEID +} diff --git a/testing/fulltests/default/Sv3usmconfigbase b/testing/fulltests/default/Sv3usmconfigbase new file mode 100644 index 0000000..d2fb981 --- /dev/null +++ b/testing/fulltests/default/Sv3usmconfigbase @@ -0,0 +1,100 @@ +#!/bin/sh +# +# SNMPv3 base config +# +# Input+Output variables: +# DEFSECURITYLEVEL noAuthNoPriv|authNoPriv|authPriv +# DEFAUTHTYPE MD5|SHA +# DEFPRIVTYPE DES|AES +# TESTNOAUTHUSER <myuser> +# TEST(AUTH|PRIV)USER[2] <myuser> +# TEST(AUTH|PRIV)PASS[2] <mypass> +# +# Input variables: +# CREATEUSERENGINEID <engineid> +# +# Output variables: +# CREATEAUTHUSER[2] +# CREATEPRIVUSER[2] +# CREATENOAUTHUSER +# TESTNOAUTHARGS +# TESTAUTHARGS[NOPASS][2] +# TESTPRIVARGS[NOPASS][2] +# + +SKIPIFNOT NETSNMP_SECMOD_USM + +## Defaults +[ "x$DEFSECURITYLEVEL" = "x" ] && DEFSECURITYLEVEL=authPriv + +## auto-probe best auth type +if grep '^#define NETSNMP_USE_OPENSSL 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null ; then + MAXAUTHTYPE=SHA +elif grep '^#define NETSNMP_USE_INTERNAL_CRYPTO 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null ; then + MAXAUTHTYPE=SHA +else + # MD5 is always available internally + MAXAUTHTYPE=MD5 +fi + +## auto-probe best priv type +# XXX: HAVE_AES depends on cpp logic, so we need to test for lower-level stuff +if grep '^#define NETSNMP_USE_OPENSSL 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null; then + if grep '^#define HAVE_OPENSSL_AES_H 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null && \ + grep '^#define HAVE_AES_CFB128_ENCRYPT 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null ; then + MAXPRIVTYPE=AES + else + MAXPRIVTYPE=DES + fi +elif grep '^#define NETSNMP_USE_INTERNAL_CRYPTO 1' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h $SNMP_UPDIR/include/net-snmp/agent/mib_module_config.h > /dev/null; then + MAXPRIVTYPE=AES +else + MAXPRIVTYPE="" +fi + +CREATEUSERCMD="createUser" +[ "x$CREATEUSERENGINEID" != "x" ] && CREATEUSERCMD="$CREATEUSERCMD -e $CREATEUSERENGINEID" + +## auth setup +if [ "x$DEFSECURITYLEVEL" = "xauthPriv" -o "x$DEFSECURITYLEVEL" = "xauthNoPriv" ]; then + [ "x$MAXAUTHTYPE" = "x" ] && SKIP + [ "x$DEFAUTHTYPE" = "xSHA" -a "x$MAXAUTHTYPE" != "xSHA" ] && SKIP + [ "x$DEFAUTHTYPE" = "x" ] && DEFAUTHTYPE=$MAXAUTHTYPE + # user/pass setup (XXX: randomize) + [ "x$TESTAUTHUSER" = "x" ] && TESTAUTHUSER=initial_auth + [ "x$TESTAUTHUSER2" = "x" ] && TESTAUTHUSER2=template_auth + [ "x$TESTAUTHPASS" = "x" ] && TESTAUTHPASS=initial_test_pass_auth + [ "x$TESTAUTHPASS2" = "x" ] && TESTAUTHPASS2=template_test_pass_auth + CREATEAUTHUSER="$CREATEUSERCMD $TESTAUTHUSER $DEFAUTHTYPE $TESTAUTHPASS" + CREATEAUTHUSER2="$CREATEUSERCMD $TESTAUTHUSER2 $DEFAUTHTYPE $TESTAUTHPASS2" + # command args + TESTAUTHARGSNOPASS="-v 3 -l anp -u $TESTAUTHUSER -a $DEFAUTHTYPE" + TESTAUTHARGSNOPASS2="-v 3 -l anp -u $TESTAUTHUSER2 -a $DEFAUTHTYPE" + TESTAUTHARGS="$TESTAUTHARGSNOPASS -A $TESTAUTHPASS" + TESTAUTHARGS2="$TESTAUTHARGSNOPASS2 -A $TESTAUTHPASS2" +fi + +## priv setup +if [ "x$DEFSECURITYLEVEL" = "xauthPriv" ]; then + [ "x$MAXPRIVTYPE" = "x" ] && SKIP + [ "x$DEFPRIVTYPE" = "xAES" -a "x$MAXPRIVTYPE" != "xAES" ] && SKIP + [ "x$DEFPRIVTYPE" = "x" ] && DEFPRIVTYPE=$MAXPRIVTYPE + # user/pass setup (XXX: randomize) + [ "x$TESTPRIVUSER" = "x" ] && TESTPRIVUSER=initial_priv + [ "x$TESTPRIVUSER2" = "x" ] && TESTPRIVUSER2=template_priv + [ "x$TESTPRIVPASS" = "x" ] && TESTPRIVPASS=initial_test_pass_priv + [ "x$TESTPRIVPASS2" = "x" ] && TESTPRIVPASS2=template_test_pass_priv + CREATEPRIVUSER="$CREATEUSERCMD $TESTPRIVUSER $DEFAUTHTYPE $TESTAUTHPASS $DEFPRIVTYPE $TESTPRIVPASS" + CREATEPRIVUSER2="$CREATEUSERCMD $TESTPRIVUSER2 $DEFAUTHTYPE $TESTAUTHPASS2 $DEFPRIVTYPE $TESTPRIVPASS2" + # command args + TESTPRIVARGSNOPASS="-v 3 -l ap -u $TESTPRIVUSER -a $DEFAUTHTYPE -x $DEFPRIVTYPE" + TESTPRIVARGSNOPASS2="-v 3 -l ap -u $TESTPRIVUSER2 -a $DEFAUTHTYPE -x $DEFPRIVTYPE" + TESTPRIVARGS="$TESTPRIVARGSNOPASS -A $TESTAUTHPASS -X $TESTPRIVPASS" + TESTPRIVARGS2="$TESTPRIVARGSNOPASS2 -A $TESTAUTHPASS2 -X $TESTPRIVPASS2" +fi + +## noauth setup +[ "x$TESTNOAUTHUSER" = "x" ] && TESTNOAUTHUSER=initial +TESTNOAUTHARGS="-v 3 -l nanp -u $TESTNOAUTHUSER" +CREATENOAUTHUSER="$CREATEUSERCMD $TESTNOAUTHUSER" + diff --git a/testing/fulltests/default/Sv3usmconfigtrapd b/testing/fulltests/default/Sv3usmconfigtrapd new file mode 100644 index 0000000..4938959 --- /dev/null +++ b/testing/fulltests/default/Sv3usmconfigtrapd @@ -0,0 +1,19 @@ +#!/bin/sh +# +# SNMPv3 USM config for snmptrapd +# + +TRAPD_ENGINEID=0x80001f88802b3d0e06bbdf4e43 + +## common SNMPv3 USM config +. ./Sv3usmconfigbase + +## standard config +CONFIGTRAPD [snmp] persistentDir $SNMP_TMP_PERSISTENTDIR +CONFIGTRAPD oldEngineID $TRAPD_ENGINEID +[ "x$CREATENOAUTHUSER" != "x" ] && CONFIGTRAPD $CREATENOAUTHUSER +[ "x$CREATEAUTHUSER" != "x" ] && CONFIGTRAPD $CREATEAUTHUSER +[ "x$CREATEAUTHUSER2" != "x" ] && CONFIGTRAPD $CREATEAUTHUSER2 +[ "x$CREATEPRIVUSER" != "x" ] && CONFIGTRAPD $CREATEPRIVUSER +[ "x$CREATEPRIVUSER2" != "x" ] && CONFIGTRAPD $CREATEPRIVUSER2 + diff --git a/testing/fulltests/default/Sv3vacmconfig b/testing/fulltests/default/Sv3vacmconfig new file mode 100644 index 0000000..7c35e36 --- /dev/null +++ b/testing/fulltests/default/Sv3vacmconfig @@ -0,0 +1,29 @@ +#!/bin/sh + +# generically set up the user "initial1" and "initial2" for snmp v3 +# access to the agent. + +# Configuration: +#initial1 can access .1.3.6.1.2.1.1.1, deny others +#initial2 can access all except .1.3.6.1.2.1.1.1 + +# XXX: do autoselection of supported algorithms +SKIPIF NETSNMP_DISABLE_MD5 +SKIPIF NETSNMP_DISABLE_DES +SKIPIFNOT NETSNMP_SECMOD_USM + +CONFIGAGENT [snmp] persistentdir $SNMP_TMP_PERSISTENTDIR + +CONFIGAGENT createUser initial1 MD5 initial_test_pass_auth DES +CONFIGAGENT createUser initial2 MD5 initial_test_pass_auth DES + + +CONFIGAGENT group testcommunitygroup1 usm initial1 +CONFIGAGENT group testcommunitygroup2 usm initial2 + +CONFIGAGENT view system1 included .1.3.6.1.2.1.1.1 +CONFIGAGENT view system2 included .1 +CONFIGAGENT view system2 excluded .1.3.6.1.2.1.1.1 +CONFIGAGENT 'access testcommunitygroup1 "" any auth exact system1 none none' +CONFIGAGENT 'access testcommunitygroup2 "" any auth exact system2 none none' + diff --git a/testing/fulltests/default/Svacmconfig b/testing/fulltests/default/Svacmconfig new file mode 100644 index 0000000..d9d862d --- /dev/null +++ b/testing/fulltests/default/Svacmconfig @@ -0,0 +1,40 @@ +#!/bin/sh + +# standard V1 configuration: testcommunity1 testcommunity2 +# testcommunity1 can access .1.3.6.1.2.1.1.1, others are denied +# generically set up the community "testcommunity1 and testcommunity2" for various snmp +# version access to the agent. + +if [ "x$snmp_version" = "x" ]; then + snmp_version="any" +fi + +CONFIGAGENT [snmp] persistentdir $SNMP_TMP_PERSISTENTDIR + +CONFIGAGENT rocommunity testrocommunity 127.0.0.1 .1.3.6.1.2.1.1.5.0 +CONFIGAGENT rwcommunity testrwcommunity 127.0.0.1 .1.3.6.1.2.1.1.5.0 + +CONFIGAGENT com2sec testcommunitysec1 default testcommunity1 +CONFIGAGENT com2sec testcommunitysec2 default testcommunity2 + +if [ "$SNMP_TRANSPORT_SPEC" = "udp6" -o "$SNMP_TRANSPORT_SPEC" = "tcp6" ];then +CONFIGAGENT rocommunity6 testrocommunity ::1 .1.3.6.1.2.1.1.5.0 +CONFIGAGENT rwcommunity6 testrwcommunity ::1 .1.3.6.1.2.1.1.5.0 +CONFIGAGENT com2sec6 testcommunitysec1 default testcommunity1 +CONFIGAGENT com2sec6 testcommunitysec2 default testcommunity2 +fi + +if [ "$SNMP_TRANSPORT_SPEC" = "unix" ];then +CONFIGAGENT com2secunix testcommunitysec1 testcommunity1 +CONFIGAGENT com2secunix testcommunitysec2 testcommunity2 +fi + +CONFIGAGENT group testcommunitygroup1 $snmp_version testcommunitysec1 +CONFIGAGENT group testcommunitygroup2 $snmp_version testcommunitysec2 + +CONFIGAGENT view system1 included .1.3.6.1.2.1.1.1 +CONFIGAGENT view system2 included .1 +CONFIGAGENT view system2 excluded .1.3.6.1.2.1.1.1 +CONFIGAGENT 'access testcommunitygroup1 "" any noauth exact system1 none none' +CONFIGAGENT 'access testcommunitygroup2 "" any noauth exact system2 none none' + diff --git a/testing/fulltests/default/Svanyconfig b/testing/fulltests/default/Svanyconfig new file mode 100644 index 0000000..8cb53dc --- /dev/null +++ b/testing/fulltests/default/Svanyconfig @@ -0,0 +1,29 @@ +#!/bin/sh + +# generically set up the community "testcommunity" for various snmp +# version access to the agent. + +if [ "x$snmp_version" = "x" ]; then + snmp_version="any" +fi +if [ "x$snmp_write_access" = "x" ]; then + snmp_write_access="none" +fi + +[ "x$SNMP_SMUX_SOCKET" = "x" ] && SNMP_SMUX_SOCKET=1.0.0.0 + +CONFIGAGENT [snmp] persistentdir $SNMP_TMP_PERSISTENTDIR +CONFIGAGENT smuxsocket $SNMP_SMUX_SOCKET + +CONFIGAGENT com2sec testcommunitysec default testcommunity +if [ "$SNMP_TRANSPORT_SPEC" = "udp6" -o "$SNMP_TRANSPORT_SPEC" = "tcp6" ];then + CONFIGAGENT com2sec6 testcommunitysec default testcommunity +fi + +if [ "$SNMP_TRANSPORT_SPEC" = "unix" ];then + CONFIGAGENT com2secunix testcommunitysec testcommunity +fi + +CONFIGAGENT group testcommunitygroup $snmp_version testcommunitysec +CONFIGAGENT view all included .1 80 +CONFIGAGENT "access testcommunitygroup '' any noauth exact all $snmp_write_access none" diff --git a/testing/fulltests/default/T000configure_simple b/testing/fulltests/default/T000configure_simple new file mode 100644 index 0000000..2e2b4ef --- /dev/null +++ b/testing/fulltests/default/T000configure_simple @@ -0,0 +1,22 @@ +#!/bin/sh + +if test -f ../support/simple_eval_tools.sh ; then + . ../support/simple_eval_tools.sh + versionfile=$SNMP_BASEDIR/../../../dist/autoconf-version + configurefile=$SNMP_BASEDIR/../../../configure +else + . ../eval_tools.sh + versionfile=$SNMP_BASEDIR/../dist/autoconf-version + configurefile=$SNMP_BASEDIR/../configure +fi + +HEADER Checking the Net-SNMP configure script validity + +VERSIONNEEDED=`cat $versionfile` + +CHECKORDIE "^# Generated by GNU Autoconf $VERSIONNEEDED for Net-SNMP " \ + "$configurefile" +SAVE_RESULTS + +echo "bogus" > $SNMP_TMPDIR/foo.pid +FINISHED diff --git a/testing/fulltests/default/T001snmpv1get_simple b/testing/fulltests/default/T001snmpv1get_simple new file mode 100644 index 0000000..07d3847 --- /dev/null +++ b/testing/fulltests/default/T001snmpv1get_simple @@ -0,0 +1,37 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv1 support + +SKIPIF NETSNMP_DISABLE_SNMPV1 +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V1 configuration: testcomunnity +. ./Sv1config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +CAPTURE "snmpgetnext -On $SNMP_FLAGS -c testcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3" + +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.1" + +CHECKORDIE "Error in packet" + +CAPTURE "snmpget -On $SNMP_FLAGS -c notavalidcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +CHECKORDIE "Timeout" + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T0141snmpv2cset_simple b/testing/fulltests/default/T0141snmpv2cset_simple new file mode 100644 index 0000000..18d9bae --- /dev/null +++ b/testing/fulltests/default/T0141snmpv2cset_simple @@ -0,0 +1,35 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2c set of system.sysContact.0 + +SKIPIF NETSNMP_DISABLE_SET_SUPPORT +SKIPIF NETSNMP_NO_WRITE_SUPPORT +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V2C configuration: testcomunnity +snmp_write_access='all' +. ./Sv2cconfig +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + +CHECK ".1.3.6.1.2.1.1.4.0 = STRING:" + +CAPTURE "snmpset -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 s foobartestingbaz" + +CHECK ".1.3.6.1.2.1.1.4.0 = STRING:" + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + +CHECK "STRING: foobartestingbaz" + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T014snmpv2cget_simple b/testing/fulltests/default/T014snmpv2cget_simple new file mode 100644 index 0000000..43dffd5 --- /dev/null +++ b/testing/fulltests/default/T014snmpv2cget_simple @@ -0,0 +1,24 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2c get of system.sysUpTime.0 + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V2C configuration: testcomunnity +. ./Sv2cconfig +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T015snmpv2cgetnext_simple b/testing/fulltests/default/T015snmpv2cgetnext_simple new file mode 100644 index 0000000..7c6eaa9 --- /dev/null +++ b/testing/fulltests/default/T015snmpv2cgetnext_simple @@ -0,0 +1,25 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2c getnext of system.sysUpTime + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V2C configuration: testcomunnity +. ./Sv2cconfig + +STARTAGENT + +CAPTURE "snmpgetnext -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T0160snmpv2cbulkget_simple b/testing/fulltests/default/T0160snmpv2cbulkget_simple new file mode 100755 index 0000000..38ec3b3 --- /dev/null +++ b/testing/fulltests/default/T0160snmpv2cbulkget_simple @@ -0,0 +1,31 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2c bulkget of system components + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V2 configuration: testcomunnity +. ./Sv2cconfig + +STARTAGENT + +CAPTURE "snmpbulkget $SNMP_FLAGS -v2c -On -Cn1 -Cr2 -c testcommunity $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4 .1.3.6.1.2.1.1" + +STOPAGENT + +CHECKORDIE ".1.3.6.1.2.1.1.4.0 = STRING:" +CHECKORDIE ".1.3.6.1.2.1.1.1.0 = STRING:" +CHECKORDIE ".1.3.6.1.2.1.1.2.0 = OID:" + +CHECKCOUNT 0 ".1.3.6.1.2.1.1.3.0" + +CHECKCOUNT 0 ".1.3.6.1.2.1.1.5.0" + +FINISHED diff --git a/testing/fulltests/default/T016snmpv2cgetfail_simple b/testing/fulltests/default/T016snmpv2cgetfail_simple new file mode 100644 index 0000000..1cd0e94 --- /dev/null +++ b/testing/fulltests/default/T016snmpv2cgetfail_simple @@ -0,0 +1,30 @@ +#!/bin/sh + +# +# test snmpv2c get support by reading a variable +# + +. ../support/simple_eval_tools.sh + +HEADER for failure of SNMPv2c get with wrong community + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE +SKIPIFNOT USING_MIBII_VACM_CONF_MODULE + +# +# Begin test +# + +# standard V2C configuration: testcomunnity +. ./Sv2cconfig + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c notavalidcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK "Timeout" + +FINISHED diff --git a/testing/fulltests/default/T017snmpv2ctov1getfail_simple b/testing/fulltests/default/T017snmpv2ctov1getfail_simple new file mode 100644 index 0000000..4c812c0 --- /dev/null +++ b/testing/fulltests/default/T017snmpv2ctov1getfail_simple @@ -0,0 +1,30 @@ +#!/bin/sh + +# +# test snmpv2c get support by reading a variable +# + +. ../support/simple_eval_tools.sh + +HEADER for failure of SNMPv2c get against SNMPv1 agent + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIF NETSNMP_DISABLE_SNMPV1 +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V2C configuration: testcomunnity +. ./Sv1config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c notavalidcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK "Timeout" + +FINISHED diff --git a/testing/fulltests/default/T018snmpv1tov2cgetfail_simple b/testing/fulltests/default/T018snmpv1tov2cgetfail_simple new file mode 100644 index 0000000..d9b8b6a --- /dev/null +++ b/testing/fulltests/default/T018snmpv1tov2cgetfail_simple @@ -0,0 +1,26 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER for failure of SNMPv1 get against SNMPv2c agent + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIF NETSNMP_DISABLE_SNMPV1 +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V2C configuration: testcomunnity +. ./Sv2cconfig + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c notavalidcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK "Timeout" + +FINISHED diff --git a/testing/fulltests/default/T019snmpv2cnosuch_simple b/testing/fulltests/default/T019snmpv2cnosuch_simple new file mode 100644 index 0000000..78a0bb1 --- /dev/null +++ b/testing/fulltests/default/T019snmpv2cnosuch_simple @@ -0,0 +1,25 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2c get of system.sysUpTime.1 + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V2C configuration: testcomunnity +. ./Sv2cconfig + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.1" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.1 = No Such Instance" + +FINISHED diff --git a/testing/fulltests/default/T020snmpv3get_simple b/testing/fulltests/default/T020snmpv3get_simple new file mode 100644 index 0000000..20b59e4 --- /dev/null +++ b/testing/fulltests/default/T020snmpv3get_simple @@ -0,0 +1,24 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 get using noAuthNoPriv of .1.3.6.1.2.1.1.3.0 + +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# configure the agent to accept user initial with noAuthNoPriv +. ./Sv3config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS $NOAUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T021snmpv3getnext_simple b/testing/fulltests/default/T021snmpv3getnext_simple new file mode 100755 index 0000000..54c82d3 --- /dev/null +++ b/testing/fulltests/default/T021snmpv3getnext_simple @@ -0,0 +1,24 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 getnext using initial of .1.3.6.1.2.1.1.3 + +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# configure the agent to accept user initial with noAuthNoPriv +. ./Sv3config + +STARTAGENT + +CAPTURE "snmpgetnext -On $SNMP_FLAGS $NOAUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T0220snmpv3bulkget_simple b/testing/fulltests/default/T0220snmpv3bulkget_simple new file mode 100755 index 0000000..7eddccf --- /dev/null +++ b/testing/fulltests/default/T0220snmpv3bulkget_simple @@ -0,0 +1,30 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 bulkget of system + +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V3 configuration: +. ./Sv3config + +STARTAGENT + +CAPTURE "snmpbulkget $SNMP_FLAGS -On -Cn1 -Cr2 $NOAUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4 .1.3.6.1.2.1.1" + +STOPAGENT + +CHECKORDIE ".1.3.6.1.2.1.1.4.0 = STRING:" +CHECKORDIE ".1.3.6.1.2.1.1.1.0 = STRING:" +CHECKORDIE ".1.3.6.1.2.1.1.2.0 = OID:" + +CHECKCOUNT 0 ".1.3.6.1.2.1.1.3.0" + +CHECKCOUNT 0 ".1.3.6.1.2.1.1.5.0" + +FINISHED diff --git a/testing/fulltests/default/T022snmpv3getMD5_simple b/testing/fulltests/default/T022snmpv3getMD5_simple new file mode 100755 index 0000000..eed4292 --- /dev/null +++ b/testing/fulltests/default/T022snmpv3getMD5_simple @@ -0,0 +1,25 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 get using MD5/noPriv of .1.3.6.1.2.1.1.3.0 + +SKIPIF NETSNMP_DISABLE_MD5 + +# +# Begin test +# + +# standard V3 configuration for initial user +DEFAUTHTYPE="MD5" +. ./Sv3config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T023snmpv3getMD5AES_simple b/testing/fulltests/default/T023snmpv3getMD5AES_simple new file mode 100644 index 0000000..985b2a4 --- /dev/null +++ b/testing/fulltests/default/T023snmpv3getMD5AES_simple @@ -0,0 +1,29 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 get using MD5/AES of .1.3.6.1.2.1.1.3.0 + +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV +SKIPIFNOT HAVE_AES_CFB128_ENCRYPT +SKIPIF NETSNMP_DISABLE_MD5 + +# +# Begin test +# + +# standard V3 configuration for initial user +DEFAUTHTYPE=MD5 +DEFPRIVTYPE=AES +. ./Sv3config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS $PRIVTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T023snmpv3getMD5DES_simple b/testing/fulltests/default/T023snmpv3getMD5DES_simple new file mode 100755 index 0000000..000478a --- /dev/null +++ b/testing/fulltests/default/T023snmpv3getMD5DES_simple @@ -0,0 +1,28 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 get using MD5/DES of .1.3.6.1.2.1.1.3.0 + +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV +SKIPIF NETSNMP_DISABLE_MD5 + +# +# Begin test +# + +# standard V3 configuration for initial user +DEFAUTHTYPE=MD5 +DEFPRIVTYPE=DES +. ./Sv3config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS $PRIVTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T024snmpv3getSHA1_simple b/testing/fulltests/default/T024snmpv3getSHA1_simple new file mode 100755 index 0000000..80b7f4f --- /dev/null +++ b/testing/fulltests/default/T024snmpv3getSHA1_simple @@ -0,0 +1,25 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 get using SHA/noPriv of .1.3.6.1.2.1.1.3.0 + +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO + +# +# Begin test +# + +# standard V3 configuration for templateSHA user +DEFAUTHTYPE="SHA" +. ./Sv3config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T025snmpv3getSHADES_simple b/testing/fulltests/default/T025snmpv3getSHADES_simple new file mode 100755 index 0000000..d01a4ef --- /dev/null +++ b/testing/fulltests/default/T025snmpv3getSHADES_simple @@ -0,0 +1,29 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 get using SHA/DES of .1.3.6.1.2.1.1.3.0 + +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV +SKIPIF NETSNMP_DISABLE_DES + +# +# Begin test +# + +# standard V3 configuration for templateSHA user +DEFAUTHTYPE="SHA" +DEFPRIVTYPE="DES" +. ./Sv3config + +AGENT_FLAGS="$AGENT_FLAGS -I-winExtDLL" +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS $PRIVTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T026snmpv3getSHAAES_simple b/testing/fulltests/default/T026snmpv3getSHAAES_simple new file mode 100644 index 0000000..561cdab --- /dev/null +++ b/testing/fulltests/default/T026snmpv3getSHAAES_simple @@ -0,0 +1,29 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 get using SHA/AES of .1.3.6.1.2.1.1.3.0 + +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV +SKIPIFNOT HAVE_AES_CFB128_ENCRYPT + +# +# Begin test +# + +# standard V3 configuration for templateSHA user +DEFPRIVTYPE="AES" +DEFAUTHTYPE="SHA" +. ./Sv3config + +AGENT_FLAGS="$AGENT_FLAGS -I-winExtDLL" +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS $PRIVTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T027snmpv3Defaults_simple b/testing/fulltests/default/T027snmpv3Defaults_simple new file mode 100644 index 0000000..ea42f47 --- /dev/null +++ b/testing/fulltests/default/T027snmpv3Defaults_simple @@ -0,0 +1,38 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 get using default config of .1.3.6.1.2.1.1.3.0 + +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV +SKIPIFNOT HAVE_AES_CFB128_ENCRYPT + +# +# Begin test +# + +# standard V3 configuration for templateSHA user +DEFPRIVTYPE="AES" +DEFAUTHTYPE="SHA" +. ./Sv3config + +STARTAGENT + +CONFIGAPP defPrivType AES +CONFIGAPP defAuthType SHA +CONFIGAPP defContext \"\" +CONFIGAPP defAuthPassPhrase initial_test_pass_auth +CONFIGAPP defPrivPassPhrase initial_test_pass_auth +CONFIGAPP defSecurityLevel authPriv +CONFIGAPP defSecurityName initial + +# make sure that the above configuration tokens properly set things up so that +# no flags are needed +CAPTURE "snmpget -On $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/default/T028snmpv3getfail_simple b/testing/fulltests/default/T028snmpv3getfail_simple new file mode 100755 index 0000000..ada8a13 --- /dev/null +++ b/testing/fulltests/default/T028snmpv3getfail_simple @@ -0,0 +1,22 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER for failure of SNMPv3 get using unknown user. + +# +# Begin test +# + +# standard V3 configuration for initial user +. ./Sv3config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -v 3 -l nanp -u unknownuser $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK "Unknown user name" + +FINISHED diff --git a/testing/fulltests/default/T030snmpv3usercreation_simple b/testing/fulltests/default/T030snmpv3usercreation_simple new file mode 100644 index 0000000..28eaae8 --- /dev/null +++ b/testing/fulltests/default/T030snmpv3usercreation_simple @@ -0,0 +1,119 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 agent USM user management with snmpusm + +SKIPIF NETSNMP_DISABLE_SET_SUPPORT +SKIPIF NETSNMP_NO_WRITE_SUPPORT +SKIPIFNOT USING_SNMPV3_USMUSER_MODULE +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV + +# +# Begin test +# + +# standard SNMPv3 USM agent configuration +DEFSECURITYLEVEL=authPriv +. ./Sv3usmconfigagent + +# test user +NEWUSER=newtestuser +NEWAUTHPASS=newauthpass +NEWPRIVPASS=newprivpass +NEWAUTHPRIVPASS=newauthprivpass + +# configure agent +CONFIGAGENT rwuser $NEWUSER + +# Start the agent +STARTAGENT + +## usmUserTable management + +## 1) create, clone, test, delete + +# create new (vanilla) user +CAPTURE "snmpusm $SNMP_FLAGS $TESTPRIVARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT create $NEWUSER" +CHECKORDIE "User successfully created" + +# clone +CAPTURE "snmpusm $SNMP_FLAGS $TESTPRIVARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT cloneFrom $NEWUSER $TESTPRIVUSER" +CHECKORDIE "User successfully cloned" + +# test (authPriv) +CAPTURE "snmpget -On $SNMP_FLAGS -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -A $TESTAUTHPASS -x $DEFPRIVTYPE -X $TESTPRIVPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +# delete +CAPTURE "snmpusm $SNMP_FLAGS $TESTPRIVARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT delete $NEWUSER" +CHECKORDIE "User successfully deleted" + +## 2) create w/ clone, passwd (auth), passwd (priv), test (authPriv+authNoPriv) + +# create+clone template user +CAPTURE "snmpusm $SNMP_FLAGS $TESTPRIVARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT create $NEWUSER $TESTPRIVUSER2" +CHECKORDIE "User successfully created" + +# change auth passphrase of new user +CAPTURE "snmpusm $SNMP_FLAGS $TESTPRIVARGS -Ca $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT passwd $TESTAUTHPASS2 $NEWAUTHPASS $NEWUSER" +CHECKORDIE "SNMPv3 Key(s) successfully changed" + +# change priv passphrase of new user +CAPTURE "snmpusm $SNMP_FLAGS $TESTPRIVARGS -Cx $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT passwd $TESTPRIVPASS2 $NEWPRIVPASS $NEWUSER" +CHECKORDIE "SNMPv3 Key(s) successfully changed" + +# test (authNoPriv) +CAPTURE "snmpget -On $SNMP_FLAGS -v 3 -u $NEWUSER -l anp -a $DEFAUTHTYPE -A $NEWAUTHPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +# test (authPriv) +CAPTURE "snmpget -On $SNMP_FLAGS -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -A $NEWAUTHPASS -x $DEFPRIVTYPE -X $NEWPRIVPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +## 3) passwd (priv), passwd (auth+priv), test + +# change priv passphrase (to auth passphrase) by the user himself +CAPTURE "snmpusm $SNMP_FLAGS -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -A $NEWAUTHPASS -x $DEFPRIVTYPE -X $NEWPRIVPASS -Cx $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT passwd $NEWPRIVPASS $NEWAUTHPASS" +CHECKORDIE "SNMPv3 Key(s) successfully changed" + +# change both passphrases at once +CAPTURE "snmpusm $SNMP_FLAGS -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -A $NEWAUTHPASS -x $DEFPRIVTYPE -X $NEWAUTHPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT passwd $NEWAUTHPASS $NEWAUTHPRIVPASS" +CHECKORDIE "SNMPv3 Key(s) successfully changed" + +# test (authPriv) +CAPTURE "snmpget -On $SNMP_FLAGS -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -A $NEWAUTHPRIVPASS -x $DEFPRIVTYPE -X $NEWAUTHPRIVPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +## 5) persistency I: reconfigure (SIGHUP), re-test + +if ISDEFINED HAVE_SIGHUP; then + +HUPAGENT +DELAY + +# test (authPriv) +CAPTURE "snmpget -On $SNMP_FLAGS -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -A $NEWAUTHPRIVPASS -x $DEFPRIVTYPE -X $NEWAUTHPRIVPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +## 5) persistency II: stop, start, re-test + +STOPAGENT +DELAY +# make sure it picks up persistent config and uses a new logfile +SNMPCONFPATH="${SNMP_TMPDIR}${SNMP_ENV_SEPARATOR}${SNMP_TMP_PERSISTENTDIR}" +export SNMPCONFPATH +SNMP_CONFIG_FILE="does-not-exist" +SNMP_SNMPD_LOG_FILE=${SNMP_TMPDIR}/snmpd2.log +STARTAGENT + +# test (authPriv) +CAPTURE "snmpget -On $SNMP_FLAGS -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -A $NEWAUTHPRIVPASS -x $DEFPRIVTYPE -X $NEWAUTHPRIVPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +fi + +## stop agent and finish +STOPAGENT +FINISHED diff --git a/testing/fulltests/default/T035snmpv3trapdusermgmt_simple b/testing/fulltests/default/T035snmpv3trapdusermgmt_simple new file mode 100644 index 0000000..be7aab6 --- /dev/null +++ b/testing/fulltests/default/T035snmpv3trapdusermgmt_simple @@ -0,0 +1,126 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 snmptrapd USM user management with snmpusm + +SKIPIFNOT USING_AGENTX_MASTER_MODULE +SKIPIFNOT USING_AGENTX_SUBAGENT_MODULE +SKIPIFNOT USING_SNMPV3_USMUSER_MODULE +SKIPIF NETSNMP_SNMPTRAPD_DISABLE_AGENTX +SKIPIF NETSNMP_DISABLE_SET_SUPPORT +SKIPIF NETSNMP_NO_WRITE_SUPPORT +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV + +# +# Begin test +# + +# configure AgentX socket +if [ "x$SNMP_TRANSPORT_SPEC" = "xunix" ]; then + AGENT_FLAGS="$AGENT_FLAGS -x $SNMP_TMPDIR/agentx_socket" + TRAPD_FLAGS="$TRAPD_FLAGS -x $SNMP_TMPDIR/agentx_socket" +else + AGENT_FLAGS="$AGENT_FLAGS -x tcp:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT}" + TRAPD_FLAGS="$TRAPD_FLAGS -x tcp:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT}" +fi + +# standard SNMPv3 USM agent configuration +DEFSECURITYLEVEL=authPriv +. ./Sv3usmconfigagent + +# save agent access +AGENT_TESTAUTHARGS=$TESTAUTHARGS +AGENT_TESTPRIVARGS=$TESTPRIVARGS + +# configure agent as AgentX master +CONFIGAGENT master agentx + +# Start the master agent +STARTAGENT + +# standard SNMPv3 USM snmptrapd configuration +. ./Sv3usmconfigtrapd + +# configure snmptrapd +NEWAUTHKEY=0x7458ead7a0b5a753e21bfcb87f6c9803ebef68cf +NEWPRIVKEY=0x98e2696d1cf34d904dfcae76bf01c473 +NEWUSER=newtestuser +NEWAUTHPASS=newauthpass +NEWPRIVPASS=newprivpass +NEWUSER2=newtestuser_vanilla +CONFIGTRAPD authuser log $NEWUSER auth + +# start snmptrapd +STARTTRAPD + +# delay to let it connect and register all MIBs +DELAY + +## verify snmptrapd usmUserTable management + +SNMPUSM_TRAPD_CONTEXT_ARGS="-n snmptrapd -CE $TRAPD_ENGINEID" + +## 1) create, clone, passwd auth, passwd priv, test + +# create vanilla user +CAPTURE "snmpusm $SNMP_FLAGS $AGENT_TESTAUTHARGS $SNMPUSM_TRAPD_CONTEXT_ARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT create $NEWUSER2" +CHECKORDIE "User successfully created" + +# clone template user +CAPTURE "snmpusm $SNMP_FLAGS $AGENT_TESTAUTHARGS $SNMPUSM_TRAPD_CONTEXT_ARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT create $NEWUSER $TESTPRIVUSER" +CHECKORDIE "User successfully created" + +# change auth passphrase of new user +CAPTURE "snmpusm $SNMP_FLAGS $AGENT_TESTAUTHARGS $SNMPUSM_TRAPD_CONTEXT_ARGS -Ca $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT passwd $TESTAUTHPASS $NEWAUTHPASS $NEWUSER" +CHECKORDIE "SNMPv3 Key(s) successfully changed" + +# change priv passphrase of new user +CAPTURE "snmpusm $SNMP_FLAGS $AGENT_TESTPRIVARGS $SNMPUSM_TRAPD_CONTEXT_ARGS -Cx $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT passwd $TESTPRIVPASS $NEWPRIVPASS $NEWUSER" +CHECKORDIE "SNMPv3 Key(s) successfully changed" + +# test (anp) +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u $NEWUSER -l anp -a $DEFAUTHTYPE -A $NEWAUTHPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_inform_anp" +DELAY +CHECKTRAPDORDIE "received_inform_anp" + +# test (ap) +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -A $NEWAUTHPASS -x $DEFPRIVTYPE -X $NEWPRIVPASS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_inform_ap" +DELAY +CHECKTRAPDORDIE "received_inform_ap" + +## 2) change localized auth key, test, change localized priv key, test + +# change localized auth key +CAPTURE "snmpusm $SNMP_FLAGS $AGENT_TESTAUTHARGS $SNMPUSM_TRAPD_CONTEXT_ARGS -Ca -Ck $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT passwd $NEWAUTHPASS $NEWAUTHKEY $NEWUSER" +CHECKORDIE "SNMPv3 Key(s) successfully changed" + +# test (anp) +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u $NEWUSER -l anp -a $DEFAUTHTYPE -3k $NEWAUTHKEY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_inform_anp2" +DELAY +CHECKTRAPDORDIE "received_inform_anp2" + +# change localized priv key +CAPTURE "snmpusm $SNMP_FLAGS $AGENT_TESTPRIVARGS $SNMPUSM_TRAPD_CONTEXT_ARGS -Cx -Ck $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT passwd $NEWPRIVPASS $NEWPRIVKEY $NEWUSER" +CHECKORDIE "SNMPv3 Key(s) successfully changed" + +# test (ap) +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -3k $NEWAUTHKEY -x $DEFPRIVTYPE -3K $NEWPRIVKEY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_inform_ap2" +DELAY +CHECKTRAPDORDIE "received_inform_ap2" + +## 3) persistency I: reconfigure (SIGHUP), re-test + +# reconfigure snmptrapd +HUPTRAPD + +# test (ap) +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u $NEWUSER -l ap -a $DEFAUTHTYPE -3k $NEWAUTHKEY -x $DEFPRIVTYPE -3K $NEWPRIVKEY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_inform_ap3" +DELAY +CHECKTRAPDORDIE "received_inform_ap3" + +## stop daemons and finish +STOPTRAPD +STOPAGENT +FINISHED diff --git a/testing/fulltests/default/T049snmpv3inform_simple b/testing/fulltests/default/T049snmpv3inform_simple new file mode 100644 index 0000000..99cb5eb --- /dev/null +++ b/testing/fulltests/default/T049snmpv3inform_simple @@ -0,0 +1,27 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +SKIPIFNOT NETSNMP_SECMOD_USM + +DEFSECURITYLEVEL=noAuthNoPriv + +HEADER "SNMPv3 informs (noAuthNoPriv) received and sent by tools" + +# +# Begin test +# + +CONFIGTRAPD createUser testuser +CONFIGTRAPD authuser log testuser $DEFSECURITYLEVEL +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u testuser -l nanp $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_inform_$DEFSECURITYLEVEL" + +STOPTRAPD + +CHECKTRAPD "received_inform_$DEFSECURITYLEVEL" + +FINISHED diff --git a/testing/fulltests/default/T049snmpv3informauth_simple b/testing/fulltests/default/T049snmpv3informauth_simple new file mode 100644 index 0000000..0f18577 --- /dev/null +++ b/testing/fulltests/default/T049snmpv3informauth_simple @@ -0,0 +1,27 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +SKIPIFNOT NETSNMP_SECMOD_USM + +DEFSECURITYLEVEL=authNoPriv + +HEADER "SNMPv3 informs (authNoPriv) received and sent by tools" + +# +# Begin test +# + +. ./Sv3usmconfigtrapd +CONFIGTRAPD authuser log $TESTAUTHUSER $DEFSECURITYLEVEL +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d $TESTAUTHARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_inform_$DEFSECURITYLEVEL" + +STOPTRAPD + +CHECKTRAPD "received_inform_$DEFSECURITYLEVEL" + +FINISHED diff --git a/testing/fulltests/default/T049snmpv3informpriv_simple b/testing/fulltests/default/T049snmpv3informpriv_simple new file mode 100644 index 0000000..e8f47de --- /dev/null +++ b/testing/fulltests/default/T049snmpv3informpriv_simple @@ -0,0 +1,28 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +DEFSECURITYLEVEL=authPriv + +HEADER "SNMPv3 informs (authPriv) received and sent by tools" + +SKIPIFNOT NETSNMP_CAN_DO_CRYPTO +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV + +# +# Begin test +# + +. ./Sv3usmconfigtrapd +CONFIGTRAPD authuser log $TESTPRIVUSER $DEFSECURITYLEVEL +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d $TESTPRIVARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_inform_$DEFSECURITYLEVEL" + +STOPTRAPD + +CHECKTRAPD "received_inform_$DEFSECURITYLEVEL" + +FINISHED diff --git a/testing/fulltests/default/T050snmpv3trap_simple b/testing/fulltests/default/T050snmpv3trap_simple new file mode 100644 index 0000000..2b7a4a8 --- /dev/null +++ b/testing/fulltests/default/T050snmpv3trap_simple @@ -0,0 +1,36 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 traps received and sent by tools + +#SKIPIFNOT NETSNMP_USE_OPENSSL +SKIPIFNOT NETSNMP_ENABLE_SCAPI_AUTHPRIV + +# +# Begin test +# + +CREATEUSERENGINEID=0x80001f88802b3d0e06bbdf4321 +. ./Sv3usmconfigtrapd +CONFIGTRAPD authuser log $TESTNOAUTHUSER noAuthNoPriv +CONFIGTRAPD authuser log $TESTAUTHUSER authNoPriv +CONFIGTRAPD authuser log $TESTPRIVUSER authPriv +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +CAPTURE "snmptrap -d -e $CREATEUSERENGINEID $TESTNOAUTHARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_trap_nanp" +DELAY +CAPTURE "snmptrap -d -e $CREATEUSERENGINEID $TESTAUTHARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_trap_anp" +DELAY +CAPTURE "snmptrap -d -e $CREATEUSERENGINEID $TESTPRIVARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s received_trap_ap" +DELAY + +STOPTRAPD + +CHECKTRAPD "received_trap_nanp" +CHECKTRAPD "received_trap_anp" +CHECKTRAPD "received_trap_ap" + +FINISHED diff --git a/testing/fulltests/default/T051snmpv2ctrap_simple b/testing/fulltests/default/T051snmpv2ctrap_simple new file mode 100644 index 0000000..8e1be6b --- /dev/null +++ b/testing/fulltests/default/T051snmpv2ctrap_simple @@ -0,0 +1,27 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2c traps received and sent by tools + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_VACM_CONF_MODULE + +# +# Begin test +# + +CONFIGTRAPD authcommunity log testcommunity +CONFIGTRAPD agentxsocket /dev/null + +TRAPD_FLAGS="$TRAPD_FLAGS -On" + +STARTTRAPD + +CAPTURE "snmptrap -d -v 2c -c testcommunity $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s blah" + +STOPTRAPD + +CHECKTRAPD ".1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.6.3.1.1.5.1" + +FINISHED diff --git a/testing/fulltests/default/T052snmpv2cinform_simple b/testing/fulltests/default/T052snmpv2cinform_simple new file mode 100644 index 0000000..4208df8 --- /dev/null +++ b/testing/fulltests/default/T052snmpv2cinform_simple @@ -0,0 +1,25 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2c informs received and sent by tools + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_VACM_CONF_MODULE + +# +# Begin test +# + +CONFIGTRAPD authcommunity log testcommunity +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 2c -c testcommunity $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s blah" + +STOPTRAPD + +CHECKTRAPD "Received" + +FINISHED diff --git a/testing/fulltests/default/T053agentv1trap_simple b/testing/fulltests/default/T053agentv1trap_simple new file mode 100644 index 0000000..44b219e --- /dev/null +++ b/testing/fulltests/default/T053agentv1trap_simple @@ -0,0 +1,34 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER snmpv1 traps are sent by snmpd API + +SKIPIFNOT USING_EXAMPLES_EXAMPLE_MODULE +SKIPIFNOT HAVE_SIGHUP + +# +# Begin test +# + +# standard V1 configuration: testcomunnity +. ./Sv3config +CONFIGAGENT trapsink ${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${SNMP_SNMPTRAPD_PORT} public + +CONFIGTRAPD authcommunity log public +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +AGENT_FLAGS="$AGENT_FLAGS -Dexample,header_generic,add_trap" +STARTAGENT + +CAPTURE "snmpset -On $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.2021.254.7.0 i 1" + +STOPAGENT + +STOPTRAPD + +CHECKTRAPD "Enterprise Specific Trap (99)" + +FINISHED diff --git a/testing/fulltests/default/T054agentv2ctrap_simple b/testing/fulltests/default/T054agentv2ctrap_simple new file mode 100644 index 0000000..f5b6904 --- /dev/null +++ b/testing/fulltests/default/T054agentv2ctrap_simple @@ -0,0 +1,33 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER snmpv2c traps are sent by snmpd API + +SKIPIFNOT USING_EXAMPLES_EXAMPLE_MODULE + +# +# Begin test +# + +# standard V1 configuration: testcommunity +. ./Sv3config +CONFIGAGENT trap2sink ${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${SNMP_SNMPTRAPD_PORT} public +CONFIGTRAPD authcommunity log public +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +AGENT_FLAGS="$AGENT_FLAGS" +STARTAGENT + +#DELAY +CAPTURE "snmpset -On -t 3 -r 0 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.2021.254.8.0 i 1" + +STOPAGENT + +STOPTRAPD + +CHECKTRAPD "life the universe and everything" + +FINISHED diff --git a/testing/fulltests/default/T055agentv1mintrap_simple b/testing/fulltests/default/T055agentv1mintrap_simple new file mode 100644 index 0000000..4a1c0e1 --- /dev/null +++ b/testing/fulltests/default/T055agentv1mintrap_simple @@ -0,0 +1,33 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER snmpv1 traps are sent by snmpd without notification mib support + +SKIPIFNOT USING_EXAMPLES_EXAMPLE_MODULE + +# +# Begin test +# + +# standard V1 configuration: testcommunity +. ./Sv3config +CONFIGAGENT trapsink ${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${SNMP_SNMPTRAPD_PORT} public +CONFIGTRAPD authcommunity log public +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +# initialize only the example mib, and not the notification mib stuff +AGENT_FLAGS="$AGENT_FLAGS -Dexample,header_generic,add_trap,mib_init,callback -I example,usmUser,usmConf,vacm_vars" +STARTAGENT + +CAPTURE "snmpset -On $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.2021.254.7.0 i 1" + +STOPAGENT + +STOPTRAPD + +CHECKTRAPD "Enterprise Specific Trap (99)" + +FINISHED diff --git a/testing/fulltests/default/T056agentv2cmintrap_simple b/testing/fulltests/default/T056agentv2cmintrap_simple new file mode 100644 index 0000000..73c7a23 --- /dev/null +++ b/testing/fulltests/default/T056agentv2cmintrap_simple @@ -0,0 +1,34 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER snmpv2c traps are sent by snmpd without notification mib support + +SKIPIFNOT USING_EXAMPLES_EXAMPLE_MODULE + +# +# Begin test +# + +# standard V1 configuration: testcommunity +. ./Sv3config +CONFIGAGENT trap2sink ${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${SNMP_SNMPTRAPD_PORT} public +CONFIGTRAPD authcommunity log public +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +# initialize only the example mib, and not the notification mib stuff +AGENT_FLAGS="$AGENT_FLAGS -Dexample,header_generic,add_trap,mib_init,callback -I example,usmUser,usmConf,vacm_vars" +STARTAGENT + +#DELAY +CAPTURE "snmpset -On -t 3 -r 0 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.2021.254.8.0 i 1" + +STOPAGENT + +STOPTRAPD + +CHECKTRAPD "life the universe and everything" + +FINISHED diff --git a/testing/fulltests/default/T057trapdauthtest2_simple b/testing/fulltests/default/T057trapdauthtest2_simple new file mode 100644 index 0000000..6a43989 --- /dev/null +++ b/testing/fulltests/default/T057trapdauthtest2_simple @@ -0,0 +1,25 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +SKIPIFNOT NETSNMP_SECMOD_USM + +HEADER snmptrapd discards of unauthorized notification types + +# +# Begin test +# + +CONFIGTRAPD createUser testuser +CONFIGTRAPD authuser log testuser noAuthNoPriv .1.3.6.1.6.3.1.1.5.2 +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u testuser -l nanp $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 system.sysContact.0 s blah" + +STOPTRAPD + +CHECKTRAPDCOUNT 0 "coldStart" + +FINISHED diff --git a/testing/fulltests/default/T057trapdauthtest3_simple b/testing/fulltests/default/T057trapdauthtest3_simple new file mode 100644 index 0000000..078ef38 --- /dev/null +++ b/testing/fulltests/default/T057trapdauthtest3_simple @@ -0,0 +1,25 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +SKIPIFNOT NETSNMP_SECMOD_USM + +HEADER snmptrapd discards of incorrect view types + +# +# Begin test +# + +CONFIGTRAPD createUser testuser +CONFIGTRAPD authuser execute testuser noAuthNoPriv +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u testuser -l nanp $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 system.sysContact.0 s blah" + +STOPTRAPD + +CHECKTRAPDCOUNT 0 "coldStart" + +FINISHED diff --git a/testing/fulltests/default/T057trapdauthtest_simple b/testing/fulltests/default/T057trapdauthtest_simple new file mode 100644 index 0000000..4e2fc10 --- /dev/null +++ b/testing/fulltests/default/T057trapdauthtest_simple @@ -0,0 +1,25 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +SKIPIFNOT NETSNMP_SECMOD_USM + +HEADER snmptrapd authorization failure of non authorized users + +# +# Begin test +# + +CONFIGTRAPD createUser testuser +CONFIGTRAPD authuser log testuser noAuthNoPriv +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -v 3 -u nottestuser -l nanp $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 system.sysContact.0 s blah" + +STOPTRAPD + +CHECKTRAPDCOUNT 0 "coldStart" + +FINISHED diff --git a/testing/fulltests/default/T058agentauthtrap_simple b/testing/fulltests/default/T058agentauthtrap_simple new file mode 100644 index 0000000..aa63639 --- /dev/null +++ b/testing/fulltests/default/T058agentauthtrap_simple @@ -0,0 +1,36 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER authentication failure traps are sent by snmpd + +SKIPIF NETSNMP_DISABLE_SNMPV1 + +# +# Begin test +# + +# standard V1 configuration: testcommunity +. ./Sv1config +# add in a v1 trap sink +CONFIGAGENT trapsink $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT public +CONFIGAGENT authtrapenable 1 +CONFIGTRAPD authcommunity log public +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +STARTAGENT + +# give the agent more time to start up. We only want to fire one +# request (retries = 0) to make sure only one trap is sent. +#DELAY +CAPTURE "snmpget -On -r 0 -t 5 $SNMP_FLAGS -v 1 -c wrongcommunity $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +STOPTRAPD + +CHECKTRAPD "Authentication Failure Trap" + +FINISHED diff --git a/testing/fulltests/default/T059trapdtraphandle_simple b/testing/fulltests/default/T059trapdtraphandle_simple new file mode 100755 index 0000000..53d5b90 --- /dev/null +++ b/testing/fulltests/default/T059trapdtraphandle_simple @@ -0,0 +1,71 @@ +#!/bin/sh + +# Testing this script is possible by running e.g. the following commands: +# srcdir=/z/software/net-snmp/trunk builddir=/z/software/net-snmp/trunk-mingw +# cd $builddir/testing +# TRAPD_FLAGS="-Dsnmptrapd -Drun:shell" $srcdir/testing/fulltests/support/simple_run $srcdir/testing/fulltests/default/T059trapdtraphandle_simple + +# "inline" trap handler +if [ "x$1" = "xtraphandle" ]; then + cat - >>"$2" + exit 0 +fi + +. ../support/simple_eval_tools.sh + +TRAPHANDLE_LOGFILE=${SNMP_TMPDIR}/traphandle.log + +HEADER snmptrapd traphandle: launching external shell script + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_UTILITIES_EXECUTE_MODULE +SKIPIFNOT HAVE_SIGHUP + +# +# Begin test +# + +snmp_version=v2c +TESTCOMMUNITY=testcommunity + +# Make the paths of arguments $0 and $1 absolute. +NETSNMPDIR="`pwd`" +NETSNMPDIR="`dirname ${NETSNMPDIR}`" +NETSNMPDIR="`dirname ${NETSNMPDIR}`" +NETSNMPDIR="`dirname ${NETSNMPDIR}`" +if [ "`echo $1|cut -c1`" = "/" ]; then + traphandle_arg="$1" +else + traphandle_arg="${NETSNMPDIR}/$1" +fi + +CONFIGTRAPD [snmp] persistentDir $SNMP_TMP_PERSISTENTDIR +CONFIGTRAPD [snmp] tempFilePattern /tmp/snmpd-tmp-XXXXXX +CONFIGTRAPD authcommunity execute $TESTCOMMUNITY +CONFIGTRAPD doNotLogTraps true +if [ "x$OSTYPE" = "xmsys" ]; then + CONFIGTRAPD traphandle default $MSYS_SH -c "'" $traphandle_arg traphandle $TRAPHANDLE_LOGFILE "'" +else + CONFIGTRAPD traphandle default $traphandle_arg traphandle $TRAPHANDLE_LOGFILE +fi +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +## 1) test notification handler + +CAPTURE "snmptrap -d -Ci -t $SNMP_SLEEP -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s handled_inform_$snmp_version" +DELAY +CHECKORDIE "handled_inform_$snmp_version" $TRAPHANDLE_LOGFILE + +## 2) persistency: reconfigure (SIGHUP), re-test + +HUPTRAPD +CAPTURE "snmptrap -d -Ci -t $SNMP_SLEEP -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 .1.3.6.1.6.3.1.1.5.1 .1.3.6.1.2.1.1.4.0 s handled_inform2_$snmp_version" +DELAY +CHECKORDIE "handled_inform2_$snmp_version" $TRAPHANDLE_LOGFILE + +## stop +STOPTRAPD + +FINISHED diff --git a/testing/fulltests/default/T060trapdperl_simple b/testing/fulltests/default/T060trapdperl_simple new file mode 100755 index 0000000..33741e0 --- /dev/null +++ b/testing/fulltests/default/T060trapdperl_simple @@ -0,0 +1,59 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER 'snmptrapd embedded perl support (NetSNMP::TrapReceiver)' + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT NETSNMP_EMBEDDED_PERL +SKIPIFNOT HAVE_SIGHUP +SKIPIFNOT NETSNMP_SECMOD_USM + +# +# Begin test +# + +snmp_version=v2c +TESTCOMMUNITY=testcommunity +TESTOID=.1.3.6.1.6.3.1.1.5.1 +TESTOID2=.1.3.6.1.6.3.1.1.5.2 +VAROID=.1.3.6.1.2.1.1.4.0 +EMBPERL_LOGFILE=${SNMP_TMPDIR}/embperl.log + +# make sure that we can fulfill all library dependencies +_ld_lib_path="${SNMP_UPDIR}/snmplib/.libs:${SNMP_UPDIR}/agent/.libs:${SNMP_UPDIR}/agent/helpers/.libs" +if [ x$OSTYPE = xcygwin ]; then + PATH="${_ld_lib_path}:$PATH" +fi + +echo "use blib qw(${SNMP_UPDIR}/perl);" > ${SNMP_TMPDIR}/snmp_perl_trapd.pl +echo "use NetSNMP::TrapReceiver;" >> ${SNMP_TMPDIR}/snmp_perl_trapd.pl + +CONFIGTRAPD authcommunity execute $TESTCOMMUNITY +CONFIGTRAPD perlInitFile ${SNMP_TMPDIR}/snmp_perl_trapd.pl +CONFIGTRAPD 'perl sub my_receiver { open LOG,">>'$EMBPERL_LOGFILE'"; print LOG "handled_by_embperl\n"; close LOG };' +CONFIGTRAPD 'perl sub my_receiver2 { open LOG,">>'$EMBPERL_LOGFILE'"; print LOG "handled_again_by_embperl\n"; close LOG };' +CONFIGTRAPD 'perl NetSNMP::TrapReceiver::register("'$TESTOID'", \&my_receiver) || warn "register_perl_handler_failed";' +CONFIGTRAPD 'perl NetSNMP::TrapReceiver::register("'$TESTOID2'", \&my_receiver2) || warn "register_second_perl_handler_failed";' +CONFIGTRAPD 'perl print STDERR "registered_perl_handler_ok\n";' +CONFIGTRAPD agentxsocket /dev/null + +STARTTRAPD + +## 1) trigger embedded perl notification handler + +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 $TESTOID $VAROID s handled_trap_$snmp_version" + +## 2) persistency: reconfigure (SIGHUP), re-trigger + +HUPTRAPD +CAPTURE "snmptrap -Ci -t $SNMP_SLEEP -d -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT 0 $TESTOID2 $VAROID s handled_trap2_$snmp_version" + +## stop +STOPTRAPD + + +CHECKORDIE "handled_by_embperl" $EMBPERL_LOGFILE +CHECKORDIE "handled_again_by_embperl" $EMBPERL_LOGFILE + +FINISHED diff --git a/testing/fulltests/default/T061agentperl_simple b/testing/fulltests/default/T061agentperl_simple new file mode 100755 index 0000000..c20a3ff --- /dev/null +++ b/testing/fulltests/default/T061agentperl_simple @@ -0,0 +1,77 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER 'snmpd embedded perl support (using NetSNMP::agent)' + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT NETSNMP_EMBEDDED_PERL +SKIPIFNOT HAVE_SIGHUP +SKIPIFNOT NETSNMP_SECMOD_USM + +# +# Begin test +# + +snmp_version=v2c +TESTCOMMUNITY=testcommunity +. ./Sv2cconfig + +TESTOID=.1.3.6.1.4.1.8872.9999.9999.1.0 +TESTOID2=.1.3.6.1.4.1.8872.9999.9999.2.0 +EMBPERL_AGENT=${SNMP_TMPDIR}/hello.pl +cat >$EMBPERL_AGENT <<END +#!/usr/bin/env perl +# minimal embedded perl agent + +my \$regat = '.1.3.6.1.4.1.8872.9999.9999'; # netSnmpPlayPen +my \$myoid = \$regat . ".1.0"; # the "hello world" OID +my \$myoid2 = \$regat . ".2.0"; # the "hello again world" OID + +use NetSNMP::OID qw(:all); +use NetSNMP::agent qw(:all); +use NetSNMP::ASN qw(:all); +use SNMP; + +my \$regoid = new NetSNMP::OID(\$regat); +\$agent->register("hello", \$regoid, \&my_snmp_handler); + +sub my_snmp_handler { + my (\$handler, \$registration_info, \$request_info, \$requests) = @_; + for(my \$request = \$requests; \$request; \$request = \$request->next()) { + if (\$request_info->getMode() == MODE_GET) { + if (\$request->getOID() == new NetSNMP::OID(\$myoid)) { + \$request->setValue(ASN_OCTET_STR, "hello world"); + last; + } elsif (\$request->getOID() == new NetSNMP::OID(\$myoid2)) { + \$request->setValue(ASN_OCTET_STR, "hello again world"); + last; + } + } + } +} +END + +echo "use blib qw(${SNMP_UPDIR}/perl);" > ${SNMP_TMPDIR}/snmp_perl.pl +echo 'use NetSNMP::agent;' >> ${SNMP_TMPDIR}/snmp_perl.pl +echo '$agent = new NetSNMP::agent('"'dont_init_agent' => 1, 'dont_init_lib' => 1);" >> ${SNMP_TMPDIR}/snmp_perl.pl + +CONFIGAGENT perlInitFile ${SNMP_TMPDIR}/snmp_perl.pl +CONFIGAGENT "perl do '$EMBPERL_AGENT';" +CONFIGAGENT 'perl print STDERR "registered_perl_agent_ok";' + +STARTAGENT + +## 1) SNMP GET against embedded perl mib module +CAPTURE "snmpget -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT $TESTOID" +CHECK "hello world" + +## 2) persistency: reconfigure (HUP), re-test +HUPAGENT +CAPTURE "snmpget -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT $TESTOID2" +CHECK "hello again world" + +## stop +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T065agentextend_simple b/testing/fulltests/default/T065agentextend_simple new file mode 100644 index 0000000..07dcae3 --- /dev/null +++ b/testing/fulltests/default/T065agentextend_simple @@ -0,0 +1,54 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER "extending agent functionality with extend" + +[ "x$OSTYPE" = xmsys -a "x$MSYS_SH" = x ] && SKIP "\$MSYS_SH has not been set" +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_AGENT_EXTEND_MODULE +SKIPIFNOT USING_UTILITIES_EXECUTE_MODULE + +# make sure snmpget can be executed +SNMPGET="${SNMP_UPDIR}/apps/snmpget" +[ -x "$SNMPGET" ] || SKIP + +snmp_version=v2c +TESTCOMMUNITY=testcommunity +. ./Sv2cconfig + +# +# Begin test +# + +index='"hello"' +if [ "x$OSTYPE" = "xmsys" ]; then + CONFIGAGENT extend hello $MSYS_SH -c "'" echo hello_world "'" +else + CONFIGAGENT extend hello /usr/bin/env echo hello_world +fi + +STARTAGENT + +# NET-SNMP-EXTEND-MIB::nsExtendOutput1Line."hello" = STRING: "hello_world" +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.8072.1.3.2.3.1.1.$index" +CHECKORDIE "STRING: hello_world" + +#NET-SNMP-EXTEND-MIB::nsExtendOutputFull."hello" = STRING: "hello_world" +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.8072.1.3.2.3.1.2.$index" +CHECKORDIE "STRING: hello_world" + +#NET-SNMP-EXTEND-MIB::nsExtendOutLine."hello".1 = STRING: "hello_world" +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.8072.1.3.2.4.1.2.$index.1" +CHECKORDIE "STRING: hello_world" + +#NET-SNMP-EXTEND-MIB::nsExtendOutNumLines."hello" = INTEGER: 1 +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.8072.1.3.2.3.1.3.$index" +CHECKORDIE "INTEGER: 1" + +#NET-SNMP-EXTEND-MIB::nsExtendResult."hello" = INTEGER: 0 +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.8072.1.3.2.3.1.4.$index" +CHECKORDIE "INTEGER: 0" + +STOPAGENT +FINISHED diff --git a/testing/fulltests/default/T066pass_simple b/testing/fulltests/default/T066pass_simple new file mode 100644 index 0000000..6396ed1 --- /dev/null +++ b/testing/fulltests/default/T066pass_simple @@ -0,0 +1,53 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER "extending agent functionality with pass" + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_UCD_SNMP_PASS_MODULE +SKIPIFNOT USING_UTILITIES_EXECUTE_MODULE + +# Don't run this test on MinGW - local/passtest is a shell script and +# hence passing it to the MSVCRT popen() doesn't work. +[ "x$OSTYPE" = "xmsys" ] && SKIP "MinGW" + +# make sure snmpget and snmpwalk can be executed +SNMPGET="${builddir}/apps/snmpget" +[ -x "$SNMPGET" ] || SKIP +SNMPWALK="${builddir}/apps/snmpwalk" +[ -x "$SNMPWALK" ] || SKIP + +snmp_version=v2c +TESTCOMMUNITY=testcommunity +. ./Sv2cconfig + +# +# Begin test +# +oid=.1.3.6.1.4.1.8072.2.255 # NET-SNMP-PASS-MIB::netSnmpPassExamples +CONFIGAGENT pass $oid ${srcdir}/local/passtest + +ORIG_AGENT_FLAGS="$AGENT_FLAGS" +AGENT_FLAGS="$ORIG_AGENT_FLAGS -Ducd-snmp/pass" +STARTAGENT + +#COMMENT Check a full walk of the sample data +CAPTURE "$SNMPWALK $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT $oid" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassString.0 = STRING: Life, the Universe, and Everything" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassInteger.1 = INTEGER: 42" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassOID.1 = OID: NET-SNMP-PASS-MIB::netSnmpPassOIDValue" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassTimeTicks.0 = Timeticks: (363136200) 42 days, 0:42:42.00 " +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassIpAddress.0 = IpAddress: 127.0.0.1" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassCounter.0 = Counter32: 42" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassGauge.0 = Gauge32: 42" + +#COMMENT A couple of spot checks of GET requests. +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT NET-SNMP-PASS-MIB::netSnmpPassInteger.1" +CHECKORDIE "INTEGER: 42" + +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT NET-SNMP-PASS-MIB::netSnmpPassCounter.0" +CHECKORDIE "Counter32: 42" + +STOPAGENT +FINISHED diff --git a/testing/fulltests/default/T067passpersist_simple b/testing/fulltests/default/T067passpersist_simple new file mode 100644 index 0000000..6051b8f --- /dev/null +++ b/testing/fulltests/default/T067passpersist_simple @@ -0,0 +1,63 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER "extending agent functionality with pass_persist" + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_UCD_SNMP_PASS_PERSIST_MODULE + +# Don't run this test on MinGW - local/pass_persisttest is a shell script and +# hence passing it to the MSVCRT popen() doesn't work. +[ "x$OSTYPE" = "xmsys" ] && SKIP "MinGW" + +[ -x /usr/bin/perl ] || SKIP "/usr/bin/perl not found" + +# make sure snmpget and snmpwalk can be executed +SNMPGET="${builddir}/apps/snmpget" +[ -x "$SNMPGET" ] || SKIP +SNMPWALK="${builddir}/apps/snmpwalk" +[ -x "$SNMPWALK" ] || SKIP + +snmp_version=v2c +TESTCOMMUNITY=testcommunity +. ./Sv2cconfig + +# +# Begin test +# +oid=.1.3.6.1.4.1.8072.2.255 # NET-SNMP-PASS-MIB::netSnmpPassExamples +CONFIGAGENT pass_persist $oid ${srcdir}/local/pass_persisttest + +ORIG_AGENT_FLAGS="$AGENT_FLAGS" +AGENT_FLAGS="$ORIG_AGENT_FLAGS -Ducd-snmp/pass_persist" +PASS_PERSIST_PIDFILE="$SNMP_TMPDIR/pass_persist.pid.$$" +export PASS_PERSIST_PIDFILE +STARTAGENT + +#COMMENT Check a full walk of the sample data +CAPTURE "$SNMPWALK $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT $oid" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassString.0 = STRING: Life, the Universe, and Everything" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassInteger.1 = INTEGER: 42" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassOID.1 = OID: NET-SNMP-PASS-MIB::netSnmpPassOIDValue" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassTimeTicks.0 = Timeticks: (363136200) 42 days, 0:42:42.00 " +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassIpAddress.0 = IpAddress: 127.0.0.1" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassCounter.0 = Counter32: 1" +CHECKORDIE "NET-SNMP-PASS-MIB::netSnmpPassGauge.0 = Gauge32: 42" + +#COMMENT A couple of spot checks of GET requests. +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT NET-SNMP-PASS-MIB::netSnmpPassInteger.1" +CHECKORDIE "INTEGER: 42" + +#COMMENT netSnmpPassCounter should increment, since this is pass_persist +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT NET-SNMP-PASS-MIB::netSnmpPassCounter.0" +CHECKORDIE "Counter32: 2" + +#COMMENT now kill the pass_persist script, and check that it recovers. +STOPPROG $PASS_PERSIST_PIDFILE +#COMMENT netSnmpPassCounter should have reverted to 1, as this is a new instance. +CAPTURE "$SNMPGET $SNMP_FLAGS -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT NET-SNMP-PASS-MIB::netSnmpPassCounter.0" +CHECKORDIE "Counter32: 1" + +STOPAGENT +FINISHED diff --git a/testing/fulltests/default/T070com2sec_simple b/testing/fulltests/default/T070com2sec_simple new file mode 100644 index 0000000..9f76fcd --- /dev/null +++ b/testing/fulltests/default/T070com2sec_simple @@ -0,0 +1,159 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER com2sec directive + +SKIPIFNOT NETSNMP_TRANSPORT_UDP_DOMAIN +SKIPIF NETSNMP_NO_DEBUGGING + +# +# Begin test +# + +# 401a Test missing CONTEXT +CONFIGAGENT 'com2sec -Cn' +# 401b Test empty CONTEXT +CONFIGAGENT 'com2sec -Cn ""' +# 401c Test overlong CONTEXT (34 chars) +CONFIGAGENT 'com2sec -Cn 1234567890123456789012345678901234' + +# 402a Test missing secName +CONFIGAGENT 'com2sec' +# 402b Test empty secName +CONFIGAGENT 'com2sec ""' +# 402c Test overlong secName (34 chars) +CONFIGAGENT 'com2sec 1234567890123456789012345678901234' +# 402d Test valid context and missing secName +CONFIGAGENT 'com2sec -Cn 123456789012345678901234567890123' +# 402e Test valid context and empty secName +CONFIGAGENT 'com2sec -Cn 123456789012345678901234567890123 ""' + +# 403a Test missing network address +CONFIGAGENT 'com2sec t403a' +# 403b Test empty network address +CONFIGAGENT 'com2sec t403b ""' +# 403c Test forbidden value (now why it is forbidden...) +CONFIGAGENT 'com2sec t403c NETWORK' + +# 404a Test missing community +CONFIGAGENT 'com2sec t404a default' +# 404b Test empty community +CONFIGAGENT 'com2sec t404b default ""' +# 404c Test forbidden value (now why it is forbidden...) +CONFIGAGENT 'com2sec t404c default COMMUNITY' +# 404d Test overlong community (255 chars) +CONFIGAGENT 'com2sec t404d default 123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345' +# 404e Test valid community +CONFIGAGENT 'com2sec t404e default 12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234' + +# 405a Test 'default' configuration +CONFIGAGENT 'com2sec t405a default c405a' +# 405b Test ip address configuration +CONFIGAGENT 'com2sec t405b 10.0.0.0 c405b' +# 405c Test valid numeric mask +CONFIGAGENT 'com2sec t405c 10.0.0.0/8 c405c' +# 405d Test invalid numeric mask (too big) +CONFIGAGENT 'com2sec t405d 10.0.0.0/33 c405d' +# 405e Test invalid numeric mask (negative) +CONFIGAGENT 'com2sec t405e 10.0.0.0/-1 c405e' +# 405f Test valid ip address mask +CONFIGAGENT 'com2sec t405f 10.0.0.0/255.0.0.0 c405f' +# 405g Test invalid ip address mask +CONFIGAGENT 'com2sec t405g 10.0.0.0/512.0.0.0 c405g' +# 405h Test invalid ip address mask +CONFIGAGENT 'com2sec t405h 10.0.0.0/hh c405h' +# 405i Test address with 1 bits not covered by the mask +CONFIGAGENT 'com2sec t405i 10.0.0.0/3.192.0.0 c405i' +# 405j Test that 0.0.0.0 works (alias for default) +CONFIGAGENT 'com2sec t405j 0.0.0.0 c405j' +# 405k Test that 0.0.0.0/0 works (alias for default) +CONFIGAGENT 'com2sec t405k 0.0.0.0/0 c405k' +# 405l Test that 0.0.0.0/0.0.0.0 works (alias for default) +CONFIGAGENT 'com2sec t405l 0.0.0.0/0.0.0.0 c405l' + +# 406a Test maximally long address/mask +CONFIGAGENT 'com2sec t406a 255.255.255.255/255.255.255.255 c406a' + +# 407a Test non existant host name +CONFIGAGENT 'com2sec t407a no.such.address. c407a' +# 407b Test maximally long host name/mask +CONFIGAGENT 'com2sec t407b a23456789012345678901234567890123456789012345678901234567890123.a23456789012345678901234567890123456789012345678901234567890123.a23456789012345678901234567890123456789012345678901234567890123.a234567890123456789012345678901234567890123456789012345678901./255.255.255.255 c407b' + +# 408 Lookup tests, require network access +# 408a Test lookup returning a single host +CONFIGAGENT 'com2sec t408a www.ietf.org c408a' +# 408a Test lookup returning multiple hosts +CONFIGAGENT 'com2sec t408b www.google.com c408b' + +# Default agent setup +CONFIGAGENT "[snmp] persistentdir $SNMP_TMP_PERSISTENTDIR" +# Dummy config to prevent the basic_setup warning +CONFIGAGENT 'rocommunity public 127.0.0.0/8' + +AGENT_FLAGS='-Dnetsnmp_udp_parse_security,netsnmp_udp6_parse_security,netsnmp_unix_parse_security' + +STARTAGENT + +SAVECHECKAGENT() { + CHECKAGENT "$@" + if [ "x$return_value" != "x0" ] ; then + FINISHED + fi +} + +SAVECHECKAGENT 'line 1: Error: missing CONTEXT_NAME parameter' +SAVECHECKAGENT 'line 2: Error: missing NAME parameter' +SAVECHECKAGENT 'line 3: Error: context name too long' +CHECKAGENTCOUNT atleastone 'line 4: Error: Blank line following com2sec token.' +SAVECHECKAGENT 'line 5: Error: empty NAME parameter' +SAVECHECKAGENT 'line 6: Error: security name too long' +SAVECHECKAGENT 'line 7: Error: missing NAME parameter' +SAVECHECKAGENT 'line 8: Error: empty NAME parameter' +SAVECHECKAGENT 'line 9: Error: missing SOURCE parameter' +SAVECHECKAGENT 'line 10: Error: empty SOURCE parameter' +SAVECHECKAGENT 'line 11: Error: example config NETWORK not properly configured' +SAVECHECKAGENT 'line 12: Error: missing COMMUNITY parameter' +SAVECHECKAGENT 'line 13: Error: empty COMMUNITY parameter' +SAVECHECKAGENT 'line 14: Error: example config COMMUNITY not properly configured' +SAVECHECKAGENT 'line 15: Error: community name too long' +SAVECHECKAGENT '<"12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234", 0.0.0.0/0.0.0.0> => "t404e"' +SAVECHECKAGENT '<"c405a", 0.0.0.0/0.0.0.0> => "t405a"' +SAVECHECKAGENT '<"c405b", 10.0.0.0/255.255.255.255> => "t405b"' +SAVECHECKAGENT '<"c405c", 10.0.0.0/255.0.0.0> => "t405c"' +SAVECHECKAGENT 'line 20: Error: bad mask length' +SAVECHECKAGENT 'line 21: Error: bad mask length' +SAVECHECKAGENT '<"c405f", 10.0.0.0/255.0.0.0> => "t405f"' +SAVECHECKAGENT 'line 23: Error: bad mask' +SAVECHECKAGENT 'line 24: Error: bad mask' +SAVECHECKAGENT 'line 25: Error: source/mask mismatch' +SAVECHECKAGENT '<"c405j", 0.0.0.0/255.255.255.255> => "t405j"' +SAVECHECKAGENT '<"c405k", 0.0.0.0/0.0.0.0> => "t405k"' +SAVECHECKAGENT '<"c405l", 0.0.0.0/0.0.0.0> => "t405l"' +SAVECHECKAGENT '<"c406a", 255.255.255.255/255.255.255.255> => "t406a"' +SAVECHECKAGENT 'line 30: Error:' # msg from h_strerror so it varies +SAVECHECKAGENT 'line 31: Error:' # msg from h_strerror so it varies + +CHECKAGENT '<"c408a"' +if [ "$snmp_last_test_result" -eq 0 ] ; then + CHECKAGENT 'line 32: Error:' + if [ "$snmp_last_test_result" -ne 1 ] ; then + return_value=1 + FINISHED + fi +elif [ "$snmp_last_test_result" -ne 1 ] ; then + return_value=1 + FINISHED +fi + +CHECKAGENT '<"c408b"' +if [ "$snmp_last_test_result" -eq 0 ] ; then + CHECKAGENT 'line 33: Error:' + if [ "$snmp_last_test_result" -ne 1 ] ; then + return_value=1 + fi +elif [ "$snmp_last_test_result" -ne 1 ] ; then + return_value=1 +fi + +FINISHED diff --git a/testing/fulltests/default/T071com2sec6_simple b/testing/fulltests/default/T071com2sec6_simple new file mode 100644 index 0000000..550a25b --- /dev/null +++ b/testing/fulltests/default/T071com2sec6_simple @@ -0,0 +1,155 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER com2sec6 directive + +SKIPIFNOT NETSNMP_TRANSPORT_UDPIPV6_DOMAIN +SKIPIF NETSNMP_NO_DEBUGGING + +# +# Begin test +# + +# 601a Test missing CONTEXT +CONFIGAGENT 'com2sec6 -Cn' +# 601b Test empty CONTEXT +CONFIGAGENT 'com2sec6 -Cn ""' +# 601c Test overlong CONTEXT (34 chars) +CONFIGAGENT 'com2sec6 -Cn 1234567890123456789012345678901234' + +# 602a Test missing secName +CONFIGAGENT 'com2sec6' +# 602b Test empty secName +CONFIGAGENT 'com2sec6 ""' +# 602c Test overlong secName (34 chars) +CONFIGAGENT 'com2sec6 1234567890123456789012345678901234' +# 602d Test valid context and missing secName +CONFIGAGENT 'com2sec6 -Cn 123456789012345678901234567890123' +# 602e Test valid context and empty secName +CONFIGAGENT 'com2sec6 -Cn 123456789012345678901234567890123 ""' + +# 603a Test missing network address +CONFIGAGENT 'com2sec6 t603a' +# 603b Test empty network address +CONFIGAGENT 'com2sec6 t603b ""' +# 603c Test forbidden value +CONFIGAGENT 'com2sec6 t603c NETWORK' + +# 604a Test missing COMMUNITY +CONFIGAGENT 'com2sec6 t604a default' +# 604b 'Error: empty COMMUNITY parameter' +CONFIGAGENT 'com2sec6 t604b default ""' +# 604c Test overlong COMMUNITY +CONFIGAGENT 'com2sec6 t604c default 123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345' +# 604d Test barely valid community +CONFIGAGENT 'com2sec6 t604d default 12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234' +# 604e Test forbidden value +CONFIGAGENT 'com2sec6 t604e default COMMUNITY' + +# 605a Test 'default' configuration +CONFIGAGENT 'com2sec6 t605a default c605a' +# 605b Test ip address configuration +CONFIGAGENT 'com2sec6 t605b aa00:: c605b' +# 605c Test valid numeric mask +CONFIGAGENT 'com2sec6 t605c aa00::/8 c605c' +# 605d Test invalid numeric mask (too big) +CONFIGAGENT 'com2sec6 t605d aa00::/129 c605d' +# 605e Test invalid numeric mask (negative) +CONFIGAGENT 'com2sec6 t605e aa00::/-1 c605e' +# 605f Test valid ip address mask +CONFIGAGENT 'com2sec6 t605f aa00::/ff00:: c605f' +# 605g Test invalid ip address mask +CONFIGAGENT 'com2sec6 t605g aa00::/fffff:: c605g' +# 605h Test invalid ip address mask +CONFIGAGENT 'com2sec6 t605h aa00::/gg00:: c605h' +# 605i Test address with 1 bits not covered by the mask +CONFIGAGENT 'com2sec6 t605i aa00::/0ff0:: c605i' + +# 606a Test maximally long address/mask +CONFIGAGENT 'com2sec6 t606a ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff c606a' + +# 607a Test non existant host name +CONFIGAGENT 'com2sec6 t607a no.such.address. c607a' +# 607b Test maximally long host name/mask +CONFIGAGENT 'com2sec6 t607b a23456789012345678901234567890123456789012345678901234567890123.a23456789012345678901234567890123456789012345678901234567890123.a23456789012345678901234567890123456789012345678901234567890123.a234567890123456789012345678901234567890123456789012345678901./ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff c607b' + +# 608 Lookup tests, require network access +# 608a Test lookup returning a single host +CONFIGAGENT 'com2sec6 t608a www.ietf.org c608a' +# 608b Test lookup returning multiple hosts +CONFIGAGENT 'com2sec6 t608b ipv6.google.com c608b' + +# Default agent setup +CONFIGAGENT "[snmp] persistentdir $SNMP_TMP_PERSISTENTDIR" +# Dummy config to prevent the basic_setup warning +CONFIGAGENT 'rocommunity public 127.0.0.0/8' + +AGENT_FLAGS='-Dnetsnmp_udp_parse_security,netsnmp_udp6_parse_security,netsnmp_unix_parse_security' + +STARTAGENT + +SAVECHECKAGENT() { + CHECKAGENT "$@" + if [ "x$return_value" != "x0" ] ; then + FINISHED + fi +} + +# 601 +SAVECHECKAGENT 'line 1: Error: missing CONTEXT_NAME parameter' +SAVECHECKAGENT 'line 2: Error: missing NAME parameter' +SAVECHECKAGENT 'line 3: Error: context name too long' +# 602 +CHECKAGENTCOUNT atleastone 'line 4: Error: Blank line following com2sec6 token.' +SAVECHECKAGENT 'line 5: Error: empty NAME parameter' +SAVECHECKAGENT 'line 6: Error: security name too long' +SAVECHECKAGENT 'line 7: Error: missing NAME parameter' +SAVECHECKAGENT 'line 8: Error: empty NAME parameter' +# 603 +SAVECHECKAGENT 'line 9: Error: missing SOURCE parameter' +SAVECHECKAGENT 'line 10: Error: empty SOURCE parameter' +SAVECHECKAGENT 'line 11: Error: example config NETWORK not properly configured' +# 604 +SAVECHECKAGENT 'line 12: Error: missing COMMUNITY parameter' +SAVECHECKAGENT 'line 13: Error: empty COMMUNITY parameter' +SAVECHECKAGENT 'line 14: Error: community name too long' +SAVECHECKAGENT '<"12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234", ::/::> => "t604d"' +SAVECHECKAGENT 'line 16: Error: example config COMMUNITY not properly configured' +# 605 +SAVECHECKAGENT '<"c605a", ::/::> => "t605a"' +SAVECHECKAGENT '<"c605b", aa00::/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff> => "t605b"' +SAVECHECKAGENT '<"c605c", aa00::/ff00::> => "t605c"' +SAVECHECKAGENT 'line 20: Error: bad mask length' +SAVECHECKAGENT 'line 21: Error: bad mask length' +SAVECHECKAGENT '<"c605f", aa00::/ff00::> => "t605f"' +SAVECHECKAGENT 'line 23: Error: bad mask' +SAVECHECKAGENT 'line 24: Error: bad mask' +SAVECHECKAGENT 'line 25: Error: source/mask mismatch' +# 606 +SAVECHECKAGENT '<"c606a", ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff> => "t606a"' +# 607 +SAVECHECKAGENT 'line 27: Error:' +SAVECHECKAGENT 'line 28: Error:' + +# 608 +CHECKAGENT '<"c608a"' +if [ "$snmp_last_test_result" -eq 0 ] ; then + CHECKAGENT 'line 29: Error:' + errnum=`expr $errnum - 1` + if [ "$snmp_last_test_result" -ne 1 ] ; then + FINISHED + fi +elif [ "$snmp_last_test_result" -ne 1 ] ; then + FINISHED +fi + +CHECKAGENTCOUNT atleastone '<"c608b"' +if [ "$snmp_last_test_result" -eq 0 ] ; then + CHECKAGENT 'line 30: Error:' + if [ "$snmp_last_test_result" -eq 1 ] ; then + errnum=`expr $errnum - 1` + fi +fi + +FINISHED diff --git a/testing/fulltests/default/T072com2secunix_simple b/testing/fulltests/default/T072com2secunix_simple new file mode 100644 index 0000000..a89de5d --- /dev/null +++ b/testing/fulltests/default/T072com2secunix_simple @@ -0,0 +1,111 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER com2secunix directive + +SKIPIFNOT NETSNMP_TRANSPORT_UNIX_DOMAIN +SKIPIF NETSNMP_NO_DEBUGGING +SKIPIFNOT SIZEOF_SOCKADDR_UN_SUN_PATH + +# +# Prepare test +# +if [ `uname -s` = SunOS ] +then AWK=nawk +else AWK=awk +fi + +sun_path_sized=`$AWK '/^#define SIZEOF_SOCKADDR_UN_SUN_PATH/ { res = "a"; for(n = 2; n < $3; ++n) { res = res substr("1234567890", n % 10, 1); } print res; }' $SNMP_UPDIR/include/net-snmp/net-snmp-config.h` + +# +# Begin test +# + +# u01a Test missing CONTEXT +CONFIGAGENT 'com2secunix -Cn' +# u01a Test empty CONTEXT +CONFIGAGENT 'com2secunix -Cn ""' +# u01c Test overlong CONTEXT (34 chars) +CONFIGAGENT 'com2secunix -Cn 1234567890123456789012345678901234' + +# u02a Test missing secName +CONFIGAGENT 'com2secunix' +# u02b Test empty secName +CONFIGAGENT 'com2secunix ""' +# u02c Test overlong secName (34 chars) +CONFIGAGENT 'com2secunix 1234567890123456789012345678901234' +# u02d Test valid context and missing secName +CONFIGAGENT 'com2secunix -Cn 123456789012345678901234567890123' +# u02e Test valid context and empty secName +CONFIGAGENT 'com2secunix -Cn 123456789012345678901234567890123 ""' + +# u03a Test missing sockpath +CONFIGAGENT 'com2secunix tu03a' +# u03b Test empty sockpath +CONFIGAGENT 'com2secunix tu03b ""' +# u03c Test overlong sockpath (sizeof(sockaddr_un.sun_path) chars) +CONFIGAGENT "com2secunix tu03c ${sun_path_sized}x" +# u03d Test valid sockpath (sizeof(sockaddr_un.sun_path) - 1 chars) +CONFIGAGENT "com2secunix tu03d ${sun_path_sized}" + +# u04a Test missing community +CONFIGAGENT 'com2secunix tu04a default' +# u04b Test empty community +CONFIGAGENT 'com2secunix tu04b default ""' +# u04c Test forbidden value (now why it is forbidden...) +CONFIGAGENT 'com2secunix tu04c default COMMUNITY' +# u04d Test overlong community (255 chars) +CONFIGAGENT 'com2secunix tu04d default 123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345' +# u04e Test valid community +CONFIGAGENT 'com2secunix tu04e default 12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234' + +# u05a Test 'default' configuration +CONFIGAGENT 'com2secunix tu05a default cu05a' + +# u07a Test non existant sockpath +CONFIGAGENT 'com2secunix tu07a /dev/null/no/such cu07a' + +# Default agent setup +CONFIGAGENT "[snmp] persistentdir $SNMP_TMP_PERSISTENTDIR" +# Dummy config to prevent the basic_setup warning +CONFIGAGENT 'rocommunity public 127.0.0.0/8' + +AGENT_FLAGS='-Dnetsnmp_udp_parse_security,netsnmp_udp6_parse_security,netsnmp_unix_parse_security' + +STARTAGENT + +SAVECHECKAGENT() { + CHECKAGENT "$@" + if [ "x$return_value" != "x0" ] ; then + FINISHED + fi +} + +# u01 +SAVECHECKAGENT 'line 1: Error: missing CONTEXT_NAME parameter' +SAVECHECKAGENT 'line 2: Error: missing NAME parameter' +SAVECHECKAGENT 'line 3: Error: context name too long' +# u02 +CHECKAGENTCOUNT atleastone 'line 4: Error: Blank line following com2secunix token.' +SAVECHECKAGENT 'line 5: Error: empty NAME parameter' +SAVECHECKAGENT 'line 6: Error: security name too long' +SAVECHECKAGENT 'line 7: Error: missing NAME parameter' +SAVECHECKAGENT 'line 8: Error: empty NAME parameter' +# u03 +SAVECHECKAGENT 'line 9: Error: missing SOCKPATH parameter' +SAVECHECKAGENT 'line 10: Error: empty SOCKPATH parameter' +SAVECHECKAGENT 'line 11: Error: sockpath too long' +SAVECHECKAGENT 'line 12: Error: missing COMMUNITY parameter' +# u04 +SAVECHECKAGENT 'line 13: Error: missing COMMUNITY parameter' +SAVECHECKAGENT 'line 14: Error: empty COMMUNITY parameter' +SAVECHECKAGENT 'line 15: Error: example config COMMUNITY not properly configured' +SAVECHECKAGENT 'line 16: Error: community name too long' +SAVECHECKAGENT '<"12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234", ""> => "tu04e"' +# u05 +SAVECHECKAGENT '<"cu05a", ""> => "tu05a"' +# u07 +SAVECHECKAGENT '<"cu07a", "/dev/null/no/such"> => "tu07a"' + +FINISHED diff --git a/testing/fulltests/default/T100agenthup_simple b/testing/fulltests/default/T100agenthup_simple new file mode 100755 index 0000000..d4949e1 --- /dev/null +++ b/testing/fulltests/default/T100agenthup_simple @@ -0,0 +1,36 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER that the agent responds properly to a kill -HUP + +SKIPIF NETSNMP_DISABLE_SNMPV1 + +SKIPIFNOT HAVE_SIGHUP + +# +# Begin test +# + +# standard V1 configuration: testcomunnity +. ./Sv1config + +STARTAGENT + +# add a agent configuration line that wouldn't have been there when +# the started up. +CONFIGAGENT syslocation not-anywhere-in-particular + +# kill -HUP the agent to get it to re-read the .conf file. +DELAY +kill -HUP `cat $SNMP_SNMPD_PID_FILE` > /dev/null 2>&1 +DELAY + +# And see if it has the new value. +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.6.0" + +STOPAGENT + +CHECK "not-anywhere-in-particular" + +FINISHED diff --git a/testing/fulltests/default/T110agentxget_simple b/testing/fulltests/default/T110agentxget_simple new file mode 100644 index 0000000..2f91d36 --- /dev/null +++ b/testing/fulltests/default/T110agentxget_simple @@ -0,0 +1,59 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER AgentX GET support + +SKIPIFNOT USING_AGENTX_MASTER_MODULE +SKIPIFNOT USING_AGENTX_SUBAGENT_MODULE +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V3 configuration for initial user +. ./Sv3config + +# Start the agent without initializing the system mib. +if [ "x$SNMP_TRANSPORT_SPEC" = "xunix" ];then +ORIG_AGENT_FLAGS="$AGENT_FLAGS -x $SNMP_TMPDIR/agentx_socket" +else +ORIG_AGENT_FLAGS="$AGENT_FLAGS -x tcp:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT}" +fi +AGENT_FLAGS="$ORIG_AGENT_FLAGS -I -system_mib,winExtDLL" +STARTAGENT + +# test to see that the current agent doesn't support the system mib +CAPTURE "snmpget -On $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +CHECK ".1.3.6.1.2.1.1.3.0 = No Such Object" + +if test "$snmp_last_test_result" = 1; then + # test the agentx subagent by first running it... + + SNMP_SNMPD_PID_FILE_ORIG=$SNMP_SNMPD_PID_FILE + SNMP_SNMPD_LOG_FILE_ORIG=$SNMP_SNMPD_LOG_FILE + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE.num2 + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE.num2 + AGENT_FLAGS="$ORIG_AGENT_FLAGS -X -I system_mib" + SNMP_CONFIG_FILE="$SNMP_TMPDIR/bogus.conf" + STARTAGENT + + # test to see that the agent now supports setting the system mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 3 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + + CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + + # stop the subagent + STOPAGENT + + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE_ORIG + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE_ORIG +fi + +# stop the master agent +STOPAGENT + +# all done (whew) +FINISHED diff --git a/testing/fulltests/default/T111agentxset_simple b/testing/fulltests/default/T111agentxset_simple new file mode 100644 index 0000000..87939bd --- /dev/null +++ b/testing/fulltests/default/T111agentxset_simple @@ -0,0 +1,78 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER AgentX SET support + +SKIPIFNOT USING_AGENTX_MASTER_MODULE +SKIPIFNOT USING_AGENTX_SUBAGENT_MODULE +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE +SKIPIF NETSNMP_DISABLE_SET_SUPPORT +SKIPIF NETSNMP_NO_WRITE_SUPPORT + +# +# Begin test +# + +# standard V3 configuration for initial user +. ./Sv3config + +# Start the agent without initializing the system mib. +if [ "x$SNMP_TRANSPORT_SPEC" = "xunix" ];then +ORIG_AGENT_FLAGS="$AGENT_FLAGS -x $SNMP_TMPDIR/agentx_socket" +else +ORIG_AGENT_FLAGS="$AGENT_FLAGS -x tcp:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT}" +fi +AGENT_FLAGS="$ORIG_AGENT_FLAGS -I -system_mib,winExtDLL -DAgentX" +STARTAGENT + +# test to see that the current agent doesn't support the system mib +CAPTURE "snmpget -On -t 3 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + +CHECK ".1.3.6.1.2.1.1.4.0 = No Such Object" + +if test "$snmp_last_test_result" = 1; then + # test the AgentX subagent by first running it... + + SNMP_SNMPD_PID_FILE_ORIG=$SNMP_SNMPD_PID_FILE + SNMP_SNMPD_LOG_FILE_ORIG=$SNMP_SNMPD_LOG_FILE + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE.num2 + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE.num2 + AGENT_FLAGS="$ORIG_AGENT_FLAGS -X -I system_mib" + SNMP_CONFIG_FILE="$SNMP_TMPDIR/bogus.conf" + echo "psyscontact testcontact" >> $SNMP_CONFIG_FILE + STARTAGENT + + # test to see that the agent now supports the system mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + + CHECK ".1.3.6.1.2.1.1.4.0 = STRING: \"*testcontact" + + if test "$snmp_last_test_result" = 1; then + + # test to see that the agent now supports setting the system mib + CAPTURE "snmpset -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 s newtestcontact" + + CHECK ".1.3.6.1.2.1.1.4.0 = STRING: \"*newtestcontact" + + if test "$snmp_last_test_result" = 1; then + + # test to see that the agent now supports the system mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + + CHECK ".1.3.6.1.2.1.1.4.0 = STRING: \"*newtestcontact" + fi + fi + + # stop the subagent + STOPAGENT + + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE_ORIG + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE_ORIG +fi + +# stop the master agent +STOPAGENT + +# all done (whew) +FINISHED diff --git a/testing/fulltests/default/T112agentxsetfail_simple b/testing/fulltests/default/T112agentxsetfail_simple new file mode 100644 index 0000000..d610b41 --- /dev/null +++ b/testing/fulltests/default/T112agentxsetfail_simple @@ -0,0 +1,72 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER AgentX illegal SET handling support + +SKIPIFNOT USING_AGENTX_MASTER_MODULE +SKIPIFNOT USING_AGENTX_SUBAGENT_MODULE +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE +SKIPIF NETSNMP_DISABLE_SET_SUPPORT +SKIPIF NETSNMP_NO_WRITE_SUPPORT + +# +# Begin test +# + +# standard V3 configuration for initial user +. ./Sv3config + +# Start the agent without initializing the system mib. +if [ "x$SNMP_TRANSPORT_SPEC" = "xunix" ];then +ORIG_AGENT_FLAGS="$AGENT_FLAGS -x $SNMP_TMPDIR/agentx_socket" +else +ORIG_AGENT_FLAGS="$AGENT_FLAGS -x tcp:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT}" +fi +AGENT_FLAGS="$ORIG_AGENT_FLAGS -I -system_mib,winExtDLL -DAgentX" +STARTAGENT + +# test to see that the current agent doesn't support the system mib +CAPTURE "snmpget -On -t 3 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + +CHECK ".1.3.6.1.2.1.1.4.0 = No Such Object" + +if test "$snmp_last_test_result" = 1; then + # test the AgentX subagent by first running it... + + SNMP_SNMPD_PID_FILE_ORIG=$SNMP_SNMPD_PID_FILE + SNMP_SNMPD_LOG_FILE_ORIG=$SNMP_SNMPD_LOG_FILE + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE.num2 + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE.num2 + AGENT_FLAGS="$ORIG_AGENT_FLAGS -X -I system_mib" + SNMP_CONFIG_FILE="$SNMP_TMPDIR/bogus.conf" + STARTAGENT + + # test to see that the agent now supports the system mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + + # we don't know the real value, unfortunately, so we test for what + # we should *not* get back. + CHECKCOUNT 0 ".1.3.6.1.2.1.1.4.0 = No Such Object" + + if test "$snmp_last_test_result" = 0; then + + # test to see that the agent now supports setting the system mib + CAPTURE "snmpset -On -Ir $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 i 4" + + CHECK "wrongType" + + fi + + # stop the subagent + STOPAGENT + + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE_ORIG + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE_ORIG +fi + +# stop the master agent +STOPAGENT + +# all done (whew) +FINISHED diff --git a/testing/fulltests/default/T113agentxtrap_simple b/testing/fulltests/default/T113agentxtrap_simple new file mode 100644 index 0000000..4fa5e2f --- /dev/null +++ b/testing/fulltests/default/T113agentxtrap_simple @@ -0,0 +1,79 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER AgentX trap sending support + +SKIPIFNOT USING_AGENTX_MASTER_MODULE +SKIPIFNOT USING_AGENTX_SUBAGENT_MODULE +SKIPIFNOT USING_EXAMPLES_EXAMPLE_MODULE +SKIPIFNOT NETSNMP_SECMOD_USM + +# +# Begin test +# + +# start the trap demon +CONFIGTRAPD authcommunity log public +STARTTRAPD + +# standard V3 configuration for initial user +. ./Sv3config +# configure the trap receiver. +CONFIGAGENT trapsink ${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${SNMP_SNMPTRAPD_PORT} public + +# Start the agent without initializing the example mib. +if [ "x$SNMP_TRANSPORT_SPEC" = "xunix" ];then +ORIG_AGENT_FLAGS="$AGENT_FLAGS -x $SNMP_TMPDIR/agentx_socket" +else +ORIG_AGENT_FLAGS="$AGENT_FLAGS -x tcp:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT}" +fi +AGENT_FLAGS="$ORIG_AGENT_FLAGS -I -example" +STARTAGENT + +# test to see that the current agent doesn't support the example mib +CAPTURE "snmpget -On -t 3 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.2021.254.1.0" + +CHECK "No Such Object" + +if test "$snmp_last_test_result" = 1; then + # test the AgentX subagent by first running it... + + SNMP_SNMPD_PID_FILE_ORIG=$SNMP_SNMPD_PID_FILE + SNMP_SNMPD_LOG_FILE_ORIG=$SNMP_SNMPD_LOG_FILE + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE.num2 + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE.num2 + AGENT_FLAGS="$ORIG_AGENT_FLAGS -X -I example -Dadd" + SNMP_CONFIG_FILE="$SNMP_TMPDIR/bogus.conf" + + STARTAGENT + + # test to see that the agent now supports the example mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.2021.254.1.0" + + CHECK "life the universe and everything" + + if test "$snmp_last_test_result" = 1; then + + # test to see that the agent now sends a trap from the exmaple mib + CAPTURE "snmpset -On -r 0 -t 3 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.2021.254.8.0 i 1" + DELAY + CHECKTRAPD "life the universe and everything" + + fi + + # stop the subagent + STOPAGENT + + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE_ORIG + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE_ORIG +fi + +# stop the master agent +STOPAGENT + +# stop the trap demon +STOPTRAPD + +# all done (whew) +FINISHED diff --git a/testing/fulltests/default/T114agentxagentxtrap_simple b/testing/fulltests/default/T114agentxagentxtrap_simple new file mode 100644 index 0000000..58475d0 --- /dev/null +++ b/testing/fulltests/default/T114agentxagentxtrap_simple @@ -0,0 +1,44 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER AgentX trap sending support using agentxtrap + +SKIPIFNOT USING_AGENTX_MASTER_MODULE +SKIPIFNOT NETSNMP_SECMOD_USM + +# +# Begin test +# + +# start the trap demon +CONFIGTRAPD authcommunity log public +STARTTRAPD + +# standard V3 configuration for initial user +. ./Sv3config +# configure the trap receiver. +CONFIGAGENT trap2sink ${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${SNMP_SNMPTRAPD_PORT} public + +# Start the agent +if [ "x$SNMP_TRANSPORT_SPEC" = "xunix" ];then +AGENTX_SERVER="-x $SNMP_TMPDIR/agentx_socket" +else +AGENTX_SERVER="-x tcp:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT}" +fi +AGENT_FLAGS="$AGENT_FLAGS $AGENTX_SERVER" +STARTAGENT + +CAPTURE "agentxtrap $AGENTX_SERVER 0.0 0.0 s mostly_harmless" + +# stop the master agent +STOPAGENT + +# stop the trap demon +STOPTRAPD + +# Check that the trap was received +CHECKTRAPD "= STRING: \"*mostly_harmless\"*" + +# all done (whew) +FINISHED diff --git a/testing/fulltests/default/T115agentxperl_simple b/testing/fulltests/default/T115agentxperl_simple new file mode 100755 index 0000000..a44a202 --- /dev/null +++ b/testing/fulltests/default/T115agentxperl_simple @@ -0,0 +1,115 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER 'AgentX subagent in Perl (using NetSNMP::agent)' + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_AGENTX_MASTER_MODULE +SKIPIFNOT USING_AGENTX_SUBAGENT_MODULE +SKIPIFNOT HAVE_SIGHUP +# make sure the toolkit has been configured --with-perl-modules +[ -d ${SNMP_UPDIR}/perl/blib/arch/auto/NetSNMP/agent ] || SKIP + +# +# Begin test +# + +snmp_version=v2c +TESTCOMMUNITY=testcommunity +. ./Sv2cconfig + +TESTOID=.1.3.6.1.4.1.8872.9999.9999.1.0 +TESTOID2=.1.3.6.1.4.1.8872.9999.9999.2.0 +AGENTX_SOCKET=${SNMP_TMPDIR}/agentx_socket +PERL_SUBAGENT=${SNMP_TMPDIR}/hello.pl +PERL_SUBAGENT_CONF=${SNMP_TMPDIR}/hello.conf + +cat >$PERL_SUBAGENT <<END +#!${SNMP_PERLPROG} +# minimal AgentX subagent in Perl + +use blib qw(${SNMP_UPDIR}/perl); +use NetSNMP::OID qw(:all); +use NetSNMP::agent qw(:all); +use NetSNMP::ASN qw(:all); +use NetSNMP::agent::default_store; +use NetSNMP::default_store qw(:all); +use SNMP; + +## double-fork daemon +my \$pid; +unless (\$pid = fork) { + unless (fork) { + ## start main code + my \$regat = '.1.3.6.1.4.1.8872.9999.9999'; # netSnmpPlayPen + my \$myoid = \$regat . ".1.0"; # the "hello world" OID + my \$myoid2 = \$regat . ".2.0"; # the "hello again world" OID + + my \$pidfile = shift; # take PID file as first argument + open(PIDFILE, ">\$pidfile") or die "Couldn't open \$pidfile"; + print PIDFILE \$\$; + close(PIDFILE); + +sub my_snmp_handler { + my (\$handler, \$registration_info, \$request_info, \$requests) = @_; + for(my \$request = \$requests; \$request; \$request = \$request->next()) { + if (\$request_info->getMode() == MODE_GET) { + if (\$request->getOID() == new NetSNMP::OID(\$myoid)) { + \$request->setValue(ASN_OCTET_STR, "hello world"); + last; + } elsif (\$request->getOID() == new NetSNMP::OID(\$myoid2)) { + \$request->setValue(ASN_OCTET_STR, "hello again world"); + last; + } + } + } +} +sub shut_it_down { \$running = 0; } + + netsnmp_ds_set_boolean(NETSNMP_DS_APPLICATION_ID, + NETSNMP_DS_AGENT_NO_ROOT_ACCESS, 1); + my \$agent = new NetSNMP::agent('Name' => 'hello', 'AgentX' => 1); + my \$regoid = new NetSNMP::OID(\$regat); + \$agent->register("hello", \$regoid, \&my_snmp_handler); + + \$SIG{'INT'} = \&shut_it_down; + \$SIG{'QUIT'} = \&shut_it_down; + \$running = 1; + while(\$running) { + \$agent->agent_check_and_process(1); + } + \$agent->shutdown(); + ## end main code + exit 0; + } + exit 0; +} +waitpid(\$pid, 0); +END + +echo "agentxsocket $AGENTX_SOCKET" > $PERL_SUBAGENT_CONF + +CONFIGAGENT master agentx +CONFIGAGENT agentxsocket $AGENTX_SOCKET + +STARTAGENT + +# start perl subagent +/usr/bin/env SNMPCONFPATH="${SNMP_TMPDIR}${SNMP_ENV_SEPARATOR}${SNMP_TMP_PERSISTENTDIR}" $SNMP_PERLPROG $PERL_SUBAGENT $SNMP_AGENTX_PID_FILE >$SNMP_AGENTX_LOG_FILE 2>&1 +DELAY + +## 1) SNMP GET against mib object implemented by the perl subagent +CAPTURE "snmpget -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT $TESTOID" +CHECK "hello world" + +## 2) persistency: reconfigure master agent (HUP), re-test +HUPAGENT +CAPTURE "snmpget -$snmp_version -c $TESTCOMMUNITY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT $TESTOID2" +CHECK "hello again world" + +## stop +STOPAGENT +STOPPROG $SNMP_AGENTX_PID_FILE + +FINISHED diff --git a/testing/fulltests/default/T120proxyget_simple b/testing/fulltests/default/T120proxyget_simple new file mode 100644 index 0000000..12c58fd --- /dev/null +++ b/testing/fulltests/default/T120proxyget_simple @@ -0,0 +1,67 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER Proxy GET support + +SKIPIFNOT USING_UCD_SNMP_PROXY_MODULE +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE +SKIPIF NETSNMP_DISABLE_SNMPV2C + +# XXX: ucd-snmp/proxy doesn't properly support TCP -- remove this once it does +[ "x$SNMP_TRANSPORT_SPEC" = "xtcp" -o "x$SNMP_TRANSPORT_SPEC" = "xtcp6" ] && SKIP + +# +# Begin test +# + +# standard V3 configuration for initial user +. ./Sv3config +# config the proxy +CONFIGAGENT proxy -t 2 -r 1 -v 2c -c testcommunity $SNMP_TRANSPORT_SPEC:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT} .1.3.6.1.2.1.1 + +# Start the agent without initializing the system mib. +ORIG_AGENT_FLAGS="$AGENT_FLAGS" +AGENT_FLAGS="$ORIG_AGENT_FLAGS -I -system_mib,winExtDLL -Dproxy" +STARTAGENT + +# test to see that the current agent doesn't support the system mib +#CAPTURE "snmpget -On -t 3 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +#CHECK ".1.3.6.1.2.1.1.3.0 = No Such Object" + +#if test "$snmp_last_test_result" = 1; then + # test the proxy subagent by first running it... + + SNMP_SNMPD_PID_FILE_ORIG=$SNMP_SNMPD_PID_FILE + SNMP_SNMPD_LOG_FILE_ORIG=$SNMP_SNMPD_LOG_FILE + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE.num2 + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE.num2 + SNMP_CONFIG_FILE="$SNMP_TMPDIR/proxy.conf" + echo "rwcommunity testcommunity" >> $SNMP_CONFIG_FILE + if [ "$SNMP_TRANSPORT_SPEC" = "udp6" -o "$SNMP_TRANSPORT_SPEC" = "tcp6" ];then + echo "rwcommunity6 testcommunity" >> $SNMP_CONFIG_FILE + fi + AGENT_FLAGS=$ORIG_AGENT_FLAGS + ORIG_SNMP_SNMPD_PORT=$SNMP_SNMPD_PORT + SNMP_SNMPD_PORT="${SNMP_AGENTX_PORT}" + STARTAGENT + SNMP_SNMPD_PORT=$ORIG_SNMP_SNMPD_PORT + + # test to see that the agent now supports the system mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + + CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + + # stop the subagent + STOPAGENT + + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE_ORIG + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE_ORIG +#fi + +# stop the master agent +STOPAGENT + +# all done (whew) +FINISHED diff --git a/testing/fulltests/default/T121proxyset_simple b/testing/fulltests/default/T121proxyset_simple new file mode 100644 index 0000000..977ddb9 --- /dev/null +++ b/testing/fulltests/default/T121proxyset_simple @@ -0,0 +1,86 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER Proxy SET support + +SKIPIFNOT USING_UCD_SNMP_PROXY_MODULE +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIF NETSNMP_DISABLE_SET_SUPPORT +SKIPIF NETSNMP_NO_WRITE_SUPPORT + +# XXX: ucd-snmp/proxy doesn't properly support TCP -- remove this once it does +[ "x$SNMP_TRANSPORT_SPEC" = "xtcp" -o "x$SNMP_TRANSPORT_SPEC" = "xtcp6" ] && SKIP + +# +# Begin test +# + +# standard V3 configuration for initial user +. ./Sv3config +# config the proxy +CONFIGAGENT proxy -t 2 -r 1 -v 2c -c testcommunity $SNMP_TRANSPORT_SPEC:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT} .1.3.6.1.2.1.1 + +# Start the agent without initializing the system mib. +ORIG_AGENT_FLAGS="$AGENT_FLAGS" +AGENT_FLAGS="$ORIG_AGENT_FLAGS -I -system_mib,winExtDLL -Dproxy" +STARTAGENT + +# test to see that the current agent doesn't support the system mib +#CAPTURE "snmpget -On -t 3 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +#CHECK ".1.3.6.1.2.1.1.3.0 = No Such Object" + +#if test "$snmp_last_test_result" = 1; then + # test the proxy subagent by first running it... + + SNMP_SNMPD_PID_FILE_ORIG=$SNMP_SNMPD_PID_FILE + SNMP_SNMPD_LOG_FILE_ORIG=$SNMP_SNMPD_LOG_FILE + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE.num2 + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE.num2 + SNMP_CONFIG_FILE="$SNMP_TMPDIR/proxy.conf" + echo "rwcommunity testcommunity" >> $SNMP_CONFIG_FILE + if [ "$SNMP_TRANSPORT_SPEC" = "udp6" -o "$SNMP_TRANSPORT_SPEC" = "tcp6" ];then + echo "rwcommunity6 testcommunity" >> $SNMP_CONFIG_FILE + fi + echo "psyscontact testcontact" >> $SNMP_CONFIG_FILE + AGENT_FLAGS="$ORIG_AGENT_FLAGS -Dmib_init" + ORIG_SNMP_SNMPD_PORT=$SNMP_SNMPD_PORT + SNMP_SNMPD_PORT="${SNMP_AGENTX_PORT}" + STARTAGENT + SNMP_SNMPD_PORT=$ORIG_SNMP_SNMPD_PORT + + # test to see that the agent now supports the system mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + + CHECK ".1.3.6.1.2.1.1.4.0 = STRING: \"*testcontact" + + if test "$snmp_last_test_result" = 1; then + + # test to see that the agent now supports the system mib + CAPTURE "snmpset -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 s testnewcontact" + + CHECK ".1.3.6.1.2.1.1.4.0 = STRING: \"*testnewcontact" + + if test "$snmp_last_test_result" = 1; then + + # test to see that the agent now supports the system mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + + CHECK ".1.3.6.1.2.1.1.4.0 = STRING: \"*testnewcontact" + fi + fi + + # stop the subagent + STOPAGENT + + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE_ORIG + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE_ORIG +#fi + +# stop the master agent +STOPAGENT + +# all done (whew) +FINISHED diff --git a/testing/fulltests/default/T122proxysetfail_simple b/testing/fulltests/default/T122proxysetfail_simple new file mode 100644 index 0000000..7dad797 --- /dev/null +++ b/testing/fulltests/default/T122proxysetfail_simple @@ -0,0 +1,86 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER Proxy illegal SET handling support + +SKIPIFNOT USING_UCD_SNMP_PROXY_MODULE +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIF NETSNMP_DISABLE_SET_SUPPORT +SKIPIF NETSNMP_NO_WRITE_SUPPORT + +# XXX: ucd-snmp/proxy doesn't properly support TCP -- remove this once it does +[ "x$SNMP_TRANSPORT_SPEC" = "xtcp" ] && SKIP + +# +# Begin test +# + +# standard V3 configuration for initial user +. ./Sv3config +# config the proxy +CONFIGAGENT proxy -t 2 -r 1 -v 2c -c testcommunity $SNMP_TRANSPORT_SPEC:${SNMP_TEST_DEST}${SNMP_AGENTX_PORT} .1.3.6.1.2.1.1 + +# Start the agent without initializing the system mib. +ORIG_AGENT_FLAGS="$AGENT_FLAGS" +AGENT_FLAGS="$ORIG_AGENT_FLAGS -I -system_mib,winExtDLL -Dproxy" +STARTAGENT + +# test to see that the current agent doesn't support the system mib +#CAPTURE "snmpget -On -t 3 $SNMP_FLAGS $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +#CHECK ".1.3.6.1.2.1.1.3.0 = No Such Object" + +#if test "$snmp_last_test_result" = 1; then + # test the proxy subagent by first running it... + + SNMP_SNMPD_PID_FILE_ORIG=$SNMP_SNMPD_PID_FILE + SNMP_SNMPD_LOG_FILE_ORIG=$SNMP_SNMPD_LOG_FILE + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE.num2 + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE.num2 + SNMP_CONFIG_FILE="$SNMP_TMPDIR/proxy.conf" + echo "rwcommunity testcommunity" >> $SNMP_CONFIG_FILE + if [ "$SNMP_TRANSPORT_SPEC" = "udp6" -o "$SNMP_TRANSPORT_SPEC" = "tcp6" ];then + echo "rwcommunity6 testcommunity" >> $SNMP_CONFIG_FILE + fi +# echo "syscontact testcontact" >> $SNMP_CONFIG_FILE + AGENT_FLAGS="$ORIG_AGENT_FLAGS -Dmib_init" + ORIG_SNMP_SNMPD_PORT=$SNMP_SNMPD_PORT + SNMP_SNMPD_PORT="${SNMP_AGENTX_PORT}" + STARTAGENT + SNMP_SNMPD_PORT=$ORIG_SNMP_SNMPD_PORT + + # test to see that the agent now supports the system mib + CAPTURE "snmpget -On $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + + + # we don't know the real value, unfortunately, so we test for what + # we should *not* get back. + CHECKCOUNT 0 ".1.3.6.1.2.1.1.4.0 = No Such Object" + + if test "$snmp_last_test_result" = 0; then + + # test to see that the agent now supports the system mib + CAPTURE "snmpset -On -Ir $SNMP_FLAGS -t 5 $AUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 i 42" + + # 5.0.x snmpset shows error on single line + #CHECK ".1.3.6.1.2.1.1.4.0 = Wrong Type" + # 5.1.x snmpset shows error on multiple lines + CHECK "Reason: wrongType" + CHECK "Failed object: .1.3.6.1.2.1.1.4.0" + + fi + + # stop the subagent + STOPAGENT + + SNMP_SNMPD_PID_FILE=$SNMP_SNMPD_PID_FILE_ORIG + SNMP_SNMPD_LOG_FILE=$SNMP_SNMPD_LOG_FILE_ORIG +#fi + +# stop the master agent +STOPAGENT + +# all done (whew) +FINISHED diff --git a/testing/fulltests/default/T130snmpv1vacmget_simple b/testing/fulltests/default/T130snmpv1vacmget_simple new file mode 100644 index 0000000..80623f4 --- /dev/null +++ b/testing/fulltests/default/T130snmpv1vacmget_simple @@ -0,0 +1,32 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv1 vacm acceptance support +SKIPIF NETSNMP_DISABLE_SNMPV1 + +# +# Begin test +# + +# standard V1 configuration: testcommunity1 testcommunity2 +# testcommunity1 can access .1.3.6.1.2.1.1.1, others are denied +# testcommunity2 can access all except .1.3.6.1.2.1.1.1 +# This case test for successful access +snmp_version=v1 +. ./Svacmconfig + +AGENT_FLAGS="$AGENT_FLAGS -I-winExtDLL" +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity1 -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.1.0" + +CHECKORDIE ".1.3.6.1.2.1.1.1.0 = STRING:" + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity2 -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks: " + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T131snmpv2cvacmget_simple b/testing/fulltests/default/T131snmpv2cvacmget_simple new file mode 100644 index 0000000..4f72370 --- /dev/null +++ b/testing/fulltests/default/T131snmpv2cvacmget_simple @@ -0,0 +1,35 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2 vacm acceptance support + +SKIPIF NETSNMP_DISABLE_SNMPV2C + +# +# Begin test +# + + +# standard V1 configuration: testcommunity1 testcommunity2 +# testcommunity1 can access .1.3.6.1.2.1.1.1, others are denied +# testcommunity2 can access all except .1.3.6.1.2.1.1.1 +# This case test for successful access + +snmp_version=v2c +. ./Svacmconfig + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity1 -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.1.0" + +CHECKORDIE ".1.3.6.1.2.1.1.1.0 = STRING:" + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity2 -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks: " + + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T132snmpv3vacmget_simple b/testing/fulltests/default/T132snmpv3vacmget_simple new file mode 100644 index 0000000..004d0dd --- /dev/null +++ b/testing/fulltests/default/T132snmpv3vacmget_simple @@ -0,0 +1,31 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 vacm acceptance support + +# +# Begin test +# + +# Configuration: +#initial1 can access .1.3.6.1.2.1.1.1, deny others +#initial2 can access all except .1.3.6.1.2.1.1.1 +#This case test for successful access + +snmp_version=v3 +. ./Sv3vacmconfig + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -v3 -a MD5 -A initial_test_pass_auth -u initial1 -l anp $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.1.0" + +CHECKORDIE ".1.3.6.1.2.1.1.1.0 = STRING:" + +CAPTURE "snmpget -On $SNMP_FLAGS -v3 -a MD5 -A initial_test_pass_auth -u initial2 -l anp $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks: " + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T140snmpv1vacmgetfail_simple b/testing/fulltests/default/T140snmpv1vacmgetfail_simple new file mode 100644 index 0000000..a47f94d --- /dev/null +++ b/testing/fulltests/default/T140snmpv1vacmgetfail_simple @@ -0,0 +1,35 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv1 vacm denial support + +SKIPIF NETSNMP_DISABLE_SNMPV1 + +# +# Begin test +# + +# standard V1 configuration: testcommunity1 testcommunity2 +# testcommunity1 can access .1.3.6.1.2.1.1.1, others are denied +# testcommunity2 can access all except .1.3.6.1.2.1.1.1 +# This case test for denied access + +snmp_version=v1 +. ./Svacmconfig + +STARTAGENT + + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity1 -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +CHECKORDIE "Reason: (noSuchName) There is no such variable name in this MIB." + + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity2 -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.1.0" + +CHECKORDIE "Reason: (noSuchName) There is no such variable name in this MIB." + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T141snmpv2cvacmgetfail_simple b/testing/fulltests/default/T141snmpv2cvacmgetfail_simple new file mode 100644 index 0000000..cd362aa --- /dev/null +++ b/testing/fulltests/default/T141snmpv2cvacmgetfail_simple @@ -0,0 +1,48 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2 vacm denial support + +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIF NETSNMP_DISABLE_SET_SUPPORT +SKIPIF NETSNMP_NO_WRITE_SUPPORT +SKIPIFNOT USING_MIBII_VACM_CONF_MODULE + +# +# Begin test +# + + +# standard V1 configuration: testcommunity1 testcommunity2 +# testcommunity1 can access .1.3.6.1.2.1.1.1, others are denied +# testcommunity2 can access all except .1.3.6.1.2.1.1.1 +# This case test for denied access + +snmp_version=v2c +. ./Svacmconfig + +STARTAGENT + + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity1 -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = No Such Object available on this agent at this OID" + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity2 -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.1.0" +CHECKORDIE ".1.3.6.1.2.1.1.1.0 = No Such Object available on this agent at this OID" + +CAPTURE "snmpset -On $SNMP_FLAGS -c testcommunity1 -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.5.0 s dummy" +CHECKORDIE "Reason: noAccess" + +CAPTURE "snmpset -On $SNMP_FLAGS -c testcommunity2 -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.5.0 s dummy" +CHECKORDIE "Reason: noAccess" + +CAPTURE "snmpset -On $SNMP_FLAGS -c testrwcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.5.0 s dummy" +CHECKORDIE ".1.3.6.1.2.1.1.5.0 = STRING: \"*dummy" + +CAPTURE "snmpset -On $SNMP_FLAGS -c testrocommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.5.0 s dummy" +CHECKORDIE "Reason: noAccess" + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T142snmpv3vacmgetfail_simple b/testing/fulltests/default/T142snmpv3vacmgetfail_simple new file mode 100644 index 0000000..cfc000b --- /dev/null +++ b/testing/fulltests/default/T142snmpv3vacmgetfail_simple @@ -0,0 +1,32 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv3 vacm denial support + +# +# Begin test +# + +# Configuration: +#initial1 can access .1.3.6.1.2.1.1.1, deny others +#initial2 can access all except .1.3.6.1.2.1.1.1 +#This case test for denied access + +snmp_version=v3 +. ./Sv3vacmconfig + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -v3 -a MD5 -A initial_test_pass_auth -u initial1 -l anp $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +CHECKORDIE ".1.3.6.1.2.1.1.3.0 = No Such Object available on this agent at this OID" + + +CAPTURE "snmpget -On $SNMP_FLAGS -v3 -a MD5 -A initial_test_pass_auth -u initial2 -l anp $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.1.0" + +CHECKORDIE ".1.3.6.1.2.1.1.1.0 = No Such Object available on this agent at this OID" + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T150solarishostcpu_simple b/testing/fulltests/default/T150solarishostcpu_simple new file mode 100644 index 0000000..4a3ee6a --- /dev/null +++ b/testing/fulltests/default/T150solarishostcpu_simple @@ -0,0 +1,31 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER 1st CPU on Solaris using HOST-RESOURCES + +if test "x`uname -s`" != "xSunOS" ; then + SKIP "not running solaris" +fi + +SKIPIF NETSNMP_DISABLE_SNMPV1 +SKIPIFNOT USING_HOST_HR_DEVICE_MODULE + +# +# Begin test +# + +# standard V1 configuration: testcommunity +. ./Sv1config + +STARTAGENT + +# ask for the description of the first CPU in the system + +CAPTURE "snmpgetnext -On $SNMP_FLAGS -c testcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.25.3.2.1.3.767" + +CHECKORDIE ' = STRING: "*CPU ' + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/default/T151solarishostdisk_simple b/testing/fulltests/default/T151solarishostdisk_simple new file mode 100644 index 0000000..77a117f --- /dev/null +++ b/testing/fulltests/default/T151solarishostdisk_simple @@ -0,0 +1,31 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER initial load device on Solaris using HOST-RESOURCES + +if test `uname -s` != "SunOS" ; then + # a bogus skip for !suns + SKIP "not running solaris" +fi + +SKIPIFNOT USING_HOST_HR_SYSTEM_MODULE +SKIPIF NETSNMP_DISABLE_SNMPV1 + +# +# Begin test +# + +# standard V1 configuration: testcommunity +. ./Sv1config + +STARTAGENT + +# ask for the index of the initial device (hrSystemInitialLoadDevice.0) +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.25.1.3.0" + +STOPAGENT + +CHECKORDIE "^.1.3.6.1.2.1.25.1.3.0 = INTEGER:" + +FINISHED diff --git a/testing/fulltests/default/T152hostuptime_simple b/testing/fulltests/default/T152hostuptime_simple new file mode 100644 index 0000000..4d62b35 --- /dev/null +++ b/testing/fulltests/default/T152hostuptime_simple @@ -0,0 +1,27 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER uptime using HOST-RESOURCES + +SKIPIFNOT USING_HOST_HR_SYSTEM_MODULE + +SKIPIF NETSNMP_DISABLE_SNMPV1 + +# +# Begin test +# + +# standard V1 configuration: testcommunity +. ./Sv1config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.25.1.1.0" + +STOPAGENT + +CHECKORDIE "^.1.3.6.1.2.1.25.1.1.0 = Timeticks:" + +FINISHED + diff --git a/testing/fulltests/default/T153solarisswap_simple b/testing/fulltests/default/T153solarisswap_simple new file mode 100644 index 0000000..055dd45 --- /dev/null +++ b/testing/fulltests/default/T153solarisswap_simple @@ -0,0 +1,31 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER swap on Solaris using HOST-RESOURCES + +if test `uname -s` != "SunOS" ; then + SKIP "not running solaris" +fi + +ISDEFINED USING_HOST_HR_STORAGE_MODULE || ISDEFINED USING_HOST_HRH_STORAGE_MODULE || SKIP "Not using hrStorage" + +SKIPIF NETSNMP_DISABLE_SNMPV1 + +# +# Begin test +# + +# standard V1 configuration: testcommunity +. ./Sv1config + +STARTAGENT + +# ask for hrStorageSize.10 which reports overall swap size +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 1 $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.25.2.3.1.5.10" + +STOPAGENT + +CHECKORDIE "^.1.3.6.1.2.1.25.2.3.1.5.10 = INTEGER:" + +FINISHED diff --git a/testing/fulltests/default/T154dismanpingmib_simple b/testing/fulltests/default/T154dismanpingmib_simple new file mode 100644 index 0000000..45cffe0 --- /dev/null +++ b/testing/fulltests/default/T154dismanpingmib_simple @@ -0,0 +1,116 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DISMAN PING MIB + +[ "$UID" = 0 ] || SKIP "Not permitted to create raw sockets" +SKIPIFNOT USING_DISMAN_PING_MIB_MODULE +SKIPIF NETSNMP_DISABLE_SNMPV1 + +# SNMPv2-TC +active=1 +createAndWait=5 +destroy=6 +# DISMAN-PING-MIB +DISMAN_PING_MIB=.1.3.6.1.2.1.80.1 +pingCtlEntry=${DISMAN_PING_MIB}.2.1 +pingCtlTargetAddressType=${pingCtlEntry}.3 +pingCtlTargetAddresTypeIpv4=1 +pingCtlTargetAddress=${pingCtlEntry}.4 +pingCtlProbeCount=${pingCtlEntry}.7 +pingCtlAdminStatus=${pingCtlEntry}.8 +pingCtlAdminStatusEnabled=1 +pingCtlFrequency=${pingCtlEntry}.10 +pingCtlDescr=${pingCtlEntry}.17 +pingCtlRowStatus=${pingCtlEntry}.23 +pingResultsEntry=${DISMAN_PING_MIB}.3.1 +pingResultsProbeResponses=${pingResultsEntry}.7 +pingResultsSentProbes=${pingResultsEntry}.8 +# Test configuration +TARGET_ADDRESS=127.0.0.1 +IDXPFX=8.78.101.116.45.83.78.77.80.6.84.49.53.52 # "Net-SNMP"."T154" +IDXS="${IDXPFX}.95.49 ${IDXPFX}.95.50 ${IDXPFX}.95.51" +PROBE_COUNT=5 + + +# +# Begin test +# + +# standard V1 configuration: testcommunity +snmp_write_access='all' +. ./Sv1config + +STARTAGENT + +for IDX in $IDXS; do + +CAPTURE "snmpset -One $SNMP_FLAGS -c testcommunity -v1 \ + $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT \ + $pingCtlRowStatus.$IDX i $destroy" + +CHECK "^$pingCtlRowStatus.$IDX = INTEGER: $destroy" + +CAPTURE "snmpset -One $SNMP_FLAGS -c testcommunity -v1 \ + $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT \ + $pingCtlRowStatus.$IDX i $createAndWait" + +CHECK "^$pingCtlRowStatus.$IDX = INTEGER: $createAndWait" + +CAPTURE "snmpset -One $SNMP_FLAGS -c testcommunity -v1 \ + $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT \ + $pingCtlTargetAddressType.$IDX i $pingCtlTargetAddresTypeIpv4 \ + $pingCtlTargetAddress.$IDX s $TARGET_ADDRESS \ + $pingCtlFrequency.$IDX u 1 \ + $pingCtlDescr.$IDX s ScriptGenerated \ + $pingCtlProbeCount.$IDX u ${PROBE_COUNT} \ + $pingCtlAdminStatus.$IDX i $pingCtlAdminStatusEnabled" + +CHECK "^$pingCtlAdminStatus.$IDX = INTEGER: $pingCtlAdminStatusEnabled" + +CAPTURE "snmpset -One $SNMP_FLAGS -c testcommunity -v1 \ + $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT \ + $pingCtlRowStatus.$IDX i $active" + +CHECK "^$pingCtlRowStatus.$IDX = INTEGER: $active" + +done + +sleep ${PROBE_COUNT} +sleep 2 + +for IDX in $IDXS; do + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v1 \ + $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT \ + $pingResultsSentProbes.$IDX" + +CHECK "^$pingResultsSentProbes.$IDX = Gauge32: ${PROBE_COUNT}" + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v1 \ + $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT \ + $pingResultsProbeResponses.$IDX" + +CHECK "^$pingResultsProbeResponses.$IDX = Gauge32: ${PROBE_COUNT}" + +done + +# Delete first row and leave the remaining rows in the table. + +for IDX in $IDXS; do + +CAPTURE "snmpset -One $SNMP_FLAGS -c testcommunity -v1 \ + $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT \ + $pingCtlRowStatus.$IDX i $destroy" + +CHECK "^$pingCtlRowStatus.$IDX = INTEGER: $destroy" + +break + +done + +STOPAGENT + + +FINISHED diff --git a/testing/fulltests/default/T160snmpnetstat_simple b/testing/fulltests/default/T160snmpnetstat_simple new file mode 100644 index 0000000..33159d2 --- /dev/null +++ b/testing/fulltests/default/T160snmpnetstat_simple @@ -0,0 +1,55 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +# snmpnetstat test only works with UDP or TCP +if [ "x$SNMP_TRANSPORT_SPEC" = "x" -o "x$SNMP_TRANSPORT_SPEC" = "xudp" ]; then + proto=udp + HEADER "if snmpnetstat finds the running agent in udpTable" + SKIPIFNOT USING_MIBII_UDPTABLE_MODULE +elif [ "x$SNMP_TRANSPORT_SPEC" = "xtcp" ]; then + proto=tcp + HEADER "if snmpnetstat finds the running agent in tcpTable" + SKIPIFNOT USING_MIBII_TCPTABLE_MODULE +else + HEADER "if snmpnetstat finds the running agent in udpTable/tcpTable" + SKIP +fi + +# on some systems the agent needs to be run as root to access udpTable/tcpTable +# - else force skip +case "x`uname -s`" in + xAIX) [ "x`id -u`" != "x0" ] && SKIP;; + xHP-UX) [ "x`id -u`" != "x0" ] && SKIP;; + xIRIX*) [ "x`id -u`" != "x0" ] && SKIP;; + xNetBSD) [ "x`id -u`" != "x0" ] && SKIP;; + xOpenBSD) [ "x`id -u`" != "x0" ] && SKIP;; + xOSF1) [ "x`id -u`" != "x0" ] && SKIP;; +esac + +SKIPIF NETSNMP_DISABLE_SNMPV2C + +# make sure snmpnetstat can be executed +SNMPNETSTAT="${SNMP_UPDIR}/apps/snmpnetstat/snmpnetstat" +[ -x "$SNMPNETSTAT" ] || SKIP + +snmp_version=v2c +. ./Sv2cconfig + +# +# Begin test +# + +STARTAGENT + +CAPTURE "$SNMPNETSTAT -Cn -Cp $proto -$snmp_version -c testcommunity $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT" +CHECKEXACT "127.0.0.1.$SNMP_SNMPD_PORT" +# multiple occurrences (especially in tcpTable) are fine +if [ "$snmp_last_test_result" != 0 ] ; then + return_value=0 +else + return_value=1 +fi + +STOPAGENT +FINISHED diff --git a/testing/fulltests/default/T200snmpv2cwalkall_simple b/testing/fulltests/default/T200snmpv2cwalkall_simple new file mode 100644 index 0000000..3bbc2ae --- /dev/null +++ b/testing/fulltests/default/T200snmpv2cwalkall_simple @@ -0,0 +1,38 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER "full snmpwalk (SNMPv2c) against agent (may take time)" + +if test `uname -s` = "HP-UX" ; then + if test `id -u` != "0" ; then + # The agent needs to be run as root - else force skip + SKIP + fi +fi + +SKIPIF NETSNMP_DISABLE_SNMPV2C + +# make sure snmpwalk can be executed +SNMPWALK="${SNMP_UPDIR}/apps/snmpwalk" +[ -x "$SNMPWALK" ] || SKIP + +snmp_version=v2c +. ./Sv2cconfig + +# +# Begin test +# + +# higher timeout/retry values for safety +TIMEOUT=10 +RETRY=5 + +STARTAGENT + +CAPTURE "$SNMPWALK $SNMP_FLAGS -$snmp_version -c testcommunity -t $TIMEOUT -r $RETRY $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1" +ISDEFINED USING_WINEXTDLL_MODULE || ISDEFINED USING_ETHERLIKE_MIB_DOT3STATSTABLE_MODULE || CHECKANDDIE "= Wrong Type (should be " +CHECKORDIE "No more variables left in this MIB View" + +STOPAGENT +FINISHED diff --git a/testing/fulltests/perl/NetSNMPTestTransport.pm b/testing/fulltests/perl/NetSNMPTestTransport.pm new file mode 100644 index 0000000..38bcfee --- /dev/null +++ b/testing/fulltests/perl/NetSNMPTestTransport.pm @@ -0,0 +1,54 @@ +BEGIN { + if (exists($ENV{'srcdir'})) { + push @INC, "$ENV{'srcdir'}/testing/fulltests/support"; + } elsif (-d "fulltests/support") { + push @INC, "fulltests/support"; + } elsif (-d "../support") { + push @INC, "../support"; + } +} + +package NetSNMPTestTransport; + +use NetSNMPTest; +use Test; +use SNMP; + +our @ISA = qw(NetSNMPTest); + +sub run_tests { + my ($self) = @_; + + plan(tests => 2); + + # set it up with a snmpv3 USM user + $self->config_agent("createuser testuser MD5 notareallpassword"); + $self->config_agent("rwuser testuser"); + $self->config_agent("syscontact itworked"); + + $self->DIE("failed to start the agent") if (!$self->start_agent()); + + # now create a session to test things with + my $session = new SNMP::Session(DestHost => $self->{'agentaddress'}, + Version => '3', + SecName => 'testuser', + SecLevel => 'authNoPriv', + AuthProto => 'MD5', + AuthPass => 'notareallpassword'); + + ok(ref($session), 'SNMP::Session', "created a session"); + + ###################################################################### + # GET test + if (ref($session) eq 'SNMP::Session') { + $value = $session->get('sysContact.0'); + ok($value, 'itworked'); + } + + ###################################################################### + # cleanup + $self->stop_agent(); +} + + +1; diff --git a/testing/fulltests/perl/T001basic.t b/testing/fulltests/perl/T001basic.t new file mode 100644 index 0000000..c7af105 --- /dev/null +++ b/testing/fulltests/perl/T001basic.t @@ -0,0 +1,93 @@ +#!/usr/bin/perl + +# HEADER Basic perl functionality to a UDP agent + +BEGIN { + if (exists($ENV{'srcdir'})) { + push @INC, "$ENV{'srcdir'}/testing/fulltests/support"; + } elsif (-d "fulltests/support") { + push @INC, "fulltests/support"; + } elsif (-d "../support") { + push @INC, "../support"; + } +} + +use NetSNMPTest; +use Test; +use SNMP; + +my $value; + +plan(tests => 10); + +ok(1,1,"started up"); + +# use a basic UDP port +my $destination = "udp:localhost:9897"; + +my $test = new NetSNMPTest(agentaddress => $destination); + +# set it up with a snmpv3 USM user +$test->config_agent("createuser testuser MD5 notareallpassword"); +$test->config_agent("rwuser testuser"); +$test->config_agent("syscontact itworked"); + +$test->DIE("failed to start the agent") if (!$test->start_agent()); + +# now create a session to test things with +my $session = new SNMP::Session(DestHost => $destination, + Version => '3', + SecName => 'testuser', + SecLevel => 'authNoPriv', + AuthProto => 'MD5', + AuthPass => 'notareallpassword'); + +ok(ref($session), 'SNMP::Session', "created a session"); + + +###################################################################### +# GET test +$value = $session->get('sysContact.0'); + +ok($value, 'itworked'); + +###################################################################### +# GETNEXT test +$value = $session->getnext('sysContact'); + +ok($value, 'itworked'); + +###################################################################### +# SET test +$value = $session->get('sysLocation.0'); + +ok($value ne 'yep', 1, 'Ensuring the sysLocation setting is not "yep"'); + +my $varbind = new SNMP::Varbind(['sysLocation', '0', 'yep', 'OCTETSTR']); + + +$value = $session->set($varbind); + +ok(($value == 0), 1, 'return value from set was a success'); + +my $value = $session->get('sysLocation.0'); + +ok($value, 'yep'); + +###################################################################### +# GETBULK test +$varbind = new SNMP::Varbind(['sysContact']); +my @values = $session->getbulk(0, 3, $varbind); + +ok($#values == 2); +ok($values[0] eq 'itworked'); +ok($values[2] eq 'yep'); + +###################################################################### +# gettable() test + + + +###################################################################### +# cleanup +$test->stop_agent(); diff --git a/testing/fulltests/perl/T101udp.t b/testing/fulltests/perl/T101udp.t new file mode 100644 index 0000000..5f015d2 --- /dev/null +++ b/testing/fulltests/perl/T101udp.t @@ -0,0 +1,18 @@ +#!/usr/bin/perl + +# HEADER Perl UDP IPv4 Test + +BEGIN { + if (exists($ENV{'srcdir'})) { + push @INC, "$ENV{'srcdir'}/testing/fulltests/perl"; + } elsif (-d "fulltests/perl") { + push @INC, "fulltests/perl"; + } elsif (-d "../perl") { + push @INC, "../perl"; + } +} +use NetSNMPTestTransport; + +my $test = new NetSNMPTestTransport(agentaddress => "udp:localhost:9875"); +$test->require_feature("NETSNMP_TRANSPORT_UDP_DOMAIN"); +$test->run_tests(); diff --git a/testing/fulltests/perl/T102tcp.t b/testing/fulltests/perl/T102tcp.t new file mode 100644 index 0000000..2fa07ac --- /dev/null +++ b/testing/fulltests/perl/T102tcp.t @@ -0,0 +1,18 @@ +#!/usr/bin/perl + +# HEADER Perl TCP IPv4 Test + +BEGIN { + if (exists($ENV{'srcdir'})) { + push @INC, "$ENV{'srcdir'}/testing/fulltests/perl"; + } elsif (-d "fulltests/perl") { + push @INC, "fulltests/perl"; + } elsif (-d "../perl") { + push @INC, "../perl"; + } +} +use NetSNMPTestTransport; + +my $test = new NetSNMPTestTransport(agentaddress => "tcp:localhost:9875"); +$test->require_feature("NETSNMP_TRANSPORT_TCP_DOMAIN"); +$test->run_tests(); diff --git a/testing/fulltests/perl/T103udp6.t b/testing/fulltests/perl/T103udp6.t new file mode 100644 index 0000000..3ecb332 --- /dev/null +++ b/testing/fulltests/perl/T103udp6.t @@ -0,0 +1,18 @@ +#!/usr/bin/perl + +# HEADER Perl UDP IPv6 Test + +BEGIN { + if (exists($ENV{'srcdir'})) { + push @INC, "$ENV{'srcdir'}/testing/fulltests/perl"; + } elsif (-d "fulltests/perl") { + push @INC, "fulltests/perl"; + } elsif (-d "../perl") { + push @INC, "../perl"; + } +} +use NetSNMPTestTransport; + +my $test = new NetSNMPTestTransport(agentaddress => "udp6:[::1]:9875"); +$test->require_feature("NETSNMP_TRANSPORT_UDPIPV6_DOMAIN"); +$test->run_tests(); diff --git a/testing/fulltests/perl/T104tcp6.t b/testing/fulltests/perl/T104tcp6.t new file mode 100644 index 0000000..58222d0 --- /dev/null +++ b/testing/fulltests/perl/T104tcp6.t @@ -0,0 +1,18 @@ +#!/usr/bin/perl + +# HEADER Perl TCP IPv6 Test + +BEGIN { + if (exists($ENV{'srcdir'})) { + push @INC, "$ENV{'srcdir'}/testing/fulltests/perl"; + } elsif (-d "fulltests/perl") { + push @INC, "fulltests/perl"; + } elsif (-d "../perl") { + push @INC, "../perl"; + } +} +use NetSNMPTestTransport; + +my $test = new NetSNMPTestTransport(agentaddress => "tcp6:[::1]:9875"); +$test->require_feature("NETSNMP_TRANSPORT_TCPIPV6_DOMAIN"); +$test->run_tests(); diff --git a/testing/fulltests/perl/T105unix.t b/testing/fulltests/perl/T105unix.t new file mode 100644 index 0000000..3c01719 --- /dev/null +++ b/testing/fulltests/perl/T105unix.t @@ -0,0 +1,19 @@ +#!/usr/bin/perl + +# HEADER Perl Unix Domain Socket Test + +BEGIN { + if (exists($ENV{'srcdir'})) { + push @INC, "$ENV{'srcdir'}/testing/fulltests/perl"; + } elsif (-d "fulltests/perl") { + push @INC, "fulltests/perl"; + } elsif (-d "../perl") { + push @INC, "../perl"; + } +} +use NetSNMPTestTransport; + +my $test = new NetSNMPTestTransport(agentaddress => "bogus"); +$test->require_feature("NETSNMP_TRANSPORT_UNIX_DOMAIN"); +$test->{'agentaddress'} = "unix:" . $test->{'dir'} . "/unixtestsocket"; +$test->run_tests(); diff --git a/testing/fulltests/read-only/T0141snmpv2csetfail_simple b/testing/fulltests/read-only/T0141snmpv2csetfail_simple new file mode 100644 index 0000000..9705f49 --- /dev/null +++ b/testing/fulltests/read-only/T0141snmpv2csetfail_simple @@ -0,0 +1,32 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER SNMPv2c set failure to system.sysContact.0 + +SKIPIFNOT NETSNMP_NO_WRITE_SUPPORT +SKIPIF NETSNMP_DISABLE_SNMPV2C +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +# +# Begin test +# + +# standard V2C configuration: testcomunnity +snmp_write_access='all' +(cd ../default ; . ./Sv2cconfig) +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0" + +CHECK ".1.3.6.1.2.1.1.4.0 = STRING:" + +CAPTURE "snmpset -r 0 -t 1 -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 s foobartestingbaz" + +CHECK "Timeout: No Response" + +STOPAGENT + +CHECKAGENT 'Bad PDU type received' + +FINISHED diff --git a/testing/fulltests/snmpv3/T010scapitest_capp.c b/testing/fulltests/snmpv3/T010scapitest_capp.c new file mode 100644 index 0000000..ee794a7 --- /dev/null +++ b/testing/fulltests/snmpv3/T010scapitest_capp.c @@ -0,0 +1,459 @@ +/* + * scapitest.c + * + * HEADER Testing SCAPI API + * + * Expected SUCCESSes: 2 + 10 + 1 for all tests. + * + * Returns: + * Number of FAILUREs. + * + * + * ASSUMES No key management functions return non-zero success codes. + * + * XXX Split into individual modules? + * XXX Error/fringe conditions should be tested. + * + * + * Test of sc_random. SUCCESSes: 2. + * REQUIRES a human to spot check for obvious non-randomness... + * + * Test of sc_generate_keyed_hash and sc_check_keyed_hash. SUCCESSes: 10. + * + * Test of sc_encrypt and sc_decrypt. SUCCESSes: 1. + */ + +#include <net-snmp/net-snmp-config.h> + +#include <stdio.h> +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif + +#include <net-snmp/library/asn1.h> +#include <net-snmp/library/snmp_api.h> +#include <net-snmp/library/keytools.h> +#include <net-snmp/library/tools.h> +#include <net-snmp/library/scapi.h> +#include <net-snmp/library/transform_oids.h> +#include <net-snmp/library/callback.h> +#include <net-snmp/net-snmp-includes.h> +#include <net-snmp/library/snmpusm.h> + +#include <stdlib.h> + +extern char *optarg; +extern int optind, optopt, opterr; + +#define DEBUG /* */ + + + +/* + * Globals, &c... + */ +char *local_progname; +int testcount=0; +int failcount=0; + +#define USAGE "Usage: %s [-h][-acHr]" +#define OPTIONLIST "achHr" + +int doalltests = 0, docrypt = 0, dokeyedhash = 0, dorandom = 0; + +#define ALLOPTIONS (doalltests + docrypt + dokeyedhash + dorandom) + + + +#define LOCAL_MAXBUF (1024 * 8) +#define NL "\n" + +#define OUTPUT(o) printf("# %s\n", o); + +#define SUCCESS(s) \ +{ \ + printf("# Done with %s\n", s); \ +} + +#define FAILED(e, f) \ +{ \ + if (e != SNMPERR_SUCCESS) { \ + printf("not ok: %d - %s\n", ++testcount, f); \ + failcount += 1; \ + } else { \ + printf("ok: %d - %s\n", ++testcount, f); \ + } \ + fflush(stdout); \ +} + +#define BIGSTRING \ + (const u_char *) \ + " A port may be a pleasant retreat for any mind grown weary of" \ + "the struggle for existence. The vast expanse of sky, the" \ + "mobile architecture of the clouds, the chameleon coloration" \ + "of the sea, the beacons flashing on the shore, together make" \ + "a prism which is marvellously calculated to entertain but not" \ + "fatigue the eye. The lofty ships with their complex webs of" \ + "rigging, swayed to and fro by the swell in harmonious dance," \ + "all help to maintain a taste for rhythm and beauty in the" \ + "mind. And above all there is a mysterious, aristrocratic kind" \ + "of pleasure to be had, for those who have lost all curiosity" \ + "or ambition, as they strech on the belvedere or lean over the" \ + "mole to watch the arrivals and departures of other men, those" \ + "who still have sufficient strength of purpose in them, the" \ + "urge to travel or enrich themselves." \ + " -- Baudelaire" \ + " From _The_Poems_in_Prose_, \"The Port\" (XLI)." + +#define BIGSECRET \ + (const u_char *) \ + "Shhhh... Don't tell *anyone* about this. Not a soul." +#define BKWDSECRET \ + (const u_char *) \ + ".luos a toN .siht tuoba *enoyna* llet t'noD ...hhhhS" + +#define MLCOUNT_MAX 6 /* MAC Length Count Maximum. */ + + + +/* + * Prototypes. + */ +void usage(void); + +int test_docrypt(void); +int test_dokeyedhash(void); +int test_dorandom(void); + + + + +int +main(int argc, char **argv) +{ + int rval = SNMPERR_SUCCESS; + char ch; + + local_progname = argv[0]; + + /* + * Parse. + */ + while ((ch = getopt(argc, argv, OPTIONLIST)) != EOF) { + switch (ch) { + case 'a': + doalltests = 1; + break; + case 'c': + docrypt = 1; + break; + case 'H': + dokeyedhash = 1; + break; + case 'r': + dorandom = 1; + break; + case 'h': + rval = 0; + default: + usage(); + exit(rval); + } + + argc -= 1; + argv += 1; + optind = 1; + } /* endwhile getopt */ + + if ((argc > 1)) { + usage(); + exit(1000); + + } else if (ALLOPTIONS != 1) { + doalltests = 1; + } + + + /* + * Test stuff. + */ + rval = sc_init(); + FAILED(rval, "sc_init() return code"); + + + if (docrypt || doalltests) { + test_docrypt(); + } + if (dokeyedhash || doalltests) { + test_dokeyedhash(); + } + if (dorandom || doalltests) { + test_dorandom(); + } + + printf("1..%d\n", testcount); + return 0; +} /* end main() */ + + + + + +void +usage(void) +{ + printf( USAGE + "" NL + " -a All tests." NL + " -c Test of sc_encrypt()/sc_decrypt()." + NL + " -h Help." + NL + " -H Test sc_{generate,check}_keyed_hash()." + NL + " -r Test sc_random()." + NL "" NL, local_progname); + +} /* end usage() */ + + + + +/*******************************************************************-o-****** + * test_dorandom + * + * One large request, one set of short requests. + * + * Returns: + * Number of failures. + * + * XXX probably should split up into individual options. + */ +int +test_dorandom(void) +{ + int rval = SNMPERR_SUCCESS, + origrequest = (1024 * 2), + origrequest_short = 19, shortcount = 7, i; + size_t nbytes = origrequest; + u_char buf[LOCAL_MAXBUF]; + + OUTPUT("Random test -- large request:"); + + rval = sc_random(buf, &nbytes); + FAILED(rval, "sc_random() return code"); + + if (nbytes != origrequest) { + FAILED(SNMPERR_GENERR, + "sc_random() returned different than requested."); + } + + dump_chunk("scapitest", NULL, buf, nbytes); + + SUCCESS("Random test -- large request."); + + + OUTPUT("Random test -- short requests:"); + origrequest_short = 16; + + for (i = 0; i < shortcount; i++) { + nbytes = origrequest_short; + rval = sc_random(buf, &nbytes); + FAILED(rval, "sc_random() return code"); + + if (nbytes != origrequest_short) { + FAILED(SNMPERR_GENERR, + "sc_random() returned different " "than requested."); + } + + dump_chunk("scapitest", NULL, buf, nbytes); + } /* endfor */ + + SUCCESS("Random test -- short requests."); + + + return failcount; + +} /* end test_dorandom() */ + + + +/*******************************************************************-o-****** + * test_dokeyedhash + * + * Returns: + * Number of failures. + * + * + * Test keyed hashes with a variety of MAC length requests. + * + * + * NOTE Both tests intentionally use the same secret + * + * FIX Get input or output from some other package which hashes... + * XXX Could cut this in half with a little indirection... + */ +int +test_dokeyedhash(void) +{ + int rval = SNMPERR_SUCCESS, + bigstring_len = strlen((const char *) BIGSTRING), + secret_len = strlen((const char *) BIGSECRET), + properlength, + mlcount = 0; /* MAC Length count. */ + size_t hblen; /* Hash Buffer length. */ + + u_int hashbuf_len[MLCOUNT_MAX] = { + LOCAL_MAXBUF, + USM_MD5_AND_SHA_AUTH_LEN, + USM_MD5_AND_SHA_AUTH_LEN, + USM_MD5_AND_SHA_AUTH_LEN, + 7, + 0, + }; + + u_char hashbuf[LOCAL_MAXBUF]; + char *s; + + test_dokeyedhash_again: + + OUTPUT("Starting Keyed hash test using MD5 --"); + + memset(hashbuf, 0, LOCAL_MAXBUF); + hblen = hashbuf_len[mlcount]; + properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACMD5); + + rval = + sc_generate_keyed_hash(usmHMACMD5AuthProtocol, + USM_LENGTH_OID_TRANSFORM, BIGSECRET, + secret_len, BIGSTRING, + bigstring_len, + hashbuf, &hblen); + FAILED(rval, "sc_generate_keyed_hash() return code"); + + if (hashbuf_len[mlcount] > properlength) { + if (hblen != properlength) { + FAILED(SNMPERR_GENERR, "Wrong MD5 hash length returned. (1)"); + } + + } else if (hblen != hashbuf_len[mlcount]) { + FAILED(SNMPERR_GENERR, "Wrong MD5 hash length returned. (2)"); + } + + rval = + sc_check_keyed_hash(usmHMACMD5AuthProtocol, + USM_LENGTH_OID_TRANSFORM, BIGSECRET, + secret_len, BIGSTRING, bigstring_len, hashbuf, + hblen); + FAILED(rval, "sc_check_keyed_hash() return code"); + + binary_to_hex(hashbuf, hblen, &s); + printf("# hash buffer (len=%" NETSNMP_PRIz "u, request=%d): %s\n", + hblen, hashbuf_len[mlcount], s); + SNMP_FREE(s); + + + + OUTPUT("Starting Keyed hash test using SHA1 --"); + + memset(hashbuf, 0, LOCAL_MAXBUF); + hblen = hashbuf_len[mlcount]; + properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1); + + rval = + sc_generate_keyed_hash(usmHMACSHA1AuthProtocol, + USM_LENGTH_OID_TRANSFORM, BIGSECRET, + secret_len, BIGSTRING, bigstring_len, + hashbuf, &hblen); + FAILED(rval, "sc_generate_keyed_hash() return code"); + + if (hashbuf_len[mlcount] > properlength) { + if (hblen != properlength) { + FAILED(SNMPERR_GENERR, + "Wrong SHA1 hash length returned. (1)"); + } + + } else if (hblen != hashbuf_len[mlcount]) { + FAILED(SNMPERR_GENERR, "Wrong SHA1 hash length returned. (2)"); + } + + rval = + sc_check_keyed_hash(usmHMACSHA1AuthProtocol, + USM_LENGTH_OID_TRANSFORM, BIGSECRET, + secret_len, BIGSTRING, bigstring_len, hashbuf, + hblen); + FAILED(rval, "sc_check_keyed_hash() return code"); + + binary_to_hex(hashbuf, hblen, &s); + printf("# hash buffer (len=%" NETSNMP_PRIz "u, request=%d): %s\n", + hblen, hashbuf_len[mlcount], s); + SNMP_FREE(s); + + SUCCESS("Keyed hash test using SHA1."); + + /* + * Run the basic hash tests but vary the size MAC requests. + */ + if (hashbuf_len[++mlcount] != 0) { + goto test_dokeyedhash_again; + } + + + return failcount; + +} /* end test_dokeyedhash() */ + + + + + +/*******************************************************************-o-****** + * test_docrypt + * + * Returns: + * Number of failures. + */ +int +test_docrypt(void) +{ + int rval = SNMPERR_SUCCESS, + bigstring_len = strlen((const char *) BIGSTRING), + secret_len = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES), + iv_len = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES_IV); + + size_t buf_len = LOCAL_MAXBUF; + size_t cryptbuf_len = LOCAL_MAXBUF; + + u_char buf[LOCAL_MAXBUF], + cryptbuf[LOCAL_MAXBUF], secret[LOCAL_MAXBUF], iv[LOCAL_MAXBUF]; + + OUTPUT("Starting Test 1DES-CBC --"); + + + memset(buf, 0, LOCAL_MAXBUF); + + memcpy(secret, BIGSECRET, secret_len); + memcpy(iv, BKWDSECRET, iv_len); + + rval = sc_encrypt(usmDESPrivProtocol, USM_LENGTH_OID_TRANSFORM, + secret, secret_len, + iv, iv_len, + BIGSTRING, bigstring_len, cryptbuf, &cryptbuf_len); + FAILED(rval, "sc_encrypt() return code."); + + rval = sc_decrypt(usmDESPrivProtocol, USM_LENGTH_OID_TRANSFORM, + secret, secret_len, + iv, iv_len, cryptbuf, cryptbuf_len, buf, &buf_len); + FAILED(rval, "sc_decrypt() return code."); + + /* ignore the pad */ + buf_len -= buf[buf_len-1]; + + FAILED((buf_len != bigstring_len), "Decrypted buffer is the right length."); + printf("# original length: %d\n", bigstring_len); + printf("# output length: %" NETSNMP_PRIz "u\n", buf_len); + + FAILED((memcmp(buf, BIGSTRING, bigstring_len) != 0), + "Decrypted buffer is the same as the original plaintext."); + return failcount; +} /* end test_docrypt() */ diff --git a/testing/fulltests/snmpv3/T020hashtests_capp.c b/testing/fulltests/snmpv3/T020hashtests_capp.c new file mode 100644 index 0000000..9cb5b47 --- /dev/null +++ b/testing/fulltests/snmpv3/T020hashtests_capp.c @@ -0,0 +1,117 @@ +/* HEADER testing SCAPI hashing functions */ +#include <net-snmp/net-snmp-config.h> +#include <net-snmp/net-snmp-includes.h> + +#include <stdio.h> + +void print_hash(const char *label, u_char *MAC, size_t MAC_LEN); + + +int +main(int argc, char **argv) { + u_char buf[] = "wes hardaker"; + u_char MAC[20]; + size_t MAC_LEN = 20; + u_char sha1key[20] = "55555555555555555555"; + u_char md5key[16] = "5555555555555555"; + + u_char sha1proper[20] = { 0x4a, 0x55, 0x2f, 0x65, 0x79, 0x3a, 0x49, 0x35, + 0x37, 0x91, 0x51, 0x1d, + 0xa0, 0x8c, 0x7a, 0x45, 0x50, 0x34, 0xd4, 0x23}; + u_char md5proper[16] = { 0xe5, 0x92, 0xfa, 0x4b, 0x06, 0xe6, 0x27, 0xd7, + 0xc8, 0x18, 0xfa, 0x7a, + 0xd0, 0x82, 0xeb, 0x66}; + int result; + + printf("1..2\n"); + + memset(MAC, 0, MAC_LEN); + sc_hash(usmHMACSHA1AuthProtocol, OID_LENGTH(usmHMACSHA1AuthProtocol), + buf, sizeof(buf)-1, + MAC, &MAC_LEN); + + print_hash("sha1 hash", MAC, MAC_LEN); + + memset(MAC, 0, MAC_LEN); + sc_hash(usmHMACMD5AuthProtocol, OID_LENGTH(usmHMACMD5AuthProtocol), + buf, sizeof(buf)-1, + MAC, &MAC_LEN); + + print_hash("md5 hash", MAC, MAC_LEN); + + MAC_LEN = 20; + sc_generate_keyed_hash(usmHMACSHA1AuthProtocol, + OID_LENGTH(usmHMACSHA1AuthProtocol), + sha1key, sizeof(sha1key), + buf, sizeof(buf)-1, + MAC, &MAC_LEN); + + print_hash("sha1 keyed", MAC, MAC_LEN); + + result = + sc_check_keyed_hash(usmHMACSHA1AuthProtocol, + OID_LENGTH(usmHMACSHA1AuthProtocol), + sha1key, sizeof(sha1key), + buf, sizeof(buf)-1, + sha1proper, 12); + if (0 == result) { + printf("ok: 1 - sha1 keyed compare was equal\n"); + } else { + printf("not ok: 1 - sha1 keyed compare was not equal\n"); + } + + + MAC_LEN = 16; + sc_generate_keyed_hash(usmHMACMD5AuthProtocol, + OID_LENGTH(usmHMACMD5AuthProtocol), + md5key, sizeof(md5key), + buf, sizeof(buf)-1, + MAC, &MAC_LEN); + + print_hash("md5 keyed", MAC, MAC_LEN); + + + MAC_LEN = 16; + result = + sc_check_keyed_hash(usmHMACMD5AuthProtocol, + OID_LENGTH(usmHMACMD5AuthProtocol), + md5key, sizeof(md5key), + buf, sizeof(buf)-1, + md5proper, 12); + + if (0 == result) { + printf("ok: 2 - md5 keyed compare was equal\n"); + } else { + printf("not ok: 2 - md5 keyed compare was not equal\n"); + } + + MAC_LEN = 20; + memset(MAC, 0, MAC_LEN); + generate_Ku(usmHMACSHA1AuthProtocol, + OID_LENGTH(usmHMACSHA1AuthProtocol), + buf, sizeof(buf)-1, + MAC, &MAC_LEN); + print_hash("sha1 Ku", MAC, MAC_LEN); + + MAC_LEN = 16; + memset(MAC, 0, MAC_LEN); + generate_Ku(usmHMACMD5AuthProtocol, + OID_LENGTH(usmHMACMD5AuthProtocol), + buf, sizeof(buf)-1, + MAC, &MAC_LEN); + print_hash("md5 Ku", MAC, MAC_LEN); + + /* XXX: todo: compare results and ensure they're always the same + values; the algorithms aren't time-dependent. */ + return (0); +} + +void +print_hash(const char *label, u_char *MAC, size_t MAC_LEN) { + int i; + printf("# %-10s %" NETSNMP_PRIz "u:\n", label, MAC_LEN); + for(i=0; i < MAC_LEN; i++) { + printf("# %02x ", MAC[i]); + } + printf("\n"); +} diff --git a/testing/fulltests/snmpv3/T040keymanagetest_capp.c b/testing/fulltests/snmpv3/T040keymanagetest_capp.c new file mode 100644 index 0000000..d68f663 --- /dev/null +++ b/testing/fulltests/snmpv3/T040keymanagetest_capp.c @@ -0,0 +1,636 @@ +/* + * keymanagetest.c + * + * HEADER Testing key management API functionality + * + * Expected SUCCESSes: 2 + 2 + 3 for all tests. + * + * Returns: + * Number of FAILUREs. + * + * + * FIX Or how about passing a usmUser name and looking up the entry as + * a means of getting key material? This means the userList is + * available from an application... + * + * ASSUMES No key management functions return non-zero success codes. + * + * Test of generate_Ku(). SUCCESSes: 2 + * Test of generate_kul(). SUCCESSes: 2 + * Test of {encode,decode}_keychange(). SUCCESSes: 3 + */ + +#include <net-snmp/net-snmp-config.h> + +#include <stdio.h> +#ifdef HAVE_STRING_H +#include <string.h> +#endif + +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif + +#include <unistd.h> +#include <ctype.h> + +#include <net-snmp/library/asn1.h> +#include <net-snmp/library/snmp_api.h> +#include <net-snmp/library/keytools.h> +#include <net-snmp/library/tools.h> +#include <net-snmp/library/scapi.h> +#include <net-snmp/library/transform_oids.h> +#include <net-snmp/library/callback.h> + +#include <stdlib.h> + +extern char *optarg; +extern int optind, optopt, opterr; + +int testcount = 0; + +/* + * Globals, &c... + */ +char *local_progname; + +#define USAGE "Usage: %s [-h][-aklu][-E <engineID>][-N <newkey>][-O <oldkey>][-P <passphrase>]" +#define OPTIONLIST "aqE:hklN:O:P:u" + +int doalltests = 0, dogenKu = 0, dogenkul = 0, dokeychange = 0; + +#define ALLOPTIONS (doalltests + dogenKu + dogenkul + dokeychange) + + +#define LOCAL_MAXBUF (1024 * 8) +#define NL "\n" + +#define OUTPUTALWAYS(o) fprintf(stdout, "# %s\n", o); +#define OUTPUT(o) if (!bequiet) { OUTPUTALWAYS(o); } + +#define SUCCESS(s) \ +{ \ + fprintf(stdout, "# Done with %s\n", s); \ +} + +#define FAILED(e, f) \ +{ \ + if ((e) != SNMPERR_SUCCESS) { \ + fprintf(stdout, "not ok: %d - %s\n", ++testcount, f); \ + failcount += 1; \ + } else { \ + fprintf(stdout, "ok: %d - %s\n", ++testcount, f); \ + } \ + fflush(stdout); \ +} + +#define DETAILINT(s, i) \ + fprintf(stdout, "# %s: %d\n", s, i); + +/* + * Test specific globals. + */ +#define ENGINEID_DEFAULT "1.2.3.4wild" +#define PASSPHRASE_DEFAULT "Clay's Conclusion: Creativity is great, " \ + "but plagiarism is faster." +#define OLDKEY_DEFAULT "This is a very old key." +#define NEWKEY_DEFAULT "This key, on the other hand, is very new." + +u_char *engineID = NULL; +char *passphrase = NULL; +const u_char *oldkey = NULL; +const u_char *newkey = NULL; +int bequiet = 0; + + +/* + * Prototypes. + */ +void usage(FILE * ofp); + +int test_genkul(void); +int test_genKu(void); +int test_keychange(void); + + + + +int +main(int argc, char **argv) +{ + int rval = SNMPERR_SUCCESS, failcount = 0; + char ch; + + local_progname = argv[0]; + optarg = NULL; + + /* + * Parse. + */ + while ((ch = getopt(argc, argv, OPTIONLIST)) != EOF) { + switch (ch) { + case 'a': + doalltests = 1; + break; + case 'E': + engineID = (u_char *) optarg; + break; + case 'k': + dokeychange = 1; + break; + case 'l': + dogenkul = 1; + break; + case 'N': + newkey = (u_char *) optarg; + break; + case 'O': + oldkey = (u_char *) optarg; + break; + case 'P': + passphrase = optarg; + break; + case 'u': + dogenKu = 1; + break; + case 'q': + bequiet = 1; + break; + case 'h': + rval = 0; + default: + usage(stdout); + exit(rval); + } + + argc -= 1; + argv += 1; + if (optarg) { + argc -= 1; + argv += 1; + } + + optind = 1; + optarg = NULL; + } /* endwhile getopt */ + + if ((argc > 1)) { + usage(stdout); + exit(1000); + + } else if (ALLOPTIONS != 1) { + doalltests = 1; + } + + + /* + * Test stuff. + */ + rval = sc_init(); + FAILED(rval, "sc_init()."); + + if (dogenKu || doalltests) { + failcount += test_genKu(); + } + if (dogenkul || doalltests) { + failcount += test_genkul(); + } + if (dokeychange || doalltests) { + failcount += test_keychange(); + } + + fprintf(stdout, "1..%d\n", testcount); + return failcount; + +} /* end main() */ + + + + + +void +usage(FILE * ofp) +{ + fprintf(ofp, + USAGE + "" NL + " -a All tests." NL + " -E [0x]<engineID> snmpEngineID string." + NL + " -k Test {encode,decode}_keychange()." + NL + " -l generate_kul()." + NL + " -h Help." + NL + " -N [0x]<newkey> New key (for testing KeyChange TC)." + NL + " -O [0x]<oldkey> Old key (for testing KeyChange TC)." + NL + " -P <passphrase> Source string for usmUser master key." + NL + " -u generate_Ku()." + NL + " -q be quiet." + NL "" NL, local_progname); + +} /* end usage() */ + + + + +#ifdef EXAMPLE +/*******************************************************************-o-****** + * test_dosomething + * + * Test template. + * + * Returns: + * Number of failures. + */ +int +test_dosomething(void) +{ + int rval = SNMPERR_SUCCESS, failcount = 0; + + EM0(1, "UNIMPLEMENTED"); /* EM(1); */ + + test_dosomething_quit: + return failcount; + +} /* end test_dosomething() */ +#endif /* EXAMPLE */ + + + +/*******************************************************************-o-****** + * test_genKu + * + * Returns: + * Number of failures. + * + * + * Test generation of usmUser master key from a passphrase. + * + * ASSUMES Passphrase is made of printable characters! + */ +int +test_genKu(void) +{ + int rval = SNMPERR_SUCCESS, + failcount = 0, + properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACMD5); + size_t kulen; + const char *hashname = "usmHMACMD5AuthProtocol."; + char *s; + u_char Ku[LOCAL_MAXBUF]; + oid *hashtype = usmHMACMD5AuthProtocol; + + OUTPUT("Test of generate_Ku --"); + + /* + * Set passphrase. + */ + if (!passphrase) { + passphrase = strdup(PASSPHRASE_DEFAULT); + } + if (!bequiet) + fprintf(stdout, "Passphrase%s: %s\n", + (strcmp(passphrase, PASSPHRASE_DEFAULT) == 0) ? " (default)" : "", + passphrase); + + + test_genKu_again: + memset(Ku, 0, LOCAL_MAXBUF); + kulen = LOCAL_MAXBUF; + + rval = generate_Ku(hashtype, USM_LENGTH_OID_TRANSFORM, + (const u_char *) passphrase, strlen(passphrase), + Ku, &kulen); + FAILED(rval, "generate_Ku()."); + + FAILED((kulen != properlength), + "Ku length is the right length for this hashtype."); + + binary_to_hex(Ku, kulen, &s); + if (!bequiet) + fprintf(stdout, "# Ku (len=%" NETSNMP_PRIz "u): %s\n", kulen, s); + free_zero(s, kulen); + + OUTPUT(hashname); + + if (hashtype == usmHMACMD5AuthProtocol) { + hashtype = usmHMACSHA1AuthProtocol; + hashname = "usmHMACSHA1AuthProtocol."; + properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1); + goto test_genKu_again; + } + + return failcount; + +} /* end test_genKu() */ + + + + +/*******************************************************************-o-****** + * test_genkul + * + * Returns: + * Number of failures. + * + * + * Test of generate_kul(). + * + * A passphrase and engineID are hashed into a master key Ku using + * both known hash transforms. Localized keys, also using both hash + * transforms, are generated from each of these master keys. + * + * ASSUME generate_Ku is already tested. + * ASSUME engineID is initially a NULL terminated string. + */ +int +test_genkul(void) +{ + int rval = SNMPERR_SUCCESS, + failcount = 0, + properlength, engineID_len, isdefault = FALSE; + + size_t kulen, kul_len; + char *s = NULL; + const char *testname = "Using HMACMD5 to create master key."; + const char *hashname_Ku = "usmHMACMD5AuthProtocol"; + + u_char Ku[LOCAL_MAXBUF], kul[LOCAL_MAXBUF]; + + oid *hashtype_Ku = usmHMACMD5AuthProtocol, *hashtype_kul; + + OUTPUT("Test of generate_kul --"); + + /* + * Set passphrase and engineID. + * + * If engineID begins with 0x, assume it is written in (printable) + * hex and convert it to binary data. + */ + if (!passphrase) { + passphrase = strdup(PASSPHRASE_DEFAULT); + } + if (!bequiet) + fprintf(stdout, "# Passphrase%s: %s\n", + (strcmp(passphrase, PASSPHRASE_DEFAULT) == 0) ? " (default)" : "", + passphrase); + + if (!engineID) { + engineID = (u_char *) strdup(ENGINEID_DEFAULT); + isdefault = TRUE; + } + + engineID_len = strlen((char *) engineID); + + if (tolower(*(engineID + 1)) == 'x') { + engineID_len = + hex_to_binary2(engineID + 2, engineID_len - 2, &s); + FAILED((engineID_len < 0), + "Could not resolve hex engineID."); + engineID = (u_char *) s; + binary_to_hex(engineID, engineID_len, &s); + } + + if (!bequiet) + fprintf(stdout, "# engineID%s (len=%d): %s\n", + (isdefault) ? " (default)" : "", + engineID_len, ((s != 0) ? ((u_char *) s) : engineID)); + SNMP_FREE(s); + + + + /* + * Create a master key using both hash transforms; create localized + * keys using both hash transforms from each master key. + */ + test_genkul_again_master: + memset(Ku, 0, LOCAL_MAXBUF); + kulen = LOCAL_MAXBUF; + hashtype_kul = usmHMACMD5AuthProtocol; + properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACMD5); + + + rval = generate_Ku(hashtype_Ku, USM_LENGTH_OID_TRANSFORM, + (u_char *) passphrase, strlen(passphrase), Ku, &kulen); + FAILED(rval, "generate_Ku()."); + + binary_to_hex(Ku, kulen, &s); + if (!bequiet) + fprintf(stdout, + "# Master Ku using \"%s\": \t%s\n", hashname_Ku, s); + free_zero(s, kulen); + + + test_genkul_again_local: + memset(kul, 0, LOCAL_MAXBUF); + kul_len = LOCAL_MAXBUF; + + rval = generate_kul(hashtype_kul, USM_LENGTH_OID_TRANSFORM, + engineID, engineID_len, Ku, kulen, kul, &kul_len); + + if ((hashtype_Ku == usmHMACMD5AuthProtocol) + && (hashtype_kul == usmHMACSHA1AuthProtocol)) { + FAILED((rval == SNMPERR_SUCCESS), + "generate_kul SHOULD fail when Ku length is " + "less than hash transform length."); + } else { + FAILED(rval, "generate_kul()."); + + FAILED(kul_len != properlength, + "checking if kul length is right for the given hashtype."); + + binary_to_hex(kul, kul_len, &s); + fprintf(stdout, "# kul (%s) (len=%" NETSNMP_PRIz "u): %s\n", + ((hashtype_Ku == usmHMACMD5AuthProtocol) ? "MD5" : "SHA"), + kul_len, s); + free_zero(s, kul_len); + } + + + /* + * Create localized key using the other hash transform, but from + * * the same master key. + */ + if (hashtype_kul == usmHMACMD5AuthProtocol) { + hashtype_kul = usmHMACSHA1AuthProtocol; + properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1); + goto test_genkul_again_local; + } + + SUCCESS(testname); + + + /* + * Re-create the master key using the other hash transform. + */ + if (hashtype_Ku == usmHMACMD5AuthProtocol) { + hashtype_Ku = usmHMACSHA1AuthProtocol; + hashname_Ku = "usmHMACSHA1AuthProtocol"; + testname = "Using HMACSHA1 to create master key."; + goto test_genkul_again_master; + } + + return failcount; + +} /* end test_genkul() */ + + + + +/*******************************************************************-o-****** + * test_keychange + * + * Returns: + * Number of failures. + * + * + * Test of KeyChange TC implementation. + * + * ASSUME newkey and oldkey begin as NULL terminated strings. + */ +int +test_keychange(void) +{ + int rval = SNMPERR_SUCCESS, + failcount = 0, + properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACMD5), + oldkey_len, + newkey_len, + isdefault_new = FALSE, isdefault_old = FALSE; + size_t keychange_len, temp_len; + + const char *hashname = "usmHMACMD5AuthProtocol."; + char *s; + + u_char oldkey_buf[LOCAL_MAXBUF], + newkey_buf[LOCAL_MAXBUF], + temp_buf[LOCAL_MAXBUF], keychange_buf[LOCAL_MAXBUF]; + + oid *hashtype = usmHMACMD5AuthProtocol; + + OUTPUT("Test of KeyChange TC --"); + + + /* + * Set newkey and oldkey. + */ + if (!newkey) { /* newkey */ + newkey = (const u_char *) NEWKEY_DEFAULT; + isdefault_new = TRUE; + } + newkey_len = strlen((const char *) newkey); + + if (tolower(*(newkey + 1)) == 'x') { + newkey_len = hex_to_binary2((const u_char *) newkey + 2, + newkey_len - 2, &s); + FAILED(newkey_len < 0, + "Could not resolve hex newkey."); + newkey = (const u_char *) s; + binary_to_hex((const u_char *) newkey, newkey_len, &s); + } + + if (!oldkey) { /* oldkey */ + oldkey = (const u_char *) OLDKEY_DEFAULT; + isdefault_old = TRUE; + } + oldkey_len = strlen((const char *) oldkey); + + if (tolower(*(oldkey + 1)) == 'x') { + oldkey_len = hex_to_binary2((const u_char *) oldkey + 2, + oldkey_len - 2, &s); + FAILED(oldkey_len < 0, + "Could not resolve hex oldkey."); + oldkey = (const u_char *) s; + binary_to_hex(oldkey, oldkey_len, &s); + } + + + + test_keychange_again: + memset(oldkey_buf, 0, LOCAL_MAXBUF); + memset(newkey_buf, 0, LOCAL_MAXBUF); + memset(keychange_buf, 0, LOCAL_MAXBUF); + memset(temp_buf, 0, LOCAL_MAXBUF); + + memcpy(oldkey_buf, oldkey, SNMP_MIN(oldkey_len, properlength)); + memcpy(newkey_buf, newkey, SNMP_MIN(newkey_len, properlength)); + keychange_len = LOCAL_MAXBUF; + + + binary_to_hex(oldkey_buf, properlength, &s); + fprintf(stdout, "# oldkey%s (len=%d): %s\n", + (isdefault_old) ? " (default)" : "", properlength, s); + SNMP_FREE(s); + + binary_to_hex(newkey_buf, properlength, &s); + fprintf(stdout, "# newkey%s (len=%d): %s\n", + (isdefault_new) ? " (default)" : "", properlength, s); + SNMP_FREE(s); + + + rval = encode_keychange(hashtype, USM_LENGTH_OID_TRANSFORM, + oldkey_buf, properlength, + newkey_buf, properlength, + keychange_buf, &keychange_len); + FAILED(rval, "encode_keychange()."); + + FAILED(keychange_len != (properlength * 2), + "KeyChange string (encoded) is not proper length " + "for this hash transform."); + + binary_to_hex(keychange_buf, keychange_len, &s); + fprintf(stdout, "# (%s) KeyChange string: %s\n", + ((hashtype == usmHMACMD5AuthProtocol) ? "MD5" : "SHA"), s); + SNMP_FREE(s); + + temp_len = properlength; + rval = decode_keychange(hashtype, USM_LENGTH_OID_TRANSFORM, + oldkey_buf, properlength, + keychange_buf, properlength * 2, + temp_buf, &temp_len); + FAILED(rval, "decode_keychange()."); + + FAILED(temp_len != properlength, + "decoded newkey is not proper length for " + "this hash transform."); + + binary_to_hex(temp_buf, temp_len, &s); + fprintf(stdout, "# decoded newkey: %s\n", s); + SNMP_FREE(s); + + + FAILED(memcmp(newkey_buf, temp_buf, temp_len), + "newkey did not decode properly."); + + + SUCCESS(hashname); + + + /* + * Multiplex different test combinations. + * + * First clause is for Test #2, second clause is for (last) Test #3. + */ + if (hashtype == usmHMACMD5AuthProtocol) { + hashtype = usmHMACSHA1AuthProtocol; + hashname = "usmHMACSHA1AuthProtocol (w/DES length kul's)."; + properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES) + + BYTESIZE(SNMP_TRANS_PRIVLEN_1DES_IV); + goto test_keychange_again; + + } else if (properlength < BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1)) { + hashtype = usmHMACSHA1AuthProtocol; + hashname = "usmHMACSHA1AuthProtocol."; + properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1); + goto test_keychange_again; + } + + return failcount; + +} /* end test_keychange() */ diff --git a/testing/fulltests/snmpv3/T050etimetest_capp.c b/testing/fulltests/snmpv3/T050etimetest_capp.c new file mode 100644 index 0000000..53951aa --- /dev/null +++ b/testing/fulltests/snmpv3/T050etimetest_capp.c @@ -0,0 +1,420 @@ +/* + * etimetest.c + * + * HEADER Testing engineID hashing and timing + * + * Expected SUCCESSes for all tests: 3 + * + * Returns: + * Number of FAILUREs. + * + * Test of hash_engineID(). SUCCESSes: 0 + * Test of LCD Engine ID and Time List. SUCCESSes: 3 + * + * FIX Devise a test for {set,get}_enginetime(..., FALSE). + */ + +#include <net-snmp/net-snmp-config.h> + +#include <stdio.h> +#include <sys/types.h> +#ifdef HAVE_STDLIB_H +#include <stdlib.h> +#endif +#ifdef HAVE_STRING_H +#include <string.h> +#endif + +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif + +#include <unistd.h> + +#include <net-snmp/library/asn1.h> +#include <net-snmp/library/snmp_api.h> +#include <net-snmp/library/scapi.h> +#include <net-snmp/library/tools.h> +#include <net-snmp/library/lcd_time.h> +#include <net-snmp/library/snmp_debug.h> +#include <net-snmp/library/callback.h> + +static u_int dummy_etime, dummy_eboot; /* For ISENGINEKNOWN(). */ + + +#include <stdlib.h> + +extern char *optarg; +extern int optind, optopt, opterr; + +int testcount=0; + +/* + * Globals, &c... + */ +char *local_progname; + +#define USAGE "Usage: %s [-h][-s <seconds>][-aeH]" +#define OPTIONLIST "aehHs:" + +int doalltests = 0, dohashindex = 0, doetimetest = 0; + +#define ALLOPTIONS (doalltests + dohashindex + doetimetest) + + + +#define LOCAL_MAXBUF (1024 * 8) +#define NL "\n" + +#define OUTPUT(o) fprintf(stdout, "# %s\n", o); + +#define SUCCESS(s) \ +{ \ + fprintf(stdout, "# Done with %s\n", s); \ +} + +#define FAILED(e, f) \ +{ \ + if (e != SNMPERR_SUCCESS) { \ + fprintf(stdout, "not ok: %d - %s\n", ++testcount, f); \ + failcount += 1; \ + } else { \ + fprintf(stdout, "ok: %d - %s\n", ++testcount, f); \ + } \ + fflush(stdout); \ +} + +#define DETAILINT(s, i) \ + fprintf(stdout, "# %s: %d\n", s, i); + +/* + * Global variables. + */ +int sleeptime = 2; + +#define BLAT "alk;djf;an riu;alicenmrul;aiknglksajhe1 adcfalcenrco2" + + + + +/* + * Prototypes. + */ +void usage(FILE * ofp); + +int test_etime(void); +int test_hashindex(void); + + + + +int +main(int argc, char **argv) +{ + int rval = SNMPERR_SUCCESS, failcount = 0; + char ch; + + local_progname = argv[0]; + + /* + * Parse. + */ + while ((ch = getopt(argc, argv, OPTIONLIST)) != EOF) { + switch (ch) { + case 'a': + doalltests = 1; + break; + case 'e': + doetimetest = 1; + break; + case 'H': + dohashindex = 1; + break; + case 's': + sleeptime = atoi(optarg); + if (sleeptime < 0) { + usage(stderr); + exit(1000); + } + break; + break; + case 'h': + rval = 0; + default: + usage(stdout); + exit(rval); + } + + argc -= 1; + argv += 1; + if (optarg) { + argc -= 1; + argv += 1; + optarg = NULL; + } + optind = 1; + } /* endwhile getopt */ + + if ((argc > 1)) { + usage(stdout); + exit(1000); + + } else if (ALLOPTIONS != 1) { + doalltests = 1; + } + + init_snmp("testing"); + + /* + * test stuff. + */ + rval = sc_init(); + FAILED(rval, "sc_init()"); + + + if (dohashindex || doalltests) { + failcount += test_hashindex(); + } + if (doetimetest || doalltests) { + failcount += test_etime(); + } + + + fprintf(stdout, "1..%d\n", testcount); + return 0; +} /* end main() */ + + + + + +void +usage(FILE * ofp) +{ + fprintf(ofp, + USAGE + "" NL + " -a All tests." NL + " -e Exercise the list of enginetimes." + NL + " -h Help." + NL + " -H Test hash_engineID()." + NL + " -s <seconds> Seconds to pause. (Default: 0.)" + NL NL, local_progname); + +} /* end usage() */ + + + + +#ifdef EXAMPLE +/*******************************************************************-o-****** + * test_dosomething + * + * Returns: + * Number of failures. + * + * + * Test template. + */ +int +test_dosomething(void) +{ + int rval = SNMPERR_SUCCESS, failcount = 0; + + test_dosomething_quit: + return failcount; + +} /* end test_dosomething() */ +#endif /* EXAMPLE */ + + + + + +/*******************************************************************-o-****** + * test_hashindex + * + * Returns: + * Number of failures. + * + * + * Test hash_engineID(). + */ +int +test_hashindex(void) +{ + int /* rval = SNMPERR_SUCCESS, */ + failcount = 0; + const u_char *s; + + OUTPUT("Visual spot check of hash index outputs. " + "(Success or failure not noted.)"); + + s = (const u_char *) " A"; + fprintf(stdout, "# %s = %d\n", s, hash_engineID(s, strlen((const char *) s))); + + s = (const u_char *) " BB"; + fprintf(stdout, "# %s = %d\n", s, hash_engineID(s, strlen((const char *) s))); + + s = (const u_char *) " CCC"; + fprintf(stdout, "# %s = %d\n", s, hash_engineID(s, strlen((const char *) s))); + + s = (const u_char *) " DDDD"; + fprintf(stdout, "# %s = %d\n", s, hash_engineID(s, strlen((const char *) s))); + + s = (const u_char *) " EEEEE"; + fprintf(stdout, "# %s = %d\n", s, hash_engineID(s, strlen((const char *) s))); + + s = (const u_char *) BLAT; + fprintf(stdout, "# %s = %d\n", s, hash_engineID(s, strlen((const char *) s))); + + + OUTPUT("Visual spot check -- DONE."); + + return failcount; + +} /* end test_hashindex() */ + + + + + +/*******************************************************************-o-****** + * test_etime + * + * Returns: + * Number of failures. + * + * Test of LCD Engine ID and Time List. + */ +int +test_etime(void) +{ + int rval = SNMPERR_SUCCESS, failcount = 0; + u_int etime, eboot; + + /* + * ------------------------------------ -o- + */ + OUTPUT("Query of empty list, two set actions."); + + + rval = ISENGINEKNOWN((const u_char *) "A", 1); + if (rval == TRUE) { + FAILED(SNMPERR_GENERR, "Query of empty list returned TRUE.") + } + + + rval = set_enginetime((const u_char *) "BB", 2, 2, 20, TRUE); + FAILED(rval, "set_enginetime()"); + + + rval = set_enginetime((const u_char *) "CCC", 3, 31, 90127, TRUE); + FAILED(rval, "set_enginetime()"); + + + SUCCESS("Check of empty list, and two additions."); + + + + /* + * ------------------------------------ -o- + */ + OUTPUT("Add entries using macros, test for existence with macros."); + + + rval = ENSURE_ENGINE_RECORD((const u_char *) "DDDD", 4); + FAILED(rval, "ENSURE_ENGINE_RECORD()"); + + + rval = MAKENEW_ENGINE_RECORD((const u_char *) "EEEEE", 5); + if (rval == SNMPERR_SUCCESS) { + FAILED(rval, + "MAKENEW_ENGINE_RECORD returned success for " + "missing record."); + } + + + rval = MAKENEW_ENGINE_RECORD((const u_char *) "BB", 2); + FAILED(rval, "MAKENEW_ENGINE_RECORD()."); + + + SUCCESS + ("Added entries with macros, tested for existence with macros."); + + + + /* + * ------------------------------------ -o- + */ + OUTPUT("Dump the list and then sleep."); + +#ifdef NETSNMP_ENABLE_TESTING_CODE + dump_etimelist(); +#endif + + fprintf(stdout, "# Sleeping for %d second%s... ", + sleeptime, (sleeptime == 1) ? "" : "s"); + + sleep(sleeptime); + + + /* + * ------------------------------------ -o- + */ + OUTPUT + ("Retrieve data from real/stubbed records, update real/stubbed."); + + + + rval = get_enginetime((const u_char *) "BB", 2, &eboot, &etime, TRUE); + FAILED(rval, "get_enginetime()."); + + fprintf(stdout, "# BB = <%d,%d>\n", eboot, etime); + if ((etime < 20) || (eboot < 2)) { + FAILED(SNMPERR_GENERR, + "get_enginetime() returned bad values. (1)"); + } + + rval = get_enginetime((const u_char *) "DDDD", 4, &eboot, &etime, FALSE); + FAILED(rval, "get_enginetime()."); + + fprintf(stdout, "# DDDD = <%d,%d>\n", eboot, etime); + if ((etime < sleeptime) || (eboot != 0)) { + FAILED(SNMPERR_GENERR, + "get_enginetime() returned bad values. (2)"); + } + + + rval = set_enginetime((const u_char *) "CCC", 3, 234, 10000, TRUE); + FAILED(rval, "set_enginetime()."); + + + rval = set_enginetime((const u_char *) "EEEEE", 5, 9876, 55555, TRUE); + FAILED(rval, "set_enginetime()."); + + + SUCCESS("Retrieval and updates."); + + + + /* + * ------------------------------------ -o- + */ + OUTPUT("Sleep again, then dump the list one last time."); + + fprintf(stdout, "# Sleeping for %d second%s...\n", + sleeptime, (sleeptime == 1) ? "" : "s"); + + sleep(sleeptime); + +#ifdef NETSNMP_ENABLE_TESTING_CODE + dump_etimelist(); +#endif + + return failcount; + +} /* end test_etime() */ diff --git a/testing/fulltests/support/NetSNMPTest.pm b/testing/fulltests/support/NetSNMPTest.pm new file mode 100644 index 0000000..e4ac040 --- /dev/null +++ b/testing/fulltests/support/NetSNMPTest.pm @@ -0,0 +1,172 @@ +package NetSNMPTest; + +use File::Temp qw(tempfile tempdir); +use IO::File; +use Data::Dumper; +use strict; + +sub new { + my $type = shift; + my ($class) = ref($type) || $type; + my $self = {}; + %$self = @_; + bless($self, $class); + $self->init(); + return $self; +} + +sub init { + my ($self) = @_; + $self->{'dir'} = tempdir(); + print "# using tempdir $self->{dir}\n"; + + foreach my $suffix (qw(conf pid log out)) { + $self->{"snmpd.$suffix"} ||= $self->{'dir'} . "/snmpd.$suffix"; + } + $self->{'snmp.conf'} ||= $self->{'dir'} . "/snmp.conf"; + + $self->{'confdir'} ||= $self->{'dir'}; + $self->{'persistentdir'} ||= $self->{'dir'} . "/persistent"; +} + +sub config_file { + my ($self, $file, $string) = @_; + my $fh = new IO::File (">> $file"); + $fh->print($string); + if ($string !~ /\n$/) { + $fh->print("\n"); + } + $fh->close(); +} + +sub config_agent { + my ($self, $string) = @_; + $self->config_file($self->{'snmpd.conf'}, $string); +} + +sub config_app { + my ($self, $string) = @_; + $self->config_file($self->{'snmp.conf'}, $string); +} + +sub require_feature { + my ($self, $feature) = @_; + my $srcdir = $ENV{'srcdir'} || ".."; + my $fh = new IO::File("$srcdir/include/net-snmp/net-snmp-config.h"); + while (<$fh>) { + if (/#define $feature 1/) { + $fh->close(); + return 1; + } + } + print "1..0 # SKIP missing $feature\n"; + exit; +} + +sub start_agent { + my ($self, $flags) = @_; + + $flags ||= $self->{'snmpdflags'}; + + $ENV{'SNMPCONFPATH'} = $self->{'confdir'}; + $ENV{'SNMP_PERSISTENT_DIR'} = $self->{'peristentdir'}; + + my $cmd = "snmpd $flags -r -U -p $self->{'snmpd.pid'} -Lf $self->{'snmpd.log'} $self->{'agentaddress'} > $self->{'snmpd.out'} 2>&1"; + System("$cmd &"); + + sleep(1); + + return $self->wait_for($self->{'snmpd.log'}, "NET-SNMP version"); +} + +sub stop_agent { + my ($self) = @_; + my $pidfile = new IO::File "$self->{'snmpd.pid'}"; + my $pid = <$pidfile>; + kill("TERM", $pid); + $self->wait_for($self->{'snmpd.log'}, 'shutting down'); +} + +# returns 1 on success, 0 on failure +sub wait_for { + my ($self, $filename, $regexp, $maxtime) = @_; + my $fh = new IO::File "$filename"; + return 0 if (!$fh); + + $maxtime = 10 if (!defined($maxtime)); + + my $timecount = 0; + # print "# reading from: $filename\n"; + while (1) { + my $line = <$fh>; + # print "# line: $line\n"; + if ($line eq "") { + if ($timecount == $maxtime) { + return 0; + } + sleep(1); + print "# sleeping ...\n"; + $fh->clearerr(); + $timecount++; + } else { + chomp($line); + if ($line =~ /$regexp/) { + return 1; + } + } + } + return 0; +} + +sub Debug { + print "# " . join(" ",@_); +} + +sub System { + my ($cmd) = @_; + Debug("running: ", $cmd, "\n"); + system($cmd); +} + +sub DIE { + my $self = shift; + $self->stop_agent(); + die @_; +} + +1; + +=pod + +=head1 NAME + +NetSNMPTest - simple testing module for testing perl tests + +=head1 USAGE + +use NetSNMPTest; +use Test; +use SNMP; + +my $destination = "udp:localhost:9876"; + +my $test = new NetSNMPTest(agentaddress => $destination); + +$test->require_feature("SOME_IFDEF_FROM_NET_SNMP_CONFIG_H"); + +$test->config_agent("rocommunity public"); +$test->config_agent("syscontact testvalue"); +$test->DIE("failed to start the agent") if (!$test->start_agent()); + +my $session = new SNMP::Session(DestHost => $destination, + Version => '2c', + Community => 'public'); + +my $value = $session->get('sysContact.0'); +plan(tests => 1); +ok($value, 'testvalue'); + +$test->stop_agent(); + +=cut + diff --git a/testing/fulltests/support/cagentlib_build b/testing/fulltests/support/cagentlib_build new file mode 100755 index 0000000..55a35ae --- /dev/null +++ b/testing/fulltests/support/cagentlib_build @@ -0,0 +1,46 @@ +#!/bin/sh + +# build the C test file ... + +rm -f "$2.c" +cat >>"$2.c" <<EOF +/* net-snmp standard headers */ +#include <net-snmp/net-snmp-config.h> +#include <net-snmp/net-snmp-includes.h> +#include <net-snmp/agent/net-snmp-agent-includes.h> + +/* testing specific header */ +#include <net-snmp/library/testing.h> + +/* standard headers */ +#include <stdio.h> +#include <sys/types.h> +#ifdef HAVE_STDLIB_H +#include <stdlib.h> +#endif +#if HAVE_STRING_H +#include <string.h> +#else +#include <strings.h> +#endif + +int +main(int argc, char *argv[]) { + +EOF +echo >>"$2.c" "#line 1 \"$1\"" +cat >>"$2.c" "$1" +cat >>"$2.c" <<EOF + + if (__did_plan == 0) { + PLAN(__test_counter); + } + + return(0); +} + +EOF + +# ... and compile it. +${builddir}/libtool --mode=link `${builddir}/net-snmp-config --build-command` -I$builddir/include -I$srcdir/include -o $2 $2.c ${builddir}/snmplib/libnetsnmp.la ${builddir}/agent/libnetsnmpagent.la `${builddir}/net-snmp-config --external-libs` +echo $2 diff --git a/testing/fulltests/support/cagentlib_run b/testing/fulltests/support/cagentlib_run new file mode 100755 index 0000000..84f54e1 --- /dev/null +++ b/testing/fulltests/support/cagentlib_run @@ -0,0 +1,8 @@ +#!/bin/sh +${DYNAMIC_ANALYZER} ${builddir}/libtool --mode=execute "$1" 2>&1 \ +| \ +if [ "x$SNMP_SAVE_TMPDIR" = "xyes" ]; then + tee "/tmp/snmp-unit-test-`basename $1`" +else + cat +fi diff --git a/testing/fulltests/support/capp_build b/testing/fulltests/support/capp_build new file mode 100755 index 0000000..dc038c6 --- /dev/null +++ b/testing/fulltests/support/capp_build @@ -0,0 +1,4 @@ +#!/bin/sh + +${builddir}/libtool --mode=link `${builddir}/net-snmp-config --build-command` -I$builddir/include -I$srcdir/include -o $2 $1 ${builddir}/snmplib/libnetsnmp.la `${builddir}/net-snmp-config --external-libs` +echo $2 diff --git a/testing/fulltests/support/capp_run b/testing/fulltests/support/capp_run new file mode 100755 index 0000000..84f54e1 --- /dev/null +++ b/testing/fulltests/support/capp_run @@ -0,0 +1,8 @@ +#!/bin/sh +${DYNAMIC_ANALYZER} ${builddir}/libtool --mode=execute "$1" 2>&1 \ +| \ +if [ "x$SNMP_SAVE_TMPDIR" = "xyes" ]; then + tee "/tmp/snmp-unit-test-`basename $1`" +else + cat +fi diff --git a/testing/fulltests/support/clib_build b/testing/fulltests/support/clib_build new file mode 100755 index 0000000..0c7eb6d --- /dev/null +++ b/testing/fulltests/support/clib_build @@ -0,0 +1,62 @@ +#!/bin/sh + +# build the C test file ... + +rm -f "$2.c" +cat >>"$2.c" <<EOF +/* net-snmp standard headers */ +#include <net-snmp/net-snmp-config.h> +#include <net-snmp/net-snmp-includes.h> +#include <net-snmp/library/large_fd_set.h> + +/* testing specific header */ +#include <net-snmp/library/testing.h> + +/* standard headers */ +#include <errno.h> +#include <stdio.h> +#include <sys/types.h> +#ifdef HAVE_STDLIB_H +#include <stdlib.h> +#endif +#if HAVE_STRING_H +#include <string.h> +#else +#include <strings.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#ifdef HAVE_NETINET_IP6_H +#include <netinet/ip6.h> +#endif +#ifndef HAVE_INET_PTON +#include "snmplib/inet_pton.h" +#endif +#ifndef HAVE_INET_NTOP +#include "snmplib/inet_ntop.h" +#endif + +int +main(int argc, char *argv[]) { + +EOF +echo >>"$2.c" "#line 1 \"$1\"" +cat >>"$2.c" "$1" +cat >>"$2.c" <<EOF + + if (__did_plan == 0) { + PLAN(__test_counter); + } + + return(0); +} + +EOF + +# ... and compile it. +${builddir}/libtool --mode=link `${builddir}/net-snmp-config --build-command` -I$builddir/include -I$srcdir -I$srcdir/include -o $2 $2.c ${builddir}/snmplib/libnetsnmp.la `${builddir}/net-snmp-config --external-libs` +echo $2 diff --git a/testing/fulltests/support/clib_run b/testing/fulltests/support/clib_run new file mode 100755 index 0000000..84f54e1 --- /dev/null +++ b/testing/fulltests/support/clib_run @@ -0,0 +1,8 @@ +#!/bin/sh +${DYNAMIC_ANALYZER} ${builddir}/libtool --mode=execute "$1" 2>&1 \ +| \ +if [ "x$SNMP_SAVE_TMPDIR" = "xyes" ]; then + tee "/tmp/snmp-unit-test-`basename $1`" +else + cat +fi diff --git a/testing/fulltests/support/simple_TESTCONF.sh b/testing/fulltests/support/simple_TESTCONF.sh new file mode 100644 index 0000000..83c38c2 --- /dev/null +++ b/testing/fulltests/support/simple_TESTCONF.sh @@ -0,0 +1,260 @@ +#! /bin/sh -f + +# +# Variables: (* = exported) +# *SNMP_TMPDIR: place to put files used in testing. +# SNMP_TESTDIR: where the test scripts are kept. +# *SNMP_PERSISTENT_FILE: where to store the agent's persistent information +# (XXX: this should be specific to just the agent) + +# MinGW/MSYS only: translate an MSYS path back into a DOS path such that snmpd +# and the Net-SNMP applications can understand it. One of the features of MSYS +# is that if a POSIX-style path is passed as a command-line argument to an +# executable that MSYS translates that path to a DOS-style path before +# starting the executable. This is a key feature of MSYS that makes it +# possible to run shell scripts unmodified and at the same time to use +# executables that accept DOS-style paths. There is no support however for +# automatical translation of environment variables that contain paths. Hence +# this function that translates paths explicitly. +translate_path() { + if [ "$OSTYPE" = msys ]; then + local t=`set \ + | sed -n -e "s/^$1='\(.*\)'$/${SNMP_ENV_SEPARATOR}\1/p" \ + -e "s/^$1=\(.*\)$/${SNMP_ENV_SEPARATOR}\1/p" \ + | sed -e "s|${SNMP_ENV_SEPARATOR}/c/|${SNMP_ENV_SEPARATOR}c:/|g" \ + -e "s|${SNMP_ENV_SEPARATOR}/tmp/|${SNMP_ENV_SEPARATOR}c:/windows/temp/|g" \ + | sed -e "s/^${SNMP_ENV_SEPARATOR}//" \ + ` + eval "$1='$t'" + fi +} + +# +# Only allow ourselves to be eval'ed once +# +if [ "x$TESTCONF_SH_EVALED" != "xyes" ]; then + TESTCONF_SH_EVALED=yes + +# +# set cpu and memory limits to prevent major damage +# +# defaults: 1h CPU, 500MB VMEM +# +[ "x$SNMP_LIMIT_VMEM" = "x" ] && SNMP_LIMIT_VMEM=512000 +[ "x$SNMP_LIMIT_CPU" = "x" ] && SNMP_LIMIT_CPU=3600 +# ulimit will fail if existing limit is lower -- ignore because it's ok +ulimit -S -t $SNMP_LIMIT_CPU 2>/dev/null +# not all sh-alikes support "ulimit -v" -- play safe +[ "x$BASH_VERSION" != "x" ] && ulimit -S -v $SNMP_LIMIT_VMEM 2>/dev/null + +# +# Set up an NL suppressing echo command +# +case "`echo 'x\c'`" in + 'x\c') + ECHO() { echo -n $*; } + ;; + x) + ECHO() { echo $*\\c; } + ;; + *) + echo "I don't understand your echo command ..." + exit 1 + ;; +esac +# +# how verbose should we be (0 or 1) +# +if [ "x$SNMP_VERBOSE" = "x" ]; then + SNMP_VERBOSE=0 + export SNMP_VERBOSE +fi + +SNMP_ENV_SEPARATOR="`${builddir}/net-snmp-config --env-separator`" + +if [ "x$MIBDIRS" = "x" ]; then + if [ "x$SNMP_PREFER_NEAR_MIBS" = "x1" ]; then + MIBDIRS=${srcdir}/mibs + export MIBDIRS + fi +fi + +# Set up the path to the programs we want to use. +if [ "x$SNMP_PATH" = "x" ]; then + PATH=${builddir}/agent:${builddir}/apps:$PATH + export PATH + SNMP_PATH=yes + export SNMP_PATH +fi + +# make sure that we can fulfill all library dependencies +_ld_lib_path="${SNMP_UPDIR}/snmplib/.libs:${SNMP_UPDIR}/agent/.libs:${SNMP_UPDIR}/agent/helpers/.libs" +case `uname` in + CYGWIN*) + PATH="${_ld_lib_path}:$PATH" + export PATH + ;; + Darwin*) + if [ "x$DYLD_LIBRARY_PATH" != "x" ]; then + DYLD_LIBRARY_PATH="${_ld_lib_path}:${DYLD_LIBRARY_PATH}" + else + DYLD_LIBRARY_PATH="${_ld_lib_path}" + fi + export DYLD_LIBRARY_PATH + ;; + HP-UX*) + if [ "x$SHLIB_PATH" != "x" ]; then + SHLIB_PATH="${_ld_lib_path}:${SHLIB_PATH}" + else + SHLIB_PATH="${_ld_lib_path}" + fi + export SHLIB_PATH + ;; + *) + if [ "x$LD_LIBRARY_PATH" != "x" ]; then + LD_LIBRARY_PATH="${_ld_lib_path}:${LD_LIBRARY_PATH}" + else + LD_LIBRARY_PATH="${_ld_lib_path}" + fi + export LD_LIBRARY_PATH + ;; +esac + +# Set up temporary directory +if [ "x$SNMP_HEADERONLY" != "xyes" ]; then + if [ "x$SNMP_TMPDIR" = "x" ]; then + if [ "x$testnum" = "x" ] ; then + testnum=0 + fi + SNMP_TMPDIR="/tmp/snmp-test-$testnum-$$" + translate_path SNMP_TMPDIR + export SNMP_TMPDIR + if [ -d $SNMP_TMPDIR ]; then + echo "$0: ERROR: $SNMP_TMPDIR already existed." + exit 1; + fi + fi + if [ ! -d $SNMP_TMPDIR ]; then + mkdir -p $SNMP_TMPDIR + chmod 0700 $SNMP_TMPDIR + fi + if [ "x$SNMP_TMP_PERSISTENTDIR" = "x" ]; then + SNMP_TMP_PERSISTENTDIR=$SNMP_TMPDIR/persist + export SNMP_TMP_PERSISTENTDIR + fi + if [ ! -d $SNMP_TMP_PERSISTENTDIR ]; then + mkdir $SNMP_TMP_PERSISTENTDIR + chmod 0700 $SNMP_TMP_PERSISTENTDIR + fi +fi + +if [ "x$SNMP_SAVE_TMPDIR" = "x" ]; then + SNMP_SAVE_TMPDIR="no" + export SNMP_SAVE_TMPDIR +fi + +SNMP_IGNORE_WINDOWS_REGISTRY="true" +export SNMP_IGNORE_WINDOWS_REGISTRY +SNMP_PERLPROG="`${builddir}/net-snmp-config --perlprog`" +SNMP_TESTDIR="$SNMP_BASEDIR/tests" +SNMP_CONFIG_FILE="$SNMP_TMPDIR/snmpd.conf" +SNMPTRAPD_CONFIG_FILE="$SNMP_TMPDIR/snmptrapd.conf" +SNMPAPP_CONFIG_FILE="$SNMP_TMPDIR/snmp.conf" +AGENTX_CONFIG_FILE="$SNMP_TMPDIR/agentx.conf" +SNMP_SNMPTRAPD_LOG_FILE="$SNMP_TMPDIR/snmptrapd.log" +SNMP_SNMPTRAPD_PID_FILE="$SNMP_TMPDIR/snmptrapd.pid" +SNMP_SNMPD_PID_FILE="$SNMP_TMPDIR/snmpd.pid" +SNMP_SNMPD_LOG_FILE="$SNMP_TMPDIR/snmpd.log" +SNMP_AGENTX_PID_FILE="$SNMP_TMPDIR/agentx.pid" +SNMP_AGENTX_LOG_FILE="$SNMP_TMPDIR/agentx.log" +SNMPCONFPATH="${SNMP_TMPDIR}${SNMP_ENV_SEPARATOR}${SNMP_TMP_PERSISTENTDIR}" +translate_path SNMPCONFPATH +export SNMPCONFPATH +SNMP_PERSISTENT_DIR=$SNMP_TMP_PERSISTENTDIR +translate_path SNMP_PERSISTENT_DIR +export SNMP_PERSISTENT_DIR +#SNMP_PERSISTENT_FILE="$SNMP_TMP_PERSISTENTDIR/persistent-store.conf" +#export SNMP_PERSISTENT_FILE + +## Setup default flags and ports iff not done +if [ "x$SNMP_FLAGS" = "x" ]; then + SNMP_FLAGS="-d" +fi +if test -x /bin/netstat ; then + NETSTAT=/bin/netstat +elif test -x /usr/bin/netstat ; then + NETSTAT=/usr/bin/netstat +elif test -x /usr/sbin/netstat ; then + # e.g. Tru64 Unix + NETSTAT=/usr/sbin/netstat +elif test -x /usr/etc/netstat ; then + # e.g. IRIX + NETSTAT=/usr/etc/netstat +elif test -x /cygdrive/c/windows/system32/netstat ; then + # Cygwin + NETSTAT=/cygdrive/c/windows/system32/netstat +elif test -x /c/Windows/System32/netstat ; then + # MinGW + MSYS + NETSTAT=/c/Windows/System32/netstat +else + NETSTAT="" +fi + +if [ "x$OSTYPE" = "xmsys" ]; then + # Obtain the MSYS installation path from the !C: environment variable, + # remove surrounding single quotes and convert backslashes into forward + # slashes. + MSYS_PATH="$(set \ + | sed -n 's|^\!C:='"'"'\(.*\)'"'"'$|\1|p' | sed 's|\\|/|g')" + MSYS_SH="$MSYS_PATH/sh.exe" +fi + +PROBE_FOR_PORT() { + BASE_PORT=$1 + MAX_RETRIES=10 + if test -x "$NETSTAT" ; then + if test -z "$RANDOM"; then + RANDOM=2 + fi + while : + do + BASE_PORT=`expr $BASE_PORT + \( $RANDOM % 100 \)` + IN_USE=`$NETSTAT -a -n 2>/dev/null | grep "[\.:]$BASE_PORT "` + if [ $? -ne 0 ]; then + echo "$BASE_PORT" + break + fi + MAX_RETRIES=`expr $MAX_RETRIES - 1` + if [ $MAX_RETRIES -eq 0 ]; then + echo "ERROR: Could not find available port." >&2 + echo "NOPORT" + exit 255 + fi + done + fi +} + +if [ "x$SNMP_SNMPD_PORT" = "x" ]; then + SNMP_SNMPD_PORT=`PROBE_FOR_PORT 8765` +fi +if [ "x$SNMP_SNMPTRAPD_PORT" = "x" ]; then + SNMP_SNMPTRAPD_PORT=`PROBE_FOR_PORT 5678` +fi +if [ "x$SNMP_AGENTX_PORT" = "x" ]; then + SNMP_AGENTX_PORT=`PROBE_FOR_PORT 7676` +fi +if [ "x$SNMP_TRANSPORT_SPEC" = "x" ];then + SNMP_TRANSPORT_SPEC="udp" +fi +if [ "x$SNMP_TEST_DEST" = "x" -a $SNMP_TRANSPORT_SPEC != "unix" ];then + SNMP_TEST_DEST="127.0.0.1:" +fi +export SNMP_FLAGS SNMP_SNMPD_PORT SNMP_SNMPTRAPD_PORT + +# Make sure the agent doesn't parse any config file but what we give it. +# this is mainly to protect against a broken agent that doesn't +# properly handle combinations of -c and -C. (since I've broke it before). +#SNMPCONFPATH="$SNMP_TMPDIR/does-not-exist" +#export SNMPCONFPATH + +fi # Only allow ourselves to be eval'ed once diff --git a/testing/fulltests/support/simple_eval_tools.sh b/testing/fulltests/support/simple_eval_tools.sh new file mode 100644 index 0000000..314d9bb --- /dev/null +++ b/testing/fulltests/support/simple_eval_tools.sh @@ -0,0 +1,695 @@ +# +# eval_tools.sh +# +# Output functions for script tests. Source this from other test scripts +# to establish a standardized repertory of test functions. +# +# +# Except where noted, all functions return: +# 0 On success, (Bourne Shell's ``true'') +# non-0 Otherwise. +# +# Input arguments to each function are documented with each function. +# +# +# XXX Suggestions: +# DEBUG ON|OFF +# dump CAPTURE output to stdout as well as to junkoutputfile. +# + +# +# Only allow ourselves to be eval'ed once +# +if [ "x$EVAL_TOOLS_SH_EVALED" != "xyes" ]; then + EVAL_TOOLS_SH_EVALED=yes + +# +# Variables used in global environment of calling script. +# +failcount=0 +testnum=0 +errnum=0 +junkoutputfilebase="$SNMP_TMPDIR/output-`basename $0`$$" +junkoutputfile=$junkoutputfilebase +outputcount=0 +separator="-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=" +if [ -z "$OK_TO_SAVE_RESULT" ] ; then +OK_TO_SAVE_RESULT=1 +export OK_TO_SAVE_RESULT +fi + +# +# HEADER: returns a single line when SNMP_HEADERONLY mode and exits. +# +HEADER() { + if [ "x$SNMP_HEADERONLY" != "x" ]; then + echo test $* + exit 0; + else + { echo "# testing $*"; echo ""; } >> $SNMP_TMPDIR/invoked + fi +} + + +#------------------------------------ -o- +# +OUTPUT() { # <any_arguments> + cat <<GRONK + + +$* + + +GRONK +} + +CAN_USLEEP() { + if [ "$SNMP_CAN_USLEEP" = 0 -o "$SNMP_CAN_USLEEP" = 1 ] ; then + return 0 + fi + sleep .1 > /dev/null 2>&1 + if [ $? = 0 ] ; then + SNMP_CAN_USLEEP=1 + else + SNMP_CAN_USLEEP=0 + fi + export SNMP_CAN_USLEEP +} + + +#------------------------------------ -o- +# +SUCCESS() { # <any_arguments> + [ "$failcount" -ne 0 ] && return + cat <<GROINK + +SUCCESS: $* + +GROINK +} + + + +#------------------------------------ -o- +# +FAILED() { # <return_value>, <any_arguments> + [ "$1" -eq 0 ] && return + shift + + failcount=`expr $failcount + 1` + cat <<GRONIK + +FAILED: $* + +GRONIK +} + +#------------------------------------ -o- +# +SKIP() { + REMOVETESTDATA + echo "1..0 # SKIP $*" + exit 0 +} + +ISDEFINED() { + grep "^#define $1 " ${builddir}/include/net-snmp/net-snmp-config.h ${builddir}/include/net-snmp/agent/mib_module_config.h ${builddir}/include/net-snmp/agent/agent_module_config.h > /dev/null +} + +SKIPIFNOT() { + ISDEFINED "$1" || SKIP "$1 is not defined" +} + +SKIPIF() { + ISDEFINED "$1" && SKIP "$1 is defined" +} + +#------------------------------------ -o- +# +VERIFY() { # <path_to_file(s)> + local missingfiles= + + for f in $*; do + [ -f "$f" ] && continue + echo "FAILED: Cannot find file \"$f\"." + missingfiles=true + done + + [ "$missingfiles" = true ] && exit 1000 +} + +NEWOUTPUTFILE() { + outputcount=`expr $outputcount + 1` + junkoutputfile="${junkoutputfilebase}-$outputcount" +} + +#------------------------------------ -o- +# +STARTTEST() { + NEWOUTPUTFILE + [ ! -f "$junkoutputfile" ] && { + touch $junkoutputfile + return + } + echo "FAILED: Output file already exists: \"$junkoutputfile\"." + exit 1000 +} + + +#------------------------------------ -o- +# +STOPTEST() { + rm -f "$junkoutputfile" +} + + +#------------------------------------ -o- +# +REMOVETESTDATA() { +# ECHO "removing $SNMP_TMPDIR " + rm -rf $SNMP_TMPDIR +} + +#------------------------------------ -o- +# +OUTPUTENVVARS() { + echo "SNMPCONFPATH=$SNMPCONFPATH" >> $1 + echo "SNMP_PERSISTENT_DIR=$SNMP_PERSISTENT_DIR" >> $1 + echo "MIBDIRS=$MIBDIRS" >> $1 + echo "PATH=$PATH" >> $1 + echo "export SNMPCONFPATH" >> $1 + echo "export SNMP_PERSISTENT_DIR" >> $1 + echo "export MIBDIRS" >> $1 + echo "export PATH" >> $1 +} + +#------------------------------------ -o- +# Captures output from command, and returns the command's exit code. +loggedvars=0 +CAPTURE() { # <command_with_arguments_to_execute> + NEWOUTPUTFILE + + # track invoked command per test when verbose + if [ $SNMP_VERBOSE -gt 0 ]; then + OUTPUTENVVARS $junkoutputfile.invoked + echo $* >> $junkoutputfile.invoked + fi + + if [ $loggedvars = 0 ]; then + OUTPUTENVVARS $SNMP_TMPDIR/invoked + loggedvars=1 + fi + echo $* >> $SNMP_TMPDIR/invoked + + if [ $SNMP_VERBOSE -gt 0 ]; then + cat <<KNORG + +EXECUTING: $* + +KNORG + + fi + echo "RUNNING: $*" > $junkoutputfile + ( $* 2>&1 ) >> $junkoutputfile 2>&1 + RC=$? + + if [ $SNMP_VERBOSE -gt 1 ]; then + echo "Command Output: " + echo "MIBDIR $MIBDIRS $MIBS" + echo "$separator" + cat $junkoutputfile | sed 's/^/ /' + echo "$separator" + fi + return $RC +} + +#------------------------------------ -o- +# Delay to let processes settle +DELAY() { + if [ "$SNMP_SLEEP" != "0" ] ; then + sleep $SNMP_SLEEP + fi +} + +SAVE_RESULTS() { + real_return_value=$return_value +} + +# +# Checks the output result against what we expect. +# Sets return_value to 0 or 1. +# +EXPECTRESULT() { + if [ $OK_TO_SAVE_RESULT -ne 0 ] ; then + if [ "$snmp_last_test_result" = "$1" ]; then + return_value=0 + else + return_value=1 + fi + fi +} + +CHECKCOUNT() { + CHECKFILECOUNT "$junkoutputfile" $@ +} + +CHECKVALUEIS() { + value1=$1 + value2=$2 + if [ "x$value1" = "x$value2" ]; then + GOOD "$3" + else + BAD "$3" + fi +} + +CHECKVALUEISNT() { + value1=$1 + value2=$2 + if [ "x$value1" = "x$value2" ]; then + BAD "$3" + else + GOOD "$3" + fi +} + +#------------------------------------ -o- +# Returns: Count of matched lines. +# +CHECKFILECOUNT() { # <pattern_to_match> + chkfile=$1 + ckfcount=$2 + shift + shift + if [ $SNMP_VERBOSE -gt 0 ]; then + echo -n "checking $chkfile for $ckfcount \"$*\"..." + fi + + if [ -f $chkfile ]; then + rval=`grep -c "$*" "$chkfile" 2>/dev/null` + else + COMMENT "Note: file $chkfile does not exist and we were asked to check it" + rval=0 + fi + + if [ $SNMP_VERBOSE -gt 0 ]; then + echo "$rval matches found" + fi + + snmp_last_test_result=$rval + EXPECTRESULT $ckfcount # default + if [ "$ckfcount" != "noerror" ]; then + if [ "$ckfcount" = "atleastone" ]; then + if [ "$rval" -ne "0" ]; then + GOOD "found $ckfcount copies of '$*' in output ($chkfile); needed one" + else + BAD "found $rval copies of '$*' in output ($chkfile); expected 1" + COMMENT "Outputfile: $chkfile" + fi + else + if [ "$rval" = "$ckfcount" ]; then + GOOD "found $ckfcount copies of '$*' in output ($chkfile)" + else + BAD "found $rval copies of '$*' in output ($chkfile); expected $ckfcount" + COMMENT "Outputfile: $chkfile" + fi + fi + fi + return $rval +} + +CHECK() { + CHECKCOUNT 1 $@ +} + +CHECKFILE() { + file=$1 + shift + CHECKFILECOUNT $file 1 $@ +} + +CHECKTRAPD() { + CHECKFILE $SNMP_SNMPTRAPD_LOG_FILE $@ +} + +CHECKTRAPDCOUNT() { + count=$1 + shift + CHECKFILECOUNT $SNMP_SNMPTRAPD_LOG_FILE $count $@ +} + +CHECKTRAPDORDIE() { + CHECKORDIE $@ $SNMP_SNMPTRAPD_LOG_FILE +} + +CHECKAGENT() { + CHECKFILE $SNMP_SNMPD_LOG_FILE $@ +} + +CHECKAGENTCOUNT() { + count=$1 + shift + CHECKFILECOUNT $SNMP_SNMPD_LOG_FILE $count $@ +} + +# Return 0 (true) if a process with pid $1 exists and 1 (false) if no process +# with pid $1 exists. Do not use this function on MinGW: the PIDs written by +# snmpd and snmptrapd to their pid files are not visible in the MinGW/MSYS +# process table. +ISRUNNING() { + #ps -e 2>/dev/null | egrep "^[ ]*$1[ ]+" >/dev/null 2>&1 + kill -0 "$pid" 2>/dev/null +} + +# Echo a command that asks the process with pid $1 to stop. +ECHOSENDSIGTERM() { + if [ "x$OSTYPE" = "xmsys" ]; then + echo pskill.exe $1 + else + echo kill -TERM $1 + fi +} + +# Echo a command that stops the process with pid $1 forcibly. +ECHOSENDSIGKILL() { + if [ "x$OSTYPE" = "xmsys" ]; then + echo pskill.exe $1 + else + echo kill -KILL $1 + fi +} + +# Wait until the shell statement "$@" evaluates to false. +WAITFORNOTCOND() { + CAN_USLEEP + if [ $SNMP_CAN_USLEEP = 1 ] ; then + sleeptime=`expr $SNMP_SLEEP '*' 50` + else + sleeptime=`expr $SNMP_SLEEP '*' 5` + fi + while [ $sleeptime -gt 0 ] && eval "$@"; do + if [ $SNMP_CAN_USLEEP = 1 ]; then + sleep .1 + else + sleep 1 + fi + sleeptime=`expr $sleeptime - 1` + done +} + +# Wait until the shell statement "$@" evaluates to true. +WAITFORCOND() { + WAITFORNOTCOND if "$@;" then false ";" else true ";" fi +} + +WAITFORAGENT() { + WAITFOR "$@" $SNMP_SNMPD_LOG_FILE +} + +WAITFORTRAPD() { + WAITFOR "$@" $SNMP_SNMPTRAPD_LOG_FILE +} + +# Wait until pattern "$1" appears in file "$2". +WAITFOR() { + WAITFORCOND grep "$1" "$2" ">/dev/null" "2>&1" +} + +GOOD() { + testnum=`expr $testnum + 1` + echo "ok $testnum - $1" + echo "# ok $testnum - $1" >> $SNMP_TMPDIR/invoked +} + +BAD() { + testnum=`expr $testnum + 1` + errnum=`expr $errnum + 1` + echo "not ok $testnum - $1" + echo "# not ok $testnum - $1" >> $SNMP_TMPDIR/invoked +} + +COMMENT() { + echo "# $@" + echo "# $@" >> $SNMP_TMPDIR/invoked +} + +# CHECKORDIE "grep string" ["file"] .. FAIL if "grep string" is *not* found +CHECKORDIE() { + if [ "x$2" = "x" ]; then + CHECKFILE "$junkoutputfile" "$1" + else + CHECKFILECOUNT "$2" 1 "$1" + fi +} + +# CHECKANDDIE "grep string" ["file"] .. FAIL if "grep string" *is* found +CHECKANDDIE() { + if [ "x$2" = "x" ]; then + CHECKFILECOUNT "$junkoutputfile" 0 "$1" + else + CHECKFILECOUNT "$2" 0 "$1" + fi +} + +#------------------------------------ -o- +# Returns: Count of matched lines. +# +CHECKEXACT() { # <pattern_to_match_exactly> + rval=`egrep -c "^$*\$|^$*[^a-zA-Z0-9_]|[^a-zA-Z0-9_]$*\$|[^a-zA-Z0-9_]$*[^a-zA-Z0-9_]" "$junkoutputfile" 2>/dev/null` + snmp_last_test_result=$rval + EXPECTRESULT 1 # default + return $rval +} + +CONFIGAGENT() { + if [ "x$SNMP_CONFIG_FILE" = "x" ]; then + echo "$0: failed because var: SNMP_CONFIG_FILE wasn't set" + exit 1; + fi + echo $* >> $SNMP_CONFIG_FILE +} + +CONFIGTRAPD() { + if [ "x$SNMPTRAPD_CONFIG_FILE" = "x" ]; then + echo "$0: failed because var: SNMPTRAPD_CONFIG_FILE wasn't set" + exit 1; + fi + echo $* >> $SNMPTRAPD_CONFIG_FILE +} + +CONFIGAPP() { + if [ "x$SNMPAPP_CONFIG_FILE" = "x" ]; then + echo "$0: failed because var: SNMPAPP_CONFIG_FILE wasn't set" + exit 1; + fi + echo $* >> $SNMPAPP_CONFIG_FILE +} + +# +# common to STARTAGENT and STARTTRAPD +# log command to "invoked" file +# +STARTPROG() { + if [ "x$DYNAMIC_ANALYZER" != "x" ]; then + COMMAND="$DYNAMIC_ANALYZER $COMMAND" + fi + if [ $SNMP_VERBOSE -gt 1 ]; then + echo "$CFG_FILE contains: " + if [ -f $CFG_FILE ]; then + cat $CFG_FILE + else + echo "[no config file]" + fi + fi + if test -f $CFG_FILE; then + COMMAND="$COMMAND -C -c $CFG_FILE" + fi + if [ "x$PORT_SPEC" != "x" ]; then + COMMAND="$COMMAND $PORT_SPEC" + fi + if [ $SNMP_VERBOSE -gt 0 ]; then + echo "running: $COMMAND" + fi + echo $COMMAND >> $SNMP_TMPDIR/invoked + if [ $SNMP_VERBOSE -gt 0 ]; then + OUTPUTENVVARS $LOG_FILE.command + echo $COMMAND >> $LOG_FILE.command + fi + if [ "x$OSTYPE" = "xmsys" ]; then + $COMMAND > $LOG_FILE.stdout 2>&1 & + ## COMMAND="cmd.exe //c start //min $COMMAND" + ## start $COMMAND > $LOG_FILE.stdout 2>&1 + else + $COMMAND > $LOG_FILE.stdout 2>&1 + fi +} + +#------------------------------------ -o- +STARTAGENT() { + SNMPDSTARTED=1 + COMMAND="snmpd $SNMP_FLAGS -r -U -p $SNMP_SNMPD_PID_FILE -Lf $SNMP_SNMPD_LOG_FILE $AGENT_FLAGS" + CFG_FILE=$SNMP_CONFIG_FILE + LOG_FILE=$SNMP_SNMPD_LOG_FILE + PORT_SPEC="$SNMP_SNMPD_PORT" + if [ "x$SNMP_TRANSPORT_SPEC" != "x" ]; then + PORT_SPEC="${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${PORT_SPEC}" + fi + STARTPROG + WAITFORCOND test -f $SNMP_SNMPD_PID_FILE + WAITFORAGENT "NET-SNMP version" +} + +#------------------------------------ -o- +STARTTRAPD() { + TRAPDSTARTED=1 + COMMAND="snmptrapd -d -p $SNMP_SNMPTRAPD_PID_FILE -Lf $SNMP_SNMPTRAPD_LOG_FILE $TRAPD_FLAGS" + CFG_FILE=$SNMPTRAPD_CONFIG_FILE + LOG_FILE=$SNMP_SNMPTRAPD_LOG_FILE + PORT_SPEC="$SNMP_SNMPTRAPD_PORT" + if [ "x$SNMP_TRANSPORT_SPEC" != "x" ]; then + PORT_SPEC="${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${PORT_SPEC}" + fi + STARTPROG + WAITFORCOND test -f $SNMP_SNMPTRAPD_PID_FILE + WAITFORTRAPD "NET-SNMP version" +} + +## sending SIGHUP for reconfiguration +# +HUPPROG() { + if [ -f $1 ]; then + if [ "x$OSTYPE" = "xmsys" ]; then + COMMAND='echo "Skipping SIGHUP (not possible with MinGW)"' + else + COMMAND="kill -HUP `cat $1`" + fi + echo $COMMAND >> $SNMP_TMPDIR/invoked + VERBOSE_OUT 0 $COMMAND + $COMMAND > /dev/null 2>&1 + fi +} + +HUPAGENT() { + HUPPROG $SNMP_SNMPD_PID_FILE + if [ "x$OSTYPE" != "xmsys" ]; then + WAITFORAGENT "restarted" + fi +} + +HUPTRAPD() { + HUPPROG $SNMP_SNMPTRAPD_PID_FILE + if [ "x$OSTYPE" != "xmsys" ]; then + WAITFORTRAPD "restarted" + fi +} + + +## used by STOPAGENT and STOPTRAPD +# delay before kill to allow previous action to finish +# this is especially important for interaction between +# master agent and sub agent. +STOPPROG() { + pid="`cat $1 2>/dev/null`" + if [ "x$pid" != "x" ]; then + COMMAND="`ECHOSENDSIGTERM $pid`" + echo "$COMMAND ($1)" >> $SNMP_TMPDIR/invoked + VERBOSE_OUT 0 "$COMMAND ($1)" + $COMMAND >/dev/null 2>&1 + if [ "x$OSTYPE" = "xmsys" ]; then + # Wait until $pid and its parent have stopped. + sleep 1 + else + WAITFORNOTCOND "ISRUNNING $pid" + fi + fi +} + +#------------------------------------ -o- +# +STOPAGENT() { + SAVE_RESULTS + STOPPROG $SNMP_SNMPD_PID_FILE + if [ $SNMP_VERBOSE -gt 1 ]; then + echo "Agent Output:" + echo "$separator [stdout]" + cat $SNMP_SNMPD_LOG_FILE.stdout + echo "$separator [logfile]" + cat $SNMP_SNMPD_LOG_FILE + echo "$separator" + fi +} + +#------------------------------------ -o- +# +STOPTRAPD() { + SAVE_RESULTS + STOPPROG $SNMP_SNMPTRAPD_PID_FILE + if [ $SNMP_VERBOSE -gt 1 ]; then + echo "snmptrapd Output:" + echo "$separator [stdout]" + cat $SNMP_SNMPTRAPD_LOG_FILE.stdout + echo "$separator [logfile]" + cat $SNMP_SNMPTRAPD_LOG_FILE + echo "$separator" + fi +} + +#------------------------------------ -o- +# +FINISHED() { + + ## no more changes to test result. + OK_TO_SAVE_RESULT=0 + + pids="`cat $SNMP_TMPDIR/*pid* 2>/dev/null`" + if [ "$SNMPDSTARTED" = "1" ] ; then + STOPAGENT + fi + if [ "$TRAPDSTARTED" = "1" ] ; then + STOPTRAPD + fi + for pid in $pids; do + if [ "x$OSTYPE" = "xmsys" ] || ISRUNNING $pid; then + if [ "x$OSTYPE" != "xmsys" ]; then + SNMP_SAVE_TMPDIR=yes + fi + COMMAND="`ECHOSENDSIGKILL $pid`" + echo "$COMMAND ($pfile)" >> $SNMP_TMPDIR/invoked + VERBOSE_OUT 0 "$COMMAND ($pfile)" + $COMMAND > /dev/null 2>&1 + return_value=1 + fi + done + + # report the number of tests done + GOOD "got to FINISHED" + echo "1..$testnum" + + if [ "x$errnum" != "x0" ]; then + if [ -s core ] ; then + # XX hope that only one prog cores ! + cp core $SNMP_TMPDIR/core.$$ + rm -f core + fi + echo "$headerStr...FAIL" >> $SNMP_TMPDIR/invoked + exit 1 + fi + + echo "$headerStr...ok" >> $SNMP_TMPDIR/invoked + + if [ "x$SNMP_SAVE_TMPDIR" != "xyes" ]; then + REMOVETESTDATA + fi + exit 0 +} + +#------------------------------------ -o- +# +VERBOSE_OUT() { + if [ $SNMP_VERBOSE -gt $1 ]; then + shift + echo "$*" + fi +} + +fi # Only allow ourselves to be eval'ed once diff --git a/testing/fulltests/support/simple_run b/testing/fulltests/support/simple_run new file mode 100755 index 0000000..1978009 --- /dev/null +++ b/testing/fulltests/support/simple_run @@ -0,0 +1,119 @@ +#!/bin/sh + +if [ $# = 0 ]; then + echo "Usage: $0 <testscript> [<args>]" + exit 1 +fi + +if [ "x$builddir" = "x" ]; then + cd .. + builddir=`pwd` + if cd testing 2>/dev/null; then + : + else + echo "Error: $0 must be started from inside the testing directory in the source tree." + echo "The builddir environment variable can be set to point to the build directory." + exit 1 + fi +fi + +if [ "x$srcdir" = "x" ]; then + srcdir=`dirname $0` + srcdir=`cd $srcdir; cd ../..; pwd` + srcdir=`dirname $srcdir` + cd $srcdir + if cd testing 2>/dev/null; then + : + else + echo "Error: $0 must be started from inside the testing directory in the source tree." + echo "The builddir environment variable can be set to point to the build directory." + exit 1 + fi +fi + +testscript=$1 +if [ `echo $testscript | cut -c 1-1` != '/' ]; then + testscript="`pwd`/$1" +fi + +SNMP_BASEDIR=`dirname $0` + +## prefer MIB files found in source hierarchy +SNMP_PREFER_NEAR_MIBS=1 + +export SNMP_PREFER_NEAR_MIBS +SNMP_TEST_PREFIX=${SNMP_TEST_PREFIX:=T} +export SNMP_TEST_PREFIX + +SNMP_ORIGDIR=`pwd` ## this script may be invoked with relative path +export SNMP_ORIGDIR + +SNMP_UPDIR=${builddir} ## build directory +if [ "x$DYNAMIC_ANALYZER" = "x" ]; then + SNMP_SLEEP_DEFAULT=1 +else + SNMP_SLEEP_DEFAULT=10 +fi +SNMP_SLEEP=${SNMP_SLEEP:=$SNMP_SLEEP_DEFAULT} ## default seconds to sleep +export SNMP_SLEEP + +# Find executables in source first, then build, then existing PATH. +## Add to PATH if a binary is found. + +cd $SNMP_UPDIR +SNMP_UPDIR=`pwd` +bf=snmpget +if [ -x "$bf" ] ; then + PATH=$SNMP_UPDIR:$PATH +else + for dd in apps bin ; do + bf=$dd/snmpget + if [ -x "$bf" ] ; then + PATH=$SNMP_UPDIR/$dd:$PATH + break + fi + done +fi +for dd in agent bin sbin ; do + bf=$dd/snmpd + if [ -x "$bf" ] ; then + PATH=$SNMP_UPDIR/$dd:$PATH + break + fi +done + +bf=include/net-snmp/net-snmp-config.h +if [ ! -s "$bf" ] ; then + echo "No \"$bf\" in $SNMP_UPDIR . Some tests will be skipped" +fi +unset bf + +# Run from the test scripts directory. +cd $SNMP_ORIGDIR ; cd ${SNMP_BASEDIR} +SNMP_BASEDIR=`pwd` +export SNMP_BASEDIR + +PATH=${SNMP_BASEDIR}:$PATH +export PATH +SNMP_PATH=yes +export SNMP_PATH + +export SNMP_UPDIR + +# +# Source the testing configuration file +# + +testnum="`basename $testscript`" + +. simple_TESTCONF.sh + +. simple_eval_tools.sh + +cd `dirname $testscript` +PATH=`pwd`:$PATH +export PATH + +. `basename $testscript` + +FINISHED diff --git a/testing/fulltests/tls/S300tlsperl.pl b/testing/fulltests/tls/S300tlsperl.pl new file mode 100644 index 0000000..3ea7c0b --- /dev/null +++ b/testing/fulltests/tls/S300tlsperl.pl @@ -0,0 +1,54 @@ +#!/usr/bin/perl + +BEGIN { + if (exists($ENV{'srcdir'})) { + push @INC, "$ENV{'srcdir'}/testing/fulltests/support"; + } elsif (-d "fulltests/support") { + push @INC, "fulltests/support"; + } elsif (-d "../support") { + push @INC, "../support"; + } +} +use NetSNMPTest; +use Test; +use SNMP; + +my $test = new NetSNMPTest(agentaddress => $agentaddress); + +$test->require_feature($feature); + +my $netsnmpcert = "$ENV{'srcdir'}/local/net-snmp-cert -I -C $test->{'dir'}"; + +system("$netsnmpcert gencert -I -t snmpd > /dev/null 2>&1"); +system("$netsnmpcert gencert -I -t snmpapp --cn snmpapp > /dev/null 2>&1"); +system("$netsnmpcert gencert -I -t perl --cn perl > /dev/null 2>&1"); + +my $fp = `$netsnmpcert showcerts --fingerprint --brief perl`; +chomp($fp); +print "# using local fp: $fp\n"; + +plan(tests => 2); +$test->config_agent("syscontact itworked"); +$test->config_agent("rwuser -s tsm perl"); +$test->config_agent("certSecName 100 snmpapp --cn"); +$test->config_agent("certSecName 101 $fp --cn"); + +$test->DIE("failed to start the agent") if (!$test->start_agent(" -Dtls,ssl,tsm,cert:map")); + +# now create a session to test things with +my $session = new SNMP::Session(DestHost => $test->{'agentaddress'}, + TheirIdentity => 'snmpd', + OurIdentity => 'perl'); + +ok(ref($session), 'SNMP::Session', "created a session"); + +###################################################################### +# GET test +if (ref($session) eq 'SNMP::Session') { + my $value = $session->get('sysContact.0'); + ok($value, 'itworked'); +} + +###################################################################### +# cleanup +$test->stop_agent(); diff --git a/testing/fulltests/tls/SCipherTests b/testing/fulltests/tls/SCipherTests new file mode 100644 index 0000000..95af0b9 --- /dev/null +++ b/testing/fulltests/tls/SCipherTests @@ -0,0 +1,62 @@ +. STlsVars + +# create a CA + +CAPTURE $NSCERT genca --cn ca-net-snmp.org $NSCERTARGS +CAFP=`$NSCERT showcas --fingerprint --brief ca-net-snmp.org $NSCERTARGS` +CHECKVALUEISNT "$CAFP" "" "generated fingerprint for ca-net-snmp.org certificate" + +# create a server certificate using the CA certificate +CAPTURE $NSCERT gencert -t snmpd --with-ca ca-net-snmp.org $checknametype ${checknameprefix}foobar $NSCERTARGS +SNMPDFP=`$NSCERT showcert --fingerprint --brief snmpd $NSCERTARGS` + +CONFIGAGENT '[snmp]' serverCert $SNMPDFP + +# create a user certificate +CAPTURE $NSCERT gencert -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +CONFIGAGENT certSecName 10 $TESTUSERFP --cn +CONFIGAGENT rwuser -s tsm testuser authpriv + +CONFIGAPP clientCert $TESTUSERFP +CONFIGAPP serverCert $SNMPDFP + +CONFIGAPP trustCert $CAFP + +# specify an exact list of ciphers to accept +CONFIGAGENT '[snmp]' tlsAlgorithms DHE-RSA-AES256-SHA:AES256-SHA:DES-CBC3-SHA + +FLAGS="-On $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT" + +# start up the agent +STARTAGENT + +# ensure we can access it via standard algorithms on the client side +DOSETTEST defaultAlgs "$FLAGS" + +# limit the client to the same set +CONFIGAPP tlsAlgorithms DHE-RSA-AES256-SHA:AES256-SHA:DES-CBC3-SHA + +# and test +DOSETTEST specificAlgs "$FLAGS" + +# drop one cipher +CONFIGAPP tlsAlgorithms DHE-RSA-AES256-SHA:AES256-SHA + +# and test +DOSETTEST onlyAes256Sha "$FLAGS" + +# and finally ensure we can get back to working again +CONFIGAPP tlsAlgorithms DHE-RSA-AES256-SHA:AES256-SHA +DOSETTEST worksAgain "$FLAGS" + + +######################################## +# DONE + + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/tls/SCrl b/testing/fulltests/tls/SCrl new file mode 100644 index 0000000..4167403 --- /dev/null +++ b/testing/fulltests/tls/SCrl @@ -0,0 +1,98 @@ +#!/bin/sh + +. STlsVars + +# this file contains tests common to both tls and dtls usages + +TLSDIR=$SNMP_TMPDIR/tls + +######################################### +# Create the certificates + +# create the ca +CAPTURE $NSCERT genca --cn ca-net-snmp.org $NSCERTARGS + +# snmpd +HOSTNAME=`hostname` +CAPTURE $NSCERT gencert --with-ca ca-net-snmp.org -t snmpd --cn $HOSTNAME $NSCERTARGS +SERVERFP=`$NSCERT showcerts --fingerprint --brief snmpd $NSCERTARGS` +CHECKVALUEISNT "$SERVERFP" "" "generated fingerprint for snmpd certificate" + +# user +CAPTURE $NSCERT gencert --with-ca ca-net-snmp.org -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +# user2 +CAPTURE $NSCERT gencert --with-ca ca-net-snmp.org -t snmpapp2 --cn 'testuser2' $NSCERTARGS +TESTUSER2FP=`$NSCERT showcerts --fingerprint --brief snmpapp2 $NSCERTARGS` +CHECKVALUEISNT "$TESTUSER2FP" "" "generated fingerprint for testuser2 certificate" + +######################################## +# Configure the .conf files + +CONFIGAPP serverCert $SERVERFP + +# common name mappings +CONFIGAGENT certSecName 9 $TESTUSERFP --cn +CONFIGAGENT certSecName 10 $TESTUSER2FP --cn +CONFIGAGENT rwuser -s tsm testuser authpriv +CONFIGAGENT rwuser -s tsm testuser2 authpriv + +CRLFILE=$SNMP_TMPDIR/crlfile.pem + +# configure the CRL locations +CONFIGAGENT '[snmp]' x509crlfile $CRLFILE +CONFIGAPP '[snmp]' x509crlfile $CRLFILE + +CRLCACMD="env DIR=$TLSDIR CN=ca-net-snp.org openssl ca" +CRLARGS="-config $TLSDIR/.openssl.conf -keyfile $TLSDIR/private/ca-net-snmp.org.key -cert $TLSDIR/ca-certs/ca-net-snmp.org.crt" + +# generate the initial CRL +touch $TLSDIR/.index +echo "01" > $TLSDIR/.crlnumber +CAPTURE "$CRLCACMD -gencrl $CRLARGS -out $CRLFILE" + +# +# put the second client into the CRL and it shouldn't work +# +CAPTURE "$CRLCACMD -revoke $TLSDIR/certs/snmpapp2.crt $CRLARGS -out $CRLFILE" +CAPTURE "$CRLCACMD -gencrl $CRLARGS -out $CRLFILE" + + +###################################################################### +# Run the actual list of tests +# + +# start the agent up +FLAGS="-Dtls -On $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT" +AGENT_FLAGS="-Dtls" +STARTAGENT + +# using user 1 - a common name mapped certificate +# (using the default "snmpapp" certificate because we don't specify another) +CAPTURE "snmpget -Dssl $FLAGS .1.3.6.1.2.1.1.3.0" + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +# using user 2 should now fail +CAPTURE "snmpget -T our_identity=snmpapp2 -Dssl $FLAGS .1.3.6.1.2.1.1.3.0" + +CHECKCOUNT 0 ".1.3.6.1.2.1.1.3.0 = Timeticks:" +CHECKAGENT "certificate revoked" + +# +# now put the server's cert into the client crl file +# +CAPTURE "$CRLCACMD -revoke $TLSDIR/certs/snmpd.crt $CRLARGS" +CAPTURE "$CRLCACMD -gencrl $CRLARGS -out $CRLFILE" + +# user 1 should now fail on the client side +CAPTURE "snmpget -Dssl $FLAGS .1.3.6.1.2.1.1.3.0" + +CHECK "certificate revoked" + +# cleanup +STOPAGENT + +FINISHED diff --git a/testing/fulltests/tls/STlsAgentTrap b/testing/fulltests/tls/STlsAgentTrap new file mode 100644 index 0000000..ab0c341 --- /dev/null +++ b/testing/fulltests/tls/STlsAgentTrap @@ -0,0 +1,66 @@ +#!/bin/sh + +. STlsVars + +SKIPIFNOT USING_EXAMPLES_EXAMPLE_MODULE + +######################################### +# CERTIFICATE SETUP +# + +# produce the certificates to use + +# snmptrapd +HOSTNAME=`hostname` +CAPTURE $NSCERT gencert -t snmptrapd --cn $HOSTNAME $NSCERTARGS +TRAPDFP=`$NSCERT showcerts --fingerprint --brief snmptrapd $NSCERTARGS` +CHECKVALUEISNT "$TRAPDFP" "" "generated fingerprint for snmptrapd certificate" + +# snmpd +HOSTNAME=`hostname` +CAPTURE $NSCERT gencert -t snmpd --cn $HOSTNAME $NSCERTARGS +SERVERFP=`$NSCERT showcerts --fingerprint --brief snmpd $NSCERTARGS` +CHECKVALUEISNT "$SERVERFP" "" "generated fingerprint for snmpd certificate" + +# user +CAPTURE $NSCERT gencert -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +######################################### +# Configuration + +# snmpd +CONFIGAGENT trapsess -Ci -T our_identity=$TESTUSERFP -T their_identity=$TRAPDFP ${SNMP_TRANSPORT_SPEC}:${SNMP_TEST_DEST}${SNMP_SNMPTRAPD_PORT} +CONFIGAGENT '[snmp]' serverCert $SERVERFP +CONFIGAGENT certSecName 9 $TESTUSERFP --cn +CONFIGAGENT rwuser -s tsm testuser + +# snmptrapd +CONFIGTRAPD '[snmp]' serverCert $TRAPDFP +CONFIGTRAPD certSecName 9 $TESTUSERFP --cn +CONFIGTRAPD authuser log -s tsm testuser authpriv +CONFIGTRAPD agentxsocket /dev/null + +# general + +# +# Begin test +# + +STARTTRAPD + +# initialize only the example mib, and not the notification mib stuff +AGENT_FLAGS="$AGENT_FLAGS -Dexample,header_generic" +STARTAGENT + +#DELAY +CAPTURE "snmpset -T their_identity=snmpd -T our_identity=snmpapp -On -t 3 -r 0 $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.4.1.2021.254.8.0 i 1" + +STOPAGENT + +STOPTRAPD + +CHECKTRAPD "life the universe and everything" + +FINISHED diff --git a/testing/fulltests/tls/STlsCNSession b/testing/fulltests/tls/STlsCNSession new file mode 100644 index 0000000..b9a61b8 --- /dev/null +++ b/testing/fulltests/tls/STlsCNSession @@ -0,0 +1,6 @@ +#!/bin/sh + +checknametype="--san" +checknameprefix="DNS:" + +. STlsServerSession diff --git a/testing/fulltests/tls/STlsName b/testing/fulltests/tls/STlsName new file mode 100644 index 0000000..e484da6 --- /dev/null +++ b/testing/fulltests/tls/STlsName @@ -0,0 +1,6 @@ +#!/bin/sh + +checknametype="--cn" +checknameprefix="" + +. STlsServer diff --git a/testing/fulltests/tls/STlsSan b/testing/fulltests/tls/STlsSan new file mode 100644 index 0000000..294a0b4 --- /dev/null +++ b/testing/fulltests/tls/STlsSan @@ -0,0 +1,6 @@ +#!/bin/sh + +checknametype="--san" +checknameprefix="DNS:" + +. STlsServer diff --git a/testing/fulltests/tls/STlsSanSession b/testing/fulltests/tls/STlsSanSession new file mode 100644 index 0000000..b9a61b8 --- /dev/null +++ b/testing/fulltests/tls/STlsSanSession @@ -0,0 +1,6 @@ +#!/bin/sh + +checknametype="--san" +checknameprefix="DNS:" + +. STlsServerSession diff --git a/testing/fulltests/tls/STlsServer b/testing/fulltests/tls/STlsServer new file mode 100644 index 0000000..1e8002d --- /dev/null +++ b/testing/fulltests/tls/STlsServer @@ -0,0 +1,77 @@ +#!/bin/sh + +. STlsVars + +# create a CA + +CAPTURE $NSCERT genca --cn ca-net-snmp.org $NSCERTARGS +CAFP=`$NSCERT showcas --fingerprint --brief ca-net-snmp.org $NSCERTARGS` +CHECKVALUEISNT "$CAFP" "" "generated fingerprint for ca-net-snmp.org certificate" + +# create a server certificate using the CA certificate +CAPTURE $NSCERT gencert -t snmpd --with-ca ca-net-snmp.org $checknametype ${checknameprefix}a.b.example.com $NSCERTARGS +SNMPDFP=`$NSCERT showcert --fingerprint --brief snmpd $NSCERTARGS` + +CONFIGAGENT '[snmp]' serverCert $SNMPDFP + +# create a user certificate +CAPTURE $NSCERT gencert -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +CONFIGAGENT certSecName 10 $TESTUSERFP --cn +CONFIGAGENT rwuser -s tsm testuser authpriv + +CONFIGAPP clientCert $TESTUSERFP + +# start the agent up +FLAGS="-On $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT" + +# start up the agent +STARTAGENT + +######################################## +# Positive tests +# (should work) + +# ensure we can access it via a direct FP check +DOSETTEST fingerprintIdentity "-T their_identity=$SNMPDFP $FLAGS" + +# ensure we can access it via a file based identity check +DOSETTEST filenameIdentity "-T their_identity=snmpd $FLAGS" + +# ensure we can access it via trusting their CA certificate and a +# matching commoname +DOSETTEST hostnameIdentity "-T trust_cert=$CAFP -T their_hostname=a.b.example.com $FLAGS" + +######################################## +# Negative tests +# (should fail) + +# if we don't load the CA certificate we shouldn't connect +DOFAILSETTEST noTrustCACert "-T their_hostname=a.b.example.com $FLAGS" + +# if we specify a different hostname we should fail hostname test +# ("localhos" without the "t" is intentional here) +DOFAILSETTEST incorrectNameA.B.Example.Co "-T their_hostname=a.b.example.co $FLAGS" +DOFAILSETTEST incorrectNameA.B.Example.Comt "-T their_hostname=a.b.example.comt $FLAGS" + +# if we specify the CA cert's but don't specify the hostname, it +# should fail (this may change in the future if we pull the hostname +# from the transport specifier) +DOFAILSETTEST certWithoutHost "-T trust_cert=$CAFP $FLAGS" + +######################################## +# Wildcard tests +# +DOSETTEST wildcardMatch "-T trust_cert=$CAFP -T their_hostname=*.b.example.com $FLAGS" + +DOFAILSETTEST noDoubleWildcard "-T trust_cert=$CAFP -T their_hostname=*.example.com $FLAGS" + + +######################################## +# DONE + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/tls/STlsServerSession b/testing/fulltests/tls/STlsServerSession new file mode 100644 index 0000000..acf68e5 --- /dev/null +++ b/testing/fulltests/tls/STlsServerSession @@ -0,0 +1,57 @@ +#!/bin/sh + +. STlsVars + +# this is usually something like "localhost:", so we need to strip the : +OURHOST=`echo $SNMP_TEST_DEST | sed 's/:.*//'` + +# create a CA + +CAPTURE $NSCERT genca --cn ca-net-snmp.org $NSCERTARGS +CAFP=`$NSCERT showcas --fingerprint --brief ca-net-snmp.org $NSCERTARGS` +CHECKVALUEISNT "$CAFP" "" "generated fingerprint for ca-net-snmp.org certificate" + +# create a server certificate using the CA certificate +CAPTURE $NSCERT gencert -t snmpd --with-ca ca-net-snmp.org $checknametype ${checknameprefix}$OURHOST $NSCERTARGS +SNMPDFP=`$NSCERT showcert --fingerprint --brief snmpd $NSCERTARGS` + +CONFIGAGENT '[snmp]' serverCert $SNMPDFP + +# create a user certificate +CAPTURE $NSCERT gencert -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +CONFIGAGENT certSecName 10 $TESTUSERFP --cn +CONFIGAGENT rwuser -s tsm testuser authpriv + +CONFIGAPP clientCert $TESTUSERFP + +# start the agent up +FLAGS="-On $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT" + +# start up the agent +STARTAGENT + +######################################## +# Positive tests +# (should work) + +# ensure we can access it via a direct FP check +DOSETTEST fingerprintIdentity "-T their_identity=$SNMPDFP $FLAGS" + +# directly specify the host name +DOSETTEST hostnameIdentity "-T trust_cert=$CAFP -T their_hostname=$OURHOST $FLAGS" + +# This should also work because we: +# - trust the CA cert +# - use a session destname that matches the certificate +DOSETTEST sessionnameIdentity "-T trust_cert=$CAFP $FLAGS" + +######################################## +# DONE + +#sleep 500 +STOPAGENT + +FINISHED diff --git a/testing/fulltests/tls/STlsTrapdUser b/testing/fulltests/tls/STlsTrapdUser new file mode 100644 index 0000000..e14c427 --- /dev/null +++ b/testing/fulltests/tls/STlsTrapdUser @@ -0,0 +1,87 @@ +#!/bin/sh + +. STlsVars + +######################################### +# CERTIFICATE SETUP +# + +# produce the certificates to use + +# snmptrapd +HOSTNAME=`hostname` +CAPTURE $NSCERT gencert -t snmptrapdd --cn $HOSTNAME $NSCERTARGS +SERVERFP=`$NSCERT showcerts --fingerprint --brief snmptrapdd $NSCERTARGS` +CHECKVALUEISNT "$SERVERFP" "" "generated fingerprint for snmptrapdd certificate" + +# user +CAPTURE $NSCERT gencert -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +# CA certificate + +CAPTURE $NSCERT genca --cn ca-net-snmp.org $NSCERTARGS +CAFP=`$NSCERT showcas --fingerprint --brief ca-net-snmp.org $NSCERTARGS` +CHECKVALUEISNT "$CAFP" "" "generated fingerprint for ca-net-snmp.org certificate" + +# user 9: CA signed user cert +CAPTURE $NSCERT gencert -t causer --with-ca ca-net-snmp.org --san email:user9@test.net-snmp.org --email user9@test.net-snmp.org $NSCERTARGS +CAUSERFP=`$NSCERT showcerts --fingerprint --brief causer $NSCERTARGS` +CHECKVALUEISNT "$CAUSERFP" "" "generated fingerprint for causer certificate" + +######################################### +# AGENT CONFIGURATION +# + +CONFIGTRAPD '[snmp]' debugTokens tsm +# ,tls,ssl,cert,tsm +CONFIGTRAPD '[snmp]' doDebugging 1 +CONFIGTRAPD '[snmp]' serverCert $SERVERFP + +CONFIGTRAPD '[snmp]' trustCert $CAFP + +# common name mappings +CONFIGTRAPD certSecName 9 $TESTUSERFP --cn + +CONFIGTRAPD certSecName 100 $CAFP --rfc822 + +CONFIGAPP serverCert $SERVERFP +CONFIGAPP defSecurityModel tsm + +CONFIGTRAPD authuser log -s tsm testuser authpriv + +# this file contains tests common to both tls and dtls usages + +# start the agent up +FLAGS="-Dtls -On $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPTRAPD_PORT" + +STARTTRAPD + +######################################## +# POST-TRAPD-STARTUP Certificates +# user +CAPTURE $NSCERT gencert -t snmptrap --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmptrap $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +###################################################################### +# ACTUAL TESTS +# +# Run the actual list of tests +# + +# using user 1 - a common name mapped certificate +# (using the default "snmpapp" certificate because we don't specify another) +DOTRAPTEST user1TrapTest "$FLAGS" + +# failing using the CA signed cert without +DOFAILTRAPTEST user2UnknownUser "-T our_identity=snmptrap $FLAGS" + +# using user 1 - sending an INFORM +# (using the default "snmpapp" certificate because we don't specify another) +DOTRAPTEST user1InformTest "-Ci $FLAGS" + +STOPTRAPD + +FINISHED diff --git a/testing/fulltests/tls/STlsUsers b/testing/fulltests/tls/STlsUsers new file mode 100644 index 0000000..2cb03a6 --- /dev/null +++ b/testing/fulltests/tls/STlsUsers @@ -0,0 +1,262 @@ +#!/bin/sh + +. STlsVars + +######################################### +# CERTIFICATE SETUP +# + +# produce the certificates to use + +# snmpd +HOSTNAME=`hostname` +CAPTURE $NSCERT gencert -t snmpd --cn $HOSTNAME $NSCERTARGS +SERVERFP=`$NSCERT showcerts --fingerprint --brief snmpd $NSCERTARGS` +CHECKVALUEISNT "$SERVERFP" "" "generated fingerprint for snmpd certificate" + +# user +CAPTURE $NSCERT gencert -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +# user 1.5 +CAPTURE $NSCERT gencert -t snmpapp2 --cn 'testuser2' $NSCERTARGS +TESTUSER2FP=`$NSCERT showcerts --fingerprint --brief snmpapp2 $NSCERTARGS` +CHECKVALUEISNT "$TESTUSER2FP" "" "generated fingerprint for testuser certificate" + +# user 2 +CAPTURE $NSCERT gencert -t otheruser --cn 'otheruser' $NSCERTARGS +OTHERUSERFP=`$NSCERT showcerts --fingerprint --brief otheruser $NSCERTARGS` +CHECKVALUEISNT "$OTHERUSERFP" "" "generated fingerprint for otheruser certificate" + +# user 3 +CAPTURE $NSCERT gencert -t invaliduser --cn 'invaliduser' $NSCERTARGS +INVALIDUSERFP=`$NSCERT showcerts --fingerprint --brief invaliduser $NSCERTARGS` +CHECKVALUEISNT "$INVALIDUSERFP" "" "generated fingerprint for otheruser certificate" + +# user 4 +CAPTURE $NSCERT gencert -t unmapped --cn 'unmapped' $NSCERTARGS +UNMAPPEDFP=`$NSCERT showcerts --fingerprint --brief unmapped $NSCERTARGS` +CHECKVALUEISNT "$UNMAPPEDFP" "" "generated fingerprint for unmapped certificate" + +# user 5 +CAPTURE $NSCERT gencert -t mappeduser --cn 'mappeduser' $NSCERTARGS +MAPPEDUSERFP=`$NSCERT showcerts --fingerprint --brief mappeduser $NSCERTARGS` +CHECKVALUEISNT "$MAPPEDUSERFP" "" "generated fingerprint for mappeduser certificate" + +# user 6: SAN email +CAPTURE $NSCERT gencert -t email --san email:foobaruser@example.com $NSCERTARGS +EMAILUSERFP=`$NSCERT showcerts --fingerprint --brief email $NSCERTARGS` +CHECKVALUEISNT "$EMAILUSERFP" "" "generated fingerprint for email certificate" + +# user 7: SAN dns +CAPTURE $NSCERT gencert -t dns --san DNS:foobar.example.com $NSCERTARGS +DNSUSERFP=`$NSCERT showcerts --fingerprint --brief dns $NSCERTARGS` +CHECKVALUEISNT "$DNSUSERFP" "" "generated fingerprint for dns certificate" + +# user 8: SAN IPv4 +CAPTURE $NSCERT gencert -t ipaddr --san IP:127.0.0.1 $NSCERTARGS +IPUSERFP=`$NSCERT showcerts --fingerprint --brief ipaddr $NSCERTARGS` +CHECKVALUEISNT "$IPUSERFP" "" "generated fingerprint for ipaddr certificate" + +# user 8.1: afile +CAPTURE $NSCERT gencert -t afile --cn afileuser $NSCERTARGS +AFILEUSERFP=`$NSCERT showcerts --fingerprint --brief afile $NSCERTARGS` +CHECKVALUEISNT "$AFILEUSERFP" "" "generated fingerprint for afile certificate" + + +# CA certificate + +CAPTURE $NSCERT genca --cn ca-net-snmp.org $NSCERTARGS +CAFP=`$NSCERT showcas --fingerprint --brief ca-net-snmp.org $NSCERTARGS` +CHECKVALUEISNT "$CAFP" "" "generated fingerprint for ca-net-snmp.org certificate" + +# user 9: CA signed user cert +CAPTURE $NSCERT gencert -t causer --with-ca ca-net-snmp.org --san email:user9@test.net-snmp.org --email user9@test.net-snmp.org $NSCERTARGS +CAUSERFP=`$NSCERT showcerts --fingerprint --brief causer $NSCERTARGS` +CHECKVALUEISNT "$CAUSERFP" "" "generated fingerprint for causer certificate" + +CAPTURE $NSCERT gencert -t cadirect9b --with-ca ca-net-snmp.org --san email:user9b@test.net-snmp.org --email user9b@test.net-snmp.org $NSCERTARGS +CADIRECTFP=`$NSCERT showcerts --fingerprint --brief cadirect9b $NSCERTARGS` +CHECKVALUEISNT "$CADIRECTFP" "" "generated fingerprint for cadirect certificate" + +CAPTURE $NSCERT genca --cn ca2-net-snmp.org $NSCERTARGS +CA2FP=`$NSCERT showcas --fingerprint --brief ca2-net-snmp.org $NSCERTARGS` +CHECKVALUEISNT "$CA2FP" "" "generated fingerprint for ca2-net-snmp.org certificate" + +CAPTURE $NSCERT gencert -t cadirect9c --with-ca ca2-net-snmp.org --san email:user9c@test.net-snmp.org --email user9c@test.net-snmp.org $NSCERTARGS +CADIRECT9CFP=`$NSCERT showcerts --fingerprint --brief cadirect9c $NSCERTARGS` +CHECKVALUEISNT "$CADIRECT9CFP" "" "generated fingerprint for cadirect9c certificate" + +CAPTURE $NSCERT gencert -t cadirect9d --with-ca ca2-net-snmp.org --san email:user9d@test.net-snmp.org --email user9d@test.net-snmp.org $NSCERTARGS +CADIRECT9DFP=`$NSCERT showcerts --fingerprint --brief cadirect9d $NSCERTARGS` +CHECKVALUEISNT "$CADIRECT9DFP" "" "generated fingerprint for cadirect9d certificate" + +######################################### +# AGENT CONFIGURATION +# + +CONFIGAGENT '[snmp]' debugTokens tsm +# ,tls,ssl,cert,tsm +CONFIGAGENT '[snmp]' doDebugging 1 +CONFIGAGENT '[snmp]' logTimestamp 1 +CONFIGAGENT '[snmp]' serverCert $SERVERFP + +CONFIGAGENT '[snmp]' trustCert $CAFP +CONFIGAGENT '[snmp]' trustCert $CADIRECT9CFP + +# common name mappings +CONFIGAGENT certSecName 9 $TESTUSERFP --cn +CONFIGAGENT certSecName 10 $TESTUSER2FP --cn +CONFIGAGENT certSecName 11 $OTHERUSERFP --cn +CONFIGAGENT certSecName 12 $INVALIDUSERFP --cn + +CONFIGAGENT certSecName 20 $MAPPEDUSERFP --sn aftermapping +CONFIGAGENT certSecName 21 $EMAILUSERFP --rfc822 +CONFIGAGENT certSecName 22 $DNSUSERFP --dns +CONFIGAGENT certSecName 23 $IPUSERFP --ip +CONFIGAGENT certSecName 24 afile --cn + +CONFIGAGENT certSecName 100 $CAFP --rfc822 +CONFIGAGENT certSecName 101 $CADIRECTFP --sn causerdirectmap +CONFIGAGENT certSecName 102 $CADIRECT9CFP --sn causerdirect9cmap +# intentionally not mapped: +#CONFIGAGENT certSecName 1001 $CADIRECT9DFP --sn causerdirect9dmap + +# *** INTENTIONALLY NOT MAPPING AT ALL: *** +# CONFIGAGENT certSecName 1000 $UNMAPPEDFP .... + +CONFIGAPP serverCert $SERVERFP +CONFIGAPP defSecurityModel tsm +CONFIGAPP logTimestamp 1 + +CONFIGAGENT rwuser -s tsm testuser authpriv +CONFIGAGENT rwuser -s tsm testuser2 authpriv +CONFIGAGENT rwuser -s tsm otheruser authpriv +CONFIGAGENT rwuser -s tsm aftermapping authpriv + +CONFIGAGENT rwuser -s tsm foobaruser@example.com authpriv +CONFIGAGENT rwuser -s tsm foobar.example.com authpriv +CONFIGAGENT rwuser -s tsm 127.0.0.1 authpriv +CONFIGAGENT rwuser -s tsm user8@test.net-snmp.org authpriv +CONFIGAGENT rwuser -s tsm user9@test.net-snmp.org authpriv +CONFIGAGENT rwuser -s tsm user10@test.net-snmp.org authpriv +CONFIGAGENT rwuser -s tsm afileuser authpriv +CONFIGAGENT rwuser -s tsm causerdirectmap authpriv +CONFIGAGENT rwuser -s tsm causerdirect9cmap authpriv + + +# this file contains tests common to both tls and dtls usages + +# start the agent up +FLAGS="-Dtls -v3 -On $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT" + +STARTAGENT + +# shouldn't have config errors +CHECKAGENTCOUNT 0 ": Error:" + +###################################################################### +# EXTENDED CERTIFICATE SETUP +# +# Perform more steps of configuration that should occur *after* the +# agent has started in order to prevent it from having seen these +# files ahead of time. + +# this user's fingerprint should not be recognized +CAPTURE $NSCERT gencert -t unknownuser --san email:unknownuser@example.com $NSCERTARGS +UNKNOWNUSER=`$NSCERT showcerts --fingerprint --brief unknownuser $NSCERTARGS` +CHECKVALUEISNT "$UNMAPPEDFP" "" "generated fingerprint for unknownuser certificate" + +# this user's fingerprint should not be directly recognized, but it's +# CA should. + +# user 10: CA signed cert +CAPTURE $NSCERT gencert -D -t unknowncauser --cn unknowncauser@net-snmp.org --email unknowncauser@net-snmp.org --with-ca ca-net-snmp.org --san email:user10@test.net-snmp.org $NSCERTARGS +UNKNOWNCAUSERFP=`$NSCERT showcerts --fingerprint --brief unknowncauser $NSCERTARGS` +CHECKVALUEISNT "$UNKNOWNCAUSERFP" "" "generated fingerprint for unknowncauser certificate" + +###################################################################### +# ACTUAL TESTS +# +# Run the actual list of tests +# + +# using user 1 - a common name mapped certificate +# (using the default "snmpapp" certificate because we don't specify another) +DOSETTEST user1SnmpApp "$FLAGS" + +# now rerun the test after specifying our default using the (same) fingerprint +CONFIGAPP clientCert $TESTUSER2FP +DOSETTEST user1ClientPub "$FLAGS" + +# using user 2 - a common name mapped certificate with a direct -T FP request +DOSETTEST user2DashTFPFlag "-T our_identity=$OTHERUSERFP $FLAGS" + +CHECKAGENTCOUNT 4 "otheruser" + +# using user 2, specifying the file name instead of the fingerprint +DOSETTEST user2DashTFileFlag "-T our_identity=otheruser $FLAGS" + +CHECKAGENTCOUNT 8 "otheruser" + +# using user 3 - an invalid certificate (mapped but not authorized) +DOFAILSETTEST "invalidUnauthorizedCert" "-T our_identity=$INVALIDUSERFP $FLAGS" + +CHECK "authorizationError" + +# using user 4 - an unmapped certificate +DOFAILSETTEST "unmappedCertificate" "-T our_identity=$UNMAPPEDFP $FLAGS" + +CHECK "failed rfc5343" + +# Check *their* certificate with a different one than expected; should fail +DOFAILSETTEST "incorectServerCertificate" "-r 0 -T our_identity=$OTHERUSERFP -T their_identity=$OTHERUSERFP $FLAGS" + +CHECK "failed to verify ssl certificate" + +# using user 5 - a completely remapped certificate (direct specified secname) +DOSETTEST user5RemappedSecname "-T our_identity=$MAPPEDUSERFP $FLAGS" + +# using user 6 - a subjectAltName=email certificate mapping +DOSETTEST user6SANEmail "-T our_identity=$EMAILUSERFP $FLAGS" + +# using user 7 - a subjectAltName=dns certificate mapping +DOSETTEST user7SANDNS "-T our_identity=$DNSUSERFP $FLAGS" + +# using user 8 - a subjectAltName=ipv4 certificate mapping +DOSETTEST user8SANIP "-T our_identity=$IPUSERFP $FLAGS" + +# using user 8 - test that certmapping works from a local filename +DOSETTEST afileuser "-T our_identity=afile $FLAGS" + +# using user 9 - a CA signed certificate +DOSETTEST user9CASignedCert "-T our_identity=$CAUSERFP -T trust_cert=$CAFP $FLAGS" + +# using user 9b - a CA signed certificate with a user-based fp mapping +DOSETTEST user9bCASignedDirectMap "-T our_identity=$CADIRECTFP $FLAGS" + +# using user 9c - a CA2 signed certificate with a user-based fp mapping +DOSETTEST user9cCASignedDirectMap "-T our_identity=$CADIRECT9CFP $FLAGS" + +# using user 9d - a CA2 signed certificate no user-based fp mapping +DOFAILSETTEST user9dCASignedDirectMap "-T our_identity=$CADIRECT9DFP $FLAGS" + +# using user unknown - the server will not have seen this fingerprint at all +CAPTURE "snmpget -T our_identity=$UNKNOWNUSER -T trust_cert=$CAFP $FLAGS .1.3.6.1.2.1.1.6.0" + +# different types of failure messaages for tls/dtls... +if [ $SNMP_TRANSPORT_SPEC = dtlsudp ]; then + CHECK "failed rfc5343 contextEngineID probing" + CHECKAGENTCOUNT 1 "TLS Error: no certificate returned" +else + CHECK "failed to ssl_connect" + CHECKAGENTCOUNT 1 "Failed SSL_accept" +fi + +# using the user without a known fingerprint but with a known CA +DOSETTEST userNewFromCA " -T trust_cert=$CAFP -T our_identity=$UNKNOWNCAUSERFP $FLAGS" + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/tls/STlsVars b/testing/fulltests/tls/STlsVars new file mode 100644 index 0000000..bba84f9 --- /dev/null +++ b/testing/fulltests/tls/STlsVars @@ -0,0 +1,56 @@ +#!/bin/sh + +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPTRAPD_PORT +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +export NET_SNMP_CRT_CFGTOOL="${builddir}/net-snmp-config" +NSCERT="perl $SNMP_BASEDIR/../../../local/net-snmp-cert -I" +NSCERTARGS="-C $SNMP_TMPDIR" + +DOSETTEST() { + value=$1 + args=$2 + + # SNMPv2-MIB::sysLocation.0 + CAPTURE "snmpset $args .1.3.6.1.2.1.1.6.0 s '$value'" + + CAPTURE "snmpget $args .1.3.6.1.2.1.1.6.0" + + CHECK "STRING: '$value'" +} + + +DOFAILSETTEST() { + value=$1 + args=$2 + + # SNMPv2-MIB::sysLocation.0 + CAPTURE "snmpset $args .1.3.6.1.2.1.1.6.0 s '$value'" + + CAPTURE "snmpget $args .1.3.6.1.2.1.1.6.0" + + CHECKCOUNT 0 "$value" +} + +DOTRAPTEST() { + value=$1 + args=$2 + + # IF-MIB::linkUp + CAPTURE "snmptrap $args 0 .1.3.6.1.6.3.1.1.5.4 system.sysContact.0 s $value" + + CHECKTRAPD "STRING: $value" +} + +DOFAILTRAPTEST() { + value=$1 + args=$2 + + # IF-MIB::linkUp + CAPTURE "snmptrap $args 0 .1.3.6.1.6.3.1.1.5.4 system.sysContact.0 s $value" + + CHECKTRAPDCOUNT 0 "$value" +} + diff --git a/testing/fulltests/tls/STsmPrefix b/testing/fulltests/tls/STsmPrefix new file mode 100644 index 0000000..ec0f8d6 --- /dev/null +++ b/testing/fulltests/tls/STsmPrefix @@ -0,0 +1,86 @@ +#!/bin/sh + +. STlsVars + +# this file contains tests common to both tls and dtls usages + +export NET_SNMP_CRT_CFGTOOL="${builddir}/net-snmp-config" +NSCERT="perl $SNMP_BASEDIR/../../../local/net-snmp-cert" +NSCERTARGS="-I -C $SNMP_TMPDIR" + +TLSDIR=$SNMP_TMPDIR/tls + +######################################### +# Create the certificates + +# create the ca +CAPTURE $NSCERT genca --cn ca-net-snmp.org $NSCERTARGS + +# snmpd +HOSTNAME=`hostname` +CAPTURE $NSCERT gencert --with-ca ca-net-snmp.org -t snmpd --cn $HOSTNAME $NSCERTARGS +SERVERFP=`$NSCERT showcerts --fingerprint --brief snmpd $NSCERTARGS` +CHECKVALUEISNT "$SERVERFP" "" "generated fingerprint for snmpd certificate" + +# user +CAPTURE $NSCERT gencert --with-ca ca-net-snmp.org -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +# user2 +CAPTURE $NSCERT gencert --with-ca ca-net-snmp.org -t snmpapp2 --cn 'testuser2' $NSCERTARGS +TESTUSER2FP=`$NSCERT showcerts --fingerprint --brief snmpapp2 $NSCERTARGS` +CHECKVALUEISNT "$TESTUSER2FP" "" "generated fingerprint for testuser2 certificate" + +CONFIGAPP serverCert $SERVERFP +CONFIGAGENT certSecName 9 $TESTUSERFP --cn +CONFIGAGENT certSecName 10 $TESTUSER2FP --cn +CONFIGAGENT rwuser -s tsm testuser authpriv +CONFIGAGENT rwuser -s tsm $TSM_PREFIX:testuser2 authpriv +CONFIGAGENT rocommunity public + +# +# Start the agent +# +AGENT_FLAGS="-Dtsm udp:9999" +FLAGS="-On $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT" +STARTAGENT + +CAPTURE "snmpget -Dssl $FLAGS .1.3.6.1.2.1.190.1.2.1.0" +CHECK ".1.3.6.1.2.1.190.1.2.1.0 = INTEGER: false" + +# using user 1 - a common name mapped certificate +# (using the default "snmpapp" certificate because we don't specify another) +CAPTURE "snmpget -Dssl $FLAGS .1.3.6.1.2.1.1.3.0" + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +# using user 2 should now fail because no prefix is applied +CAPTURE "snmpget -T our_identity=snmpapp2 -Dssl $FLAGS .1.3.6.1.2.1.1.3.0" + +CHECKCOUNT 0 ".1.3.6.1.2.1.1.3.0 = Timeticks:" +CHECK "authorizationError" + +# set the TSM prefix scalar to 1 to turn on prefixing +CAPTURE "snmpset -Dssl $FLAGS .1.3.6.1.2.1.190.1.2.1.0 i 1" + + +# using user 2 should now work and the prefix should have been added +# to the securityName, so the agent now accepts it +CAPTURE "snmpget -T our_identity=snmpapp2 -Dssl $FLAGS .1.3.6.1.2.1.190.1.2.1.0" + +CHECK ".1.3.6.1.2.1.190.1.2.1.0 = INTEGER: true" + +# using user 1 should now fail because the prefix has added to the +# securityName, so the agent now accepts it +CAPTURE "snmpget -Dssl $FLAGS .1.3.6.1.2.1.1.3.0" + +CHECKCOUNT 0 ".1.3.6.1.2.1.1.3.0 = Timeticks:" +CHECK "authorizationError" + +CAPTURE "snmpget -v 1 -c public 127.0.0.1:9999 .1.3.6.1.2.1.190.1.2.1.0" + +# cleanup +STOPAGENT + +FINISHED diff --git a/testing/fulltests/tls/T101DtlsUser_simple b/testing/fulltests/tls/T101DtlsUser_simple new file mode 100755 index 0000000..10caede --- /dev/null +++ b/testing/fulltests/tls/T101DtlsUser_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP user certificate tests + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp + +. ./STlsUsers diff --git a/testing/fulltests/tls/T102TlsUser_simple b/testing/fulltests/tls/T102TlsUser_simple new file mode 100644 index 0000000..a3fe119 --- /dev/null +++ b/testing/fulltests/tls/T102TlsUser_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP user certificate tests + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp + +. ./STlsUsers diff --git a/testing/fulltests/tls/T111DtlsServer_simple b/testing/fulltests/tls/T111DtlsServer_simple new file mode 100644 index 0000000..6b42494 --- /dev/null +++ b/testing/fulltests/tls/T111DtlsServer_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP server certificate tests + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp + +. ./STlsName diff --git a/testing/fulltests/tls/T112TlsServer_simple b/testing/fulltests/tls/T112TlsServer_simple new file mode 100644 index 0000000..adefa94 --- /dev/null +++ b/testing/fulltests/tls/T112TlsServer_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP server certificate tests + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp + +. ./STlsName diff --git a/testing/fulltests/tls/T113DtlsSan_simple b/testing/fulltests/tls/T113DtlsSan_simple new file mode 100644 index 0000000..1edb3c5 --- /dev/null +++ b/testing/fulltests/tls/T113DtlsSan_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP server SAN tests + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp + +. ./STlsSan diff --git a/testing/fulltests/tls/T114TlsSan_simple b/testing/fulltests/tls/T114TlsSan_simple new file mode 100644 index 0000000..af5e8bc --- /dev/null +++ b/testing/fulltests/tls/T114TlsSan_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP server SAN tests + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp + +. ./STlsSan diff --git a/testing/fulltests/tls/T115DtlsSanSession_simple b/testing/fulltests/tls/T115DtlsSanSession_simple new file mode 100644 index 0000000..b9d5fcd --- /dev/null +++ b/testing/fulltests/tls/T115DtlsSanSession_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP server SAN tests using session desthost + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp + +. ./STlsSanSession diff --git a/testing/fulltests/tls/T116TlsSanSession_simple b/testing/fulltests/tls/T116TlsSanSession_simple new file mode 100644 index 0000000..191fcf3 --- /dev/null +++ b/testing/fulltests/tls/T116TlsSanSession_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP server SAN tests using session desthost + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp + +. ./STlsSanSession diff --git a/testing/fulltests/tls/T117DtlsCNSession_simple b/testing/fulltests/tls/T117DtlsCNSession_simple new file mode 100644 index 0000000..0beea55 --- /dev/null +++ b/testing/fulltests/tls/T117DtlsCNSession_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP server commonName tests using session desthost + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp + +. ./STlsCNSession diff --git a/testing/fulltests/tls/T118TlsCNSession_simple b/testing/fulltests/tls/T118TlsCNSession_simple new file mode 100644 index 0000000..305ab46 --- /dev/null +++ b/testing/fulltests/tls/T118TlsCNSession_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP server commonName tests using session desthost + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp + +. ./STlsCNSession diff --git a/testing/fulltests/tls/T121DtlsTrap_simple b/testing/fulltests/tls/T121DtlsTrap_simple new file mode 100644 index 0000000..5c7c7bc --- /dev/null +++ b/testing/fulltests/tls/T121DtlsTrap_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP trap tests + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp + +. ./STlsTrapdUser diff --git a/testing/fulltests/tls/T122TlsTrap_simple b/testing/fulltests/tls/T122TlsTrap_simple new file mode 100644 index 0000000..e8aee17 --- /dev/null +++ b/testing/fulltests/tls/T122TlsTrap_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP trap tests + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp + +. ./STlsTrapdUser diff --git a/testing/fulltests/tls/T131DtlsAgentTrap_simple b/testing/fulltests/tls/T131DtlsAgentTrap_simple new file mode 100644 index 0000000..846faa9 --- /dev/null +++ b/testing/fulltests/tls/T131DtlsAgentTrap_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP agent trap tests + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp + +. ./STlsAgentTrap diff --git a/testing/fulltests/tls/T132TlsAgentTrap_simple b/testing/fulltests/tls/T132TlsAgentTrap_simple new file mode 100644 index 0000000..cb44013 --- /dev/null +++ b/testing/fulltests/tls/T132TlsAgentTrap_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP agent trap tests + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp + +. ./STlsAgentTrap diff --git a/testing/fulltests/tls/T141DtlsCrl_simple b/testing/fulltests/tls/T141DtlsCrl_simple new file mode 100644 index 0000000..92a8e4f --- /dev/null +++ b/testing/fulltests/tls/T141DtlsCrl_simple @@ -0,0 +1,18 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP CRL Handling + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +. ./SCrl diff --git a/testing/fulltests/tls/T142TlsCrl_simple b/testing/fulltests/tls/T142TlsCrl_simple new file mode 100644 index 0000000..2723c13 --- /dev/null +++ b/testing/fulltests/tls/T142TlsCrl_simple @@ -0,0 +1,18 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP CRL Handling + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +. ./SCrl diff --git a/testing/fulltests/tls/T151DtlsCiphers_simple b/testing/fulltests/tls/T151DtlsCiphers_simple new file mode 100644 index 0000000..6cbbec4 --- /dev/null +++ b/testing/fulltests/tls/T151DtlsCiphers_simple @@ -0,0 +1,18 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP Cipher Selection + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +. SCipherTests diff --git a/testing/fulltests/tls/T152TlsCiphers_simple b/testing/fulltests/tls/T152TlsCiphers_simple new file mode 100644 index 0000000..c828dc9 --- /dev/null +++ b/testing/fulltests/tls/T152TlsCiphers_simple @@ -0,0 +1,18 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP Cipher Selection + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +. SCipherTests diff --git a/testing/fulltests/tls/T200TlsIpv6_simple b/testing/fulltests/tls/T200TlsIpv6_simple new file mode 100644 index 0000000..5e37f4c --- /dev/null +++ b/testing/fulltests/tls/T200TlsIpv6_simple @@ -0,0 +1,29 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP over IPV6 + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN +SKIPIFNOT NETSNMP_TRANSPORT_TLSIPV6_DOMAIN + +# ensure we have a localhost6 entry + +# XXX: this stems from broken issues in openssl that refuse [::1]: +# style accept strings (it works for client connections). +grep localhost6 /etc/hosts > /dev/null 2>&1 +if [ $? = 1 ] ; then + SKIP This test requires a localhost6 entry in /etc/hosts +fi + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp +SNMP_TEST_DEST='localhost6:' +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +. ../transports/Stlstests diff --git a/testing/fulltests/tls/T300TlsPerl.t b/testing/fulltests/tls/T300TlsPerl.t new file mode 100644 index 0000000..fb8edb9 --- /dev/null +++ b/testing/fulltests/tls/T300TlsPerl.t @@ -0,0 +1,8 @@ +#!/usr/bin/perl + +# HEADER Perl TLS/TCP Test + +$agentaddress = "tlstcp:localhost:9875"; +$feature = "NETSNMP_TRANSPORT_TLSTCP_DOMAIN"; + +do "$ENV{'srcdir'}/testing/fulltests/tls/S300tlsperl.pl"; diff --git a/testing/fulltests/tls/T301DtlsPerl.t b/testing/fulltests/tls/T301DtlsPerl.t new file mode 100644 index 0000000..3d980c7 --- /dev/null +++ b/testing/fulltests/tls/T301DtlsPerl.t @@ -0,0 +1,8 @@ +#!/usr/bin/perl + +# HEADER Perl DTLS/UDP Test + +$agentaddress = "dtlsudp:localhost:9875"; +$feature = "NETSNMP_TRANSPORT_TLSTCP_DOMAIN"; + +do "$ENV{'srcdir'}/testing/fulltests/tls/S300tlsperl.pl"; diff --git a/testing/fulltests/tls/T401DtlsTsmPrefix_simple b/testing/fulltests/tls/T401DtlsTsmPrefix_simple new file mode 100644 index 0000000..dc85ad9 --- /dev/null +++ b/testing/fulltests/tls/T401DtlsTsmPrefix_simple @@ -0,0 +1,19 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TSM prefixing support for DTLS/UDP + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST +TSM_PREFIX=dtls + +. ./STsmPrefix diff --git a/testing/fulltests/tls/T402TlsTsmPrefix_simple b/testing/fulltests/tls/T402TlsTsmPrefix_simple new file mode 100644 index 0000000..0c62eef --- /dev/null +++ b/testing/fulltests/tls/T402TlsTsmPrefix_simple @@ -0,0 +1,16 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TSM prefixing support for TLS/TCP + +SKIPIFNOT NETSNMP_TRANSPORT_TLSTCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp +TSM_PREFIX=tls + +. ./STsmPrefix diff --git a/testing/fulltests/transports/Stlstests b/testing/fulltests/transports/Stlstests new file mode 100644 index 0000000..21b2b82 --- /dev/null +++ b/testing/fulltests/transports/Stlstests @@ -0,0 +1,49 @@ +#!/bin/sh + +# this file contains tests common to both tls and dtls usages + +export NET_SNMP_CRT_CFGTOOL="${builddir}/net-snmp-config" +NSCERT="perl $SNMP_BASEDIR/../../../local/net-snmp-cert -I" +NSCERTARGS="-C $SNMP_TMPDIR" + +######################################### +# Create the certificates + +# snmpd +HOSTNAME=`hostname` +CAPTURE $NSCERT gencert -t snmpd --cn $HOSTNAME $NSCERTARGS +SERVERFP=`$NSCERT showcerts --fingerprint --brief snmpd $NSCERTARGS` +CHECKVALUEISNT "$SERVERFP" "" "generated fingerprint for snmpd certificate" + +# user +CAPTURE $NSCERT gencert -t snmpapp --cn 'testuser' $NSCERTARGS +TESTUSERFP=`$NSCERT showcerts --fingerprint --brief snmpapp $NSCERTARGS` +CHECKVALUEISNT "$TESTUSERFP" "" "generated fingerprint for testuser certificate" + +######################################## +# Configure the .conf files + +CONFIGAPP serverCert $SERVERFP + +# common name mappings +CONFIGAGENT certSecName 9 $TESTUSERFP --cn +CONFIGAGENT rwuser -s tsm testuser authpriv + +###################################################################### +# Run the actual list of tests +# + +# start the agent up +FLAGS="-On $SNMP_FLAGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT" + +STARTAGENT + +# using user 1 - a common name mapped certificate +# (using the default "snmpapp" certificate because we don't specify another) +CAPTURE "snmpget $FLAGS .1.3.6.1.2.1.1.3.0" + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +STOPAGENT + +FINISHED diff --git a/testing/fulltests/transports/Stransport b/testing/fulltests/transports/Stransport new file mode 100755 index 0000000..b33ff57 --- /dev/null +++ b/testing/fulltests/transports/Stransport @@ -0,0 +1,18 @@ +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE + +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +# configure the agent to accept user initial with noAuthNoPriv +. ../default/Sv3config + +STARTAGENT + +CAPTURE "snmpget -On $SNMP_FLAGS $NOAUTHTESTARGS $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.3.0" + +STOPAGENT + +CHECK ".1.3.6.1.2.1.1.3.0 = Timeticks:" + +FINISHED diff --git a/testing/fulltests/transports/T300udp_simple b/testing/fulltests/transports/T300udp_simple new file mode 100644 index 0000000..65a67f0 --- /dev/null +++ b/testing/fulltests/transports/T300udp_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER UDP Transport + +SKIPIFNOT NETSNMP_TRANSPORT_UDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=udp + +. ./Stransport diff --git a/testing/fulltests/transports/T310tcp_simple b/testing/fulltests/transports/T310tcp_simple new file mode 100644 index 0000000..50c6a8a --- /dev/null +++ b/testing/fulltests/transports/T310tcp_simple @@ -0,0 +1,15 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TCP Transport + +SKIPIFNOT NETSNMP_TRANSPORT_TCP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tcp + +. ./Stransport diff --git a/testing/fulltests/transports/T320udpv6_simple b/testing/fulltests/transports/T320udpv6_simple new file mode 100644 index 0000000..6a607c6 --- /dev/null +++ b/testing/fulltests/transports/T320udpv6_simple @@ -0,0 +1,16 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER UDP6 Transport + +SKIPIFNOT NETSNMP_TRANSPORT_UDPIPV6_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=udp6 +SNMP_TEST_DEST="[::1]:" + +. ./Stransport diff --git a/testing/fulltests/transports/T330tcpv6_simple b/testing/fulltests/transports/T330tcpv6_simple new file mode 100644 index 0000000..09eb350 --- /dev/null +++ b/testing/fulltests/transports/T330tcpv6_simple @@ -0,0 +1,16 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TCP6 Transport + +SKIPIFNOT NETSNMP_TRANSPORT_TCPIPV6_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tcp6 +SNMP_TEST_DEST="[::1]:" + +. ./Stransport diff --git a/testing/fulltests/transports/T350unix_simple b/testing/fulltests/transports/T350unix_simple new file mode 100644 index 0000000..053ba1f --- /dev/null +++ b/testing/fulltests/transports/T350unix_simple @@ -0,0 +1,19 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER Unix Transport + +SKIPIFNOT NETSNMP_TRANSPORT_UNIX_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=unix +SNMP_TEST_DEST=${SNMP_TMPDIR}/testunixsocket + +. ./Stransport + +# cleanup +rm -f $SNMP_TEST_DEST diff --git a/testing/fulltests/transports/T360dtlsudp_simple b/testing/fulltests/transports/T360dtlsudp_simple new file mode 100644 index 0000000..5899378 --- /dev/null +++ b/testing/fulltests/transports/T360dtlsudp_simple @@ -0,0 +1,18 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER DTLS-UDP Transport + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=dtlsudp +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +. ./Stlstests diff --git a/testing/fulltests/transports/T361tlstcp_simple b/testing/fulltests/transports/T361tlstcp_simple new file mode 100644 index 0000000..7972a2e --- /dev/null +++ b/testing/fulltests/transports/T361tlstcp_simple @@ -0,0 +1,18 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER TLS-TCP Transport + +SKIPIFNOT NETSNMP_TRANSPORT_DTLSUDP_DOMAIN + +# +# Begin test +# + +SNMP_TRANSPORT_SPEC=tlstcp +export SNMP_TRANSPORT_SPEC +export SNMP_SNMPD_PORT +export SNMP_TEST_DEST + +. ./Stlstests diff --git a/testing/fulltests/transports/T399alias_simple b/testing/fulltests/transports/T399alias_simple new file mode 100644 index 0000000..5f48311 --- /dev/null +++ b/testing/fulltests/transports/T399alias_simple @@ -0,0 +1,24 @@ +#!/bin/sh + +. ../support/simple_eval_tools.sh + +HEADER ALIAS Transport + +SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE +SKIPIFNOT NETSNMP_TRANSPORT_ALIAS_DOMAIN + +# +# Begin test +# + +# configure the agent to accept user initial with noAuthNoPriv +. ../default/Sv3config + +CONFIGAPP alias aliastest udp:localhost:$SNMP_SNMPD_PORT +CONFIGAGENT '[snmp]' alias aliastest udp:localhost:$SNMP_SNMPD_PORT + +SNMP_TRANSPORT_SPEC=alias +SNMP_TEST_DEST="aliastest" +SNMP_SNMPD_PORT="" + +. ./Stransport diff --git a/testing/fulltests/transports/test-localhost.cert b/testing/fulltests/transports/test-localhost.cert new file mode 100644 index 0000000..2b49b26 --- /dev/null +++ b/testing/fulltests/transports/test-localhost.cert @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCAsKgAwIBAgIJAISEQRgZJXH4MA0GCSqGSIb3DQEBBQUAMFExCzAJBgNV +BAYTAlVTMQswCQYDVQQIEwJDQTEOMAwGA1UEBxMFRGF2aXMxETAPBgNVBAoTCE5l +dC1TTk1QMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMDkwNzA5MjMzNjMwWhcNMDkw +ODA4MjMzNjMwWjBRMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExDjAMBgNVBAcT +BURhdmlzMREwDwYDVQQKEwhOZXQtU05NUDESMBAGA1UEAxMJbG9jYWxob3N0MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yjcQ7njcwny6NsFgM5WwEcV +GtVe+h2k41JU9lJ9I1Eg7kRsSfJ7z9jX5JXpHXUXq54Mt/sLODeheyE8z5Zwjplc +MGxLiPdRRp/3Bmlh3qrPLRLR17B+1MkcIz9UBUut2PusxEeCeA/g8RVEwK8oPger +4I+KaXonXWmhm85EEHlWmZHTDTDa6MXURNs+EqcQrWRgHyf8bQhwpSjBzmbUtVq5 +ipVNWmqxPlSTkj5CqkrbNdkpOIBvZ6ThFfi2rwPDO+YzrucFcM+BfKRCDBcC4TsN +2z0S1IseJGTNO1iidMrjCVzoIbMB+GouXjLJXAuLIF0X3dP+yOZzeSt5J2vCgQID +AQABo4G0MIGxMB0GA1UdDgQWBBR+ZduNAGvbAtjo8+7DPUOI5CpQRjCBgQYDVR0j +BHoweIAUfmXbjQBr2wLY6PPuwz1DiOQqUEahVaRTMFExCzAJBgNVBAYTAlVTMQsw +CQYDVQQIEwJDQTEOMAwGA1UEBxMFRGF2aXMxETAPBgNVBAoTCE5ldC1TTk1QMRIw +EAYDVQQDEwlsb2NhbGhvc3SCCQCEhEEYGSVx+DAMBgNVHRMEBTADAQH/MA0GCSqG +SIb3DQEBBQUAA4IBAQCa2+5tz+fmgw9h8AF9l++8M1Lnzqrmsvy45phxx5f/rZe8 +BrspMlrT6bKcM9CTqezjkDZOrGEuYvcbMea2ntlXG0CIMxhWpgczwxZizGYIN6f1 +CK5siPlOzKObpkAwUjWbLm7N2BJGKp3FMq11Jt31tUwJTBc5viYzWBCQV4CxVoL5 +MqMfVyKjOK0eqgMvtrRgZ6t/098OiE4USheW+++b0zzo8Um/YIA9JQmCbZ4bh6jd +/AgZhKRR5bXiOGmCLVweDV4MTi12Y285GBbylbdDuj8YV7mu7NzOn5kJ6xI00Vuc +bGWtdcpEGkW7Zn4YCuxszpqtM3jLGZHCUqCuKSeP +-----END CERTIFICATE----- diff --git a/testing/fulltests/transports/test-localhost.priv b/testing/fulltests/transports/test-localhost.priv new file mode 100644 index 0000000..2e2a8eb --- /dev/null +++ b/testing/fulltests/transports/test-localhost.priv @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA4yjcQ7njcwny6NsFgM5WwEcVGtVe+h2k41JU9lJ9I1Eg7kRs +SfJ7z9jX5JXpHXUXq54Mt/sLODeheyE8z5ZwjplcMGxLiPdRRp/3Bmlh3qrPLRLR +17B+1MkcIz9UBUut2PusxEeCeA/g8RVEwK8oPger4I+KaXonXWmhm85EEHlWmZHT +DTDa6MXURNs+EqcQrWRgHyf8bQhwpSjBzmbUtVq5ipVNWmqxPlSTkj5CqkrbNdkp +OIBvZ6ThFfi2rwPDO+YzrucFcM+BfKRCDBcC4TsN2z0S1IseJGTNO1iidMrjCVzo +IbMB+GouXjLJXAuLIF0X3dP+yOZzeSt5J2vCgQIDAQABAoIBADH4niPj864t5Rrm +e5pvSdQ4juL9R0x8UvaS+Q/K665mPXlM4gmOZ0A88pldhQ+u34soVKHwfvJaApME +p8z+yjoEcKxSVneF+IIx1HS7oAUMzFCdED6DnBMRPrheSQx1LoRKMSJonMHutEw0 +opBEt/SVWXEoAonbjmdVQnD0+jIpJRHYvPj8TWGtv7Vl7nHVTQBUYy+jd1CBQ4jA +emHK5IGx++ytrfNXA1uDa38t8cSHg2Kpr8vhwkzZWVxskS46wSP/sPBqK/wg+Fxd +8WovaGXpiyLb2Kj15rHBqd5wFeKHGJI/Q/X4qVvxLjKGeFJ1GDNvvg8mevRZ9Rei +yIBu8oUCgYEA895WxeaC0S8dKZVAR7eXLauHUQ/lAIjql8OtdsHBfpTRLWvs9IpQ +8y0n4sgcB/4iaBVVp8W414zjutCxXJrq5ZHKOi5zVqpPsamkKQYnGKfbU2q0WptD +T1z2pLSk1L/MHjhbuwZbe0Hxf7vPg10loukFlUGkEajaHKOnhy1/BtcCgYEA7nW7 +4VmVcDM8yYblNNQPv2THoowZJlST9v7+Q9pjoYMYvruQWKcZyIjFSt9hetrfBtxO ++QxUqvfB8d/RSzg7wF7AmWHa3EfgT7h3X8glh7isb9YIRn6qBtxysWTXRqNGM+Wf +hxylFQXezJPZ0hSbdXZThhwvvzD41Zbjq3XJzmcCgYEAoA4MO4Tn1O0sIa+gabF4 +GnRasnxRG4HBHmxCPBA8s5xukXYlJfZl3MSFShV2OFS2NkPSXPOrNmV0zZbM4W+X +vaZq6La14mqTNZKWeIpePJNmoqAE0PbYPY1RH5akHDHpgOgSZHRutD36h5A3SQto +eTyg+m4Dhcehp2xNtq3Iki8CgYEA3vPPTVxv/264iAgK58DaVG3KxezNWuw7R/WU +ECbxfkJPcY124Zyi278dD+sZfj+DxStY3zwrMYril95XFkgmfa9Zzk8SzWCalo73 +deNxS5tcBliMdjTZjf6xcbDCIrZn3f/0juQ2aRiK/qXCQ8ymqUWPxFU4Qz9reHBS +v64qmEMCgYEAsumq+jUoa3qYna45vyBMQf6NJLWCFYXloAtKVTECCb88T6MVyrOE +cyj0Ybek+iezN8tbJHqiSWVtnRA9kjrC0ArwOKDipNFRkFogpURajzb/LnUQdW+P +rOtNuLaNnLVo2kiK4QNbd+3BJQCDPBcZQq6dGccvyNXYVtfExY4WI2c= +-----END RSA PRIVATE KEY----- diff --git a/testing/fulltests/transports/test-user.cert b/testing/fulltests/transports/test-user.cert new file mode 100644 index 0000000..4d56b35 --- /dev/null +++ b/testing/fulltests/transports/test-user.cert @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID4zCCAsugAwIBAgIJAIpBQHzq+nhbMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV +BAYTAlVTMQswCQYDVQQIEwJDQTEOMAwGA1UEBxMFRGF2aXMxETAPBgNVBAoTCE5l +dC1TTk1QMRUwEwYDVQQDEwxkdGxzdGVzdHVzZXIwHhcNMDkwNzA5MjM0MDA2WhcN +MDkwODA4MjM0MDA2WjBUMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExDjAMBgNV +BAcTBURhdmlzMREwDwYDVQQKEwhOZXQtU05NUDEVMBMGA1UEAxMMZHRsc3Rlc3R1 +c2VyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rw9BcVYbzJ8cjc4 +M0FX7h4ywT53xtCWypQXLgwNx7GduZU1DTzhVrcyWpeT8aw+ztW9wmH4NEeORSTK +vGZJJPe3qJiFiPKNSJ17QzKSVG0QStJMPUFSCq7nNYIzZ3blliMHSDJef3q6bx+l +4NUaDX03Usacgke8CCZlA51BRf+OOtqWNWoJ4QXucuJ/rERqgYRR1f7Pojs35ZAE +7c71/WVcztl68tLH6yVZhpVDQKd+Ee/Mpir5j2X7FoRp3dUn5ATjpBw6WETw9tbU +gjbcsrG4wE6czK0YSTxNTGJzC9rvEq3S+vbjPzLBVxrAWxXd7tAMkUSUWVJjCMMv +e7hoOQIDAQABo4G3MIG0MB0GA1UdDgQWBBTFWVMk7fsGCU2GsKY9nk0bC2PN+jCB +hAYDVR0jBH0we4AUxVlTJO37BglNhrCmPZ5NGwtjzfqhWKRWMFQxCzAJBgNVBAYT +AlVTMQswCQYDVQQIEwJDQTEOMAwGA1UEBxMFRGF2aXMxETAPBgNVBAoTCE5ldC1T +Tk1QMRUwEwYDVQQDEwxkdGxzdGVzdHVzZXKCCQCKQUB86vp4WzAMBgNVHRMEBTAD +AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCWxKFEohA+Vl+gj4x0ng5FUMuHtTbtLbSG +1+r6S94LvMBedloYT7mPIPgcVbMT5fqAeQpfVIaC0i5PkiUI9H2MXtO2AdBa5Jx5 +q18OdUj/LjGA3B7josq5HnIT/0OThYkAeKLIVDLHxiqOYrmFwqZOsK5BZ1RM/6Yl ++/UZuwujuHtnwRW3VWskVVFTF4NGKZ5f7lA+NSYqbHn/7OBqqgS2GxnSzcCD9BOq +9zNMZoiW3jW+EoIL62pRtE+S/iL1BRBct4xwNP/RQyN4iaDVg0SC10YSSXk4+of+ +e2gCLgCxs0VyBzG8fIoX8Riq7cV99G119M1KT45jXcos1hO2gYuB +-----END CERTIFICATE----- diff --git a/testing/fulltests/transports/test-user.priv b/testing/fulltests/transports/test-user.priv new file mode 100644 index 0000000..62507e3 --- /dev/null +++ b/testing/fulltests/transports/test-user.priv @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA0rw9BcVYbzJ8cjc4M0FX7h4ywT53xtCWypQXLgwNx7GduZU1 +DTzhVrcyWpeT8aw+ztW9wmH4NEeORSTKvGZJJPe3qJiFiPKNSJ17QzKSVG0QStJM +PUFSCq7nNYIzZ3blliMHSDJef3q6bx+l4NUaDX03Usacgke8CCZlA51BRf+OOtqW +NWoJ4QXucuJ/rERqgYRR1f7Pojs35ZAE7c71/WVcztl68tLH6yVZhpVDQKd+Ee/M +pir5j2X7FoRp3dUn5ATjpBw6WETw9tbUgjbcsrG4wE6czK0YSTxNTGJzC9rvEq3S ++vbjPzLBVxrAWxXd7tAMkUSUWVJjCMMve7hoOQIDAQABAoIBADcXaOiST+06CJif +YPzdT0x77o7gctWyAEnTbz/lfNDA2VgD7suYJ9zQpcRTLiUW/5B5BlPD4uxf7Iyc +8rdQEj0s2YGk5fwIVPEv4mKN3P1fScwVsEKvSfBrCxzM/f1Fcv3OCIBSUqwG/KhC +YM4nR9lQ696i95WDhV+oEe5g9QiELdADDlc1bv+nb9tVBzUTmHQgpGjwyaJMIzIV +qkfpC4RV8Ojt5ELb6XjJRFxg9Qi+4kw6mLbBc/inysvVQBmsWLLlCKpbHt02YfUB +atVODzTR5aUbcQKnNnHmojU05irbCeUXphgQKV9iuzsiWMV4edJ6tW8B10BuSlH5 +b0GNuwECgYEA/fwKmQ0jgrLjRc16cE2GWMZRmqBufTtGSw9tdohmUMIPqNt4+/XQ +gKV0sfFZgsLLUG50xqRR6mmkzS7TVwl4uRqcrF7DRKKAkyFJP3QkLSQm+4EZFxOv +dpHVLVpO1QJ+71YE4zKOdIfWRaoh5ZlEpGw3uzf+U0oNTD79X5fOA6ECgYEA1GhW +iSEbU+2YPny4qeXdf8hcSn9+Ur6cBzxLhYMUHNI9ysyAQn3//MLoRConokiUEWG5 +BLO2zSmNqvHWKRBzaGr6Zjo/tGTWgOWnpLQMq+XYmDxWxDGCTLH2edqC+VIIqBnB +QmLYBvde9En1UI/c3Cspb18Nh92I+VGZNPzPHZkCgYAPU82D7QIOmiMTDFJuQo9v +/g/gp/vi/NfCId02QQcDqqJtS0li0zPQ/6sqLel79at1YCUV88apwdRbOY8xenXZ +ndyEnndkRfZCasjT1nt0afEcTm8oMFzvZ9+YjBGj0zG72dITr/Je3++zZpADHhvB +XHKEjt1/Q0HILyj1QuEA4QKBgQCUbfkSyJzVMHI0MGnG6Ae59ORxdthqsCJOeBb6 +TJfwcAaYQgHa9Tu+gOFYSPD7WaaG4vgszf0PL1t9OpQCjClprWAfsdK0l8bBujpF +QUCdmveZooirf0FjoPTxP/5Ihcfg2GaRoor9iz3CjjAsROv8uviwiAbni6rdNuVN +/uAo+QKBgQCfQf1RBj/iMmOZdi4SifBODmseJEYeAMlfEQBHPFmThNLiflz+VN17 +uqHS5IghPK0sXb7pOQmC2hCxT2sWybJx+qKsoOYHLQyrG5kg7CgVjltm6Hzwyizt +Kuw6T4cUj1qRQG8aATL+sGuT69FHTSE3va5tlf9oYGsM6rIoA43g3w== +-----END RSA PRIVATE KEY----- diff --git a/testing/fulltests/unit-tests/T001defaultstore_clib.c b/testing/fulltests/unit-tests/T001defaultstore_clib.c new file mode 100644 index 0000000..0144f7d --- /dev/null +++ b/testing/fulltests/unit-tests/T001defaultstore_clib.c @@ -0,0 +1,35 @@ +/* HEADER Testing the default_store API */ +int i, j; +char buf[1024]; + +/* first we load everything up */ + +for(i = 0; i < NETSNMP_DS_MAX_IDS; i++) { + /* booleans */ + for(j = 0; j < NETSNMP_DS_MAX_SUBIDS; j++) { + OKF(SNMPERR_SUCCESS == netsnmp_ds_set_boolean(i, j, (i*j)%2), + ("default store boolean: setting %d/%d returned failure", i, j)); + OKF(SNMPERR_SUCCESS == netsnmp_ds_set_int(i, j, i*j), + ("default store int: setting %d/%d returned failure", i, j)); + sprintf(buf,"%d/%d", i, j); + OKF(SNMPERR_SUCCESS == netsnmp_ds_set_string(i, j, buf), + ("default store string: setting %d/%d returned failure", i, j)); + } +} + +/* then we check all the values */ + +for(i = 0; i < NETSNMP_DS_MAX_IDS; i++) { + /* booleans */ + for(j = 0; j < NETSNMP_DS_MAX_SUBIDS; j++) { + OKF(netsnmp_ds_get_boolean(i, j) == (i*j)%2, + ("default store boolean %d/%d was the expected value", i, j)); + OKF(netsnmp_ds_get_int(i, j) == (i*j), + ("default store int %d/%d was the expected value", i, j)); + sprintf(buf,"%d/%d", i, j); + OKF(strcmp(netsnmp_ds_get_string(i, j), buf) == 0, + ("default store string %d/%d was the expected value", i, j)); + } +} + +netsnmp_ds_shutdown(); diff --git a/testing/fulltests/unit-tests/T002containers_clib.c b/testing/fulltests/unit-tests/T002containers_clib.c new file mode 100644 index 0000000..99b2e94 --- /dev/null +++ b/testing/fulltests/unit-tests/T002containers_clib.c @@ -0,0 +1,35 @@ +/* HEADER Testing the container API */ + +netsnmp_container *container; +void *p; + +init_snmp("container-test"); +container = netsnmp_container_find("fifo"); +container->compare = (netsnmp_container_compare*) strcmp; + +CONTAINER_INSERT(container, "foo"); +CONTAINER_INSERT(container, "bar"); +CONTAINER_INSERT(container, "baz"); + +OK(CONTAINER_FIND(container, "bar") != NULL, + "should be able to find the stored 'bar' string"); + +OK(CONTAINER_FIND(container, "foobar") == NULL, + "shouldn't be able to find the (not) stored 'foobar' string"); + +OK(CONTAINER_SIZE(container) == 3, + "container has the proper size for the elements we've added"); + +CONTAINER_REMOVE(container, "bar"); + +OK(CONTAINER_FIND(container, "bar") == NULL, + "should no longer be able to find the (reoved) 'bar' string"); + +OK(CONTAINER_SIZE(container) == 2, + "container has the proper size for the elements after a removal"); + +while ((p = CONTAINER_FIRST(container))) + CONTAINER_REMOVE(container, p); +CONTAINER_FREE(container); + +snmp_shutdown("container-test"); diff --git a/testing/fulltests/unit-tests/T003copy_nword_clib.c b/testing/fulltests/unit-tests/T003copy_nword_clib.c new file mode 100644 index 0000000..7d67ed0 --- /dev/null +++ b/testing/fulltests/unit-tests/T003copy_nword_clib.c @@ -0,0 +1,142 @@ +/* HEADER Testing copy_nword */ + +#define ASSERT1(cond) \ + do { \ + ++__test_counter; \ + if ((cond)) \ + printf("ok %d\n", __test_counter); \ + else { \ + printf("not ok %d - %d: %s failed\n", \ + __test_counter, __LINE__, #cond); \ + } \ + } while (0) + +#define ASSERT2(cond, on_error) \ + do { \ + ++__test_counter; \ + if ((cond)) \ + printf("ok %d\n", __test_counter); \ + else { \ + printf("not ok %d - %d: %s failed, ", \ + __test_counter, __LINE__, #cond); \ + printf on_error ; \ + } \ + } while (0) + +{ + /* A quoted string */ + char input[] = "\"The red rose\""; + char output[sizeof(input)] = ""; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "The red rose") == 0, + ("output = >%s<\n", output)); + ASSERT1(run == NULL); +} + +{ + /* Escaped quotes */ + char input[] = "\\\"The red rose\\\""; + char output[sizeof(input)] = ""; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "\"The") == 0, ("output = >%s<\n", output)); + ASSERT2(run == input + 6, + ("run = input + %" NETSNMP_PRIz "d\n", run - input)); + run = copy_nword(run, output, sizeof(output)); + ASSERT2(strcmp(output, "red") == 0, ("output = >%s<\n", output)); + ASSERT2(run == input + 10, + ("run = input + %" NETSNMP_PRIz "d\n", run - input)); + run = copy_nword(run, output, sizeof(output)); + ASSERT2(strcmp(output, "rose\"") == 0, ("output = >%s<\n", output)); + ASSERT1(run == NULL); +} + +{ + /* Unterminated "-quote */ + char input[] = "\"The"; + char output[sizeof(input)] = ""; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "The") == 0, ("output = >%s<\n", output)); + ASSERT1(run == NULL); +} + +{ + /* Unterminated '-quote */ + char input[] = "\'The"; + char output[sizeof(input)] = ""; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "The") == 0, ("output = >%s<\n", output)); + ASSERT1(run == NULL); +} + +{ + /* Extract from NULL */ + char output[10] = ""; + char* run = NULL; + run = copy_nword(run, output, sizeof(output)); + ASSERT1(run == NULL); +} + +{ + /* Extract to NULL */ + char input[] = "The red rose"; + char* output = NULL; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT1(run == NULL); +} + +{ + /* Long token */ + char input[] = "\"Very long token that overflows the buffer\" foo"; + char output[10] = ""; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "Very long") == 0, ("output = >%s<\n", output)); + ASSERT2(run == input + 44, + ("run = input + %" NETSNMP_PRIz "d\n", run - input)); +} + +{ + /* Quoted end of string / embedded \0 */ + char input[] = "The\\\0red rose"; + char output[sizeof(input)] = ""; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "The\\") == 0, ("output = >%s<\n", output)); + ASSERT1(run == NULL); +} + +{ + /* Empty string */ + char input[] = ""; + char output[sizeof(input) + 1] = "X"; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "") == 0, ("output = >%s<\n", output)); + ASSERT2(run == NULL, ("run = >%s<\n", run)); +} + +{ + /* Whitespace string */ + char input[] = " \t "; + char output[sizeof(input)] = "X"; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "") == 0, ("output = >%s<\n", output)); + ASSERT2(run == NULL, ("run = >%s<\n", run)); +} + +{ + /* Quote, no whitespace after */ + char input[] = "\"The\"red rose"; + char output[sizeof(input)] = ""; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "The") == 0, ("output = >%s<\n", output)); + ASSERT2(run == input + 5, + ("run = input + %" NETSNMP_PRIz "d\n", run - input)); +} + +{ + /* Quote, no whitespace before */ + char input[] = "The\"red\" rose"; + char output[sizeof(input)] = ""; + char* run = copy_nword(input, output, sizeof(output)); + ASSERT2(strcmp(output, "The\"red\"") == 0, ("output = >%s<\n", output)); + ASSERT2(run == input + 9, + ("run = input + %" NETSNMP_PRIz "d\n", run - input)); +} diff --git a/testing/fulltests/unit-tests/T004snmp_enum_clib.c b/testing/fulltests/unit-tests/T004snmp_enum_clib.c new file mode 100644 index 0000000..d28b19b --- /dev/null +++ b/testing/fulltests/unit-tests/T004snmp_enum_clib.c @@ -0,0 +1,105 @@ +/* HEADER Testing snmp_enum */ + +#define CONFIG_TYPE "snmp-enum-unit-test" +#define STRING1 "life, and everything" +#define STRING2 "restaurant at the end of the universe" +#define STRING3 "label3" +#define LONG_STRING "a-string-of-255-characters-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------" + +#define STORE_AND_COMPARE(maj, min, s) \ + { \ + FILE *fp; \ + int read = 0; \ + char *p, contents[4096]; \ + \ + se_store_list(maj, min, CONFIG_TYPE); \ + fp = fopen(tmp_persist_file, "r"); \ + if (fp) { \ + read = fread(contents, 1, sizeof(contents) - 1, fp); \ + fclose(fp); \ + } \ + contents[read > 0 ? read : 0] = '\0'; \ + for (p = contents; *p; ++p) \ + if (*p == '\n') \ + *p = '|'; \ + OKF(strcmp(contents, (s)) == 0, \ + ("stored list %s <> %s", (s), contents)); \ + remove(tmp_persist_file); \ + } + +char tmp_persist_file[256]; +char *se_find_result; + +sprintf(tmp_persist_file, "/tmp/snmp-enum-unit-test-%d", getpid()); +netsnmp_setenv("SNMP_PERSISTENT_FILE", tmp_persist_file, 1); + +init_snmp_enum("snmp"); + +STORE_AND_COMPARE(1, 1, "enum 1:1|"); + +se_add_pair(1, 1, strdup("hi"), 1); + +STORE_AND_COMPARE(1, 1, "enum 1:1 1:hi|"); + +se_add_pair(1, 1, strdup("there"), 2); + +STORE_AND_COMPARE(1, 1, "enum 1:1 1:hi 2:there|"); + +se_add_pair(1, 1, strdup(LONG_STRING), 3); +se_add_pair(1, 1, strdup(LONG_STRING), 4); +se_add_pair(1, 1, strdup(LONG_STRING), 5); +se_add_pair(1, 1, strdup(LONG_STRING), 6); +se_add_pair(1, 1, strdup(LONG_STRING), 7); +se_add_pair(1, 1, strdup(LONG_STRING), 8); +se_add_pair(1, 1, strdup(LONG_STRING), 9); + +STORE_AND_COMPARE(1, 1, "enum 1:1 1:hi 2:there 3:" LONG_STRING " 4:" LONG_STRING + " 5:" LONG_STRING " 6:" LONG_STRING " 7:" LONG_STRING + " 8:" LONG_STRING " 9:" LONG_STRING "|"); + +se_add_pair(1, 1, strdup(LONG_STRING), 10); + +STORE_AND_COMPARE(1, 1, "enum 1:1 1:hi 2:there 3:" LONG_STRING " 4:" LONG_STRING + " 5:" LONG_STRING " 6:" LONG_STRING " 7:" LONG_STRING + " 8:" LONG_STRING " 9:" LONG_STRING "|" + "enum 1:1 10:" LONG_STRING "|"); + +OK(se_find_value(1, 1, "hi") == 1, + "lookup by number #1 should be the proper string"); +OK(strcmp(se_find_label(1, 1, 2), "there") == 0, + "lookup by string #1 should be the proper number"); + + +se_add_pair_to_slist("testing", strdup(STRING1), 42); +se_add_pair_to_slist("testing", strdup(STRING2), 2); +se_add_pair_to_slist("testing", strdup(STRING3), 2); + +OK(se_find_value_in_slist("testing", STRING1) == 42, + "lookup by number should be the proper string"); +OK(strcmp(se_find_label_in_slist("testing", 2), STRING2) == 0, + "lookup by string should be the proper number"); + +se_clear_slist("testing"); + + +se_read_conf("enum", + NETSNMP_REMOVE_CONST(char *, "2:3 1:apple 2:pear 3:kiwifruit")); +OK(se_find_list(2, 3), "list (2, 3) should be present"); +if (se_find_list(2, 3)) { + OK(se_find_value(2, 3, "kiwifruit") == 3, + "lookup by string should return the proper value"); + se_find_result = se_find_label(2, 3, 2); + OK(se_find_result && strcmp(se_find_result, "pear") == 0, + "lookup by label should return the proper string"); +} + +se_read_conf("enum", + NETSNMP_REMOVE_CONST(char *, "fruit 1:apple 2:pear 3:kiwifruit")); +OK(se_find_value_in_slist("fruit", "kiwifruit") == 3, + "lookup by string should return the proper value"); +se_find_result = se_find_label_in_slist("fruit", 2); +OK(se_find_result && strcmp(se_find_result, "pear") == 0, + "lookup by value should return the proper string"); + +clear_snmp_enum(); +unregister_all_config_handlers(); diff --git a/testing/fulltests/unit-tests/T005table_dataset_cagentlib.c b/testing/fulltests/unit-tests/T005table_dataset_cagentlib.c new file mode 100644 index 0000000..cac940e --- /dev/null +++ b/testing/fulltests/unit-tests/T005table_dataset_cagentlib.c @@ -0,0 +1,58 @@ +/* HEADER Testing table_dataset */ + +/* + * Note: the primary purpose of this unit test is to verify whether all memory + * that is allocated for storing a table dataset is freed properly. Feel free + * to extend this unit test such that it tests more of the table dataset code. + */ + +enum { COL3 = 2, COL4 = 3, COL5 = 4, }; + +static const oid Oid[] = { 1, 3, 6, 1, 3, 277 }; +netsnmp_table_data_set* tds; +netsnmp_handler_registration* th; +netsnmp_table_row* row; +int32_t ival; +int32_t i, j; + +init_agent("snmpd"); +init_snmp("snmpd"); + +tds = netsnmp_create_table_data_set("table_dataset unit-test"); +OK(tds, "table data set creation"); + +netsnmp_table_dataset_add_index(tds, ASN_INTEGER); +netsnmp_table_dataset_add_index(tds, ASN_INTEGER); +netsnmp_table_set_add_default_row(tds, COL3, ASN_INTEGER, FALSE, NULL, 0); +netsnmp_table_set_add_default_row(tds, COL4, ASN_COUNTER, FALSE, NULL, 0); +netsnmp_table_set_add_default_row(tds, COL5, ASN_OCTET_STR, FALSE, NULL, 0); + +th = netsnmp_create_handler_registration("unit-test handler", NULL, Oid, + OID_LENGTH(Oid), HANDLER_CAN_RWRITE); +OK(th, "table handler registration"); + +OK(netsnmp_register_table_data_set(th, tds, NULL) == SNMPERR_SUCCESS, + "table data set registration"); + +for (i = 1; i <= 2; i++) { + for (j = 1; j <= 2; j++) { + row = netsnmp_create_table_data_row(); + netsnmp_table_row_add_index(row, ASN_INTEGER, &i, sizeof(i)); + netsnmp_table_row_add_index(row, ASN_INTEGER, &j, sizeof(j)); + netsnmp_table_dataset_add_row(tds, row); + + ival = 10 * i + j; + OK(netsnmp_set_row_column(row, COL3, ASN_INTEGER, &ival, sizeof(ival)) + == SNMPERR_SUCCESS, "set INTEGER column"); + OK(netsnmp_set_row_column(row, COL5, ASN_OCTET_STR, "test", + sizeof("test") - 1) + == SNMPERR_SUCCESS, "set OCTET_STR column"); + } +} + +netsnmp_delete_table_data_set(tds); + +snmp_shutdown("snmpd"); +shutdown_agent(); + +OK(TRUE, "done"); diff --git a/testing/fulltests/unit-tests/T006snmp_handler_registration_cagentlib.c b/testing/fulltests/unit-tests/T006snmp_handler_registration_cagentlib.c new file mode 100644 index 0000000..ed7ae68 --- /dev/null +++ b/testing/fulltests/unit-tests/T006snmp_handler_registration_cagentlib.c @@ -0,0 +1,46 @@ +/* HEADER Testing SNMP handler registration */ + +static oid Oid[] = { 1, 3, 6, 1, 3, 327 }; /* experimental.327 */ +netsnmp_handler_registration *handler, *handler2; +netsnmp_mib_handler *dh; +netsnmp_cache *nc, *nc2; + +init_snmp("snmp"); + +handler = netsnmp_create_handler_registration("experimental.327", NULL, + Oid, OID_LENGTH(Oid), HANDLER_CAN_RWRITE); +OK(handler != NULL, "Handler creation."); + +nc = netsnmp_cache_create(10, NULL, NULL, Oid, OID_LENGTH(Oid)); +OK(nc, "netsnmp_cache allocation"); +OK(snmp_oid_compare(nc->rootoid, nc->rootoid_len, Oid, OID_LENGTH(Oid)) == 0, + "Handler private OID."); + +handler->handler->myvoid = nc; +netsnmp_cache_handler_owns_cache(handler->handler); + +nc2 = handler->handler->myvoid; +OK(nc2, "Handler private data"); +OK(snmp_oid_compare(nc2->rootoid, nc2->rootoid_len, Oid, OID_LENGTH(Oid)) == 0, + "Handler private OID."); + +OK(netsnmp_register_instance(handler) == MIB_REGISTERED_OK, + "MIB registration."); + +handler2 = netsnmp_create_handler_registration("experimental.327", NULL, + Oid, OID_LENGTH(Oid), HANDLER_CAN_RWRITE); +OK(handler2 != NULL, "Second registration"); + +OK(netsnmp_register_instance(handler2) == MIB_DUPLICATE_REGISTRATION, + "Duplicate MIB registration."); + +dh = netsnmp_handler_dup(handler->handler); +OK(dh, "Handler duplication."); + +OK(netsnmp_unregister_handler(handler) == SNMPERR_SUCCESS, + "Handler unregistration."); + +netsnmp_handler_free(dh); +OK(TRUE, "Freeing duplicate handler"); + +snmp_shutdown("snmp"); diff --git a/testing/fulltests/unit-tests/T007inet_pton_clib.c b/testing/fulltests/unit-tests/T007inet_pton_clib.c new file mode 100644 index 0000000..e9b00fa --- /dev/null +++ b/testing/fulltests/unit-tests/T007inet_pton_clib.c @@ -0,0 +1,60 @@ +/* HEADER Testing inet_pton() and inet_ntop() */ + +int i; +char str[128]; +struct in_addr in_addr; +struct in6_addr in6_addr; + +static const struct { const char* s; unsigned char b[4]; } in_testdata[] = { + { "0.0.0.0", { 0, 0, 0, 0 } }, + { "1.2.3.4", { 1, 2, 3, 4 } }, + { "255.255.255.255", { 255, 255, 255, 255 } }, +}; + +static const struct { const char* s; unsigned char b[16]; } in6_testdata[] = { + { "::", { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, }, + { "::1", { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 }, }, + { "1::", { 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, }, + { "1::1", { 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 }, }, +}; + +for (i = 0; i < sizeof(in_testdata)/sizeof(in_testdata[0]); ++i) { + const unsigned char *const b = in_testdata[i].b; + + OKF(inet_pton(AF_INET, in_testdata[i].s, &in_addr) == 1, + ("IPv4 inet_pton(%s)", in_testdata[i].s)); + OK(ntohl(in_addr.s_addr) + == ((b[0] << 24) | (b[1] << 16) | (b[2] << 8) | b[3]), + "inet_pton() value"); + OK(inet_ntop(AF_INET, &in_addr, str, sizeof(str)) == str, + "IPv4 inet_ntop()"); + OKF(strcmp(in_testdata[i].s, str) == 0, + ("%s =?= %s", in_testdata[i].s, str)); +} + + +for (i = 0; i < sizeof(in6_testdata)/sizeof(in6_testdata[0]); ++i) { + const unsigned char *const b = in6_testdata[i].b; + const unsigned char *const r = (void *)&in6_addr; + int result, j; + + result = inet_pton(AF_INET6, in6_testdata[i].s, &in6_addr); + OKF(result == 1, + ("IPv6 inet_pton(%s) -> %d; " + " %02x%02x:%02x%02x:%02x%02x:%02x%02x" + ":%02x%02x:%02x%02x:%02x%02x:%02x%02x", + in6_testdata[i].s, result, + r[0], r[1], r[ 2], r[ 3], r[ 4], r[ 5], r[ 6], r[ 7], + r[8], r[9], r[10], r[11], r[12], r[13], r[14], r[15] + )); + for (j = 0; j < 16; ++j) + printf("%02x ", b[j]); + printf("\n"); + for (j = 0; j < 16; ++j) + OKF(r[j] == b[j], + ("IPv6 inet_pton() value (%#02x =?= %#02x)", r[j], b[j])); + OK(inet_ntop(AF_INET6, &in6_addr, str, sizeof(str)) == str, + "IPv6 inet_ntop()"); + OKF(strcmp(in6_testdata[i].s, str) == 0, + ("%s =?= %s", in6_testdata[i].s, str)); +} diff --git a/testing/fulltests/unit-tests/T008asn1_clib.c b/testing/fulltests/unit-tests/T008asn1_clib.c new file mode 100644 index 0000000..73a2f73 --- /dev/null +++ b/testing/fulltests/unit-tests/T008asn1_clib.c @@ -0,0 +1,182 @@ +/* HEADER Testing ASN.1 encoding and decoding */ + +int i; + +#if 0 +snmp_set_do_debugging(TRUE); +debug_register_tokens("dumpv_recv,dumpv_send,asn"); +#endif + +{ + const long intval[] = { + -0x80000000L, + -0x7fffffffL, + -0xffffL, + -3, + -1, + 0, + 1, + 3, + 0xffff, + 0x7fffffff, + }; + for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) { + u_char encoded[256]; + size_t encoded_length; + u_char *build_result; + size_t decoded_length; + u_char decoded_type; + long decoded_value = 0; + u_char *parse_result; + + encoded_length = sizeof(encoded); + build_result = asn_build_int(encoded, &encoded_length, ASN_INTEGER, + &intval[i], sizeof(intval[i])); + OKF(build_result + encoded_length == encoded + sizeof(encoded), + ("asn_build_int(%ld)", intval[i])); + decoded_length = sizeof(encoded) - encoded_length; + parse_result = asn_parse_int(encoded, &decoded_length, &decoded_type, + &decoded_value, sizeof(decoded_value)); + OKF(parse_result == build_result && decoded_type == ASN_INTEGER + && decoded_value == intval[i], + ("asn_parse_int(asn_build_int(%ld)) %s; decoded type %d <> %d;" + " decoded value %ld", + intval[i], parse_result == build_result ? "succeeded" : "failed", + decoded_type, ASN_INTEGER, decoded_value)); + } +} + +{ + const unsigned long intval[] = { + 0, 1, 3, 0xffff, 0x7fffffff, 0x80000000U, 0xffffffffU + }; + for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) { + u_char encoded[256]; + size_t encoded_length; + u_char *build_result; + size_t decoded_length; + u_char decoded_type; + unsigned long decoded_value = 0; + u_char *parse_result; + + encoded_length = sizeof(encoded); + build_result = asn_build_unsigned_int(encoded, &encoded_length, + ASN_UINTEGER, + &intval[i], sizeof(intval[i])); + OKF(build_result + encoded_length == encoded + sizeof(encoded), + ("asn_build_unsigned_int(%lu)", intval[i])); + decoded_length = sizeof(encoded) - encoded_length; + parse_result = asn_parse_unsigned_int(encoded, &decoded_length, + &decoded_type, &decoded_value, + sizeof(decoded_value)); + OKF(parse_result && decoded_type == ASN_UINTEGER + && decoded_value == intval[i], + ("asn_parse_unsigned_int(asn_build_unsigned_int(%lu)) %s;" + " decoded type %d <> %d; decoded value %lu", + intval[i], parse_result == build_result ? "succeeded" : "failed", + decoded_type, ASN_UINTEGER, decoded_value)); + } +} + +#ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES + +#define TOINT64(c) ((long long)(long)(c).high << 32 | (c).low) + +{ + const struct counter64 intval[] = { + { 0x80000000U, 0U }, + { 0x80000000U, 0xffffffffU }, + { 0xffffffffU, 0 }, + { 0xffffffffU, 0xffff0000U }, + { 0xffffffffU, 0xfffffffcU }, + { 0xffffffffU, 0xffffffffU }, + { 0, 0 }, + { 0, 1 }, + { 0, 3 }, + { 0, 0xffff }, + { 0, 0x7fffffff }, + { 1, 0 }, + { 1, 0xffffffff }, + { 0x7fffffff, 0 }, + { 0x7fffffff, 0xdeadbeef }, + { 0x7fffffff, 0xffffffff }, + }; + for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) { + u_char encoded[256]; + size_t encoded_length; + u_char *build_result; + size_t decoded_length; + u_char decoded_type; + struct counter64 decoded_value = { }; + u_char *parse_result; + + encoded_length = sizeof(encoded); + build_result = asn_build_signed_int64(encoded, &encoded_length, + ASN_OPAQUE_I64, + &intval[i], sizeof(intval[i])); + OKF(build_result + encoded_length == encoded + sizeof(encoded), + ("asn_build_signed_int64(%lld)", TOINT64(intval[i]))); + decoded_length = sizeof(encoded) - encoded_length; + parse_result = asn_parse_signed_int64(encoded, &decoded_length, + &decoded_type, &decoded_value, + sizeof(decoded_value)); + OKF(parse_result == build_result && decoded_type == ASN_OPAQUE_I64 + && memcmp(&decoded_value, &intval[i], sizeof(decoded_value)) == 0, + ("asn_parse_signed_int64(asn_build_signed_int64(%lld)) %s;" + " decoded type %d <> %d; decoded value %lld", + TOINT64(intval[i]), + parse_result == build_result ? "succeeded" : "failed", + decoded_type, ASN_OPAQUE_I64, TOINT64(decoded_value))); + } +} + +#endif + +#define TOUINT64(c) ((unsigned long long)(c).high << 32 | (c).low) + +{ + const struct counter64 intval[] = { + { 0, 0 }, + { 0, 1 }, + { 0, 3 }, + { 0, 0xffff }, + { 0, 0x7fffffff }, + { 0, 0x80000000 }, + { 0, 0xffffffff }, + { 1, 0 }, + { 1, 0xffffffff }, + { 0x7fffffff, 0 }, + { 0x7fffffff, 0xdeadbeef }, + { 0x7fffffff, 0xffffffff }, + { 0xffffffff, 0 }, + { 0xffffffff, 0xdeadbeef }, + { 0xffffffff, 0xffffffff }, + }; + for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) { + u_char encoded[256]; + size_t encoded_length; + u_char *build_result; + size_t decoded_length; + u_char decoded_type; + struct counter64 decoded_value = { }; + u_char *parse_result; + + encoded_length = sizeof(encoded); + build_result = asn_build_unsigned_int64(encoded, &encoded_length, + ASN_COUNTER64, + &intval[i], sizeof(intval[i])); + OKF(build_result + encoded_length == encoded + sizeof(encoded), + ("asn_build_unsigned_int64(%llu)", TOUINT64(intval[i]))); + decoded_length = sizeof(encoded) - encoded_length; + parse_result = asn_parse_unsigned_int64(encoded, &decoded_length, + &decoded_type, &decoded_value, + sizeof(decoded_value)); + OKF(parse_result && decoded_type == ASN_COUNTER64 + && memcmp(&decoded_value, &intval[i], sizeof(decoded_value)) == 0, + ("asn_parse_unsigned_int64(asn_build_unsigned_int64(%llu)) %s;" + " decoded type %d <> %d; decoded value %llu", + TOUINT64(intval[i]), + parse_result == build_result ? "succeeded" : "failed", + decoded_type, ASN_COUNTER64, TOUINT64(decoded_value))); + } +} diff --git a/testing/fulltests/unit-tests/T009large_fd_set_clib.c b/testing/fulltests/unit-tests/T009large_fd_set_clib.c new file mode 100644 index 0000000..eee4d41 --- /dev/null +++ b/testing/fulltests/unit-tests/T009large_fd_set_clib.c @@ -0,0 +1,46 @@ +/* HEADER Testing netsnmp_large_fd_set */ + +netsnmp_large_fd_set fds; +netsnmp_large_fd_set_init(&fds, 2000); +OKF(fds.lfs_setsize == 2000, ("initialization")); +OKF(netsnmp_large_fd_set_resize(&fds, 2000) == 1, ("resizing to 2000")); +NETSNMP_LARGE_FD_ZERO(&fds); + +{ + int i; + for (i = 0; i < fds.lfs_setsize; ++i) { + OKF(!NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is not set", i)); + NETSNMP_LARGE_FD_SET(i, &fds); + OKF(NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is set", i)); + NETSNMP_LARGE_FD_CLR(i, &fds); + OKF(!NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is not set", i)); + } +} + +OKF(netsnmp_large_fd_set_resize(&fds, 3000) == 1, ("resizing to 3000")); + +{ + int i; + for (i = 0; i < fds.lfs_setsize; ++i) { + OKF(!NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is not set", i)); + NETSNMP_LARGE_FD_SET(i, &fds); + OKF(NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is set", i)); + NETSNMP_LARGE_FD_CLR(i, &fds); + OKF(!NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is not set", i)); + } +} + +OKF(netsnmp_large_fd_set_resize(&fds, 1000) == 1, ("resizing to 1000")); + +{ + int i; + for (i = 0; i < fds.lfs_setsize; ++i) { + OKF(!NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is not set", i)); + NETSNMP_LARGE_FD_SET(i, &fds); + OKF(NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is set", i)); + NETSNMP_LARGE_FD_CLR(i, &fds); + OKF(!NETSNMP_LARGE_FD_ISSET(i, &fds), ("%d is not set", i)); + } +} + +netsnmp_large_fd_set_cleanup(&fds); diff --git a/testing/fulltests/unit-tests/T010netsnmp_string_time_to_secs_clib.c b/testing/fulltests/unit-tests/T010netsnmp_string_time_to_secs_clib.c new file mode 100644 index 0000000..e31aeeb --- /dev/null +++ b/testing/fulltests/unit-tests/T010netsnmp_string_time_to_secs_clib.c @@ -0,0 +1,45 @@ +/* HEADER Testing the netsnmp_string_time_to_secs API */ +int secs; + +#define TESTIT(x,y) \ + OKF(y == (secs = netsnmp_string_time_to_secs(x)), \ + ("netsnmp_string_time_to_secs of %s returned %d, not 5", x, secs)) + +TESTIT("5", 5); +TESTIT("5", 5); + +TESTIT("5s", 5); +TESTIT("5S", 5); + +TESTIT("5m", 5 * 60); +TESTIT("5M", 5 * 60); + +TESTIT("5h", 5 * 60 * 60); +TESTIT("5H", 5 * 60 * 60); + +TESTIT("5d", 5 * 60 * 60 * 24); +TESTIT("5D", 5 * 60 * 60 * 24); + +TESTIT("5w", 5 * 60 * 60 * 24 * 7); +TESTIT("5W", 5 * 60 * 60 * 24 * 7); + +/* now with longer times */ +TESTIT("1234", 1234); +TESTIT("1234", 1234); + +TESTIT("1234s", 1234); +TESTIT("1234S", 1234); + +TESTIT("1234m", 1234 * 60); +TESTIT("1234M", 1234 * 60); + +TESTIT("1234h", 1234 * 60 * 60); +TESTIT("1234H", 1234 * 60 * 60); + +TESTIT("1234d", 1234 * 60 * 60 * 24); +TESTIT("1234D", 1234 * 60 * 60 * 24); + +TESTIT("1234w", 1234 * 60 * 60 * 24 * 7); +TESTIT("1234W", 1234 * 60 * 60 * 24 * 7); + + diff --git a/testing/fulltests/unit-tests/T011snmp_old_api_registration_cagentlib.c b/testing/fulltests/unit-tests/T011snmp_old_api_registration_cagentlib.c new file mode 100644 index 0000000..6f1d449 --- /dev/null +++ b/testing/fulltests/unit-tests/T011snmp_old_api_registration_cagentlib.c @@ -0,0 +1,46 @@ +/* HEADER Testing SNMP handler registration via the old API */ + +static oid Oid[] = { 1, 3, 6, 1, 3, 327 }; /* experimental.327 */ +struct variable var_array[] = { + { 0, 0/*type*/, 0/*acl*/, NULL/*findVar*/, 7, { 1, 3, 6, 1, 3, 327, 1 } }, + { 0, 0/*type*/, 0/*acl*/, NULL/*findVar*/, 7, { 1, 3, 6, 1, 3, 327, 2 } }, + { 0, 0/*type*/, 0/*acl*/, NULL/*findVar*/, 7, { 1, 3, 6, 1, 3, 327, 3 } }, +}; +netsnmp_session *sess; +int res; + +init_snmp("snmp"); + +sess = calloc(1, sizeof(*sess)); +snmp_sess_init(sess); + +res = +netsnmp_register_old_api("exp.327.a", + var_array, + sizeof(var_array[0]), + sizeof(var_array)/sizeof(var_array[0]), + Oid, + sizeof(Oid)/sizeof(Oid[0]), + 2, /* priority */ + 0, /* range_subid */ + 0, /* range_ubound */ + sess, + "context", 5/*timeout*/, 0/*flags - ignored*/); +OK(res == SNMPERR_SUCCESS, "Handler registration (1)."); + +/* Verify that duplicate registration does not cause any havoc. */ +res = +netsnmp_register_old_api("exp.327.b", + var_array, + sizeof(var_array[0]), + sizeof(var_array)/sizeof(var_array[0]), + Oid, + sizeof(Oid)/sizeof(Oid[0]), + 2, /* priority */ + 0, /* range_subid */ + 0, /* range_ubound */ + sess, + "context", 5/*timeout*/, 0/*flags - ignored*/); +OK(res == SNMPERR_SUCCESS, "Handler registration (2)."); + +snmp_shutdown("snmp"); diff --git a/testing/fulltests/unit-tests/T012binary_array_oid_clib.c b/testing/fulltests/unit-tests/T012binary_array_oid_clib.c new file mode 100644 index 0000000..aeeb502 --- /dev/null +++ b/testing/fulltests/unit-tests/T012binary_array_oid_clib.c @@ -0,0 +1,72 @@ +/* HEADER Testing binary OID array */ + +static const char test_name[] = "binary-array-of-OIDs-test"; +oid o1 = 1; +oid o2 = 2; +oid o3 = 6; +oid o4 = 8; +oid o5 = 9; +oid ox = 7; +oid oy = 10; +netsnmp_index i1, i2, i3, i4, i5, ix, iy, *ip; +const netsnmp_index *const i_last = &i5; +netsnmp_index *a[] = { &ix, &iy }; +netsnmp_index *b[] = { &i4, &i2, &i3, &i1, &i5 }; +netsnmp_container *c; +int i; + +init_snmp(test_name); + +c = netsnmp_container_get_binary_array(); +c->compare = netsnmp_compare_netsnmp_index; + +i1.oids = &o1; +i2.oids = &o2; +i3.oids = &o3; +i4.oids = &o4; +i5.oids = &o5; +ix.oids = &ox; +iy.oids = &oy; +i1.len = i2.len = i3.len = i4.len = i5.len = ix.len = iy.len = 1; + +for (i = 0; i < sizeof(b)/sizeof(b[0]); ++i) + CONTAINER_INSERT(c, b[i]); + +for (ip = CONTAINER_FIRST(c); ip; ip = CONTAINER_NEXT(c, ip)) { + for (i = sizeof(b)/sizeof(b[0]) - 1; i >= 0; --i) + if (c->compare(ip, b[i]) == 0) + break; + OKF(i >= 0, ("OID b[%d] = %" NETSNMP_PRIo "d present", i, b[i]->oids[0])); +} + +for (i = 0; i < sizeof(b)/sizeof(b[0]); ++i) { + ip = CONTAINER_FIND(c, b[i]); + OKF(ip, ("Value b[%d] = %" NETSNMP_PRIo "d present", i, b[i]->oids[0])); + ip = CONTAINER_NEXT(c, b[i]); + if (c->compare(b[i], i_last) < 0) + OKF(ip && c->compare(b[i], ip) < 0, + ("Successor of b[%d] = %" NETSNMP_PRIo "d is %" NETSNMP_PRIo "d", + i, b[i]->oids[0], ip->oids[0])); + else + OKF(!ip, ("No successor found for b[%d] = %" NETSNMP_PRIo "d", i, + b[i]->oids[0])); +} + +for (i = 0; i < sizeof(a)/sizeof(a[0]); ++i) { + ip = CONTAINER_FIND(c, a[i]); + OKF(!ip, ("a[%d] = %" NETSNMP_PRIo "d absent", i, a[i]->oids[0])); + ip = CONTAINER_NEXT(c, a[i]); + if (c->compare(a[i], i_last) < 0) + OKF(ip && c->compare(ip, a[i]) > 0, + ("Successor of a[%d] = %" NETSNMP_PRIo "d is %" NETSNMP_PRIo "d", + i, a[i]->oids[0], ip->oids[0])); + else + OKF(!ip, ("No successor found for a[%d] = %" NETSNMP_PRIo "d", i, + a[i]->oids[0])); +} + +while ((ip = CONTAINER_FIRST(c))) + CONTAINER_REMOVE(c, ip); +CONTAINER_FREE(c); + +snmp_shutdown(test_name); diff --git a/testing/fulltests/unit-tests/T013binary_array_string_clib.c b/testing/fulltests/unit-tests/T013binary_array_string_clib.c new file mode 100644 index 0000000..cc4361b --- /dev/null +++ b/testing/fulltests/unit-tests/T013binary_array_string_clib.c @@ -0,0 +1,59 @@ +/* HEADER Testing binary string array */ + +static const char test_name[] = "binary-array-of-strings-test"; +const char o1[] = "zebra"; +const char o2[] = "b-two"; +const char o3[] = "b"; +const char o4[] = "cedar"; +const char o5[] = "alpha"; +const char ox[] = "dev"; +const char oy[] = "aa"; +const char* const o_last = o1; +const char *ip; +const char *const a[] = { ox, oy }; +const char *const b[] = { o4, o2, o3, o1, o5 }; +netsnmp_container *c; +int i; + +init_snmp(test_name); + +c = netsnmp_container_get_binary_array(); +c->compare = (netsnmp_container_compare*)strcmp; + +for (i = 0; i < sizeof(b)/sizeof(b[0]); ++i) + CONTAINER_INSERT(c, b[i]); + +for (ip = CONTAINER_FIRST(c); ip; ip = CONTAINER_NEXT(c, ip)) { + for (i = sizeof(b)/sizeof(b[0]) - 1; i >= 0; --i) + if (c->compare(ip, b[i]) == 0) + break; + OKF(i >= 0, ("string b[%d] = \"%s\" present", i, b[i])); +} + +for (i = 0; i < sizeof(b)/sizeof(b[0]); ++i) { + ip = CONTAINER_FIND(c, b[i]); + OKF(ip, ("b[%d] = \"%s\" present", i, b[i])); + ip = CONTAINER_NEXT(c, b[i]); + if (c->compare(b[i], o_last) < 0) + OKF(ip && c->compare(b[i], ip) < 0, + ("Successor of b[%d] = \"%s\" is \"%s\"", i, b[i], ip)); + else + OKF(!ip, ("No successor found for b[%d] = \"%s\"", i, b[i])); +} + +for (i = 0; i < sizeof(a)/sizeof(a[0]); ++i) { + ip = CONTAINER_FIND(c, a[i]); + OKF(!ip, ("a[%d] = \"%s\" absent", i, a[i])); + ip = CONTAINER_NEXT(c, a[i]); + if (c->compare(a[i], o_last) < 0) + OKF(ip && c->compare(ip, a[i]) > 0, + ("Successor of a[%d] = \"%s\" is \"%s\"", i, a[i], ip)); + else + OKF(!ip, ("No successor found for a[%d] = \"%s\"", i, a[i])); +} + +while ((ip = CONTAINER_FIRST(c))) + CONTAINER_REMOVE(c, ip); +CONTAINER_FREE(c); + +snmp_shutdown(test_name); diff --git a/testing/fulltests/unit-tests/T014gethostbyaddr_clib.c b/testing/fulltests/unit-tests/T014gethostbyaddr_clib.c new file mode 100644 index 0000000..4c633ed --- /dev/null +++ b/testing/fulltests/unit-tests/T014gethostbyaddr_clib.c @@ -0,0 +1,55 @@ +/* HEADER Testing netsnmp_gethostbyaddr() */ + +SOCK_STARTUP; + +{ + int ran_test = 0; +#ifdef HAVE_GETHOSTBYADDR + struct hostent *h; + struct in_addr v4loop; + struct sockaddr_in sin_addr; + int s; + + v4loop.s_addr = htonl(INADDR_LOOPBACK); + memset(&sin_addr, 0, sizeof(sin_addr)); + sin_addr.sin_family = AF_INET; + sin_addr.sin_addr = v4loop; + s = socket(AF_INET, SOCK_DGRAM, 0); + if (s >= 0) { + if (bind(s, (struct sockaddr *)&sin_addr, sizeof(sin_addr)) >= 0) { + h = netsnmp_gethostbyaddr(&v4loop, sizeof(v4loop), AF_INET); + OKF(h && strcmp(h->h_name, "localhost") == 0, + ("127.0.0.1 lookup (%s)", h ? h->h_name : "(failed)")); + ran_test = 1; + } + close(s); + } +#endif + if (!ran_test) + OKF(1, ("Skipped IPv4 test")); +} + +{ + struct hostent *h; + static const struct in6_addr v6loop = IN6ADDR_LOOPBACK_INIT; + struct sockaddr_in6 sin6_addr; + int s, ran_test = 0; + + memset(&sin6_addr, 0, sizeof(sin6_addr)); + sin6_addr.sin6_family = AF_INET6; + sin6_addr.sin6_addr = v6loop; + s = socket(AF_INET6, SOCK_DGRAM, 0); + if (s >= 0) { + if (bind(s, (struct sockaddr*)&sin6_addr, sizeof(sin6_addr)) >= 0) { + h = netsnmp_gethostbyaddr(&v6loop, sizeof(v6loop), AF_INET6); + OKF(h && strcmp(h->h_name, "localhost") == 0, + ("::1 lookup (%s)", h ? h->h_name : "(failed)")); + ran_test = 1; + } + close(s); + } + if (!ran_test) + OKF(1, ("Skipped IPv6 test")); +} + +SOCK_CLEANUP; diff --git a/testing/fulltests/unit-tests/T015int64_clib.c b/testing/fulltests/unit-tests/T015int64_clib.c new file mode 100644 index 0000000..5f5f4b6 --- /dev/null +++ b/testing/fulltests/unit-tests/T015int64_clib.c @@ -0,0 +1,82 @@ +/* HEADER Testing 64-bit integer operations (U64). */ + +int i, j; +char buf[22]; +static const int64_t intval[] = { + 0, + -1, + 1, + 37, + 0x7fffffffUL, + 0x80000000UL, + 0x99999999UL, + 0x7fffffffffffffffULL, + 0x8000000000000000ULL, +}; + +for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) { + U64 a, b; + a.low = (uint32_t)intval[i]; + a.high = (uint32_t)(intval[i] >> 32); + printI64(buf, &a); + read64(&b, buf); + OKF(memcmp(&a, &b, sizeof(a)) == 0, + ("[%d]: %" PRId64 " <> %s <> %" PRId64, i, intval[i], buf, + ((uint64_t)b.high) << 32 | b.low)); +} + +for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) { + for (j = i; j < sizeof(intval)/sizeof(intval[0]); ++j) { + U64 a, b; + uint64_t d; + a.low = (uint32_t)intval[i]; + a.high = (uint32_t)(intval[i] >> 32); + b.low = (uint32_t)intval[j]; + b.high = (uint32_t)(intval[j] >> 32); + u64Incr(&a, &b); + d = (uint64_t)a.high << 32 | a.low; + OKF(intval[i] + intval[j] == d, + ("%" PRId64 " + %" PRId64 " = %" PRId64 " <> %" PRId64, intval[i], + intval[j], intval[i] + intval[j], d)); + } +} + +for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) { + for (j = i; j < sizeof(intval)/sizeof(intval[0]); ++j) { + U64 a, b, c; + uint64_t d; + a.low = (uint32_t)intval[i]; + a.high = (uint32_t)(intval[i] >> 32); + b.low = (uint32_t)intval[j]; + b.high = (uint32_t)(intval[j] >> 32); + u64Subtract(&a, &b, &c); + d = (uint64_t)c.high << 32 | c.low; + OKF(intval[i] - intval[j] == d, + ("%" PRId64 " - %" PRId64 " = %" PRId64 " <> %" PRId64, intval[i], + intval[j], intval[i] - intval[j], d)); + } +} + +{ + U64 old_val, new_val; + old_val.low = 7; + old_val.high = 0; + new_val = old_val; + OK(netsnmp_c64_check_for_32bit_wrap(&old_val, &new_val, 0) == 0, "cwrap1"); + new_val.low = 8; + OK(netsnmp_c64_check_for_32bit_wrap(&old_val, &new_val, 0) == 0, "cwrap2"); + new_val.low = 6; + OK(netsnmp_c64_check_for_32bit_wrap(&old_val, &new_val, 0) == 32, "cwrap3"); + OK(netsnmp_c64_check_for_32bit_wrap(&old_val, &new_val, 1) == 32 + && new_val.low == 6 && new_val.high == 1, "cwrap4"); + old_val.low = 7; + old_val.high = 0xffffffffU; + new_val.low = 7; + new_val.high = old_val.high; + OK(netsnmp_c64_check_for_32bit_wrap(&old_val, &new_val, 0) == 0, "cwrap5"); + new_val.low = 8; + OK(netsnmp_c64_check_for_32bit_wrap(&old_val, &new_val, 0) == 0, "cwrap6"); + new_val.low = 6; + new_val.high = 0; + OK(netsnmp_c64_check_for_32bit_wrap(&old_val, &new_val, 0) == 64, "cwrap7"); +} diff --git a/testing/fulltests/unit-tests/T016read_config_clib.c b/testing/fulltests/unit-tests/T016read_config_clib.c new file mode 100644 index 0000000..c11a591 --- /dev/null +++ b/testing/fulltests/unit-tests/T016read_config_clib.c @@ -0,0 +1,82 @@ +/* HEADER Testing read_config_read_octet_string_const(). */ + +struct read_config_testcase { + /* + * inputs + */ + const char *(*pf) (const char * readfrom, u_char ** str, + size_t * len); + const char *readfrom; + size_t obuf_len; + + /* + * expected outputs + */ + size_t expected_offset; + const u_char *expected_output; + size_t expected_len; +}; + +static const u_char obuf1[] = { 1, 0, 2 }; +static const u_char obuf2[] = { 'a', 'b', 'c', 0 }; + +static const struct read_config_testcase test_input[] = { + { &read_config_read_octet_string_const, "", 1, -1, NULL, 0 }, + { &read_config_read_octet_string_const, "0x0", 1, -1, NULL, 1 }, + { &read_config_read_octet_string_const, "0x0 0", 1, -1, NULL, 1 }, + + { &read_config_read_octet_string_const, "0x010002", 1, -1, NULL, 0 }, + { &read_config_read_octet_string_const, "0x010002", 2, -1, NULL, 0 }, + { &read_config_read_octet_string_const, "0x010002", 3, -1, obuf1, 0 }, + { &read_config_read_octet_string_const, "0x010002", 4, -1, obuf1, 3 }, + { &read_config_read_octet_string_const, "0x010002 0", 4, 9, obuf1, 3 }, + { &read_config_read_octet_string_const, "0x010002", 0, -1, obuf1, 3 }, + + { &read_config_read_octet_string_const, "abc", 1, -1, NULL, 0 }, + { &read_config_read_octet_string_const, "abc z", 1, 4, NULL, 0 }, + { &read_config_read_octet_string_const, "abc", 2, -1, NULL, 1 }, + { &read_config_read_octet_string_const, "abc", 3, -1, obuf2, 2 }, + { &read_config_read_octet_string_const, "abc", 4, -1, obuf2, 3 }, + { &read_config_read_octet_string_const, "abc z", 4, 4, obuf2, 3 }, + { &read_config_read_octet_string_const, "abc", 0, -1, obuf2, 3 }, +}; + +unsigned int i, j, ok; + +for (i = 0; i < sizeof(test_input) / sizeof(test_input[0]); i++) { + const struct read_config_testcase *const p = &test_input[i]; + size_t len = p->obuf_len; + u_char *str = len > 0 ? malloc(len) : NULL; + const char *result; + size_t offset; + + fflush(stdout); + result = (p->pf) (p->readfrom, &str, &len); + offset = result ? result - p->readfrom : -1; + OKF(offset == p->expected_offset, + ("test %d: expected offset %zd, got offset %" NETSNMP_PRIz "d", + i, p->expected_offset, offset)); + if (offset == p->expected_offset) { + OKF(len == p->expected_len, + ("test %d: expected length %" NETSNMP_PRIz "d, got length %" + NETSNMP_PRIz "d", i, p->expected_len, len)); + if (len == p->expected_len) { + ok = len < 0 || !p->expected_output + || memcmp(str, p->expected_output, len) == 0 + || p->expected_output[len] != 0; + OKF(ok, ("test %d: output buffer mismatch", i)); + if (!ok) { + printf("Expected: "); + for (j = 0; j < p->expected_len; ++j) + printf("%02x ", p->expected_output[j]); + printf("\nActual: "); + for (j = 0; j < len; ++j) + printf("%02x ", str[j]); + printf("\n"); + } + } + } + + if (str) + free(str); +} diff --git a/testing/fulltests/unit-tests/T017strtoull_clib.c b/testing/fulltests/unit-tests/T017strtoull_clib.c new file mode 100644 index 0000000..4ab9cad --- /dev/null +++ b/testing/fulltests/unit-tests/T017strtoull_clib.c @@ -0,0 +1,94 @@ +/* HEADER Testing strtoull(). */ + +#ifdef HAVE_STRTOULL + +OK(1, "Skipping strtoull() test because using strtoull() from C library.\n");; + +#else + +/* + * UINT64_C: C99 macro for the suffix for uint64_t constants. + */ +#ifndef UINT64_C +#ifdef _MSC_VER +#define UINT64_C(c) c##ui64 +#else +#define UINT64_C(c) c##ULL +#endif +#endif + +/* + * According to the C99 standard, the constant ULLONG_MAX must be defined in + * <limits.h>. Define it here for pre-C99 compilers. + */ +#ifndef ULLONG_MAX +#define ULLONG_MAX UINT64_C(0xffffffffffffffff) +#endif + +#ifndef PRIu64 +#ifdef _MSC_VER +#define PRIu64 "I64u" +#else +#define PRIu64 "llu" +#endif +#endif + +struct strtoull_testcase { + /* + * inputs + */ + const char *nptr; + int base; + /* + * expected outputs + */ + int expected_errno; + int expected_end; + uint64_t expected_result; +}; + +static const struct strtoull_testcase test_input[] = { + {"0x0", 0, 0, 3, 0}, + {"1", 0, 0, 1, 1}, + {"0x1", 0, 0, 3, 1}, + {" -0666", 0, 0, 7, -0666}, + {" -0x666", 0, 0, 8, -0x666}, + {"18446744073709551614", 0, 0, 20, UINT64_C(0xfffffffffffffffe)}, + {"0xfffffffffffffffe", 0, 0, 18, UINT64_C(0xfffffffffffffffe)}, + {"18446744073709551615", 0, 0, 20, UINT64_C(0xffffffffffffffff)}, + {"0xffffffffffffffff", 0, 0, 18, UINT64_C(0xffffffffffffffff)}, + {"18446744073709551616", 0, ERANGE, 20, UINT64_C(0xffffffffffffffff)}, + {"0x10000000000000000", 0, ERANGE, 19, UINT64_C(0xffffffffffffffff)}, + {"ff", 16, 0, 2, 255}, + {"0xff", 16, 0, 4, 255}, + {" ", 0, 0, 0, 0}, + {"0x", 0, 0, 1, 0}, + {"0x", 8, 0, 1, 0}, + {"0x", 16, 0, 1, 0}, + {"zyyy", 0, 0, 0, 0}, + {"0xfffffffffffffffff", 0, ERANGE, 19, ULLONG_MAX}, + {"0xfffffffffffffffffz", 0, ERANGE, 19, ULLONG_MAX} +}; + +unsigned int i; + +for (i = 0; i < sizeof(test_input) / sizeof(test_input[0]); i++) { + const struct strtoull_testcase *const p = &test_input[i]; + char *endptr; + uint64_t result; + + errno = 0; + result = strtoull(p->nptr, &endptr, p->base); + OKF(errno == p->expected_errno, + ("test %d (input \"%s\"): expected errno %d, got errno %d", + i, p->nptr, p->expected_errno, errno)); + OKF(result == p->expected_result, + ("test %d (input \"%s\"): expected result %" PRIu64 + ", got result %" PRIu64, + i, p->nptr, p->expected_result, result)); + OKF(endptr - p->nptr == p->expected_end, + ("test %d (input \"%s\"): expected end %d, got end %d", + i, p->nptr, p->expected_end, (int) (endptr - p->nptr))); +} + +#endif diff --git a/testing/fulltests/unit-tests/T018read_config_capp.c b/testing/fulltests/unit-tests/T018read_config_capp.c new file mode 100644 index 0000000..d6a92c9 --- /dev/null +++ b/testing/fulltests/unit-tests/T018read_config_capp.c @@ -0,0 +1,129 @@ +/* + * etimetest.c + * + * HEADER Testing read_config.c shutdown callback + * + * Expected SUCCESSes for all tests: 8 + * + * Test of snmpd_unregister_config_handler SUCCESSes: 4 + * Test of unregister_all_config_handlers SUCCESSes: 4 + * + */ + +#include <net-snmp/net-snmp-config.h> +#include <net-snmp/net-snmp-includes.h> +#include <net-snmp/agent/net-snmp-agent-includes.h> +#include <net-snmp/library/testing.h> + +/* #undef TEST_INTERNAL_API */ +#define TEST_INTERNAL_API 1 + +/* + * Global variables. + */ +int callback_called = 0; + +static void test_callback(void); +static void test_callback(void) { + ++callback_called; +}; + +static void parse_config(const char *token, char *cptr); +static void parse_config(const char *token, char *cptr) { + /* do nothing */ +}; + +/* each test returns 0 on success, and >0 on failure */ +int test1(void); +int test2(void); +int test3(void); + +int (*tests[])(void) = { test1, test2, test3 }; + +int main(int argc, char *argv[]) +{ + int i,ret=0; + for(i=0;i<sizeof(tests)/sizeof(*tests);++i) + ret+=tests[i](); + if (__did_plan == 0) { + PLAN(__test_counter); + } + return ret; +} + +int test1() { + int sum = 0; + callback_called = 0; + fprintf(stdout, "# snmpd_unregister_config_handler tests\n"); + init_snmp("testing"); + OKF(callback_called==0, ("Callback shouldn't be called before registering it - it was called %d times\n",callback_called)); + sum += callback_called; + + callback_called = 0; + register_app_config_handler("testing", parse_config, test_callback, "module-name module-path"); + OKF(callback_called==0, ("Callback shouldn't be called after registering it - it was called %d times\n",callback_called)); + sum += callback_called; + + callback_called = 0; + unregister_app_config_handler("testing"); + OKF(callback_called==1, ("Callback should have been called once and only once after unregistering handler - it was called %d times\n",callback_called)); + sum += callback_called; + + callback_called = 0; + snmp_shutdown("testing"); + OKF(callback_called==0, ("Callback should have been called once and only once after shutdown - it was called %d times\n",callback_called)); + sum += callback_called; + + return (sum==1)?0:1; +} + +int test2(void) { + int sum = 0; + callback_called = 0; + fprintf(stdout, "# unregister_all_config_handlers tests\n"); + init_snmp("testing"); + OKF(callback_called==0, ("Callback shouldn't be called before registering it - it was called %d times\n",callback_called)); + sum += callback_called; + + callback_called = 0; + register_app_config_handler("testing", parse_config, test_callback, "module-name module-path"); + OKF(callback_called==0, ("Callback shouldn't be called after registering it - it was called %d times\n",callback_called)); + sum += callback_called; + + callback_called = 0; + snmp_shutdown("testing"); + OKF(callback_called==1, ("Callback should have been called once and only once during shutdown - it was called %d times\n",callback_called)); + sum += callback_called; + + return (sum==1)?0:1; +} + +int test3(void) { +#ifdef TEST_INTERNAL_API + int sum = 0; + callback_called = 0; + fprintf(stdout, "# unregister_all_config_handlers internal api tests\n"); + init_snmp("testing"); + OKF(callback_called==0, ("Callback shouldn't be called before registering it - it was called %d times\n",callback_called)); + sum += callback_called; + + callback_called = 0; + register_app_config_handler("testing", parse_config, test_callback, "module-name module-path"); + OKF(callback_called==0, ("Callback shouldn't be called after registering it - it was called %d times\n",callback_called)); + sum += callback_called; + + callback_called = 0; + unregister_all_config_handlers(); + OKF(callback_called==1, ("Callback should have been called once and only once after unregistering handler - it was called %d times\n",callback_called)); + sum += callback_called; + + callback_called = 0; + snmp_shutdown("testing"); + OKF(callback_called==0, ("Callback should not have been called during shutdown after unregistering handler - it was called %d times\n",callback_called)); + sum += callback_called; + + return (sum==1)?0:1; +#else + return 0; +#endif +} diff --git a/testing/fulltests/unit-tests/T019_snmp_service_clib.c b/testing/fulltests/unit-tests/T019_snmp_service_clib.c new file mode 100644 index 0000000..42ec8d3 --- /dev/null +++ b/testing/fulltests/unit-tests/T019_snmp_service_clib.c @@ -0,0 +1,253 @@ +/* HEADER Testing domain and target registrations from snmp_service. */ + +/* Setup configuration reading */ +netsnmp_ds_set_string(NETSNMP_DS_LIBRARY_ID, + NETSNMP_DS_LIB_APPTYPE, "testprog"); + +netsnmp_register_service_handlers(); + +netsnmp_ds_set_boolean(NETSNMP_DS_LIBRARY_ID, + NETSNMP_DS_LIB_HAVE_READ_CONFIG, 1); + +/* Clear all default values */ +netsnmp_clear_default_domain(); +netsnmp_clear_default_target(); + +/* Test domain lookup */ + +OK(netsnmp_register_default_domain("a", "") == 0, + "register an empty token in domain 'a'"); + +OK(netsnmp_register_default_domain("b", "alfa") == 0, + "register a single token in domain 'b'"); + +OK(netsnmp_register_default_domain("c", "alfa beta") == 0, + "register two tokens in domain 'c'"); + +#define OK_STRCMP(name, value, expected) \ + OKF(value != NULL && strcmp(expected, value) == 0, \ + ("Lookup of '" #name "' expected '" expected "', got %s%s%s", \ + value ? "'" : "", value ? value : "NULL", value ? "'" : "")) + +#define OK_STR_IS_NULL(name, value) \ + OKF(value == NULL, \ + ("Lookup of '" #name "' expected NULL, got %s%s%s", \ + value ? "'" : "", value ? value : "NULL", value ? "'" : "")) + +#define OK_IS_NULL(name, value) \ + OKF(value == NULL, ("Lookup of '" #name "' expected NULL, got %p", value)) + +#define OK_IS_NOT_NULL(name, value) \ + OKF(value != NULL, ("Lookup of '" #name "' expected non-NULL, got %p", value)) + +{ + const char *t; + + t = netsnmp_lookup_default_domain("a"); + OK_STRCMP(a, t, ""); + + t = netsnmp_lookup_default_domain("b"); + OK_STRCMP(b, t, "alfa"); + + t = netsnmp_lookup_default_domain("c"); + OK_STRCMP(c, t, "alfa"); + + t = netsnmp_lookup_default_domain("d"); + OK_STR_IS_NULL(d, t); +} + +{ + const char *const *t; + + t = netsnmp_lookup_default_domains("a"); + OK_IS_NOT_NULL(a, t); + OK_STRCMP(a[0], t[0], ""); + OK_STR_IS_NULL(a[1], t[1]); + + t = netsnmp_lookup_default_domains("b"); + OK_IS_NOT_NULL(b, t); + OK_STRCMP(b[0], t[0], "alfa"); + OK_STR_IS_NULL(b[1], t[1]); + + t = netsnmp_lookup_default_domains("c"); + OK_IS_NOT_NULL(c, t); + OK_STRCMP(c[0], t[0], "alfa"); + OK_STRCMP(c[1], t[1], "beta"); + OK_STR_IS_NULL(c[2], t[2]); + + t = netsnmp_lookup_default_domains("d"); + OK_IS_NULL(d, t); +} + +{ + char cfg[] = "defDomain=b gamma"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "register user domain for 'b'"); +} + +{ + char cfg[] = "defDomain=c gamma delta"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "register user domains for 'c'"); +} + +{ + char cfg[] = "defDomain=b2 gamma"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "register user domain for 'b2'"); +} + +{ + char cfg[] = "defDomain=c2 gamma delta"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "register user domains for 'c2'"); +} + +{ + const char *t; + + t = netsnmp_lookup_default_domain("b"); + OK_STRCMP(b, t, "gamma"); + + t = netsnmp_lookup_default_domain("b2"); + OK_STRCMP(b2, t, "gamma"); + + t = netsnmp_lookup_default_domain("c"); + OK_STRCMP(c, t, "gamma"); + + t = netsnmp_lookup_default_domain("c2"); + OK_STRCMP(c2, t, "gamma"); +} + +{ + const char *const *t; + + t = netsnmp_lookup_default_domains("b"); + OK_IS_NOT_NULL(b, t); + OK_STRCMP(b[0], t[0], "gamma"); + OK_STR_IS_NULL(b[1], t[1]); + + t = netsnmp_lookup_default_domains("b2"); + OK_IS_NOT_NULL(b2, t); + OK_STRCMP(b2[0], t[0], "gamma"); + OK_STR_IS_NULL(b2[1], t[1]); + + t = netsnmp_lookup_default_domains("c"); + OK_IS_NOT_NULL(c, t); + OK_STRCMP(c[0], t[0], "gamma"); + OK_STRCMP(c[1], t[1], "delta"); + OK_STR_IS_NULL(c[2], t[2]); + + t = netsnmp_lookup_default_domains("c2"); + OK_IS_NOT_NULL(c2, t); + OK_STRCMP(c2[0], t[0], "gamma"); + OK_STRCMP(c2[1], t[1], "delta"); + OK_STR_IS_NULL(c2[2], t[2]); +} + +{ + char cfg[] = "defDomain="; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "Empty config line"); +} + +{ + const char* t; + char cfg[] = "defDomain=e"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "Incomplete config line"); + t = netsnmp_lookup_default_domain("e"); + OK_STR_IS_NULL(e, t); +} + +/* Test target lookup */ + +OK(netsnmp_register_default_target("b", "alfa", "alfa-domain:b") == 0, + "register a 'alfa:alfa-domain:b' for application 'b'"); + +OK(netsnmp_register_default_target("b", "beta", "beta-domain:b") == 0, + "register a 'beta:beta-domain:b' for application 'b'"); + +OK(netsnmp_register_default_target("c", "alfa", "alfa-domain:c") == 0, + "register a 'alfa:alfa-domain:c' for application 'c'"); + +{ + const char *t; + + t = netsnmp_lookup_default_target("b", "alfa"); + OK_STRCMP(b:alfa, t, "alfa-domain:b"); + + t = netsnmp_lookup_default_target("b", "beta"); + OK_STRCMP(b:beta, t, "beta-domain:b"); + + t = netsnmp_lookup_default_target("c", "alfa"); + OK_STRCMP(c:alfa, t, "alfa-domain:c"); + + t = netsnmp_lookup_default_target("a", "alfa"); + OK_STR_IS_NULL(a:alfa, t); + + t = netsnmp_lookup_default_target("b", "gamma"); + OK_STR_IS_NULL(b:gamma, t); + + t = netsnmp_lookup_default_target("c", "beta"); + OK_STR_IS_NULL(c:beta, t); +} + +{ + char cfg[] = "defTarget=b alfa user-alfa:b"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, + "register user target 'alfa:user-alfa:b' for application 'b'"); +} + +{ + char cfg[] = "defTarget=b gamma user-gamma:b"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, + "register user target 'gamma:user-gamma:b' for application 'b'"); +} + +{ + char cfg[] = "defTarget=c alfa user-alfa:c"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, + "register user target 'alfa:user-alfa:c' for application 'c'"); +} + + +{ + const char *t; + + t = netsnmp_lookup_default_target("b", "alfa"); + OK_STRCMP(b:alfa, t, "user-alfa:b"); + + t = netsnmp_lookup_default_target("b", "beta"); + OK_STRCMP(b:beta, t, "beta-domain:b"); + + t = netsnmp_lookup_default_target("c", "alfa"); + OK_STRCMP(c:alfa, t, "user-alfa:c"); + + t = netsnmp_lookup_default_target("a", "alfa"); + OK_STR_IS_NULL(a:alfa, t); + + t = netsnmp_lookup_default_target("b", "gamma"); + OK_STRCMP(b:gamma, t, "user-gamma:b"); + + t = netsnmp_lookup_default_target("b", "delta"); + OK_STR_IS_NULL(b:delta, t); + + t = netsnmp_lookup_default_target("c", "beta"); + OK_STR_IS_NULL(c:beta, t); +} + +{ + char cfg[] = "defTarget="; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "Empty config line"); +} + +{ + const char* t; + char cfg[] = "defTarget=e1"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "Incomplete config line #1"); + t = netsnmp_lookup_default_target("e1", ""); + OK_STR_IS_NULL(e1:, t); +} + +{ + const char* t; + char cfg[] = "defTarget=e2 omega"; + OK(netsnmp_config(cfg) == SNMPERR_SUCCESS, "Incomplete config line #2"); + t = netsnmp_lookup_default_target("e2", "omega"); + OK_STR_IS_NULL(e2:omega, t); +} diff --git a/testing/fulltests/unit-tests/T101pdu_type_clib.c b/testing/fulltests/unit-tests/T101pdu_type_clib.c new file mode 100644 index 0000000..771aa61 --- /dev/null +++ b/testing/fulltests/unit-tests/T101pdu_type_clib.c @@ -0,0 +1,13 @@ +/* HEADER PDU type descriptions */ +const char *pdu_description; +pdu_description = snmp_pdu_type(SNMP_MSG_GET); +OKF((strcmp(pdu_description, "GET") == 0), + ("SNMP GET PDU type did not return the expected identifier (GET): %s", + pdu_description)); + +#ifdef NETSNMP_NO_WRITE_SUPPORT +pdu_description = snmp_pdu_type(163); +OKF((strcmp(pdu_description, "?0xA3?") == 0), + ("SNMP SET PDU type did not return the expected unknown identifier (?0xA3?): %s", + pdu_description)); +#endif /* NETSNMP_NO_WRITE_SUPPORT */ diff --git a/testing/fulltests/unit-tests/T102pdu_build_clib.c b/testing/fulltests/unit-tests/T102pdu_build_clib.c new file mode 100644 index 0000000..1fba69e --- /dev/null +++ b/testing/fulltests/unit-tests/T102pdu_build_clib.c @@ -0,0 +1,67 @@ +/* HEADER PDU building */ + +SOCK_STARTUP; + +netsnmp_pdu *pdu; +u_char *packet; +size_t packet_len, offset = 0; +netsnmp_session session, *ss; +int rc; + +/* prototype copied from snmp_api.c */ +int snmp_build(u_char ** pkt, size_t * pkt_len, + size_t * offset, netsnmp_session * pss, + netsnmp_pdu *pdu); + +init_snmp("testing"); +snmp_sess_init(&session); +session.version = SNMP_VERSION_2c; +session.peername = strdup("udp:127.0.0.1"); /* we won't actually connect */ +session.community = (u_char *) strdup("bogus"); +session.community_len = strlen((char *) session.community); +ss = snmp_open(&session); + +OKF((ss != NULL), ("Creating a session failed")); +if (ss == NULL) + snmp_perror("ack"); + +packet_len = 4096; +packet = malloc(packet_len); + +pdu = snmp_pdu_create(SNMP_MSG_GET); +pdu->version = session.version; + +OKF((pdu != NULL), ("Creating a GET PDU failed")); + +rc = snmp_build(&packet, &packet_len, &offset, ss, pdu); + +#ifndef NETSNMP_NOTIFY_ONLY +OKF((rc == SNMPERR_SUCCESS), + ("Building a GET PDU/packet should have worked: %d", rc)); +#else /* NETSNMP_NOTIFY_ONLY */ +OKF((rc != SNMPERR_SUCCESS), + ("Building a GET PDU/packet should have failed: %d", rc)); +#endif /* NETSNMP_NOTIFY_ONLY */ + +offset = 0; +pdu->command = 163; /* a SET message */ +rc = snmp_build(&packet, &packet_len, &offset, ss, pdu); + +#ifndef NETSNMP_NO_WRITE_SUPPORT +OKF((rc == SNMPERR_SUCCESS), + ("Building a SET PDU/packet should have succeeded: %d", rc)); +#else /* NETSNMP_NO_WRITE_SUPPORT */ +OKF((rc != SNMPERR_SUCCESS), + ("Building a SET PDU/packet should have failed: %d", rc)); +#endif /* NETSNMP_NO_WRITE_SUPPORT */ + + + +offset = 0; +pdu->command = SNMP_MSG_INFORM; +rc = snmp_build(&packet, &packet_len, &offset, ss, pdu); + +OKF((rc == SNMPERR_SUCCESS), + ("Building an INFORM PDU/packet should have succeed: %d", rc)); + +SOCK_CLEANUP; diff --git a/testing/fulltests/unit-tests/T103pdu_parse_clib.c b/testing/fulltests/unit-tests/T103pdu_parse_clib.c new file mode 100644 index 0000000..8d5882d --- /dev/null +++ b/testing/fulltests/unit-tests/T103pdu_parse_clib.c @@ -0,0 +1,22 @@ +/* HEADER Parsing of PDUs */ +netsnmp_pdu pdu; +int rc; +u_char data[] = { + 0xA2, 0x1D, 0x02, 0x04, 0x4E, 0x39, + 0xB2, 0x8E, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00, + 0x30, 0x0F, 0x30, 0x0D, 0x06, 0x08, 0x2B, 0x06, + 0x01, 0x02, 0x01, 0x01, 0x04, 0x00, 0x04, 0x01, + 0x66 +}; +size_t data_length=sizeof(data); + +rc = snmp_pdu_parse(&pdu, data, &data_length); + +OKF((rc == 0), ("Parsing of a generic PDU failed")); + +#ifdef NETSNMP_NO_WRITE_SUPPORT +data[0] = 0xA3; /* changes it to a SET pdu */ +rc = snmp_pdu_parse(&pdu, data, &data_length); + +OKF((rc != 0), ("Parsing of a generic SET PDU succeeded")); +#endif /* NETSNMP_NO_WRITE_SUPPORT */ |