Module Name: src
Committed By: ozaki-r
Date: Tue May 9 04:25:28 UTC 2017
Modified Files:
src/tests/net/ipsec: Makefile t_ipsec_gif.sh t_ipsec_l2tp.sh
t_ipsec_transport.sh t_ipsec_tunnel.sh
Added Files:
src/tests/net/ipsec: common.sh
Log Message:
Test flushing SAD/SPD entries
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/tests/net/ipsec/Makefile \
src/tests/net/ipsec/t_ipsec_tunnel.sh
cvs rdiff -u -r0 -r1.1 src/tests/net/ipsec/common.sh
cvs rdiff -u -r1.2 -r1.3 src/tests/net/ipsec/t_ipsec_gif.sh \
src/tests/net/ipsec/t_ipsec_l2tp.sh
cvs rdiff -u -r1.1 -r1.2 src/tests/net/ipsec/t_ipsec_transport.sh
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/tests/net/ipsec/Makefile
diff -u src/tests/net/ipsec/Makefile:1.3 src/tests/net/ipsec/Makefile:1.4
--- src/tests/net/ipsec/Makefile:1.3 Thu Apr 27 06:53:44 2017
+++ src/tests/net/ipsec/Makefile Tue May 9 04:25:28 2017
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.3 2017/04/27 06:53:44 ozaki-r Exp $
+# $NetBSD: Makefile,v 1.4 2017/05/09 04:25:28 ozaki-r Exp $
#
.include <bsd.own.mk>
@@ -8,7 +8,8 @@ TESTSDIR= ${TESTSBASE}/net/ipsec
.for name in ipsec_ah_keys ipsec_esp_keys ipsec_gif ipsec_l2tp ipsec_sysctl \
ipsec_transport ipsec_tunnel
TESTS_SH+= t_${name}
-TESTS_SH_SRC_t_${name}= ../net_common.sh ./algorithms.sh t_${name}.sh
+TESTS_SH_SRC_t_${name}= ../net_common.sh ./common.sh ./algorithms.sh \
+ t_${name}.sh
.endfor
.include <bsd.test.mk>
Index: src/tests/net/ipsec/t_ipsec_tunnel.sh
diff -u src/tests/net/ipsec/t_ipsec_tunnel.sh:1.3 src/tests/net/ipsec/t_ipsec_tunnel.sh:1.4
--- src/tests/net/ipsec/t_ipsec_tunnel.sh:1.3 Sun Apr 16 10:34:49 2017
+++ src/tests/net/ipsec/t_ipsec_tunnel.sh Tue May 9 04:25:28 2017
@@ -1,4 +1,4 @@
-# $NetBSD: t_ipsec_tunnel.sh,v 1.3 2017/04/16 10:34:49 ozaki-r Exp $
+# $NetBSD: t_ipsec_tunnel.sh,v 1.4 2017/05/09 04:25:28 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@@ -163,6 +163,9 @@ test_ipsec4_tunnel()
atf_check -s exit:0 \
-o match:"$ip_gw_remote_tunnel > $ip_gw_local_tunnel: $proto_cap" \
cat $outfile
+
+ test_flush_entries $SOCK_TUNNEL_LOCAL
+ test_flush_entries $SOCK_TUNNEL_REMOTE
}
test_ipsec6_tunnel()
@@ -292,6 +295,9 @@ test_ipsec6_tunnel()
atf_check -s exit:0 \
-o match:"$ip_gw_remote_tunnel > $ip_gw_local_tunnel: $proto_cap" \
cat $outfile
+
+ test_flush_entries $SOCK_TUNNEL_LOCAL
+ test_flush_entries $SOCK_TUNNEL_REMOTE
}
test_tunnel_common()
Index: src/tests/net/ipsec/t_ipsec_gif.sh
diff -u src/tests/net/ipsec/t_ipsec_gif.sh:1.2 src/tests/net/ipsec/t_ipsec_gif.sh:1.3
--- src/tests/net/ipsec/t_ipsec_gif.sh:1.2 Thu Apr 27 10:17:12 2017
+++ src/tests/net/ipsec/t_ipsec_gif.sh Tue May 9 04:25:28 2017
@@ -1,4 +1,4 @@
-# $NetBSD: t_ipsec_gif.sh,v 1.2 2017/04/27 10:17:12 ozaki-r Exp $
+# $NetBSD: t_ipsec_gif.sh,v 1.3 2017/05/09 04:25:28 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@@ -234,6 +234,9 @@ test_ipsec4_gif()
str=$(make_gif_pktstr $ip_gwre_tun $ip_gwlo_tun \
$ip_remote $ip_local $proto ipv4)
atf_check -s exit:0 -o match:"$str" cat $outfile
+
+ test_flush_entries $SOCK_TUN_LOCAL
+ test_flush_entries $SOCK_TUN_REMOTE
}
test_ipsec6_gif()
@@ -401,6 +404,9 @@ test_ipsec6_gif()
str=$(make_gif_pktstr $ip_gwre_tun $ip_gwlo_tun \
$ip_remote $ip_local $proto ipv6)
atf_check -s exit:0 -o match:"$str" cat $outfile
+
+ test_flush_entries $SOCK_TUN_LOCAL
+ test_flush_entries $SOCK_TUN_REMOTE
}
test_ipsec_gif_common()
Index: src/tests/net/ipsec/t_ipsec_l2tp.sh
diff -u src/tests/net/ipsec/t_ipsec_l2tp.sh:1.2 src/tests/net/ipsec/t_ipsec_l2tp.sh:1.3
--- src/tests/net/ipsec/t_ipsec_l2tp.sh:1.2 Thu Apr 27 10:17:12 2017
+++ src/tests/net/ipsec/t_ipsec_l2tp.sh Tue May 9 04:25:28 2017
@@ -1,4 +1,4 @@
-# $NetBSD: t_ipsec_l2tp.sh,v 1.2 2017/04/27 10:17:12 ozaki-r Exp $
+# $NetBSD: t_ipsec_l2tp.sh,v 1.3 2017/05/09 04:25:28 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@@ -220,6 +220,9 @@ test_ipsec4_l2tp()
atf_check -s exit:0 -o match:"$str" cat $outfile
str=$(make_l2tp_pktstr $ip_gwre_tun $ip_gwlo_tun $proto ipv4 $mode)
atf_check -s exit:0 -o match:"$str" cat $outfile
+
+ test_flush_entries $SOCK_TUN_LOCAL
+ test_flush_entries $SOCK_TUN_REMOTE
}
test_ipsec6_l2tp()
@@ -387,6 +390,9 @@ test_ipsec6_l2tp()
atf_check -s exit:0 -o match:"$str" cat $outfile
str=$(make_l2tp_pktstr $ip_gwre_tun $ip_gwlo_tun $proto ipv6 $mode)
atf_check -s exit:0 -o match:"$str" cat $outfile
+
+ test_flush_entries $SOCK_TUN_LOCAL
+ test_flush_entries $SOCK_TUN_REMOTE
}
test_ipsec_l2tp_common()
Index: src/tests/net/ipsec/t_ipsec_transport.sh
diff -u src/tests/net/ipsec/t_ipsec_transport.sh:1.1 src/tests/net/ipsec/t_ipsec_transport.sh:1.2
--- src/tests/net/ipsec/t_ipsec_transport.sh:1.1 Fri Apr 14 02:56:49 2017
+++ src/tests/net/ipsec/t_ipsec_transport.sh Tue May 9 04:25:28 2017
@@ -1,4 +1,4 @@
-# $NetBSD: t_ipsec_transport.sh,v 1.1 2017/04/14 02:56:49 ozaki-r Exp $
+# $NetBSD: t_ipsec_transport.sh,v 1.2 2017/05/09 04:25:28 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@@ -114,6 +114,9 @@ test_ipsec4_transport()
cat $outfile
atf_check -s exit:0 -o match:"$ip_peer > $ip_local: $proto_cap" \
cat $outfile
+
+ test_flush_entries $SOCK_LOCAL
+ test_flush_entries $SOCK_PEER
}
test_ipsec6_transport()
@@ -199,6 +202,9 @@ test_ipsec6_transport()
cat $outfile
atf_check -s exit:0 -o match:"$ip_peer > $ip_local: $proto_cap" \
cat $outfile
+
+ test_flush_entries $SOCK_LOCAL
+ test_flush_entries $SOCK_PEER
}
test_transport_common()
Added files:
Index: src/tests/net/ipsec/common.sh
diff -u /dev/null src/tests/net/ipsec/common.sh:1.1
--- /dev/null Tue May 9 04:25:28 2017
+++ src/tests/net/ipsec/common.sh Tue May 9 04:25:28 2017
@@ -0,0 +1,38 @@
+# $NetBSD: common.sh,v 1.1 2017/05/09 04:25:28 ozaki-r Exp $
+#
+# Copyright (c) 2017 Internet Initiative Japan Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+
+test_flush_entries()
+{
+ local sock=$1
+
+ export RUMP_SERVER=$sock
+
+ atf_check -s exit:0 -o empty $HIJACKING setkey -F
+ atf_check -s exit:0 -o empty $HIJACKING setkey -F -P
+ atf_check -s exit:0 -o match:"No SAD entries." $HIJACKING setkey -D -a
+ atf_check -s exit:0 -o match:"No SPD entries." $HIJACKING setkey -D -P
+}
