[3547] Added test to check raw socket drops packets w/ wrong destination.

src/lib/dhcp/tests/pkt_filter_bpf_unittest.cc

@@ -1,4 +1,4 @@
-// Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2014, 2015 Internet Systems Consortium, Inc. ("ISC")
 //
 // Permission to use, copy, modify, and/or distribute this software for any
 // purpose with or without fee is hereby granted, provided that the above
@@ -202,4 +202,41 @@ TEST_F(PktFilterBPFTest, DISABLED_receive) {
     testRcvdMessage(rcvd_pkt);
 }
 
+// This test verifies that if the packet is received over the raw
+// socket and its destination address doesn't match the address
+// to which the socket is "bound", the packet is dropped.
+TEST_F(PktFilterBPFTest, DISABLED_filterOutUnicast) {
+
+    // Packet will be received over loopback interface.
+    Iface iface(ifname_, ifindex_);
+    iface.flag_loopback_ = true;
+    IOAddress addr("127.0.0.1");
+
+    // Create an instance of the class which we are testing.
+    PktFilterBPF pkt_filter;
+    // Open socket. We don't check that the socket has appropriate
+    // options and family set because we have checked that in the
+    // openSocket test already.
+    sock_info_ = pkt_filter.openSocket(iface, addr, PORT, false, false);
+    ASSERT_GE(sock_info_.sockfd_, 0);
+
+    // The message sent to the local loopback interface will have an
+    // invalid (non-existing) destination address. The socket should
+    // drop this packet.
+    sendMessage(IOAddress("128.0.0.1"));
+
+    // Perform select on the socket to make sure that the packet has
+    // been dropped.
+
+    fd_set readfds;
+    FD_ZERO(&readfds);
+    FD_SET(sock_info_.sockfd_, &readfds);
+
+    struct timeval timeout;
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+    int result = select(sock_info_.sockfd_ + 1, &readfds, NULL, NULL, &timeout);
+    ASSERT_LE(result, 0);
+}
+
 } // anonymous namespace

src/lib/dhcp/tests/pkt_filter_lpf_unittest.cc

@@ -1,4 +1,4 @@
-// Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2013, 2015 Internet Systems Consortium, Inc. ("ISC")
 //
 // Permission to use, copy, modify, and/or distribute this software for any
 // purpose with or without fee is hereby granted, provided that the above
@@ -189,4 +189,41 @@ TEST_F(PktFilterLPFTest, DISABLED_receive) {
     testRcvdMessage(rcvd_pkt);
 }
 
+// This test verifies that if the packet is received over the raw
+// socket and its destination address doesn't match the address
+// to which the socket is "bound", the packet is dropped.
+TEST_F(PktFilterBPFTest, DISABLED_filterOutUnicast) {
+
+    // Packet will be received over loopback interface.
+    Iface iface(ifname_, ifindex_);
+    iface.flag_loopback_ = true;
+    IOAddress addr("127.0.0.1");
+
+    // Create an instance of the class which we are testing.
+    PktFilterBPF pkt_filter;
+    // Open socket. We don't check that the socket has appropriate
+    // options and family set because we have checked that in the
+    // openSocket test already.
+    sock_info_ = pkt_filter.openSocket(iface, addr, PORT, false, false);
+    ASSERT_GE(sock_info_.sockfd_, 0);
+
+    // The message sent to the local loopback interface will have an
+    // invalid (non-existing) destination address. The socket should
+    // drop this packet.
+    sendMessage(IOAddress("128.0.0.1"));
+
+    // Perform select on the socket to make sure that the packet has
+    // been dropped.
+
+    fd_set readfds;
+    FD_ZERO(&readfds);
+    FD_SET(sock_info_.sockfd_, &readfds);
+
+    struct timeval timeout;
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+    int result = select(sock_info_.sockfd_ + 1, &readfds, NULL, NULL, &timeout);
+    ASSERT_LE(result, 0);
+}
+
 } // anonymous namespace

src/lib/dhcp/tests/pkt_filter_test_utils.cc

@@ -1,4 +1,4 @@
-// Copyright (C) 2013-2014 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2013-2015 Internet Systems Consortium, Inc. ("ISC")
 //
 // Permission to use, copy, modify, and/or distribute this software for any
 // purpose with or without fee is hereby granted, provided that the above
@@ -91,7 +91,7 @@ PktFilterTest::loInit() {
 }
 
 void
-PktFilterTest::sendMessage() {
+PktFilterTest::sendMessage(const IOAddress& dest) {
 
     // Packet will be sent over loopback interface.
     Iface iface(ifname_, ifindex_);
@@ -112,6 +112,7 @@ PktFilterTest::sendMessage() {
     memset(&dest_addr4, 0, sizeof(sockaddr));
     dest_addr4.sin_family = AF_INET;
     dest_addr4.sin_port = htons(port_);
+    dest_addr4.sin_addr.s_addr = htonl(dest);
     ASSERT_EQ(sendto(send_msg_sock_, test_message_->getBuffer().getData(),
                      test_message_->getBuffer().getLength(), 0,
                      reinterpret_cast<struct sockaddr*>(&dest_addr4),

src/lib/dhcp/tests/pkt_filter_test_utils.h

@@ -1,4 +1,4 @@
-// Copyright (C) 2013-2014 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2013-2015 Internet Systems Consortium, Inc. ("ISC")
 //
 // Permission to use, copy, modify, and/or distribute this software for any
 // purpose with or without fee is hereby granted, provided that the above
@@ -67,7 +67,10 @@ public:
     /// is closed automatically in the destructor. If the function succeeds to
     /// send a DHCPv4 message, the socket is closed so as the function can be
     /// called again within the same test.
-    void sendMessage();
+    ///
+    /// @param dest Destination address for the packet.
+    void sendMessage(const asiolink::IOAddress& dest =
+                     asiolink::IOAddress("127.0.0.1"));
 
     /// @brief Test that the datagram socket is opened correctly.
     ///