Skip to content

A tool to pester NTP servers with weird requests and check their responses

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
Notifications You must be signed in to change notification settings

pendulum-project/network-time-pester

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Network Time Pester

A work-in-progress test tool for Network Time Protocol implementations. Use at your own risk and feel free to contribute your own tests or suggest ideas!

Usage

To run the tests against a server, run:

$ cargo run -- [SERVER_ADDRESS]

For example:

$ cargo run -- [::1]:123
# or with IPv4
$ cargo run -- 127.0.0.1:123

Options

Short Long Description
-p --port The port to use for NTP, default 123, can not be used with NTS, where the port is detected from the NTS-KE server.
-t --timeout The maximum time to wait for a response before concluding there never will be one. Default 100ms.
-s --nts Use Network Time Security (NTS). This will enable more tests that assume the server is NTS capable.
--ke-port Port that should be used for the NTS key establishment protocol. Default 4460.
-c --ca-file Path to a .pem file that contains the public key of the trusted CA. For an example of how to generate a CA for testing see the ntpd-rs docs.
-h --help Display a brief description of the available options

For example:

# Run against a local NTP server listening on port 1123, and only wait 10ms for a reply
$ cargo run -- --port 1123 --timeout 10ms localhost

Or with NTS:

$ cargo run -- --nts --ca-file ca-data/ca.pem ntpd-rs.test

Since NTS uses TLS it requires a hostname instead of an IP. This can be done by adding a line to /etc/hosts or similar. See ntpd-rs docs for an example.

Output

The test report is printed as the tests are executed. The first part lists one test result and test case name per line. Followed by statistics on how many results happend.

For example:

$ cargo run -- localhost
    Finished dev [unoptimized + debuginfo] target(s) in 0.02s
     Running `target/debug/network-time-pester localhost`
✅ tests::basic::test_responds_to_version_4
❌ tests::basic::test_ignores_version_5
 ↳ After test: Server did no longer reply to normal poll
✅ tests::extensions::test_unknown_extensions_are_ignored
❓ tests::extensions::test_unique_id_is_returned:
 ↳ Can not connect to 127.0.0.1:123 from 0.0.0.0:0: Network is unreachable (os error 101)
⏩ tests::nts::happy
⏩ tests::nts_ke::happy
⏩ tests::nts_ke::error_on_unknown_next_protocol
⏩ tests::nts_ke::ignore_unknown_extra_protocols
⏩ tests::nts_ke::error_on_unknown_aead
⏩ tests::nts_ke::ignore_unknown_extra_aead
⏩ tests::nts_ke::empty_message_resolves_in_error

✅ Passed: 2
❌ Failed: 1
❓ Errored: 1
⏩ Skipped: 7

Results

Symbol Name Description
Passed The test was executed and all checks passed.
Failed During execution one of the checks failed. A description of the failure is added on a new line.
Error During execution an error occurred, this could mean that the server did not behave as expected or another issue occured. (e.g. the network connection was lost).
Skipped The test was not executed because it needed a different connection. (e.g. when running without the --nts flag.

Note: Symbols might appear different depending on the terminal font.

Tests names

The tests are named after their Rust module paths. For example tests::basic::test_responds_to_version_4 can be found in src/tests/basic.rs in the function test_responds_to_version_4.

Contributing

This tool is a work in progress that was developed to test edge cases of NTP implementations. If you have any thoughts, ideas for tests, or test implementations feel free to open an issue on this repository.

For an example of a small test case see tests::extensions::test_unknown_extensions_are_ignored. The existing test cases use the ntp-proto crate, but packets can also just be constructed byte-by-byte.

About

A tool to pester NTP servers with weird requests and check their responses

Resources

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages