/* Copyright (c) 2001-2010, The HSQL Development Group
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of the HSQL Development Group nor the names of its
* contributors may be used to endorse or promote products derived from this
* software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL HSQL DEVELOPMENT GROUP, HSQLDB.ORG,
* OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
package org.hsqldb.test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
import org.hsqldb.server.ServerAcl;
import junit.framework.Test;
import java.io.IOException;
import java.io.File;
import java.io.PrintWriter;
import java.io.FileWriter;
import java.net.InetAddress;
import java.util.List;
import java.util.ArrayList;
public class TestAcl extends junit.framework.TestCase {
private ServerAcl aclDefault = null;
private ServerAcl[] aclPermitLocalhosts = null;
private ServerAcl[] aclPermitLocalNets = null;
private ServerAcl[] aclDenyLocalNets = null;
private ServerAcl[] aclDenyLocalhosts = null;
private ServerAcl[] aclPermitAlls = null;
private ServerAcl[] aclDenyAlls = null;
private InetAddress localhostByName = InetAddress.getByName("localhost");
private InetAddress localhostByAddr = InetAddress.getByAddress(new byte[] {
127, 0, 0, 1
});
// Can't depend on any other host name being resolvable :(
private InetAddress otherHostByAddr = InetAddress.getByAddress(new byte[] {
1, 2, 3, 4
});
public TestAcl() throws IOException, ServerAcl.AclFormatException {
commonSetup();
}
public TestAcl(String s) throws IOException, ServerAcl.AclFormatException {
super(s);
commonSetup();
}
private void commonSetup()
throws IOException, ServerAcl.AclFormatException {
boolean verbose = System.getProperty("VERBOSE") != null;
File file;
PrintWriter pw;
List acls = new ArrayList();
file = File.createTempFile("zero", ".txt");
file.deleteOnExit();
(new FileWriter(file)).close();
aclDefault = new ServerAcl(file);
if (verbose) {
aclDefault.setPrintWriter(new PrintWriter(System.out));
}
acls.clear();
file = File.createTempFile("aclDenyAll1", ".txt");
file.deleteOnExit();
pw = new PrintWriter(new FileWriter(file));
pw.println("# Deny all test ACL\n");
pw.println("deny 0.0.0.0/0");
pw.close();
acls.add(new ServerAcl(file));
aclDenyAlls = (ServerAcl[]) acls.toArray(new ServerAcl[0]);
if (verbose) {
for (int i = 0; i < aclDenyAlls.length; i++) {
aclDenyAlls[i].setPrintWriter(new PrintWriter(System.out));
}
}
acls.clear();
file = File.createTempFile("aclPermitLocalhost1", ".txt");
file.deleteOnExit();
pw = new PrintWriter(new FileWriter(file));
pw.println("# Permit Localhost test ACL\n");
pw.println("permit 127.0.0.1");
pw.close();
acls.add(new ServerAcl(file));
file = File.createTempFile("aclPermitLocalhost2", ".txt");
file.deleteOnExit();
pw = new PrintWriter(new FileWriter(file));
pw.println("# Permit Localhost test ACL\n");
pw.println("permit 127.0.0.1/32");
pw.close();
acls.add(new ServerAcl(file));
aclPermitLocalhosts = (ServerAcl[]) acls.toArray(new ServerAcl[0]);
if (verbose) {
for (int i = 0; i < aclPermitLocalhosts.length; i++) {
aclPermitLocalhosts[i].setPrintWriter(
new PrintWriter(System.out));
}
}
acls.clear();
file = File.createTempFile("aclPermitLocalNet1", ".txt");
file.deleteOnExit();
pw = new PrintWriter(new FileWriter(file));
pw.println("# Permit Local Net test ACL\n");
pw.println("permit 127.0.0.0/24");
pw.close();
acls.add(new ServerAcl(file));
aclPermitLocalNets = (ServerAcl[]) acls.toArray(new ServerAcl[0]);
if (verbose) {
for (int i = 0; i < aclPermitLocalNets.length; i++) {
aclPermitLocalNets[i].setPrintWriter(
new PrintWriter(System.out));
}
}
acls.clear();
file = File.createTempFile("aclDenyLocalNet1", ".txt");
file.deleteOnExit();
pw = new PrintWriter(new FileWriter(file));
pw.println("# Deny Local Net test ACL\n");
pw.println("deny 127.0.0.0/24");
pw.println("allow 0.0.0.0/0");
pw.close();
acls.add(new ServerAcl(file));
aclDenyLocalNets = (ServerAcl[]) acls.toArray(new ServerAcl[0]);
if (verbose) {
for (int i = 0; i < aclDenyLocalNets.length; i++) {
aclDenyLocalNets[i].setPrintWriter(
new PrintWriter(System.out));
}
}
acls.clear();
file = File.createTempFile("aclDenyLocalhost1", ".txt");
file.deleteOnExit();
pw = new PrintWriter(new FileWriter(file));
pw.println("# Deny Localhost test ACL\n");
pw.println("deny 127.0.0.1/32");
pw.println("allow 0.0.0.0/0");
pw.close();
acls.add(new ServerAcl(file));
aclDenyLocalhosts = (ServerAcl[]) acls.toArray(new ServerAcl[0]);
if (verbose) {
for (int i = 0; i < aclDenyLocalhosts.length; i++) {
aclDenyLocalhosts[i].setPrintWriter(
new PrintWriter(System.out));
}
}
acls.clear();
file = File.createTempFile("aclPermitAll1", ".txt");
file.deleteOnExit();
pw = new PrintWriter(new FileWriter(file));
pw.println("# Permit all test ACL\n");
pw.println("permit 0.0.0.0/0");
pw.close();
acls.add(new ServerAcl(file));
aclPermitAlls = (ServerAcl[]) acls.toArray(new ServerAcl[0]);
if (verbose) {
for (int i = 0; i < aclPermitAlls.length; i++) {
aclPermitAlls[i].setPrintWriter(new PrintWriter(System.out));
}
}
}
/**
* This method allows to easily run this unit test independent of the other
* unit tests, and without dealing with Ant or unrelated test suites.
*/
static public void main(String[] sa) {
junit.textui.TestRunner runner = new junit.textui.TestRunner();
junit.framework.TestResult result =
runner.run(runner.getTest(TestAcl.class.getName()));
System.exit(result.wasSuccessful() ? 0 : 1);
}
public void testDefaultWithNames() {
assertFalse("Permitting access from localhost with default ACL",
aclDefault.permitAccess(localhostByName.getAddress()));
}
public void testDefaultWithIPs() {
assertFalse("Permitting access from localhost with default ACL",
aclDefault.permitAccess(localhostByAddr.getAddress()));
assertFalse("Permitting access from other host with default ACL",
aclDefault.permitAccess(otherHostByAddr.getAddress()));
}
public void testDenyAllWithNames() {
ServerAcl acl;
for (int i = 0; i < aclDenyAlls.length; i++) {
acl = (ServerAcl) aclDenyAlls[i];
assertFalse("Permitting access from localhost with deny-all ACL",
acl.permitAccess(localhostByName.getAddress()));
}
}
public void testDenyAllWithIPs() {
ServerAcl acl;
for (int i = 0; i < aclDenyAlls.length; i++) {
acl = (ServerAcl) aclDenyAlls[i];
assertFalse("Permitting access from localhost with deny-all ACL",
acl.permitAccess(localhostByAddr.getAddress()));
assertFalse("Permitting access from other host with deny-all ACL",
acl.permitAccess(otherHostByAddr.getAddress()));
}
}
public void testLocalhostOnlyWithNames() {
ServerAcl acl;
for (int i = 0; i < aclPermitLocalhosts.length; i++) {
acl = (ServerAcl) aclPermitLocalhosts[i];
assertTrue(
"Denying access from localhost with localhost-permit ACL",
acl.permitAccess(localhostByName.getAddress()));
}
}
public void testLocalhostOnlyWithIPs() {
ServerAcl acl;
for (int i = 0; i < aclPermitLocalhosts.length; i++) {
acl = (ServerAcl) aclPermitLocalhosts[i];
assertTrue(
"Denying access from localhost with localhost-permit ACL",
acl.permitAccess(localhostByAddr.getAddress()));
assertFalse(
"Permitting access from other host with localhost-permit ACL",
acl.permitAccess(otherHostByAddr.getAddress()));
}
}
public void testNoLocalhostOnlyWithNames() {
ServerAcl acl;
for (int i = 0; i < aclDenyLocalhosts.length; i++) {
acl = (ServerAcl) aclDenyLocalhosts[i];
assertFalse(
"Permitting access from localhost with localhost-deny ACL",
acl.permitAccess(localhostByName.getAddress()));
}
}
public void testNoLocalhostOnlyWithIPs() {
ServerAcl acl;
for (int i = 0; i < aclDenyLocalhosts.length; i++) {
acl = (ServerAcl) aclDenyLocalhosts[i];
assertFalse(
"Permitting access from localhost with localhost-deny ACL",
acl.permitAccess(localhostByAddr.getAddress()));
assertTrue(
"Denying access from other host with localhost-deny ACL",
acl.permitAccess(otherHostByAddr.getAddress()));
}
}
public void testLocalNetOnlyWithNames() {
ServerAcl acl;
for (int i = 0; i < aclPermitLocalNets.length; i++) {
acl = (ServerAcl) aclPermitLocalNets[i];
assertTrue("Denying access from localNet with localNet-permit ACL",
acl.permitAccess(localhostByName.getAddress()));
}
}
public void testLocalNetOnlyWithIPs() {
ServerAcl acl;
for (int i = 0; i < aclPermitLocalNets.length; i++) {
acl = (ServerAcl) aclPermitLocalNets[i];
assertTrue("Denying access from localNet with localNet-permit ACL",
acl.permitAccess(localhostByAddr.getAddress()));
assertFalse(
"Permitting access from other Net with localNet-permit ACL",
acl.permitAccess(otherHostByAddr.getAddress()));
}
}
public void testNoLocalNetOnlyWithNames() {
ServerAcl acl;
for (int i = 0; i < aclDenyLocalNets.length; i++) {
acl = (ServerAcl) aclDenyLocalNets[i];
assertFalse(
"Permitting access from localNet with localNet-deny ACL",
acl.permitAccess(localhostByName.getAddress()));
}
}
public void testNoLocalNetOnlyWithIPs() {
ServerAcl acl;
for (int i = 0; i < aclDenyLocalNets.length; i++) {
acl = (ServerAcl) aclDenyLocalNets[i];
assertFalse(
"Permitting access from localNet with localNet-deny ACL",
acl.permitAccess(localhostByAddr.getAddress()));
assertTrue("Denying access from other Net with localNet-deny ACL",
acl.permitAccess(otherHostByAddr.getAddress()));
}
}
static public Test suite()
throws IOException, ServerAcl.AclFormatException {
TestSuite newSuite = new TestSuite();
newSuite.addTest(new TestAcl("testDefaultWithNames"));
newSuite.addTest(new TestAcl("testDefaultWithIPs"));
newSuite.addTest(new TestAcl("testDenyAllWithNames"));
newSuite.addTest(new TestAcl("testDenyAllWithIPs"));
newSuite.addTest(new TestAcl("testLocalhostOnlyWithNames"));
newSuite.addTest(new TestAcl("testLocalhostOnlyWithIPs"));
newSuite.addTest(new TestAcl("testNoLocalhostOnlyWithNames"));
newSuite.addTest(new TestAcl("testNoLocalhostOnlyWithIPs"));
newSuite.addTest(new TestAcl("testLocalNetOnlyWithNames"));
newSuite.addTest(new TestAcl("testLocalNetOnlyWithIPs"));
newSuite.addTest(new TestAcl("testNoLocalNetOnlyWithNames"));
newSuite.addTest(new TestAcl("testNoLocalNetOnlyWithIPs"));
return newSuite;
}
}