r26 - 2013-07-15 - 05:53:43 - YanZhangYou are here: NTP >  Dev Web > GoogleSummerOfCode > GSoC2010UnitTesting > UnitTestingNotes
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p13 was released on 07 March 2019. It addresses 1 medium-severity security issue in ntpd, and provides 17 non-security bugfixes and 1 other improvements over 4.2.8p12.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

2013 Unit Testing Notes

Related Topics: UnitTestFramework

libntp

This section contains notes about problems that have come up when writing tests for libntp

There are several files and functions have not been covered by test cases. This is mainly because I need to mock some interfaces before I do the test. I will cover them in the second period of GSoC .

In addition, if a file have more than 80% coverage rate, that means only a few branches have not been reached yet, and I would like to ignore them for this moment.

audio.c

This file provides audio interface for reference clock audio drivers.

  • mixer_name() : get mixer name index.
  • audio_config_read() : check whether the config files exist and read config from files.
  • audio_init() : open and initialize audio device
  • audio_gain() : adjust codec gains and port
  • audio_show() : display audio parameters

These functions involves ioctl(), in order to test these functions, I need to mock the system functions first.

authkeys.c

Routines to manage the storage of authentication keys

  • auth_findkey() - find a key in the hash table
  • auth_agekeys() - delete keys whose lifetimes have expired
  • authencrypt() - generate message authenticator
  • authdecrypt() - verify message authenticator

These functions have be tested , but some critical branches have not been reached yet.

authreadkeys.c

Routines to support the reading of the key file

  • authreadkeys() - some branches have not been reached yet.

clocktypes.c

Data for pretty printing clock types

This function is simply print messages, so i just ignored it.

icom.c

Program to control ICOM radios

  • icom_init() - open and initialize serial interface(tty)
  • icom_freq() - load radio frequency

These functions involves tty_open() and write(), in order to test these functions, I need to mock the system functions first.

machines.c

provide special support for peculiar architectures

  • ntp_set_tod() - set current time

No clear output for this function. So I decided to ignore it.

msyslog.c

Either send a message to the terminal or print it on standard output

This file is another gsoc project and codes will be changed soon, so I just push 1 test case to master.

ntp_calendar.c

Calendar and helper functions

  • ntpcal_get_build_date() - No proper output. So I decided to ignore it.

ntp_intres.c

Implements a generic blocking worker child or thread, initially to provide a nonblocking solution for DNS reslove.

Not tested yet, I need to mock the related system functions first.

ntp_libopts.c

  • ntpOptionPrintVersion() will cause program exit, so I ignore it.

ntp_rfc2553.c

Just copy information from one place to another, so I ignore it.

numtoa.c

numtoa.c

prettydate.c

Just some branches not covered yet.

recvbuff.c

  • purge_recv_buffers_for_fd() - purges any previously-received input from a given file descriptor.

Not tested yet, I need to mock the related system functions first.

socket.c

low-level socket operations

This is all abhout low-level op, so I like to ignore it first

syssignal.c

low-level signal api

This is all abhout low-level op, so I like to ignore it first

systime.c

routines to fiddle a UNIX clock.

working by another student, I ignore it.

work_thread.c

work_fork.c

Threads implementation for blocking worker child.

This is all abhout low-level op, so I like to ignore it first


2011 Unit Testing Notes

Related Topics: UnitTestFramework

libisc

This section contains notes about problems that have come up when writing tests for libisc.

intefaceiter.c

Quite hard to test since there are several different implementations depending on platform). Also this file actually =#include='s other =.c=-files which can be confusing at first.

  • isc_interfaceiter_create()
  • isc_interfaceiter_current()
  • isc_interfaceiter_destroy()
  • isc_interfaceiter_first()
  • isc_interfaceiter_next()

net.c

  • isc_net_probeipv4()
  • isc_net_probeipv6()
  • isc_net_probe_ipv6only()

libntp

This section contains notes about problems that have come up when writing tests for libntp. All these problems are meant to be handled later, but are written here so that they are not forgotten.

adjtime.c

Contains platform specific implementations of adjtime() for MPE, HPUX and QNX.

audio.c

  • audio_config_read(): Reads a configuration file from disk, test the same way as authreadkeys.c. This method is static, which makes it hard to test. Also the paths are hard-coded, which makes it tricky.
  • audio_init(): Opens a file descriptor that are supposed to be a sound device.

emalloc.c

  • Contains various functions that allocate memory.

findconfig.c

Contains a special code for findconfig() on HPUX, platform specific tests needed.

icom.c

  • icom_init(): Returns a file descriptor, after it has opened a serial link with some properties.

iosignal.c

  • init_clock_sig(): Sends low-level commands with ioctl() to device.
  • init_socket_sig(): Contains various calls to ioctrl() or fcntl().
  • Other functions call different functions in syssignal.c

machines.c

Tons of machine-specific code (mostly for MPE).

mktime.c

mktime() is available as a system function on some system, but libntp also has an implementation for those systems that don't have this built-in.

  • Later on, try to always test the version in mktime.c, even if the system already provides it.

ntp_intres.c

See ntp_worker.c

ntp_rfc2553.c

NTP implementations of getnameinfo() and getaddrinfo(), used when the system provided functions does not support IPv6.

ntp_worker.c

  • Code moved to libntp from ntpd. Check NtpdFunctionMap for ideas on testing.

prettydate.c

  • Needs more tests than currently written.
  • ntp2unix_tm() is not used anywhere in the project.

socket.c

Unfortunatly, fcntl() can't be mocked since it is required by the testing framework to execute death tests. Both functions in socket.c calls fcntl().

strl_obsd.c

  • strlcpy() and friends. Not tested, but the code is from OpenBSD and probably quite stable.

snprintf.c

See mktime.c, this code is also (mostly) from outside NTP (like strlcpy()).

systime.c

  • adj_systime(): Adjusts the system's clock by calling adjtime().
  • get_systime(): Returns system time as a l_fp. Tests need to mocks for system functions returning the system time (that would be clock_gettime() or getclock()).
  • step_systime(): Steps the clock using the (platform-dependent) code in machines.c. Tests needs a way to mock clock_gettime()=/=getclock(), ntp_set_tod() and functions writing to utmp/utmpx/wtmp/wtmpx.

work_fork.c

See ntp_worker.c

work_thread.c

See ntp_worker.c

sntp (may be outdated)

Areas to test in sntp

The section contains initial documentation about tests for sntp.

Authentication

Signing and verification of packets

File handling

Reading of:

  • Keyfile
  • KoD-file

Writing of:

  • KoD-file
  • Log file

KoD-database

The storage and retrieval of KoD-entries in memory.

Utilities

Formatting functions, converting internal types to a format suitable for printing to file or screen.

Option handling

The retrieval of command line options.

Networking

  • Packet sending and reception.
  • Packet processing.

Name lookups and host connectivity

  • Name resolution.
  • Host connectivity.

General

  • Honour of KoD entries
  • Time calculations

Test coverage description

Authentication

Test that:

  • Packets can be signed correctly
  • Verfication of signed packets works
  • Packet processing can handle different authentication schemes (DES, MD5, SHA)
  • Packet processing discards packets that have an invalid or unknown signature.

File handling

For key files, test that:

  • Key files with different number of items can be parsed into a linked list of keys.
  • Keys in the key file can be written in different formats, and still be parsed correctly.
  • The loaded keys can be retrived with get_key().

For KoD-files, test that:

  • The current KoD-database in memory can be written to file
  • A KoD-file can be read into memory again
  • Blank lines are ignored when reading.

For log files, test that:

  • Messages gets written to a file, unless syslog-logging is enabled.

KoD-database

Test that:

  • Search of entries works for when there are no, a single, or multiple matches for the given hostname.
  • No duplicate entries are added, instead the timestamp of the current entry should be updated. (Should this happen even if the KoD-type differs? No such check is done atm)
  • Deletion works as expected.

Utilities

Test that:

  • sockaddr_u and addrinfo can be formatted to a string (both IPv4 and IPv6!)

Option handling

Test that:

  • Option passed on the command-line are parsed. For example, test the KoD-filename parameter (-K, --kod), ensuring that the given filename is stored in the correct variable afterwards.

Networking

Test that:

  • resolve_hosts() can resolve multiple addresses in one call, only returning the addresses for those hosts that succeeded. To avoid name resolution, the sent in hostnames could be IPv4/6 addresses.
  • Packet sending and reception works, I think this will be among the last things done, because I'm not sure how to test the code that actually sends/receives the packets.
  • Packet processing error checking works; exercise it with invalid lengths.
  • Packet processing sees KoD-packets, and recognizes if the remote server is out of sync.
  • Packet generation in on_wire() generates good packets. To test this, either the call to sendpkt() should be intercepted, or the generation of the packet moved to a standalone function.

General

Test that:

  • Upon reception of a KoD-packet, it is added to the KoD-database. (Not sure if this is in the scope of unit testing though).
  • The time offset calculations is done according to the formulas on p. 13 in RFC 4330. The easiest way to do that would be to be move the current code from on_wire() to a separate function, to separate it from the network handling code.

Refactoring to make testing possible/easier

main.c:on_wire()

Requirements

The refactoring should make testing of the follow functionality possible, without having to send or receive packets on the network.

  • Generation of packets (main.c:210-233)
  • Packet parsing (main.c:240-352)
  • Time offset calculations (main.c:290-345)
  • The time offset calculations may be merged with packet processing tests, but I think there is a benifit to be able to test the calculations separetely.

Remaining tests

main.c:

  • sntp_main(): The real main function, glues everything together. To increase the test coverage, some code should be moved to separate functions. An important test would be to move the code that checks for previous KoD -entries to a separate function.
  • on_wire(): Doesn't contain that much logic, most of the testable/interesting code have already been moved out to new functions. The remaining code mostly creates network stuff.
  • set_time(): The conversion between double offset to timeval might be good to test, there is a bug report about this in Bugzilla. To do this, a refactoring is needed, so that system time is not altered.

networking.c:

* create_socket(): Only creates a socket with the given destination, nothing to test really. * sendpkt(): Calls sendto(), and puts the bytes out on the network. Doesn't really care about what data it sends. * recvdata(): Calls recvfrom(), and gets the bytes frin the network. Doesn't really care about what data it receives. * recv_bcst_data(): This needs to be tested, and some of this code could probably be moved to recv_bcst_pkt(), to get a more uniform design (with recvpkt()). The error checking code (that checks if different addresses are valid for broadcast/multicast) could perhaps be extracted to a new function to simplify testing. * recv_bcst_pkt(): Calls recv_bcst_data(), and process_pkt(), nothing more. * recvpkt(): Tests should try to see what happends when select() get a timeout. * is_reachable(): Test if a host is reachable, could be tested if we have a known host that is reliable, so we can connect to it.

utilities.c:

  • tv_to_str(): Uses a call to localtime to print the local time.

-- LinusKarlsson - 2010-06-18

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r26 < r25 < r24 < r23 < r22 | More topic actions
 
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback