Module Name: src Committed By: ozaki-r Date: Fri May 12 02:34:46 UTC 2017
Modified Files: src/tests/net/ipsec: algorithms.sh t_ipsec_gif.sh t_ipsec_l2tp.sh t_ipsec_transport.sh t_ipsec_tunnel.sh t_ipsec_tunnel_odd.sh Log Message: Dedup some routines To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/tests/net/ipsec/algorithms.sh \ src/tests/net/ipsec/t_ipsec_transport.sh cvs rdiff -u -r1.4 -r1.5 src/tests/net/ipsec/t_ipsec_gif.sh \ src/tests/net/ipsec/t_ipsec_l2tp.sh cvs rdiff -u -r1.7 -r1.8 src/tests/net/ipsec/t_ipsec_tunnel.sh cvs rdiff -u -r1.1 -r1.2 src/tests/net/ipsec/t_ipsec_tunnel_odd.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/tests/net/ipsec/algorithms.sh diff -u src/tests/net/ipsec/algorithms.sh:1.3 src/tests/net/ipsec/algorithms.sh:1.4 --- src/tests/net/ipsec/algorithms.sh:1.3 Thu Apr 27 08:06:59 2017 +++ src/tests/net/ipsec/algorithms.sh Fri May 12 02:34:45 2017 @@ -1,4 +1,4 @@ -# $NetBSD: algorithms.sh,v 1.3 2017/04/27 08:06:59 ozaki-r Exp $ +# $NetBSD: algorithms.sh,v 1.4 2017/05/12 02:34:45 ozaki-r Exp $ # # Copyright (c) 2017 Internet Initiative Japan Inc. # All rights reserved. @@ -160,3 +160,17 @@ generate_key() echo $key } + +generate_algo_args() +{ + local proto=$1 + local algo=$2 + local keylen=$(get_one_valid_keylen $algo) + local key=$(generate_key $keylen) + + if [ $proto = esp ]; then + echo "-E $algo $key" + else + echo "-A $algo $key" + fi +} Index: src/tests/net/ipsec/t_ipsec_transport.sh diff -u src/tests/net/ipsec/t_ipsec_transport.sh:1.3 src/tests/net/ipsec/t_ipsec_transport.sh:1.4 --- src/tests/net/ipsec/t_ipsec_transport.sh:1.3 Wed May 10 04:46:13 2017 +++ src/tests/net/ipsec/t_ipsec_transport.sh Fri May 12 02:34:45 2017 @@ -1,4 +1,4 @@ -# $NetBSD: t_ipsec_transport.sh,v 1.3 2017/05/10 04:46:13 ozaki-r Exp $ +# $NetBSD: t_ipsec_transport.sh,v 1.4 2017/05/12 02:34:45 ozaki-r Exp $ # # Copyright (c) 2017 Internet Initiative Japan Inc. # All rights reserved. @@ -37,19 +37,10 @@ test_ipsec4_transport() local algo=$2 local ip_local=10.0.0.1 local ip_peer=10.0.0.2 - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= proto_cap= - - if [ $proto = esp ]; then - opt=-E - proto_cap=ESP - else - opt=-A - proto_cap=AH - fi + local proto_cap=$(echo $proto | tr 'a-z' 'A-Z') + local algo_args="$(generate_algo_args $proto $algo)" rump_server_crypto_start $SOCK_LOCAL netipsec rump_server_crypto_start $SOCK_PEER netipsec @@ -78,8 +69,8 @@ test_ipsec4_transport() export RUMP_SERVER=$SOCK_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_local $ip_peer $proto 10000 $opt $algo $key; - add $ip_peer $ip_local $proto 10001 $opt $algo $key; + add $ip_local $ip_peer $proto 10000 $algo_args; + add $ip_peer $ip_local $proto 10001 $algo_args; spdadd $ip_local $ip_peer any -P out ipsec $proto/transport//require; EOF $DEBUG && cat $tmpfile @@ -88,8 +79,8 @@ test_ipsec4_transport() export RUMP_SERVER=$SOCK_PEER cat > $tmpfile <<-EOF - add $ip_local $ip_peer $proto 10000 $opt $algo $key; - add $ip_peer $ip_local $proto 10001 $opt $algo $key; + add $ip_local $ip_peer $proto 10000 $algo_args; + add $ip_peer $ip_local $proto 10001 $algo_args; spdadd $ip_peer $ip_local any -P out ipsec $proto/transport//require; EOF $DEBUG && cat $tmpfile @@ -115,19 +106,10 @@ test_ipsec6_transport() local algo=$2 local ip_local=fd00::1 local ip_peer=fd00::2 - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= proto_cap= - - if [ $proto = esp ]; then - opt=-E - proto_cap=ESP - else - opt=-A - proto_cap=AH - fi + local proto_cap=$(echo $proto | tr 'a-z' 'A-Z') + local algo_args="$(generate_algo_args $proto $algo)" rump_server_crypto_start $SOCK_LOCAL netinet6 netipsec rump_server_crypto_start $SOCK_PEER netinet6 netipsec @@ -156,8 +138,8 @@ test_ipsec6_transport() export RUMP_SERVER=$SOCK_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_local $ip_peer $proto 10000 $opt $algo $key; - add $ip_peer $ip_local $proto 10001 $opt $algo $key; + add $ip_local $ip_peer $proto 10000 $algo_args; + add $ip_peer $ip_local $proto 10001 $algo_args; spdadd $ip_local $ip_peer any -P out ipsec $proto/transport//require; EOF $DEBUG && cat $tmpfile @@ -166,8 +148,8 @@ test_ipsec6_transport() export RUMP_SERVER=$SOCK_PEER cat > $tmpfile <<-EOF - add $ip_local $ip_peer $proto 10000 $opt $algo $key; - add $ip_peer $ip_local $proto 10001 $opt $algo $key; + add $ip_local $ip_peer $proto 10000 $algo_args; + add $ip_peer $ip_local $proto 10001 $algo_args; spdadd $ip_peer $ip_local any -P out ipsec $proto/transport//require; EOF $DEBUG && cat $tmpfile Index: src/tests/net/ipsec/t_ipsec_gif.sh diff -u src/tests/net/ipsec/t_ipsec_gif.sh:1.4 src/tests/net/ipsec/t_ipsec_gif.sh:1.5 --- src/tests/net/ipsec/t_ipsec_gif.sh:1.4 Wed May 10 04:46:13 2017 +++ src/tests/net/ipsec/t_ipsec_gif.sh Fri May 12 02:34:45 2017 @@ -1,4 +1,4 @@ -# $NetBSD: t_ipsec_gif.sh,v 1.4 2017/05/10 04:46:13 ozaki-r Exp $ +# $NetBSD: t_ipsec_gif.sh,v 1.5 2017/05/12 02:34:45 ozaki-r Exp $ # # Copyright (c) 2017 Internet Initiative Japan Inc. # All rights reserved. @@ -74,17 +74,10 @@ test_ipsec4_gif() local ip_remote=10.0.2.2 local subnet_local=10.0.1.0 local subnet_remote=10.0.2.0 - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= str= - - if [ $proto = esp ]; then - opt=-E - else - opt=-A - fi + local str= + local algo_args="$(generate_algo_args $proto $algo)" rump_server_crypto_start $SOCK_LOCAL rump_server_crypto_start $SOCK_TUN_LOCAL netipsec gif @@ -152,8 +145,8 @@ test_ipsec4_gif() export RUMP_SERVER=$SOCK_TUN_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $subnet_local/24 $subnet_remote/24 any -P out ipsec $proto/tunnel/$ip_gwlo_tun-$ip_gwre_tun/require; spdadd $subnet_remote/24 $subnet_local/24 any -P in ipsec @@ -164,8 +157,8 @@ test_ipsec4_gif() export RUMP_SERVER=$SOCK_TUN_REMOTE cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $subnet_remote/24 $subnet_local/24 any -P out ipsec $proto/tunnel/$ip_gwre_tun-$ip_gwlo_tun/require; spdadd $subnet_local/24 $subnet_remote/24 any -P in ipsec @@ -177,8 +170,8 @@ test_ipsec4_gif() export RUMP_SERVER=$SOCK_TUN_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $ip_gwlo_tun/32 $ip_gwre_tun/32 any -P out ipsec $proto/transport//require; spdadd $ip_gwre_tun/32 $ip_gwlo_tun/32 any -P in ipsec @@ -189,8 +182,8 @@ test_ipsec4_gif() export RUMP_SERVER=$SOCK_TUN_REMOTE cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $ip_gwre_tun/32 $ip_gwlo_tun/32 any -P out ipsec $proto/transport//require; spdadd $ip_gwlo_tun/32 $ip_gwre_tun/32 any -P in ipsec @@ -233,17 +226,10 @@ test_ipsec6_gif() local ip_remote=fd00:2::2 local subnet_local=fd00:1:: local subnet_remote=fd00:2:: - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= str= - - if [ $proto = esp ]; then - opt=-E - else - opt=-A - fi + local str= + local algo_args="$(generate_algo_args $proto $algo)" rump_server_crypto_start $SOCK_LOCAL netinet6 rump_server_crypto_start $SOCK_TUN_LOCAL netipsec netinet6 gif @@ -309,8 +295,8 @@ test_ipsec6_gif() export RUMP_SERVER=$SOCK_TUN_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $subnet_local/64 $subnet_remote/64 any -P out ipsec $proto/tunnel/$ip_gwlo_tun-$ip_gwre_tun/require; spdadd $subnet_remote/64 $subnet_local/64 any -P in ipsec @@ -321,8 +307,8 @@ test_ipsec6_gif() export RUMP_SERVER=$SOCK_TUN_REMOTE cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $subnet_remote/64 $subnet_local/64 any -P out ipsec $proto/tunnel/$ip_gwre_tun-$ip_gwlo_tun/require; spdadd $subnet_local/64 $subnet_remote/64 any -P in ipsec @@ -334,8 +320,8 @@ test_ipsec6_gif() export RUMP_SERVER=$SOCK_TUN_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $ip_gwlo_tun/128 $ip_gwre_tun/128 any -P out ipsec $proto/transport//require; spdadd $ip_gwre_tun/128 $ip_gwlo_tun/128 any -P in ipsec @@ -346,8 +332,8 @@ test_ipsec6_gif() export RUMP_SERVER=$SOCK_TUN_REMOTE cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $ip_gwre_tun/128 $ip_gwlo_tun/128 any -P out ipsec $proto/transport//require; spdadd $ip_gwlo_tun/128 $ip_gwre_tun/128 any -P in ipsec Index: src/tests/net/ipsec/t_ipsec_l2tp.sh diff -u src/tests/net/ipsec/t_ipsec_l2tp.sh:1.4 src/tests/net/ipsec/t_ipsec_l2tp.sh:1.5 --- src/tests/net/ipsec/t_ipsec_l2tp.sh:1.4 Wed May 10 04:46:13 2017 +++ src/tests/net/ipsec/t_ipsec_l2tp.sh Fri May 12 02:34:45 2017 @@ -1,4 +1,4 @@ -# $NetBSD: t_ipsec_l2tp.sh,v 1.4 2017/05/10 04:46:13 ozaki-r Exp $ +# $NetBSD: t_ipsec_l2tp.sh,v 1.5 2017/05/12 02:34:45 ozaki-r Exp $ # # Copyright (c) 2017 Internet Initiative Japan Inc. # All rights reserved. @@ -73,17 +73,10 @@ test_ipsec4_l2tp() local ip_remote=10.0.0.2 local subnet_local=20.0.0.0 local subnet_remote=20.0.0.0 - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= str= - - if [ $proto = esp ]; then - opt=-E - else - opt=-A - fi + local str= + local algo_args="$(generate_algo_args $proto $algo)" # See https://www.netbsd.org/docs/network/ipsec/#sample_vpn rump_server_crypto_start $SOCK_LOCAL @@ -148,8 +141,8 @@ test_ipsec4_l2tp() export RUMP_SERVER=$SOCK_TUN_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $subnet_local/24 $subnet_remote/24 any -P out ipsec $proto/tunnel/$ip_gwlo_tun-$ip_gwre_tun/require; spdadd $subnet_remote/24 $subnet_local/24 any -P in ipsec @@ -160,8 +153,8 @@ test_ipsec4_l2tp() export RUMP_SERVER=$SOCK_TUN_REMOTE cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $subnet_remote/24 $subnet_local/24 any -P out ipsec $proto/tunnel/$ip_gwre_tun-$ip_gwlo_tun/require; spdadd $subnet_local/24 $subnet_remote/24 any -P in ipsec @@ -173,8 +166,8 @@ test_ipsec4_l2tp() export RUMP_SERVER=$SOCK_TUN_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $ip_gwlo_tun/32 $ip_gwre_tun/32 any -P out ipsec $proto/transport//require; spdadd $ip_gwre_tun/32 $ip_gwlo_tun/32 any -P in ipsec @@ -185,8 +178,8 @@ test_ipsec4_l2tp() export RUMP_SERVER=$SOCK_TUN_REMOTE cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $ip_gwre_tun/32 $ip_gwlo_tun/32 any -P out ipsec $proto/transport//require; spdadd $ip_gwlo_tun/32 $ip_gwre_tun/32 any -P in ipsec @@ -223,17 +216,10 @@ test_ipsec6_l2tp() local ip_remote=fd00::2 local subnet_local=fc00:: local subnet_remote=fc00:: - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= str= - - if [ $proto = esp ]; then - opt=-E - else - opt=-A - fi + local str= + local algo_args="$(generate_algo_args $proto $algo)" rump_server_crypto_start $SOCK_LOCAL netinet6 rump_server_crypto_start $SOCK_TUN_LOCAL netipsec netinet6 l2tp bridge @@ -297,8 +283,8 @@ test_ipsec6_l2tp() export RUMP_SERVER=$SOCK_TUN_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $subnet_local/64 $subnet_remote/64 any -P out ipsec $proto/tunnel/$ip_gwlo_tun-$ip_gwre_tun/require; spdadd $subnet_remote/64 $subnet_local/64 any -P in ipsec @@ -309,8 +295,8 @@ test_ipsec6_l2tp() export RUMP_SERVER=$SOCK_TUN_REMOTE cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $subnet_remote/64 $subnet_local/64 any -P out ipsec $proto/tunnel/$ip_gwre_tun-$ip_gwlo_tun/require; spdadd $subnet_local/64 $subnet_remote/64 any -P in ipsec @@ -322,8 +308,8 @@ test_ipsec6_l2tp() export RUMP_SERVER=$SOCK_TUN_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $ip_gwlo_tun/128 $ip_gwre_tun/128 any -P out ipsec $proto/transport//require; spdadd $ip_gwre_tun/128 $ip_gwlo_tun/128 any -P in ipsec @@ -334,8 +320,8 @@ test_ipsec6_l2tp() export RUMP_SERVER=$SOCK_TUN_REMOTE cat > $tmpfile <<-EOF - add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key; - add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key; + add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args; + add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args; spdadd $ip_gwre_tun/128 $ip_gwlo_tun/128 any -P out ipsec $proto/transport//require; spdadd $ip_gwlo_tun/128 $ip_gwre_tun/128 any -P in ipsec Index: src/tests/net/ipsec/t_ipsec_tunnel.sh diff -u src/tests/net/ipsec/t_ipsec_tunnel.sh:1.7 src/tests/net/ipsec/t_ipsec_tunnel.sh:1.8 --- src/tests/net/ipsec/t_ipsec_tunnel.sh:1.7 Wed May 10 09:00:29 2017 +++ src/tests/net/ipsec/t_ipsec_tunnel.sh Fri May 12 02:34:45 2017 @@ -1,4 +1,4 @@ -# $NetBSD: t_ipsec_tunnel.sh,v 1.7 2017/05/10 09:00:29 ozaki-r Exp $ +# $NetBSD: t_ipsec_tunnel.sh,v 1.8 2017/05/12 02:34:45 ozaki-r Exp $ # # Copyright (c) 2017 Internet Initiative Japan Inc. # All rights reserved. @@ -74,19 +74,10 @@ test_ipsec4_tunnel() local ip_remote=10.0.2.2 local subnet_local=10.0.1.0 local subnet_remote=10.0.2.0 - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= proto_cap= - - if [ $proto = esp ]; then - opt=-E - proto_cap=ESP - else - opt=-A - proto_cap=AH - fi + local proto_cap=$(echo $proto | tr 'a-z' 'A-Z') + local algo_args="$(generate_algo_args $proto $algo)" setup_servers @@ -134,8 +125,8 @@ test_ipsec4_tunnel() export RUMP_SERVER=$SOCK_TUNNEL_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $opt $algo $key; - add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $opt $algo $key; + add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $algo_args; + add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $algo_args; spdadd $subnet_local/24 $subnet_remote/24 any -P out ipsec $proto/tunnel/$ip_gw_local_tunnel-$ip_gw_remote_tunnel/require; spdadd $subnet_remote/24 $subnet_local/24 any -P in ipsec @@ -148,8 +139,8 @@ test_ipsec4_tunnel() export RUMP_SERVER=$SOCK_TUNNEL_REMOTE cat > $tmpfile <<-EOF - add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $opt $algo $key; - add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $opt $algo $key; + add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $algo_args; + add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $algo_args; spdadd $subnet_remote/24 $subnet_local/24 any -P out ipsec $proto/tunnel/$ip_gw_remote_tunnel-$ip_gw_local_tunnel/require; spdadd $subnet_local/24 $subnet_remote/24 any -P in ipsec @@ -183,19 +174,10 @@ test_ipsec6_tunnel() local ip_remote=fd00:2::2 local subnet_local=fd00:1:: local subnet_remote=fd00:2:: - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= proto_cap= - - if [ $proto = esp ]; then - opt=-E - proto_cap=ESP - else - opt=-A - proto_cap=AH - fi + local proto_cap=$(echo $proto | tr 'a-z' 'A-Z') + local algo_args="$(generate_algo_args $proto $algo)" setup_servers @@ -243,8 +225,8 @@ test_ipsec6_tunnel() export RUMP_SERVER=$SOCK_TUNNEL_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $opt $algo $key; - add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $opt $algo $key; + add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $algo_args; + add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $algo_args; spdadd $subnet_local/64 $subnet_remote/64 any -P out ipsec $proto/tunnel/$ip_gw_local_tunnel-$ip_gw_remote_tunnel/require; spdadd $subnet_remote/64 $subnet_local/64 any -P in ipsec @@ -257,8 +239,8 @@ test_ipsec6_tunnel() export RUMP_SERVER=$SOCK_TUNNEL_REMOTE cat > $tmpfile <<-EOF - add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $opt $algo $key; - add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $opt $algo $key; + add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $algo_args; + add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $algo_args; spdadd $subnet_remote/64 $subnet_local/64 any -P out ipsec $proto/tunnel/$ip_gw_remote_tunnel-$ip_gw_local_tunnel/require; spdadd $subnet_local/64 $subnet_remote/64 any -P in ipsec Index: src/tests/net/ipsec/t_ipsec_tunnel_odd.sh diff -u src/tests/net/ipsec/t_ipsec_tunnel_odd.sh:1.1 src/tests/net/ipsec/t_ipsec_tunnel_odd.sh:1.2 --- src/tests/net/ipsec/t_ipsec_tunnel_odd.sh:1.1 Wed May 10 09:08:25 2017 +++ src/tests/net/ipsec/t_ipsec_tunnel_odd.sh Fri May 12 02:34:45 2017 @@ -1,4 +1,4 @@ -# $NetBSD: t_ipsec_tunnel_odd.sh,v 1.1 2017/05/10 09:08:25 ozaki-r Exp $ +# $NetBSD: t_ipsec_tunnel_odd.sh,v 1.2 2017/05/12 02:34:45 ozaki-r Exp $ # # Copyright (c) 2017 Internet Initiative Japan Inc. # All rights reserved. @@ -76,19 +76,10 @@ test_ipsec46_tunnel() local ip_remote=10.0.2.2 local subnet_local=10.0.1.0 local subnet_remote=10.0.2.0 - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= proto_cap= - - if [ $proto = esp ]; then - opt=-E - proto_cap=ESP - else - opt=-A - proto_cap=AH - fi + local proto_cap=$(echo $proto | tr 'a-z' 'A-Z') + local algo_args="$(generate_algo_args $proto $algo)" setup_servers @@ -140,8 +131,8 @@ test_ipsec46_tunnel() export RUMP_SERVER=$SOCK_TUNNEL_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip6_gw_local_tunnel $ip6_gw_remote_tunnel $proto 10000 $opt $algo $key; - add $ip6_gw_remote_tunnel $ip6_gw_local_tunnel $proto 10001 $opt $algo $key; + add $ip6_gw_local_tunnel $ip6_gw_remote_tunnel $proto 10000 $algo_args; + add $ip6_gw_remote_tunnel $ip6_gw_local_tunnel $proto 10001 $algo_args; spdadd $subnet_local/24 $subnet_remote/24 any -P out ipsec $proto/tunnel/$ip6_gw_local_tunnel-$ip6_gw_remote_tunnel/require; spdadd $subnet_remote/24 $subnet_local/24 any -P in ipsec @@ -154,8 +145,8 @@ test_ipsec46_tunnel() export RUMP_SERVER=$SOCK_TUNNEL_REMOTE cat > $tmpfile <<-EOF - add $ip6_gw_local_tunnel $ip6_gw_remote_tunnel $proto 10000 $opt $algo $key; - add $ip6_gw_remote_tunnel $ip6_gw_local_tunnel $proto 10001 $opt $algo $key; + add $ip6_gw_local_tunnel $ip6_gw_remote_tunnel $proto 10000 $algo_args; + add $ip6_gw_remote_tunnel $ip6_gw_local_tunnel $proto 10001 $algo_args; spdadd $subnet_remote/24 $subnet_local/24 any -P out ipsec $proto/tunnel/$ip6_gw_remote_tunnel-$ip6_gw_local_tunnel/require; spdadd $subnet_local/24 $subnet_remote/24 any -P in ipsec @@ -191,19 +182,10 @@ test_ipsec64_tunnel() local ip_remote=fd00:2::2 local subnet_local=fd00:1:: local subnet_remote=fd00:2:: - local keylen=$(get_one_valid_keylen $algo) - local key=$(generate_key $keylen) local tmpfile=./tmp local outfile=./out - local opt= proto_cap= - - if [ $proto = esp ]; then - opt=-E - proto_cap=ESP - else - opt=-A - proto_cap=AH - fi + local proto_cap=$(echo $proto | tr 'a-z' 'A-Z') + local algo_args="$(generate_algo_args $proto $algo)" setup_servers @@ -255,8 +237,8 @@ test_ipsec64_tunnel() export RUMP_SERVER=$SOCK_TUNNEL_LOCAL # from https://www.netbsd.org/docs/network/ipsec/ cat > $tmpfile <<-EOF - add $ip4_gw_local_tunnel $ip4_gw_remote_tunnel $proto 10000 $opt $algo $key; - add $ip4_gw_remote_tunnel $ip4_gw_local_tunnel $proto 10001 $opt $algo $key; + add $ip4_gw_local_tunnel $ip4_gw_remote_tunnel $proto 10000 $algo_args; + add $ip4_gw_remote_tunnel $ip4_gw_local_tunnel $proto 10001 $algo_args; spdadd $subnet_local/64 $subnet_remote/64 any -P out ipsec $proto/tunnel/$ip4_gw_local_tunnel-$ip4_gw_remote_tunnel/require; spdadd $subnet_remote/64 $subnet_local/64 any -P in ipsec @@ -269,8 +251,8 @@ test_ipsec64_tunnel() export RUMP_SERVER=$SOCK_TUNNEL_REMOTE cat > $tmpfile <<-EOF - add $ip4_gw_local_tunnel $ip4_gw_remote_tunnel $proto 10000 $opt $algo $key; - add $ip4_gw_remote_tunnel $ip4_gw_local_tunnel $proto 10001 $opt $algo $key; + add $ip4_gw_local_tunnel $ip4_gw_remote_tunnel $proto 10000 $algo_args; + add $ip4_gw_remote_tunnel $ip4_gw_local_tunnel $proto 10001 $algo_args; spdadd $subnet_remote/64 $subnet_local/64 any -P out ipsec $proto/tunnel/$ip4_gw_remote_tunnel-$ip4_gw_local_tunnel/require; spdadd $subnet_local/64 $subnet_remote/64 any -P in ipsec