1: %%
    2: %% %CopyrightBegin%
    3: %%
    4: %% Copyright Ericsson AB 2004-2011. All Rights Reserved.
    5: %%
    6: %% The contents of this file are subject to the Erlang Public License,
    7: %% Version 1.1, (the "License"); you may not use this file except in
    8: %% compliance with the License. You should have received a copy of the
    9: %% Erlang Public License along with this software. If not, it can be
   10: %% retrieved online at http://www.erlang.org/.
   11: %%
   12: %% Software distributed under the License is distributed on an "AS IS"
   13: %% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
   14: %% the License for the specific language governing rights and limitations
   15: %% under the License.
   16: %%
   17: %% %CopyrightEnd%
   18: %%
   19: %%
   20: 
   21: -module(orber_firewall_ipv6_in_SUITE).
   22: 
   23: -include_lib("test_server/include/test_server.hrl").
   24: -include_lib("orber/include/corba.hrl").
   25: -include_lib("orber/COSS/CosNaming/CosNaming.hrl").
   26: -include_lib("orber/src/orber_iiop.hrl").
   27: -include_lib("orber/src/ifr_objects.hrl").
   28: -include("idl_output/orber_test_server.hrl").
   29: -include_lib("orber/COSS/CosNaming/CosNaming_NamingContextExt.hrl").
   30: -include_lib("orber/COSS/CosNaming/CosNaming_NamingContext.hrl").
   31: 
   32: -define(default_timeout, ?t:minutes(15)).
   33: 
   34: -define(match(ExpectedRes,Expr),
   35: 	fun() ->
   36: 		AcTuAlReS = (catch (Expr)),
   37: 		case AcTuAlReS of
   38: 		    ExpectedRes ->
   39: 			io:format("------ CORRECT RESULT ------~n~p~n",
   40: 				 [AcTuAlReS]),
   41: 			AcTuAlReS;
   42: 		    _ ->
   43: 			io:format("###### ERROR ERROR ######~nRESULT:  ~p~n",
   44: 				  [AcTuAlReS]),
   45: 			?line exit(AcTuAlReS)
   46: 		end
   47: 	end()).
   48: 
   49: %%-----------------------------------------------------------------
   50: %% External exports
   51: %%-----------------------------------------------------------------
   52: -export([all/0, suite/0,groups/0,init_per_group/2,end_per_group/2, cases/0, 
   53: 	 init_per_suite/1, end_per_suite/1, 
   54: 	 init_per_testcase/2, end_per_testcase/2,  
   55: 	 deny_port_api/1, deny_port_range_api/1, deny_host_api/1, 
   56: 	 deny_peerhost_api/1, allow_port_range_api/1,
   57: 	 allow_host_api/1, allow_peerhost_api/1, check_address_api/1]).
   58: 
   59: %%-----------------------------------------------------------------
   60: %% Func: all/1
   61: %% Args: 
   62: %% Returns: 
   63: %%-----------------------------------------------------------------
   64: suite() -> [{ct_hooks,[ts_install_cth]}].
   65: 
   66: all() -> 
   67:     cases().
   68: 
   69: groups() -> 
   70:     [].
   71: 
   72: init_per_group(_GroupName, Config) ->
   73:     Config.
   74: 
   75: end_per_group(_GroupName, Config) ->
   76:     Config.
   77: 
   78: 
   79: %% NOTE - the fragment test cases must bu first since we explicitly set a request
   80: %% id. Otherwise, the request-id counter would be increased and we cannot know
   81: %% what it is.
   82: cases() -> 
   83:     [deny_port_api, deny_port_range_api, deny_host_api,
   84:      deny_peerhost_api, allow_port_range_api, allow_host_api,
   85:      allow_peerhost_api, check_address_api].
   86: 
   87: 
   88: init_per_testcase(_Case, Config) ->
   89:     ?line Dog=test_server:timetrap(?default_timeout),
   90:     orber:jump_start([{iiop_port, 0},
   91: 		      {iiop_out_ports, {5980, 6000}},
   92: 		      {flags, ?ORB_ENV_USE_IPV6}]),
   93:     [{watchdog, Dog}|Config].
   94: 
   95: 
   96: end_per_testcase(_Case, Config) ->
   97:     orber:jump_stop(),
   98:     Dog = ?config(watchdog, Config),
   99:     test_server:timetrap_cancel(Dog),
  100:     ok.
  101: 
  102: init_per_suite(Config) ->
  103:     case orber_test_lib:version_ok() of
  104: 	true ->
  105: 	    if
  106: 		is_list(Config) ->
  107: 		    Config;
  108: 		true ->
  109: 		    exit("Config not a list")
  110: 	    end;
  111: 	Reason ->
  112: 	    Reason
  113:     end.
  114: 
  115: end_per_suite(Config) ->
  116:     Config.
  117: 
  118: 
  119: %%-----------------------------------------------------------------
  120: %%  Incomming connections - Deny
  121: %%-----------------------------------------------------------------
  122: deny_port_api(doc) -> ["Deny Access due to invalid local port"];
  123: deny_port_api(suite) -> [];
  124: deny_port_api(_Config) ->
  125:     [IP] = ?match([_], orber:host()),
  126:     {ok, ServerNode, ServerHost} = 
  127: 	?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 
  128: 							  ?ORB_ENV_USE_ACL_INCOMING)},
  129: 						 {iiop_acl, [{tcp_in, IP++"/128#7000"}]}])),
  130:     ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
  131:     ?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}}, 
  132: 	   corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
  133: 						%    ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
  134:     ok.
  135: 
  136: deny_port_range_api(doc) -> ["Deny Access due to invalid local port range"];
  137: deny_port_range_api(suite) -> [];
  138: deny_port_range_api(_Config) ->
  139:     [IP] = ?match([_], orber:host()),
  140:     {ok, ServerNode, ServerHost} = 
  141: 	?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 
  142: 							  ?ORB_ENV_USE_ACL_INCOMING)},
  143: 						 {iiop_acl, [{tcp_in, IP++"/128#7000/8000"}]}])),
  144:     ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
  145:     ?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}}, 
  146: 	   corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
  147: %    ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
  148:     ok.
  149: 
  150: 
  151: deny_host_api(doc) -> ["Deny Access due to invalid host"];
  152: deny_host_api(suite) -> [];
  153: deny_host_api(_Config) ->
  154:     {ok, ServerNode, ServerHost} = 
  155: 	?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 
  156: 							  ?ORB_ENV_USE_ACL_INCOMING)},
  157: 						 {iiop_acl, [{tcp_in, "0:0:0:0:0:0:10.1.1.1/128"}]}])),
  158:     ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
  159:     ?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}}, 
  160: 	   corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
  161: %    ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
  162:     ok.
  163: 
  164: deny_peerhost_api(doc) -> ["Deny Access due to invalid peer host"];
  165: deny_peerhost_api(suite) -> [];
  166: deny_peerhost_api(_Config) ->
  167:     [IP] = ?match([_], orber:host()),
  168:     {ok, ServerNode, ServerHost} = 
  169: 	?match({ok,_,_}, 
  170: 	       orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 
  171: 						?ORB_ENV_USE_ACL_INCOMING)},
  172: 				       {iiop_acl, [{tcp_in, IP++"/128", ["0:0:0:0:0:0:10.1.1.1"]}]}])),
  173:     ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
  174:     ?match({'EXCEPTION', #'CosNaming_NamingContextExt_InvalidAddress'{}}, 
  175: 	   corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
  176: %    ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
  177:     ok.
  178: 
  179: %%-----------------------------------------------------------------
  180: %%  Incomming connections - Allow
  181: %%-----------------------------------------------------------------
  182: allow_port_range_api(doc) -> ["Allow Access due to valid local port range"];
  183: allow_port_range_api(suite) -> [];
  184: allow_port_range_api(_Config) ->
  185:     [IP] = ?match([_], orber:host()),
  186:     {ok, ServerNode, ServerHost} = 
  187: 	?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 
  188: 							  ?ORB_ENV_USE_ACL_INCOMING)},
  189: 						 {iiop_acl, [{tcp_in, IP++"/128#5980/6000"}]}])),
  190:     ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
  191:     IOR = 
  192: 	?match({'IOP_IOR',_,_},
  193: 	       corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
  194:     ?match(false, corba_object:not_existent(IOR)),
  195: %    ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
  196:     ok.
  197: 
  198: 
  199: allow_host_api(doc) -> ["Allow Access due to valid host"];
  200: allow_host_api(suite) -> [];
  201: allow_host_api(_Config) ->
  202:     [IP] = ?match([_], orber:host()),
  203:     {ok, ServerNode, ServerHost} = 
  204: 	?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 
  205: 							  ?ORB_ENV_USE_ACL_INCOMING)},
  206: 						 {iiop_acl, [{tcp_in, IP++"/128"}]}])),
  207:     ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
  208:     IOR =
  209: 	?match({'IOP_IOR',_,_}, 
  210: 	       corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService")),
  211:     ?match(false, corba_object:not_existent(IOR)),
  212: 
  213: %    ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
  214:     ok.
  215: 
  216: allow_peerhost_api(doc) -> ["Allow Access due to valid host"];
  217: allow_peerhost_api(suite) -> [];
  218: allow_peerhost_api(_Config) ->
  219:     [IP] = ?match([_], orber:host()),
  220:     {ok, ServerNode, ServerHost} = 
  221: 	?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 
  222: 							  ?ORB_ENV_USE_ACL_INCOMING)},
  223: 						 {iiop_acl, [{tcp_in, IP++"/128", [IP]}]}])),
  224:     ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
  225:     IOR = 
  226: 	?match({'IOP_IOR',_,_}, 
  227: 	       corba:string_to_object("corbaloc::1.2@"++ServerHost++":"++integer_to_list(ServerPort)++"/NameService",
  228: 				      [#'IOP_ServiceContext'
  229: 				       {context_id=?ORBER_GENERIC_CTX_ID, 
  230: 					context_data = {interface, IP}}])),
  231:     ?match(false, corba_object:not_existent(IOR,
  232: 					    [#'IOP_ServiceContext'
  233: 					     {context_id=?ORBER_GENERIC_CTX_ID, 
  234: 					      context_data = {interface, IP}}])),
  235:     
  236: %    ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
  237:     ok.
  238: 
  239: %%-----------------------------------------------------------------
  240: %%  Test corbaloc strings
  241: %%-----------------------------------------------------------------
  242: check_address_api(doc) -> ["Test corbaloc strings"];
  243: check_address_api(suite) -> [];
  244: check_address_api(_Config) ->
  245:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],"NameService"},
  246: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:C02A:2A2A/NameService")),
  247:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],[]},
  248: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:C02A:2A2A")),
  249:     ?match({[[iiop,{1,2},"0:0:0:0:0:FFFF:C02A:2A2A",2809]],"NameService"},
  250: 	   orber_cosnaming_utils:addresses(":1.2@0:0:0:0:0:FFFF:C02A:2A2A/NameService")),
  251:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],"NameService"},
  252: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
  253:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],"NameService"},
  254: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
  255:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],[]},
  256: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001")),
  257:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]],[]},
  258: 	   orber_cosnaming_utils:addresses("iiop:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001")),
  259: 
  260:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809]],"NameService"},
  261: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11/NameService")),
  262:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809]],[]},
  263: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11")),
  264:     ?match({[[iiop,{1,2},"0:0:0:0:0:FFFF:10.11.11.11",2809]],"NameService"},
  265: 	   orber_cosnaming_utils:addresses(":1.2@0:0:0:0:0:FFFF:10.11.11.11/NameService")),
  266:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",4001]],"NameService"},
  267: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11:4001/NameService")),
  268:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],"NameService"},
  269: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001/NameService")),
  270:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],[]},
  271: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001/")),
  272:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001]],[]},
  273: 	   orber_cosnaming_utils:addresses("iiop:1.1@0:0:0:0:0:FFFF:10.11.11.11:4001/")),
  274: 
  275:     ?match({[[iiop,{1,1},"myhost",4001]],[]},
  276: 	   orber_cosnaming_utils:addresses("iiop:1.1@myhost:4001")),
  277:     ?match({[[iiop,{1,1},"myhost.full.name",4001]],"NameService"},
  278: 	   orber_cosnaming_utils:addresses("iiop:1.1@myhost.full.name:4001/NameService")),
  279:     ?match({[[iiop,{1,1},"myhost",4001], 
  280: 	     [iiop,{1,1},"myhost.full.name",2809]],"NameService"},
  281: 	   orber_cosnaming_utils:addresses("iiop:1.1@myhost:4001,iiop:1.1@myhost.full.name/NameService")),
  282: 
  283:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001],
  284: 	     [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"},
  285: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001,:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
  286:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001],
  287: 	     [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], []},
  288: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001,:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001")),
  289:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",4001],
  290: 	     [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"},
  291: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11:4001,:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
  292:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001],
  293: 	     [iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"},
  294: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001,:0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
  295:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",2809],
  296: 	     [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",4001]], "NameService"},
  297: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11,:1.1@0:0:0:0:0:FFFF:C02A:2A2A:4001/NameService")),
  298:     ?match({[[iiop,{1,1},"0:0:0:0:0:FFFF:10.11.11.11",4001],
  299: 	     [iiop,{1,1},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], "NameService"},
  300: 	   orber_cosnaming_utils:addresses(":1.1@0:0:0:0:0:FFFF:10.11.11.11:4001,:1.1@0:0:0:0:0:FFFF:C02A:2A2A/NameService")),
  301:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809],
  302: 	     [iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], "NameService"},
  303: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11,:0:0:0:0:0:FFFF:C02A:2A2A/NameService")),
  304:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809],
  305: 	     [iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], []},
  306: 	   orber_cosnaming_utils:addresses(":0:0:0:0:0:FFFF:10.11.11.11,:0:0:0:0:0:FFFF:C02A:2A2A/")),
  307:     ?match({[[iiop,{1,0},"0:0:0:0:0:FFFF:10.11.11.11",2809],
  308: 	     [iiop,{1,0},"0:0:0:0:0:FFFF:C02A:2A2A",2809]], []},
  309: 	   orber_cosnaming_utils:addresses("iiop:0:0:0:0:0:FFFF:10.11.11.11,:0:0:0:0:0:FFFF:C02A:2A2A/")),
  310: 
  311:     [IP] = ?match([_], orber:host()),
  312:     {ok, ServerNode, _ServerHost} = 
  313: 	?match({ok,_,_}, orber_test_lib:js_node([{flags, (?ORB_ENV_USE_IPV6 bor 
  314: 							  ?ORB_ENV_USE_ACL_INCOMING)},
  315: 						 {iiop_acl, [{tcp_in, IP++"/128"}]}])),
  316:     ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_port, []),
  317:     ?match({'IOP_IOR',_,_}, 
  318: 	   corba:string_to_object("corbaloc::1.2@"++IP++":"++integer_to_list(ServerPort)++"/NameService")),
  319: %    ?line catch orber_test_lib:destroy_node(ServerNode, timeout),
  320:     ok.
  321: 
  322: