From e38af109980e616daf630cb5b23ea9317b1a9c7b Mon Sep 17 00:00:00 2001 From: Serhii Turivnyi Date: Wed, 29 Nov 2017 15:17:00 +0200 Subject: [PATCH] Add CI tests using the standard test interface - ncat-protocol-sanity-test - simple-functionality-test --- tests/ncat-protocol-sanity-test/Makefile | 64 +++++++++++ tests/ncat-protocol-sanity-test/PURPOSE | 5 + tests/ncat-protocol-sanity-test/clt.exp | 13 +++ tests/ncat-protocol-sanity-test/runtest.sh | 125 +++++++++++++++++++++ tests/ncat-protocol-sanity-test/srv.exp | 22 ++++ tests/ncat-protocol-sanity-test/tcpclt.exp | 13 +++ tests/ncat-protocol-sanity-test/tcpsrv.exp | 22 ++++ tests/ncat-protocol-sanity-test/udpclt.exp | 14 +++ tests/ncat-protocol-sanity-test/udpsrv.exp | 13 +++ tests/simple-functionality-test/Makefile | 63 +++++++++++ tests/simple-functionality-test/PURPOSE | 5 + tests/simple-functionality-test/runtest.sh | 67 +++++++++++ tests/tests.yml | 16 +++ 13 files changed, 442 insertions(+) create mode 100644 tests/ncat-protocol-sanity-test/Makefile create mode 100644 tests/ncat-protocol-sanity-test/PURPOSE create mode 100755 tests/ncat-protocol-sanity-test/clt.exp create mode 100755 tests/ncat-protocol-sanity-test/runtest.sh create mode 100755 tests/ncat-protocol-sanity-test/srv.exp create mode 100755 tests/ncat-protocol-sanity-test/tcpclt.exp create mode 100755 tests/ncat-protocol-sanity-test/tcpsrv.exp create mode 100755 tests/ncat-protocol-sanity-test/udpclt.exp create mode 100755 tests/ncat-protocol-sanity-test/udpsrv.exp create mode 100644 tests/simple-functionality-test/Makefile create mode 100644 tests/simple-functionality-test/PURPOSE create mode 100755 tests/simple-functionality-test/runtest.sh create mode 100644 tests/tests.yml diff --git a/tests/ncat-protocol-sanity-test/Makefile b/tests/ncat-protocol-sanity-test/Makefile new file mode 100644 index 0000000..d76d767 --- /dev/null +++ b/tests/ncat-protocol-sanity-test/Makefile @@ -0,0 +1,64 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/nmap/Sanity/ncat-protocol-sanity-test +# Description: Test all supported protocols of ncat, like tcp, udp, ... +# Author: Patrik Kis +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2012 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/nmap/Sanity/ncat-protocol-sanity-test +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE srv.exp clt.exp udpsrv.exp udpclt.exp tcpclt.exp tcpsrv.exp + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Patrik Kis " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Test all supported protocols of ncat, like tcp, udp, ..." >> $(METADATA) + @echo "Type: Sanity" >> $(METADATA) + @echo "TestTime: 5m" >> $(METADATA) + @echo "RunFor: nmap" >> $(METADATA) + @echo "Requires: nmap tcpdump expect" >> $(METADATA) + @echo "Releases: -RHEL4 -RedHatEnterpriseLinuxClient5 -RedHatEnterpriseLinuxServer5" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/ncat-protocol-sanity-test/PURPOSE b/tests/ncat-protocol-sanity-test/PURPOSE new file mode 100644 index 0000000..a13aea3 --- /dev/null +++ b/tests/ncat-protocol-sanity-test/PURPOSE @@ -0,0 +1,5 @@ +PURPOSE of /CoreOS/nmap/Sanity/ncat-protocol-sanity-test +Description: Test all supported protocols of ncat, like tcp, udp, ... +Author: Patrik Kis + +sanity test for nmap listening on TCP, SCTP, UDP diff --git a/tests/ncat-protocol-sanity-test/clt.exp b/tests/ncat-protocol-sanity-test/clt.exp new file mode 100755 index 0000000..d85714c --- /dev/null +++ b/tests/ncat-protocol-sanity-test/clt.exp @@ -0,0 +1,13 @@ +#!/usr/bin/expect + +set timeout 10 + +spawn ncat -4 --sctp localhost 6666 + +expect { + eof { exit 2 } + default { exit 1 } + "ServerSend\r" { sleep 1; send -- "ClientSend\r" } +} +sleep 1 +exit 0 diff --git a/tests/ncat-protocol-sanity-test/runtest.sh b/tests/ncat-protocol-sanity-test/runtest.sh new file mode 100755 index 0000000..3489bbb --- /dev/null +++ b/tests/ncat-protocol-sanity-test/runtest.sh @@ -0,0 +1,125 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/nmap/Sanity/ncat-protocol-sanity-test +# Description: Test all supported protocols of ncat, like tcp, udp, ... +# Author: Patrik Kis +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2012 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh + +PACKAGE="nmap" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "modprobe sctp" + rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" + rlIsRHEL 4 5 && rlRun "chcon -t tmpfs_t $TmpDir" 0 \ + "Changing SELinux context to allow nmap to write to $TmpDir" + rlRun "cp *exp $TmpDir" 0 "Copying expect scripts to working directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + + rlPhaseStartTest "ncat acts as tcp server (Listen mode)" + rlRun "tcpdump -pnnli lo port 6666 > tcpdump-tcp.out &" 0 "Run tcpdump" + TCPDUMPPID=$!; echo TCPDUMPPID=$TCPDUMPPID + sleep 2 + rlRun "./tcpsrv.exp > ncat-server-tcp.out &" + NCATPID=$!; echo NCATPID=$NCATPID + rlRun "rlWaitForSocket -p $NCATPID 6666 -d 0.5" + rlRun "./tcpclt.exp > ncat-client-tcp.out" + sleep 3 + rlRun "kill -9 $NCATPID" 0,1 "Making sure the ncat is dead" + rlRun "kill -9 $TCPDUMPPID" 0,1 "Making sure the tcpdump is dead" + sleep 1 + cat tcpdump-tcp.out + rlAssertGrep "127.0.0.1.6666.*\[S" tcpdump-tcp.out + rlAssertGrep "127.0.0.1.6666.*\[P" tcpdump-tcp.out + rlAssertGrep "127.0.0.1.6666.*\[F" tcpdump-tcp.out + rlAssertEquals "Vefify that there were two PUSH packet sent" \ + 2 `grep "127.0.0.1.6666.*\[P" tcpdump-tcp.out |wc -l` + cat ncat-server-tcp.out + rlAssertGrep "ClientSend" ncat-server-tcp.out + cat ncat-client-tcp.out + rlAssertGrep "ServerSend" ncat-client-tcp.out + rlPhaseEnd + + rlPhaseStartTest "ncat acts as SCTP server (Listen mode)" + # SCTP does not support half-open connection so it has to be tested with expect + # otherwise the parties initiate connection close immediately after all input read + rlRun "tcpdump -pnnli lo port 6666 > tcpdump-sctp.out &" 0 "Run tcpdump" + TCPDUMPPID=$!; echo TCPDUMPPID=$TCPDUMPPID + sleep 2 + rlRun "./srv.exp > ncat-server-sctp.out &" + NCATPID=$!; echo NCATPID=$NCATPID + rlRun "rlWaitForSocket -p $NCATPID 6666 -d 0.5" + rlRun "./clt.exp > ncat-client-sctp.out" + sleep 3 + rlRun "kill -9 $NCATPID" 0,1 "Making sure the ncat is dead" + rlRun "kill -9 $TCPDUMPPID" 0,1 "Making sure the tcpdump is dead" + sleep 1 + cat tcpdump-sctp.out + rlAssertGrep "127.0.0.1.6666.*sctp.*\[INIT" tcpdump-sctp.out + rlAssertGrep "127.0.0.1.6666.*sctp.*\[COOKIE" tcpdump-sctp.out + rlAssertGrep "127.0.0.1.6666.*sctp.*\[SHUTDOWN" tcpdump-sctp.out + rlAssertEquals "Vefify that there were two DATA sctp packet sent" \ + 2 `grep "127.0.0.1.6666.*sctp.*\[DATA\]" tcpdump-sctp.out |wc -l` + cat ncat-server-sctp.out + rlAssertGrep "ClientSend" ncat-server-sctp.out + cat ncat-client-sctp.out + rlAssertGrep "ServerSend" ncat-client-sctp.out + rlPhaseEnd + + rlPhaseStartTest "ncat acts as UDP server (Listen mode)" + rlRun "tcpdump -pnnli lo port 6666 > tcpdump-udp.out &" 0 "Run tcpdump" + TCPDUMPPID=$!; echo TCPDUMPPID=$TCPDUMPPID + sleep 2 + rlRun "./udpsrv.exp >ncat-server-udp.out &" + NCATPID=$!; echo NCATPID=$NCATPID + sleep 2 + rlRun "./udpclt.exp >ncat-client-udp.out &" + NCATCLNTPID=$!; echo NCATPID=$NCATCLNTPID + sleep 2 + rlRun "kill -9 $NCATPID $NCATCLNTPID" 0,1 "Making sure the ncat is dead" + rlRun "kill -9 $TCPDUMPPID" 0,1 "Making sure the tcpdump is dead" + sleep 2 + cat tcpdump-udp.out + rlAssertGrep "127.0.0.1.*>.*127.0.0.1.6666.*UDP" tcpdump-udp.out + rlAssertGrep "127.0.0.1.6666.*>.*127.0.0.1..*UDP" tcpdump-udp.out + rlAssertEquals "Vefify that there were two UDP packet sent" \ + 2 `wc -l tcpdump-udp.out` + cat ncat-server-udp.out + rlAssertGrep "ClientSend" ncat-server-udp.out + cat ncat-client-udp.out + rlAssertGrep "ServerSend" ncat-client-udp.out + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -r $TmpDir" 0 "Removing tmp directory" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/ncat-protocol-sanity-test/srv.exp b/tests/ncat-protocol-sanity-test/srv.exp new file mode 100755 index 0000000..086ed36 --- /dev/null +++ b/tests/ncat-protocol-sanity-test/srv.exp @@ -0,0 +1,22 @@ +#!/usr/bin/expect + +set timeout 10 + +spawn ncat -vl --sctp 6666 + +expect { + eof { exit 2 } + default { exit 1 } + "Ncat: Connection from 127.0.0.1" { sleep 1; send -- "ServerSend\r" } +} +expect { + eof { exit 2 } + default { exit 1 } + "ClientSend\r" +} +expect { + eof { exit 0 } + default { exit 1 } +} +exit 3 + diff --git a/tests/ncat-protocol-sanity-test/tcpclt.exp b/tests/ncat-protocol-sanity-test/tcpclt.exp new file mode 100755 index 0000000..3396eac --- /dev/null +++ b/tests/ncat-protocol-sanity-test/tcpclt.exp @@ -0,0 +1,13 @@ +#!/usr/bin/expect + +set timeout 10 + +spawn ncat -4 localhost 6666 + +expect { + eof { exit 2 } + default { exit 1 } + "ServerSend\r" { sleep 1; send -- "ClientSend\r" } +} +sleep 1 +exit 0 diff --git a/tests/ncat-protocol-sanity-test/tcpsrv.exp b/tests/ncat-protocol-sanity-test/tcpsrv.exp new file mode 100755 index 0000000..ac1c803 --- /dev/null +++ b/tests/ncat-protocol-sanity-test/tcpsrv.exp @@ -0,0 +1,22 @@ +#!/usr/bin/expect + +set timeout 10 + +spawn ncat -vl 6666 + +expect { + eof { exit 2 } + default { exit 1 } + "Ncat: Connection from 127.0.0.1" { sleep 1; send -- "ServerSend\r" } +} +expect { + eof { exit 2 } + default { exit 1 } + "ClientSend\r" +} +expect { + eof { exit 0 } + default { exit 1 } +} +exit 3 + diff --git a/tests/ncat-protocol-sanity-test/udpclt.exp b/tests/ncat-protocol-sanity-test/udpclt.exp new file mode 100755 index 0000000..dbbb0ef --- /dev/null +++ b/tests/ncat-protocol-sanity-test/udpclt.exp @@ -0,0 +1,14 @@ +#!/usr/bin/expect + +set timeout 10 + +spawn ncat -4 --udp localhost 6666 + +send -- "ClientSend\r" +expect { + eof { exit 2 } + default { exit 1 } + "ServerSend\r" +} +sleep 1 +exit 0 diff --git a/tests/ncat-protocol-sanity-test/udpsrv.exp b/tests/ncat-protocol-sanity-test/udpsrv.exp new file mode 100755 index 0000000..3aa72fe --- /dev/null +++ b/tests/ncat-protocol-sanity-test/udpsrv.exp @@ -0,0 +1,13 @@ +#!/usr/bin/expect + +set timeout 10 + +spawn ncat -vl --udp 6666 + +expect { + eof { exit 2 } + default { exit 1 } + "ClientSend\r" { send -- "ServerSend\r" } +} +sleep 1 +exit 0 diff --git a/tests/simple-functionality-test/Makefile b/tests/simple-functionality-test/Makefile new file mode 100644 index 0000000..4bb6cdc --- /dev/null +++ b/tests/simple-functionality-test/Makefile @@ -0,0 +1,63 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/nmap/Sanity/simple-functionality-test +# Description: Simple functionality test, local port scanning. +# Author: Karel Srot +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2010 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/nmap/Sanity/simple-functionality-test +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Karel Srot " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Simple functionality test, local port scanning." >> $(METADATA) + @echo "Type: Sanity" >> $(METADATA) + @echo "TestTime: 5m" >> $(METADATA) + @echo "RunFor: nmap" >> $(METADATA) + @echo "Requires: nmap lsof" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/simple-functionality-test/PURPOSE b/tests/simple-functionality-test/PURPOSE new file mode 100644 index 0000000..46834fa --- /dev/null +++ b/tests/simple-functionality-test/PURPOSE @@ -0,0 +1,5 @@ +PURPOSE of /CoreOS/nmap/Sanity/simple-functionality-test +Description: Simple functionality test, local port scanning. +Author: Karel Srot + +sanity testing local port scanning diff --git a/tests/simple-functionality-test/runtest.sh b/tests/simple-functionality-test/runtest.sh new file mode 100755 index 0000000..15ea773 --- /dev/null +++ b/tests/simple-functionality-test/runtest.sh @@ -0,0 +1,67 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/nmap/Sanity/simple-functionality-test +# Description: Simple functionality test, local port scanning. +# Author: Karel Srot +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2010 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh + +PACKAGE="nmap" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlIsRHEL 4 5 && rlRun "chcon -t tmpfs_t $TmpDir" 0 "Changing SELinux context to allow nmap to write to $TmpDir" + rlRun "pushd $TmpDir" + rlPhaseEnd + + rlPhaseStartTest + rlRun "nmap localhost -p- 2>&1 > myscan.nmap" 0 "Perform nmap scan" + rlAssertExists "myscan.nmap" + rlRun "lsof -i4 -P | grep '(LISTEN)' > lsof.out" 0 "Checking open ports with lsof -i4" + if grep -q ':22 (LISTEN)' lsof.out; then + rlRun "egrep '22/tcp\\W+open\\W+ssh' myscan.nmap" 0 "Checking if ssh has been found" + fi + if grep -q ':25 (LISTEN)' lsof.out; then + rlRun "egrep '25/tcp\\W+open\\W+smtp' myscan.nmap" 0 "Checking if smtp daemon has been found" + fi + if grep -q ':631 (LISTEN)' lsof.out; then + rlRun "egrep '631/tcp\\W+open\\W+ipp' myscan.nmap" 0 "Checking if cups/ipp has been found" + fi + + if grep -q ':111 (LISTEN)' lsof.out; then + rlRun "egrep '111/tcp\\W+open\\W+rpcbind' myscan.nmap" 0 "Checking if portmap/rpcbind has been found" + fi + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -r $TmpDir" 0 "Removing tmp directory" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..9f67887 --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,16 @@ +--- +# Tests that run in all contexts +- hosts: localhost + roles: + - role: standard-test-beakerlib + tags: + - classic + tests: + - ncat-protocol-sanity-test + - simple-functionality-test + required_packages: + - kernel-modules # Required to run ncat-protocol-sanity-test + - nmap # Required to run simple-functionality-test + - lsof # Required to run simple-functionality-test + - tcpdump # Required to run ncat-protocol-sanity-test + - expect # Required to run ncat-protocol-sanity-test