CVS commit: src/tests/net/ipsec

Tue, 01 Aug 2017 23:31:06 -0700 

Module Name:    src
Committed By:   ozaki-r
Date:           Wed Aug  2 06:30:00 UTC 2017

Modified Files:
        src/tests/net/ipsec: common.sh t_ipsec_misc.sh

Log Message:
Add test cases that there are SPs but no relevant SAs


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/tests/net/ipsec/common.sh
cvs rdiff -u -r1.16 -r1.17 src/tests/net/ipsec/t_ipsec_misc.sh

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/tests/net/ipsec/common.sh
diff -u src/tests/net/ipsec/common.sh:1.4 src/tests/net/ipsec/common.sh:1.5
--- src/tests/net/ipsec/common.sh:1.4	Mon Jul  3 06:01:16 2017
+++ src/tests/net/ipsec/common.sh	Wed Aug  2 06:30:00 2017
@@ -1,4 +1,4 @@
-#	$NetBSD: common.sh,v 1.4 2017/07/03 06:01:16 ozaki-r Exp $
+#	$NetBSD: common.sh,v 1.5 2017/08/02 06:30:00 ozaki-r Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -54,6 +54,22 @@ check_sa_entries()
 	# TODO: more detail checks
 }
 
+check_sp_entries()
+{
+	local sock=$1
+	local local_addr=$2
+	local remote_addr=$3
+
+	export RUMP_SERVER=$sock
+
+	$DEBUG && $HIJACKING setkey -D -P
+
+	atf_check -s exit:0 \
+	    -o match:"$local_addr\[any\] $remote_addr\[any\] reserved" \
+	    $HIJACKING setkey -D -P
+	# TODO: more detail checks
+}
+
 generate_pktproto()
 {
 	local proto=$1

Index: src/tests/net/ipsec/t_ipsec_misc.sh
diff -u src/tests/net/ipsec/t_ipsec_misc.sh:1.16 src/tests/net/ipsec/t_ipsec_misc.sh:1.17
--- src/tests/net/ipsec/t_ipsec_misc.sh:1.16	Mon Jul 24 02:07:43 2017
+++ src/tests/net/ipsec/t_ipsec_misc.sh	Wed Aug  2 06:30:00 2017
@@ -1,4 +1,4 @@
-#	$NetBSD: t_ipsec_misc.sh,v 1.16 2017/07/24 02:07:43 ozaki-r Exp $
+#	$NetBSD: t_ipsec_misc.sh,v 1.17 2017/08/02 06:30:00 ozaki-r Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -614,6 +614,92 @@ add_test_spi()
 	atf_add_test_case ${name}
 }
 
+setup_sp()
+{
+	local proto=$1
+	local algo_args="$2"
+	local ip_local=$3
+	local ip_peer=$4
+	local tmpfile=./tmp
+
+	export RUMP_SERVER=$SOCK_LOCAL
+	cat > $tmpfile <<-EOF
+	spdadd $ip_local $ip_peer any -P out ipsec $proto/transport//require;
+	EOF
+	$DEBUG && cat $tmpfile
+	atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
+	check_sp_entries $SOCK_LOCAL $ip_local $ip_peer
+
+	export RUMP_SERVER=$SOCK_PEER
+	cat > $tmpfile <<-EOF
+	spdadd $ip_peer $ip_local any -P out ipsec $proto/transport//require;
+	EOF
+	$DEBUG && cat $tmpfile
+	atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
+	check_sp_entries $SOCK_PEER $ip_peer $ip_local
+}
+
+test_nosa()
+{
+	local proto=$1
+	local algo=$2
+	local update=$3
+	local ip_local=10.0.0.1
+	local ip_peer=10.0.0.2
+	local algo_args="$(generate_algo_args $proto $algo)"
+	local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
+	local outfile=./out
+
+	rump_server_crypto_start $SOCK_LOCAL netipsec
+	rump_server_crypto_start $SOCK_PEER netipsec
+	rump_server_add_iface $SOCK_LOCAL shmif0 $BUS
+	rump_server_add_iface $SOCK_PEER shmif0 $BUS
+
+	export RUMP_SERVER=$SOCK_LOCAL
+	atf_check -s exit:0 rump.sysctl -q -w net.inet.ip.dad_count=0
+	atf_check -s exit:0 rump.ifconfig shmif0 $ip_local/24
+
+	export RUMP_SERVER=$SOCK_PEER
+	atf_check -s exit:0 rump.sysctl -q -w net.inet.ip.dad_count=0
+	atf_check -s exit:0 rump.ifconfig shmif0 $ip_peer/24
+
+	setup_sp $proto "$algo_args" $ip_local $ip_peer
+
+	extract_new_packets $BUS > $outfile
+
+	export RUMP_SERVER=$SOCK_LOCAL
+	# It doesn't work because there is no SA
+	atf_check -s not-exit:0 -o ignore rump.ping -c 1 -n -w 3 $ip_peer
+}
+
+add_test_nosa()
+{
+	local proto=$1
+	local algo=$2
+	local _algo=$(echo $algo | sed 's/-//g')
+	local name= desc=
+
+	desc="Tests SPs with no relevant SAs with $proto ($algo)"
+	name="ipsec_nosa_${proto}_${_algo}"
+
+	atf_test_case ${name} cleanup
+	eval "								\
+	    ${name}_head() {						\
+	        atf_set \"descr\" \"$desc\";				\
+	        atf_set \"require.progs\" \"rump_server\" \"setkey\";	\
+	    };								\
+	    ${name}_body() {						\
+	        test_nosa $proto $algo;					\
+	        rump_server_destroy_ifaces;				\
+	    };								\
+	    ${name}_cleanup() {						\
+	        $DEBUG && dump;						\
+	        cleanup;						\
+	    }								\
+	"
+	atf_add_test_case ${name}
+}
+
 atf_init_test_cases()
 {
 	local algo=
@@ -627,6 +713,7 @@ atf_init_test_cases()
 		add_test_spi esp $algo old delete
 		add_test_spi esp $algo new timeout
 		add_test_spi esp $algo old timeout
+		add_test_nosa esp $algo
 	done
 	for algo in $AH_AUTHENTICATION_ALGORITHMS_MINIMUM; do
 		add_test_lifetime ipv4 ah $algo
@@ -637,5 +724,6 @@ atf_init_test_cases()
 		add_test_spi ah $algo old delete
 		add_test_spi ah $algo new timeout
 		add_test_spi ah $algo old timeout
+		add_test_nosa ah $algo
 	done
 }

Reply via email to