CVS commit: src/tests/net/if_ipsec

Tue, 04 Aug 2020 18:11:07 -0700 

Module Name:    src
Committed By:   knakahara
Date:           Wed Aug  5 01:10:50 UTC 2020

Modified Files:
        src/tests/net/if_ipsec: t_ipsec.sh t_ipsec_pfil.sh

Log Message:
Fix missing "-m tranport" options.  Pointed out by k-goda@IIJ.

Using any mode SA causes unepected call path, that is,
ipsec4_common_input_cb() calls ip_input() directly instead of
ipsecif4_input().


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/tests/net/if_ipsec/t_ipsec.sh
cvs rdiff -u -r1.2 -r1.3 src/tests/net/if_ipsec/t_ipsec_pfil.sh

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/tests/net/if_ipsec/t_ipsec.sh
diff -u src/tests/net/if_ipsec/t_ipsec.sh:1.10 src/tests/net/if_ipsec/t_ipsec.sh:1.11
--- src/tests/net/if_ipsec/t_ipsec.sh:1.10	Mon Aug 19 03:22:05 2019
+++ src/tests/net/if_ipsec/t_ipsec.sh	Wed Aug  5 01:10:50 2020
@@ -1,4 +1,4 @@
-#	$NetBSD: t_ipsec.sh,v 1.10 2019/08/19 03:22:05 ozaki-r Exp $
+#	$NetBSD: t_ipsec.sh,v 1.11 2020/08/05 01:10:50 knakahara Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -300,8 +300,8 @@ setup_if_ipsec_sa()
 	fi
 
 	cat > $tmpfile <<-EOF
-    	add $dst $src $proto $inid -u $inunique $algo_args;
-    	add $src $dst $proto $outid -u $outunique $algo_args;
+	add $dst $src $proto $inid -u $inunique -m transport $algo_args;
+	add $src $dst $proto $outid -u $outunique -m transport $algo_args;
 	EOF
 	$DEBUG && cat $tmpfile
 	export RUMP_SERVER=$sock

Index: src/tests/net/if_ipsec/t_ipsec_pfil.sh
diff -u src/tests/net/if_ipsec/t_ipsec_pfil.sh:1.2 src/tests/net/if_ipsec/t_ipsec_pfil.sh:1.3
--- src/tests/net/if_ipsec/t_ipsec_pfil.sh:1.2	Mon Aug 19 03:22:05 2019
+++ src/tests/net/if_ipsec/t_ipsec_pfil.sh	Wed Aug  5 01:10:50 2020
@@ -1,4 +1,4 @@
-#	$NetBSD: t_ipsec_pfil.sh,v 1.2 2019/08/19 03:22:05 ozaki-r Exp $
+#	$NetBSD: t_ipsec_pfil.sh,v 1.3 2020/08/05 01:10:50 knakahara Exp $
 #
 # Copyright (c) 2019 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -115,8 +115,8 @@ setup_if_ipsec_sa()
 	atf_check -s exit:0 test "X$outunique" != "X"
 
 	cat > $tmpfile <<-EOF
-	add $dst $src $proto $inid -u $inunique $algo_args;
-	add $src $dst $proto $outid -u $outunique $algo_args;
+	add $dst $src $proto $inid -u $inunique -m transport $algo_args;
+	add $src $dst $proto $outid -u $outunique -m transport $algo_args;
 	EOF
 	$DEBUG && cat $tmpfile
 	atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile

Reply via email to