External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-11-05 21:01:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
6caf51d527
libvirt/tests/nwfilterxml2xmltest.c

138 lines
3.5 KiB
C
Raw Normal View History

This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
#include <config.h>
#include <unistd.h>
#include <sys/types.h>
#include <fcntl.h>
#include "internal.h"
#include "testutils.h"
#include "nwfilter_conf.h"
Introduce OOM reporting to virAsprintf Actually, I'm turning this function into a macro as filename, function name and line number needs to be passed. The new function virAsprintfInternal is introduced with the extended set of arguments.
2013-06-07 15:10:28 +00:00
#define VIR_FROM_THIS VIR_FROM_NONE
tests: Lower stack usage below 4096 bytes Make virtTestLoadFile allocate the buffer to read the file into. Fix logic error in virtTestLoadFile, stop reading on the first empty line. Use virFileReadLimFD in virtTestCaptureProgramOutput to avoid manual buffer handling.
2011-04-24 22:25:10 +00:00
static int
testCompareXMLToXMLFiles(const char *inxml, const char *outxml,
bool expect_error)
{
tests: nwfilter: use g_autofree Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
2021-09-04 20:36:29 +00:00
g_autofree char *actual = NULL;
src/tests: use g_autoptr for virNWFilterDef and virNWFilterRuleDef Use g_autoptr() for virNWFilterDef and virNWFilterRuleDef and remove unnecessary label. Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-10 11:29:26 +00:00
g_autoptr(virNWFilterDef) def = NULL;
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
tests: Fix detection of expected errors
2010-11-29 13:11:53 +00:00
virResetLastError();
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
src/tests: use g_autoptr for virNWFilterDef and virNWFilterRuleDef Use g_autoptr() for virNWFilterDef and virNWFilterRuleDef and remove unnecessary label. Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-10 11:29:26 +00:00
if (!(def = virNWFilterDefParse(NULL, inxml, 0))) {
Don't ignore errors parsing nwfilter rules For inexplicable reasons, the nwfilter XML parser is intentionally ignoring errors that arise during parsing. As well as meaning that users don't get any feedback on their XML mistakes, this will lead it to silently drop data in OOM conditions. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-09-25 14:26:58 +00:00
if (expect_error) {
virResetLastError();
src/tests: use g_autoptr for virNWFilterDef and virNWFilterRuleDef Use g_autoptr() for virNWFilterDef and virNWFilterRuleDef and remove unnecessary label. Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-10 11:29:26 +00:00
return 0;
Don't ignore errors parsing nwfilter rules For inexplicable reasons, the nwfilter XML parser is intentionally ignoring errors that arise during parsing. As well as meaning that users don't get any feedback on their XML mistakes, this will lead it to silently drop data in OOM conditions. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-09-25 14:26:58 +00:00
}
src/tests: use g_autoptr for virNWFilterDef and virNWFilterRuleDef Use g_autoptr() for virNWFilterDef and virNWFilterRuleDef and remove unnecessary label. Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-10 11:29:26 +00:00
return -1;
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
}
src/tests: use g_autoptr for virNWFilterDef and virNWFilterRuleDef Use g_autoptr() for virNWFilterDef and virNWFilterRuleDef and remove unnecessary label. Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-10 11:29:26 +00:00
if (!(actual = virNWFilterDefFormat(def)))
return -1;
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
tests: Rename virtTestCompareToFile to virTestCompareToFile. This function doesn't follow our convention of naming functions.
2016-05-26 15:01:53 +00:00
if (virTestCompareToFile(actual, outxml) < 0)
src/tests: use g_autoptr for virNWFilterDef and virNWFilterRuleDef Use g_autoptr() for virNWFilterDef and virNWFilterRuleDef and remove unnecessary label. Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-10 11:29:26 +00:00
return -1;
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
src/tests: use g_autoptr for virNWFilterDef and virNWFilterRuleDef Use g_autoptr() for virNWFilterDef and virNWFilterRuleDef and remove unnecessary label. Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-10 11:29:26 +00:00
return 0;
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
}
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
typedef struct test_parms {
const char *name;
bool expect_warning;
} test_parms;
tests: Lower stack usage below 4096 bytes Make virtTestLoadFile allocate the buffer to read the file into. Fix logic error in virtTestLoadFile, stop reading on the first empty line. Use virFileReadLimFD in virtTestCaptureProgramOutput to avoid manual buffer handling.
2011-04-24 22:25:10 +00:00
static int
testCompareXMLToXMLHelper(const void *data)
{
int result = -1;
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
const test_parms *tp = data;
tests: nwfilter: use g_autofree Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
2021-09-04 20:36:29 +00:00
g_autofree char *inxml = NULL;
g_autofree char *outxml = NULL;
tests: Lower stack usage below 4096 bytes Make virtTestLoadFile allocate the buffer to read the file into. Fix logic error in virtTestLoadFile, stop reading on the first empty line. Use virFileReadLimFD in virtTestCaptureProgramOutput to avoid manual buffer handling.
2011-04-24 22:25:10 +00:00
tests: Use g_strdup_printf() instead of virAsprintf() Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2019-10-22 13:26:14 +00:00
inxml = g_strdup_printf("%s/nwfilterxml2xmlin/%s.xml", abs_srcdir, tp->name);
outxml = g_strdup_printf("%s/nwfilterxml2xmlout/%s.xml", abs_srcdir, tp->name);
tests: Lower stack usage below 4096 bytes Make virtTestLoadFile allocate the buffer to read the file into. Fix logic error in virtTestLoadFile, stop reading on the first empty line. Use virFileReadLimFD in virtTestCaptureProgramOutput to avoid manual buffer handling.
2011-04-24 22:25:10 +00:00
result = testCompareXMLToXMLFiles(inxml, outxml, tp->expect_warning);
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
tests: Lower stack usage below 4096 bytes Make virtTestLoadFile allocate the buffer to read the file into. Fix logic error in virtTestLoadFile, stop reading on the first empty line. Use virFileReadLimFD in virtTestCaptureProgramOutput to avoid manual buffer handling.
2011-04-24 22:25:10 +00:00
return result;
}
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
static int
tests: simplify common setup A few of the tests were missing basic sanity checks, while most of them were doing copy-and-paste initialization (in fact, some of them pasted the argc > 1 check more than once!). It's much nicer to do things in one common place, and minimizes the size of the next patch that fixes getcwd usage. * tests/testutils.h (EXIT_AM_HARDFAIL): New define. (progname, abs_srcdir): Define for all tests. (VIRT_TEST_MAIN): Change callback signature. * tests/testutils.c (virtTestMain): Do more common init. * tests/commandtest.c (mymain): Simplify. * tests/cputest.c (mymain): Likewise. * tests/esxutilstest.c (mymain): Likewise. * tests/eventtest.c (mymain): Likewise. * tests/hashtest.c (mymain): Likewise. * tests/networkxml2xmltest.c (mymain): Likewise. * tests/nodedevxml2xmltest.c (myname): Likewise. * tests/nodeinfotest.c (mymain): Likewise. * tests/nwfilterxml2xmltest.c (mymain): Likewise. * tests/qemuargv2xmltest.c (mymain): Likewise. * tests/qemuhelptest.c (mymain): Likewise. * tests/qemuxml2argvtest.c (mymain): Likewise. * tests/qemuxml2xmltest.c (mymain): Likewise. * tests/qparamtest.c (mymain): Likewise. * tests/sexpr2xmltest.c (mymain): Likewise. * tests/sockettest.c (mymain): Likewise. * tests/statstest.c (mymain): Likewise. * tests/storagepoolxml2xmltest.c (mymain): Likewise. * tests/storagevolxml2xmltest.c (mymain): Likewise. * tests/virbuftest.c (mymain): Likewise. * tests/virshtest.c (mymain): Likewise. * tests/vmx2xmltest.c (mymain): Likewise. * tests/xencapstest.c (mymain): Likewise. * tests/xmconfigtest.c (mymain): Likewise. * tests/xml2sexprtest.c (mymain): Likewise. * tests/xml2vmxtest.c (mymain): Likewise.
2011-04-29 16:21:20 +00:00
mymain(void)
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
{
int ret = 0;
Remove backslash alignment attempts Right-aligning backslashes when defining macros or using complex commands in Makefiles looks cute, but as soon as any changes is required to the code you end up with either distractingly broken alignment or unnecessarily big diffs where most of the changes are just pushing all backslashes a few characters to one side. Generated using $ git grep -El '[[:blank:]][[:blank:]]\\$' | \ grep -E '*\.([chx]|am|mk)$$' | \ while read f; do \ sed -Ei 's/[[:blank:]]*[[:blank:]]\\$/ \\/g' "$f"; \ done Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2017-11-03 12:09:47 +00:00
#define DO_TEST(NAME, EXPECT_WARN) \
do { \
test_parms tp = { \
.name = NAME, \
.expect_warning = EXPECT_WARN, \
}; \
if (virTestRun("NWFilter XML-2-XML " NAME, \
testCompareXMLToXMLHelper, (&tp)) < 0) \
ret = -1; \
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
} while (0)
nwfilterxml2xmltest: Rename cases with XMLs not conforming to schema There's quite a few negative tests. In anticipation of schema testing of the 'nwfilterxml2xmlin' directory rename all negative/non-conformant XMLs with the -invalid suffix. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-10-07 12:45:55 +00:00
DO_TEST("mac-test-invalid", true);
DO_TEST("vlan-test-invalid", true);
Add test cases for STP traffic filtering This patch adds a few test cases for the XML parsing of STP filtering nodes. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-22 20:12:03 +00:00
DO_TEST("stp-test", false);
nwfilterxml2xmltest: Rename cases with XMLs not conforming to schema There's quite a few negative tests. In anticipation of schema testing of the 'nwfilterxml2xmlin' directory rename all negative/non-conformant XMLs with the -invalid suffix. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-10-07 12:45:55 +00:00
DO_TEST("arp-test-invalid", true);
DO_TEST("rarp-test-invalid", true);
DO_TEST("ip-test-invalid", true);
DO_TEST("ipv6-test-invalid", true);
DO_TEST("tcp-test-invalid", true);
DO_TEST("udp-test-invalid", true);
DO_TEST("icmp-test-invalid", true);
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
DO_TEST("igmp-test", false);
nwfilterxml2xmltest: Rename cases with XMLs not conforming to schema There's quite a few negative tests. In anticipation of schema testing of the 'nwfilterxml2xmlin' directory rename all negative/non-conformant XMLs with the -invalid suffix. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-10-07 12:45:55 +00:00
DO_TEST("sctp-test-invalid", true);
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
DO_TEST("udplite-test", false);
DO_TEST("esp-test", false);
DO_TEST("ah-test", false);
DO_TEST("all-test", false);
nwfilterxml2xmltest: Rename cases with XMLs not conforming to schema There's quite a few negative tests. In anticipation of schema testing of the 'nwfilterxml2xmlin' directory rename all negative/non-conformant XMLs with the -invalid suffix. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-10-07 12:45:55 +00:00
DO_TEST("tcp-ipv6-test-invalid", true);
DO_TEST("udp-ipv6-test-invalid", true);
DO_TEST("icmpv6-test-invalid", true);
DO_TEST("sctp-ipv6-test-invalid", true);
DO_TEST("udplite-ipv6-test-invalid", true);
DO_TEST("esp-ipv6-test-invalid", true);
DO_TEST("ah-ipv6-test-invalid", true);
DO_TEST("all-ipv6-test-invalid", true);
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
DO_TEST("ref-test", false);
DO_TEST("ref-rule-test", false);
DO_TEST("ipt-no-macspoof-test", false);
DO_TEST("icmp-direction-test", false);
DO_TEST("icmp-direction2-test", false);
DO_TEST("icmp-direction3-test", false);
DO_TEST("conntrack-test", false);
nwfilterxml2xmltest: Rename cases with XMLs not conforming to schema There's quite a few negative tests. In anticipation of schema testing of the 'nwfilterxml2xmlin' directory rename all negative/non-conformant XMLs with the -invalid suffix. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-10-07 12:45:55 +00:00
DO_TEST("hex-data-test-invalid", true);
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
nwfilterxml2xmltest: Rename cases with XMLs not conforming to schema There's quite a few negative tests. In anticipation of schema testing of the 'nwfilterxml2xmlin' directory rename all negative/non-conformant XMLs with the -invalid suffix. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-10-07 12:45:55 +00:00
DO_TEST("comment-test-invalid", true);
test: silence nwfilter test This patch silences the nwfilter test case.
2010-10-14 00:11:25 +00:00
DO_TEST("example-1", false);
DO_TEST("example-2", false);
nwfilter: Add test case for testing the state attribute This patch adds a test case for testing the XML parser's and instantiator's support of the state attribute. The other test case tests existing capabilities. Both test cases will be used in TCK again.
2010-10-07 10:43:35 +00:00
nwfilterxml2xmltest: Add test case for parser and formatter quirks The parser and formatter for nwfilter rules is very strange and has weird quirks. Add a test case trying to capture some of the quirks to visualize how it will change when the code is refactored. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-02-16 09:46:41 +00:00
/* The parser and formatter for nwfilter rules was written in a quirky way.
* Validate that it still works. Note that the files don't conform to the
* schema */
DO_TEST("quirks-invalid", false);
nwfilterxml2xmltest: Rename cases with XMLs not conforming to schema There's quite a few negative tests. In anticipation of schema testing of the 'nwfilterxml2xmlin' directory rename all negative/non-conformant XMLs with the -invalid suffix. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-10-07 12:45:55 +00:00
DO_TEST("chain_prefixtest1-invalid", true); /* derived from arp-test */
Add test cases Add test case for the chain names with known prefixes and the chain priority. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-18 16:58:18 +00:00
Add test cases for parsing of list values This patch adds test cases for parsing of parameters with multiple occurrances of the same name. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-18 16:58:18 +00:00
DO_TEST("attr-value-test", false);
Add test cases for new ways to access variables in filters This patch adds a couple of XML parser / schema validator test cases for the new 'ways' to access variables via index or iterator.
2012-01-11 11:42:37 +00:00
DO_TEST("iter-test1", false);
DO_TEST("iter-test2", false);
DO_TEST("iter-test3", false);
Add test cases for parsing of list values This patch adds test cases for parsing of parameters with multiple occurrances of the same name. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-18 16:58:18 +00:00
nwfilter: Add support for ipset This patch adds support for the recent ipset iptables extension to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets' of IP addresses, ports and other packet parameters and allows for faster lookup (in the order of O(1) vs. O(n)) and rule evaluation to achieve higher throughput than what can be achieved with individual iptables rules. On the command line iptables supports ipset using iptables ... -m set --match-set <ipset name> <flags> -j ... where 'ipset name' is the name of a previously created ipset and flags is a comma-separated list of up to 6 flags. Flags use 'src' and 'dst' for selecting IP addresses, ports etc. from the source or destination part of a packet. So a concrete example may look like this: iptables -A INPUT -m set --match-set test src,src -j ACCEPT Since ipset management is quite complex, the idea was to leave ipset management outside of libvirt but still allow users to reference an ipset. The user would have to make sure the ipset is available once the VM is started so that the iptables rule(s) referencing the ipset can be created. Using XML to describe an ipset in an nwfilter rule would then look as follows: <rule action='accept' direction='in'> <all ipset='test' ipsetflags='src,src'/> </rule> The two parameters on the command line are also the two distinct XML attributes 'ipset' and 'ipsetflags'. FYI: Here is the man page for ipset: https://ipset.netfilter.org/ipset.man.html Regards, Stefan
2012-05-21 10:26:34 +00:00
DO_TEST("ipset-test", false);
Require spaces around equality comparisons Commit a1cbe4b5 added a check for spaces around assignments and this patch extends it to checks for spaces around '=='. One exception is virAssertCmpInt where comma after '==' is acceptable (since it is a macro and '==' is its argument). Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-03-17 09:38:38 +00:00
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
This patch adds a couple of test cases for the XML parsing test suite covering various filterable protocols. For each test case an input XML and an output XML is provided checking the input XML after parsing and converting back into XML against the exepcted output XML. Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
2010-04-02 17:28:28 +00:00
}
tests: Rename VIRT_TEST_* macros to VIR_TEST_* We use the "vir" prefix pretty consistently in our APIs, both external and internal, which made these macros stood out.
2017-03-29 14:45:42 +00:00
VIR_TEST_MAIN(mymain)
Reference in New Issue Copy Permalink