From a35e9bf918db0f6fca45d8b0b002a372cff4f982 Mon Sep 17 00:00:00 2001 From: Markus Roberts Date: Fri, 14 Aug 2009 19:41:54 -0700 Subject: Fix for #2531; adds tests to confirm problem and related cases, notes fixes specific issue by eliminating the specal case for opaque strings which caused them to be strings when everything else was arrays; adds nots and pending tests where FQDN support could be added but stops short of a full refactor. --- lib/puppet/network/authstore.rb | 4 +- spec/unit/network/authstore.rb | 94 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 97 insertions(+), 1 deletion(-) create mode 100644 spec/unit/network/authstore.rb diff --git a/lib/puppet/network/authstore.rb b/lib/puppet/network/authstore.rb index 306e1ba8a..4707f36a5 100755 --- a/lib/puppet/network/authstore.rb +++ b/lib/puppet/network/authstore.rb @@ -249,7 +249,7 @@ module Puppet # Does the name match our pattern? def matchname?(name) - name = munge_name(name) unless @name == :opaque + name = munge_name(name) return true if self.pattern == name # If it's an exact match, then just return false, since the @@ -272,6 +272,7 @@ module Puppet # Convert the name to a common pattern. def munge_name(name) # LAK:NOTE http://snurl.com/21zf8 [groups_google_com] + # Change to x = name.downcase.split(".",-1).reverse for FQDN support x = name.downcase.split(".").reverse end @@ -306,6 +307,7 @@ module Puppet raise AuthStoreError, "Invalid IP address pattern %s" % value end when /^([a-zA-Z][-\w]*\.)+[-\w]+$/ # a full hostname + # Change to /^([a-zA-Z][-\w]*\.)+[-\w]+\.?$/ for FQDN support @name = :domain @pattern = munge_name(value) when /^\*(\.([a-zA-Z][-\w]*)){1,}$/ # *.domain.com diff --git a/spec/unit/network/authstore.rb b/spec/unit/network/authstore.rb new file mode 100644 index 000000000..224d67130 --- /dev/null +++ b/spec/unit/network/authstore.rb @@ -0,0 +1,94 @@ +#!/usr/bin/env ruby + +require File.dirname(__FILE__) + '/../../spec_helper' + +require 'puppet/network/authconfig' + +describe Puppet::Network::AuthStore::Declaration do + + describe "when the pattern is simple numeric IP" do + before :each do + @ip = '100.101.99.98' + @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@ip) + end + it "should match the specified IP" do + @declaration.should be_match('www.testsite.org',@ip) + end + it "should not match other IPs" do + @declaration.should_not be_match('www.testsite.org','200.101.99.98') + end + end + + describe "when the pattern is a numeric IP with a back reference" do + before :each do + @ip = '100.101.$1' + @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@ip).interpolate('12.34'.match /(.*)/) + end + it "should match an IP with the apropriate interpolation" do + @declaration.should be_match('www.testsite.org',@ip.sub(/\$1/,'12.34')) + end + it "should not match other IPs" do + @declaration.should_not be_match('www.testsite.org',@ip.sub(/\$1/,'66.34')) + end + end + + describe "when the pattern is a PQDN" do + before :each do + @host = 'spirit.mars.nasa.gov' + @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@host) + end + it "should match the specified PQDN" do + pending "FQDN consensus" + @declaration.should be_match(@host,'200.101.99.98') + end + it "should not match a similar FQDN" do + pending "FQDN consensus" + @declaration.should_not be_match(@host+'.','200.101.99.98') + end + end + + describe "when the pattern is a FQDN" do + before :each do + @host = 'spirit.mars.nasa.gov.' + @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@host) + end + it "should match the specified FQDN" do + pending "FQDN consensus" + @declaration.should be_match(@host,'200.101.99.98') + end + it "should not match a similar PQDN" do + pending "FQDN consensus" + @declaration.should_not be_match(@host[0..-2],'200.101.99.98') + end + end + + + describe "when the pattern is an opaque string with a back reference" do + before :each do + @host = 'c216f41a-f902-4bfb-a222-850dd957bebb' + @item = "/catalog/#{@host}" + @pattern = %{^/catalog/([^/]+)$} + @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1') + end + it "should match an IP with the apropriate interpolation" do + @declaration.interpolate(@item.match(@pattern)).should be_match(@host,'10.0.0.5') + end + end + + describe "when comparing patterns" do + before :each do + @ip = Puppet::Network::AuthStore::Declaration.new(:allow,'127.0.0.1') + @host_name = Puppet::Network::AuthStore::Declaration.new(:allow,'www.hard_knocks.edu') + @opaque = Puppet::Network::AuthStore::Declaration.new(:allow,'hey_dude') + end + it "should consider ip addresses before host names" do + (@ip < @host_name).should be_true + end + it "should consider ip addresses before opaque strings" do + (@ip < @opaque).should be_true + end + it "should consider host_names before opaque strings" do + (@host_name < @opaque).should be_true + end + end +end -- cgit 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 
/* SPDX-License-Identifier: GPL-2.0+ */
/*
 * See file CREDITS for list of people who contributed to this
 * project.
 */

#ifndef __TLV_EEPROM_H_
#define __TLV_EEPROM_H_

/*
 *  The Definition of the TlvInfo EEPROM format can be found at onie.org or
 *  github.com/onie
 */

/*
 * TlvInfo header: Layout of the header for the TlvInfo format
 *
 * See the end of this file for details of this eeprom format
 */
struct __attribute__ ((__packed__)) tlvinfo_header {
	char    signature[8]; /* 0x00 - 0x07 EEPROM Tag "TlvInfo" */
	u8      version;      /* 0x08        Structure version    */
	u16     totallen;     /* 0x09 - 0x0A Length of all data which follows */
};

// Header Field Constants
#define TLV_INFO_ID_STRING      "TlvInfo"
#define TLV_INFO_VERSION        0x01
#define TLV_INFO_MAX_LEN        2048
#define TLV_TOTAL_LEN_MAX       (TLV_INFO_MAX_LEN - \
				sizeof(struct tlvinfo_header))

/*
 * TlvInfo TLV: Layout of a TLV field
 */
struct __attribute__ ((__packed__)) tlvinfo_tlv {
	u8  type;
	u8  length;
	u8  value[0];
};

/* Maximum length of a TLV value in bytes */
#define TLV_VALUE_MAX_LEN        255

/**
 *  The TLV Types.
 *
 *  Keep these in sync with tlv_code_list in cmd/tlv_eeprom.c
 */
#define TLV_CODE_PRODUCT_NAME   0x21
#define TLV_CODE_PART_NUMBER    0x22
#define TLV_CODE_SERIAL_NUMBER  0x23
#define TLV_CODE_MAC_BASE       0x24
#define TLV_CODE_MANUF_DATE     0x25
#define TLV_CODE_DEVICE_VERSION 0x26
#define TLV_CODE_LABEL_REVISION 0x27
#define TLV_CODE_PLATFORM_NAME  0x28
#define TLV_CODE_ONIE_VERSION   0x29
#define TLV_CODE_MAC_SIZE       0x2A
#define TLV_CODE_MANUF_NAME     0x2B
#define TLV_CODE_MANUF_COUNTRY  0x2C
#define TLV_CODE_VENDOR_NAME    0x2D
#define TLV_CODE_DIAG_VERSION   0x2E
#define TLV_CODE_SERVICE_TAG    0x2F
#define TLV_CODE_VENDOR_EXT     0xFD
#define TLV_CODE_CRC_32         0xFE

#if CONFIG_IS_ENABLED(CMD_TLV_EEPROM)

/**
 * read_tlv_eeprom - Read the EEPROM binary data from the hardware
 * @eeprom: Pointer to buffer to hold the binary data
 * @offset: Offset within EEPROM block to read data from
 * @len   : Maximum size of buffer
 * @dev   : EEPROM device to read
 *
 * Note: this routine does not validate the EEPROM data.
 *
 */

int read_tlv_eeprom(void *eeprom, int offset, int len, int dev);

/**
 * write_tlv_eeprom - Write the entire EEPROM binary data to the hardware
 * @eeprom: Pointer to buffer to hold the binary data
 * @len   : Maximum size of buffer
 *
 * Note: this routine does not validate the EEPROM data.
 *
 */
int write_tlv_eeprom(void *eeprom, int len);

/**
 * read_tlvinfo_tlv_eeprom - Read the TLV from EEPROM, and validate
 * @eeprom: Pointer to buffer to hold the binary data. Must point to a buffer
 *          of size at least TLV_INFO_MAX_LEN.
 * @hdr   : Points to pointer to TLV header (output)
 * @first_entry : Points to pointer to first TLV entry (output)
 * @dev   : EEPROM device to read
 *
 * Store the raw EEPROM data from EEPROM @dev in the @eeprom buffer. If TLV is
 * valid set *@hdr and *@first_entry.
 *
 * Returns 0 when read from EEPROM is successful, and the data is valid.
 * Returns <0 error value when EEPROM read fails. Return -EINVAL when TLV is
 * invalid.
 *
 */

int read_tlvinfo_tlv_eeprom(void *eeprom, struct tlvinfo_header **hdr,
			    struct tlvinfo_tlv **first_entry, int dev);

#else /* !CONFIG_IS_ENABLED(CMD_TLV_EEPROM) */

static inline int read_tlv_eeprom(void *eeprom, int offset, int len, int dev)
{
	return -ENOTSUPP;
}

static inline int write_tlv_eeprom(void *eeprom, int len)
{