forked from osmocom/wireshark
Add a decryption test suite along with an SSL decryption test. Move our
growing collection of capture files to a subdirectory. svn path=/trunk/; revision=41852
This commit is contained in:
parent
17ce01b48d
commit
1bf7a61ac0
Binary file not shown.
|
@ -28,8 +28,10 @@
|
|||
if [ -n "${OS#Windows}" ] ; then
|
||||
WS_SYSTEM="Windows"
|
||||
export CYGWIN="$CYGWIN error_start=c:\cygwin\bin\dumper.exe -d %1 %2"
|
||||
DIR_SEP="\\"
|
||||
else
|
||||
WS_SYSTEM=`uname -s`
|
||||
DIR_SEP="/"
|
||||
fi
|
||||
|
||||
|
||||
|
@ -83,6 +85,14 @@ fi
|
|||
# Tell Wireshark to quit after capuring packets.
|
||||
export WIRESHARK_QUIT_AFTER_CAPTURE="True"
|
||||
|
||||
CAPTURE_DIR="captures${DIR_SEP}"
|
||||
|
||||
# Configuration paths
|
||||
TEST_HOME="$PWD/fakehome"
|
||||
if [ "$WS_SYSTEM" == "Windows" ] ; then
|
||||
TEST_HOME="`cygpath -w $TEST_HOME`"
|
||||
fi
|
||||
|
||||
# Display our environment
|
||||
|
||||
##printf "\n ------- Info =-----------------\n"
|
||||
|
@ -92,3 +102,13 @@ export WIRESHARK_QUIT_AFTER_CAPTURE="True"
|
|||
##ls -l $(which wireshark) $(which tshark) $(which dumpcap)
|
||||
##printf " ----------------------------------\n\n"
|
||||
|
||||
# Editor modelines
|
||||
#
|
||||
# Local Variables:
|
||||
# sh-basic-offset: 8
|
||||
# tab-width: 8
|
||||
# indent-tabs-mode: t
|
||||
# End:
|
||||
#
|
||||
# ex: set shiftwidth=8 tabstop=8 noexpandtab:
|
||||
# :indentSize=8:tabSize=8:noTabs=false:
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIICWwIBAAKBgQCkblMUCt4s42BVmvJCpq9HEi8Xzvq63E5jVjS5unNLeEQ9xmxp
|
||||
pCWzYQKdCQQ/cj3YJ9OwWkV3tzbkJiPMEriu3qe2OoI8fCRZCviWQ4ujKTY/kX9d
|
||||
xyOUKX8Kzgq9jZsvGReq1Y7sZqI36z9XUzzyqrt5GUuQfqejmf6ETInwPQIDAQAB
|
||||
AoGAedqEWKsBIPTTtDziYYBTDnEsUxGA/685rCX7ZtQEkx4qPDlqqBMMGVW/8Q34
|
||||
hugrap+BIgSTzHcLB6I4DwiksUpR08x0hf0oxqqjMo0KykhZDfUUfxR85JHUrFZM
|
||||
GznurVhfSBXX4Il9Tgc/RPzD32FZ6gaz9sFumJh0LKKadeECQQDWOfP6+nIAvmyH
|
||||
aRINErBSlK+xv2mZ4jEKvROIQmrpyNyoOStYLG/DRPlEzAIA6oQnowGgS6gwaibg
|
||||
g7yVTgBpAkEAxH6dcwhIDRTILvtUdKSWB6vdhtXFGdebaU4cuUOW2kWwPpyIj4XN
|
||||
D+rezwfptmeOr34DCA/QKCI/BWkbFDG2tQJAVAH971nvAuOp46AMeBvwETJFg8qw
|
||||
Oqw81x02X6TMEEm4Xi+tE7K5UTXnGld2Ia3VjUWbCaUhm3rFLB39Af/IoQJAUn/G
|
||||
o5GKjtN26SLk5sRjqXzjWcVPJ/Z6bdA6Bx71q1cvFFqsi3XmDxTRz6LG4arBIbWK
|
||||
mEvrXa5jP2ZN1EC7MQJAYTfwPZ8/4x/USmA4vx9FKdADdDoZnA9ZSwezWaqa44My
|
||||
bJ0SY/WmNU+Z4ldVIkcevwwwcxqLF399hjrXWhzlBQ==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,108 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Test decryption capabilities of the Wireshark tools
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
# Wireshark - Network traffic analyzer
|
||||
# By Gerald Combs <gerald@wireshark.org>
|
||||
# Copyright 2005 Ulf Lamping
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License
|
||||
# as published by the Free Software Foundation; either version 2
|
||||
# of the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
#
|
||||
|
||||
|
||||
# common exit status values
|
||||
EXIT_OK=0
|
||||
EXIT_COMMAND_LINE=1
|
||||
EXIT_ERROR=2
|
||||
|
||||
UAT_FILES="
|
||||
ssl_keys
|
||||
"
|
||||
|
||||
TEST_KEYS_DIR="$PWD/keys/"
|
||||
if [ "$WS_SYSTEM" == "Windows" ] ; then
|
||||
TEST_KEYS_DIR="`cygpath -w $TEST_KEYS_DIR`"
|
||||
fi
|
||||
|
||||
#TS_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
|
||||
TS_DC_ARGS=""
|
||||
TS_DC_ENV="HOME=${TEST_HOME}"
|
||||
|
||||
DIFF_OUT=./diff-output.txt
|
||||
|
||||
# We create UATs in the source directory. Add a unique ID so we can avoid
|
||||
# deleting files we shouldn't.
|
||||
DC_ID="suite-decryption.sh-$$"
|
||||
|
||||
# SSL
|
||||
decryption_step_ssl() {
|
||||
env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri -r captures/rsasnakeoil2.cap -R http | grep favicon.ico > /dev/null 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
test_step_failed "Failed to decrypt SSL"
|
||||
return
|
||||
fi
|
||||
test_step_ok
|
||||
}
|
||||
|
||||
|
||||
tshark_decryption_suite() {
|
||||
# Microsecond pcap direct read is used as the baseline.
|
||||
test_step_add "SSL Decryption" decryption_step_ssl
|
||||
}
|
||||
|
||||
decryption_cleanup_step() {
|
||||
for UAT in $UAT_FILES ; do
|
||||
grep $DC_ID ../$UAT > /dev/null 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
rm -f ../$UAT
|
||||
fi
|
||||
done
|
||||
rm -rf fakehome
|
||||
}
|
||||
|
||||
decryption_prep_step() {
|
||||
decryption_cleanup_step
|
||||
mkdir fakehome
|
||||
|
||||
for UAT in $UAT_FILES ; do
|
||||
if [ -f ../$UAT ] ; then
|
||||
test_remark_add "../$UAT exists. One or more tests may fail."
|
||||
else
|
||||
echo "# Created by $DC_ID" > ../$UAT
|
||||
sed -e "s:%test_keys_dir%:${TEST_KEYS_DIR}:" < ./config/$UAT.tmpl >> ../$UAT
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
decryption_suite() {
|
||||
test_step_set_pre decryption_prep_step
|
||||
test_step_set_post decryption_cleanup_step
|
||||
test_suite_add "TShark decryption" tshark_decryption_suite
|
||||
}
|
||||
|
||||
# Editor modelines
|
||||
#
|
||||
# Local Variables:
|
||||
# sh-basic-offset: 8
|
||||
# tab-width: 8
|
||||
# indent-tabs-mode: t
|
||||
# End:
|
||||
#
|
||||
# ex: set shiftwidth=8 tabstop=8 noexpandtab:
|
||||
# :indentSize=8:tabSize=8:noTabs=false:
|
|
@ -29,14 +29,14 @@ EXIT_OK=0
|
|||
EXIT_COMMAND_LINE=1
|
||||
EXIT_ERROR=2
|
||||
|
||||
TS_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
|
||||
TS_FF_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
|
||||
|
||||
FF_BASELINE=./ff-ts-usec-pcap-direct.txt
|
||||
DIFF_OUT=./diff-output.txt
|
||||
|
||||
# Microsecond pcap / stdin
|
||||
ff_step_usec_pcap_stdin() {
|
||||
$TSHARK $TS_ARGS -i - < dhcp.pcap > ./ff-ts-usec-pcap-stdin.txt 2> /dev/null
|
||||
$TSHARK $TS_FF_ARGS -i - < "${CAPTURE_DIR}dhcp.pcap" > ./ff-ts-usec-pcap-stdin.txt 2> /dev/null
|
||||
diff -u $FF_BASELINE ./ff-ts-usec-pcap-stdin.txt > $DIFF_OUT 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
|
@ -49,7 +49,7 @@ ff_step_usec_pcap_stdin() {
|
|||
|
||||
# Nanosecond pcap / stdin
|
||||
ff_step_nsec_pcap_stdin() {
|
||||
$TSHARK $TS_ARGS -i - < dhcp-nanosecond.pcap > ./ff-ts-nsec-pcap-stdin.txt 2> /dev/null
|
||||
$TSHARK $TS_FF_ARGS -i - < "${CAPTURE_DIR}dhcp-nanosecond.pcap" > ./ff-ts-nsec-pcap-stdin.txt 2> /dev/null
|
||||
diff -u $FF_BASELINE ./ff-ts-nsec-pcap-stdin.txt > $DIFF_OUT 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
|
@ -62,7 +62,7 @@ ff_step_nsec_pcap_stdin() {
|
|||
|
||||
# Nanosecond pcap / direct
|
||||
ff_step_nsec_pcap_direct() {
|
||||
$TSHARK $TS_ARGS -r dhcp-nanosecond.pcap > ./ff-ts-nsec-pcap-direct.txt 2> /dev/null
|
||||
$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp-nanosecond.pcap" > ./ff-ts-nsec-pcap-direct.txt 2> /dev/null
|
||||
diff -u $FF_BASELINE ./ff-ts-nsec-pcap-direct.txt > $DIFF_OUT 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
|
@ -75,7 +75,7 @@ ff_step_nsec_pcap_direct() {
|
|||
|
||||
# Microsecond pcap-ng / stdin
|
||||
ff_step_usec_pcapng_stdin() {
|
||||
$TSHARK $TS_ARGS -i - < dhcp.pcapng > ./ff-ts-usec-pcapng-stdin.txt 2> /dev/null
|
||||
$TSHARK $TS_FF_ARGS -i - < "${CAPTURE_DIR}dhcp.pcapng" > ./ff-ts-usec-pcapng-stdin.txt 2> /dev/null
|
||||
diff -u $FF_BASELINE ./ff-ts-usec-pcapng-stdin.txt > $DIFF_OUT 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
|
@ -88,7 +88,7 @@ ff_step_usec_pcapng_stdin() {
|
|||
|
||||
# Microsecond pcap-ng / direct
|
||||
ff_step_usec_pcapng_direct() {
|
||||
$TSHARK $TS_ARGS -r dhcp.pcapng > ./ff-ts-usec-pcapng-direct.txt 2> /dev/null
|
||||
$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp.pcapng" > ./ff-ts-usec-pcapng-direct.txt 2> /dev/null
|
||||
diff -u $FF_BASELINE ./ff-ts-usec-pcapng-direct.txt > $DIFF_OUT 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
|
@ -101,7 +101,7 @@ ff_step_usec_pcapng_direct() {
|
|||
|
||||
# Nanosecond pcap-ng / stdin
|
||||
ff_step_nsec_pcapng_stdin() {
|
||||
$TSHARK $TS_ARGS -i - < dhcp-nanosecond.pcapng > ./ff-ts-nsec-pcapng-stdin.txt 2> /dev/null
|
||||
$TSHARK $TS_FF_ARGS -i - < "${CAPTURE_DIR}dhcp-nanosecond.pcapng" > ./ff-ts-nsec-pcapng-stdin.txt 2> /dev/null
|
||||
diff -u $FF_BASELINE ./ff-ts-nsec-pcapng-stdin.txt > $DIFF_OUT 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
|
@ -114,7 +114,7 @@ ff_step_nsec_pcapng_stdin() {
|
|||
|
||||
# Nanosecond pcap-ng / direct
|
||||
ff_step_nsec_pcapng_direct() {
|
||||
$TSHARK $TS_ARGS -r dhcp-nanosecond.pcapng > ./ff-ts-nsec-pcapng-direct.txt 2> /dev/null
|
||||
$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp-nanosecond.pcapng" > ./ff-ts-nsec-pcapng-direct.txt 2> /dev/null
|
||||
diff -u $FF_BASELINE ./ff-ts-nsec-pcapng-direct.txt > $DIFF_OUT 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
|
@ -143,7 +143,7 @@ ff_cleanup_step() {
|
|||
|
||||
ff_prep_step() {
|
||||
ff_cleanup_step
|
||||
$TSHARK $TS_ARGS -r dhcp.pcap > $FF_BASELINE 2> /dev/null
|
||||
$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp.pcap" > $FF_BASELINE 2> /dev/null
|
||||
}
|
||||
|
||||
fileformats_suite() {
|
||||
|
@ -153,3 +153,14 @@ fileformats_suite() {
|
|||
#test_suite_add "Wireshark file format" wireshark_ff_suite
|
||||
#test_suite_add "Editcap file format" editcap_ff_suite
|
||||
}
|
||||
|
||||
# Editor modelines
|
||||
#
|
||||
# Local Variables:
|
||||
# sh-basic-offset: 8
|
||||
# tab-width: 8
|
||||
# indent-tabs-mode: t
|
||||
# End:
|
||||
#
|
||||
# ex: set shiftwidth=8 tabstop=8 noexpandtab:
|
||||
# :indentSize=8:tabSize=8:noTabs=false:
|
||||
|
|
|
@ -114,7 +114,7 @@ test_suite_run() {
|
|||
fi
|
||||
echo "### Test suite results ###"
|
||||
echo -n -e $color_green
|
||||
echo "Ok : $TEST_OK"
|
||||
echo "OK : $TEST_OK"
|
||||
echo -n -e $color_red
|
||||
echo "Failed: $TEST_FAILED"
|
||||
echo -n -e $color_yellow
|
||||
|
@ -278,7 +278,7 @@ test_step_ok() {
|
|||
echo -n -e $color_green
|
||||
|
||||
if [ $TEST_OUTPUT = "VERBOSE" ]; then
|
||||
echo " Ok"
|
||||
echo " OK"
|
||||
else
|
||||
echo -n .
|
||||
fi
|
||||
|
@ -336,9 +336,13 @@ test_step_output_print() {
|
|||
done
|
||||
}
|
||||
|
||||
## Emacs
|
||||
## Local Variables:
|
||||
## tab-width: 8
|
||||
## indent-tabs-mode: t
|
||||
## sh-basic-offset: 8
|
||||
## End:
|
||||
# Editor modelines
|
||||
#
|
||||
# Local Variables:
|
||||
# sh-basic-offset: 8
|
||||
# tab-width: 8
|
||||
# indent-tabs-mode: t
|
||||
# End:
|
||||
#
|
||||
# ex: set shiftwidth=8 tabstop=8 noexpandtab:
|
||||
# :indentSize=8:tabSize=8:noTabs=false:
|
||||
|
|
20
test/test.sh
20
test/test.sh
|
@ -49,8 +49,15 @@ if [ $PRINT_USAGE -ne 0 ] ; then
|
|||
Usage: $THIS [-c] [-h] [-s <suite>]
|
||||
-c: Disable color output
|
||||
-h: Print this message and exit
|
||||
-s: Run a suite. Must be one of: all, capture, clopts, io, or
|
||||
-s: Run a suite. Must be one of:
|
||||
all
|
||||
capture
|
||||
clopts
|
||||
decryption
|
||||
fileformats
|
||||
io
|
||||
prerequisites
|
||||
unittests
|
||||
FIN
|
||||
exit 0
|
||||
fi
|
||||
|
@ -63,6 +70,7 @@ source suite-io.sh
|
|||
source suite-capture.sh
|
||||
source suite-unittests.sh
|
||||
source suite-fileformats.sh
|
||||
source suite-decryption.sh
|
||||
|
||||
|
||||
#check prerequisites
|
||||
|
@ -95,6 +103,7 @@ test_suite() {
|
|||
test_suite_add "Capture" capture_suite
|
||||
test_suite_add "Unit tests" unittests_suite
|
||||
test_suite_add "File formats" fileformats_suite
|
||||
test_suite_add "Decryption" decryption_suite
|
||||
}
|
||||
|
||||
|
||||
|
@ -122,12 +131,21 @@ if [ -n "$RUN_SUITE" ] ; then
|
|||
"clopts")
|
||||
test_suite_run "Command line options" clopt_suite
|
||||
exit $? ;;
|
||||
"decryption")
|
||||
test_suite_run "Decryption" decryption_suite
|
||||
exit $? ;;
|
||||
"fileformats")
|
||||
test_suite_run "File formats" fileformats_suite
|
||||
exit $? ;;
|
||||
"io")
|
||||
test_suite_run "File I/O" io_suite
|
||||
exit $? ;;
|
||||
"prerequisites")
|
||||
test_suite_run "Prerequisites" prerequisites_suite
|
||||
exit $? ;;
|
||||
"unittests")
|
||||
test_suite_run "Unit tests" unittests_suite
|
||||
exit $? ;;
|
||||
esac
|
||||
fi
|
||||
|
||||
|
|
Loading…
Reference in New Issue