NKSN_BeginMessage(inst);
+ TEST_CHECK(check_message_format(&inst->message, 0));
+ TEST_CHECK(!check_message_format(&inst->message, 1));
+
TEST_CHECK(!NKSN_AddRecord(inst, 0, 1, record, NKE_MAX_MESSAGE_LENGTH - 4 + 1));
+ TEST_CHECK(check_message_format(&inst->message, 0));
+ TEST_CHECK(!check_message_format(&inst->message, 1));
+
for (i = 0; i < records; i++) {
TEST_CHECK(NKSN_AddRecord(inst, critical, type_start + i, record, record_length));
TEST_CHECK(!NKSN_AddRecord(inst, 0, 1, &record,
NKE_MAX_MESSAGE_LENGTH - inst->message.length - 4 + 1));
+
+ TEST_CHECK(check_message_format(&inst->message, 0));
+ TEST_CHECK(!check_message_format(&inst->message, 1));
}
TEST_CHECK(NKSN_EndMessage(inst));
+
+ TEST_CHECK(check_message_format(&inst->message, 0));
+ TEST_CHECK(check_message_format(&inst->message, 1));
}
static void
verify_message(NKSN_Instance inst)
{
unsigned char buffer[NKE_MAX_MESSAGE_LENGTH];
- int i, c, t, length, buffer_length;
+ int i, c, t, length, buffer_length, msg_length, prev_parsed;
NKE_Key c2s, s2c;
for (i = 0; i < records; i++) {
buffer_length = random() % (record_length + 1);
assert(buffer_length <= sizeof (buffer));
+ prev_parsed = inst->message.parsed;
+ msg_length = inst->message.length;
+
TEST_CHECK(NKSN_GetRecord(inst, &c, &t, &length, buffer, buffer_length));
TEST_CHECK(c == critical);
TEST_CHECK(t == type_start + i);
TEST_CHECK(memcmp(record, buffer, buffer_length) == 0);
if (buffer_length < record_length)
TEST_CHECK(buffer[buffer_length] == 0);
+
+ inst->message.length = inst->message.parsed - 1;
+ inst->message.parsed = prev_parsed;
+ TEST_CHECK(!get_record(&inst->message, NULL, NULL, NULL, buffer, buffer_length));
+ TEST_CHECK(inst->message.parsed == prev_parsed);
+ inst->message.length = msg_length;
+ if (msg_length < 0x8000) {
+ inst->message.data[prev_parsed + 2] ^= 0x80;
+ TEST_CHECK(!get_record(&inst->message, NULL, NULL, NULL, buffer, buffer_length));
+ TEST_CHECK(inst->message.parsed == prev_parsed);
+ inst->message.data[prev_parsed + 2] ^= 0x80;
+ }
+ TEST_CHECK(get_record(&inst->message, NULL, NULL, NULL, buffer, buffer_length));
+ TEST_CHECK(inst->message.parsed > prev_parsed);
}
TEST_CHECK(!NKSN_GetRecord(inst, &critical, &t, &length, buffer, sizeof (buffer)));
*num_cookies = random() % max_cookies + 1;
for (i = 0; i < *num_cookies; i++) {
cookies[i].length = random() % (sizeof (cookies[i].cookie) + 1);
+ if (random() % 4 != 0)
+ cookies[i].length = cookies[i].length / 4 * 4;
memset(cookies[i].cookie, random(), cookies[i].length);
}
info.version = 4;
info.mode = MODE_CLIENT;
info.length = random() % (sizeof (packet) + 1);
+ if (random() % 4 != 0)
+ info.length = info.length / 4 * 4;
if (inst->num_cookies > 0 && random() % 2) {
inst->num_cookies = 0;
static void
prepare_response(NNC_Instance inst, NTP_Packet *packet, NTP_PacketInfo *info, int valid, int nak)
{
- unsigned char cookie[508], plaintext[512], nonce[512];
- int nonce_length, cookie_length, plaintext_length, min_auth_length;
- int index, auth_start;
+ unsigned char cookie[508], plaintext[528], nonce[512];
+ int nonce_length, ef_length, cookie_length, plaintext_length, min_auth_length;
+ int i, index, auth_start;
SIV_Instance siv;
memset(packet, 0, sizeof (*packet));
if (valid)
index = -1;
else
- index = random() % (nak ? 2 : 6);
+ index = random() % (nak ? 2 : 8);
DEBUG_LOG("index=%d nak=%d", index, nak);
DEBUG_LOG("nonce_length=%d cookie_length=%d min_auth_length=%d",
nonce_length, cookie_length, min_auth_length);
-
UTI_GetRandomBytes(nonce, nonce_length);
UTI_GetRandomBytes(cookie, cookie_length);
+ if (cookie_length >= 12 && cookie_length <= 32 && random() % 2 == 0)
+ TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_COOKIE, cookie, cookie_length));
+
plaintext_length = 0;
- if (index != 3)
- TEST_CHECK(NEF_SetField(plaintext, sizeof (plaintext), 0, NTP_EF_NTS_COOKIE,
- cookie, cookie_length, &plaintext_length));
+ if (index != 3) {
+ for (i = random() % ((sizeof (plaintext) - 16) / (cookie_length + 4)); i >= 0; i--) {
+ TEST_CHECK(NEF_SetField(plaintext, sizeof (plaintext), plaintext_length,
+ NTP_EF_NTS_COOKIE, cookie,
+ i == 0 ? cookie_length : random() % (cookie_length + 1) / 4 * 4,
+ &ef_length));
+ plaintext_length += ef_length;
+ }
+ }
auth_start = info->length;
if (index != 4) {
+ if (index == 5) {
+ assert(plaintext_length + 16 <= sizeof (plaintext));
+ memset(plaintext + plaintext_length, 0, 16);
+ plaintext_length += 16;
+ }
siv = SIV_CreateInstance(inst->context.algorithm);
TEST_CHECK(siv);
TEST_CHECK(SIV_SetKey(siv, inst->context.s2c.key, inst->context.s2c.length));
min_auth_length));
SIV_DestroyInstance(siv);
}
- if (index == 5)
+ if (index == 6)
((unsigned char *)packet)[auth_start + 8]++;
+ if (index == 7)
+ TEST_CHECK(NEF_AddField(packet, info, 0x7000, inst->uniq_id, sizeof (inst->uniq_id)));
}
void
if (valid) {
TEST_CHECK(NNC_CheckResponseAuth(inst, &packet, &info));
- TEST_CHECK(inst->num_cookies == MIN(NTS_MAX_COOKIES, prev_num_cookies + 1));
+ TEST_CHECK(inst->num_cookies >= MIN(NTS_MAX_COOKIES, prev_num_cookies + 1));
TEST_CHECK(inst->ok_response);
}
projects / thirdparty / chrony.git / commitdiff
