osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

Test: Remove the Bash test scripts. 

They've been replaced by the Python scripts.

Change-Id: I8add9c9ea0a6bdd68b2fa3841977863c0ea9a761
Reviewed-on: https://code.wireshark.org/review/27243
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Gerald Combs 2018-05-01 15:49:11 -07:00 committed by Anders Broman
parent cd94b1cb8e
commit 58da452d22
19 changed files with 6 additions and 4351 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
CMakeLists.txt
View File

@ -3134,29 +3134,8 @@ if (DOXYGEN_EXECUTABLE)
)
endif(DOXYGEN_EXECUTABLE)
# Old test suite wrapper
if(ENABLE_APPLICATION_BUNDLE)
set(TEST_SH_BIN_DIR ${CMAKE_BINARY_DIR}/run)
else()
set(TEST_SH_BIN_DIR $<TARGET_FILE_DIR:epan>)
endif()
add_custom_target(test-sh
COMMAND ${CMAKE_COMMAND}
-DCMAKE_MODULE_PATH=${CMAKE_MODULE_PATH}
-DTEST_SH_BIN_DIR=${TEST_SH_BIN_DIR}
-DTEST_SH_SRC_DIR=${CMAKE_SOURCE_DIR}/test
-P ${CMAKE_SOURCE_DIR}/cmake/modules/GenerateTestSh.cmake
DEPENDS ${CMAKE_SOURCE_DIR}/cmake/modules/GenerateTestSh.cmake
)
set_target_properties(test-sh PROPERTIES
FOLDER "Tests"
EXCLUDE_FROM_DEFAULT_BUILD True
)
add_custom_target(test-programs
DEPENDS test-sh
exntest
DEPENDS exntest
oids_test
reassemble_test
tvbtest

41
cmake/modules/GenerateTestSh.cmake
View File

@ -1,41 +0,0 @@
# Generate a wrapper for test.sh.
set(TEST_SH_OUTPUT ${TEST_SH_BIN_DIR}/test.sh)
if(WIN32)
INCLUDE(FindCygwin)
FIND_PROGRAM(CYGPATH_EXECUTABLE
NAMES cygpath
PATHS ${CYGWIN_INSTALL_PATH}/bin
)
if (NOT "${CYGPATH_EXECUTABLE}" STREQUAL "CYGPATH_EXECUTABLE-NOTFOUND")
execute_process(
COMMAND ${CYGPATH_EXECUTABLE} -u ${TEST_SH_BIN_DIR}
OUTPUT_VARIABLE _cygwin_path
)
string(STRIP "${_cygwin_path}" _cygwin_path)
set(TEST_SH_BIN_DIR ${_cygwin_path})
execute_process(
COMMAND ${CYGPATH_EXECUTABLE} -u ${TEST_SH_SRC_DIR}
OUTPUT_VARIABLE _cygwin_path
)
string(STRIP "${_cygwin_path}" _cygwin_path)
set(TEST_SH_SRC_DIR ${_cygwin_path})
endif()
endif()
set(TEST_SH_EXEC ${TEST_SH_SRC_DIR}/test.sh)
file(WRITE ${TEST_SH_OUTPUT} "#!/bin/sh\n")
if(WIN32)
file(APPEND ${TEST_SH_OUTPUT} "(set -o igncr) 2>/dev/null && set -o igncr; # comment is needed\n")
endif()
file(APPEND ${TEST_SH_OUTPUT} "# Exec wrapper for ${TEST_SH_EXEC}\n")
file(APPEND ${TEST_SH_OUTPUT} "WS_BIN_PATH=${TEST_SH_BIN_DIR}\n")
file(APPEND ${TEST_SH_OUTPUT} "export WS_BIN_PATH\n")
file(APPEND ${TEST_SH_OUTPUT} "cd ${TEST_SH_SRC_DIR}\n")
file(APPEND ${TEST_SH_OUTPUT} "exec ${TEST_SH_EXEC} \"$@\"\n")
execute_process(COMMAND chmod a+x ${TEST_SH_OUTPUT})
message(STATUS "Generated ${TEST_SH_OUTPUT}")

2
doc/README.wmem
View File

@ -344,7 +344,7 @@ There is a simple test suite for wmem that lives in the file wmem_test.c and
should get automatically built into the binary 'wmem_test' when building
Wireshark. It contains at least basic tests for all existing functionality.
The suite is run automatically by the build-bots via the shell script
test/test.sh which calls out to test/suite-unittests.sh.
test/test.py which calls out to test/suite_unittests.py.
New features added to wmem (allocators, data structures, utility
functions, etc.) MUST also have tests added to this suite.

6
test/README.test
View File

@ -3,13 +3,15 @@ Wireshark Tests
The main testing script is `test.py`. It will attempt to test as much as
possible by default, including packet capture. This means that you will
probably either have to supply a capture interface (`--capture-interface
<interface>`) or disable capture tests (`--disable-capture`).
<interface>`) or disable capture tests (`--disable-capture`). You must
also build the test-programs target in order for the unittests suite to
pass.
To run all tests from CMake do the following:
- Pass `-DTEST_EXTRA_ARGS=--disable-capture` or
`-DTEST_EXTRA_ARGS=--capture-interface=<interface>`
as needed for your system.
- Build the “test” target or run ctest, e.g. `ctest --jobs=4 --verbose`.
- Build the “test” target or run ctest, e.g. `ctest --force-new-ctest-process -j 4 --verbose`.
To run all tests directly, run `test.py -p
/path/to/wireshark-build/run-directory <capture args>`.

140
test/config.sh
View File

@ -1,140 +0,0 @@
#!/bin/bash
#
# Configuration of the command line tests
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# The files we want to test are in the build directory.
WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1
export WIRESHARK_RUN_FROM_BUILD_DIRECTORY
# Set WS_SYSTEM to our system type, e.g. Windows, Linux, Darwin
# http://support.microsoft.com/kb/100843
if [ -n "${OS#Windows}" ] ; then
WS_SYSTEM="Windows"
export CYGWIN="$CYGWIN error_start=c:\cygwin\bin\dumper.exe -d %1 %2"
else
WS_SYSTEM=`uname -s`
fi
#
#
ENDIANNESS="little"
echo -n I | od -to2 | awk '{ lastbit = substr($2,6,1); exit lastbit }'
if [ $? -eq 0 ] ; then
ENDIANNESS="big"
fi
# Absolute path to the source tree
SOURCE_DIR="$(cd "$(dirname "$0")" && cd .. && pwd)"
# Absolute path to this test directory (for capture and config files)
TESTS_DIR="$SOURCE_DIR/test"
# Are we allowed to open interfaces or capture on this system?
SKIP_CAPTURE=${SKIP_CAPTURE:-1}
# Override the last two items if we're running Windows
if [ "$WS_SYSTEM" = "Windows" ] ; then
SKIP_CAPTURE=0
fi
# Path to the Wireshark binaries, default to source dir if unset
WS_BIN_PATH=${WS_BIN_PATH:-$SOURCE_DIR}
# Tweak the following to your liking.
WIRESHARK=$WS_BIN_PATH/wireshark
TSHARK=$WS_BIN_PATH/tshark
RAWSHARK=$WS_BIN_PATH/rawshark
CAPINFOS=$WS_BIN_PATH/capinfos
MERGECAP=$WS_BIN_PATH/mergecap
TEXT2PCAP=$WS_BIN_PATH/text2pcap
DUMPCAP=$WS_BIN_PATH/dumpcap
# interface with at least a few packets/sec traffic on it
# (e.g. start a web radio to generate some traffic :-)
# an interfaces index (1 based) should do well for recent devbuilds
if [ "$WS_SYSTEM" = "Windows" -a -z "$TRAFFIC_CAPTURE_IFACE" ] ; then
# Try to fetch the first Ethernet interface.
TRAFFIC_CAPTURE_IFACE=`$TSHARK -D 2>&1 | \
egrep 'Ethernet|Network Connection|VMware|Intel|Realtek' | \
head -1 | cut -c 1`
fi
TRAFFIC_CAPTURE_IFACE=${TRAFFIC_CAPTURE_IFACE:-1}
# time to capture some traffic (in seconds)
# (you may increase this if you get errors caused by very low traffic)
TRAFFIC_CAPTURE_DURATION=10
# the default is to not capture in promiscuous mode
# (this makes known trouble with some Windows WLAN adapters)
# if you need promiscuous mode, comment this line out
TRAFFIC_CAPTURE_PROMISC=-p
# only test capturing from a fifo if we're not on Windows
# and we have a mkfifo. (Windows cygwin has a mkfifo but
# Windows dumpcap & etc use Windows named pipes which
# are different than the cygwin named pipes).
#
if [ "$WS_SYSTEM" != "Windows" ] && which mkfifo &>/dev/null ; then
TEST_FIFO=1
fi
# Tell Wireshark to quit after capuring packets.
export WIRESHARK_QUIT_AFTER_CAPTURE="True"
CAPTURE_DIR="$TESTS_DIR/captures/"
TSHARK_VERSION=$($TSHARK -v | tr '\n' ' ')
# Figure out if we were built with lua or not so we can skip the lua tests if we
# don't have it.
echo "$TSHARK_VERSION" | grep -q "with Lua"
HAVE_LUA=$?
# Check whether we need to skip the HTTP2/HPACK decryption test.
echo "$TSHARK_VERSION" | grep -q "with nghttp2"
HAVE_NGHTTP2=$?
# Check whether we need to skip a certain decryption test.
# XXX What do we print for Nettle?
echo "$TSHARK_VERSION" | egrep -q "with MIT Kerberos|with Heimdal Kerberos"
HAVE_KERBEROS=$?
# first version is "compiled with", second is "running on" version.
GCRY_VERSION=$(echo "$TSHARK_VERSION" | grep -oE 'Gcrypt [1-9]+(\.[1-9]+)?' | sed -n '1s/Gcrypt //p')
if [ -n "$GCRY_VERSION" ] && ! echo "$GCRY_VERSION" | grep -q '1\.[456]'; then
# Current minimum Gcrypt version is 1.4.2,
# assume 1.7 or newer if not 1,4, 1.5 or 1.6.
HAVE_LIBGCRYPT17=true
else
HAVE_LIBGCRYPT17=false
fi
HAVE_ICONV="False"
hash iconv 2>/dev/null && HAVE_ICONV="True"
# Display our environment
##printf "\n ------- Info =-----------------\n"
##printf "Syms :$WS_SYSTEM: :$TRAFFIC_CAPTURE_IFACE: :$SKIP_CAPTURE: :$TEST_FIFO:\n"
##
##ls -l $WIRESHARK $TSHARK $DUMPCAP
##ls -l $(which wireshark) $(which tshark) $(which dumpcap)
##printf " ----------------------------------\n\n"
# Editor modelines
#
# Local Variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# ex: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:

99
test/run_and_catch_crashes
View File

@ -1,99 +0,0 @@
#! /bin/sh
#
# Run command in a way that catches crashes
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2015 Gerald Combs
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# Run the command we're passed in a subshell, so that said subshell will
# catch any signals from it and report it.
#
# This must be done for commands that aren't the last command in the
# pipeline, as, given that the exit status of a pipeline is the exit
# status of the last command in the pipeline, there's no guarantee that
# the shell will bother to pick up the exit status of earlier commands
# in the pipeline.
#
# It can also be done for other tests, to get more information than
# "it crashed due to signal XXX" if the tests fail with a crash signal.
#
# XXX - on macOS, core dumps are in /cores/core.{PID}; would they appear
# elsewhere on any other UN*X?
#
rm -f core
"$@"
exitstatus=$?
if [ -r core ]
then
#
# Core dumped - try to get a stack trace.
#
# First, find the executable. Skip past env and any env
# arguments to find the actual executable path. (If you
# run a program with an explicit path, and it dumps core,
# at least on Solaris the output of "file" on the core dump
# will not give the path, so we don't use that.)
#
if [ "$1" = "env" ]
then
#
# Skip past the env command name.
#
shift
#
# Skip past environment-variable arguments; anything
# with an "=" in it is an environment-variable argument.
#
while expr "$1" : ".*=.*" >/dev/null 2>&1
do
shift
done
echo last expr command was expr "$1" : ".*=.*"
fi
if [ -x "$1" ]
then
executable="$1"
else
executable=`which "$1"`
fi
if [ ! -z "$executable" ]
then
#
# Found the executable.
# Now, look for a debugger.
# XXX - lldb?
#
dbx=`which dbx`
if [ ! -z "$dbx" ]
then
#
# Found dbx. Run it to get a stack trace;
# cause the stack trace to go to the standard
# error.
#
dbx "$executable" core 1>&2 <<EOF
where
quit
EOF
else
gdb=`which gdb`
if [ ! -z "$gdb" ]
then
#
# Found gdb. Run it to get a stack trace;
# cause the stack trace to go to the standard
# error.
#
gdb "$executable" core 1>&2 <<EOF
backtrace
quit
EOF
fi
fi
fi
fi
exit $exitstatus

503
test/suite-capture.sh
View File

@ -1,503 +0,0 @@
#!/bin/bash
#
# Test the capture engine of the Wireshark tools
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# common exit status values
EXIT_OK=0
EXIT_COMMAND_LINE=1
EXIT_ERROR=2
WIRESHARK_CMD="$WIRESHARK -o gui.update.enabled:FALSE -k"
PING_PID=
capture_test_output_print() {
wait
for f in "$@"; do
if [[ -f "$f" ]]; then
printf " --> $f\n"
cat "$f"
printf "\n"
fi
done
}
capture_test_output_capinfos() {
wait
for f in "$@"; do
if [[ -f "$f" ]]; then
$CAPINFOS "$f"
else
printf "$f not found.\n"
fi
done
}
traffic_gen_ping() {
# Generate some traffic for quiet networks.
# The following will run in the background and return immediately
{
date
for sweep_size in {1..240} # try to number the packets
do
# How does ping _not_ have a standard set of arguments?
case $WS_SYSTEM in
Windows)
ping -n 1 -l $sweep_size www.wireshark.org ;;
SunOS)
/usr/sbin/ping www.wireshark.org $sweep_size 1 ;;
*) # *BSD, Linux
ping -c 1 -s $sweep_size www.wireshark.org ;;
esac
sleep 0.25 # 240 * 0.25 = 60-ish seconds
done
date
} > ./testout_ping.txt 2>&1 &
PING_PID=$!
}
ping_cleanup() {
if [ -n "$PING_PID" ] ; then
kill $PING_PID
PING_PID=
fi
wait 2> /dev/null
rm -f ./testout_ping.txt
}
# capture exactly 10 packets
capture_step_10packets() {
if [ $SKIP_CAPTURE -ne 0 ] ; then
test_step_skipped
return
fi
traffic_gen_ping
date > ./testout.txt
$DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
-w ./testout.pcap \
-c 10 \
-a duration:$TRAFFIC_CAPTURE_DURATION \
-f "icmp || icmp6" \
>> ./testout.txt 2>&1
RETURNVALUE=$?
date >> ./testout.txt
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
capture_test_output_print ./testout.txt
# part of the Prerequisite checks
# wrong interface ? output the possible interfaces
$TSHARK -D
test_step_failed "exit status of $DUT: $RETURNVALUE"
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
capture_test_output_print ./testout.txt
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 10 packets?
$CAPINFOS ./testout.pcap > ./testout2.txt
grep -Ei 'Number of packets:[[:blank:]]+10' ./testout2.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
$TSHARK -ta -r ./testout.pcap >> ./testout2.txt
capture_test_output_print ./testout_ping.txt ./testout.txt ./testout2.txt
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
# capture exactly 10 packets using "-w -" (piping to stdout)
capture_step_10packets_stdout() {
if [ $SKIP_CAPTURE -ne 0 ] ; then
test_step_skipped
return
fi
traffic_gen_ping
date > ./testout.txt
$DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
-c 10 \
-a duration:$TRAFFIC_CAPTURE_DURATION \
-w - \
-f "icmp || icmp6" \
> ./testout.pcap 2>>./testout.txt
RETURNVALUE=$?
date >> ./testout.txt
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
capture_test_output_print ./testout.txt
$TSHARK -D
test_step_failed "exit status of $DUT: $RETURNVALUE"
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 10 packets?
$CAPINFOS ./testout.pcap > ./testout2.txt 2>&1
grep -Ei 'Number of packets:[[:blank:]]+10' ./testout2.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
capture_test_output_print ./testout.txt ./testout2.txt
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
# capture packets via a fifo
capture_step_fifo() {
mkfifo 'fifo'
(cat "${CAPTURE_DIR}dhcp.pcap"; sleep 1; tail -c +25 "${CAPTURE_DIR}dhcp.pcap") > fifo &
$DUT -i fifo $TRAFFIC_CAPTURE_PROMISC \
-w ./testout.pcap \
-a duration:$TRAFFIC_CAPTURE_DURATION \
> ./testout.txt 2>&1
RETURNVALUE=$?
rm 'fifo'
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
capture_test_output_print ./testout.txt
test_step_failed "exit status of $DUT: $RETURNVALUE"
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 8 packets?
$CAPINFOS ./testout.pcap > ./testout.txt
grep -Ei 'Number of packets:[[:blank:]]+8' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
capture_test_output_print ./testout.txt
test_step_failed "No or not enough traffic captured."
fi
}
# capture packets via a fifo
capture_step_stdin() {
CONSOLE_LOG_ARGS=""
if [[ "$DUT" == "$WIRESHARK_CMD" && "$WS_SYSTEM" == "Windows" ]] ; then
CONSOLE_LOG_ARGS="-o console.log.level:127"
fi
(cat "${CAPTURE_DIR}dhcp.pcap"; sleep 1; tail -c +25 "${CAPTURE_DIR}dhcp.pcap") | \
$DUT -i - $TRAFFIC_CAPTURE_PROMISC \
-w ./testout.pcap \
-a duration:$TRAFFIC_CAPTURE_DURATION \
$CONSOLE_LOG_ARGS \
> ./testout.txt 2> ./testerr.txt
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
capture_test_output_print ./testout.txt ./testerr.txt ./dumpcap_debug_log.tmp
capture_test_output_capinfos ./testout.pcap
test_step_failed "Exit status of $DUT: $RETURNVALUE"
return
fi
if [ -n "$CONSOLE_LOG_ARGS" ] ; then
grep "Wireshark is up and ready to go" ./testout.txt > /dev/null 2>&1
if [ $? -ne 0 ]; then
test_step_failed "No startup message!"
fi
grep "Capture started" ./testerr.txt > /dev/null 2>&1
if [ $? -ne 0 ]; then
test_step_failed "No capture started message!"
fi
grep "Capture stopped" ./testerr.txt > /dev/null 2>&1
if [ $? -ne 0 ]; then
test_step_failed "No capture stopped message!"
fi
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 8 packets?
$CAPINFOS ./testout.pcap > ./testout.txt
grep -Ei 'Number of packets:[[:blank:]]+8' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
capture_test_output_print ./testout.txt
test_step_failed "No or not enough traffic captured."
fi
}
# capture exactly 2 times 10 packets (multiple files)
capture_step_2multi_10packets() {
if [ $SKIP_CAPTURE -ne 0 ] ; then
test_step_skipped
return
fi
traffic_gen_ping
date > ./testout.txt
$DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
-w ./testout.pcap \
-c 10 \
-a duration:$TRAFFIC_CAPTURE_DURATION \
-f "icmp || icmp6" \
>> ./testout.txt 2>&1
RETURNVALUE=$?
date >> ./testout.txt
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
capture_test_output_print ./testout.txt
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TSHARK -D
test_step_failed "exit status of $DUT: $RETURNVALUE"
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 10 packets?
$CAPINFOS ./testout.pcap > ./testout.txt
grep -Ei 'Number of packets:[[:blank:]]+10' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
capture_test_output_print ./testout.txt
test_step_failed "Probably the wrong interface (no traffic captured)!"
fi
}
# capture with a very unlikely read filter, packets must be zero afterwards
capture_step_read_filter() {
if [ $SKIP_CAPTURE -ne 0 ] ; then
test_step_skipped
return
fi
traffic_gen_ping
# valid, but very unlikely filter
date > ./testout.txt
$DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
-w ./testout.pcap \
-a duration:$TRAFFIC_CAPTURE_DURATION \
-2 -R 'dcerpc.cn_call_id==123456' \
-c 10 \
-f "icmp || icmp6" \
>> ./testout.txt 2>&1
RETURNVALUE=$?
date >> ./testout.txt
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
capture_test_output_print ./testout.txt
# part of the Prerequisite checks
# wrong interface ? output the possible interfaces
$TSHARK -D
test_step_failed "exit status: $RETURNVALUE"
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 0 packets?
$CAPINFOS ./testout.pcap > ./testout.txt
grep -Ei 'Number of packets:[[:blank:]]+0' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
capture_test_output_print ./testout.txt
test_step_failed "Capture file should contain zero packets!"
fi
}
# capture with a snapshot length
capture_step_snapshot() {
if [ $SKIP_CAPTURE -ne 0 ] ; then
test_step_skipped
return
fi
traffic_gen_ping
# capture with a snapshot length of 68 bytes for $TRAFFIC_CAPTURE_DURATION seconds
# this should result in no packets greater than 68 bytes
date > ./testout.txt
$DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
-w ./testout.pcap \
-s 68 \
-a duration:$TRAFFIC_CAPTURE_DURATION \
-f "icmp || icmp6" \
>> ./testout.txt 2>&1
RETURNVALUE=$?
date >> ./testout.txt
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
capture_test_output_print ./testout.txt
# part of the Prerequisite checks
# wrong interface ? output the possible interfaces
$TSHARK -D
test_step_failed "exit status: $RETURNVALUE"
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# use tshark to filter out all packets, which are larger than 68 bytes
$TSHARK -r ./testout.pcap -w ./testout2.pcap -Y 'frame.cap_len>68' > ./testout.txt 2>&1
if [ $? -ne 0 ]; then
echo
capture_test_output_print ./testout.txt
test_step_failed "Problem running TShark!"
return
fi
# ok, we got a capture file, does it contain exactly 0 packets?
$CAPINFOS ./testout2.pcap > ./testout.txt
grep -Ei 'Number of packets:[[:blank:]]+0' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
capture_test_output_print ./testout.txt
test_step_failed "Capture file should contain zero packets!"
return
fi
}
wireshark_capture_suite() {
# k: start capture immediately
# WIRESHARK_QUIT_AFTER_CAPTURE needs to be set.
#
# NOTE: This may not do the right thing if we use toolkits
# that use Wayland or Mir directly, unless they also depend
# on the DISPLAY environment variable.
#
#if [[ $WS_SYSTEM != Windows && $WS_SYSTEM != Darwin ]] && [ -z "$DISPLAY" ]; then
# Qt requires XKEYBOARD and Xrender, which our buildbots don't provide
if [[ $WS_SYSTEM != "Windows" && $WS_SYSTEM != "Darwin" ]]; then
echo -n " (assuming Xvnc, which doesn't support Xrender)"
test_step_skipped
return
fi
DUT="$WIRESHARK_CMD"
test_step_add "Capture 10 packets" capture_step_10packets
# piping to stdout doesn't work with Wireshark and capturing!
#test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
if [ $TEST_FIFO ]; then
test_step_add "Capture via fifo" capture_step_fifo
fi
test_step_add "Capture via stdin" capture_step_stdin
# read filter doesn't work with Wireshark and capturing!
#test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
}
tshark_capture_suite() {
DUT=$TSHARK
test_step_add "Capture 10 packets" capture_step_10packets
test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
if [ $TEST_FIFO ]; then
test_step_add "Capture via fifo" capture_step_fifo
fi
test_step_add "Capture via stdin" capture_step_stdin
# tshark now using dumpcap for capturing, read filters won't work by definition
#test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
}
dumpcap_capture_suite() {
#DUT="$DUMPCAP -Q"
DUT=$DUMPCAP
test_step_add "Capture 10 packets" capture_step_10packets
test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
if [ $TEST_FIFO ]; then
test_step_add "Capture via fifo" capture_step_fifo
fi
test_step_add "Capture via stdin" capture_step_stdin
# read (display) filters intentionally doesn't work with dumpcap!
#test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
}
capture_cleanup_step() {
ping_cleanup
rm -f ./testout.txt
rm -f ./testerr.txt
rm -f ./testout2.txt
rm -f ./testout.pcap
rm -f ./testout2.pcap
}
capture_suite() {
test_step_set_pre capture_cleanup_step
test_step_set_post capture_cleanup_step
test_remark_add "Capture - need some traffic on interface: \"$TRAFFIC_CAPTURE_IFACE\""
test_suite_add "Dumpcap capture" dumpcap_capture_suite
test_suite_add "TShark capture" tshark_capture_suite
test_suite_add "Wireshark capture" wireshark_capture_suite
}
#
# Editor modelines - http://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

391
test/suite-clopts.sh
View File

@ -1,391 +0,0 @@
#!/bin/bash
#
# Test the command line options of the Wireshark tools
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# common exit status values
EXIT_OK=0
EXIT_COMMAND_LINE=1
EXIT_ERROR=2
# generic: check against a specific exit status with a single char option
# $1 command: tshark or dumpcap
# $2 option: a
# $3 expected exit status: 0
test_single_char_options()
{
#echo "command: "$1" opt1: "$2" opt2: "$3" opt3: "$4" opt4: "$5" opt5: "$6
$1 -$2 > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $3 ]; then
test_step_failed "exit status: $RETURNVALUE"
else
test_step_ok
fi
rm ./testout.txt
}
# check against $EXIT_OK or $EXIT_ERROR with a single char option
# $1 command: tshark or dumpcap
# $2 option: a
test_D_or_L_option()
{
#echo "command: "$1" opt1: "$2" opt2: "$3" opt3: "$4" opt4: "$5" opt5: "$6
$1 -$2 > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK -a ! $RETURNVALUE -eq $EXIT_ERROR ]; then
test_step_failed "exit status: $RETURNVALUE"
else
test_step_ok
fi
rm ./testout.txt
}
# dumpcap
# Only with remote capture: A:ru
# Only with WinPcap: m:
# Only with WinPcap or 1.0.0-or-later libpcap: B:
# Only with 1.0.0-or-later libpcap: I
# Only with libpcap/WinPcap with bpf_image(): d
# check exit status of all invalid single char dumpcap options (must be 1)
clopts_suite_dumpcap_invalid_chars() {
for index in C E F G H J K N O Q R T U V W X Y e j l o x z
do
test_step_add "Invalid dumpcap parameter -$index, exit status must be $EXIT_COMMAND_LINE" "test_single_char_options $DUMPCAP $index $EXIT_COMMAND_LINE"
done
}
# check exit status of all valid single char dumpcap options being (must be 0)
# tests only those options that cause dumpcap to do something other than
# capture
clopts_suite_dumpcap_valid_chars() {
for index in h v
do
test_step_add "Valid dumpcap parameter -$index, exit status must be $EXIT_OK" "test_single_char_options $DUMPCAP $index $EXIT_OK"
done
}
# special case: interface-specific opts might work as a regular user
# (exit code 0) or might fail due to lack of permissions (exit code 2)
# but shouldn't fail due to a syntax error (exit code 1). We cannot
# predict whether it'll be a success or failure based on the machine,
# so allow either one.
clopts_suite_dumpcap_interface_chars() {
for index in D L
do
test_step_add "Valid dumpcap parameter -$index requiring capture permissions, exit status must be $EXIT_OK or $EXIT_ERROR" "test_D_or_L_option $DUMPCAP $index"
done
}
# check exit status and grep output string of an invalid capture filter
clopts_step_dumpcap_invalid_capfilter() {
if [ "$WS_SYSTEM" != "Windows" ] ; then
test_step_skipped
return
fi
$DUMPCAP -f 'jkghg' -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_COMMAND_LINE ]; then
test_step_failed "exit status: $RETURNVALUE"
else
grep -i 'Invalid capture filter "jkghg" for interface' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_output_print ./testout.txt
test_step_ok
else
test_step_output_print ./testout.txt
test_step_failed "Error message wasn't what we expected"
fi
fi
}
# check exit status and grep output string of an invalid interface
clopts_step_dumpcap_invalid_interfaces() {
$DUMPCAP -i invalid_interface -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_COMMAND_LINE ]; then
test_step_failed "exit status: $RETURNVALUE"
else
grep -i 'The capture session could not be initiated' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_output_print ./testout.txt
test_step_ok
else
test_step_output_print ./testout.txt
test_step_failed "Error message wasn't what we expected"
fi
fi
}
# check exit status and grep output string of an invalid interface index
# (valid interface indexes start with 1)
clopts_step_dumpcap_invalid_interfaces_index() {
$DUMPCAP -i 0 -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_COMMAND_LINE ]; then
test_step_failed "exit status: $RETURNVALUE"
else
grep -i 'There is no interface with that adapter index' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
test_step_output_print ./testout.txt
test_step_failed "Error message wasn't what we expected"
fi
fi
}
# TShark
# check exit status when reading an existing file
clopts_step_existing_file() {
$TSHARK -r "${CAPTURE_DIR}dhcp.pcap" > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status: $RETURNVALUE"
else
test_step_ok
fi
rm ./testout.txt
}
# check exit status when reading a non-existing file
clopts_step_nonexisting_file() {
$TSHARK -r ThisFileDontExist.pcap > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_ERROR ]; then
test_step_failed "exit status: $RETURNVALUE"
else
test_step_ok
fi
rm ./testout.txt
}
# check exit status of all invalid single char TShark options (must be 1)
clopts_suite_tshark_invalid_chars() {
for index in A B C E F H J K M N O R T U W X Y Z a b c d e f i j k m o r s t u w y z
do
test_step_add "Invalid TShark parameter -$index, exit status must be $EXIT_COMMAND_LINE" "test_single_char_options $TSHARK $index $EXIT_COMMAND_LINE"
done
}
# check exit status of all valid single char TShark options being (must be 0)
clopts_suite_tshark_valid_chars() {
for index in G h v
do
test_step_add "Valid TShark parameter -$index, exit status must be $EXIT_OK" "test_single_char_options $TSHARK $index $EXIT_OK"
done
}
# special case: interface-specific opts might work as a regular user
# (exit code 0) or might fail due to lack of permissions (exit code 2)
# but shouldn't fail due to a syntax error (exit code 1). We cannot
# predict whether it'll be a success or failure based on the machine,
# so allow either one.
clopts_suite_tshark_interface_chars() {
for index in D L
do
test_step_add "Valid TShark parameter -$index requiring capture permissions, exit status must be $EXIT_OK or $EXIT_ERROR" "test_D_or_L_option $TSHARK $index"
done
}
# S V l n p q x
# check exit status and grep output string of an invalid capture filter
clopts_step_tshark_invalid_capfilter() {
if [ "$WS_SYSTEM" != "Windows" ] ; then
test_step_skipped
return
fi
$TSHARK -f 'jkghg' -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_COMMAND_LINE ]; then
test_step_failed "exit status: $RETURNVALUE"
else
grep -i 'Invalid capture filter "jkghg" for interface' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_output_print ./testout.txt
test_step_ok
else
test_step_output_print ./testout.txt
test_step_failed "Error message wasn't what we expected"
fi
fi
}
# check exit status and grep output string of an invalid interface
clopts_step_tshark_invalid_interfaces() {
$TSHARK -i invalid_interface -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_COMMAND_LINE ]; then
test_step_failed "exit status: $RETURNVALUE"
else
grep -i 'The capture session could not be initiated' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_output_print ./testout.txt
test_step_ok
else
test_step_output_print ./testout.txt
test_step_failed "Error message wasn't what we expected"
fi
fi
}
# check exit status and grep output string of an invalid interface index
# (valid interface indexes start with 1)
clopts_step_tshark_invalid_interfaces_index() {
$TSHARK -i 0 -w './testout.pcap' > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_COMMAND_LINE ]; then
test_step_failed "exit status: $RETURNVALUE"
else
grep -i 'There is no interface with that adapter index' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
test_step_output_print ./testout.txt
test_step_failed "Error message wasn't what we expected"
fi
fi
}
# check exit status and grep output string of an invalid capture filter
# XXX - how to efficiently test the *invalid* flags?
clopts_step_valid_name_resolving() {
if [ "$WS_SYSTEM" != "Windows" ] ; then
test_step_skipped
return
fi
$TSHARK -N mntC -a duration:1 > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status: $RETURNVALUE"
else
test_step_ok
fi
}
test_dump_glossary() {
$TSHARK -G $1 > /dev/null 2> ./testout.txt
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status: $RETURNVALUE"
elif [ -s ./testout.txt ]; then
test_step_output_print ./testout.txt
test_step_failed "Error messages on stderr"
else
test_step_ok
fi
}
test_dump_glossary_utf8() {
if [ "$HAVE_ICONV" != "True" ] ; then
test_step_skipped
return
fi
SAVE_LANG=$LANG
LANG=en_US.UTF-8
export LANG
$TSHARK -G $1 | iconv -f UTF-8 > /dev/null 2> ./testout.txt
RETURNVALUE=$?
LANG=$SAVE_LANG
export LANG
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
if [ -s ./testout.txt ]; then
test_step_output_print ./testout.txt
fi
test_step_failed "exit status: $RETURNVALUE"
else
test_step_ok
fi
}
test_dump_glossary_plugins() {
# We do a similar test in fuzz-test.sh.
$TSHARK -G plugins > ./testout.txt 2> /dev/null
PLUGIN_COUNT=$( grep dissector ./testout.txt | wc -l )
if [ $PLUGIN_COUNT -lt 10 ] ; then
test_step_output_print ./testout.txt
test_step_failed "Fewer than 10 dissector plugins found"
else
test_step_ok
fi
}
# check that dumping the glossaries succeeds (at least doesn't crash)
# this catches extended value strings without the BASE_EXT_STRING flag
# among other problems
clopts_suite_dump_glossaries() {
for glossary in fields protocols values decodes defaultprefs currentprefs; do
test_step_add "Dumping $glossary glossary" "test_dump_glossary $glossary"
test_step_add "Testing $glossary output encoding" "test_dump_glossary_utf8 $glossary"
done
test_step_add "Testing plugins" test_dump_glossary_plugins
}
# check exit status of some basic functions
clopts_suite_basic() {
test_step_add "Exit status for existing file: \"""${CAPTURE_DIR}dhcp.pcap""\" must be 0" clopts_step_existing_file
test_step_add "Exit status for none existing files must be 2" clopts_step_nonexisting_file
}
clopts_suite_dumpcap_capture_options() {
test_step_add "Invalid dumpcap capture filter -f" clopts_step_dumpcap_invalid_capfilter
test_step_add "Invalid dumpcap capture interface -i" clopts_step_dumpcap_invalid_interfaces
test_step_add "Invalid dumpcap capture interface index 0" clopts_step_dumpcap_invalid_interfaces_index
}
clopts_suite_tshark_capture_options() {
test_step_add "Invalid TShark capture filter -f" clopts_step_tshark_invalid_capfilter
test_step_add "Invalid TShark capture interface -i" clopts_step_tshark_invalid_interfaces
test_step_add "Invalid TShark capture interface index 0" clopts_step_tshark_invalid_interfaces_index
}
clopts_post_step() {
rm -f ./testout.txt ./testout2.txt
}
clopt_suite() {
test_step_set_post clopts_post_step
test_suite_add "Basic tests" clopts_suite_basic
test_suite_add "Invalid dumpcap single char options" clopts_suite_dumpcap_invalid_chars
test_suite_add "Valid dumpcap single char options" clopts_suite_dumpcap_valid_chars
test_suite_add "Interface-specific dumpcap single char options" clopts_suite_dumpcap_interface_chars
test_suite_add "Capture filter/interface options tests" clopts_suite_dumpcap_capture_options
test_suite_add "Invalid TShark single char options" clopts_suite_tshark_invalid_chars
test_suite_add "Valid TShark single char options" clopts_suite_tshark_valid_chars
test_suite_add "Interface-specific TShark single char options" clopts_suite_tshark_interface_chars
test_suite_add "Capture filter/interface options tests" clopts_suite_tshark_capture_options
test_suite_add "Dump glossaries" clopts_suite_dump_glossaries
test_step_add "Valid name resolution options -N (1s)" clopts_step_valid_name_resolving
#test_remark_add "Options currently unchecked: S, V, l, n, p, q and x"
}
#
# Editor modelines - http://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

710
test/suite-decryption.sh
View File

@ -1,710 +0,0 @@
#!/bin/bash
#
# Test decryption capabilities of the Wireshark tools
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# To do:
# IEEE 802.15.4
# ISAKMP / IKEv2
# PKCS#12
# SNMP
# DCERPC NETLOGON
# KINK
# LDAP
# NTLMSSP
# SPNEGO
# common exit status values
EXIT_OK=0
EXIT_COMMAND_LINE=1
EXIT_ERROR=2
UAT_FILES="
80211_keys
dtlsdecrypttablefile
esp_sa
ssl_keys
c1222_decryption_table
ikev1_decryption_table
ikev2_decryption_table
"
TEST_KEYS_DIR="$TESTS_DIR/keys/"
if [ "$WS_SYSTEM" == "Windows" ] ; then
TEST_KEYS_DIR="`cygpath -w $TEST_KEYS_DIR`"
fi
#TS_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
TS_DC_ARGS=""
DIFF_OUT=./diff-output.txt
# WPA PSK
# https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=wpa-Induction.pcap
decryption_step_80211_wpa_psk() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o "wlan.enable_decryption: TRUE" \
-Tfields -e http.request.uri \
-r "$CAPTURE_DIR/wpa-Induction.pcap.gz" \
-Y http \
| grep favicon.ico > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt IEEE 802.11 WPA PSK"
return
fi
test_step_ok
}
# WPA EAP (EAPOL Rekey)
# Included in git sources test/captures/wpa-eap-tls.pcap.gz
decryption_step_80211_wpa_eap() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o "wlan.enable_decryption: TRUE" \
-r "$CAPTURE_DIR/wpa-eap-tls.pcap.gz" \
-Y "wlan.analysis.tk==7d9987daf5876249b6c773bf454a0da7" \
| grep "Group Message" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt IEEE 802.11 WPA EAP"
return
fi
test_step_ok
}
# WPA decode with message1+2 only and secure bit set on message 2
# Included in git sources test/captures/wpa-test-decode.pcap.gz
decryption_step_80211_wpa_eapol_incomplete_rekeys() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o "wlan.enable_decryption: TRUE" \
-r "$CAPTURE_DIR/wpa-test-decode.pcap.gz" \
-Y "icmp.resp_to == 4263" \
| grep "Echo" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Not able to follow rekey with missing eapol frames"
return
fi
test_step_ok
}
# WPA decode management frames with MFP enabled (802.11w)
# Included in git sources test/captures/wpa-test-decode-mgmt.pcap.gz
decryption_step_80211_wpa_psk_mfp() {
local out frames
out=$($TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o "wlan.enable_decryption: TRUE" \
-r "$CAPTURE_DIR/wpa-test-decode-mgmt.pcap.gz" \
-Y "wlan.fixed.reason_code == 2 || wlan.fixed.category_code == 3" \
2>&1)
RETURNVALUE=$?
frames=$(echo "$out" | wc -l)
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Error during test execution: $out"
return
elif [ $frames -ne 3 ]; then
test_step_failed "Not able to decode All Management frames ($frames/3)"
return
fi
test_step_ok
}
# WPA decode traffic in a TDLS (Tunneled Direct-Link Setup) session (802.11z)
# Included in git sources test/captures/wpa-test-decode-tdls.pcap.gz
decryption_step_80211_wpa_tdls() {
local out frames
out=$($TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o "wlan.enable_decryption: TRUE" \
-r "$CAPTURE_DIR/wpa-test-decode-tdls.pcap.gz" \
-Y "icmp" \
2>&1)
RETURNVALUE=$?
frames=$(echo "$out" | wc -l)
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Error during test execution: $out"
return
elif [ $frames -ne 2 ]; then
test_step_failed "Not able to decode all TDLS traffic ($frames/2)"
return
fi
test_step_ok
}
# DTLS
# https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=snakeoil.tgz
decryption_step_dtls() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e data.data \
-r "$CAPTURE_DIR/snakeoil-dtls.pcap" -Y data \
| grep "69:74:20:77:6f:72:6b:20:21:0a" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt DTLS"
return
fi
test_step_ok
}
# DTLS 1.2 with PSK, AES-128-CCM-8
decryption_step_dtls_psk_aes128ccm8() {
output=$($TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-odtls.psk:ca19e028a8a372ad2d325f950fcaceed \
-r "$CAPTURE_DIR/dtls12-aes128ccm8.pcap" -x)
one='DTLS1.2 test usi*ng GnuTLS 3.5.8.'
two='Works for me!.'
if [[ "$output" != *${one}*${one}*${two}*${two}* ]]; then
test_step_failed "Failed to decrypt DTLS 1.2 (PSK AES-128-CCM-8)"
return
fi
test_step_ok
}
# UDT over DTLS 1.2 with RSA key
decryption_step_udt_dtls() {
TEST_KEYS_FILE="$TESTS_DIR/keys/udt-dtls.key"
if [ "$WS_SYSTEM" == "Windows" ] ; then
TEST_KEYS_FILE="`cygpath -w $TEST_KEYS_FILE`"
fi
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o dtls.keys_list:"0.0.0.0,0,data,$TEST_KEYS_FILE" \
-Y "dtls && udt.type==ack" \
-r "$CAPTURE_DIR/udt-dtls.pcapng.gz" \
| grep UDT > /dev/null
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt UDT/DTLS using the server's RSA private key"
return
fi
test_step_ok
}
# SSL, using the server's private key
# https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=snakeoil2_070531.tgz
decryption_step_ssl() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \
-r "$CAPTURE_DIR/rsasnakeoil2.pcap" -Y http \
| grep favicon.ico > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt SSL using the server's private key"
return
fi
test_step_ok
}
# SSL, using the server's private key with p < q
# (test whether libgcrypt is correctly called)
decryption_step_ssl_rsa_pq() {
TEST_KEYS_FILE="$TESTS_DIR/keys/rsa-p-lt-q.key"
if [ "$WS_SYSTEM" == "Windows" ] ; then
TEST_KEYS_FILE="`cygpath -w $TEST_KEYS_FILE`"
fi
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \
-o ssl.keys_list:"0.0.0.0,443,http,$TEST_KEYS_FILE" \
-r "$CAPTURE_DIR/rsa-p-lt-q.pcap" -Y http \
| grep / > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt SSL using the server's RSA private key"
return
fi
test_step_ok
}
# SSL, using the server's private key with password
decryption_step_ssl_with_password() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \
-r "$CAPTURE_DIR/dmgr.pcapng" -Y http \
| grep unsecureLogon.jsp > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt SSL using the server's private key with password"
return
fi
test_step_ok
}
# SSL, using the master secret
decryption_step_ssl_master_secret() {
TEST_KEYS_FILE="$TESTS_DIR/keys/dhe1_keylog.dat"
if [ "$WS_SYSTEM" == "Windows" ] ; then
TEST_KEYS_FILE="`cygpath -w $TEST_KEYS_FILE`"
fi
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \
-o "ssl.keylog_file: $TEST_KEYS_FILE" \
-o "ssl.desegment_ssl_application_data: FALSE" \
-o "http.ssl.port: 443" \
-r "$CAPTURE_DIR/dhe1.pcapng.gz" -Y http \
| grep test > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt SSL using the master secret"
return
fi
test_step_ok
}
# TLS 1.2 with renegotiation
decryption_step_ssl_renegotiation() {
TEST_KEYS_FILE="$TESTS_DIR/keys/rsasnakeoil2.key"
if [ "$WS_SYSTEM" == "Windows" ] ; then
TEST_KEYS_FILE="`cygpath -w $TEST_KEYS_FILE`"
fi
output=$($TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.content_length \
-o ssl.keys_list:"0.0.0.0,4433,http,$TEST_KEYS_FILE" \
-r "$CAPTURE_DIR/tls-renegotiation.pcap" -Y http)
if [[ "$output" != 0*2151* ]]; then
test_step_failed "Failed to decrypt SSL with renegotiation"
return
fi
test_step_ok
}
# TLS 1.2 with PSK, AES-128-CCM
decryption_step_tls_psk_aes128ccm() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -q \
-ossl.psk:ca19e028a8a372ad2d325f950fcaceed \
-r "$CAPTURE_DIR/tls12-aes128ccm.pcap" -z follow,ssl,ascii,0 \
| grep -q http://www.gnu.org/software/gnutls
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt TLS 1.2 (PSK AES-128-CCM)"
return
fi
test_step_ok
}
# TLS 1.2 with PSK, AES-256-GCM
decryption_step_tls_psk_aes256gcm() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -q \
-ossl.psk:ca19e028a8a372ad2d325f950fcaceed \
-r "$CAPTURE_DIR/tls12-aes256gcm.pcap" -z follow,ssl,ascii,0 \
| grep -q http://www.gnu.org/software/gnutls
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt TLS 1.2 (PSK AES-256-GCM)"
return
fi
test_step_ok
}
# TLS 1.2 with ChaCha20-Poly1305
decryption_step_tls12_chacha20poly1305() {
if ! $HAVE_LIBGCRYPT17; then
test_step_skipped
return
fi
TEST_KEYS_FILE="$TESTS_DIR/keys/tls12-chacha20poly1305.keys"
if [ "$WS_SYSTEM" == "Windows" ] ; then
TEST_KEYS_FILE="`cygpath -w $TEST_KEYS_FILE`"
fi
ciphers='
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-CHACHA20-POLY1305
DHE-RSA-CHACHA20-POLY1305
RSA-PSK-CHACHA20-POLY1305
DHE-PSK-CHACHA20-POLY1305
ECDHE-PSK-CHACHA20-POLY1305
PSK-CHACHA20-POLY1305
'
local stream=0
for cipher in $ciphers; do
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -q \
-r "$CAPTURE_DIR/tls12-chacha20poly1305.pcap" \
-o "ssl.keylog_file: $TEST_KEYS_FILE" \
-z follow,ssl,ascii,$stream \
| grep -q "$cipher"
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt TLS 1.2 ($cipher)"
return
fi
((stream++))
done
test_step_ok
}
# TLS 1.3 with ChaCha20-Poly1305
decryption_step_tls13_chacha20poly1305() {
if ! $HAVE_LIBGCRYPT17; then
test_step_skipped
return
fi
TEST_KEYS_FILE="$TESTS_DIR/keys/tls13-20-chacha20poly1305.keys"
if [ "$WS_SYSTEM" == "Windows" ] ; then
TEST_KEYS_FILE="`cygpath -w $TEST_KEYS_FILE`"
fi
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -q \
-r "$CAPTURE_DIR/tls13-20-chacha20poly1305.pcap" \
-o "ssl.keylog_file: $TEST_KEYS_FILE" \
-z follow,ssl,ascii,0 \
| grep -q TLS13-CHACHA20-POLY1305-SHA256
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt TLS 1.3 (ChaCha20-Poly1305)"
return
fi
test_step_ok
}
# ZigBee
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7022
decryption_step_zigbee() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-r "$CAPTURE_DIR/sample_control4_2012-03-24.pcap" \
-Tfields -e data.data \
-Y zbee_aps \
| grep "30:67:63:63:38:65:20:63:34:2e:64:6d:2e:74:76:20" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt ZigBee"
return
fi
test_step_ok
}
# ANSI C12.22
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9196
decryption_step_c1222() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o "c1222.decrypt: TRUE" \
-o "c1222.baseoid:2.16.124.113620.1.22.0" \
-r "$CAPTURE_DIR/c1222_std_example8.pcap" \
-Tfields -e c1222.data \
| grep "00:10:4d:41:4e:55:46:41:43:54:55:52:45:52:20:53:4e:20:92" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt C12.22 $RETURNVALUE"
return
fi
test_step_ok
}
# DVB-CI
# simplified version of the sample capture in
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6700
decryption_step_dvb_ci() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o "dvb-ci.sek: 00000000000000000000000000000000" \
-o "dvb-ci.siv: 00000000000000000000000000000000" \
-Tfields -e dvb-ci.cc.sac.padding \
-r "$CAPTURE_DIR/dvb-ci_UV1_0000.pcap" \
| grep "80:00:00:00:00:00:00:00:00:00:00:00" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt DVB_CI"
return
fi
test_step_ok
}
# IPsec ESP
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12671
decryption_step_ipsec_esp() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-o "esp.enable_encryption_decode: TRUE" \
-Tfields -e data.data \
-r "$CAPTURE_DIR/esp-bug-12671.pcapng.gz" -Y data \
| grep "08:09:0a:0b:0c:0d:0e:0f:10:11:12:13:14:15:16:17" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt DTLS"
return
fi
test_step_ok
}
# IKEv1 (ISAKMP) with certificates
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7951
decryption_step_ikev1_certs() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e x509sat.printableString \
-r "$CAPTURE_DIR/ikev1-certs.pcap" \
| grep "OpenSwan" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt IKEv1"
return
fi
test_step_ok
}
# IKEv1 (ISAKMP) simultaneous exchanges
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12610
decryption_step_ikev1_simultaneous() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.hash \
-r "$CAPTURE_DIR/ikev1-bug-12610.pcapng.gz" \
| grep "b5:25:21:f7:74:96:74:02:c9:f6:ce:e9:5f:d1:7e:5b" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt simultaneous IKEv1 exchanges"
return
fi
test_step_ok
}
# IKEv1 (ISAKMP) unencrypted phase 1
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12620
decryption_step_ikev1_unencrypted() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.hash \
-r "$CAPTURE_DIR/ikev1-bug-12620.pcapng.gz" \
| grep "40:04:3b:64:0f:43:73:25:0d:5a:c3:a1:fb:63:15:3c" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt the first packet of a post-phase1 IKEv1 exchange"
return
fi
test_step_ok
}
# IKEv2 decryption test (3DES-CBC/SHA1_160)
decryption_step_ikev2_3des_sha160() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.auth.data \
-r "$CAPTURE_DIR/ikev2-decrypt-3des-sha1_160.pcap" \
| grep "02:f7:a0:d5:f1:fd:c8:ea:81:03:98:18:c6:5b:b9:bd:09:af:9b:89:17:31:9b:88:7f:f9:ba:30:46:c3:44:c7" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt encrypted with 3_DES_CBC/SHA1_160 packet of IKEv2 exchange"
return
fi
test_step_ok
}
# IKEv2 decryption test (AES-128-CCM-12) - with CBC-MAC verification
decryption_step_ikev2_aes128_ccm12() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.auth.data \
-r "$CAPTURE_DIR/ikev2-decrypt-aes128ccm12.pcap" \
| grep "c2:10:43:94:29:9e:1f:fe:79:08:ea:72:0a:d5:d1:37:17:a0:d4:54:e4:fa:0a:21:28:ea:68:94:11:f4:79:c4" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt encrypted with AES_128_CCM_12 packet of IKEv2 exchange"
return
fi
test_step_ok
}
# IKEv2 decryption test (AES-128-CCM-12 using CTR mode, without checksum)
decryption_step_ikev2_aes128_ccm12_2() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.auth.data \
-r "$CAPTURE_DIR/ikev2-decrypt-aes128ccm12-2.pcap" \
| grep "aa:a2:81:c8:7b:4a:19:04:6c:57:27:1d:55:74:88:ca:41:3b:57:22:8c:b9:51:f5:fa:96:40:99:2a:02:85:b9" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt (using CTR mode) encrypted with AES_128_CCM_12 packet of IKEv2 exchange"
return
fi
test_step_ok
}
# IKEv2 decryption test (AES-192-CTR/SHA2-512)
decryption_step_ikev2_aes192ctr_sha512() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.auth.data \
-r "$CAPTURE_DIR/ikev2-decrypt-aes192ctr.pcap" \
| grep "3e:c2:3d:cf:93:48:48:56:38:40:7c:75:45:47:ae:b3:08:52:90:08:2c:49:f5:83:fd:ba:e5:92:63:a2:0b:4a" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt encrypted with AES-192-CTR/SHA2_512 packet of IKEv2 exchange"
return
fi
test_step_ok
}
# IKEv2 decryption test (AES-256-CBC/SHA2-256)
decryption_step_ikev2_aes256cbc_sha256() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.auth.data \
-r "$CAPTURE_DIR/ikev2-decrypt-aes256cbc.pcapng" \
| grep "e1:a8:d5:50:06:42:01:a7:ec:02:4a:85:75:8d:06:73:c6:1c:5c:51:0a:c1:3b:cd:22:5d:63:27:f5:0d:a3:d3" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt encrypted with AES-256-CBC/SHA2-256 packet of IKEv2 exchange"
return
fi
test_step_ok
}
# IKEv2 decryption test (AES-256-CCM-16)
decryption_step_ikev2_aes256ccm16() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.auth.data \
-r "$CAPTURE_DIR/ikev2-decrypt-aes256ccm16.pcapng" \
| grep "fa:2e:74:bd:c0:1e:30:fb:0b:3d:dc:97:23:c9:44:90:95:96:9d:a5:1f:69:e5:60:20:9d:2c:2b:79:40:21:0a" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt encrypted with AES-256-CCM-16 packet of IKEv2 exchange"
return
fi
test_step_ok
}
# IKEv2 decryption test (AES-256-GCM-16)
decryption_step_ikev2_aes256gcm16() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.auth.data \
-r "$CAPTURE_DIR/ikev2-decrypt-aes256gcm16.pcap" \
| grep "9a:b7:1f:14:ab:55:3c:ad:87:3a:1a:a7:0b:99:df:15:5d:ee:77:cd:cf:36:94:b3:b7:52:7a:cb:b9:71:2d:ed" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt encrypted with AES-256-GCM-16 packet of IKEv2 exchange"
return
fi
test_step_ok
}
# IKEv2 decryption test (AES-256-GCM-8)
decryption_step_ikev2_aes256gcm8() {
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e isakmp.auth.data \
-r "$CAPTURE_DIR/ikev2-decrypt-aes256gcm8.pcap" \
| grep "4a:66:d8:22:d0:af:bc:22:ad:9a:92:a2:cf:42:87:c9:20:ad:8a:c3:b0:69:a4:a7:e7:5f:e0:a5:d4:99:f9:14" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt encrypted with AES-256-GCM-8 packet of IKEv2 exchange"
return
fi
test_step_ok
}
# HTTP2 (HPACK)
decryption_step_http2() {
if [ $HAVE_NGHTTP2 -ne 0 ]; then
test_step_skipped
return
fi
env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e http2.header.value \
-d tcp.port==3000,http2 \
-r "$CAPTURE_DIR/packet-h2-14_headers.pcapng" \
> ./testout.txt
grep "nghttp2" ./testout.txt > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-V \
-d tcp.port==3000,http2 \
-r "$CAPTURE_DIR/packet-h2-14_headers.pcapng" \
> ./testout2.txt
echo
echo "Test output:"
cat ./testout.txt
echo "Verbose output:"
cat ./testout2.txt
test_step_failed "Failed to decode HTTP2 HPACK"
return
fi
test_step_ok
}
# Kerberos
# Files are from krb-816.zip on the SampleCaptures page.
KEYTAB_FILE="$TESTS_DIR/keys/krb-816.keytab"
if [ "$WS_SYSTEM" == "Windows" ] ; then
KEYTAB_FILE="`cygpath -w $KEYTAB_FILE`"
fi
decryption_step_kerberos() {
if [ $HAVE_KERBEROS -ne 0 ]; then
test_step_skipped
return
fi
# keyvalue: ccda7d48219f73c3b28311c4ba7242b3
$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e kerberos.keyvalue \
-o "kerberos.decrypt: TRUE" \
-o "kerberos.file: $KEYTAB_FILE" \
-r "$CAPTURE_DIR/krb-816.pcap.gz" \
| grep "cc:da:7d:48:21:9f:73:c3:b2:83:11:c4:ba:72:42:b3" > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to decrypt encrypted with AES-256-GCM-8 packet of IKEv2 exchange"
return
fi
test_step_ok
}
tshark_decryption_suite() {
test_step_add "IEEE 802.11 WPA PSK Decryption" decryption_step_80211_wpa_psk
test_step_add "IEEE 802.11 WPA PSK Decryption2 (EAPOL frames missing with a Win 10 client)" decryption_step_80211_wpa_eapol_incomplete_rekeys
test_step_add "IEEE 802.11 WPA PSK Decryption of Management frames (802.11w)" decryption_step_80211_wpa_psk_mfp
test_step_add "IEEE 802.11 WPA EAP Decryption" decryption_step_80211_wpa_eap
test_step_add "IEEE 802.11 WPA TDLS Decryption" decryption_step_80211_wpa_tdls
test_step_add "DTLS Decryption" decryption_step_dtls
test_step_add "DTLS 1.2 Decryption (PSK AES-128-CCM-8)" decryption_step_dtls_psk_aes128ccm8
test_step_add "UDT over DTLS 1.2 Decryption" decryption_step_udt_dtls
test_step_add "IPsec ESP Decryption" decryption_step_ipsec_esp
test_step_add "SSL Decryption (private key)" decryption_step_ssl
test_step_add "SSL Decryption (RSA private key with p smaller than q)" decryption_step_ssl_rsa_pq
test_step_add "SSL Decryption (private key with password)" decryption_step_ssl_with_password
test_step_add "SSL Decryption (master secret)" decryption_step_ssl_master_secret
test_step_add "SSL Decryption (renegotiation)" decryption_step_ssl_renegotiation
test_step_add "TLS 1.2 Decryption (PSK AES-128-CCM)" decryption_step_tls_psk_aes128ccm
test_step_add "TLS 1.2 Decryption (PSK AES-256-GCM)" decryption_step_tls_psk_aes256gcm
test_step_add "TLS 1.2 Decryption (ChaCha20-Poly1305)" decryption_step_tls12_chacha20poly1305
test_step_add "TLS 1.3 Decryption (ChaCha20-Poly1305)" decryption_step_tls13_chacha20poly1305
test_step_add "ZigBee Decryption" decryption_step_zigbee
test_step_add "ANSI C12.22 Decryption" decryption_step_c1222
test_step_add "DVB-CI Decryption" decryption_step_dvb_ci
test_step_add "IKEv1 Decryption (certificates)" decryption_step_ikev1_certs
test_step_add "IKEv1 Decryption (simultaneous exchanges)" decryption_step_ikev1_simultaneous
test_step_add "IKEv1 Decryption (unencrypted phase 1)" decryption_step_ikev1_unencrypted
test_step_add "IKEv2 Decryption (3DES-CBC/SHA1_160)" decryption_step_ikev2_3des_sha160
test_step_add "IKEv2 Decryption (AES-128-CCM-12)" decryption_step_ikev2_aes128_ccm12
test_step_add "IKEv2 Decryption (AES-128-CCM-12 using CTR mode)" decryption_step_ikev2_aes128_ccm12_2
test_step_add "IKEv2 Decryption (AES-192-CTR/SHA2-512)" decryption_step_ikev2_aes192ctr_sha512
test_step_add "IKEv2 Decryption (AES-256-CBC/SHA2-256)" decryption_step_ikev2_aes256cbc_sha256
test_step_add "IKEv2 Decryption (AES-256-CCM-16)" decryption_step_ikev2_aes256ccm16
test_step_add "IKEv2 Decryption (AES-256-GCM-16)" decryption_step_ikev2_aes256gcm16
test_step_add "IKEv2 Decryption (AES-256-GCM-8)" decryption_step_ikev2_aes256gcm8
test_step_add "HTTP2 (HPACK)" decryption_step_http2
test_step_add "Kerberos" decryption_step_kerberos
}
decryption_cleanup_step() {
rm -rf "$TEST_HOME"
}
decryption_prep_step() {
decryption_cleanup_step
TS_DC_ENV="${HOME_ENV}=${HOME_PATH}"
for UAT in $UAT_FILES ; do
sed -e "s|TEST_KEYS_DIR|${TEST_KEYS_DIR//\\/\\\\x5c}|" \
< "$TESTS_DIR/config/$UAT.tmpl" \
> "$CONF_PATH/$UAT"
done
}
decryption_suite() {
test_step_set_pre decryption_prep_step
test_step_set_post decryption_cleanup_step
test_suite_add "TShark decryption" tshark_decryption_suite
}
#
# Editor modelines - https://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

48
test/suite-dissection.sh
View File

@ -1,48 +0,0 @@
#!/bin/bash
#
# Test suite for various ad-hoc dissection tests
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
dissection_http2_data_reassembly_test() {
if [ $HAVE_NGHTTP2 -ne 0 ]; then
test_step_skipped
return
fi
local filename="${CAPTURE_DIR}/http2-data-reassembly.pcap"
local keys="${TESTS_DIR}/keys/http2-data-reassembly.keys"
# Check for a reassembled PNG image.
$TSHARK -o ssl.keylog_file:$keys -d 'tcp.port==8443,ssl' \
-Y 'http2.data.data matches "PNG" && http2.data.data matches "END"' \
-r $filename |grep -q DATA
if [ $? -ne 0 ]; then
test_step_failed "could not find DATA frame with reassembled PNG content"
else
test_step_ok
fi
return
}
dissection_suite() {
test_step_add "testing http2 data reassembly" dissection_http2_data_reassembly_test
}
#
# Editor modelines - https://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

153
test/suite-fileformats.sh
View File

@ -1,153 +0,0 @@
#!/bin/bash
#
# Test file format conversions of the Wireshark tools
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# common exit status values
EXIT_OK=0
EXIT_COMMAND_LINE=1
EXIT_ERROR=2
TS_FF_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
FF_BASELINE=./ff-ts-usec-pcap-direct.txt
DIFF_OUT=./diff-output.txt
# Microsecond pcap / stdin
ff_step_usec_pcap_stdin() {
$TSHARK $TS_FF_ARGS -r - < "${CAPTURE_DIR}dhcp.pcap" > ./ff-ts-usec-pcap-stdin.txt 2> /dev/null
diff -u $FF_BASELINE ./ff-ts-usec-pcap-stdin.txt > $DIFF_OUT 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Output of microsecond pcap direct read vs microsecond pcap via stdin differ"
cat $DIFF_OUT
return
fi
test_step_ok
}
# Nanosecond pcap / stdin
ff_step_nsec_pcap_stdin() {
$TSHARK $TS_FF_ARGS -r - < "${CAPTURE_DIR}dhcp-nanosecond.pcap" > ./ff-ts-nsec-pcap-stdin.txt 2> /dev/null
diff -u $FF_BASELINE ./ff-ts-nsec-pcap-stdin.txt > $DIFF_OUT 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Output of microsecond pcap direct read vs nanosecond pcap via stdin differ"
cat $DIFF_OUT
return
fi
test_step_ok
}
# Nanosecond pcap / direct
ff_step_nsec_pcap_direct() {
$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp-nanosecond.pcap" > ./ff-ts-nsec-pcap-direct.txt 2> /dev/null
diff -u $FF_BASELINE ./ff-ts-nsec-pcap-direct.txt > $DIFF_OUT 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Output of microsecond pcap direct read vs nanosecond pcap direct read differ"
cat $DIFF_OUT
return
fi
test_step_ok
}
# Microsecond pcapng / stdin
ff_step_usec_pcapng_stdin() {
$TSHARK $TS_FF_ARGS -r - < "${CAPTURE_DIR}dhcp.pcapng" > ./ff-ts-usec-pcapng-stdin.txt 2> /dev/null
diff -u $FF_BASELINE ./ff-ts-usec-pcapng-stdin.txt > $DIFF_OUT 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Output of microsecond pcap direct read vs microsecond pcapng via stdin differ"
cat $DIFF_OUT
return
fi
test_step_ok
}
# Microsecond pcapng / direct
ff_step_usec_pcapng_direct() {
$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp.pcapng" > ./ff-ts-usec-pcapng-direct.txt 2> /dev/null
diff -u $FF_BASELINE ./ff-ts-usec-pcapng-direct.txt > $DIFF_OUT 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Output of microsecond pcap direct read vs microsecond pcapng direct read differ"
cat $DIFF_OUT
return
fi
test_step_ok
}
# Nanosecond pcapng / stdin
ff_step_nsec_pcapng_stdin() {
$TSHARK $TS_FF_ARGS -r - < "${CAPTURE_DIR}dhcp-nanosecond.pcapng" > ./ff-ts-nsec-pcapng-stdin.txt 2> /dev/null
diff -u $FF_BASELINE ./ff-ts-nsec-pcapng-stdin.txt > $DIFF_OUT 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Output of microsecond pcap direct read vs nanosecond pcapng via stdin differ"
cat $DIFF_OUT
return
fi
test_step_ok
}
# Nanosecond pcapng / direct
ff_step_nsec_pcapng_direct() {
$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp-nanosecond.pcapng" > ./ff-ts-nsec-pcapng-direct.txt 2> /dev/null
diff -u $FF_BASELINE ./ff-ts-nsec-pcapng-direct.txt > $DIFF_OUT 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Output of microsecond pcap direct read vs nanosecond pcapng direct read differ"
cat $DIFF_OUT
return
fi
test_step_ok
}
tshark_ff_suite() {
# Microsecond pcap direct read is used as the baseline.
test_step_add "Microsecond pcap via stdin" ff_step_usec_pcap_stdin
test_step_add "Nanosecond pcap via stdin" ff_step_nsec_pcap_stdin
test_step_add "Nanosecond pcap direct read" ff_step_nsec_pcap_direct
test_step_add "Microsecond pcapng via stdin" ff_step_usec_pcapng_stdin
test_step_add "Microsecond pcapng direct read" ff_step_usec_pcapng_direct
test_step_add "Nanosecond pcapng via stdin" ff_step_nsec_pcapng_stdin
test_step_add "Nanosecond pcapng direct read" ff_step_nsec_pcapng_direct
}
ff_cleanup_step() {
rm -f ./ff-ts-*.txt
rm -f $DIFF_OUT
}
ff_prep_step() {
ff_cleanup_step
$TSHARK $TS_FF_ARGS -r "${CAPTURE_DIR}dhcp.pcap" > $FF_BASELINE 2> /dev/null
}
fileformats_suite() {
test_step_set_pre ff_prep_step
test_step_set_post ff_cleanup_step
test_suite_add "TShark file format conversion" tshark_ff_suite
#test_suite_add "Wireshark file format" wireshark_ff_suite
#test_suite_add "Editcap file format" editcap_ff_suite
}
#
# Editor modelines - http://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

184
test/suite-io.sh
View File

@ -1,184 +0,0 @@
#!/bin/bash
#
# Test the file I/O of the Wireshark tools
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# common exit status values
EXIT_OK=0
EXIT_COMMAND_LINE=1
EXIT_ERROR=2
IO_RAWSHARK_DHCP_PCAP_BASELINE="$TESTS_DIR/baseline/io-rawshark-dhcp-pcap.txt"
IO_RAWSHARK_DHCP_PCAP_TESTOUT=./io-rawshark-dhcp-pcap-testout.txt
# input of file
io_step_input_file() {
$DUT -r "${CAPTURE_DIR}dhcp.pcap" -w ./testout.pcap > ./testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status of $DUT: $RETURNVALUE"
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TSHARK -D
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 10 packets?
$CAPINFOS ./testout.pcap > ./testout.txt
grep -Ei 'Number of packets:[[:blank:]]+4' ./testout.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
cat ./testout.txt
# part of the Prerequisite checks
# probably wrong interface, output the possible interfaces
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
# piping input file to stdout using "-w -"
io_step_output_piping() {
$DUT -r "${CAPTURE_DIR}dhcp.pcap" -w - > ./testout.pcap 2>./testout.txt
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status of $DUT: $RETURNVALUE"
$TSHARK -D
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 10 packets?
$CAPINFOS ./testout.pcap > ./testout2.txt 2>&1
grep -Ei 'Number of packets:[[:blank:]]+4' ./testout2.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
cat ./testout.txt
cat ./testout2.txt
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
# piping input file to stdout using "-w -"
io_step_input_piping() {
cat -B "${CAPTURE_DIR}dhcp.pcap" | $DUT -r - -w ./testout.pcap 2>./testout.txt
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
$TSHARK -D
echo
cat ./testout.txt
test_step_failed "exit status of $DUT: $RETURNVALUE"
return
fi
# we should have an output file now
if [ ! -f "./testout.pcap" ]; then
test_step_failed "No output file!"
return
fi
# ok, we got a capture file, does it contain exactly 10 packets?
$CAPINFOS ./testout.pcap > ./testout2.txt 2>&1
grep -Ei 'Number of packets:[[:blank:]]+4' ./testout2.txt > /dev/null
if [ $? -eq 0 ]; then
test_step_ok
else
echo
cat ./testout.txt
cat ./testout2.txt
$TSHARK -D
test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
fi
}
# Read a pcap from stdin
io_step_rawshark_pcap_stdin() {
if [ $ENDIANNESS != "little" ] ; then
test_step_skipped
return
fi
tail -c +25 "${CAPTURE_DIR}dhcp.pcap" | $RAWSHARK -dencap:1 -R "udp.port==68" -nr - > $IO_RAWSHARK_DHCP_PCAP_TESTOUT 2> /dev/null
diff -u --strip-trailing-cr $IO_RAWSHARK_DHCP_PCAP_BASELINE $IO_RAWSHARK_DHCP_PCAP_TESTOUT > $DIFF_OUT 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Output of rawshark read pcap via stdin differs from baseline"
cat $DIFF_OUT
return
fi
test_step_ok
}
wireshark_io_suite() {
# Q: quit after cap, k: start capture immediately
DUT="$WIRESHARK"
test_step_add "Input file" io_step_input_file
}
tshark_io_suite() {
DUT=$TSHARK
test_step_add "Input file" io_step_input_file
test_step_add "Output piping" io_step_output_piping
#test_step_add "Piping" io_step_input_piping
}
dumpcap_io_suite() {
#DUT="$DUMPCAP -Q"
DUT=$DUMPCAP
test_step_add "Input file" io_step_input_file
}
rawshark_io_suite() {
test_step_add "Rawshark pcap stdin" io_step_rawshark_pcap_stdin
}
io_cleanup_step() {
rm -f ./testout.txt
rm -f ./testout2.txt
rm -f ./testout.pcap
rm -f ./testout2.pcap
rm -f $IO_RAWSHARK_DHCP_PCAP_TESTOUT
}
io_suite() {
test_step_set_pre io_cleanup_step
test_step_set_post io_cleanup_step
test_suite_add "TShark file I/O" tshark_io_suite
#test_suite_add "Dumpcap file I/O" dumpcap_io_suite
test_suite_add "Rawshark file I/O" rawshark_io_suite
}
#
# Editor modelines - http://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

254
test/suite-mergecap.sh
View File

@ -1,254 +0,0 @@
#!/bin/bash
#
# Run the mergecap unit tests
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# common checking code:
# arg 1 = return value from mergecap command
# arg 2 = file type string
# arg 3 = file encap
# arg 4 = number of IDBs generated
# arg 5 = number of file packets merged
# arg 6 = number of some IDB packets merged
mergecap_common_check() {
if [ ! $1 -eq $EXIT_OK ]; then
echo
cat ./testout.txt
test_step_failed "exit status of mergecap: $1"
return
fi
grep -q "merging complete" testout.txt
if [ $? -ne 0 ]; then
cat ./testout.txt
test_step_failed "mergecap didn't complete"
fi
$CAPINFOS -tEIc ./testout.pcap > capinfo_testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testout.txt
cat ./capinfo_testout.txt
test_step_failed "exit status of capinfos: $RETURNVALUE"
return
fi
grep -Eiq "File type:[[:blank:]]+$2" capinfo_testout.txt
if [ $? -ne 0 ]; then
cat ./testout.txt
cat ./capinfo_testout.txt
test_step_failed "mergecap output format was not '$2'"
fi
grep -Eiq "File encapsulation:[[:blank:]]+$3" capinfo_testout.txt
if [ $? -ne 0 ]; then
cat ./testout.txt
cat ./capinfo_testout.txt
test_step_failed "mergecap output encap type was not '$3'"
fi
grep -Eiq "Number of interfaces in file:[[:blank:]]+$4" capinfo_testout.txt
if [ $? -ne 0 ]; then
cat ./testout.txt
cat ./capinfo_testout.txt
test_step_failed "mergecap output did not generate only $4 IDB"
fi
# this checks the file's number of packets
grep -Eiq "Number of packets:[[:blank:]]+$5" capinfo_testout.txt
if [ $? -ne 0 ]; then
cat ./testout.txt
cat ./capinfo_testout.txt
test_step_failed "mergecap output did not generate $5 packets for file"
fi
# this checks the IDB number of packets
grep -Eiq "Number of packets =[[:blank:]]+$6" capinfo_testout.txt
if [ $? -ne 0 ]; then
cat ./testout.txt
cat ./capinfo_testout.txt
test_step_failed "mergecap output did not generate $6 packets in IDB"
fi
}
# this is a common one for legacy PCAP output
# for this, arg1=returnvalue, arg2=#of file and IDB packets
mergecap_common_pcap_pkt() {
mergecap_common_check "$1" 'Wireshark/tcpdump/... - pcap' "Ethernet" "1" "$2" "$2"
}
# this is a common one for PCAPNG output
# for this, arg1=returnvalue, arg2=encap type, arg3=#of IDBs, arg4=# of file pkts, arg5=# of IDB pkts
mergecap_common_pcapng_pkt() {
mergecap_common_check "$1" 'Wireshark/... - pcapng' "$2" "$3" "$4" "$5"
}
mergecap_step_basic_1_pcap_pcap_test() {
$MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcap_pkt $RETURNVALUE 4
test_step_ok
}
mergecap_step_basic_2_pcap_pcap_test() {
$MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcap_pkt $RETURNVALUE 8
test_step_ok
}
mergecap_step_basic_3_empty_pcap_pcap_test() {
$MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}empty.pcap" "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}empty.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcap_pkt $RETURNVALUE 4
test_step_ok
}
mergecap_step_basic_2_nano_pcap_pcap_test() {
$MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp-nanosecond.pcap" "${CAPTURE_DIR}rsasnakeoil2.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcap_pkt $RETURNVALUE 62
test_step_ok
}
mergecap_step_basic_1_pcap_pcapng_test() {
$MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 4 4
test_step_ok
}
mergecap_step_basic_2_pcap_pcapng_test() {
$MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
test_step_ok
}
mergecap_step_basic_2_pcap_none_pcapng_test() {
$MERGECAP -vI 'none' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 2 8 4
test_step_ok
}
mergecap_step_basic_2_pcap_all_pcapng_test() {
$MERGECAP -vI 'all' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
test_step_ok
}
mergecap_step_basic_2_pcap_any_pcapng_test() {
$MERGECAP -vI 'any' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
test_step_ok
}
mergecap_step_basic_1_pcapng_pcapng_test() {
$MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcapng" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 4 4
test_step_ok
}
mergecap_step_1_pcapng_many_pcapng_test() {
$MERGECAP -v -w testout.pcap "${CAPTURE_DIR}many_interfaces.pcapng.1" > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 64 62
test_step_ok
}
mergecap_step_3_pcapng_pcapng_test() {
$MERGECAP -v -w testout.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 88 86
test_step_ok
}
mergecap_step_3_pcapng_none_pcapng_test() {
$MERGECAP -vI 'none' -w testout.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1
RETURNVALUE=$?
mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 33 88 62
test_step_ok
}
mergecap_step_3_pcapng_all_pcapng_test() {
# build a pcapng of all the interfaces repeated by using mode 'none'
$MERGECAP -vI 'none' -w testin.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1
# the above generated 33 IDBs, 88 total pkts, 62 in first IDB
# and use that generated pcap for our test
$MERGECAP -vI 'all' -w testout.pcap ./testin.pcap ./testin.pcap ./testin.pcap > testout.txt 2>&1
RETURNVALUE=$?
# check for 33 IDBs, 88*3=264 total pkts, 62*3=186 in first IDB
mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 33 264 186
test_step_ok
}
mergecap_step_3_pcapng_any_pcapng_test() {
# build a pcapng of all the interfaces repeated by using mode 'none'
$MERGECAP -vI 'none' -w testin.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1
# the above generated 33 IDBs, 88 total pkts, 62 in first IDB
# and use that generated pcap for our test
$MERGECAP -vI 'any' -w testout.pcap ./testin.pcap ./testin.pcap ./testin.pcap > testout.txt 2>&1
RETURNVALUE=$?
# check for 11 IDBs, 88*3=264 total pkts, 86*3=258 in first IDB
mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 264 258
test_step_ok
}
mergecap_cleanup_step() {
rm -f ./testout.txt
rm -f ./capinfo_testout.txt
rm -f ./testout.pcap
rm -f ./testin.pcap
}
mergecap_suite() {
test_step_set_pre mergecap_cleanup_step
test_step_set_post mergecap_cleanup_step
test_step_add "1 pcap in ----> pcap out" mergecap_step_basic_1_pcap_pcap_test
test_step_add "2 pcaps in ---> pcap out" mergecap_step_basic_2_pcap_pcap_test
test_step_add "3 pcaps in ---> pcap out; two are empty" mergecap_step_basic_3_empty_pcap_pcap_test
test_step_add "2 pcaps in ---> pcap out; one is nanosecond pcap" mergecap_step_basic_2_nano_pcap_pcap_test
test_step_add "1 pcap in ----> pcapng out" mergecap_step_basic_1_pcap_pcapng_test
test_step_add "2 pcaps in ---> pcapng out" mergecap_step_basic_2_pcap_pcapng_test
test_step_add "2 pcaps in ---> pcapng out; merge mode none" mergecap_step_basic_2_pcap_none_pcapng_test
test_step_add "2 pcaps in ---> pcapng out; merge mode all" mergecap_step_basic_2_pcap_all_pcapng_test
test_step_add "2 pcaps in ---> pcapng out; merge mode any" mergecap_step_basic_2_pcap_any_pcapng_test
test_step_add "1 pcapng in --> pcapng out" mergecap_step_basic_1_pcapng_pcapng_test
test_step_add "1 pcapng in --> pcapng out; many interfaces" mergecap_step_1_pcapng_many_pcapng_test
test_step_add "3 pcapngs in -> pcapng out; wildcarded" mergecap_step_3_pcapng_pcapng_test
test_step_add "3 pcapngs in -> pcapng out; merge mode none" mergecap_step_3_pcapng_none_pcapng_test
test_step_add "3 pcapngs in -> pcapng out; merge mode all" mergecap_step_3_pcapng_all_pcapng_test
test_step_add "3 pcapngs in -> pcapng out; merge mode any" mergecap_step_3_pcapng_any_pcapng_test
}
#
# Editor modelines - https://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

175
test/suite-nameres.sh
View File

@ -1,175 +0,0 @@
#!/bin/bash
#
# Test for correct name resolution behavior
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# common exit status values
EXIT_OK=0
EXIT_COMMAND_LINE=1
EXIT_ERROR=2
#TS_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
TS_NR_ARGS="-r $CAPTURE_DIR/dns+icmp.pcapng.gz"
CUSTOM_PROFILE_NAME="Custom-$$"
# nameres.network_name: True
# nameres.use_external_name_resolver: False
# nameres.hosts_file_handling: False
# Profile: Default
name_resolution_net_t_ext_f_hosts_f_global() {
$TESTS_DIR/run_and_catch_crashes env $TS_NR_ENV $TSHARK $TS_NR_ARGS \
-o "nameres.network_name: TRUE" \
-o "nameres.use_external_name_resolver: FALSE" \
-o "nameres.hosts_file_handling: FALSE" \
| grep global-8-8-8-8 > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to resolve 8.8.8.8 using global hosts file."
return
fi
test_step_ok
}
# nameres.network_name: True
# nameres.use_external_name_resolver: False
# nameres.hosts_file_handling: False
# Profile: Default
name_resolution_net_t_ext_f_hosts_f_personal() {
$TESTS_DIR/run_and_catch_crashes env $TS_NR_ENV $TSHARK $TS_NR_ARGS \
-o "nameres.network_name: TRUE" \
-o "nameres.use_external_name_resolver: FALSE" \
-o "nameres.hosts_file_handling: FALSE" \
| grep personal-8-8-4-4 > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to resolve 8.8.4.4 using personal hosts file."
return
fi
test_step_ok
}
# nameres.network_name: True
# nameres_use_external_name_resolver: False
# nameres.hosts_file_handling: False
# Profile: Custom
name_resolution_net_t_ext_f_hosts_f_custom() {
$TESTS_DIR/run_and_catch_crashes env $TS_NR_ENV $TSHARK $TS_NR_ARGS \
-o "nameres.network_name: TRUE" \
-o "nameres.use_external_name_resolver: FALSE" \
-o "nameres.hosts_file_handling: FALSE" \
-C "$CUSTOM_PROFILE_NAME" \
| grep custom-4-2-2-2 > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to resolve 4.2.2.2 using profile $CUSTOM_PROFILE_NAME."
return
fi
test_step_ok
}
# nameres.network_name: True
# nameres.use_external_name_resolver: False
# nameres.hosts_file_handling: True
# Profile: Default
name_resolution_net_t_ext_f_hosts_t_global() {
$TESTS_DIR/run_and_catch_crashes env $TS_NR_ENV $TSHARK $TS_NR_ARGS \
-o "nameres.network_name: TRUE" \
-o "nameres.use_external_name_resolver: FALSE" \
-o "nameres.hosts_file_handling: TRUE" \
| grep global-8-8-8-8 > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -ne $EXIT_OK ]; then
test_step_failed "Global hosts information showed up when it shouldn't."
return
fi
test_step_ok
}
# nameres.network_name: True
# nameres.use_external_name_resolver: False
# nameres.hosts_file_handling: True
# Profile: Default
name_resolution_net_t_ext_f_hosts_t_personal() {
$TESTS_DIR/run_and_catch_crashes env $TS_NR_ENV $TSHARK $TS_NR_ARGS \
-o "nameres.network_name: TRUE" \
-o "nameres.use_external_name_resolver: FALSE" \
-o "nameres.hosts_file_handling: TRUE" \
| grep personal-8-8-4-4 > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Personal hosts information showed up when it shouldn't."
return
fi
test_step_ok
}
# nameres.network_name: True
# nameres_use_external_name_resolver: False
# nameres.hosts_file_handling: True
# Profile: Custom
name_resolution_net_t_ext_f_hosts_t_custom() {
$TESTS_DIR/run_and_catch_crashes env $TS_NR_ENV $TSHARK $TS_NR_ARGS \
-o "nameres.network_name: TRUE" \
-o "nameres.use_external_name_resolver: FALSE" \
-o "nameres.hosts_file_handling: TRUE" \
-C "$CUSTOM_PROFILE_NAME" \
| grep custom-4-2-2-2 > /dev/null 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to resolve 4.2.2.2 using profile $CUSTOM_PROFILE_NAME."
return
fi
test_step_ok
}
tshark_name_resolution_suite() {
test_step_add "Name resolution, no external, no profile hosts, global profile" name_resolution_net_t_ext_f_hosts_f_global
test_step_add "Name resolution, no external, no profile hosts, personal profile" name_resolution_net_t_ext_f_hosts_f_personal
test_step_add "Name resolution, no external, no profile hosts, custom profile" name_resolution_net_t_ext_f_hosts_f_custom
test_step_add "Name resolution, no external, profile hosts, global profile" name_resolution_net_t_ext_f_hosts_t_global
test_step_add "Name resolution, no external, profile hosts, personal profile" name_resolution_net_t_ext_f_hosts_t_personal
test_step_add "Name resolution, no external, profile hosts, custom profile" name_resolution_net_t_ext_f_hosts_t_custom
}
name_resolution_cleanup_step() {
rm -f $WS_BIN_PATH/hosts
}
name_resolution_prep_step() {
CUSTOM_PROFILE_PATH="$CONF_PATH/profiles/$CUSTOM_PROFILE_NAME"
TS_NR_ENV="${HOME_ENV}=${HOME_PATH}"
name_resolution_cleanup_step
mkdir -p "$CUSTOM_PROFILE_PATH"
cp "$TESTS_DIR/hosts.global" "$WS_BIN_PATH/hosts"
cp "$TESTS_DIR/hosts.personal" "$CONF_PATH/hosts"
cp "$TESTS_DIR/hosts.custom" "$CUSTOM_PROFILE_PATH/hosts"
}
name_resolution_suite() {
test_step_set_pre name_resolution_prep_step
test_step_set_post name_resolution_cleanup_step
test_suite_add "TShark name resolution" tshark_name_resolution_suite
}
#
# Editor modelines - http://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

348
test/suite-text2pcap.sh
View File

@ -1,348 +0,0 @@
#!/bin/bash
#
# Run the text2pcap unit tests
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# Regex used to prase capinfos output
text2pcap_capinfos_regex="File type:.* - (.*)
File encapsulation:[[:blank:]]+(.*)
Number of packets:[[:blank:]]+(.*)
Data size:[[:blank:]]+([[:digit:]]+) bytes"
# Return information for the given pcap file
# arg1 = file name
#
# Set the following global variables
# $text2pcap_capinfos_filetype File type
# $text2pcap_capinfos_encap File encapsulation
# $text2pcap_capinfos_packets Number of packets
# $text2pcap_capinfos_datasize Data size
text2pcap_capinfos() {
#Initialize return variables
text2pcap_capinfos_filetype=""
text2pcap_capinfos_encap=""
text2pcap_capinfos_packets=""
text2pcap_capinfos_datasize=""
output=$($CAPINFOS -tEcdM $1)
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "exit status of capinfos: $RETURNVALUE"
return 1
fi
if [[ "$output" =~ $text2pcap_capinfos_regex ]]
then
#Array length ${#BASH_REMATCH[@]}
text2pcap_capinfos_filetype=${BASH_REMATCH[1]}
text2pcap_capinfos_encap=${BASH_REMATCH[2]}
text2pcap_capinfos_packets=${BASH_REMATCH[3]}
text2pcap_capinfos_datasize=${BASH_REMATCH[4]}
return 0
fi
echo "$output" > testout.txt
test_step_failed "Cannot parse capinfos ouput"
return 1
}
# common checking code:
# arg 1 = return value from text2pcap command
# arg 2 = file type string
# arg 3 = file encap
# arg 4 = number of file packets generated
text2pcap_common_check() {
if [ ! $1 -eq $EXIT_OK ]; then
echo
cat ./testout.txt
test_step_failed "exit status of text2pcap: $1"
return
fi
grep -q "potential packet" testout.txt
if [ ! $? -eq 0 ]; then
cat ./testout.txt
test_step_failed "text2pcap didn't complete"
fi
grep -q "Inconsistent offset" testout.txt
if [ $? -eq 0 ]; then
cat ./testout.txt
test_step_failed "text2pcap detected inconsistent offset"
fi
text2pcap_capinfos "./testout.pcap"
if [ ! $? -eq $EXIT_OK ]; then
test_step_failed "text2pcap_capinfos return error"
return 1
fi
if [ "$2" != "$text2pcap_capinfos_filetype" ]; then
test_step_failed "text2pcap output file type is not '$2'"
return 1
fi
if [ "$3" != "$text2pcap_capinfos_encap" ]; then
test_step_failed "text2pcap output encapsulation type is not '$3'"
return 1
fi
if [ "$4" != "$text2pcap_capinfos_packets" ]; then
test_step_failed "text2pcap did not generate $4 packets"
return 1
fi
if [ "$5" != "$text2pcap_capinfos_datasize" ]; then
test_step_failed "text2pcap output Data size: is not $5 bytes"
return 1
fi
}
# common checking code for legacy PCAP output
# arg1=returnvalue, arg2=encap type, arg3=# of file pkts arg4=data size
text2pcap_common_pcap_check() {
text2pcap_common_check "$1" 'pcap' "$2" "$3" "$4"
}
# common checking code for PCAPNG output
# arg1=returnvalue, arg2=encap type, arg3=# of file pkts arg4=data size
text2pcap_common_pcapng_check() {
text2pcap_common_check "$1" 'pcapng' "$2" "$3" "$4"
}
# convert pcap file to text format suitable for text2pcap
text2pcap_generate_input() {
$TSHARK -o 'gui.column.format:"Time","%t"' -tad -P -x -r $1 > testin.txt
#$TSHARK -P -tad -u hms -x -r $1 > testin.txt
}
# Perfom the following actions
# - Get information for the input pcap file with capinfos
# - Generate an ASCII hexdump with text2pcap
# - Convert the ASCII hexdump back to pcap using text2pcap
# - Get information for the output pcap file with capinfs
# - Check that file type, encapsulation type, number of packets and data size
# in the output file are the same as in the input file
#
# arg1=input file name arg2=# of file pkts arg3=data size
text2pcap_basic_test() {
filename="${CAPTURE_DIR}$1"
text2pcap_capinfos "$filename"
if [ ! $? -eq $EXIT_OK ]; then
test_step_failed "text2pcap_capinfos return error"
return 1
fi
text2pcap_generate_input "$filename"
#echo $text2pcap_capinfos_filetype
#echo $text2pcap_capinfos_encap
#echo $text2pcap_capinfos_packets
#echo $text2pcap_capinfos_datasize
#Overwrite number of packets or data size if optional parameters are present
if [ "x$2" != "x" ]; then
text2pcap_capinfos_packets=$2
fi
if [ "x$3" != "x" ]; then
text2pcap_capinfos_datasize=$3
fi
# link_type values are defined in pcap/bpf.h and wiretap/pcap-common.c
case "$text2pcap_capinfos_encap" in
Ethernet)
link_type="1"
;;
Raw\ IP)
link_type="14"
;;
Linux\ cooked-mode\ capture)
link_type="113"
;;
IEEE\ 802.11\ plus\ radiotap\ radio\ header)
link_type="127"
;;
DVB-CI*)
link_type="235"
;;
Per\ packet*)
printf " Per packet encapsulation is not yet supported"
test_step_skipped
return
;;
*)
printf " Unsupported link_type $text2pcap_capinfos_encap"
test_step_skipped
return
;;
esac
case "$text2pcap_capinfos_filetype" in
"pcap"|"pcap (gzip compressed)")
$TEXT2PCAP -d -l $link_type -t "%Y-%m-%d %H:%M:%S."\
testin.txt testout.pcap >testout.txt 2>&1
text2pcap_common_pcap_check "$RETURNVALUE"\
"$text2pcap_capinfos_encap"\
"$text2pcap_capinfos_packets"\
"$text2pcap_capinfos_datasize"
test_step_ok
;;
"nanosecond libpcap"|"pcapng"|"pcapng (gzip compressed)")
$TEXT2PCAP -n -d -l $link_type -t "%Y-%m-%d %H:%M:%S."\
testin.txt testout.pcap >testout.txt 2>&1
text2pcap_common_pcapng_check "$RETURNVALUE"\
"$text2pcap_capinfos_encap"\
"$text2pcap_capinfos_packets"\
"$text2pcap_capinfos_datasize"
test_step_ok
;;
*)
printf " Unsupported filetype $text2pcap_capinfos_filetype"
test_step_skipped
esac
}
text2pcap_dhcp_pcap_test() {
text2pcap_basic_test "dhcp.pcap"
}
text2pcap_dhcp_pcapng_test() {
text2pcap_basic_test "dhcp.pcapng"
}
text2pcap_segmented_fpm_pcap_test() {
text2pcap_basic_test "segmented_fpm.pcap"
}
text2pcap_c1222_std_example8_pcap_test() {
text2pcap_basic_test "c1222_std_example8.pcap"
}
text2pcap_dhcp_nanosecond_pcap_test() {
text2pcap_basic_test "dhcp-nanosecond.pcap"
}
text2pcap_dns_port_pcap_test() {
text2pcap_basic_test "dns_port.pcap"
}
text2pcap_dvb_ci_UV1_0000_pcap_test() {
text2pcap_basic_test "dvb-ci_UV1_0000.pcap"
}
text2pcap_empty_pcap_test() {
text2pcap_basic_test "empty.pcap"
}
text2pcap_ikev1_certs_pcap() {
text2pcap_basic_test "ikev1-certs.pcap"
}
text2pcap_rsa_p_lt_q_pcap() {
text2pcap_basic_test "rsa-p-lt-q.pcap"
}
text2pcap_rsasnakeoil2_pcap() {
text2pcap_basic_test "rsasnakeoil2.pcap"
}
text2pcap_sample_control4_2012_03_24_pcap_test() {
# tshark currently output decrypted ZigBee packets and
# as a result the number of packets and data size are different
text2pcap_basic_test "sample_control4_2012-03-24.pcap" 239 10103
}
text2pcap_snakeoil_dtls_test() {
text2pcap_basic_test "snakeoil-dtls.pcap"
}
text2pcap_wpa_eap_tls_pcap_gz_test() {
# tshark reassemble some packets and because of this
# the number of packets and data size are different
text2pcap_basic_test "wpa-eap-tls.pcap.gz" 88 38872
}
text2pcap_wpa_induction_pcap_gz_test() {
text2pcap_basic_test "wpa-Induction.pcap.gz"
}
text2pcap_dhcp_nanosecond_pcapng_test() {
text2pcap_basic_test "dhcp-nanosecond.pcapng"
}
text2pcap_dhe1_pcapng_gz_test() {
text2pcap_basic_test "dhe1.pcapng.gz"
}
text2pcap_dmgr_pcapng_test() {
# linux cooked mode capture
text2pcap_basic_test "dmgr.pcapng"
}
text2pcap_dns_icmp_pcapng_gz_test() {
# Different data size
# Most probably the problem is that input file timestamp precision is in microseconds
# File timestamp precision: microseconds (6)
text2pcap_basic_test "dns+icmp.pcapng.gz" "" 3202
}
text2pcap_packet_h2_14_headers_pcapng_test() {
text2pcap_basic_test "packet-h2-14_headers.pcapng"
}
text2pcap_sip_pcapng_test() {
# Raw IP encap
text2pcap_basic_test "sip.pcapng"
}
text2pcap_step_hash_at_eol() {
$TEXT2PCAP -n -d -t "%Y-%m-%d %H:%M:%S."\
"${CAPTURE_DIR}/text2pcap_hash_eol.txt" testout.pcap > testout.txt 2>&1
RETURNVALUE=$?
grep -q "Inconsistent offset" testout.txt
if [ $? -eq 0 ]; then
cat ./testout.txt
test_step_failed "text2pcap failed to parse the hash sign at the end of the line"
fi
#Check that #TEXT2PCAP is not prased as a comment
grep -q "Directive \[ test_directive" testout.txt
if [ $? -ne 0 ]; then
cat ./testout.txt
test_step_failed "text2pcap failed to parse #TEXT2PCAP test_directive"
fi
text2pcap_common_pcapng_check $RETURNVALUE "Ethernet" 1 96
test_step_ok
}
text2pcap_cleanup_step() {
rm -f ./testin.txt
rm -f ./testout.txt
rm -f ./capinfo_testout.txt
rm -f ./testout.pcap
}
text2pcap_suite() {
test_step_set_pre text2pcap_cleanup_step
test_step_set_post text2pcap_cleanup_step
test_step_add "testing with empty.pcap" text2pcap_empty_pcap_test
test_step_add "testing with dhcp.pcap" text2pcap_dhcp_pcap_test
test_step_add "testing with dhcp.pcapng" text2pcap_dhcp_pcapng_test
test_step_add "testing with dhcp-nanosecond.pcap" text2pcap_dhcp_nanosecond_pcap_test
test_step_add "testing with dhcp-nanosecond.pcapng" text2pcap_dhcp_nanosecond_pcapng_test
test_step_add "testing with segmented_fpm.pcap" text2pcap_segmented_fpm_pcap_test
test_step_add "testing with c1222_std_example8.pcap" text2pcap_c1222_std_example8_pcap_test
test_step_add "testing with dns_port.pcap" text2pcap_dns_port_pcap_test
test_step_add "testing with dvb-ci_UV1_0000.pcap" text2pcap_dvb_ci_UV1_0000_pcap_test
test_step_add "testing with ikev1-certs.pcap" text2pcap_ikev1_certs_pcap
test_step_add "testing with rsa-p-lt-q.pcap" text2pcap_rsa_p_lt_q_pcap
test_step_add "testing with rsasnakeoil2.pcap" text2pcap_rsasnakeoil2_pcap
test_step_add "testing with sample_control4_2012-03-24.pcap" text2pcap_sample_control4_2012_03_24_pcap_test
test_step_add "testing with snakeoil-dtls.pcap" text2pcap_snakeoil_dtls_test
test_step_add "testing with wpa-eap-tls.pcap.gz" text2pcap_wpa_eap_tls_pcap_gz_test
test_step_add "testing with wpa-Induction.pcap.gz" text2pcap_wpa_induction_pcap_gz_test
test_step_add "testing with dhe1.pcapng.gz" text2pcap_dhe1_pcapng_gz_test
test_step_add "testing with dmgr.pcapng" text2pcap_dmgr_pcapng_test
test_step_add "testing with dns+icmp.pcapng.gz" text2pcap_dns_icmp_pcapng_gz_test
test_step_add "testing with packet-h2-14_headers.pcapng" text2pcap_packet_h2_14_headers_pcapng_test
test_step_add "testing with sip.pcapng" text2pcap_sip_pcapng_test
test_step_add "hash sign at the end of the line" text2pcap_step_hash_at_eol
}
#
# Editor modelines - https://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

127
test/suite-unittests.sh
View File

@ -1,127 +0,0 @@
#!/bin/bash
#
# Run the epan unit tests
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
unittests_step_test() {
$DUT $ARGS > testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testout.txt
test_step_failed "exit status of $DUT: $RETURNVALUE"
return
fi
test_step_ok
}
TOOL_SEARCH_PATHS="
$WS_BIN_PATH
$WS_BIN_PATH/epan
$SOURCE_DIR/epan
$WS_BIN_PATH/epan/wmem
$SOURCE_DIR/epan/wmem
$WS_BIN_PATH/tools
$SOURCE_DIR/tools
"
check_dut() {
TEST_EXE=""
# WS_BIN_PATH must be checked first, otherwise
# we'll find a non-functional program in epan or epan/wmem.
for TEST_PATH in $TOOL_SEARCH_PATHS ; do
if [ -x "$TEST_PATH/$1" ]; then
TEST_EXE=$TEST_PATH/$1
break
fi
done
if [ -n "$TEST_EXE" ]; then
if [[ "$WS_SYSTEM" == "Windows" && "$TEST_EXE" == *.py ]] ; then
SCRIPT_PATH=$( cygpath -w "$TEST_EXE" )
TSHARK_PATH=$( cygpath -w "$TSHARK" )
DUT="python $SCRIPT_PATH"
else
TSHARK_PATH="$TSHARK"
DUT=$TEST_EXE
fi
else
test_step_failed "$1 not found. Have you built test-programs?"
return 1
fi
}
unittests_step_exntest() {
check_dut exntest || return
ARGS=
unittests_step_test
}
unittests_step_oids_test() {
check_dut oids_test || return
ARGS=
unittests_step_test
}
unittests_step_reassemble_test() {
check_dut reassemble_test || return
ARGS=
unittests_step_test
}
unittests_step_tvbtest() {
check_dut tvbtest || return
ARGS=
unittests_step_test
}
unittests_step_wmem_test() {
check_dut wmem_test || return
ARGS=--verbose
unittests_step_test
}
unittests_step_ftsanity() {
check_dut ftsanity.py || return
ARGS=$TSHARK_PATH
unittests_step_test
}
unittests_step_fieldcount() {
check_dut tshark || return
ARGS="-G fieldcount"
unittests_step_test
}
unittests_cleanup_step() {
rm -f ./testout.txt
}
unittests_suite() {
test_step_set_pre unittests_cleanup_step
test_step_set_post unittests_cleanup_step
test_step_add "exntest" unittests_step_exntest
test_step_add "oids_test" unittests_step_oids_test
test_step_add "reassemble_test" unittests_step_reassemble_test
test_step_add "tvbtest" unittests_step_tvbtest
test_step_add "wmem_test" unittests_step_wmem_test
test_step_add "ftsanity.py" unittests_step_ftsanity
test_step_add "field count" unittests_step_fieldcount
}
#
# Editor modelines - http://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

515
test/suite-wslua.sh
View File

@ -1,515 +0,0 @@
#!/bin/bash
#
# Run the Lua API unit tests
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
wslua_step_dir_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/dir.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_dissector_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# First run tshark with the dissector script.
$TSHARK -r $CAPTURE_DIR/dns_port.pcap -V -X lua_script:$TESTS_DIR/lua/dissector.lua > testin.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testin.txt
test_step_failed "subtest-1 exit status of $DUT: $RETURNVALUE"
return
fi
# then run tshark again with the verification script. (it internally reads in testin.txt)
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/verify_dissector.lua > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat ./testin.txt
cat ./testout.txt
test_step_failed "subtest-1 didn't find pass marker"
fi
# run tshark with the dissector script again, but in mode 2.
$TSHARK -r $CAPTURE_DIR/dns_port.pcap -V -X lua_script:$TESTS_DIR/lua/dissector.lua -X lua_script1:heur_regmode=2 > testin.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testin.txt
test_step_failed "subtest-2 exit status of $DUT: $RETURNVALUE"
return
fi
# then run tshark again with the verification script. (it internally reads in testin.txt)
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/verify_dissector.lua -X lua_script1:no_heur > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat ./testin.txt
cat ./testout.txt
test_step_failed "subtest-2 didn't find pass marker"
fi
# run tshark with the dissector script again, but in mode 3.
$TSHARK -r $CAPTURE_DIR/dns_port.pcap -V -X lua_script:$TESTS_DIR/lua/dissector.lua -X lua_script1:heur_regmode=3 > testin.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testin.txt
test_step_failed "subtest-3 exit status of $DUT: $RETURNVALUE"
return
fi
# then run tshark again with the verification script. (it internally reads in testin.txt)
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/verify_dissector.lua -X lua_script1:no_heur > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat ./testin.txt
cat ./testout.txt
test_step_failed "subtest-3 didn't find pass marker"
return
fi
FPM_ARGS="
-r $CAPTURE_DIR/segmented_fpm.pcap
-X lua_script:$TESTS_DIR/lua/dissectFPM.lua
-T fields
-e frame.number
-e fpm
-e fpm.version
-e fpm.type
-e fpm.length
"
# run tshark with the FPM dissector script, enabling dissect_tcp_pdus().
$TSHARK $FPM_ARGS -o fpm.dissect_tcp:true > testin.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testin.txt
test_step_failed "subtest-4a exit status of $DUT: $RETURNVALUE"
return
fi
# run tshark with the FPM dissector script, disabling dissect_tcp_pdus().
$TSHARK $FPM_ARGS -o fpm.dissect_tcp:false > testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testout.txt
test_step_failed "subtest-4b exit status of $DUT: $RETURNVALUE"
return
fi
# now compare the two files - they should be identical
if diff -q ./testin.txt ./testout.txt; then
rm ./testin.txt
rm ./testout.txt
test_step_ok
else
echo
cat ./testin.txt
cat ./testout.txt
test_step_failed "subtest-4 the new and old tcp dissection methods differed"
fi
}
wslua_step_field_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/dhcp.pcap -X lua_script:$TESTS_DIR/lua/field.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_file_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# First run tshark with the pcap_file_reader script.
$TSHARK -r $CAPTURE_DIR/dhcp.pcap -X lua_script:$TESTS_DIR/lua/pcap_file.lua > testin.txt 2>&1
$TSHARK -r $CAPTURE_DIR/wpa-Induction.pcap.gz -X lua_script:$TESTS_DIR/lua/pcap_file.lua >> testin.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testin.txt
test_step_failed "subtest-1 exit status of $DUT: $RETURNVALUE"
return
fi
# then run tshark again without the script
$TSHARK -r $CAPTURE_DIR/dhcp.pcap > testout.txt 2>&1
$TSHARK -r $CAPTURE_DIR/wpa-Induction.pcap.gz >> testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testout.txt
test_step_failed "subtest-2 exit status of $DUT: $RETURNVALUE"
return
fi
# now compare the two files - they should be identical
if diff -q ./testin.txt ./testout.txt; then
rm ./testin.txt
else
echo
cat ./testin.txt
cat ./testout.txt
test_step_failed "subtest-3 reading the pcap file with Lua did not match internal"
return
fi
# Now generate a new capture file using the Lua writer.
$TSHARK -r $CAPTURE_DIR/dhcp.pcap -X lua_script:$TESTS_DIR/lua/pcap_file.lua -w testin.txt -F lua_pcap2 > testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testout.txt
test_step_failed "subtest-4 exit status of $DUT: $RETURNVALUE"
return
fi
# now compare the two files - they should be identical
if diff -q $CAPTURE_DIR/dhcp.pcap ./testin.txt; then
rm ./testin.txt
else
echo
cat ./testout.txt
test_step_failed "subtest-5 creating a new pcap file using Lua did not match dhcp.cap"
return
fi
# Now read an acme sipmsg.log using the acme Lua reader, writing it out as pcapng.
$TSHARK -r $CAPTURE_DIR/sipmsg.log -X lua_script:$TESTS_DIR/lua/acme_file.lua -w testin.txt -F pcapng > testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testout.txt
test_step_failed "subtest-6 exit status of $DUT: $RETURNVALUE"
return
fi
# testin.txt is now a pcapng, read it out using -V verbose into testout.txt
$TSHARK -r ./testin.txt -V > testout.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testout.txt
test_step_failed "subtest-7 exit status of $DUT: $RETURNVALUE"
return
fi
# now readout sip.pcapng into testin.txt using -V verbose
$TSHARK -r $CAPTURE_DIR/sip.pcapng -V > testin.txt 2>&1
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
echo
cat ./testin.txt
test_step_failed "subtest-8 exit status of $DUT: $RETURNVALUE"
return
fi
# now compare testin and testout - they should be identical
if diff -q ./testout.txt ./testin.txt; then
test_step_ok
else
echo
cat ./testout.txt
diff ./testout.txt ./testin.txt
test_step_failed "subtest-9 writing the acme sipmsg.log out as pcapng did not match sip.pcapng"
fi
}
wslua_step_listener_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/dhcp.pcap -X lua_script:$TESTS_DIR/lua/listener.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_nstime_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/dhcp.pcap -X lua_script:$TESTS_DIR/lua/nstime.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_pinfo_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/dhcp.pcap -X lua_script:$TESTS_DIR/lua/pinfo.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_proto_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# First run tshark with the proto script.
$TSHARK -r $CAPTURE_DIR/dns_port.pcap -V -X lua_script:$TESTS_DIR/lua/proto.lua > testin.txt 2>&1
grep -q "All tests passed!" testin.txt
if [ $? -ne 0 ]; then
cat ./testin.txt
test_step_failed "didn't find pass marker"
fi
# then run tshark again with the verification script. (it internally reads in testin.txt)
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/verify_dissector.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
echo
cat ./testin.txt
cat ./testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_protofield_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
# Perform this twice: once with a tree, once without
# Pass 1 (visible tree)
$TSHARK -r $CAPTURE_DIR/dns_port.pcap -X lua_script:$TESTS_DIR/lua/protofield.lua -V -Y "test.filtered==1" > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat testout.txt
test_step_failed "protofield_test: didn't find pass marker (pass 1)"
fi
# Pass 2 (invisible tree)
$TSHARK -r $CAPTURE_DIR/dns_port.pcap -X lua_script:$TESTS_DIR/lua/protofield.lua -Y "test.filtered==1" > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "protofield_test: didn't find pass marker (pass 2)"
fi
}
wslua_step_int64_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/int64.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
echo
cat ./testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_args_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/script_args.lua -X lua_script1:1 > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat testout.txt
test_step_failed "lua_args_test test 1 failed"
fi
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/script_args.lua -X lua_script1:3 -X lua_script1:foo -X lua_script1:bar > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat testout.txt
test_step_failed "lua_args_test test 2 failed"
fi
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/script_args.lua -X lua_script:$TESTS_DIR/lua/script_args.lua -X lua_script1:3 -X lua_script2:1 -X lua_script1:foo -X lua_script1:bar > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat testout.txt
test_step_failed "lua_args_test test 3 failed"
fi
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/script_args.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
cat testout.txt
test_step_failed "lua_args_test negative test 4 failed"
fi
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/script_args.lua -X lua_script1:3 > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
cat testout.txt
test_step_failed "lua_args_test negative test 5 failed"
fi
test_step_ok
}
wslua_step_globals_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/verify_globals.lua -X lua_script1:$TESTS_DIR/lua/ -X lua_script1:$TESTS_DIR/lua/globals_2.2.txt > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat testout.txt
test_step_failed "lua_globals_test test 1 failed"
fi
test_step_ok
}
wslua_step_gregex_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/gregex.lua -X lua_script1:-d$TESTS_DIR/lua/ -X lua_script1:glib -X lua_script1:-V > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_struct_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
$TSHARK -r $CAPTURE_DIR/empty.pcap -X lua_script:$TESTS_DIR/lua/struct.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_step_tvb_test() {
if [ $HAVE_LUA -ne 0 ]; then
test_step_skipped
return
fi
# Tshark catches lua script failures, so we have to parse the output.
# perform this twice: once with a tree, once without
$TSHARK -r $CAPTURE_DIR/dns_port.pcap -X lua_script:$TESTS_DIR/lua/tvb.lua -V > testout.txt 2>&1
grep -q "All tests passed!" testout.txt
if [ $? -ne 0 ]; then
cat testout.txt
test_step_failed "lua_args_test test 1 failed"
fi
$TSHARK -r $CAPTURE_DIR/dns_port.pcap -X lua_script:$TESTS_DIR/lua/tvb.lua > testout.txt 2>&1
if grep -q "All tests passed!" testout.txt; then
test_step_ok
else
cat testout.txt
test_step_failed "didn't find pass marker"
fi
}
wslua_cleanup_step() {
rm -f ./testout.txt
rm -f ./testin.txt
}
wslua_suite() {
test_step_set_pre wslua_cleanup_step
test_step_set_post wslua_cleanup_step
test_step_add "wslua dir" wslua_step_dir_test
test_step_add "wslua dissector" wslua_step_dissector_test
test_step_add "wslua field/fieldinfo" wslua_step_field_test
test_step_add "wslua file" wslua_step_file_test
test_step_add "wslua globals" wslua_step_globals_test
# GRegex tests are broken since PCRE 8.34, see bug 12997.
#test_step_add "wslua gregex" wslua_step_gregex_test
test_step_add "wslua int64" wslua_step_int64_test
test_step_add "wslua listener" wslua_step_listener_test
test_step_add "wslua nstime" wslua_step_nstime_test
test_step_add "wslua pinfo" wslua_step_pinfo_test
test_step_add "wslua proto/protofield" wslua_step_proto_test
test_step_add "wslua protofield" wslua_step_protofield_test
test_step_add "wslua script arguments" wslua_step_args_test
test_step_add "wslua struct" wslua_step_struct_test
test_step_add "wslua tvb" wslua_step_tvb_test
}
#
# Editor modelines - https://www.wireshark.org/tools/modelines.html
#
# Local variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

338
test/test-backend.sh
View File

@ -1,338 +0,0 @@
#!/bin/bash
#
# Test backend
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# References:
# http://www.gnu.org/software/bash/manual/bashref.html "Bash Reference Manual"
# http://www.tldp.org/LDP/abs/html/ "Advanced Bash-Scripting Guide"
# http://www.tldp.org/LDP/abs/html/colorizing.html "Colorizing" Scripts"
# http://www.junit.org/junit/javadoc/3.8.1/index.htm "JUnit javadoc"
# check undefined variables
# http://www.tldp.org/LDP/abs/html/options.html
# bash -u test.sh
# make sure that tput (part of ncurses) is installed
tput -V >/dev/null 2>/dev/null
if [ ! $? -eq 0 ]; then
USE_COLOR=0
fi
# coloring the output
if [ $USE_COLOR -eq 1 ] ; then
color_reset="tput sgr0"
color_green=''
color_red=''
color_yellow=''
color_blue=''
else
color_reset="true"
color_green=''
color_red=''
color_yellow=''
color_blue=''
fi
# runtime flags
TEST_RUN="OFF"
TEST_OUTPUT="VERBOSE" # "OFF", "DOTTED", "VERBOSE"
# runtime vars
TEST_NESTING_LEVEL=0 # nesting level of current test
TEST_STEPS[0]=0 # number of steps of a specific nesting level
# output counters
TEST_OK=0 # global count of succeeded steps
TEST_FAILED=0 # global count of failed steps
TEST_SKIPPED=0 # global count of failed steps
TEST_STEP_PRE_CB=
TEST_STEP_POST_CB=
# level number of this test item (suite or step)
test_level() {
LIMIT_LEVEL=100
for ((a=0; a <= LIMIT_LEVEL ; a++))
do
if [ ! $a -eq 0 ]; then
echo -n "."
fi
echo -n "${TEST_STEPS[a]}"
if [ $a -eq $TEST_NESTING_LEVEL ]; then
#echo "end"
return
fi
done
}
# set output format
# $1 - "OUT", "DOTTED", "VERBOSE"
test_set_output() {
TEST_OUTPUT=$1
}
# run a test suite
# $1 name
# $2 command
test_suite_run() {
# header
echo -n -e $color_blue
echo ""
echo "### $1 ###"
$color_reset
TEST_RUN="ON"
# run the actual test suite
$2
# results
if [ $TEST_RUN = "ON" ]; then
echo ""
if [ $TEST_FAILED -eq 0 ]; then
echo -n -e $color_green
else
echo -n -e $color_red
fi
echo "### Test suite results ###"
echo -n -e $color_green
echo "OK : $TEST_OK"
echo -n -e $color_red
echo "Failed: $TEST_FAILED"
echo -n -e $color_yellow
echo "Skipped: $TEST_SKIPPED"
$color_reset
fi
TEST_RUN="OFF"
# exit status
if [ $TEST_FAILED -eq 0 ]; then
return 0
else
return 1
fi
}
# show a test suite
# $1 name
# $2 command
test_suite_show() {
# header
echo -n -e $color_blue
echo ""
echo "### Test suite: $1 ###"
echo ""
echo "Subitems:"
echo "---------"
$color_reset
# show this test suite subitems
$2
echo ""
}
# add a test suite
# $1 name
# $2 function
test_suite_add() {
# increase step counter of this nesting level
let "TEST_STEPS[$TEST_NESTING_LEVEL] += 1"
if [ $TEST_RUN = "ON" ]; then
echo ""
fi
# title output if we'll list the subitems
if [[ $TEST_RUN = "ON" ]]; then
echo -n -e $color_blue
test_level
echo " Suite: $1"
$color_reset
fi
if [[ $TEST_NESTING_LEVEL -eq 0 ]]; then
pos=${TEST_STEPS[$TEST_NESTING_LEVEL]}
#echo "pos " $pos
test_title[$pos]=$1
test_function[$pos]=$2
#echo ${test_title[1]}
fi
# reset test step counter back to zero
TEST_STEP=0
# call the suites function
let "TEST_NESTING_LEVEL += 1"
TEST_STEPS[$TEST_NESTING_LEVEL]=0
$2
let "TEST_NESTING_LEVEL -= 1"
# title output (with subitem counter) if we don't listed the subitems
if [[ ! $TEST_RUN = "ON" && $TEST_NESTING_LEVEL -eq 0 ]]; then
echo -n -e $color_blue
test_level
echo " Suite: $1 (${TEST_STEPS[TEST_NESTING_LEVEL+1]} subitems)"
$color_reset
fi
}
# add a test step
# $1 name
# $2 function
test_step_add() {
let "TEST_STEPS[$TEST_NESTING_LEVEL] += 1"
if [[ ($TEST_RUN = "ON" && $TEST_OUTPUT = "DOTTED") && $TEST_NESTING_LEVEL -eq 0 ]]; then
echo ""
fi
if [[ ( $TEST_RUN = "ON" && $TEST_OUTPUT = "VERBOSE" ) || $TEST_NESTING_LEVEL -eq 0 ]]; then
echo -n -e $color_blue
test_level
echo -n " Step:" $1
$color_reset
fi
if [ $TEST_RUN = "ON" ]; then
# preprecessing step
$TEST_STEP_PRE_CB
#echo "command: "$2" opt1: "$3" opt2: "$4" opt3: "$5" opt4: "$6" opt5: "$7
TEST_STEP_NAME=$1
# actually run the command to test now
$2
#"$3" "$4" "$5" "$6" "$7"
# post precessing step
$TEST_STEP_POST_CB
else
if [[ $TEST_NESTING_LEVEL -eq 0 ]]; then
echo ""
fi
fi
}
# set the preprocessing function
# $1 remark
test_step_set_pre() {
TEST_STEP_PRE_CB=$1
}
# set the post processing function
# $1 remark
test_step_set_post() {
TEST_STEP_POST_CB=$1
}
# add a test remark
# $1 remark
test_remark_add() {
# test is running or toplevel item? -> show remark
if [[ $TEST_RUN = "ON" || $TEST_NESTING_LEVEL -eq 0 ]]; then
# test is running and output is dotted -> newline first
if [[ $TEST_RUN = "ON" && $TEST_OUTPUT = "DOTTED" ]]; then
echo ""
fi
# remark
echo -n -e $color_blue
echo " Remark: $1"
$color_reset
fi
}
# the test step succeeded
test_step_ok() {
# count appearance
let "TEST_OK += 1"
# output in green
echo -n -e $color_green
if [ $TEST_OUTPUT = "VERBOSE" ]; then
echo " OK"
else
echo -n .
fi
$color_reset
}
# the test step failed
# $1 output text
test_step_failed() {
let "TEST_FAILED += 1"
# output in red
echo -n -e "$color_red"
echo ""
echo "\"$TEST_STEP_NAME\" Failed!"
echo $1
$color_reset
# XXX - add a mechanism to optionally stop here
}
# the test step skipped (usually not suitable for this machine/platform)
test_step_skipped() {
# count appearance
let "TEST_SKIPPED += 1"
# output in green
echo -n -e $color_yellow
if [ $TEST_OUTPUT = "VERBOSE" ]; then
echo " Skipped"
else
echo -n .
fi
$color_reset
}
test_step_output_print() {
wait
printf "\n"
for f in "$@"; do
if [[ -f "$f" ]]; then
printf " --> $f\n"
cat "$f"
printf " <--\n"
else
printf " --> $f: doesn't exist (or isn't a file)\n"
fi
done
}
#
# Editor modelines - http://www.wireshark.org/tools/modelines.html
#
# Local variables:
# c-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# vi: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false:
#

300
test/test.sh
View File

@ -1,300 +0,0 @@
#!/bin/bash
(set -o igncr) 2>/dev/null && set -o igncr; # comment is needed
# # hack for cygwin bash
# # no-op for other
#
# Test various command line testable aspects of the Wireshark tools
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
# Copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# an existing capture file
USE_COLOR=1
RUN_SUITE=""
PRINT_USAGE=0
# Ensure cygwin bin dir is on the path if running under it
if [[ $OSTYPE == "cygwin" ]]; then
PATH="$PATH:/usr/bin"
fi
while getopts "chs:" OPTION ; do
case $OPTION in
c) USE_COLOR=0 ;;
h) PRINT_USAGE=1 ;;
s) RUN_SUITE="$OPTARG" ;;
*) echo "Unknown option: " $OPTION $OPTARG
esac
done
shift $(( $OPTIND - 1 ))
if [ $PRINT_USAGE -ne 0 ] ; then
THIS=`basename $0`
cat <<FIN
Usage: $THIS [-c] [-h] [-s <suite>]
-c: Disable color output
-h: Print this message and exit
-s: Run a suite. Must be one of:
all
capture
clopts
decryption
fileformats
io
nameres
prerequisites
unittests
wslua
dissection
FIN
exit 0
fi
MYDIR=$(dirname $0)
if [ -d run ]; then
if [ -e run/tshark -o -e run/dumpcap -o -e run/rawshark ]; then
WS_BIN_PATH=${WS_BIN_PATH:-$(cd run && pwd)}
fi
fi
source $MYDIR/test-backend.sh
source $MYDIR/config.sh
# needed by some tests
TEST_OUTDIR="$(mktemp -d 2>/dev/null || mktemp -d ${TMPDIR:-/tmp}/wstest.XXXXXXXXXX)"
if [ $? -ne 0 ] || [ ! -d "$TEST_OUTDIR" ] || ! cd "$TEST_OUTDIR"; then
# Error out if TEST_OUTDIR cannot be created
echo "Failed to create directory '$TEST_OUTDIR'"
exit 1
fi
TEST_OUTDIR_CLEAN=${TEST_OUTDIR_CLEAN:-1}
# Configuration paths
HOME_ENV="HOME"
HOME_PATH="$TEST_OUTDIR/home"
CONF_PATH="$HOME_PATH/.wireshark"
if [ "$WS_SYSTEM" == "Windows" ] ; then
HOME_ENV="APPDATA"
HOME_PATH="`cygpath -w $HOME_PATH`"
CONF_PATH="$HOME_PATH/Wireshark"
CAPTURE_DIR="`cygpath -w $CAPTURE_DIR`"
TESTS_DIR="`cygpath -w $TESTS_DIR`"
fi
mkdir -p $CONF_PATH
source $TESTS_DIR/suite-clopts.sh
source $TESTS_DIR/suite-io.sh
source $TESTS_DIR/suite-capture.sh
source $TESTS_DIR/suite-unittests.sh
source $TESTS_DIR/suite-fileformats.sh
source $TESTS_DIR/suite-decryption.sh
source $TESTS_DIR/suite-nameres.sh
source $TESTS_DIR/suite-wslua.sh
source $TESTS_DIR/suite-mergecap.sh
source $TESTS_DIR/suite-text2pcap.sh
source $TESTS_DIR/suite-dissection.sh
test_cleanup() {
if [ $TEST_OUTDIR_CLEAN = 1 ]; then
# display contents of test outputs, ignore directory:
# home (decryption suite)
grep -r . --exclude-dir=home .
rm -rf "$TEST_OUTDIR"
elif ! rmdir "$TEST_OUTDIR" 2>/dev/null; then
# if directory is non-empty, print directory
echo "Test results are available in $TEST_OUTDIR"
fi
}
trap test_cleanup EXIT
#check prerequisites
test_step_prerequisites() {
NOTFOUND=0
for i in "$WIRESHARK" "$TSHARK" "$CAPINFOS" "$MERGECAP" "$DUMPCAP" ; do
if [ ! -x $i ]; then
echo "Couldn't find $i"
NOTFOUND=1
fi
done
if [ $NOTFOUND -eq 1 ]; then
test_step_failed "Tool not found"
exit 1
else
test_step_ok
fi
}
# Dump version information
test_step_tshark_version() {
test_remark_add "Printing TShark version"
$TESTS_DIR/run_and_catch_crashes $TSHARK -v
RETURNVALUE=$?
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
test_step_failed "Failed to print version information"
return
fi
test_step_ok
}
prerequisites_suite() {
test_step_add "Prerequisites settings" test_step_prerequisites
test_step_add "Version information" test_step_tshark_version
}
test_suite() {
test_suite_add "Prerequisites" prerequisites_suite
test_suite_add "Command line options" clopt_suite
test_suite_add "File I/O" io_suite
test_suite_add "Capture" capture_suite
test_suite_add "Unit tests" unittests_suite
test_suite_add "Decryption" decryption_suite
test_suite_add "Name Resolution" name_resolution_suite
test_suite_add "Lua API" wslua_suite
test_suite_add "Mergecap" mergecap_suite
test_suite_add "File formats" fileformats_suite
test_suite_add "Text2pcap" text2pcap_suite
test_suite_add "Dissection" dissection_suite
}
#test_set_output OFF # doesn't work
#test_set_output DOTTED
test_set_output VERBOSE
#test_suite_run "TShark command line options" clopt_suite
#test_suite_run "TShark capture" capture_suite
# all
#test_suite_run "All" test_suite
#test_suite_show "All" test_suite
if [ -n "$RUN_SUITE" ] ; then
case $RUN_SUITE in
"all")
test_suite_run "All" test_suite
exit $? ;;
"capture")
test_suite_run "Capture" capture_suite
exit $? ;;
"clopts")
test_suite_run "Command line options" clopt_suite
exit $? ;;
"decryption")
test_suite_run "Decryption" decryption_suite
exit $? ;;
"fileformats")
test_suite_run "File formats" fileformats_suite
exit $? ;;
"io")
test_suite_run "File I/O" io_suite
exit $? ;;
"nameres")
test_suite_run "Name Resolution" name_resolution_suite
exit $? ;;
"prerequisites")
test_suite_run "Prerequisites" prerequisites_suite
exit $? ;;
"unittests")
test_suite_run "Unit tests" unittests_suite
exit $? ;;
"wslua")
test_suite_run "Lua API" wslua_suite
exit $? ;;
"text2pcap")
test_suite_run "Text2pcap" text2pcap_suite
exit $? ;;
"dissection")
test_suite_run "Dissection" dissection_suite
exit $? ;;
esac
fi
MENU_LEVEL=0
menu_title[0]="All"
menu_function[0]=test_suite
echo "----------------------------------------------------------------------"
for ((a=0; a <= 100000000000 ; a++))
do
TEST_STEPS[0]=0 # number of steps of a specific nesting level
#echo $current_title $current_function
test_suite_show "${menu_title[MENU_LEVEL]}" "${menu_function[MENU_LEVEL]}"
if [ $MENU_LEVEL -gt 0 ]; then
echo "T or Enter: Run suite"
else
echo "1-$TEST_STEPS : Select suite"
fi
# DBG
#echo "Menu level: $MENU_LEVEL"
#echo "Menu Title: ${menu_title[MENU_LEVEL]}"
#echo "Menu Function: ${menu_function[MENU_LEVEL]}"
#echo "Test title size: ${#test_title[@]}"
# END DBG
if [[ ! $MENU_LEVEL -eq 0 ]]; then
echo "U : Up"
fi
echo "Q : Quit"
echo ""
read key
newl=$'\x0d'
echo "$newl----------------------------------------------------------------------"
TEST_STEPS[0]=0 # number of steps of a specific nesting level
#echo $key
case "$key" in
"Q" | "q")
exit 0
;;
"T" | "t" | "")
LIMIT_RUNS=1
for ((a_runs=1; a_runs <= LIMIT_RUNS ; a_runs++)) # Double parentheses, and "LIMIT" with no "$".
do
test_suite_run "${menu_title[MENU_LEVEL]}" "${menu_function[MENU_LEVEL]}"
done
echo "----------------------------------------------------------------------"
;;
"U" | "u")
if [[ ! $MENU_LEVEL -eq 0 ]]; then
let "MENU_LEVEL -= 1"
#echo "----------------------------------------------------------------------"
fi
;;
## Now we're only interested in digits when the menu level is at the top (0)
[0-9]*)
if [ $MENU_LEVEL -eq 0 ]; then
if [ $key -le ${#test_title[@]} ]; then
let "MENU_LEVEL += 1"
menu_title[MENU_LEVEL]=${test_title[$key]}
menu_function[MENU_LEVEL]=${test_function[$key]}
fi
fi
;;
esac
done
# Editor modelines
#
# Local Variables:
# sh-basic-offset: 8
# tab-width: 8
# indent-tabs-mode: t
# End:
#
# ex: set shiftwidth=8 tabstop=8 noexpandtab:
# :indentSize=8:tabSize=8:noTabs=false: