capp 1.0

data/lib/capp/test_case.rb

@@ -0,0 +1,61 @@
+require 'minitest/autorun'
+require 'capp'
+
+##
+# Capp::TestCase contains some useful methods for testing parts of Capp.
+#
+# The _DUMP constants are created from pcap files in the test directory.  You
+# can create your own capture from tcpdump:
+#
+#   tcpdump -r test/my.pcap [your specific capture arguments]
+
+class Capp::TestCase < MiniTest::Unit::TestCase
+
+  ##
+  # An ARP packet
+
+  ARP_DUMP        = File.expand_path '../../../test/arp.pcap',    __FILE__
+
+  ##
+  # An EAP 802.1X packet
+
+  EAP_802_1X_DUMP = File.expand_path '../../../test/802.1X.pcap', __FILE__
+
+  ##
+  # An ICMPv4 packet
+
+  ICMP4_DUMP      = File.expand_path '../../../test/icmp4.pcap',  __FILE__
+
+  ##
+  # An ICMPv6 packet
+
+  ICMP6_DUMP      = File.expand_path '../../../test/icmp6.pcap',  __FILE__
+
+  ##
+  # A TCPv4 packet
+
+  TCP4_DUMP       = File.expand_path '../../../test/tcp4.pcap',   __FILE__
+
+  ##
+  # A TCPv6 packet
+
+  TCP6_DUMP       = File.expand_path '../../../test/tcp6.pcap',   __FILE__
+
+  ## A UDPv4 packet
+
+  UDP4_DUMP       = File.expand_path '../../../test/udp4.pcap',   __FILE__
+
+  ##
+  # A UDPv6 packet
+
+  UDP6_DUMP       = File.expand_path '../../../test/udp6.pcap',   __FILE__
+
+  ##
+  # Returns the first packet in +dump+
+
+  def packet dump
+    Capp.offline(dump).loop.first
+  end
+
+end
+

data/test/test_capp.rb

@@ -0,0 +1,273 @@
+require 'capp/test_case'
+
+class TestCapp < Capp::TestCase
+
+  def test_class_drop_privileges_not_root
+    dir  = Dir.pwd
+    orig = Etc.getpwuid
+
+    skip 'you are root' if Process.uid.zero? and Process.euid.zero?
+
+    Capp.drop_privileges 'nobody'
+
+    user = Etc.getpwuid
+
+    assert_equal orig.uid, user.uid 
+    assert_equal orig.gid, user.gid 
+
+    assert_equal dir, Dir.pwd
+  end
+
+  def test_class_offline_file
+    open ICMP4_DUMP do |io|
+      capp = Capp.offline io
+
+      assert capp.loop.first
+    end
+  end
+
+  def test_class_offline_filename
+    capp = Capp.offline ICMP4_DUMP
+
+    assert capp.loop.first
+  end
+
+  def test_class_open_file
+    open ICMP4_DUMP do |io|
+      capp = Capp.open io
+
+      assert capp.loop.first
+    end
+  end
+
+  def test_class_open_filename
+    capp = Capp.open ICMP4_DUMP
+
+    assert capp.loop.first
+  end
+
+  def test_class_pcap_lib_version
+    lib_version = Capp.pcap_lib_version
+
+    assert_match 'libpcap', lib_version
+    assert_match %r%\d\.%,  lib_version
+  end
+
+  def test_datalink_equals
+    capp = Capp.offline UDP4_DUMP
+    links = capp.datalinks
+
+    capp.datalink = links.last
+
+    # this test might be useless for offline capture
+    assert_equal links.last, capp.datalink
+  end
+
+  def test_datalinks
+    links = Capp.offline(UDP4_DUMP).datalinks
+
+    assert_equal %w[EN10MB], links
+  end
+
+  def test_ethernet_header
+    capp = Capp.offline UDP4_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.ethernet_header
+
+    assert_equal 'ff:ff:ff:ff:ff:ff', header.destination
+    assert_equal '20:c9:d0:48:eb:73', header.source
+    assert_equal Capp::ETHERTYPE_IP,  header.type
+  end
+
+  def test_filter_equals
+    capp = Capp.offline ICMP4_DUMP
+
+    capp.filter = 'icmp[icmptype] = icmp-echo'
+
+    assert_equal 2, capp.loop.count
+  end
+
+  def test_filter_equals_garbage
+    capp = Capp.offline ICMP4_DUMP
+
+    assert_raises Capp::Error do
+      capp.filter = 'garbage'
+    end
+  end
+
+  def test_arp_header
+    capp = Capp.offline ARP_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.arp_header
+
+    assert_equal Capp::ARPHRD_ETHER,            header.hardware
+    assert_equal Capp::ETHERTYPE_IP,            header.protocol
+    assert_equal Capp::ARPOP_REQUEST,           header.operation
+    assert_match %r%\A0?2:c0:de:0?1:0?1:0?1\z%, header.sender_hardware_address
+    assert_equal '10.0.2.1',                    header.sender_protocol_address
+    assert_equal 'ff:ff:ff:ff:ff:ff',           header.target_hardware_address
+    assert_equal '10.0.0.101',                  header.target_protocol_address
+  end
+
+  def test_ipv4_header
+    capp = Capp.offline ICMP4_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.ipv4_header
+
+    assert_equal 4,              header.version
+    assert_equal 5,              header.ihl
+    assert_equal 0,              header.tos
+    assert_equal 56,             header.length
+    assert_equal 40436,          header.id
+    assert_equal 0,              header.offset
+    assert_equal 64,             header.ttl
+    assert_equal 1,              header.protocol
+    assert_equal 36729,          header.checksum
+    assert_equal '10.101.28.65', header.source
+    assert_equal '10.101.28.77', header.destination
+  end
+
+  def test_ipv6_header
+    capp = Capp.offline ICMP6_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.ipv6_header
+
+    assert_equal                   6, header.version
+    assert_equal                   0, header.traffic_class
+    assert_equal          1610612736, header.flow_label
+    assert_equal                  24, header.payload_length
+    assert_equal                  58, header.next_header
+    assert_equal                 255, header.hop_limit
+    assert_equal                '::', header.source
+    assert_equal 'ff02::1:ff48:eb73', header.destination
+  end
+
+  def test_icmp4_header
+    capp = Capp.offline ICMP4_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.icmp_header
+
+    assert_equal     3, header.type
+    assert_equal     3, header.code
+    assert_equal 19056, header.checksum
+  end
+
+  def test_icmp6_header
+    capp = Capp.offline ICMP6_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.icmp_header
+
+    assert_equal   135, header.type
+    assert_equal     0, header.code
+    assert_equal 45797, header.checksum
+  end
+
+  def test_loop
+    capp = Capp.offline ICMP4_DUMP
+
+    packets = []
+
+    capp.loop do |packet|
+      packets << packet
+    end
+
+    assert_equal 4, packets.size
+  end
+
+  def test_savefile_major_version
+    major_version = Capp.offline(UDP4_DUMP).savefile_major_version
+
+    assert_equal 2, major_version
+  end
+
+  def test_savefile_minor_version
+    minor_version = Capp.offline(UDP4_DUMP).savefile_minor_version
+
+    assert_equal 4, minor_version
+  end
+
+  def test_savefile_version
+    version = Capp.offline(UDP4_DUMP).savefile_version
+
+    assert_equal '2.4', version
+  end
+
+  def test_stats
+    capp = Capp.offline ICMP4_DUMP
+
+    capp.loop.to_a
+
+    assert_raises Capp::Error do
+      capp.stats
+    end
+  end
+
+  def test_stop
+    capp = Capp.offline ICMP4_DUMP
+
+    packets = []
+
+    capp.loop do |packet|
+      packets << packet
+
+      capp.stop
+    end
+
+    assert_equal 1, packets.size
+  end
+
+  def test_tcp4_header
+    capp = Capp.offline TCP4_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.tcp_header
+
+    assert_equal     49475, header.source_port
+    assert_equal      9091, header.destination_port
+    assert_equal 192875902, header.seq_number
+    assert_equal         0, header.ack_number
+    assert_equal        11, header.offset
+    assert_equal         2, header.flags
+    assert_equal     65535, header.window
+    assert_equal      7778, header.checksum
+    assert_equal         0, header.urgent
+  end
+
+  def test_udp4_header
+    capp = Capp.offline UDP4_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.udp_header
+
+    assert_equal 54938, header.source_port
+    assert_equal  7647, header.destination_port
+    assert_equal   105, header.length
+    assert_equal  3147, header.checksum
+  end
+
+  def test_unknown_layer3_header
+    capp = Capp.offline EAP_802_1X_DUMP
+
+    packet = capp.loop.first
+
+    header = packet.unknown_layer3_header
+
+    assert_equal 14, header.payload_offset
+  end
+
+end
+

data/test/test_capp_packet.rb

@@ -0,0 +1,160 @@
+# encoding: BINARY
+
+require 'capp/test_case'
+require 'resolv'
+require 'tempfile'
+
+class TestCappPacket < Capp::TestCase
+
+  def setup
+    super
+
+    @CP = Capp::Packet
+
+    @timestamp = Time.now
+    @captured =
+      "\x01\x00\x5e\x00\x00\xfb\x20\xc9\xd0\x48\xeb\x73\x08\x00\x45\x00" +
+      "\x00\x39\xef\x92\x00\x00\x01\x11\xc2\x74\x0a\x65\x1c\x4d\xe0\x00" +
+      "\x00\xfb\xfa\x0a\x14\xe9\x00\x25\x3a\x49\x02\x28\x01\x00\x00\x01" +
+      "\x00\x00\x00\x00\x00\x00\x05\x6b\x61\x75\x6c\x74\x05\x6c\x6f\x63" +
+      "\x61\x6c\x00\x00\x01\x00\x01"
+
+
+    length = @captured.length
+
+    @headers = {
+      ethernet:
+        @CP::EthernetHeader.new(0x01_00_5e_00_00_fb, 0x20_c9_d0_48_eb_73,
+                                0x0800),
+      ipv4:
+        @CP::IPv4Header.new(4, 5, 0, 57, 61330, 0, 1, 17, 49780,
+                            '10.101.28.77', '224.0.0.251'),
+      udp:
+        @CP::UDPHeader.new(64010, 5353, 37, 14921),
+    }
+
+    @packet =
+      @CP.new @timestamp, length, length, @captured, Capp::DLT_EN10MB, @headers
+  end
+
+  def test_destination
+    assert_equal '224.0.0.251.5353', @packet.destination
+    assert_equal '224.0.0.251.5353', @packet.destination
+  end
+
+  def test_destination_resolver
+    assert_equal 'mdns.mcast.net.5353', @packet.destination(resolver)
+
+    @packet.ipv4_header.destination = '192.0.2.1'
+
+    assert_equal '192.0.2.1.5353', @packet.destination(resolver)
+  end
+
+  def test_destination_udp4
+    assert_equal '224.0.0.251.5353', @packet.destination
+  end
+
+  def test_dump
+    expected = '..^... ..H'
+    assert_equal expected, @packet.dump[0, 10]
+  end
+
+  def test_ethernet_header
+    header = @packet.ethernet_header
+
+    assert_equal 0x01_00_5e_00_00_fb, header.destination, 'destination'
+    assert_equal 0x20_c9_d0_48_eb_73, header.source,      'source'
+    assert_equal 0x0800,              header.type,        'type'
+  end
+
+  def test_hexdump
+    expected = <<-EXPECTED
+\t0x0000:  0100 5e00 00fb 20c9 d048 eb73 0800 4500  ..^... ..H.s..E.
+\t0x0010:  0039 ef92 0000 0111 c274 0a65 1c4d e000  .9.......t.e.M..
+\t0x0020:  00fb fa0a 14e9 0025 3a49 0228 0100 0001  .......%:I.(....
+\t0x0030:  0000 0000 0000 056b 6175 6c74 056c 6f63  .......kault.loc
+\t0x0040:  616c 0000 0100 01                        al.....
+    EXPECTED
+
+    assert_equal expected, @packet.hexdump
+  end
+
+  def test_hexdump_offset
+    expected = <<-EXPECTED
+\t0x0000:  4500 0039 ef92 0000 0111 c274 0a65 1c4d  E..9.......t.e.M
+\t0x0010:  e000 00fb fa0a 14e9 0025 3a49 0228 0100  .........%:I.(..
+\t0x0020:  0001 0000 0000 0000 056b 6175 6c74 056c  .........kault.l
+\t0x0030:  6f63 616c 0000 0100 01                   ocal.....
+    EXPECTED
+
+    assert_equal expected, @packet.hexdump(14)
+  end
+
+  def test_ipv4_eh
+    assert @packet.ipv4?
+  end
+
+  def test_ipv6_eh
+    refute @packet.ipv6?
+  end
+
+  def test_payload
+    expected = dump @captured[42, @captured.length]
+    assert_equal expected, dump(@packet.payload)
+  end
+
+  def test_payload_offset
+    assert_equal 78, packet(TCP4_DUMP).payload_offset
+    assert_equal 42, packet(UDP4_DUMP).payload_offset
+
+    assert_equal 88, packet(TCP6_DUMP).payload_offset
+    assert_equal 62, packet(UDP6_DUMP).payload_offset
+
+    assert_raises NotImplementedError do
+      packet(ARP_DUMP).payload_offset
+    end
+  end
+
+  def test_protocols
+    assert_equal [:ethernet, :ipv4, :udp], @packet.protocols
+  end
+
+  def test_source
+    assert_equal '10.101.28.77.64010', @packet.source
+    assert_equal '10.101.28.77.64010', @packet.source
+  end
+
+  def test_source_resolver
+    assert_equal 'kault.64010', @packet.source(resolver)
+
+    @packet.ipv4_header.source = '192.0.2.1'
+
+    assert_equal '192.0.2.1.64010', @packet.source(resolver)
+  end
+
+  def test_source_udp4
+    assert_equal '10.101.28.77.64010', @packet.source
+  end
+
+  def test_udp_eh
+    assert @packet.udp?
+  end
+
+  def dump str
+    str.tr "\000-\037\177-\377", "."
+  end
+
+  def resolver
+    Tempfile.open 'hosts' do |io|
+      io.puts '224.0.0.251 mdns.mcast.net'
+      io.puts '10.101.28.77 kault'
+      io.flush
+
+      resolver = Resolv::Hosts.new io.path
+      resolver.getname '224.0.0.251' # initialize
+      resolver
+    end
+  end
+
+end
+