1%% 2%% %CopyrightBegin% 3%% 4%% Copyright Ericsson AB 2004-2016. All Rights Reserved. 5%% 6%% Licensed under the Apache License, Version 2.0 (the "License"); 7%% you may not use this file except in compliance with the License. 8%% You may obtain a copy of the License at 9%% 10%% http://www.apache.org/licenses/LICENSE-2.0 11%% 12%% Unless required by applicable law or agreed to in writing, software 13%% distributed under the License is distributed on an "AS IS" BASIS, 14%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15%% See the License for the specific language governing permissions and 16%% limitations under the License. 17%% 18%% %CopyrightEnd% 19%% 20%% 21 22-module(orber_firewall_ipv6_in_SUITE). 23 24-include_lib("common_test/include/ct.hrl"). 25-include_lib("orber/include/corba.hrl"). 26-include_lib("orber/COSS/CosNaming/CosNaming.hrl"). 27-include_lib("orber/src/orber_iiop.hrl"). 28-include_lib("orber/src/ifr_objects.hrl"). 29-include("idl_output/orber_test_server.hrl"). 30-include_lib("orber/COSS/CosNaming/CosNaming_NamingContextExt.hrl"). 31-include_lib("orber/COSS/CosNaming/CosNaming_NamingContext.hrl"). 32 33-define(default_timeout, test_server:minutes(15)). 34 35-define(match(ExpectedRes,Expr), 36 fun() -> 37 AcTuAlReS = (catch (Expr)), 38 case AcTuAlReS of 39 ExpectedRes -> 40 io:format("------ CORRECT RESULT ------~n~p~n", 41 [AcTuAlReS]), 42 AcTuAlReS; 43 _ -> 44 io:format("###### ERROR ERROR ######~nRESULT: ~p~n", 45 [AcTuAlReS]), 46 exit(AcTuAlReS) 47 end 48 end()). 49 50%%----------------------------------------------------------------- 51%% External exports 52%%----------------------------------------------------------------- 53-export([all/0, suite/0,groups/0,init_per_group/2,end_per_group/2, cases/0, 54 init_per_suite/1, end_per_suite/1, 55 init_per_testcase/2, end_per_testcase/2, 56 deny_port_api/1, deny_port_range_api/1, deny_host_api/1, 57 deny_peerhost_api/1, allow_port_range_api/1, 58 allow_host_api/1, allow_peerhost_api/1, check_address_api/1]). 59 60%%----------------------------------------------------------------- 61%% Func: all/1 62%% Args: 63%% Returns: 64%%----------------------------------------------------------------- 65suite() -> [{ct_hooks,[ts_install_cth]}]. 66 67all() -> 68 cases(). 69 70groups() -> 71 []. 72 73init_per_group(_GroupName, Config) -> 74 Config. 75 76end_per_group(_GroupName, Config) -> 77 Config. 78 79 80%% NOTE - the fragment test cases must bu first since we explicitly set a request 81%% id. Otherwise, the request-id counter would be increased and we cannot know 82%% what it is. 83cases() -> 84 [deny_port_api, deny_port_range_api, deny_host_api, 85 deny_peerhost_api, allow_port_range_api, allow_host_api, 86 allow_peerhost_api, check_address_api]. 87 88 89init_per_testcase(_Case, Config) -> 90 Dog=test_server:timetrap(?default_timeout), 91 orber:jump_start([{iiop_port, 0}, 92 {iiop_out_ports, {5980, 6000}}, 93 {flags, ?ORB_ENV_USE_IPV6}]), 94 [{watchdog, Dog}|Config]. 95 96 97end_per_testcase(_Case, Config) -> 98 orber:jump_stop(), 99 Dog = proplists:get_value(watchdog, Config), 100 test_server:timetrap_cancel(Dog), 101 ok. 102 103init_per_suite(Config) -> 104 case orber_test_lib:version_ok() of 105 true -> 106 if 107 is_list(Config) -> 108 Config; 109 true -> 110 exit("Config not a list") 111 end; 112 Reason -> 113 Reason 114 end. 115 116end_per_suite(Config) -> 117 Config. 118 119 120%%----------------------------------------------------------------- 121%% Incomming connections - Deny 122%%----------------------------------------------------------------- 123%% Deny Access due to invalid local port 124deny_port_api(_Config) -> 125 [IP] = ?match([_], orber:host()), 126 {ok, ServerNode, ServerHost} = 127 ?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 128 ?ORB_ENV_USE_ACL_INCOMING)}, 129 {iiop_acl, [{tcp_in, IP++"/128#7000"}]}])), 130 ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []), 131 ?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}}, 132 corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")), 133 % catch orber_test_lib:destroy_node(ServerNode, timeout), 134 ok. 135 136%% Deny Access due to invalid local port range 137deny_port_range_api(_Config) -> 138 [IP] = ?match([_], orber:host()), 139 {ok, ServerNode, ServerHost} = 140 ?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 141 ?ORB_ENV_USE_ACL_INCOMING)}, 142 {iiop_acl, [{tcp_in, IP++"/128#7000/8000"}]}])), 143 ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []), 144 ?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}}, 145 corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")), 146% catch orber_test_lib:destroy_node(ServerNode, timeout), 147 ok. 148 149 150%% Deny Access due to invalid host 151deny_host_api(_Config) -> 152 {ok, ServerNode, ServerHost} = 153 ?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 154 ?ORB_ENV_USE_ACL_INCOMING)}, 155 {iiop_acl, [{tcp_in, "0:0:0:0:0:0:10.1.1.1/128"}]}])), 156 ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []), 157 ?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}}, 158 corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")), 159% catch orber_test_lib:destroy_node(ServerNode, timeout), 160 ok. 161 162%% Deny Access due to invalid peer host 163deny_peerhost_api(_Config) -> 164 [IP] = ?match([_], orber:host()), 165 {ok, ServerNode, ServerHost} = 166 ?match({ok,_,_}, 167 orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 168 ?ORB_ENV_USE_ACL_INCOMING)}, 169 {iiop_acl, [{tcp_in, IP++"/128", ["0:0:0:0:0:0:10.1.1.1"]}]}])), 170 ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []), 171 ?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}}, 172 corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")), 173% catch orber_test_lib:destroy_node(ServerNode, timeout), 174 ok. 175 176%%----------------------------------------------------------------- 177%% Incomming connections - Allow 178%%----------------------------------------------------------------- 179%% Allow Access due to valid local port range 180allow_port_range_api(_Config) -> 181 [IP] = ?match([_], orber:host()), 182 {ok, ServerNode, ServerHost} = 183 ?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 184 ?ORB_ENV_USE_ACL_INCOMING)}, 185 {iiop_acl, [{tcp_in, IP++"/128#5980/6000"}]}])), 186 ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []), 187 io:format("ServerNode: ~p\nServerHost: ~p\n", [ServerNode, ServerHost]), 188 IOR = 189 ?match({'IOP_IOR',_,_}, 190 corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")), 191 ?match(false, corba_object:not_existent(IOR)), 192% catch orber_test_lib:destroy_node(ServerNode, timeout), 193 ok. 194 195 196%% Allow Access due to valid host 197allow_host_api(_Config) -> 198 [IP] = ?match([_], orber:host()), 199 {ok, ServerNode, ServerHost} = 200 ?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 201 ?ORB_ENV_USE_ACL_INCOMING)}, 202 {iiop_acl, [{tcp_in, IP++"/128"}]}])), 203 ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []), 204 IOR = 205 ?match({'IOP_IOR',_,_}, 206 corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")), 207 ?match(false, corba_object:not_existent(IOR)), 208 209% catch orber_test_lib:destroy_node(ServerNode, timeout), 210 ok. 211 212%% Allow Access due to valid host 213allow_peerhost_api(_Config) -> 214 [IP] = ?match([_], orber:host()), 215 {ok, ServerNode, ServerHost} = 216 ?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 217 ?ORB_ENV_USE_ACL_INCOMING)}, 218 {iiop_acl, [{tcp_in, IP++"/128", [IP]}]}])), 219 ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []), 220 IOR = 221 ?match({'IOP_IOR',_,_}, 222 corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService", 223 [#'IOP_ServiceContext' 224 {context_id=?ORBER_GENERIC_CTX_ID, 225 context_data = {interface, IP}}])), 226 ?match(false, corba_object:not_existent(IOR, 227 [#'IOP_ServiceContext' 228 {context_id=?ORBER_GENERIC_CTX_ID, 229 context_data = {interface, IP}}])), 230 231% catch orber_test_lib:destroy_node(ServerNode, timeout), 232 ok. 233 234%%----------------------------------------------------------------- 235%% Test corbaloc strings 236%%----------------------------------------------------------------- 237check_address_api(_Config) -> 238 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],"NameService"}, 239 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:C02A:2A2A]/NameService")), 240 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],[]}, 241 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:C02A:2A2A]")), 242 ?match({[[iiop,{1,2},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],"NameService"}, 243 orber_cosnaming_utils:addresses(":1.2@[0:0:0:0:0:FFFF:C02A:2A2A]/NameService")), 244 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],"NameService"}, 245 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:C02A:2A2A]:4001/NameService")), 246 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],"NameService"}, 247 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:C02A:2A2A]:4001/NameService")), 248 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],[]}, 249 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:C02A:2A2A]:4001")), 250 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],[]}, 251 orber_cosnaming_utils:addresses("iiop:1.1@[0:0:0:0:0:FFFF:C02A:2A2A]:4001")), 252 253 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809]],"NameService"}, 254 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:10.11.11.11]/NameService")), 255 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809]],[]}, 256 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:10.11.11.11]")), 257 ?match({[[iiop,{1,2},"0:0:0:0:0:FFFF:10.11.11.11",2809]],"NameService"}, 258 orber_cosnaming_utils:addresses(":1.2@[0:0:0:0:0:FFFF:10.11.11.11]/NameService")), 259 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",4001]],"NameService"}, 260 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:10.11.11.11]:4001/NameService")), 261 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],"NameService"}, 262 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:10.11.11.11]:4001/NameService")), 263 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],[]}, 264 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:10.11.11.11]:4001/")), 265 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],[]}, 266 orber_cosnaming_utils:addresses("iiop:1.1@[0:0:0:0:0:FFFF:10.11.11.11]:4001/")), 267 268 ?match({[[iiop,{1,1},"myhost",4001]],[]}, 269 orber_cosnaming_utils:addresses("iiop:1.1@myhost:4001")), 270 ?match({[[iiop,{1,1},"myhost.full.name",4001]],"NameService"}, 271 orber_cosnaming_utils:addresses("iiop:1.1@myhost.full.name:4001/NameService")), 272 ?match({[[iiop,{1,1},"myhost",4001], 273 [iiop,{1,1},"myhost.full.name",2809]],"NameService"}, 274 orber_cosnaming_utils:addresses("iiop:1.1@myhost:4001,iiop:1.1@myhost.full.name/NameService")), 275 276 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001], 277 [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"}, 278 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:10.11.11.11]:4001,:1.1@[0:0:0:0:0:FFFF:C02A:2A2A]:4001/NameService")), 279 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001], 280 [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], []}, 281 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:10.11.11.11]:4001,:1.1@[0:0:0:0:0:FFFF:C02A:2A2A]:4001")), 282 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",4001], 283 [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"}, 284 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:10.11.11.11]:4001,:1.1@[0:0:0:0:0:FFFF:C02A:2A2A]:4001/NameService")), 285 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001], 286 [iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"}, 287 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:10.11.11.11]:4001,:[0:0:0:0:0:FFFF:C02A:2A2A]:4001/NameService")), 288 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",2809], 289 [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"}, 290 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:10.11.11.11],:1.1@[0:0:0:0:0:FFFF:C02A:2A2A]:4001/NameService")), 291 ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001], 292 [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], "NameService"}, 293 orber_cosnaming_utils:addresses(":1.1@[0:0:0:0:0:FFFF:10.11.11.11]:4001,:1.1@[0:0:0:0:0:FFFF:C02A:2A2A]/NameService")), 294 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809], 295 [iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], "NameService"}, 296 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:10.11.11.11],:[0:0:0:0:0:FFFF:C02A:2A2A]/NameService")), 297 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809], 298 [iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], []}, 299 orber_cosnaming_utils:addresses(":[0:0:0:0:0:FFFF:10.11.11.11],:[0:0:0:0:0:FFFF:C02A:2A2A]/")), 300 ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809], 301 [iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], []}, 302 orber_cosnaming_utils:addresses("iiop:[0:0:0:0:0:FFFF:10.11.11.11],:[0:0:0:0:0:FFFF:C02A:2A2A]/")), 303 304 [IP] = ?match([_], orber:host()), 305 {ok, ServerNode, _ServerHost} = 306 ?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 307 ?ORB_ENV_USE_ACL_INCOMING)}, 308 {iiop_acl, [{tcp_in, IP++"/128"}]}])), 309 ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []), 310 ?match({'IOP_IOR',_,_}, 311 corba:string_to_object("corbaloc::1.2@["++IP++"]:"++integer_to_list(ServerPort)++"/NameService")), 312% catch orber_test_lib:destroy_node(ServerNode, timeout), 313 ok. 314 315 316