[asterisk-commits] jrose: testsuite/asterisk/trunk r3334 - in /asterisk/trunk/tests/channels/SIP...
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Wed Jul 18 14:57:47 CDT 2012
Author: jrose
Date: Wed Jul 18 14:57:41 2012
New Revision: 3334
URL: http://svnview.digium.com/svn/testsuite?view=rev&rev=3334
Log:
named acls: add a test for chan_sip using ACLs and named ACLs
review: https://reviewboard.asterisk.org/r/2045/
Added:
asterisk/trunk/tests/channels/SIP/acl_call/
asterisk/trunk/tests/channels/SIP/acl_call/configs/
asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/
asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/acl.conf (with props)
asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extconfig.conf (with props)
asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extensions.conf (with props)
asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/modules.conf (with props)
asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/res_config_sqlite3.conf (with props)
asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/sip.conf (with props)
asterisk/trunk/tests/channels/SIP/acl_call/realtime.sqlite3 (with props)
asterisk/trunk/tests/channels/SIP/acl_call/run-test (with props)
asterisk/trunk/tests/channels/SIP/acl_call/test-config.yaml (with props)
Modified:
asterisk/trunk/tests/channels/SIP/tests.yaml
Added: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/acl.conf
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/acl.conf?view=auto&rev=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/acl.conf (added)
+++ asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/acl.conf Wed Jul 18 14:57:41 2012
@@ -1,0 +1,15 @@
+[testacl1] ; Allow 127.0.0.1 only
+deny = 0.0.0.0/0.0.0.0
+permit = 127.0.0.1
+
+[testacl2] ; Disallow 127.0.0.1 only
+permit = 0.0.0.0/0.0.0.0
+deny = 127.0.0.1
+
+[testacl3] ; Disallow 127.0.0.3 only
+permit = 0.0.0.0/0.0.0.0
+deny = 127.0.0.3
+
+[testacl4] ; Disallow 127.0.0.4 only
+permit = 0.0.0.0/0.0.0.0
+deny = 127.0.0.4
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/acl.conf
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/acl.conf
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/acl.conf
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extconfig.conf
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extconfig.conf?view=auto&rev=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extconfig.conf (added)
+++ asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extconfig.conf Wed Jul 18 14:57:41 2012
@@ -1,0 +1,2 @@
+[settings]
+acls => sqlite3,asterisk,acltable
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extconfig.conf
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extconfig.conf
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extconfig.conf
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extensions.conf
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extensions.conf?view=auto&rev=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extensions.conf (added)
+++ asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extensions.conf Wed Jul 18 14:57:41 2012
@@ -1,0 +1,4 @@
+[test_context]
+exten => s,1,Answer()
+exten => s,n,Playtones(400,100) ; Play a tone for one tenth of a second, just to have the call last some amount of time.
+exten => s,n,Hangup()
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extensions.conf
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extensions.conf
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/extensions.conf
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/modules.conf
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/modules.conf?view=auto&rev=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/modules.conf (added)
+++ asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/modules.conf Wed Jul 18 14:57:41 2012
@@ -1,0 +1,3 @@
+[modules]
+autoload=yes
+preload => res_config_sqlite3.so
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/modules.conf
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/modules.conf
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/modules.conf
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/res_config_sqlite3.conf
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/res_config_sqlite3.conf?view=auto&rev=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/res_config_sqlite3.conf (added)
+++ asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/res_config_sqlite3.conf Wed Jul 18 14:57:41 2012
@@ -1,0 +1,2 @@
+[asterisk]
+dbfile => /tmp/realtime.sqlite3
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/res_config_sqlite3.conf
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/res_config_sqlite3.conf
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/res_config_sqlite3.conf
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/sip.conf
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/sip.conf?view=auto&rev=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/sip.conf (added)
+++ asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/sip.conf Wed Jul 18 14:57:41 2012
@@ -1,0 +1,98 @@
+[general]
+udpbindaddr=0.0.0.0
+context=test_context
+
+[testsip1] ; Allow calls only from the locally defined ACL (denies all except 127.0.0.1)
+type=friend
+host=127.0.0.1
+deny=0.0.0.0/0.0.0.0
+permit=127.0.0.1
+
+[testsip2] ; Same as testsip1, only defined via named ACL subsystem
+type=friend
+host=127.0.0.1
+acl=testacl1
+
+[testsip3] ; Multiple ACLs defined via named ACL subsystem. Collectively only 127.0.0.2 is acceptable
+type=friend
+host=127.0.0.1
+acl=testacl2,testacl3,testacl4
+
+[testsip4] ; An invalid ACL (not contained in the configuration or in realtime). No allowable addresses
+type=friend
+host=127.0.0.1
+acl=undefinedacl
+
+[testsip5] ; 3 ACLs stored on the realtime backend. Collectively only 127.0.0.3 is acceptable
+type=friend
+host=127.0.0.1
+acl=rtacl1,rtacl2,rtacl3
+
+; host templates
+[host1](!)
+host=127.0.0.1
+
+[host2](!)
+host=127.0.0.2
+
+[host3](!)
+host=127.0.0.3
+
+[host4](!)
+host=127.0.0.4
+
+; test 1
+[test1](!)
+type=friend
+username=testsip1
+fromuser=testsip1
+
+[test1_1](test1,host1)
+[test1_2](test1,host2)
+[test1_3](test1,host3)
+[test1_4](test1,host4)
+
+; test 2
+[test2](!)
+type=friend
+username=testsip2
+fromuser=testsip2
+
+[test2_1](test2,host1)
+[test2_2](test2,host2)
+[test2_3](test2,host3)
+[test2_4](test2,host4)
+
+; test 3
+[test3](!)
+type=friend
+username=testsip3
+fromuser=testsip3
+
+[test3_1](test3,host1)
+[test3_2](test3,host2)
+[test3_3](test3,host3)
+[test3_4](test3,host4)
+
+; test 4
+[test4](!)
+type=friend
+username=testsip4
+fromuser=testsip4
+
+[test4_1](test4,host1)
+[test4_2](test4,host2)
+[test4_3](test4,host3)
+[test4_4](test4,host4)
+
+; test 5
+[test5](!)
+type=friend
+username=testsip5
+fromuser=testsip5
+
+[test5_1](test5,host1)
+[test5_2](test5,host2)
+[test5_3](test5,host3)
+[test5_4](test5,host4)
+
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/sip.conf
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/sip.conf
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/configs/ast1/sip.conf
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: asterisk/trunk/tests/channels/SIP/acl_call/realtime.sqlite3
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/realtime.sqlite3?view=auto&rev=3334
==============================================================================
Binary file - no diff available.
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/realtime.sqlite3
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: asterisk/trunk/tests/channels/SIP/acl_call/run-test
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/run-test?view=auto&rev=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/acl_call/run-test (added)
+++ asterisk/trunk/tests/channels/SIP/acl_call/run-test Wed Jul 18 14:57:41 2012
@@ -1,0 +1,152 @@
+#!/usr/bin/env python
+
+import sys
+import logging
+import logging.config
+import os
+import shutil
+from twisted.internet import reactor
+
+sys.path.append("lib/python")
+
+from asterisk.TestCase import TestCase
+
+logger = logging.getLogger(__name__)
+
+class SIPACLTest(TestCase):
+
+ # Preps test objects and configuration additions as well as copies TLS keys to test folder.
+ def __init__(self):
+ TestCase.__init__(self)
+ self.test_components = []
+
+ #success evaluation stuff
+ self.test_index = 0
+
+ #test1 - No named ACL, calling available only to 127.0.0.1
+ self.add_test_component("test1_1", "allow")
+ self.add_test_component("test1_2", "deny")
+ self.add_test_component("test1_3", "deny")
+ self.add_test_component("test1_4", "deny")
+
+ #test2 - Same permissible addresses as test 1, but while using a named ACL from the local configuration
+ self.add_test_component("test2_1", "allow")
+ self.add_test_component("test2_2", "deny")
+ self.add_test_component("test2_3", "deny")
+ self.add_test_component("test2_4", "deny")
+
+ #test3 - Multiple named ACL rules from local configuration. Only 127.0.0.2 should be allowed to call.
+ self.add_test_component("test3_1", "deny")
+ self.add_test_component("test3_2", "allow")
+ self.add_test_component("test3_3", "deny")
+ self.add_test_component("test3_4", "deny")
+
+ #test4 - An undefined rule is used. All addresses should be rejected from calling.
+ self.add_test_component("test4_1", "deny")
+ self.add_test_component("test4_2", "deny")
+ self.add_test_component("test4_3", "deny")
+ self.add_test_component("test4_4", "deny")
+
+ #test5 - A set of 3 named ACLs stored in realtime is used. Collectively only 127.0.0.3 should be allowed to call.
+ self.add_test_component("test5_1", "deny")
+ self.add_test_component("test5_2", "deny")
+ self.add_test_component("test5_3", "allow")
+ self.add_test_component("test5_4", "deny")
+
+ self.create_asterisk()
+
+ def add_test_component(self, test, expectation):
+ this_tuple = test, expectation
+ self.test_components.append(this_tuple)
+
+ # Once the AMI Factory connects to the AMI, this function fires.
+ def ami_connect(self, ami):
+ ami.registerEvent('Hangup', self.evaluate_hangup)
+ self.test_start(ami)
+
+ def test_start(self, ami):
+ logger.info("Starting test %d - %s:" % (self.test_index, self.test_components[self.test_index][0]))
+
+ # The following variable tracks events that occur as a result of the following originate. We expect two events in all cases.
+ # In the case of a successful call, we expect two hangups. If the call is unsuccessful, we expect a hangup and an AMI command error.
+ self.events_received = 0
+ self.success_conditions = 0
+ self.failure_conditions = 0
+
+ # Storage for the events (failures and AMI hangups) that came in -- stored in case of something going wrong.
+ self.events = []
+
+ # There are callbacks that would lose the AMI, so we need to hold onto it within the test object.
+ self.last_active_ami = ami
+
+ ami.originate(channel = "SIP/%s/s" % self.test_components[self.test_index][0], application = "Echo").addErrback(self.evaluate_originate_error)
+
+ def evaluate_hangup(self, ami, event):
+ self.events_received += 1
+ self.events.append(event)
+
+ # evaluate if whether the hangup indicates success or failure
+ reason = event.get('cause-txt')
+ if reason == "Normal Clearing":
+ self.success_conditions += 1
+ elif reason == "Call Rejected":
+ self.failure_conditions += 1
+
+ # If we've got two events of any kind, the call is finished and we can move on to the evaluation
+ if self.events_received == 2:
+ self.evaluate_call()
+
+ def evaluate_originate_error(self, reason):
+ self.events.append(reason)
+ self.events_received += 1
+ self.failure_conditions += 1
+ if self.events_received == 2:
+ self.evaluate_call()
+
+ def evaluate_call(self):
+ if self.test_components[self.test_index][1] == "allow" and self.success_conditions == 2:
+ logger.info("Test %d - %s: Call Succeeded as Expected." % (self.test_index, self.test_components[self.test_index][0]))
+ elif self.test_components[self.test_index][1] == "deny" and self.failure_conditions == 2:
+ logger.info("Test %d - %s: Call Failed as Expected." % (self.test_index, self.test_components[self.test_index][0]))
+ else:
+ logger.error("Test %d - %s: Events received don't follow expectations. Test Failed." % (self.test_index, self.test_components[self.test_index][0]))
+ logger.error("Failure Triggering Events Received: %s" % self.events)
+ self.passed = False
+ self.stop_reactor()
+ return
+
+ # Go on to the next test.
+ self.test_index += 1
+ if self.test_index < len(self.test_components):
+ self.test_start(self.last_active_ami)
+ else:
+ logger.info("All tests evaluated as expected. Test Successful.")
+ self.passed = True
+ self.stop_reactor()
+ return
+
+ # Sets up reactor and AMI connection
+ def run(self):
+ TestCase.run(self)
+ self.create_ami_factory()
+
+
+def main():
+ TEST_DIR = os.path.dirname(os.path.realpath(__file__))
+ DB_PATH = TEST_DIR + "/realtime.sqlite3"
+ TMP_DB_PATH = "/tmp/realtime.sqlite3"
+ shutil.copyfile(DB_PATH, TMP_DB_PATH)
+ test = SIPACLTest()
+ reactor.run()
+ os.remove(TMP_DB_PATH)
+
+ if test.passed:
+ return 0
+ return 1
+
+if __name__ == "__main__":
+ sys.exit(main() or 0)
+
+
+# vim:sw=4:ts=4:expandtab:textwidth=79
+
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/run-test
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/run-test
------------------------------------------------------------------------------
svn:executable = *
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/run-test
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/run-test
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: asterisk/trunk/tests/channels/SIP/acl_call/test-config.yaml
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/acl_call/test-config.yaml?view=auto&rev=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/acl_call/test-config.yaml (added)
+++ asterisk/trunk/tests/channels/SIP/acl_call/test-config.yaml Wed Jul 18 14:57:41 2012
@@ -1,0 +1,16 @@
+testinfo:
+ summary: 'Test chan_sip usage of ACLs'
+ description: |
+ This tests SIP calls originating from different addresses against
+ SIP peers with varying means of specifying Access Control Lists.
+ This test is used to verify proper behavior of ACL and Named ACL
+ usage by the chan_sip driver.
+
+properties:
+ minversion: '11.0'
+ dependencies:
+ - python : 'twisted'
+ - python : 'starpy'
+ tags:
+ - SIP
+ - ACL
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/test-config.yaml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/test-config.yaml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Propchange: asterisk/trunk/tests/channels/SIP/acl_call/test-config.yaml
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: asterisk/trunk/tests/channels/SIP/tests.yaml
URL: http://svnview.digium.com/svn/testsuite/asterisk/trunk/tests/channels/SIP/tests.yaml?view=diff&rev=3334&r1=3333&r2=3334
==============================================================================
--- asterisk/trunk/tests/channels/SIP/tests.yaml (original)
+++ asterisk/trunk/tests/channels/SIP/tests.yaml Wed Jul 18 14:57:41 2012
@@ -2,6 +2,7 @@
tests:
# Temporarily disabled until random failures are debugged.
#- test: 'handle_response_refer'
+ - test: 'acl_call'
- test: 'options'
- test: 'refer_replaces_to_self'
- test: 'info_dtmf'
More information about the asterisk-commits
mailing list