blob: 1a35ec34cb9fbb7044e87a6f16d0de0a8fb1a9fc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
;;; nsm-tests.el --- tests for network security manager -*- lexical-binding: t; -*-
;; Copyright (C) 2019-2021 Free Software Foundation, Inc.
;; Author: Robert Pluim <rpluim@gmail.com>
;; This file is part of GNU Emacs.
;; GNU Emacs is free software: you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation, either version 3 of the License, or
;; (at your option) any later version.
;; GNU Emacs is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;; You should have received a copy of the GNU General Public License
;; along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>.
;;; Commentary:
;;; Code:
(require 'nsm)
(eval-when-compile (require 'cl-lib))
(ert-deftest nsm-check-local-subnet-ipv4 ()
"Check that nsm can be avoided for local subnets."
(let ((local-ip '[172 26 128 160 0])
(mask '[255 255 255 0 0])
(wrong-length-mask '[255 255 255])
(wrong-mask '[255 255 255 255 0])
(remote-ip-yes '[172 26 128 161 0])
(remote-ip-no '[172 26 129 161 0]))
(should (eq t (nsm-network-same-subnet local-ip mask remote-ip-yes)))
(should (eq nil (nsm-network-same-subnet local-ip mask remote-ip-no)))
(should-error (nsm-network-same-subnet local-ip wrong-length-mask remote-ip-yes))
(should (eq nil (nsm-network-same-subnet local-ip wrong-mask remote-ip-yes)))
(should (eq t (nsm-should-check "google.com")))
(should (eq t (nsm-should-check "127.0.0.1")))
(should (eq t (nsm-should-check "localhost")))
(let ((nsm-trust-local-network t))
(should (eq t (nsm-should-check "google.com")))
(should (eq nil (nsm-should-check "127.0.0.1")))
(should (eq nil (nsm-should-check "localhost"))))))
;; This will need updating when IANA assign more IPv6 global ranges.
(defun ipv6-is-available ()
(and (featurep 'make-network-process '(:family ipv6))
(cl-rassoc-if
(lambda (elt)
(and (eq 9 (length elt))
(= (logand (aref elt 0) #xe000) #x2000)))
(network-interface-list))))
(ert-deftest nsm-check-local-subnet-ipv6 ()
(skip-unless (ipv6-is-available))
(let ((local-ip '[123 456 789 11 172 26 128 160 0])
(mask '[255 255 255 255 255 255 255 0 0])
(wrong-length-mask '[255 255 255 255 255 255 255])
(wrong-mask '[255 255 255 255 255 255 255 255 0])
(remote-ip-yes '[123 456 789 11 172 26 128 161 0])
(remote-ip-no '[123 456 789 11 172 26 129 161 0]))
(should (eq t (nsm-network-same-subnet local-ip mask remote-ip-yes)))
(should (eq nil (nsm-network-same-subnet local-ip mask remote-ip-no)))
(should-error (nsm-network-same-subnet local-ip wrong-length-mask remote-ip-yes))
(should (eq nil (nsm-network-same-subnet local-ip wrong-mask remote-ip-yes))))
(should (eq t (nsm-should-check "::1")))
(let ((nsm-trust-local-network t))
(should (eq nil (nsm-should-check "::1")))))
;;; nsm-tests.el ends here
|
