4
%% Copyright Ericsson AB 2004-2011. All Rights Reserved.
6
%% The contents of this file are subject to the Erlang Public License,
7
%% Version 1.1, (the "License"); you may not use this file except in
8
%% compliance with the License. You should have received a copy of the
9
%% Erlang Public License along with this software. If not, it can be
10
%% retrieved online at http://www.erlang.org/.
12
%% Software distributed under the License is distributed on an "AS IS"
13
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
14
%% the License for the specific language governing rights and limitations
21
-module(orber_firewall_ipv6_in_SUITE).
23
-include_lib("test_server/include/test_server.hrl").
24
-include_lib("orber/include/corba.hrl").
25
-include_lib("orber/COSS/CosNaming/CosNaming.hrl").
26
-include_lib("orber/src/orber_iiop.hrl").
27
-include_lib("orber/src/ifr_objects.hrl").
28
-include("idl_output/orber_test_server.hrl").
29
-include_lib("orber/COSS/CosNaming/CosNaming_NamingContextExt.hrl").
30
-include_lib("orber/COSS/CosNaming/CosNaming_NamingContext.hrl").
32
-define(default_timeout, ?t:minutes(15)).
34
-define(match(ExpectedRes,Expr),
36
AcTuAlReS = (catch (Expr)),
39
io:format("------ CORRECT RESULT ------~n~p~n",
43
io:format("###### ERROR ERROR ######~nRESULT: ~p~n",
49
%%-----------------------------------------------------------------
51
%%-----------------------------------------------------------------
52
-export([all/0, suite/0,groups/0,init_per_group/2,end_per_group/2, cases/0,
53
init_per_suite/1, end_per_suite/1,
54
init_per_testcase/2, end_per_testcase/2,
55
deny_port_api/1, deny_port_range_api/1, deny_host_api/1,
56
deny_peerhost_api/1, allow_port_range_api/1,
57
allow_host_api/1, allow_peerhost_api/1, check_address_api/1]).
59
%%-----------------------------------------------------------------
63
%%-----------------------------------------------------------------
64
suite() -> [{ct_hooks,[ts_install_cth]}].
72
init_per_group(_GroupName, Config) ->
75
end_per_group(_GroupName, Config) ->
79
%% NOTE - the fragment test cases must bu first since we explicitly set a request
80
%% id. Otherwise, the request-id counter would be increased and we cannot know
83
[deny_port_api, deny_port_range_api, deny_host_api,
84
deny_peerhost_api, allow_port_range_api, allow_host_api,
85
allow_peerhost_api, check_address_api].
88
init_per_testcase(_Case, Config) ->
89
?line Dog=test_server:timetrap(?default_timeout),
90
orber:jump_start([{iiop_port, 0},
91
{iiop_out_ports, {5980, 6000}},
92
{flags, ?ORB_ENV_USE_IPV6}]),
93
[{watchdog, Dog}|Config].
96
end_per_testcase(_Case, Config) ->
98
Dog = ?config(watchdog, Config),
99
test_server:timetrap_cancel(Dog),
102
init_per_suite(Config) ->
103
case orber_test_lib:version_ok() of
109
exit("Config not a list")
115
end_per_suite(Config) ->
119
%%-----------------------------------------------------------------
120
%% Incomming connections - Deny
121
%%-----------------------------------------------------------------
122
deny_port_api(doc) -> ["Deny Access due to invalid local port"];
123
deny_port_api(suite) -> [];
124
deny_port_api(_Config) ->
125
[IP] = ?match([_], orber:host()),
126
{ok, ServerNode, ServerHost} =
127
?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor
128
?ORB_ENV_USE_ACL_INCOMING)},
129
{iiop_acl, [{tcp_in, IP++"/128#7000"}]}])),
130
ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
131
?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}},
132
corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
133
% ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
136
deny_port_range_api(doc) -> ["Deny Access due to invalid local port range"];
137
deny_port_range_api(suite) -> [];
138
deny_port_range_api(_Config) ->
139
[IP] = ?match([_], orber:host()),
140
{ok, ServerNode, ServerHost} =
141
?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor
142
?ORB_ENV_USE_ACL_INCOMING)},
143
{iiop_acl, [{tcp_in, IP++"/128#7000/8000"}]}])),
144
ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
145
?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}},
146
corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
147
% ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
151
deny_host_api(doc) -> ["Deny Access due to invalid host"];
152
deny_host_api(suite) -> [];
153
deny_host_api(_Config) ->
154
{ok, ServerNode, ServerHost} =
155
?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor
156
?ORB_ENV_USE_ACL_INCOMING)},
157
{iiop_acl, [{tcp_in, "0:0:0:0:0:0:10.1.1.1/128"}]}])),
158
ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
159
?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}},
160
corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
161
% ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
164
deny_peerhost_api(doc) -> ["Deny Access due to invalid peer host"];
165
deny_peerhost_api(suite) -> [];
166
deny_peerhost_api(_Config) ->
167
[IP] = ?match([_], orber:host()),
168
{ok, ServerNode, ServerHost} =
170
orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor
171
?ORB_ENV_USE_ACL_INCOMING)},
172
{iiop_acl, [{tcp_in, IP++"/128", ["0:0:0:0:0:0:10.1.1.1"]}]}])),
173
ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
174
?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}},
175
corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
176
% ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
179
%%-----------------------------------------------------------------
180
%% Incomming connections - Allow
181
%%-----------------------------------------------------------------
182
allow_port_range_api(doc) -> ["Allow Access due to valid local port range"];
183
allow_port_range_api(suite) -> [];
184
allow_port_range_api(_Config) ->
185
[IP] = ?match([_], orber:host()),
186
{ok, ServerNode, ServerHost} =
187
?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor
188
?ORB_ENV_USE_ACL_INCOMING)},
189
{iiop_acl, [{tcp_in, IP++"/128#5980/6000"}]}])),
190
ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
192
?match({'IOP_IOR',_,_},
193
corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
194
?match(false, corba_object:not_existent(IOR)),
195
% ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
199
allow_host_api(doc) -> ["Allow Access due to valid host"];
200
allow_host_api(suite) -> [];
201
allow_host_api(_Config) ->
202
[IP] = ?match([_], orber:host()),
203
{ok, ServerNode, ServerHost} =
204
?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor
205
?ORB_ENV_USE_ACL_INCOMING)},
206
{iiop_acl, [{tcp_in, IP++"/128"}]}])),
207
ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
209
?match({'IOP_IOR',_,_},
210
corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
211
?match(false, corba_object:not_existent(IOR)),
213
% ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
216
allow_peerhost_api(doc) -> ["Allow Access due to valid host"];
217
allow_peerhost_api(suite) -> [];
218
allow_peerhost_api(_Config) ->
219
[IP] = ?match([_], orber:host()),
220
{ok, ServerNode, ServerHost} =
221
?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor
222
?ORB_ENV_USE_ACL_INCOMING)},
223
{iiop_acl, [{tcp_in, IP++"/128", [IP]}]}])),
224
ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
226
?match({'IOP_IOR',_,_},
227
corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService",
228
[#'IOP_ServiceContext'
229
{context_id=?ORBER_GENERIC_CTX_ID,
230
context_data = {interface, IP}}])),
231
?match(false, corba_object:not_existent(IOR,
232
[#'IOP_ServiceContext'
233
{context_id=?ORBER_GENERIC_CTX_ID,
234
context_data = {interface, IP}}])),
236
% ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
239
%%-----------------------------------------------------------------
240
%% Test corbaloc strings
241
%%-----------------------------------------------------------------
242
check_address_api(doc) -> ["Test corbaloc strings"];
243
check_address_api(suite) -> [];
244
check_address_api(_Config) ->
245
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],"NameService"},
246
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:C02A:2A2A/NameService")),
247
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],[]},
248
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:C02A:2A2A")),
249
?match({[[iiop,{1,2},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],"NameService"},
250
orber_cosnaming_utils:addresses(":1.2@0:0:0:0:0:FFFF:C02A:2A2A/NameService")),
251
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],"NameService"},
252
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
253
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],"NameService"},
254
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
255
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],[]},
256
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001")),
257
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],[]},
258
orber_cosnaming_utils:addresses("iiop:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001")),
260
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809]],"NameService"},
261
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11/NameService")),
262
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809]],[]},
263
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11")),
264
?match({[[iiop,{1,2},"0:0:0:0:0:FFFF:10.11.11.11",2809]],"NameService"},
265
orber_cosnaming_utils:addresses(":1.2@0:0:0:0:0:FFFF:10.11.11.11/NameService")),
266
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",4001]],"NameService"},
267
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11:4001/NameService")),
268
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],"NameService"},
269
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001/NameService")),
270
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],[]},
271
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001/")),
272
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],[]},
273
orber_cosnaming_utils:addresses("iiop:1.1@0:0:0:0:0:FFFF:10.11.11.11:4001/")),
275
?match({[[iiop,{1,1},"myhost",4001]],[]},
276
orber_cosnaming_utils:addresses("iiop:1.1@myhost:4001")),
277
?match({[[iiop,{1,1},"myhost.full.name",4001]],"NameService"},
278
orber_cosnaming_utils:addresses("iiop:1.1@myhost.full.name:4001/NameService")),
279
?match({[[iiop,{1,1},"myhost",4001],
280
[iiop,{1,1},"myhost.full.name",2809]],"NameService"},
281
orber_cosnaming_utils:addresses("iiop:1.1@myhost:4001,iiop:1.1@myhost.full.name/NameService")),
283
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001],
284
[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"},
285
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001,:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
286
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001],
287
[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], []},
288
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001,:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001")),
289
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",4001],
290
[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"},
291
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11:4001,:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
292
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001],
293
[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"},
294
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001,:0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
295
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",2809],
296
[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"},
297
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11,:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
298
?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001],
299
[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], "NameService"},
300
orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001,:1.1@0:0:0:0:0:FFFF:C02A:2A2A/NameService")),
301
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809],
302
[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], "NameService"},
303
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11,:0:0:0:0:0:FFFF:C02A:2A2A/NameService")),
304
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809],
305
[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], []},
306
orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11,:0:0:0:0:0:FFFF:C02A:2A2A/")),
307
?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809],
308
[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], []},
309
orber_cosnaming_utils:addresses("iiop:0:0:0:0:0:FFFF:10.11.11.11,:0:0:0:0:0:FFFF:C02A:2A2A/")),
311
[IP] = ?match([_], orber:host()),
312
{ok, ServerNode, _ServerHost} =
313
?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor
314
?ORB_ENV_USE_ACL_INCOMING)},
315
{iiop_acl, [{tcp_in, IP++"/128"}]}])),
316
ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
317
?match({'IOP_IOR',_,_},
318
corba:string_to_object("corbaloc::1.2@"++IP++":"++integer_to_list(ServerPort)++"/NameService")),
319
% ?line catch orber_test_lib:destroy_node(ServerNode, timeout),