Warning: This is old version of the site! Return to the current version.

12 Aug 2004
  Coca no es cocaina. Coca es la hoja sagrada.
  Jallalla Bolivia, jallalla Oruro,
  Soy de los cocanis alma, vida y corazon.

    -- Savia Andina


Added chapters about ordinal and monetary numerals.

Anubis authmode testsuite


The testsuite driver starts anubis daemon in authmode as follows:

  anubis --norc --relax-perm-check --altrc target.rc

where target.rc is the full filename to the configuration file for this instance of the program. It contents is described in detail in the next section.

Now, anubis switches to the daemon mode. Theoretically, we could have used DejaGNU's remote.exp to talk to the daemon. However, DejaGNU is not able to handle TLS encryption, so this method does not suite our needs.

Instead we launch a second copy of anubis, but this time using the following command line:

  anubis -Dfi --norc --relax-perm-check --altrc interface.rc

This instance of the program remains in foreground and DejaGNU talks to it using already existing anubis.exp module. Moreover, all the testcases can be run without modifications.

The following diagram illustrates data flow between main testsuite program and anubis daemon.


Configuration files

As usual, both target and interface configuration files are created from their corresponding *.in source files. The purpose of this step is to expand variables TESTDIR and TOP_SRCDIR, thereby providing correct paths to data and binary files. Usually this is done on compilation time by testsuite/etc/Makefile.am. However, to launch the first (authmode) instance of anubis we need to know the port number to bind to. Using any predefined port number is not a good idea, as it may be in use at the time the testsuite is run. Prompting the user to supply the port number is even worst.

The solution is to select the first available port number among TCP port range 1025-65535. For this purpose we use findport.c from the GNU Radius package.

The corresponding part of DejaGNU source will look like:

  # Prepare a sed expression:
  set sed_expr [remote_exec host "$FINDPORT -c1 -s1025 -f's^@AUTH_PORT@^%d^;'"]
  append sed_expr "s^TESTDIR^[board_info $host_board srcdir]^;"
  append sed_expr "s^TOP_SRCDIR^[board_info $host_board top_srcdir]^"
  # Create target configuration file
  set output [remote_exec host \
             "sed -e '$sed_expr' \
               [board_info $host_board top_srcdir]/testsuite/etc/target.in"]
  save_to_file "[board_info $host_board srcdir]/etc/target.rc" $output

  ... Run 'anubis --altrc target.rc' here ...

  # Create interface configuration file
  set output [remote_exec host \
             "sed -e '$sed_expr' \
               [board_info $host_board top_srcdir]/testsuite/etc/interface.in"]
  save_to_file "[board_info $host_board srcdir]/etc/interface.rc" $output

It is supposed that save_to_file writes to the file whose name is given in its first argument the lines from the list given as its second argument.

The amount of time elapsed between creation of the target configuration file and launching first anubis instance should be as small as possible, in order to diminish the probability of some other process occupying the port number retuned by findport. So, it is preferable to start first anubis instance right after creating configuration file for it.

Theoretically, it is still possible that by the time first anubis starts up the port number will become occupied. This will cause the testsuite to fail, so we should make sure an appropriate diagnostic message will be issued.

However, the probability of such failure is quite small. I have been using this approach in GNU Radius testsuite for more than four years and I cannot remember ever having encountered such a situation.

Given all the above, let's now see what should the configuration files contain.

Target configuration file, target.in

    mode auth
    bind @ANUBIS_PORT@
    local-mta TESTDIR/mta -bs -d TESTDIR/etc/mta.log \
              -c TOP_SRCDIR/testsuite/data/anubis.pem \
              -k TOP_SRCDIR/testsuite/data/anubis.pem
    logfile TESTDIR/etc/anubis.log
    ssl yes
    ssl-key TOP_SRCDIR/testsuite/data/anubis.pem
    ssl-cert TOP_SRCDIR/testsuite/data/anubis.pem

    sasl-password-db text://TOP_SRCDIR/testsuite/data/anubis.textdb 
    sasl-allowed-mech CRAM-MD5 DIGEST-MD5 
    # Err, a practical joke:
    smtp-greeting-message "Hej, sloneczko"
    smtp-help-message "Czlowieku, dopomoz sobie sam!"

Interface configuration file, interface.in

    logfile TESTDIR/etc/anubis.log
    remote-mta localhost:@ANUBIS_PORT@
    ssl-oneway yes
    esmtp-auth anubis:guessme


To be continued...