From: Francis Dupont Date: Thu, 18 Dec 2025 23:39:07 +0000 (+0100) Subject: [#4265] Fixed bug and updated UTs X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4fa1fde446c58f9d7aac4cb7dd63b3f584b5bbbe;p=thirdparty%2Fkea.git [#4265] Fixed bug and updated UTs --- diff --git a/changelog_unreleased/4265-exchange-timeout-parameter-is-ignored b/changelog_unreleased/4265-exchange-timeout-parameter-is-ignored new file mode 100644 index 0000000000..ae162afde3 --- /dev/null +++ b/changelog_unreleased/4265-exchange-timeout-parameter-is-ignored @@ -0,0 +1,4 @@ +[bug] fdupont + The "exchange-timeout" parameter of GSS-TSIG hook library + configuration is no longer ignored. + (Gitlab #4265) diff --git a/src/hooks/d2/gss_tsig/gss_tsig_cfg.cc b/src/hooks/d2/gss_tsig/gss_tsig_cfg.cc index 78c5a8c05b..cbea1e2c8b 100644 --- a/src/hooks/d2/gss_tsig/gss_tsig_cfg.cc +++ b/src/hooks/d2/gss_tsig/gss_tsig_cfg.cc @@ -296,6 +296,7 @@ const SimpleKeywords GssTsigCfg::GLOBAL_PARAMETERS = { { "retry-interval", Element::integer }, { "tkey-protocol", Element::string }, { "fallback", Element::boolean }, + { "exchange-timeout", Element::integer }, { "servers", Element::list }, { "user-context", Element::map }, { "comment", Element::string } @@ -697,7 +698,7 @@ GssTsigCfg::configure(ConstElementPtr params) { srv->setFallback(fallback->boolValue()); } - ConstElementPtr tkey_timeout = params->get("exchange-timeout"); + ConstElementPtr tkey_timeout = map->get("exchange-timeout"); if (!tkey_timeout) { tkey_timeout = global_tkey_timeout; } diff --git a/src/hooks/d2/gss_tsig/tests/gss_tsig_cfg_unittests.cc b/src/hooks/d2/gss_tsig/tests/gss_tsig_cfg_unittests.cc index 5cf6065b49..f9e469d066 100644 --- a/src/hooks/d2/gss_tsig/tests/gss_tsig_cfg_unittests.cc +++ b/src/hooks/d2/gss_tsig/tests/gss_tsig_cfg_unittests.cc @@ -667,6 +667,7 @@ TEST(GssTsigCfgTest, configure) { "\"retry-interval\": 240,\n" "\"tkey-lifetime\": 7200,\n" "\"tkey-protocol\": \"UDP\",\n" + "\"exchange-timeout\": 2000,\n" "\"servers\": [\n" " {\n" " \"domain-names\": [ ],\n" @@ -679,7 +680,8 @@ TEST(GssTsigCfgTest, configure) { " \"rekey-interval\": 64800,\n" " \"retry-interval\": 2880,\n" " \"tkey-lifetime\": 86400,\n" - " \"tkey-protocol\": \"UDP\"\n" + " \"tkey-protocol\": \"UDP\",\n" + " \"exchange-timeout\": 4000\n" " },{\n" " \"id\": \"bar\",\n" " \"ip-address\": \"192.0.2.2\",\n" @@ -713,6 +715,7 @@ TEST(GssTsigCfgTest, configure) { EXPECT_EQ(2880, server->getRetryInterval()); EXPECT_EQ(86400, server->getKeyLifetime()); EXPECT_EQ(IOFetch::UDP, server->getKeyProto()); + EXPECT_EQ(4000, server->getExchangeTimeout()); ASSERT_NO_THROW(server = servers.at(1)); ASSERT_TRUE(server); @@ -728,6 +731,7 @@ TEST(GssTsigCfgTest, configure) { EXPECT_EQ(240, server->getRetryInterval()); EXPECT_EQ(7200, server->getKeyLifetime()); EXPECT_EQ(IOFetch::UDP, server->getKeyProto()); + EXPECT_EQ(2000, server->getExchangeTimeout()); } /// @brief Check configure requires a map. @@ -833,6 +837,13 @@ TEST(GssTsigCfgTest, configureUnexpectedType) { expected += location; EXPECT_THROW_MSG(cfg.configure(json), BadValue, expected); + config = "{ \"exchange-timeout\": false }"; + ASSERT_NO_THROW(json = Element::fromJSON(config)); + ASSERT_TRUE(json); + expected = "gss_tsig 'exchange-timeout' parameter is not an integer"; + expected += location; + EXPECT_THROW_MSG(cfg.configure(json), BadValue, expected); + config = "{ \"user-context\": [ ] }"; ASSERT_NO_THROW(json = Element::fromJSON(config)); ASSERT_TRUE(json); @@ -949,6 +960,13 @@ TEST(GssTsigCfgTest, configureUnexpectedType) { expected += location; EXPECT_THROW_MSG(cfg.configure(json), BadValue, expected); + config = prefix + " \"exchange-timeout\": false } ] }"; + ASSERT_NO_THROW(json = Element::fromJSON(config)); + ASSERT_TRUE(json); + expected = "gss_tsig server 'exchange-timeout' parameter is not an integer"; + expected += location; + EXPECT_THROW_MSG(cfg.configure(json), BadValue, expected); + config = prefix + " \"user-context\": [ ] } ] }"; ASSERT_NO_THROW(json = Element::fromJSON(config)); ASSERT_TRUE(json); @@ -1056,6 +1074,20 @@ TEST(GssTsigCfgTest, configureBadParameter) { expected = "'tkey-protocol' parameter must be UDP or TCP (:1:129)"; EXPECT_THROW_MSG(cfg.configure(json), BadValue, expected); + config = prefix + " \"exchange-timeout\": -1 } ] }"; + ASSERT_NO_THROW(json = Element::fromJSON(config)); + ASSERT_TRUE(json); + expected = "'exchange-timeout' parameter is out of range "; + expected += "[0..4294967295] (:1:132)"; + EXPECT_THROW_MSG(cfg.configure(json), BadValue, expected); + + config = prefix + " \"exchange-timeout\": 4294967296 } ] }"; + ASSERT_NO_THROW(json = Element::fromJSON(config)); + ASSERT_TRUE(json); + expected = "'exchange-timeout' parameter is out of range "; + expected += "[0..4294967295] (:1:132)"; + EXPECT_THROW_MSG(cfg.configure(json), BadValue, expected); + config = "{ \"servers\": [ { \"id\": \"\" } ] }"; ASSERT_NO_THROW(json = Element::fromJSON(config)); ASSERT_TRUE(json);