def capture_interface(request, cmd_dumpcap):
'''
Name of capture interface. Tests will be skipped if dumpcap is not
available or if the capture interface is unknown.
'''
iface = request.config.getoption('--capture-interface', default=None)
disabled = request.config.getoption('--disable-capture', default=False)
if disabled:
fixtures.skip('Capture tests are disabled via --disable-capture')
if iface:
# If a non-empty interface is given, assume capturing is possible.
return iface
else:
if sys.platform == 'win32':
patterns = '.*(Ethernet|Network Connection|VMware|Intel)'
else:
patterns = None
if patterns:
try:
output = subprocess.check_output((cmd_dumpcap, '-D'),
stderr=subprocess.DEVNULL,
universal_newlines=True)
m = re.search(r'^(\d+)\. %s' % patterns, output, re.MULTILINE)
if m:
return m.group(1)
except subprocess.CalledProcessError:
pass
fixtures.skip('Test requires capture privileges and an interface.')
def wireshark_command(cmd_wireshark):
# Windows and macOS can always display the GUI. On Linux, headless mode is
# used, see QT_QPA_PLATFORM in the 'test_env' fixture.
if sys.platform not in ('win32', 'darwin', 'linux'):
if 'DISPLAY' not in os.environ:
fixtures.skip('Wireshark GUI tests requires DISPLAY')
return (cmd_wireshark, '-ogui.update.enabled:FALSE')
def capture_interface(request, cmd_dumpcap):
'''
Name of capture interface. Tests will be skipped if dumpcap is not
available or if the capture interface is unknown.
'''
iface = request.config.getoption('--capture-interface', default=None)
disabled = request.config.getoption('--disable-capture', default=False)
if disabled:
fixtures.skip('Capture tests are disabled via --disable-capture')
if iface:
# If a non-empty interface is given, assume capturing is possible.
return iface
else:
if sys.platform == 'win32':
patterns = '.*(Ethernet|Network Connection|VMware|Intel)'
else:
patterns = None
if patterns:
try:
output = subprocess.check_output((cmd_dumpcap, '-D'),
stderr=subprocess.DEVNULL,
universal_newlines=True)
m = re.search(r'^(\d+)\. %s' % patterns, output, re.MULTILINE)
if m:
return m.group(1)
except subprocess.CalledProcessError:
pass
fixtures.skip('Test requires capture privileges and an interface.')
def wireshark_command(cmd_wireshark):
# Windows and macOS can always display the GUI. On Linux, headless mode is
# used, see QT_QPA_PLATFORM in the 'test_env' fixture.
if sys.platform not in ('win32', 'darwin', 'linux'):
if 'DISPLAY' not in os.environ:
fixtures.skip('Wireshark GUI tests requires DISPLAY')
return (cmd_wireshark, '-ogui.update.enabled:FALSE')
def resolver(name):
path = os.path.abspath(os.path.join(program_path, name + dotexe))
if not os.access(path, os.X_OK):
if skip_if_missing == ['all'] or name in skip_if_missing:
fixtures.skip('Program %s is not available' % (name,))
raise AssertionError('Program %s is not available' % (name,))
return path
def check_capture_fifo(cmd_dumpcap):
if sys.platform == 'win32':
fixtures.skip('Test requires OS fifo support.')
def check_capture_fifo_real(self, cmd=None):
self.assertIsNotNone(cmd)
testout_file = self.filename_from_id(testout_pcap)
fifo_file = self.filename_from_id('testout.fifo')
try:
# If a previous test left its fifo laying around, e.g. from a failure, remove it.
os.unlink(fifo_file)
except Exception:
pass
os.mkfifo(fifo_file)
slow_dhcp_cmd = subprocesstest.cat_dhcp_command('slow')
fifo_proc = self.startProcess(
('{0} > {1}'.format(slow_dhcp_cmd, fifo_file)), shell=True)
capture_proc = self.assertRun(
capture_command(
cmd,
'-i',
fifo_file,
'-p',
'-w',
testout_file,
'-a',
'duration:{}'.format(capture_duration),
))
fifo_proc.kill()
self.assertTrue(os.path.isfile(testout_file))
self.checkPacketCount(8)
return check_capture_fifo_real
def resolver(name):
path = os.path.abspath(os.path.join(program_path, name + dotexe))
if not os.access(path, os.X_OK):
if skip_if_missing == ['all'] or name in skip_if_missing:
fixtures.skip('Program %s is not available' % (name,))
raise AssertionError('Program %s is not available' % (name,))
return path
def check_capture_fifo(cmd_dumpcap):
if sys.platform == 'win32':
fixtures.skip('Test requires OS fifo support.')
def check_capture_fifo_real(self, cmd=None):
self.assertIsNotNone(cmd)
testout_file = self.filename_from_id(testout_pcap)
fifo_file = self.filename_from_id('testout.fifo')
try:
# If a previous test left its fifo laying around, e.g. from a failure, remove it.
os.unlink(fifo_file)
except:
pass
os.mkfifo(fifo_file)
slow_dhcp_cmd = subprocesstest.cat_dhcp_command('slow')
fifo_proc = self.startProcess(
('{0} > {1}'.format(slow_dhcp_cmd, fifo_file)),
shell=True)
capture_proc = self.runProcess(capture_command(cmd,
'-i', fifo_file,
'-p',
'-w', testout_file,
'-a', 'duration:{}'.format(capture_duration),
))
fifo_proc.kill()
self.assertTrue(os.path.isfile(testout_file))
capture_returncode = capture_proc.returncode
self.assertEqual(capture_returncode, 0)
if (capture_returncode == 0):
self.checkPacketCount(8)
return check_capture_fifo_real
def resolver(name):
dotexe = ''
if sys.platform.startswith('win32'):
dotexe = '.exe'
path = os.path.normpath(os.path.join(program_path, name + dotexe))
if not os.access(path, os.X_OK):
fixtures.skip('Program %s is not available' % (name,))
return path
def test_dumpcap_pcapng_multi_in_multi_out(self,
check_dumpcap_pcapng_sections):
'''Capture from two pcapng sources using Dumpcap and write two files'''
if sys.byteorder == 'big':
fixtures.skip('this test is supported on little endian only')
check_dumpcap_pcapng_sections(self,
multi_input=True,
multi_output=True)
def resolver(name):
dotexe = ''
if sys.platform.startswith('win32'):
dotexe = '.exe'
path = os.path.normpath(os.path.join(program_path, name + dotexe))
if not os.access(path, os.X_OK):
fixtures.skip('Program %s is not available' % (name,))
return path
def wireshark_command(cmd_wireshark):
# Windows can always display the GUI and macOS can if we're in a login session.
# On Linux, headless mode is used, see QT_QPA_PLATFORM in the 'test_env' fixture.
if sys.platform == 'darwin' and 'SECURITYSESSIONID' not in os.environ:
fixtures.skip('Wireshark GUI tests require loginwindow session')
if sys.platform not in ('win32', 'darwin', 'linux'):
if 'DISPLAY' not in os.environ:
fixtures.skip('Wireshark GUI tests require DISPLAY')
return (cmd_wireshark, '-ogui.update.enabled:FALSE')
def run_wireguard_test(cmd_tshark, capture_file, features):
if not features.have_libgcrypt17:
fixtures.skip('Requires Gcrypt 1.7 or later')
def runOne(self, args, keylog=None, pcap_file='wireguard-ping-tcp.pcap'):
if keylog:
keylog_file = self.filename_from_id('wireguard.keys')
args += ['-owg.keylog_file:%s' % keylog_file]
with open(keylog_file, 'w') as f:
f.write("\n".join(keylog))
proc = self.assertRun([cmd_tshark, '-r', capture_file(pcap_file)] + args)
lines = proc.stdout_str.splitlines()
return lines
return runOne
def run_wireguard_test(cmd_tshark, capture_file, features):
if not features.have_libgcrypt17:
fixtures.skip('Requires Gcrypt 1.7 or later')
def runOne(self, args, keylog=None, pcap_file='wireguard-ping-tcp.pcap'):
if keylog:
keylog_file = self.filename_from_id('wireguard.keys')
args += ['-owg.keylog_file:%s' % keylog_file]
with open(keylog_file, 'w') as f:
f.write("\n".join(keylog))
proc = self.assertRun([cmd_tshark, '-r', capture_file(pcap_file)] + args)
lines = proc.stdout_str.splitlines()
return lines
return runOne
def capture_interface(request, cmd_dumpcap):
'''
Name of capture interface. Tests will be skipped if dumpcap is not
available or no Loopback interface is available.
'''
disabled = request.config.getoption('--disable-capture', default=False)
if disabled:
fixtures.skip('Capture tests are disabled via --disable-capture')
proc = subprocess.Popen((cmd_dumpcap, '-D'),
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
universal_newlines=True)
outs, errs = proc.communicate()
if proc.returncode != 0:
print('"dumpcap -D" exited with %d. stderr:\n%s' %
(proc.returncode, errs))
fixtures.skip('Test requires capture privileges and an interface.')
# Matches: "lo (Loopback)" (Linux), "lo0 (Loopback)" (macOS) or
# "\Device\NPF_{...} (Npcap Loopback Adapter)" (Windows)
print('"dumpcap -D" output:\n%s' % (outs, ))
m = re.search(r'^(\d+)\. .*\(.*Loopback.*\)', outs, re.MULTILINE)
if not m:
fixtures.skip('Test requires a capture interface.')
iface = m.group(1)
# Interface found, check for capture privileges (needed for Linux).
try:
subprocess.check_output((cmd_dumpcap, '-L', '-i', iface),
stderr=subprocess.STDOUT,
universal_newlines=True)
return iface
except subprocess.CalledProcessError as e:
print('"dumpcap -L -i %s" exited with %d. Output:\n%s' %
(iface, e.returncode, e.output))
fixtures.skip('Test requires capture privileges.')
def capture_interface(request, cmd_dumpcap):
'''
Name of capture interface. Tests will be skipped if dumpcap is not
available or no Loopback interface is available.
'''
disabled = request.config.getoption('--disable-capture', default=False)
if disabled:
fixtures.skip('Capture tests are disabled via --disable-capture')
proc = subprocess.Popen((cmd_dumpcap, '-D'), stdout=subprocess.PIPE,
stderr=subprocess.PIPE, universal_newlines=True)
outs, errs = proc.communicate()
if proc.returncode != 0:
print('"dumpcap -D" exited with %d. stderr:\n%s' %
(proc.returncode, errs))
fixtures.skip('Test requires capture privileges and an interface.')
# Matches: "lo (Loopback)" (Linux), "lo0 (Loopback)" (macOS) or
# "\Device\NPF_{...} (Npcap Loopback Adapter)" (Windows)
print('"dumpcap -D" output:\n%s' % (outs,))
m = re.search(r'^(\d+)\. .*\(.*Loopback.*\)', outs, re.MULTILINE)
if not m:
fixtures.skip('Test requires a capture interface.')
iface = m.group(1)
# Interface found, check for capture privileges (needed for Linux).
try:
subprocess.check_output((cmd_dumpcap, '-L', '-i', iface),
stderr=subprocess.STDOUT,
universal_newlines=True)
return iface
except subprocess.CalledProcessError as e:
print('"dumpcap -L -i %s" exited with %d. Output:\n%s' % (iface,
e.returncode,
e.output))
fixtures.skip('Test requires capture privileges.')
def traffic_generator():
'''
Traffic generator factory. Invoking it returns a tuple (start_func, cfilter)
where cfilter is a capture filter to match the generated traffic.
start_func can be invoked to start generating traffic and returns a function
which can be used to stop traffic generation early.
Currently calls ping www.wireshark.org for 60 seconds.
'''
# XXX replace this by something that generates UDP traffic to localhost?
# That would avoid external access which is forbidden by the Debian policy.
nprocs = 1
if sys.platform.startswith('win32'):
# XXX Check for psping? https://docs.microsoft.com/en-us/sysinternals/downloads/psping
args_ping = ('ping', '-n', '60', '-l', '100', 'www.wireshark.org')
nprocs = 3
elif sys.platform.startswith('linux') or sys.platform.startswith(
'freebsd'):
args_ping = ('ping', '-c', '240', '-s', '100', '-i', '0.25',
'www.wireshark.org')
elif sys.platform.startswith('darwin'):
args_ping = ('ping', '-c', '1', '-g', '1', '-G', '240', '-i', '0.25',
'www.wireshark.org')
else:
# XXX Other BSDs, Solaris, etc
fixtures.skip('ping utility is unavailable - cannot generate traffic')
procs = []
def kill_processes():
for proc in procs:
proc.kill()
for proc in procs:
proc.wait()
procs.clear()
def start_processes():
for i in range(nprocs):
if i > 0:
# Fake subsecond interval if the ping utility lacks support.
time.sleep(0.1)
proc = subprocess.Popen(args_ping,
stdout=subprocess.DEVNULL,
stderr=subprocess.STDOUT)
procs.append(proc)
return kill_processes
try:
yield start_processes, 'icmp || icmp6'
finally:
kill_processes()
def check_lua_script(cmd_tshark, features, dirs, capture_file):
if not features.have_lua:
fixtures.skip('Test requires Lua scripting support.')
def check_lua_script_real(self, lua_script, cap_file, check_passed, *args):
tshark_cmd = [cmd_tshark,
'-r', capture_file(cap_file),
'-X', 'lua_script:' + os.path.join(dirs.lua_dir, lua_script)
]
tshark_cmd += args
tshark_proc = self.assertRun(tshark_cmd)
if check_passed:
self.assertIn('All tests passed!', tshark_proc.stdout_str)
return tshark_proc
return check_lua_script_real
def check_lua_script(cmd_tshark, features, dirs, capture_file):
if not features.have_lua:
fixtures.skip('Test requires Lua scripting support.')
def check_lua_script_real(self, lua_script, cap_file, check_passed, *args):
tshark_cmd = [
cmd_tshark, '-r',
capture_file(cap_file), '-X',
'lua_script:' + os.path.join(dirs.lua_dir, lua_script)
]
tshark_cmd += args
tshark_proc = self.assertRun(tshark_cmd)
if check_passed:
self.assertIn('All tests passed!', tshark_proc.stdout_str)
return tshark_proc
return check_lua_script_real
def wireshark_features(request, cmd_wireshark, make_env):
'''
Returns an object describing available features in Wireshark. Tests
will be skipped unless --enable-release is passed on the command line.
'''
enabled = request.config.getoption('--enable-release', default=False)
if not enabled:
fixtures.skip('Release tests are not enabled via --enable-release')
try:
wireshark_v = subprocess.check_output((cmd_wireshark, '--version'),
stderr=subprocess.PIPE,
universal_newlines=True,
env=make_env())
wireshark_v = re.sub(r'\s+', ' ', wireshark_v)
except subprocess.CalledProcessError as ex:
print('Failed to detect Wireshark features: %s' % (ex, ))
wireshark_v = ''
return types.SimpleNamespace(
have_automatic_updates='with automatic updates' in wireshark_v, )
def traffic_generator():
'''
Traffic generator factory. Invoking it returns a tuple (start_func, cfilter)
where cfilter is a capture filter to match the generated traffic.
start_func can be invoked to start generating traffic and returns a function
which can be used to stop traffic generation early.
Currently calls ping www.wireshark.org for 60 seconds.
'''
# XXX replace this by something that generates UDP traffic to localhost?
# That would avoid external access which is forbidden by the Debian policy.
nprocs = 1
if sys.platform.startswith('win32'):
# XXX Check for psping? https://docs.microsoft.com/en-us/sysinternals/downloads/psping
args_ping = ('ping', '-n', '60', '-l', '100', 'www.wireshark.org')
nprocs = 3
elif sys.platform.startswith('linux') or sys.platform.startswith('freebsd'):
args_ping = ('ping', '-c', '240', '-s', '100', '-i', '0.25', 'www.wireshark.org')
elif sys.platform.startswith('darwin'):
args_ping = ('ping', '-c', '1', '-g', '1', '-G', '240', '-i', '0.25', 'www.wireshark.org')
else:
# XXX Other BSDs, Solaris, etc
fixtures.skip('ping utility is unavailable - cannot generate traffic')
procs = []
def kill_processes():
for proc in procs:
proc.kill()
for proc in procs:
proc.wait()
procs.clear()
def start_processes():
for i in range(nprocs):
if i > 0:
# Fake subsecond interval if the ping utility lacks support.
time.sleep(0.1)
proc = subprocess.Popen(args_ping, stdout=subprocess.DEVNULL, stderr=subprocess.STDOUT)
procs.append(proc)
return kill_processes
try:
yield start_processes, 'icmp || icmp6'
finally:
kill_processes()
def softhsm_paths(features):
if sys.platform == 'win32':
search_path = os.getenv('PATH') + r';C:\SoftHSM2\bin'
else:
search_path = None
softhsm_tool = shutil.which('softhsm2-util', path=search_path)
if not softhsm_tool:
# Note: do not fallback to SoftHSMv1. While available on Ubuntu 14.04
# (and 16.04), it is built with botan < 1.11.10 which causes a crash due
# to a conflict with the GMP library that is also used by GnuTLS/nettle.
# See https://github.com/randombit/botan/issues/1090
fixtures.skip('SoftHSM is not found')
# Find provider library path.
bindir = os.path.dirname(softhsm_tool)
libdir = os.path.join(os.path.dirname(bindir), 'lib')
if sys.platform == 'win32':
libdirs = [libdir, bindir]
if features.have_x64:
name = 'softhsm2-x64.dll'
else:
name = 'softhsm2.dll'
else:
# Debian/Ubuntu-specific paths
madir = sysconfig.get_config_var('multiarchsubdir')
libdir64_sub = os.path.join(libdir + '64', 'softhsm')
libdir_sub = os.path.join(libdir, 'softhsm')
libdirs = [os.path.join(libdir + madir, 'softhsm')] if madir else []
libdirs += [libdir_sub, libdir64_sub]
name = 'libsofthsm2.so'
for libdir in libdirs:
provider = os.path.join(libdir, name)
if os.path.exists(provider):
break
else:
# Even if p11-kit can automatically locate it, do not rely on it.
fixtures.skip('SoftHSM provider library not detected')
# Now check whether the import tool is usable. SoftHSM < 2.3.0 did not
# set CKA_DECRYPT when using softhsm2-tool --import and therefore cannot be
# used to import keys for decryption. Use GnuTLS p11tool as workaround.
softhsm_version = subprocess.check_output([softhsm_tool, '--version'],
universal_newlines=True).strip()
use_p11tool = softhsm_version in ('2.0.0', '2.1.0', '2.2.0')
if use_p11tool and not shutil.which('p11tool'):
fixtures.skip('SoftHSM available, but GnuTLS p11tool is unavailable')
return use_p11tool, softhsm_tool, provider
def softhsm_paths(features):
if sys.platform == 'win32':
search_path = os.getenv('PATH') + r';C:\SoftHSM2\bin'
else:
search_path = None
softhsm_tool = shutil.which('softhsm2-util', path=search_path)
if not softhsm_tool:
# Note: do not fallback to SoftHSMv1. While available on Ubuntu 14.04
# (and 16.04), it is built with botan < 1.11.10 which causes a crash due
# to a conflict with the GMP library that is also used by GnuTLS/nettle.
# See https://github.com/randombit/botan/issues/1090
fixtures.skip('SoftHSM is not found')
# Find provider library path.
bindir = os.path.dirname(softhsm_tool)
libdir = os.path.join(os.path.dirname(bindir), 'lib')
if sys.platform == 'win32':
libdirs = [libdir, bindir]
if features.have_x64:
name = 'softhsm2-x64.dll'
else:
name = 'softhsm2.dll'
else:
# Debian/Ubuntu-specific paths
madir = sysconfig.get_config_var('multiarchsubdir')
libdir64_sub = os.path.join(libdir + '64', 'softhsm')
libdir_sub = os.path.join(libdir, 'softhsm')
libdirs = [os.path.join(libdir + madir, 'softhsm')] if madir else []
libdirs += [libdir_sub, libdir64_sub]
name = 'libsofthsm2.so'
for libdir in libdirs:
provider = os.path.join(libdir, name)
if os.path.exists(provider):
break
else:
# Even if p11-kit can automatically locate it, do not rely on it.
fixtures.skip('SoftHSM provider library not detected')
# Now check whether the import tool is usable. SoftHSM < 2.3.0 did not
# set CKA_DECRYPT when using softhsm2-tool --import and therefore cannot be
# used to import keys for decryption. Use GnuTLS p11tool as workaround.
softhsm_version = subprocess.check_output([softhsm_tool, '--version'],
universal_newlines=True).strip()
use_p11tool = softhsm_version in ('2.0.0', '2.1.0', '2.2.0')
if use_p11tool and not shutil.which('p11tool'):
fixtures.skip('SoftHSM available, but GnuTLS p11tool is unavailable')
return use_p11tool, softhsm_tool, provider
def wireshark_command(cmd_wireshark):
if sys.platform not in ('win32', 'darwin'):
# TODO check DISPLAY for X11 on Linux or BSD?
fixtures.skip('Wireshark GUI tests requires DISPLAY')
return (cmd_wireshark, '-ogui.update.enabled:FALSE')
def test_dumpcap_pcapng_single_in_single_out(
self, check_dumpcap_pcapng_sections):
'''Capture from a single pcapng source using Dumpcap and write a single file'''
if sys.byteorder == 'big':
fixtures.skip('this test is supported on little endian only')
check_dumpcap_pcapng_sections(self)
def check_dumpcap_pcapng_sections(cmd_dumpcap, cmd_tshark, capture_file):
if sys.platform == 'win32':
fixtures.skip('Test requires OS fifo support.')
def check_dumpcap_pcapng_sections_real(self,
multi_input=False,
multi_output=False):
# Make sure we always test multiple SHBs in an input.
in_files_l = [[
capture_file('many_interfaces.pcapng.1'),
capture_file('many_interfaces.pcapng.2')
]]
if multi_input:
in_files_l.append([capture_file('many_interfaces.pcapng.3')])
fifo_files = []
fifo_procs = []
# Default values for our validity tests
check_val_d = {
'filename': None,
'packet_count': 0,
'idb_count': 0,
'ua_pt1_count': 0,
'ua_pt2_count': 0,
'ua_pt3_count': 0,
'ua_dc_count': 0,
}
check_vals = [check_val_d]
for in_files in in_files_l:
fifo_file = self.filename_from_id(
'dumpcap_pcapng_sections_{}.fifo'.format(len(fifo_files) + 1))
fifo_files.append(fifo_file)
# If a previous test left its fifo laying around, e.g. from a failure, remove it.
try:
os.unlink(fifo_file)
except Exception:
pass
os.mkfifo(fifo_file)
cat_cmd = subprocesstest.cat_cap_file_command(in_files)
fifo_procs.append(
self.startProcess(('{0} > {1}'.format(cat_cmd, fifo_file)),
shell=True))
if multi_output:
rb_unique = 'sections_rb_' + uuid.uuid4().hex[:6] # Random ID
testout_glob = '{}.{}_*.pcapng'.format(self.id(), rb_unique)
testout_file = '{}.{}.pcapng'.format(self.id(), rb_unique)
check_vals.append(check_val_d.copy())
# check_vals[]['filename'] will be filled in below
else:
testout_file = self.filename_from_id(testout_pcapng)
check_vals[0]['filename'] = testout_file
# Capture commands
if not multi_input and not multi_output:
# Passthrough SHBs, single output file
capture_cmd_args = ('-i', fifo_files[0], '-w', testout_file)
check_vals[0]['packet_count'] = 79
check_vals[0]['idb_count'] = 22
check_vals[0]['ua_pt1_count'] = 1
check_vals[0]['ua_pt2_count'] = 1
elif not multi_input and multi_output:
# Passthrough SHBs, multiple output files
capture_cmd_args = ('-i', fifo_files[0], '-w', testout_file, '-a',
'files:2', '-b', 'packets:53')
check_vals[0]['packet_count'] = 53
check_vals[0]['idb_count'] = 11
check_vals[0]['ua_pt1_count'] = 1
check_vals[1]['packet_count'] = 26
check_vals[1]['idb_count'] = 22
check_vals[1]['ua_pt1_count'] = 1
check_vals[1]['ua_pt2_count'] = 1
elif multi_input and not multi_output:
# Dumpcap SHBs, single output file
capture_cmd_args = ('-i', fifo_files[0], '-i', fifo_files[1], '-w',
testout_file)
check_vals[0]['packet_count'] = 88
check_vals[0]['idb_count'] = 35
check_vals[0]['ua_dc_count'] = 1
else:
# Dumpcap SHBs, multiple output files
capture_cmd_args = ('-i', fifo_files[0], '-i', fifo_files[1], '-w',
testout_file, '-a', 'files:2', '-b',
'packets:53')
check_vals[0]['packet_count'] = 53
check_vals[0]['idb_count'] = 13
check_vals[0]['ua_dc_count'] = 1
check_vals[1]['packet_count'] = 35
check_vals[1]['idb_count'] = 35
check_vals[1]['ua_dc_count'] = 1
capture_cmd = capture_command(cmd_dumpcap, *capture_cmd_args)
capture_proc = self.assertRun(capture_cmd)
for fifo_proc in fifo_procs:
fifo_proc.kill()
rb_files = []
if multi_output:
rb_files = sorted(glob.glob(testout_glob))
self.assertEqual(len(rb_files), 2)
check_vals[0]['filename'] = rb_files[0]
check_vals[1]['filename'] = rb_files[1]
for rbf in rb_files:
self.cleanup_files.append(rbf)
self.assertTrue(os.path.isfile(rbf))
# Output tests
if not multi_input and not multi_output:
# Check strict bit-for-bit passthrough.
in_hash = hashlib.sha256()
out_hash = hashlib.sha256()
for in_file in in_files_l[0]:
in_cap_file = capture_file(in_file)
with open(in_cap_file, 'rb') as f:
in_hash.update(f.read())
with open(testout_file, 'rb') as f:
out_hash.update(f.read())
self.assertEqual(in_hash.hexdigest(), out_hash.hexdigest())
# many_interfaces.pcapng.1 : 64 packets written by "Passthrough test #1"
# many_interfaces.pcapng.2 : 15 packets written by "Passthrough test #2"
# many_interfaces.pcapng.3 : 9 packets written by "Passthrough test #3"
# Each has 11 interfaces.
idb_compare_eq = True
if multi_input and multi_output:
# Having multiple inputs forces the use of threads. In our
# case this means that non-packet block counts in the first
# file in is nondeterministic.
idb_compare_eq = False
for check_val in check_vals:
self.checkPacketCount(check_val['packet_count'],
cap_file=check_val['filename'])
tshark_proc = self.assertRun(
capture_command(cmd_tshark, '-r', check_val['filename'], '-V',
'-X', 'read_format:MIME Files Format'))
# XXX Are there any other sanity checks we should run?
if idb_compare_eq:
self.assertEqual(
self.countOutput(r'Block: Interface Description Block',
proc=tshark_proc), check_val['idb_count'])
else:
self.assertGreaterEqual(
self.countOutput(r'Block: Interface Description Block',
proc=tshark_proc), check_val['idb_count'])
idb_compare_eq = True
self.assertEqual(
self.countOutput(
r'Option: User Application = Passthrough test #1',
proc=tshark_proc), check_val['ua_pt1_count'])
self.assertEqual(
self.countOutput(
r'Option: User Application = Passthrough test #2',
proc=tshark_proc), check_val['ua_pt2_count'])
self.assertEqual(
self.countOutput(
r'Option: User Application = Passthrough test #3',
proc=tshark_proc), check_val['ua_pt3_count'])
self.assertEqual(
self.countOutput(
r'Option: User Application = Dumpcap \(Wireshark\)',
proc=tshark_proc), check_val['ua_dc_count'])
return check_dumpcap_pcapng_sections_real
def test_dpauxmon(self, check_extcap_execution):
''' extcap interface tests for dpauxmon '''
if sys.platform == 'win32':
fixtures.skip('dpauxmon not available on Windows')
check_extcap_execution("dpauxmon")
def test_dpauxmon(self, check_extcap_execution):
''' extcap interface tests for dpauxmon '''
if not sys.platform.startswith('linux'):
fixtures.skip('dpauxmon available on Linux only')
check_extcap_execution("dpauxmon")
def test_sdjournal(self, check_extcap_execution):
''' extcap interface tests for sdjournal '''
if sys.platform == 'win32':
fixtures.skip('sdjournal not available on Windows')
check_extcap_execution("sdjournal")
def wireshark_command(cmd_wireshark):
if sys.platform not in ('win32', 'darwin'):
# TODO check DISPLAY for X11 on Linux or BSD?
fixtures.skip('Wireshark GUI tests requires DISPLAY')
return (cmd_wireshark, '-ogui.update.enabled:FALSE')
def test_smb311_chained_lznt1_patternv1(self, cmd_tshark, capture_file):
if sys.byteorder == 'big':
fixtures.skip('this test is supported on little endian only')
self.extract_chained_compressed_payload(cmd_tshark, capture_file, 1)
def check_dumpcap_pcapng_sections(cmd_dumpcap, cmd_tshark, capture_file):
if sys.platform == 'win32':
fixtures.skip('Test requires OS fifo support.')
def check_dumpcap_pcapng_sections_real(self, multi_input=False, multi_output=False):
# Make sure we always test multiple SHBs in an input.
in_files_l = [ [
capture_file('many_interfaces.pcapng.1'),
capture_file('many_interfaces.pcapng.2')
] ]
if multi_input:
in_files_l.append([ capture_file('many_interfaces.pcapng.3') ])
fifo_files = []
fifo_procs = []
# Default values for our validity tests
check_val_d = {
'filename': None,
'packet_count': 0,
'idb_count': 0,
'ua_pt1_count': 0,
'ua_pt2_count': 0,
'ua_pt3_count': 0,
'ua_dc_count': 0,
}
check_vals = [ check_val_d ]
for in_files in in_files_l:
fifo_file = self.filename_from_id('dumpcap_pcapng_sections_{}.fifo'.format(len(fifo_files) + 1))
fifo_files.append(fifo_file)
# If a previous test left its fifo laying around, e.g. from a failure, remove it.
try:
os.unlink(fifo_file)
except: pass
os.mkfifo(fifo_file)
cat_cmd = subprocesstest.cat_cap_file_command(in_files)
fifo_procs.append(self.startProcess(('{0} > {1}'.format(cat_cmd, fifo_file)), shell=True))
if multi_output:
rb_unique = 'sections_rb_' + uuid.uuid4().hex[:6] # Random ID
testout_glob = '{}.{}_*.pcapng'.format(self.id(), rb_unique)
testout_file = '{}.{}.pcapng'.format(self.id(), rb_unique)
check_vals.append(check_val_d.copy())
# check_vals[]['filename'] will be filled in below
else:
testout_file = self.filename_from_id(testout_pcapng)
check_vals[0]['filename'] = testout_file
# Capture commands
if not multi_input and not multi_output:
# Passthrough SHBs, single output file
capture_cmd_args = (
'-i', fifo_files[0],
'-w', testout_file
)
check_vals[0]['packet_count'] = 79
check_vals[0]['idb_count'] = 22
check_vals[0]['ua_pt1_count'] = 1
check_vals[0]['ua_pt2_count'] = 1
elif not multi_input and multi_output:
# Passthrough SHBs, multiple output files
capture_cmd_args = (
'-i', fifo_files[0],
'-w', testout_file,
'-a', 'files:2',
'-b', 'packets:53'
)
check_vals[0]['packet_count'] = 53
check_vals[0]['idb_count'] = 11
check_vals[0]['ua_pt1_count'] = 1
check_vals[1]['packet_count'] = 26
check_vals[1]['idb_count'] = 22
check_vals[1]['ua_pt1_count'] = 1
check_vals[1]['ua_pt2_count'] = 1
elif multi_input and not multi_output:
# Dumpcap SHBs, single output file
capture_cmd_args = (
'-i', fifo_files[0],
'-i', fifo_files[1],
'-w', testout_file
)
check_vals[0]['packet_count'] = 88
check_vals[0]['idb_count'] = 35
check_vals[0]['ua_dc_count'] = 1
else:
# Dumpcap SHBs, multiple output files
capture_cmd_args = (
'-i', fifo_files[0],
'-i', fifo_files[1],
'-w', testout_file,
'-a', 'files:2',
'-b', 'packets:53'
)
check_vals[0]['packet_count'] = 53
check_vals[0]['idb_count'] = 13
check_vals[0]['ua_dc_count'] = 1
check_vals[1]['packet_count'] = 35
check_vals[1]['idb_count'] = 35
check_vals[1]['ua_dc_count'] = 1
capture_cmd = capture_command(cmd_dumpcap, *capture_cmd_args)
capture_proc = self.runProcess(capture_cmd)
for fifo_proc in fifo_procs: fifo_proc.kill()
rb_files = []
if multi_output:
rb_files = sorted(glob.glob(testout_glob))
self.assertEqual(len(rb_files), 2)
check_vals[0]['filename'] = rb_files[0]
check_vals[1]['filename'] = rb_files[1]
for rbf in rb_files:
self.cleanup_files.append(rbf)
self.assertTrue(os.path.isfile(rbf))
returncode = capture_proc.returncode
self.assertEqual(returncode, 0)
if (returncode != 0):
return
# Output tests
if not multi_input and not multi_output:
# Check strict bit-for-bit passthrough.
in_hash = hashlib.sha256()
out_hash = hashlib.sha256()
for in_file in in_files_l[0]:
in_cap_file = capture_file(in_file)
with open(in_cap_file, 'rb') as f:
in_hash.update(f.read())
with open(testout_file, 'rb') as f:
out_hash.update(f.read())
self.assertEqual(in_hash.hexdigest(), out_hash.hexdigest())
# many_interfaces.pcapng.1 : 64 packets written by "Passthrough test #1"
# many_interfaces.pcapng.2 : 15 packets written by "Passthrough test #2"
# many_interfaces.pcapng.3 : 9 packets written by "Passthrough test #3"
# Each has 11 interfaces.
idb_compare_eq = True
if multi_input and multi_output:
# Having multiple inputs forces the use of threads. In our
# case this means that non-packet block counts in the first
# file in is nondeterministic.
idb_compare_eq = False
for check_val in check_vals:
self.checkPacketCount(check_val['packet_count'], cap_file=check_val['filename'])
tshark_proc = self.runProcess(capture_command(cmd_tshark,
'-r', check_val['filename'],
'-V',
'-X', 'read_format:MIME Files Format'
))
# XXX Are there any other sanity checks we should run?
if idb_compare_eq:
self.assertEqual(self.countOutput('Block: Interface Description Block',
proc=tshark_proc), check_val['idb_count'])
else:
self.assertGreaterEqual(self.countOutput('Block: Interface Description Block',
proc=tshark_proc), check_val['idb_count'])
idb_compare_eq = True
self.assertEqual(self.countOutput('Option: User Application = Passthrough test #1',
proc=tshark_proc), check_val['ua_pt1_count'])
self.assertEqual(self.countOutput('Option: User Application = Passthrough test #2',
proc=tshark_proc), check_val['ua_pt2_count'])
self.assertEqual(self.countOutput('Option: User Application = Passthrough test #3',
proc=tshark_proc), check_val['ua_pt3_count'])
self.assertEqual(self.countOutput('Option: User Application = Dumpcap \(Wireshark\)',
proc=tshark_proc), check_val['ua_dc_count'])
return check_dumpcap_pcapng_sections_real
def test_sdjournal(self, check_extcap_execution):
''' extcap interface tests for sdjournal '''
if not sys.platform.startswith('linux'):
fixtures.skip('sdjournal is available on Linux only')
check_extcap_execution("sdjournal")