153a5a1b3Sopenharmony_ci#ifdef HAVE_CONFIG_H 253a5a1b3Sopenharmony_ci#include <config.h> 353a5a1b3Sopenharmony_ci#endif 453a5a1b3Sopenharmony_ci 553a5a1b3Sopenharmony_ci#include <sys/types.h> 653a5a1b3Sopenharmony_ci#include <stdio.h> 753a5a1b3Sopenharmony_ci#include <unistd.h> 853a5a1b3Sopenharmony_ci#include <string.h> 953a5a1b3Sopenharmony_ci 1053a5a1b3Sopenharmony_ci#include <check.h> 1153a5a1b3Sopenharmony_ci 1253a5a1b3Sopenharmony_ci#ifdef HAVE_NETINET_IN_H 1353a5a1b3Sopenharmony_ci#include <netinet/in.h> 1453a5a1b3Sopenharmony_ci#endif 1553a5a1b3Sopenharmony_ci#ifdef HAVE_NETINET_IN_SYSTM_H 1653a5a1b3Sopenharmony_ci#include <netinet/in_systm.h> 1753a5a1b3Sopenharmony_ci#endif 1853a5a1b3Sopenharmony_ci#ifdef HAVE_NETINET_IP_H 1953a5a1b3Sopenharmony_ci#include <netinet/ip.h> 2053a5a1b3Sopenharmony_ci#endif 2153a5a1b3Sopenharmony_ci 2253a5a1b3Sopenharmony_ci#include <pulsecore/log.h> 2353a5a1b3Sopenharmony_ci#include <pulsecore/macro.h> 2453a5a1b3Sopenharmony_ci#include <pulsecore/socket.h> 2553a5a1b3Sopenharmony_ci#include <pulsecore/ipacl.h> 2653a5a1b3Sopenharmony_ci#include <pulsecore/arpa-inet.h> 2753a5a1b3Sopenharmony_ci 2853a5a1b3Sopenharmony_cistatic void do_ip_acl_check(const char *s, int fd, int expected) { 2953a5a1b3Sopenharmony_ci pa_ip_acl *acl; 3053a5a1b3Sopenharmony_ci int result; 3153a5a1b3Sopenharmony_ci 3253a5a1b3Sopenharmony_ci acl = pa_ip_acl_new(s); 3353a5a1b3Sopenharmony_ci fail_unless(acl != NULL); 3453a5a1b3Sopenharmony_ci result = pa_ip_acl_check(acl, fd); 3553a5a1b3Sopenharmony_ci pa_ip_acl_free(acl); 3653a5a1b3Sopenharmony_ci 3753a5a1b3Sopenharmony_ci pa_log_info("%-20s result=%u (should be %u)", s, result, expected); 3853a5a1b3Sopenharmony_ci fail_unless(result == expected); 3953a5a1b3Sopenharmony_ci} 4053a5a1b3Sopenharmony_ci 4153a5a1b3Sopenharmony_ciSTART_TEST (ipacl_test) { 4253a5a1b3Sopenharmony_ci struct sockaddr_in sa; 4353a5a1b3Sopenharmony_ci#ifdef HAVE_IPV6 4453a5a1b3Sopenharmony_ci struct sockaddr_in6 sa6; 4553a5a1b3Sopenharmony_ci#endif 4653a5a1b3Sopenharmony_ci int fd; 4753a5a1b3Sopenharmony_ci int r; 4853a5a1b3Sopenharmony_ci 4953a5a1b3Sopenharmony_ci fd = socket(PF_INET, SOCK_STREAM, 0); 5053a5a1b3Sopenharmony_ci fail_unless(fd >= 0); 5153a5a1b3Sopenharmony_ci 5253a5a1b3Sopenharmony_ci sa.sin_family = AF_INET; 5353a5a1b3Sopenharmony_ci sa.sin_port = htons(22); 5453a5a1b3Sopenharmony_ci sa.sin_addr.s_addr = inet_addr("127.0.0.1"); 5553a5a1b3Sopenharmony_ci 5653a5a1b3Sopenharmony_ci r = connect(fd, (struct sockaddr*) &sa, sizeof(sa)); 5753a5a1b3Sopenharmony_ci fail_unless(r >= 0); 5853a5a1b3Sopenharmony_ci 5953a5a1b3Sopenharmony_ci do_ip_acl_check("127.0.0.1", fd, 1); 6053a5a1b3Sopenharmony_ci do_ip_acl_check("127.0.0.2/0", fd, 1); 6153a5a1b3Sopenharmony_ci do_ip_acl_check("127.0.0.1/32", fd, 1); 6253a5a1b3Sopenharmony_ci do_ip_acl_check("127.0.0.1/7", fd, 1); 6353a5a1b3Sopenharmony_ci do_ip_acl_check("127.0.0.2", fd, 0); 6453a5a1b3Sopenharmony_ci do_ip_acl_check("127.0.0.0/8;0.0.0.0/32", fd, 1); 6553a5a1b3Sopenharmony_ci do_ip_acl_check("128.0.0.2/9", fd, 0); 6653a5a1b3Sopenharmony_ci do_ip_acl_check("::1/9", fd, 0); 6753a5a1b3Sopenharmony_ci 6853a5a1b3Sopenharmony_ci close(fd); 6953a5a1b3Sopenharmony_ci 7053a5a1b3Sopenharmony_ci#ifdef HAVE_IPV6 7153a5a1b3Sopenharmony_ci if ( (fd = socket(PF_INET6, SOCK_STREAM, 0)) < 0 ) { 7253a5a1b3Sopenharmony_ci pa_log_error("Unable to open IPv6 socket, IPv6 tests ignored"); 7353a5a1b3Sopenharmony_ci return; 7453a5a1b3Sopenharmony_ci } 7553a5a1b3Sopenharmony_ci 7653a5a1b3Sopenharmony_ci memset(&sa6, 0, sizeof(sa6)); 7753a5a1b3Sopenharmony_ci sa6.sin6_family = AF_INET6; 7853a5a1b3Sopenharmony_ci sa6.sin6_port = htons(22); 7953a5a1b3Sopenharmony_ci fail_unless(inet_pton(AF_INET6, "::1", &sa6.sin6_addr) == 1); 8053a5a1b3Sopenharmony_ci 8153a5a1b3Sopenharmony_ci r = connect(fd, (struct sockaddr*) &sa6, sizeof(sa6)); 8253a5a1b3Sopenharmony_ci fail_unless(r >= 0); 8353a5a1b3Sopenharmony_ci 8453a5a1b3Sopenharmony_ci do_ip_acl_check("::1", fd, 1); 8553a5a1b3Sopenharmony_ci do_ip_acl_check("::1/9", fd, 1); 8653a5a1b3Sopenharmony_ci do_ip_acl_check("::/0", fd, 1); 8753a5a1b3Sopenharmony_ci do_ip_acl_check("::2/128", fd, 0); 8853a5a1b3Sopenharmony_ci do_ip_acl_check("::2/127", fd, 0); 8953a5a1b3Sopenharmony_ci do_ip_acl_check("::2/126", fd, 1); 9053a5a1b3Sopenharmony_ci 9153a5a1b3Sopenharmony_ci close(fd); 9253a5a1b3Sopenharmony_ci#endif 9353a5a1b3Sopenharmony_ci} 9453a5a1b3Sopenharmony_ciEND_TEST 9553a5a1b3Sopenharmony_ci 9653a5a1b3Sopenharmony_ciint main(int argc, char *argv[]) { 9753a5a1b3Sopenharmony_ci int failed = 0; 9853a5a1b3Sopenharmony_ci Suite *s; 9953a5a1b3Sopenharmony_ci TCase *tc; 10053a5a1b3Sopenharmony_ci SRunner *sr; 10153a5a1b3Sopenharmony_ci 10253a5a1b3Sopenharmony_ci if (!getenv("MAKE_CHECK")) 10353a5a1b3Sopenharmony_ci pa_log_set_level(PA_LOG_DEBUG); 10453a5a1b3Sopenharmony_ci 10553a5a1b3Sopenharmony_ci s = suite_create("IP ACL"); 10653a5a1b3Sopenharmony_ci tc = tcase_create("ipacl"); 10753a5a1b3Sopenharmony_ci tcase_add_test(tc, ipacl_test); 10853a5a1b3Sopenharmony_ci suite_add_tcase(s, tc); 10953a5a1b3Sopenharmony_ci 11053a5a1b3Sopenharmony_ci sr = srunner_create(s); 11153a5a1b3Sopenharmony_ci srunner_run_all(sr, CK_NORMAL); 11253a5a1b3Sopenharmony_ci failed = srunner_ntests_failed(sr); 11353a5a1b3Sopenharmony_ci srunner_free(sr); 11453a5a1b3Sopenharmony_ci 11553a5a1b3Sopenharmony_ci return (failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE; 11653a5a1b3Sopenharmony_ci} 117