Add a decryption test suite along with an SSL decryption test. Move our

growing collection of capture files to a subdirectory. svn path=/trunk/; revision=41852
2012-03-30 17:51:54 +00:00 · 2012-03-30 17:51:54 +00:00 · 1bf7a61ac0
parent 17ce01b48d
commit 1bf7a61ac0
11 changed files with 198 additions and 18 deletions
--- a/test/captures/dhcp-nanosecond.pcap
+++ b/test/captures/dhcp-nanosecond.pcap
--- a/test/captures/dhcp-nanosecond.pcapng
+++ b/test/captures/dhcp-nanosecond.pcapng
--- a/test/captures/dhcp.pcap
+++ b/test/captures/dhcp.pcap
--- a/test/captures/dhcp.pcapng
+++ b/test/captures/dhcp.pcapng
--- a/test/captures/rsasnakeoil2.cap
+++ b/test/captures/rsasnakeoil2.cap
--- a/test/config.sh
+++ b/test/config.sh
@ -28,8 +28,10 @@
 if [ -n "${OS#Windows}" ] ; then
 	WS_SYSTEM="Windows"
 	export CYGWIN="$CYGWIN error_start=c:\cygwin\bin\dumper.exe -d %1 %2"
+	DIR_SEP="\\"
 else
 	WS_SYSTEM=`uname -s`
+	DIR_SEP="/"
 fi


@ -83,6 +85,14 @@ fi
 # Tell Wireshark to quit after capuring packets.
 export WIRESHARK_QUIT_AFTER_CAPTURE="True"

+CAPTURE_DIR="captures${DIR_SEP}"
+
+# Configuration paths
+TEST_HOME="$PWD/fakehome"
+if [ "$WS_SYSTEM" == "Windows" ] ; then
+    TEST_HOME="`cygpath -w $TEST_HOME`"
+fi
+
 # Display our environment

 ##printf "\n ------- Info =-----------------\n"
@ -92,3 +102,13 @@ export WIRESHARK_QUIT_AFTER_CAPTURE="True"
 ##ls -l $(which wireshark) $(which tshark) $(which dumpcap)
 ##printf " ----------------------------------\n\n"

+# Editor modelines
+#
+# Local Variables:
+# sh-basic-offset: 8
+# tab-width: 8
+# indent-tabs-mode: t
+# End:
+#
+# ex: set shiftwidth=8 tabstop=8 noexpandtab:
+# :indentSize=8:tabSize=8:noTabs=false:
--- a/test/keys/rsasnakeoil2.key
+++ b/test/keys/rsasnakeoil2.key
@ -0,0 +1,19 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCkblMUCt4s42BVmvJCpq9HEi8Xzvq63E5jVjS5unNLeEQ9xmxp
+pCWzYQKdCQQ/cj3YJ9OwWkV3tzbkJiPMEriu3qe2OoI8fCRZCviWQ4ujKTY/kX9d
+xyOUKX8Kzgq9jZsvGReq1Y7sZqI36z9XUzzyqrt5GUuQfqejmf6ETInwPQIDAQAB
+AoGAedqEWKsBIPTTtDziYYBTDnEsUxGA/685rCX7ZtQEkx4qPDlqqBMMGVW/8Q34
+hugrap+BIgSTzHcLB6I4DwiksUpR08x0hf0oxqqjMo0KykhZDfUUfxR85JHUrFZM
+GznurVhfSBXX4Il9Tgc/RPzD32FZ6gaz9sFumJh0LKKadeECQQDWOfP6+nIAvmyH
+aRINErBSlK+xv2mZ4jEKvROIQmrpyNyoOStYLG/DRPlEzAIA6oQnowGgS6gwaibg
+g7yVTgBpAkEAxH6dcwhIDRTILvtUdKSWB6vdhtXFGdebaU4cuUOW2kWwPpyIj4XN
+D+rezwfptmeOr34DCA/QKCI/BWkbFDG2tQJAVAH971nvAuOp46AMeBvwETJFg8qw
+Oqw81x02X6TMEEm4Xi+tE7K5UTXnGld2Ia3VjUWbCaUhm3rFLB39Af/IoQJAUn/G
+o5GKjtN26SLk5sRjqXzjWcVPJ/Z6bdA6Bx71q1cvFFqsi3XmDxTRz6LG4arBIbWK
+mEvrXa5jP2ZN1EC7MQJAYTfwPZ8/4x/USmA4vx9FKdADdDoZnA9ZSwezWaqa44My
+bJ0SY/WmNU+Z4ldVIkcevwwwcxqLF399hjrXWhzlBQ==
+-----END RSA PRIVATE KEY-----
+
+
+
+
--- a/test/suite-decryption.sh
+++ b/test/suite-decryption.sh
@ -0,0 +1,108 @@
+#!/bin/bash
+#
+# Test decryption capabilities of the Wireshark tools
+#
+# $Id$
+#
+# Wireshark - Network traffic analyzer
+# By Gerald Combs <gerald@wireshark.org>
+# Copyright 2005 Ulf Lamping
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+
+
+# common exit status values
+EXIT_OK=0
+EXIT_COMMAND_LINE=1
+EXIT_ERROR=2
+
+UAT_FILES="
+	ssl_keys
+"
+
+TEST_KEYS_DIR="$PWD/keys/"
+if [ "$WS_SYSTEM" == "Windows" ] ; then
+    TEST_KEYS_DIR="`cygpath -w $TEST_KEYS_DIR`"
+fi
+
+#TS_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
+TS_DC_ARGS=""
+TS_DC_ENV="HOME=${TEST_HOME}"
+
+DIFF_OUT=./diff-output.txt
+
+# We create UATs in the source directory. Add a unique ID so we can avoid
+# deleting files we shouldn't.
+DC_ID="suite-decryption.sh-$$"
+
+# SSL
+decryption_step_ssl() {
+	env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri -r captures/rsasnakeoil2.cap -R http | grep favicon.ico > /dev/null 2>&1
+	RETURNVALUE=$?
+	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
+		test_step_failed "Failed to decrypt SSL"
+		return
+	fi
+	test_step_ok
+}
+
+
+tshark_decryption_suite() {
+	# Microsecond pcap direct read is used as the baseline.
+	test_step_add "SSL Decryption" decryption_step_ssl
+}
+
+decryption_cleanup_step() {
+	for UAT in $UAT_FILES ; do
+		grep $DC_ID ../$UAT > /dev/null 2>&1
+		RETURNVALUE=$?
+		if [ $RETURNVALUE -eq $EXIT_OK ]; then
+			rm -f ../$UAT
+		fi
+	done
+	rm -rf fakehome
+}
+
+decryption_prep_step() {
+	decryption_cleanup_step
+	mkdir fakehome
+
+	for UAT in $UAT_FILES ; do
+		if [ -f ../$UAT ] ; then
+			test_remark_add "../$UAT exists. One or more tests may fail."
+		else
+			echo "# Created by $DC_ID" > ../$UAT
+			sed -e "s:%test_keys_dir%:${TEST_KEYS_DIR}:" < ./config/$UAT.tmpl >> ../$UAT
+		fi
+	done
+}
+
+decryption_suite() {
+	test_step_set_pre decryption_prep_step
+	test_step_set_post decryption_cleanup_step
+	test_suite_add "TShark decryption" tshark_decryption_suite
+}
+
+# Editor modelines
+#
+# Local Variables:
+# sh-basic-offset: 8
+# tab-width: 8
+# indent-tabs-mode: t
+# End:
+#
+# ex: set shiftwidth=8 tabstop=8 noexpandtab:
+# :indentSize=8:tabSize=8:noTabs=false:
--- a/test/suite-fileformats.sh
+++ b/test/suite-fileformats.sh
@ -29,14 +29,14 @@ EXIT_OK=0
 EXIT_COMMAND_LINE=1
 EXIT_ERROR=2

-TS_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
+TS_FF_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"

 FF_BASELINE=./ff-ts-usec-pcap-direct.txt
 DIFF_OUT=./diff-output.txt

 # Microsecond pcap / stdin
 ff_step_usec_pcap_stdin() {
-	$TSHARK $TS_ARGS -i - < dhcp.pcap > ./ff-ts-usec-pcap-stdin.txt 2> /dev/null
+	$TSHARK $TS_FF_ARGS -i - < "${CAPTURE_DIR}dhcp.pcap" > ./ff-ts-usec-pcap-stdin.txt 2> /dev/null
 	diff -u $FF_BASELINE ./ff-ts-usec-pcap-stdin.txt > $DIFF_OUT 2>&1
 	RETURNVALUE=$?
 	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
@ -49,7 +49,7 @@ ff_step_usec_pcap_stdin() {

 # Nanosecond pcap / stdin
 ff_step_nsec_pcap_stdin() {
-	$TSHARK $TS_ARGS -i - < dhcp-nanosecond.pcap > ./ff-ts-nsec-pcap-stdin.txt 2> /dev/null
+	$TSHARK $TS_FF_ARGS -i - < "${CAPTURE_DIR}dhcp-nanosecond.pcap" > ./ff-ts-nsec-pcap-stdin.txt 2> /dev/null
 	diff -u $FF_BASELINE ./ff-ts-nsec-pcap-stdin.txt > $DIFF_OUT 2>&1
 	RETURNVALUE=$?
 	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
@ -62,7 +62,7 @@ ff_step_nsec_pcap_stdin() {

 # Nanosecond pcap / direct
 ff_step_nsec_pcap_direct() {
-	$TSHARK $TS_ARGS -r dhcp-nanosecond.pcap > ./ff-ts-nsec-pcap-direct.txt 2> /dev/null
+	$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp-nanosecond.pcap" > ./ff-ts-nsec-pcap-direct.txt 2> /dev/null
 	diff -u $FF_BASELINE ./ff-ts-nsec-pcap-direct.txt > $DIFF_OUT 2>&1
 	RETURNVALUE=$?
 	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
@ -75,7 +75,7 @@ ff_step_nsec_pcap_direct() {

 # Microsecond pcap-ng / stdin
 ff_step_usec_pcapng_stdin() {
-	$TSHARK $TS_ARGS -i - < dhcp.pcapng > ./ff-ts-usec-pcapng-stdin.txt 2> /dev/null
+	$TSHARK $TS_FF_ARGS -i - < "${CAPTURE_DIR}dhcp.pcapng" > ./ff-ts-usec-pcapng-stdin.txt 2> /dev/null
 	diff -u $FF_BASELINE ./ff-ts-usec-pcapng-stdin.txt > $DIFF_OUT 2>&1
 	RETURNVALUE=$?
 	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
@ -88,7 +88,7 @@ ff_step_usec_pcapng_stdin() {

 # Microsecond pcap-ng / direct
 ff_step_usec_pcapng_direct() {
-	$TSHARK $TS_ARGS -r dhcp.pcapng > ./ff-ts-usec-pcapng-direct.txt 2> /dev/null
+	$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp.pcapng" > ./ff-ts-usec-pcapng-direct.txt 2> /dev/null
 	diff -u $FF_BASELINE ./ff-ts-usec-pcapng-direct.txt > $DIFF_OUT 2>&1
 	RETURNVALUE=$?
 	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
@ -101,7 +101,7 @@ ff_step_usec_pcapng_direct() {

 # Nanosecond pcap-ng / stdin
 ff_step_nsec_pcapng_stdin() {
-	$TSHARK $TS_ARGS -i - < dhcp-nanosecond.pcapng > ./ff-ts-nsec-pcapng-stdin.txt 2> /dev/null
+	$TSHARK $TS_FF_ARGS -i - < "${CAPTURE_DIR}dhcp-nanosecond.pcapng" > ./ff-ts-nsec-pcapng-stdin.txt 2> /dev/null
 	diff -u $FF_BASELINE ./ff-ts-nsec-pcapng-stdin.txt > $DIFF_OUT 2>&1
 	RETURNVALUE=$?
 	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
@ -114,7 +114,7 @@ ff_step_nsec_pcapng_stdin() {

 # Nanosecond pcap-ng / direct
 ff_step_nsec_pcapng_direct() {
-	$TSHARK $TS_ARGS -r dhcp-nanosecond.pcapng > ./ff-ts-nsec-pcapng-direct.txt 2> /dev/null
+	$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp-nanosecond.pcapng" > ./ff-ts-nsec-pcapng-direct.txt 2> /dev/null
 	diff -u $FF_BASELINE ./ff-ts-nsec-pcapng-direct.txt > $DIFF_OUT 2>&1
 	RETURNVALUE=$?
 	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
@ -143,7 +143,7 @@ ff_cleanup_step() {

 ff_prep_step() {
 	ff_cleanup_step
-	$TSHARK $TS_ARGS -r dhcp.pcap > $FF_BASELINE 2> /dev/null
+	$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp.pcap" > $FF_BASELINE 2> /dev/null
 }

 fileformats_suite() {
@ -153,3 +153,14 @@ fileformats_suite() {
 	#test_suite_add "Wireshark file format" wireshark_ff_suite
 	#test_suite_add "Editcap file format" editcap_ff_suite
 }
+
+# Editor modelines
+#
+# Local Variables:
+# sh-basic-offset: 8
+# tab-width: 8
+# indent-tabs-mode: t
+# End:
+#
+# ex: set shiftwidth=8 tabstop=8 noexpandtab:
+# :indentSize=8:tabSize=8:noTabs=false:
--- a/test/test-backend.sh
+++ b/test/test-backend.sh
@ -114,7 +114,7 @@ test_suite_run() {
 		fi
 		echo "### Test suite results ###"
 		echo -n -e $color_green
-		echo "Ok    : $TEST_OK"
+		echo "OK    : $TEST_OK"
 		echo -n -e $color_red
 		echo "Failed: $TEST_FAILED"
 		echo -n -e $color_yellow
@ -278,7 +278,7 @@ test_step_ok() {
 	echo -n -e $color_green

 	if [ $TEST_OUTPUT = "VERBOSE" ]; then
-		echo " Ok"
+		echo " OK"
 	else
 		echo -n .
 	fi
@ -336,9 +336,13 @@ test_step_output_print() {
 	done
 }

-## Emacs
-## Local Variables:
-## tab-width: 8
-## indent-tabs-mode: t
-## sh-basic-offset: 8
-## End:
+# Editor modelines
+#
+# Local Variables:
+# sh-basic-offset: 8
+# tab-width: 8
+# indent-tabs-mode: t
+# End:
+#
+# ex: set shiftwidth=8 tabstop=8 noexpandtab:
+# :indentSize=8:tabSize=8:noTabs=false:
--- a/test/test.sh
+++ b/test/test.sh
@ -49,8 +49,15 @@ if [ $PRINT_USAGE -ne 0 ] ; then
 Usage: $THIS [-c] [-h] [-s <suite>]
  -c: Disable color output
  -h: Print this message and exit
-  -s: Run a suite.  Must be one of: all, capture, clopts, io, or
+  -s: Run a suite.  Must be one of:
+      all
+      capture
+      clopts
+      decryption
+      fileformats
+      io
      prerequisites
+      unittests
 FIN
        exit 0
 fi
@ -63,6 +70,7 @@ source suite-io.sh
 source suite-capture.sh
 source suite-unittests.sh
 source suite-fileformats.sh
+source suite-decryption.sh


 #check prerequisites
@ -95,6 +103,7 @@ test_suite() {
 	test_suite_add "Capture" capture_suite
 	test_suite_add "Unit tests" unittests_suite
 	test_suite_add "File formats" fileformats_suite
+	test_suite_add "Decryption" decryption_suite
 }


@ -122,12 +131,21 @@ if [ -n "$RUN_SUITE" ] ; then
 	  "clopts")
 	    test_suite_run "Command line options" clopt_suite
            exit $? ;;
+	  "decryption")
+	    test_suite_run "Decryption" decryption_suite
+            exit $? ;;
+	  "fileformats")
+            test_suite_run "File formats" fileformats_suite
+            exit $? ;;
 	  "io")
 	    test_suite_run "File I/O" io_suite
            exit $? ;;
 	  "prerequisites")
            test_suite_run "Prerequisites" prerequisites_suite
            exit $? ;;
+	  "unittests")
+            test_suite_run "Unit tests" unittests_suite
+            exit $? ;;
        esac
 fi