Module Name: src Committed By: ozaki-r Date: Wed Aug 2 06:30:00 UTC 2017
Modified Files: src/tests/net/ipsec: common.sh t_ipsec_misc.sh Log Message: Add test cases that there are SPs but no relevant SAs To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/tests/net/ipsec/common.sh cvs rdiff -u -r1.16 -r1.17 src/tests/net/ipsec/t_ipsec_misc.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/tests/net/ipsec/common.sh diff -u src/tests/net/ipsec/common.sh:1.4 src/tests/net/ipsec/common.sh:1.5 --- src/tests/net/ipsec/common.sh:1.4 Mon Jul 3 06:01:16 2017 +++ src/tests/net/ipsec/common.sh Wed Aug 2 06:30:00 2017 @@ -1,4 +1,4 @@ -# $NetBSD: common.sh,v 1.4 2017/07/03 06:01:16 ozaki-r Exp $ +# $NetBSD: common.sh,v 1.5 2017/08/02 06:30:00 ozaki-r Exp $ # # Copyright (c) 2017 Internet Initiative Japan Inc. # All rights reserved. @@ -54,6 +54,22 @@ check_sa_entries() # TODO: more detail checks } +check_sp_entries() +{ + local sock=$1 + local local_addr=$2 + local remote_addr=$3 + + export RUMP_SERVER=$sock + + $DEBUG && $HIJACKING setkey -D -P + + atf_check -s exit:0 \ + -o match:"$local_addr\[any\] $remote_addr\[any\] reserved" \ + $HIJACKING setkey -D -P + # TODO: more detail checks +} + generate_pktproto() { local proto=$1 Index: src/tests/net/ipsec/t_ipsec_misc.sh diff -u src/tests/net/ipsec/t_ipsec_misc.sh:1.16 src/tests/net/ipsec/t_ipsec_misc.sh:1.17 --- src/tests/net/ipsec/t_ipsec_misc.sh:1.16 Mon Jul 24 02:07:43 2017 +++ src/tests/net/ipsec/t_ipsec_misc.sh Wed Aug 2 06:30:00 2017 @@ -1,4 +1,4 @@ -# $NetBSD: t_ipsec_misc.sh,v 1.16 2017/07/24 02:07:43 ozaki-r Exp $ +# $NetBSD: t_ipsec_misc.sh,v 1.17 2017/08/02 06:30:00 ozaki-r Exp $ # # Copyright (c) 2017 Internet Initiative Japan Inc. # All rights reserved. @@ -614,6 +614,92 @@ add_test_spi() atf_add_test_case ${name} } +setup_sp() +{ + local proto=$1 + local algo_args="$2" + local ip_local=$3 + local ip_peer=$4 + local tmpfile=./tmp + + export RUMP_SERVER=$SOCK_LOCAL + cat > $tmpfile <<-EOF + spdadd $ip_local $ip_peer any -P out ipsec $proto/transport//require; + EOF + $DEBUG && cat $tmpfile + atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile + check_sp_entries $SOCK_LOCAL $ip_local $ip_peer + + export RUMP_SERVER=$SOCK_PEER + cat > $tmpfile <<-EOF + spdadd $ip_peer $ip_local any -P out ipsec $proto/transport//require; + EOF + $DEBUG && cat $tmpfile + atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile + check_sp_entries $SOCK_PEER $ip_peer $ip_local +} + +test_nosa() +{ + local proto=$1 + local algo=$2 + local update=$3 + local ip_local=10.0.0.1 + local ip_peer=10.0.0.2 + local algo_args="$(generate_algo_args $proto $algo)" + local proto_cap=$(echo $proto | tr 'a-z' 'A-Z') + local outfile=./out + + rump_server_crypto_start $SOCK_LOCAL netipsec + rump_server_crypto_start $SOCK_PEER netipsec + rump_server_add_iface $SOCK_LOCAL shmif0 $BUS + rump_server_add_iface $SOCK_PEER shmif0 $BUS + + export RUMP_SERVER=$SOCK_LOCAL + atf_check -s exit:0 rump.sysctl -q -w net.inet.ip.dad_count=0 + atf_check -s exit:0 rump.ifconfig shmif0 $ip_local/24 + + export RUMP_SERVER=$SOCK_PEER + atf_check -s exit:0 rump.sysctl -q -w net.inet.ip.dad_count=0 + atf_check -s exit:0 rump.ifconfig shmif0 $ip_peer/24 + + setup_sp $proto "$algo_args" $ip_local $ip_peer + + extract_new_packets $BUS > $outfile + + export RUMP_SERVER=$SOCK_LOCAL + # It doesn't work because there is no SA + atf_check -s not-exit:0 -o ignore rump.ping -c 1 -n -w 3 $ip_peer +} + +add_test_nosa() +{ + local proto=$1 + local algo=$2 + local _algo=$(echo $algo | sed 's/-//g') + local name= desc= + + desc="Tests SPs with no relevant SAs with $proto ($algo)" + name="ipsec_nosa_${proto}_${_algo}" + + atf_test_case ${name} cleanup + eval " \ + ${name}_head() { \ + atf_set \"descr\" \"$desc\"; \ + atf_set \"require.progs\" \"rump_server\" \"setkey\"; \ + }; \ + ${name}_body() { \ + test_nosa $proto $algo; \ + rump_server_destroy_ifaces; \ + }; \ + ${name}_cleanup() { \ + $DEBUG && dump; \ + cleanup; \ + } \ + " + atf_add_test_case ${name} +} + atf_init_test_cases() { local algo= @@ -627,6 +713,7 @@ atf_init_test_cases() add_test_spi esp $algo old delete add_test_spi esp $algo new timeout add_test_spi esp $algo old timeout + add_test_nosa esp $algo done for algo in $AH_AUTHENTICATION_ALGORITHMS_MINIMUM; do add_test_lifetime ipv4 ah $algo @@ -637,5 +724,6 @@ atf_init_test_cases() add_test_spi ah $algo old delete add_test_spi ah $algo new timeout add_test_spi ah $algo old timeout + add_test_nosa ah $algo done }