func TestGetTeams(t *testing.T) {
db, err := openDB()
defer db.Close()
team1 := steward.Team{
ID: -1, Name: "MySuperTeam", Subnet: "192.168.111/24",
Vulnbox: "pl.hold1", UseNetbox: false, Netbox: "nb.hold1"}
team2 := steward.Team{
ID: -1, Name: "MyFooTeam", Subnet: "192.168.112/24",
Vulnbox: "pl.hold2", UseNetbox: true, Netbox: "nb.hold2"}
team1.ID, _ = steward.AddTeam(db.db, team1)
team2.ID, _ = steward.AddTeam(db.db, team2)
teams, err := steward.GetTeams(db.db)
if err != nil {
log.Fatalln("Get teams failed:", err)
}
if len(teams) != 2 {
log.Fatalln("Get teams more than added")
}
if teams[0] != team1 || teams[1] != team2 {
log.Fatalln("Added teams broken")
}
}
func TestGetTeam(t *testing.T) {
db, err := openDB()
defer db.Close()
team1 := steward.Team{
ID: -1, Name: "MySuperTeam", Subnet: "192.168.111/24",
Vulnbox: "pl.hold1", UseNetbox: false, Netbox: "nb.hold1"}
team1.ID, _ = steward.AddTeam(db.db, team1)
_team1, err := steward.GetTeam(db.db, team1.ID)
if err != nil {
log.Fatalln("Get team failed:", err)
}
if _team1 != team1 {
log.Fatalln("Added team broken")
}
_, err = steward.GetTeam(db.db, 10) // invalid team id
if err == nil {
log.Fatalln("Get invalid team broken")
}
}
func TestAddTeam(t *testing.T) {
db, err := openDB()
defer db.Close()
team := steward.Team{
ID: -1, Name: "MySuperTeam", Subnet: "192.168.111/24",
Vulnbox: "pl.hold1", UseNetbox: true, Netbox: "nb.hold1"}
_, err = steward.AddTeam(db.db, team)
if err != nil {
log.Fatalln("Add team failed:", err)
}
}
func fillTestTeams(db *sql.DB) {
for index, team := range []string{"FooTeam", "BarTeam", "BazTeam"} {
// just trick for bypass UNIQUE team subnet
subnet := fmt.Sprintf("127.%d.0.1/24", index)
vulnbox := fmt.Sprintf("127.0.%d.3", index)
t := steward.Team{ID: -1, Name: team, Subnet: subnet, Vulnbox: vulnbox}
_, err := steward.AddTeam(db, t)
if err != nil {
log.Fatalln("Add team failed:", err)
}
}
}
func reinitDatabase(db *sql.DB, config config.Config) {
var err error
if config.Database.SafeReinit {
if time.Now().After(config.Pulse.Start.Time) {
log.Fatalln("Reinit after start not allowed")
}
}
log.Println("Reinit database")
log.Println("Clean database")
steward.CleanDatabase(db)
for _, team := range config.Teams {
log.Println("Add team", team.Name)
_, err = steward.AddTeam(db, team)
if err != nil {
log.Fatalln("Add team failed:", err)
}
}
for _, svc := range config.Services {
var network string
if svc.UDP {
network = "udp"
} else {
network = "tcp"
}
log.Printf("Add service %s (%s)\n", svc.Name, network)
err = steward.AddService(db, svc)
if err != nil {
log.Fatalln("Add service failed:", err)
}
}
}
func TestteamByAddr(*testing.T) {
db, err := openDB()
if err != nil {
log.Fatalln("Open database failed:", err)
}
defer db.Close()
for i := 10; i < 15; i++ {
subnet := fmt.Sprintf("127.0.%d.1/24", i)
name := fmt.Sprintf("Team_%d", i)
t := steward.Team{ID: -1, Name: name, Subnet: subnet,
Vulnbox: subnet}
teamID, err := steward.AddTeam(db.db, t)
if err != nil {
log.Fatalln("Add team failed:", err)
}
addr := fmt.Sprintf("127.0.%d.115:3542", i)
team, err := teamByAddr(db.db, addr)
if err != nil {
log.Fatalln("Get team failed:", err)
}
if team.ID != teamID {
log.Fatalf("Get team with id [%v] instead [%v]",
team.ID, teamID)
}
}
}
func TestGame(*testing.T) {
db, err := openDB()
if err != nil {
log.Fatalln("Open database fail:", err)
}
min_port_num := 1024
max_port_num := 65535
rand.Seed(time.Now().UnixNano())
port := min_port_num + rand.Intn(max_port_num-min_port_num)
log.Println("Use port", port)
service_path := "../checker/python-api/dummy_service.py"
svc := newDummyService(service_path, port)
svc.Stop() // kill
svc.Start()
time.Sleep(time.Second) // wait for service init
defer svc.Stop()
priv, err := vexillary.GenerateKey()
if err != nil {
log.Fatalln("Generate key fail:", err)
}
for index, team := range []string{"FooTeam", "BarTeam", "BazTeam"} {
// just trick for bypass UNIQUE team subnet
subnet := fmt.Sprintf("127.%d.0.1/24", index)
vulnbox := fmt.Sprintf("127.0.%d.3", index)
t := steward.Team{ID: -1, Name: team, Subnet: subnet,
Vulnbox: vulnbox}
_, err = steward.AddTeam(db.db, t)
if err != nil {
log.Fatalln("Add team failed:", err)
}
}
checker_path := "../checker/python-api/dummy_checker.py"
for _, service := range []string{"Foo", "Bar", "Baz"} {
err = steward.AddService(db.db,
steward.Service{ID: -1, Name: service, Port: port,
CheckerPath: checker_path, UDP: false})
if err != nil {
log.Fatalln("Add service failed:", err)
}
}
round_len := 30 * time.Second
timeout_between_check := 10 * time.Second
game, err := pulse.NewGame(db.db, priv, round_len, timeout_between_check)
defer game.Over()
end_time := time.Now().Add(time.Minute + 10*time.Second)
err = game.Run(end_time)
if err != nil {
log.Fatalln("Game error:", err)
}
for round := 1; round <= 2; round++ {
for team_id := 1; team_id <= 3; team_id++ {
res, err := steward.GetRoundResult(db.db, team_id, round)
if err != nil {
log.Fatalf("Get round %d result fail: %s",
round, err)
}
if res.DefenceScore != float64(round*2) {
log.Fatalln("Invalid defence score")
}
if res.AttackScore != 0 {
log.Fatalln("Invalid attack score")
}
}
}
}
func TestReceiver(*testing.T) {
db, err := openDB()
if err != nil {
log.Fatalln("Open database failed:", err)
}
defer db.Close()
priv, err := vexillary.GenerateKey()
if err != nil {
log.Fatalln("Generate key failed:", err)
}
addr := "127.0.0.1:65000"
flag, err := vexillary.GenerateFlag(priv)
if err != nil {
log.Fatalln("Generate flag failed:", err)
}
err = steward.AddFlag(db.db, steward.Flag{-1, flag, 1, 8, 1, ""})
if err != nil {
log.Fatalln("Add flag failed:", err)
}
firstRound, err := steward.NewRound(db.db, time.Minute*2)
if err != nil {
log.Fatalln("New round failed:", err)
}
attackFlow := make(chan scoreboard.Attack)
go FlagReceiver(db.db, priv, addr, time.Nanosecond, time.Minute, attackFlow)
time.Sleep(time.Second) // wait for init listener
// The attacker must appear to be a team (e.g. jury cannot attack)
testFlag(addr, flag, invalidTeamMsg)
t := steward.Team{ID: -1, Name: "TestTeam", Subnet: "127.0.0.1/24",
Vulnbox: "1"}
// Correct flag must be captured
teamID, err := steward.AddTeam(db.db, t)
if err != nil {
log.Fatalln("Add team failed:", err)
}
serviceID := 1
// Flag must be captured only if service status ok
steward.PutStatus(db.db, steward.Status{firstRound, teamID, serviceID,
steward.StatusUP})
testFlag(addr, flag, capturedMsg)
// Correct flag must be captured only one
testFlag(addr, flag, alreadyCapturedMsg)
// Incorrect (non-signed or signed on other key) flag must be invalid
testFlag(addr, "1e7b642f2282886377d1655af6097dd6101eac5b=",
invalidFlagMsg)
// Correct flag that does not exist in database must not be captured
newFlag, err := vexillary.GenerateFlag(priv)
if err != nil {
log.Fatalln("Generate flag failed:", err)
}
testFlag(addr, newFlag, flagDoesNotExistMsg)
// Submitted flag does not belongs to the attacking team
flag4, err := vexillary.GenerateFlag(priv)
if err != nil {
log.Fatalln("Generate flag failed:", err)
}
err = steward.AddFlag(db.db, steward.Flag{-1, flag4, 1, teamID, 1, ""})
if err != nil {
log.Fatalln("Add flag failed:", err)
}
testFlag(addr, flag4, flagYoursMsg)
// Correct flag from another round must not be captured
flag2, err := vexillary.GenerateFlag(priv)
if err != nil {
log.Fatalln("Generate flag failed:", err)
}
curRound, err := steward.CurrentRound(db.db)
err = steward.AddFlag(db.db, steward.Flag{-1, flag2, curRound.ID, 8, 1, ""})
if err != nil {
log.Fatalln("Add flag failed:", err)
}
_, err = steward.NewRound(db.db, time.Minute*2)
if err != nil {
log.Fatalln("New round failed:", err)
}
testFlag(addr, flag2, flagExpiredMsg)
// Correct flag from expired round must not be captured
roundLen := time.Second
roundID, err := steward.NewRound(db.db, roundLen)
if err != nil {
log.Fatalln("New round failed:", err)
}
flag3, err := vexillary.GenerateFlag(priv)
if err != nil {
log.Fatalln("Generate flag failed:", err)
}
err = steward.AddFlag(db.db, steward.Flag{-1, flag3, roundID, 8, 1, ""})
if err != nil {
log.Fatalln("Add flag failed:", err)
}
time.Sleep(roundLen) // wait end of round
testFlag(addr, flag3, flagExpiredMsg)
// If service status down flag must not be captured
roundID, err = steward.NewRound(db.db, time.Minute)
if err != nil {
log.Fatalln("New round failed:", err)
}
flag5, err := vexillary.GenerateFlag(priv)
if err != nil {
log.Fatalln("Generate flag failed:", err)
}
err = steward.AddFlag(db.db, steward.Flag{-1, flag5, roundID, 8,
serviceID, ""})
if err != nil {
log.Fatalln("Add flag failed:", err)
}
steward.PutStatus(db.db, steward.Status{roundID, teamID, serviceID,
steward.StatusDown})
testFlag(addr, flag5, serviceNotUpMsg)
steward.PutStatus(db.db, steward.Status{roundID, teamID, serviceID,
steward.StatusUP})
// If attempts limit exceeded flag must not be captured
newAddr := "127.0.0.1:64000"
// Start new receiver for test timeouts
go FlagReceiver(db.db, priv, newAddr, time.Second, time.Minute, attackFlow)
time.Sleep(time.Second) // wait for init listener
// Just for take timeout
testFlag(newAddr, flag3, flagExpiredMsg)
// Can't use testFlag, if attempts limit exceeded server does not send
// greeting message, and client has not able to send flag
conn, err := net.DialTimeout("tcp", newAddr, time.Second)
if err != nil {
log.Fatalln("Connect to receiver failed:", err)
}
msg, err := bufio.NewReader(conn).ReadString('\n')
if err != nil {
log.Fatalln("Invalid response:", err)
}
response := attemptsLimitMsg
if msg != response {
log.Fatalf("Invalid message [%v] instead [%v]",
strings.Trim(msg, "\n"),
strings.Trim(response, "\n"))
}
}