Add CI tests using the standard test interface

- ncat-protocol-sanity-test
 - simple-functionality-test
This commit is contained in:
Serhii Turivnyi 2017-11-29 15:17:00 +02:00
parent 42d973c99f
commit e38af10998
13 changed files with 442 additions and 0 deletions

View File

@ -0,0 +1,64 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/nmap/Sanity/ncat-protocol-sanity-test
# Description: Test all supported protocols of ncat, like tcp, udp, ...
# Author: Patrik Kis <pkis@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2012 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/nmap/Sanity/ncat-protocol-sanity-test
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE srv.exp clt.exp udpsrv.exp udpclt.exp tcpclt.exp tcpsrv.exp
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Patrik Kis <pkis@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test all supported protocols of ncat, like tcp, udp, ..." >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: nmap" >> $(METADATA)
@echo "Requires: nmap tcpdump expect" >> $(METADATA)
@echo "Releases: -RHEL4 -RedHatEnterpriseLinuxClient5 -RedHatEnterpriseLinuxServer5" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -0,0 +1,5 @@
PURPOSE of /CoreOS/nmap/Sanity/ncat-protocol-sanity-test
Description: Test all supported protocols of ncat, like tcp, udp, ...
Author: Patrik Kis <pkis@redhat.com>
sanity test for nmap listening on TCP, SCTP, UDP

View File

@ -0,0 +1,13 @@
#!/usr/bin/expect
set timeout 10
spawn ncat -4 --sctp localhost 6666
expect {
eof { exit 2 }
default { exit 1 }
"ServerSend\r" { sleep 1; send -- "ClientSend\r" }
}
sleep 1
exit 0

View File

@ -0,0 +1,125 @@
#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/nmap/Sanity/ncat-protocol-sanity-test
# Description: Test all supported protocols of ncat, like tcp, udp, ...
# Author: Patrik Kis <pkis@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2012 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh
. /usr/share/beakerlib/beakerlib.sh
PACKAGE="nmap"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "modprobe sctp"
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlIsRHEL 4 5 && rlRun "chcon -t tmpfs_t $TmpDir" 0 \
"Changing SELinux context to allow nmap to write to $TmpDir"
rlRun "cp *exp $TmpDir" 0 "Copying expect scripts to working directory"
rlRun "pushd $TmpDir"
rlPhaseEnd
rlPhaseStartTest "ncat acts as tcp server (Listen mode)"
rlRun "tcpdump -pnnli lo port 6666 > tcpdump-tcp.out &" 0 "Run tcpdump"
TCPDUMPPID=$!; echo TCPDUMPPID=$TCPDUMPPID
sleep 2
rlRun "./tcpsrv.exp > ncat-server-tcp.out &"
NCATPID=$!; echo NCATPID=$NCATPID
rlRun "rlWaitForSocket -p $NCATPID 6666 -d 0.5"
rlRun "./tcpclt.exp > ncat-client-tcp.out"
sleep 3
rlRun "kill -9 $NCATPID" 0,1 "Making sure the ncat is dead"
rlRun "kill -9 $TCPDUMPPID" 0,1 "Making sure the tcpdump is dead"
sleep 1
cat tcpdump-tcp.out
rlAssertGrep "127.0.0.1.6666.*\[S" tcpdump-tcp.out
rlAssertGrep "127.0.0.1.6666.*\[P" tcpdump-tcp.out
rlAssertGrep "127.0.0.1.6666.*\[F" tcpdump-tcp.out
rlAssertEquals "Vefify that there were two PUSH packet sent" \
2 `grep "127.0.0.1.6666.*\[P" tcpdump-tcp.out |wc -l`
cat ncat-server-tcp.out
rlAssertGrep "ClientSend" ncat-server-tcp.out
cat ncat-client-tcp.out
rlAssertGrep "ServerSend" ncat-client-tcp.out
rlPhaseEnd
rlPhaseStartTest "ncat acts as SCTP server (Listen mode)"
# SCTP does not support half-open connection so it has to be tested with expect
# otherwise the parties initiate connection close immediately after all input read
rlRun "tcpdump -pnnli lo port 6666 > tcpdump-sctp.out &" 0 "Run tcpdump"
TCPDUMPPID=$!; echo TCPDUMPPID=$TCPDUMPPID
sleep 2
rlRun "./srv.exp > ncat-server-sctp.out &"
NCATPID=$!; echo NCATPID=$NCATPID
rlRun "rlWaitForSocket -p $NCATPID 6666 -d 0.5"
rlRun "./clt.exp > ncat-client-sctp.out"
sleep 3
rlRun "kill -9 $NCATPID" 0,1 "Making sure the ncat is dead"
rlRun "kill -9 $TCPDUMPPID" 0,1 "Making sure the tcpdump is dead"
sleep 1
cat tcpdump-sctp.out
rlAssertGrep "127.0.0.1.6666.*sctp.*\[INIT" tcpdump-sctp.out
rlAssertGrep "127.0.0.1.6666.*sctp.*\[COOKIE" tcpdump-sctp.out
rlAssertGrep "127.0.0.1.6666.*sctp.*\[SHUTDOWN" tcpdump-sctp.out
rlAssertEquals "Vefify that there were two DATA sctp packet sent" \
2 `grep "127.0.0.1.6666.*sctp.*\[DATA\]" tcpdump-sctp.out |wc -l`
cat ncat-server-sctp.out
rlAssertGrep "ClientSend" ncat-server-sctp.out
cat ncat-client-sctp.out
rlAssertGrep "ServerSend" ncat-client-sctp.out
rlPhaseEnd
rlPhaseStartTest "ncat acts as UDP server (Listen mode)"
rlRun "tcpdump -pnnli lo port 6666 > tcpdump-udp.out &" 0 "Run tcpdump"
TCPDUMPPID=$!; echo TCPDUMPPID=$TCPDUMPPID
sleep 2
rlRun "./udpsrv.exp >ncat-server-udp.out &"
NCATPID=$!; echo NCATPID=$NCATPID
sleep 2
rlRun "./udpclt.exp >ncat-client-udp.out &"
NCATCLNTPID=$!; echo NCATPID=$NCATCLNTPID
sleep 2
rlRun "kill -9 $NCATPID $NCATCLNTPID" 0,1 "Making sure the ncat is dead"
rlRun "kill -9 $TCPDUMPPID" 0,1 "Making sure the tcpdump is dead"
sleep 2
cat tcpdump-udp.out
rlAssertGrep "127.0.0.1.*>.*127.0.0.1.6666.*UDP" tcpdump-udp.out
rlAssertGrep "127.0.0.1.6666.*>.*127.0.0.1..*UDP" tcpdump-udp.out
rlAssertEquals "Vefify that there were two UDP packet sent" \
2 `wc -l tcpdump-udp.out`
cat ncat-server-udp.out
rlAssertGrep "ClientSend" ncat-server-udp.out
cat ncat-client-udp.out
rlAssertGrep "ServerSend" ncat-client-udp.out
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -0,0 +1,22 @@
#!/usr/bin/expect
set timeout 10
spawn ncat -vl --sctp 6666
expect {
eof { exit 2 }
default { exit 1 }
"Ncat: Connection from 127.0.0.1" { sleep 1; send -- "ServerSend\r" }
}
expect {
eof { exit 2 }
default { exit 1 }
"ClientSend\r"
}
expect {
eof { exit 0 }
default { exit 1 }
}
exit 3

View File

@ -0,0 +1,13 @@
#!/usr/bin/expect
set timeout 10
spawn ncat -4 localhost 6666
expect {
eof { exit 2 }
default { exit 1 }
"ServerSend\r" { sleep 1; send -- "ClientSend\r" }
}
sleep 1
exit 0

View File

@ -0,0 +1,22 @@
#!/usr/bin/expect
set timeout 10
spawn ncat -vl 6666
expect {
eof { exit 2 }
default { exit 1 }
"Ncat: Connection from 127.0.0.1" { sleep 1; send -- "ServerSend\r" }
}
expect {
eof { exit 2 }
default { exit 1 }
"ClientSend\r"
}
expect {
eof { exit 0 }
default { exit 1 }
}
exit 3

View File

@ -0,0 +1,14 @@
#!/usr/bin/expect
set timeout 10
spawn ncat -4 --udp localhost 6666
send -- "ClientSend\r"
expect {
eof { exit 2 }
default { exit 1 }
"ServerSend\r"
}
sleep 1
exit 0

View File

@ -0,0 +1,13 @@
#!/usr/bin/expect
set timeout 10
spawn ncat -vl --udp 6666
expect {
eof { exit 2 }
default { exit 1 }
"ClientSend\r" { send -- "ServerSend\r" }
}
sleep 1
exit 0

View File

@ -0,0 +1,63 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/nmap/Sanity/simple-functionality-test
# Description: Simple functionality test, local port scanning.
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2010 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/nmap/Sanity/simple-functionality-test
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Karel Srot <ksrot@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Simple functionality test, local port scanning." >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: nmap" >> $(METADATA)
@echo "Requires: nmap lsof" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -0,0 +1,5 @@
PURPOSE of /CoreOS/nmap/Sanity/simple-functionality-test
Description: Simple functionality test, local port scanning.
Author: Karel Srot <ksrot@redhat.com>
sanity testing local port scanning

View File

@ -0,0 +1,67 @@
#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/nmap/Sanity/simple-functionality-test
# Description: Simple functionality test, local port scanning.
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2010 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include rhts environment
. /usr/bin/rhts-environment.sh
. /usr/share/beakerlib/beakerlib.sh
PACKAGE="nmap"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
rlIsRHEL 4 5 && rlRun "chcon -t tmpfs_t $TmpDir" 0 "Changing SELinux context to allow nmap to write to $TmpDir"
rlRun "pushd $TmpDir"
rlPhaseEnd
rlPhaseStartTest
rlRun "nmap localhost -p- 2>&1 > myscan.nmap" 0 "Perform nmap scan"
rlAssertExists "myscan.nmap"
rlRun "lsof -i4 -P | grep '(LISTEN)' > lsof.out" 0 "Checking open ports with lsof -i4"
if grep -q ':22 (LISTEN)' lsof.out; then
rlRun "egrep '22/tcp\\W+open\\W+ssh' myscan.nmap" 0 "Checking if ssh has been found"
fi
if grep -q ':25 (LISTEN)' lsof.out; then
rlRun "egrep '25/tcp\\W+open\\W+smtp' myscan.nmap" 0 "Checking if smtp daemon has been found"
fi
if grep -q ':631 (LISTEN)' lsof.out; then
rlRun "egrep '631/tcp\\W+open\\W+ipp' myscan.nmap" 0 "Checking if cups/ipp has been found"
fi
if grep -q ':111 (LISTEN)' lsof.out; then
rlRun "egrep '111/tcp\\W+open\\W+rpcbind' myscan.nmap" 0 "Checking if portmap/rpcbind has been found"
fi
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

16
tests/tests.yml Normal file
View File

@ -0,0 +1,16 @@
---
# Tests that run in all contexts
- hosts: localhost
roles:
- role: standard-test-beakerlib
tags:
- classic
tests:
- ncat-protocol-sanity-test
- simple-functionality-test
required_packages:
- kernel-modules # Required to run ncat-protocol-sanity-test
- nmap # Required to run simple-functionality-test
- lsof # Required to run simple-functionality-test
- tcpdump # Required to run ncat-protocol-sanity-test
- expect # Required to run ncat-protocol-sanity-test