From: Jorge Pereira <jpereira@freeradius.org>
Date: Wed, 28 Jun 2023 15:11:35 +0000 (-0300)
Subject: tests: Add process tests for dhcpv6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef2b3e01014199c9662b1ccbd8c0bb4fe9752ab3;p=thirdparty%2Ffreeradius-server.git

tests: Add process tests for dhcpv6
---

diff --git a/src/tests/process/dhcpv6/Request b/src/tests/process/dhcpv6/Request
new file mode 100644
index 00000000000..aca92327a94
--- /dev/null
+++ b/src/tests/process/dhcpv6/Request
@@ -0,0 +1,41 @@
+subrequest DHCPv6.Request {
+	&Transaction-ID = 0x1e291d
+
+	&Server-ID.DUID = LLT
+	&Server-ID.DUID.LLT.Hardware-Type = Ethernet
+	&Server-ID.DUID.LLT.Time = "Nov 21 2012 08:36:00 UTC"
+	&Server-ID.DUID.LLT.Hardware-Type.Ethernet.Address = 00:11:22:33:44:55
+
+	&Client-ID.DUID = LL
+	&Client-ID.DUID.LL.Hardware-Type = Ethernet
+	&Client-ID.DUID.LL.Hardware-Type.Ethernet.Address = 00:01:02:03:04:05
+
+	&request += {
+		&Option-Request = DNS-Servers
+		&Option-Request = AFTR-Name
+	}
+
+	&Elapsed-Time = 0
+
+	call dhcpv6 {
+		# 'Request' expects 'Reply'
+		if (&reply.Packet-Type != Reply) {
+			test_fail
+		}
+
+		test_dhcpv6_reply_matches_request
+
+		# ... Server-ID must be inside &reply
+		if (!&reply.Server-ID.DUID.LLT.Hardware-Type) {
+			test_fail
+		}
+
+		if (!&reply.Server-ID.DUID.LLT.Time) {
+			test_fail
+		}
+
+		if (!&reply.Server-ID.DUID.LLT.Hardware-Type.Ethernet.Address) {
+			test_fail
+		}
+	}
+}
diff --git a/src/tests/process/dhcpv6/Solicit b/src/tests/process/dhcpv6/Solicit
new file mode 100644
index 00000000000..765a26dc499
--- /dev/null
+++ b/src/tests/process/dhcpv6/Solicit
@@ -0,0 +1,19 @@
+subrequest DHCPv6.Solicit {
+	&Transaction-ID = 0xd81eb8
+	&Client-ID.DUID = LL
+	&Client-ID.DUID.LL.Hardware-Type = Ethernet
+	&Client-ID.DUID.LL.Hardware-Type.Ethernet.Address = 00:01:02:03:04:05
+	&Option-Request = DNS-Servers
+	&Option-Request = AFTR-Name
+	&Elapsed-Time = 0
+	&IA-PD.T1 = 3600
+	&IA-PD.T2 = 5400
+
+	call dhcpv6 {
+		if (&reply.Packet-Type != Advertise) {
+			test_fail
+		}
+
+		test_dhcpv6_reply_matches_request
+	}
+}
diff --git a/src/tests/process/dhcpv6/policy.conf b/src/tests/process/dhcpv6/policy.conf
new file mode 100644
index 00000000000..5c9b38a750a
--- /dev/null
+++ b/src/tests/process/dhcpv6/policy.conf
@@ -0,0 +1,27 @@
+test_dhcpv6_reply_matches_request {
+	# We should reply the below attributes...
+	if (!&reply.Transaction-ID) {
+		test_fail
+	}
+
+	# ... these must be the same as in &request
+	if (&reply.Transaction-ID != &request.Transaction-ID) {
+		test_fail
+	}
+
+	if (&reply.Client-ID.DUID != &request.Client-ID.DUID) {
+		test_fail
+	}
+
+	if (&request.Option-Request[*] == DNS-Servers) {
+		if (&reply.DNS-Servers[*] != "2a01:cafe:1") {
+			test_fail
+		}
+	}
+
+	if (&request.Option-Request[*] == AFTR-Name) {
+		if (&reply.AFTR-Name != "tapioca.net") {
+			test_fail
+		}
+	}
+}
\ No newline at end of file
diff --git a/src/tests/process/dhcpv6/server.conf b/src/tests/process/dhcpv6/server.conf
new file mode 100644
index 00000000000..175b3e95a42
--- /dev/null
+++ b/src/tests/process/dhcpv6/server.conf
@@ -0,0 +1,111 @@
+#  -*- text -*-
+#
+#  test configuration file.  Do not install.
+#
+#  $Id$
+#
+
+#
+#  Minimal dhcpv6.conf for testing
+#
+
+testdir      = $ENV{TESTDIR}
+output       = $ENV{OUTPUT}
+run_dir      = ${output}
+raddb        = raddb
+pidfile      = ${run_dir}/radiusd.pid
+panic_action = "gdb -batch -x src/tests/panic.gdb %e %p > ${run_dir}/gdb.log 2>&1; cat ${run_dir}/gdb.log"
+
+maindir      = ${raddb}
+radacctdir   = ${run_dir}/radacct
+modconfdir   = ${maindir}/mods-config
+certdir      = ${maindir}/certs
+cadir        = ${maindir}/certs
+test_port    = $ENV{TEST_PORT}
+
+#  Only for testing!
+#  Setting this on a production system is a BAD IDEA.
+security {
+	allow_vulnerable_openssl = yes
+}
+
+policy {
+	$INCLUDE ../policy.conf
+	$INCLUDE policy.conf
+	$INCLUDE ${raddb}/policy.d/control
+}
+
+#
+#  This virtual server is chosen for processing requests when using:
+#
+#	radiusd -Xd src/tests/ -i 127.0.0.1 -p 12340 -n test
+#
+server dhcpv6 {
+	namespace = dhcpv6
+
+	all_dhcp_servers_and_relays = FF02::1:2
+	interface = eth0
+	port = 547
+
+	listen local_network {
+		type = Request
+		type = Solicit
+		type = Information-Request
+
+		transport = udp
+
+		udp {
+			ipaddr = 2001:db8::
+			port = ${...port}
+			interface = ${...interface}
+		}
+	}
+
+	dhcpv6 {
+#		status_code_on_success = no
+#		send_failure_message = no
+#		move_failure_message_to_parent = yes
+	}
+
+	recv Solicit {
+		ok
+	}
+
+	send Advertise {
+		&reply += {
+			&IA-PD.T1 = 150
+			&IA-PD.T2 = 250
+
+			&IA-PD.Options.IA-PD-Prefix.Preferred-Lifetime = 250
+			&IA-PD.Options.IA-PD-Prefix.Valid-Lifetime = 300
+			&IA-PD.Options.IA-PD-Prefix.IPv6-Prefix = 2a00:1:1:100::/56
+
+			&Preference = 10
+
+			&DNS-Servers = 2a01:cafe:1
+			&AFTR-Name = "tapioca.net"
+		}
+
+		ok
+	}
+
+	recv Request {
+		ok
+	}
+
+	send Reply {
+		&reply += {
+			&IA-PD.T1 = 150
+			&IA-PD.T2 = 250
+
+			&IA-PD.Options.IA-PD-Prefix.Preferred-Lifetime = 250
+			&IA-PD.Options.IA-PD-Prefix.Valid-Lifetime = 300
+			&IA-PD.Options.IA-PD-Prefix.IPv6-Prefix = 2a00:1:1:100::/56
+
+			&Preference = 10
+
+			&DNS-Servers = 2a01:cafe:1
+			&AFTR-Name = "tapioca.net"
+		}
+	}
+}