Example #1
0
func TestUsmUpdateEngineBootsTime(t *testing.T) {
	sec := snmpgo.NewUsm()

	sec.UpdatedTime = time.Unix(time.Now().Unix()-int64(10), 0)
	err := sec.UpdateEngineBootsTime()
	if err != nil || sec.AuthEngineTime < 9 || sec.AuthEngineTime > 11 {
		t.Error("EngineBootsTime() - update authEnginetime")
	}

	sec.UpdatedTime = time.Unix(time.Now().Unix()-int64(10), 0)
	sec.AuthEngineTime = math.MaxInt32
	err = sec.UpdateEngineBootsTime()
	if err != nil || sec.AuthEngineBoots != 1 ||
		(sec.AuthEngineTime < 9 || sec.AuthEngineTime > 11) {
		t.Error("EngineBootsTime() - carry-over authEngineBoots")
	}

	sec.UpdatedTime = time.Unix(time.Now().Unix()-int64(10), 0)
	sec.AuthEngineBoots = math.MaxInt32 - 1
	sec.AuthEngineTime = math.MaxInt32
	err = sec.UpdateEngineBootsTime()
	if err == nil {
		t.Error("EngineBootsTime() - max authEngineBoots")
	}
}
Example #2
0
func TestUsmTimeliness(t *testing.T) {
	sec := snmpgo.NewUsm()

	err := sec.CheckTimeliness(math.MaxInt32, 0)
	if err == nil {
		t.Error("Timeliness() - max authEngineBoots")
	}

	sec.AuthEngineBoots = 1
	err = sec.CheckTimeliness(0, 0)
	if err == nil {
		t.Error("Timeliness() - lose authEngineBoots")
	}

	sec.AuthEngineBoots = 0
	err = sec.CheckTimeliness(0, 151)
	if err == nil {
		t.Error("Timeliness() - lose authEngineTime")
	}

	err = sec.CheckTimeliness(0, 150)
	if err != nil {
		t.Errorf("Timeliness() - has error %v", err)
	}
}
Example #3
0
func TestUsm(t *testing.T) {
	expUser := []byte("myUser")
	expEngId := []byte{0x80, 0x00, 0x00, 0x00, 0x01}
	expCtxId := []byte{0x80, 0x00, 0x00, 0x00, 0x05}
	expCtxName := "myName"
	snmp, _ := snmpgo.NewSNMP(snmpgo.SNMPArguments{
		Version:         snmpgo.V3,
		UserName:        string(expUser),
		SecurityLevel:   snmpgo.AuthPriv,
		AuthPassword:    "******",
		AuthProtocol:    snmpgo.Md5,
		PrivPassword:    "******",
		PrivProtocol:    snmpgo.Des,
		ContextEngineId: hex.EncodeToString(expCtxId),
		ContextName:     expCtxName,
	})
	sec := snmpgo.NewUsm()
	pdu := snmpgo.NewPdu(snmpgo.V3, snmpgo.GetRequest)
	spdu := pdu.(*snmpgo.ScopedPdu)
	smsg := snmpgo.ToMessageV3(snmpgo.NewMessage(snmpgo.V3, pdu))
	smsg.SetAuthentication(false)
	smsg.SetPrivacy(false)

	// Discovery
	err := sec.GenerateRequestMessage(snmp, smsg)
	if err != nil {
		t.Errorf("GenerateRequestMessage() - has error %v", err)
	}
	if !bytes.Equal(spdu.ContextEngineId, expCtxId) {
		t.Errorf("GenerateRequestMessage() - expected [%s], actual [%s]",
			expCtxId, spdu.ContextEngineId)
	}
	if string(spdu.ContextName) != expCtxName {
		t.Errorf("GenerateRequestMessage() - expected [%s], actual [%s]",
			expCtxName, string(spdu.ContextName))
	}
	if len(smsg.PduBytes()) == 0 {
		t.Error("GenerateRequestMessage() - pdu marshal")
	}

	pdu = snmpgo.NewPdu(snmpgo.V3, snmpgo.Report)
	rmsg := snmpgo.ToMessageV3(snmpgo.NewMessage(snmpgo.V3, pdu))
	rmsg.SetPduBytes(smsg.PduBytes())
	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err == nil {
		t.Error("ProcessIncomingMessage() - engineId check")
	}

	rmsg.AuthEngineId = expEngId
	rmsg.AuthEngineBoots = -1
	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err == nil {
		t.Error("ProcessIncomingMessage() - boots check")
	}

	rmsg.AuthEngineBoots = 1
	rmsg.AuthEngineTime = -1
	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err == nil {
		t.Error("ProcessIncomingMessage() - time check")
	}

	rmsg.AuthEngineTime = 1
	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err != nil {
		t.Errorf("ProcessIncomingMessage() - has error %v", err)
	}
	if !bytes.Equal(sec.AuthEngineId, expEngId) {
		t.Errorf("ProcessIncomingMessage() - expected [%s], actual [%s]",
			sec.AuthEngineId, expEngId)
	}
	if len(sec.AuthKey) == 0 {
		t.Error("ProcessIncomingMessage() - authKey")
	}
	if len(sec.PrivKey) == 0 {
		t.Error("ProcessIncomingMessage() - privKey")
	}

	// Synchronize
	smsg.SetAuthentication(true)
	smsg.SetPrivacy(true)

	err = sec.GenerateRequestMessage(snmp, smsg)
	if err != nil {
		t.Errorf("GenerateRequestMessage() - has error %v", err)
	}
	if !bytes.Equal(smsg.UserName, expUser) {
		t.Errorf("GenerateRequestMessage() - expected [%s], actual [%s]",
			expUser, smsg.UserName)
	}
	if !bytes.Equal(smsg.AuthEngineId, expEngId) {
		t.Errorf("GenerateRequestMessage() - expected [%s], actual [%s]",
			expEngId, smsg.AuthEngineId)
	}
	if len(smsg.PrivParameter) == 0 {
		t.Error("GenerateRequestMessage() - privParameter")
	}
	if len(smsg.AuthParameter) == 0 {
		t.Error("GenerateRequestMessage() - authParameter")
	}

	pdu = snmpgo.NewPdu(snmpgo.V3, snmpgo.Report)
	rmsg = snmpgo.ToMessageV3(snmpgo.NewMessage(snmpgo.V3, pdu))
	rmsg.SetAuthentication(true)
	rmsg.SetPrivacy(true)
	rmsg.SetPduBytes(smsg.PduBytes())
	rmsg.AuthEngineId = []byte("foobar")
	rmsg.AuthEngineBoots = smsg.AuthEngineBoots
	rmsg.AuthEngineTime = smsg.AuthEngineTime
	rmsg.PrivParameter = smsg.PrivParameter
	rmsg.AuthParameter = smsg.AuthParameter

	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err == nil {
		t.Error("ProcessIncomingMessage() - userName check")
	}

	rmsg.UserName = expUser
	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err == nil {
		t.Error("ProcessIncomingMessage() - authEngine check")
	}

	rmsg.AuthEngineId = expEngId
	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err != nil {
		t.Errorf("ProcessIncomingMessage() - has error %v", err)
	}
	if sec.AuthEngineBoots != rmsg.AuthEngineBoots {
		t.Error("ProcessIncomingMessage() - engineBoots")
	}
	if sec.AuthEngineTime != rmsg.AuthEngineTime {
		t.Error("ProcessIncomingMessage() - engineTime")
	}

	// Request
	sec.AuthEngineBoots = 1
	sec.AuthEngineTime = 1

	err = sec.GenerateRequestMessage(snmp, smsg)
	if err != nil {
		t.Errorf("GenerateRequestMessage() - has error %v", err)
	}
	if smsg.AuthEngineBoots != sec.AuthEngineBoots {
		t.Errorf("GenerateRequestMessage() - expected [%d], actual [%d]",
			sec.AuthEngineBoots, smsg.AuthEngineBoots)
	}
	if smsg.AuthEngineTime != sec.AuthEngineTime {
		t.Errorf("GenerateRequestMessage() - expected [%d], actual [%d]",
			sec.AuthEngineTime, smsg.AuthEngineTime)
	}

	pdu = snmpgo.NewPdu(snmpgo.V3, snmpgo.GetResponse)
	spdu = pdu.(*snmpgo.ScopedPdu)
	rmsg = snmpgo.ToMessageV3(snmpgo.NewMessage(snmpgo.V3, pdu))
	rmsg.AuthEngineId = expEngId
	rmsg.AuthEngineBoots = smsg.AuthEngineBoots
	rmsg.AuthEngineTime = smsg.AuthEngineTime
	rmsg.UserName = expUser

	// set PduBytes with GetResponse
	b, _ := spdu.Marshal()
	rmsg.SetPduBytes(b)

	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err == nil {
		t.Error("ProcessIncomingMessage() - contextEngineId check")
	}

	// set PduBytes with ContextEngineId
	spdu.ContextEngineId = expCtxId
	b, _ = spdu.Marshal()
	rmsg.SetPduBytes(b)
	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err == nil {
		t.Error("ProcessIncomingMessage() - contextName check")
	}

	// set PduBytes with ContextName
	spdu.ContextName = []byte(expCtxName)
	b, _ = spdu.Marshal()
	rmsg.SetPduBytes(b)
	err = sec.ProcessIncomingMessage(snmp, smsg, rmsg)
	if err == nil {
		t.Error("ProcessIncomingMessage() - response authenticate check")
	}
}