capp 1.0

data/test/test_capp_packet_tcp_header.rb

@@ -0,0 +1,103 @@
+require 'minitest/autorun'
+require 'capp'
+
+class TestCappPacketTCPHeader < MiniTest::Unit::TestCase
+
+  def test_ack_eh
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0xff, nil, nil, nil)
+
+    assert header.ack?
+
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0x00, nil, nil, nil)
+
+    refute header.ack?
+  end
+
+  def test_cwr_eh
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0xff, nil, nil, nil)
+
+    assert header.cwr?
+
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0x00, nil, nil, nil)
+
+    refute header.cwr?
+  end
+
+  def test_ece_eh
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0xff, nil, nil, nil)
+
+    assert header.ece?
+
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0x00, nil, nil, nil)
+
+    refute header.ece?
+  end
+
+  def test_fin_eh
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0xff, nil, nil, nil)
+
+    assert header.fin?
+
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0x00, nil, nil, nil)
+
+    refute header.fin?
+  end
+
+  def test_push_eh
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0xff, nil, nil, nil)
+
+    assert header.push?
+
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0x00, nil, nil, nil)
+
+    refute header.push?
+  end
+
+  def test_rst_eh
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0xff, nil, nil, nil)
+
+    assert header.rst?
+
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0x00, nil, nil, nil)
+
+    refute header.rst?
+  end
+
+  def test_syn_eh
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0xff, nil, nil, nil)
+
+    assert header.syn?
+
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0x00, nil, nil, nil)
+
+    refute header.syn?
+  end
+
+  def test_urg_eh
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0xff, nil, nil, nil)
+
+    assert header.urg?
+
+    header = Capp::Packet::TCPHeader.new(nil, nil, nil, nil,
+                                         nil, 0x00, nil, nil, nil)
+
+    refute header.urg?
+  end
+
+end
+

data/test/test_capp_root.rb

@@ -0,0 +1,194 @@
+require 'capp/test_case'
+require 'etc'
+require 'socket'
+require 'thread'
+require 'tmpdir'
+
+class TestCappRoot < Capp::TestCase
+
+  def setup
+    @root = Etc.getpwuid
+
+    skip 'this test must run as root' unless @root.uid == 0
+
+    begin
+      @nobody = Etc.getpwnam 'nobody'
+    rescue ArgumentError
+      skip 'this test require a "nobody" user"'
+    end
+  end
+
+  def test_capp_devices
+    devices = Capp.devices
+
+    refute_empty devices
+
+    device = devices.first
+
+    assert_kind_of Capp::Device, device
+
+    refute_empty device.addresses
+
+    address = device.addresses.first
+
+    assert_kind_of Capp::Address, address
+  end
+
+  def test_capp_drop_privileges_chroot
+    Dir.mktmpdir 'capp' do |dir|
+      fork_and_test do
+        Capp.drop_privileges 'nobody', dir
+
+        abort 'current directory unchanged' unless Dir.pwd == '/'
+
+        begin
+          File.stat dir
+          abort 'choot failed'
+        rescue Errno::ENOENT
+        end
+
+        exit! 0
+      end
+    end
+  end
+
+  def test_capp_drop_privileges_chroot_no_user
+    Dir.mktmpdir 'capp' do |dir|
+      e = assert_raises Capp::Error do
+        Capp.drop_privileges nil, dir
+      end
+
+      assert_equal 'chroot without dropping root is insecure', e.message
+    end
+  end
+
+  def test_capp_drop_privileges_chroot_nonexistent_dir
+    Dir.mktmpdir 'capp' do |dir|
+      nonexistent = File.join dir, 'nonexistent'
+      e = assert_raises Capp::Error do
+        Capp.drop_privileges 'nobody', nonexistent
+      end
+
+      assert_equal \
+        "could not chroot to #{nonexistent} or change to chroot directory",
+        e.message
+    end
+  end
+
+  def test_capp_drop_privileges_name
+    dir = Dir.pwd
+
+    fork_and_test do
+      Capp.drop_privileges 'nobody'
+
+      user = Etc.getpwuid
+
+      abort 'user unchanged'  if @root.uid == user.uid 
+      abort 'group unchanged' if @root.gid == user.gid 
+
+      begin
+        File.stat dir
+      rescue Errno::ENOENT
+        abort 'unexpected chroot!'
+      end
+
+      exit! 0
+    end
+  end
+
+  def test_capp_drop_privileges_no_user
+    fork_and_test do
+      Capp.drop_privileges nil
+
+      user = Etc.getpwuid
+
+      abort 'user changed'  unless @root.uid == user.uid
+      abort 'group changed' unless @root.gid == user.gid
+
+      exit! 0
+    end
+  end
+
+  def test_capp_drop_privileges_nonexistent_user
+    e = assert_raises Capp::Error do
+      Capp.drop_privileges 'nonexistent'
+    end
+
+    assert_equal 'could not find user nonexistent', e.message
+  end
+
+  def test_capp_drop_privileges_uid
+    dir = Dir.pwd
+
+    fork_and_test do
+      Capp.drop_privileges @nobody.uid
+
+      user = Etc.getpwuid
+
+      abort 'user unchanged'  if @root.uid == user.uid 
+      abort 'group unchanged' if @root.gid == user.gid 
+
+      begin
+        File.stat dir
+      rescue Errno::ENOENT
+        abort 'unexpected chroot!'
+      end
+
+      exit! 0
+    end
+  end
+
+  def test_capp_live
+    loopback = Capp.devices.find do |device|
+      device.addresses.any? do |address|
+        address.address == '127.0.0.1'
+      end
+    end
+
+    skip 'unable to find IPv4 loopback device' unless loopback
+
+    capp = Capp.open loopback.name
+    queue = Queue.new
+
+    Thread.new do
+      capp.loop do |packet|
+        queue << packet
+        break
+      end
+    end
+
+    socket = UDPSocket.new
+    socket.send 'hi', 0, '127.0.0.1', 54321
+    socket.close
+
+    packet = queue.pop
+
+    assert_equal 'hi', packet.payload
+  end
+
+  def test_capp_device_open
+    loopback = Capp.devices.find do |device|
+      device.addresses.any? do |address|
+        address.address == '127.0.0.1'
+      end
+    end
+
+    skip 'unable to find IPv4 loopback device' unless loopback
+
+    capp = loopback.open
+
+    assert_equal loopback.name, capp.device
+  end
+
+  def fork_and_test
+    pid = fork do
+      yield
+    end
+
+    _, status = Process.wait2 pid
+
+    assert status.success?, status.inspect
+  end
+
+end
+

metadata

@@ -0,0 +1,161 @@
+--- !ruby/object:Gem::Specification
+name: capp
+version: !ruby/object:Gem::Version
+  version: '1.0'
+platform: ruby
+authors:
+- Eric Hodel
+autorequire: 
+bindir: bin
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMRAwDgYDVQQDDAdkcmJy
+  YWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZFgNu
+  ZXQwHhcNMTMwMjI4MDUyMjA4WhcNMTQwMjI4MDUyMjA4WjBBMRAwDgYDVQQDDAdk
+  cmJyYWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZ
+  FgNuZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbbgLrGLGIDE76
+  LV/cvxdEzCuYuS3oG9PrSZnuDweySUfdp/so0cDq+j8bqy6OzZSw07gdjwFMSd6J
+  U5ddZCVywn5nnAQ+Ui7jMW54CYt5/H6f2US6U0hQOjJR6cpfiymgxGdfyTiVcvTm
+  Gj/okWrQl0NjYOYBpDi+9PPmaH2RmLJu0dB/NylsDnW5j6yN1BEI8MfJRR+HRKZY
+  mUtgzBwF1V4KIZQ8EuL6I/nHVu07i6IkrpAgxpXUfdJQJi0oZAqXurAV3yTxkFwd
+  g62YrrW26mDe+pZBzR6bpLE+PmXCzz7UxUq3AE0gPHbiMXie3EFE0oxnsU3lIduh
+  sCANiQ8BAgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
+  BBS5k4Z75VSpdM0AclG2UvzFA/VW5DAfBgNVHREEGDAWgRRkcmJyYWluQHNlZ21l
+  bnQ3Lm5ldDAfBgNVHRIEGDAWgRRkcmJyYWluQHNlZ21lbnQ3Lm5ldDANBgkqhkiG
+  9w0BAQUFAAOCAQEAOflo4Md5aJF//EetzXIGZ2EI5PzKWX/mMpp7cxFyDcVPtTv0
+  js/6zWrWSbd60W9Kn4ch3nYiATFKhisgeYotDDz2/pb/x1ivJn4vEvs9kYKVvbF8
+  V7MV/O5HDW8Q0pA1SljI6GzcOgejtUMxZCyyyDdbUpyAMdt9UpqTZkZ5z1sicgQk
+  5o2XJ+OhceOIUVqVh1r6DNY5tLVaGJabtBmJAYFVznDcHiSFybGKBa5n25Egql1t
+  KDyY1VIazVgoC8XvR4h/95/iScPiuglzA+DBG1hip1xScAtw05BrXyUNrc9CEMYU
+  wgF94UVoHRp6ywo8I7NP3HcwFQDFNEZPNGXsng==
+  -----END CERTIFICATE-----
+date: 2013-05-03 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.6'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.10'
+- !ruby/object:Gem::Dependency
+  name: rake-compiler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.8'
+- !ruby/object:Gem::Dependency
+  name: hoe
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.5'
+description: |-
+  Capp is a packet capture library that wraps libpcap.  Capp provides a simple
+  API for capturing packets and automatically unpacks common packets (including
+  Ethernet, IP, TCP, UDP and ICMP).  Capp also cooperates with other threads
+  better than other pcap wrapper libraries for ruby.
+email:
+- drbrain@segment7.net
+executables: []
+extensions:
+- ext/capp/extconf.rb
+extra_rdoc_files:
+- History.rdoc
+- Manifest.txt
+- README.rdoc
+- ext/capp/capp.c
+files:
+- .autotest
+- .hoerc
+- History.rdoc
+- Manifest.txt
+- README.rdoc
+- Rakefile
+- ext/capp/capp.c
+- ext/capp/extconf.rb
+- ext/capp/structs.h
+- lib/capp.rb
+- lib/capp/packet.rb
+- lib/capp/test_case.rb
+- test/802.1X.pcap
+- test/arp.pcap
+- test/icmp4.pcap
+- test/icmp6.pcap
+- test/tcp4.pcap
+- test/tcp6.pcap
+- test/test_capp.rb
+- test/test_capp_packet.rb
+- test/test_capp_packet_tcp_header.rb
+- test/test_capp_root.rb
+- test/udp4.pcap
+- test/udp6.pcap
+- .gemtest
+homepage: https://github.com/drbrain/capp
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options:
+- --main
+- README.rdoc
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: capp
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Capp is a packet capture library that wraps libpcap
+test_files:
+- test/test_capp.rb
+- test/test_capp_packet.rb
+- test/test_capp_packet_tcp_header.rb
+- test/test_capp_root.rb