Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Introduce check_sa_entries to remove lots of duplicated codes

This commit is contained in:
ozaki-r 2017-05-10 04:46:13 +00:00
parent 408cf9521a
commit 0eb085d9dc
5 changed files with 44 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
tests/net/ipsec/common.sh
View File

@ -1,4 +1,4 @@
# $NetBSD: common.sh,v 1.1 2017/05/09 04:25:28 ozaki-r Exp $
# $NetBSD: common.sh,v 1.2 2017/05/10 04:46:13 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@ -36,3 +36,20 @@ test_flush_entries()
atf_check -s exit:0 -o match:"No SAD entries." $HIJACKING setkey -D -a
atf_check -s exit:0 -o match:"No SPD entries." $HIJACKING setkey -D -P
}
check_sa_entries()
{
local sock=$1
local local_addr=$2
local remote_addr=$3
export RUMP_SERVER=$sock
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$local_addr $rmote_addr" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$remote_addr $local_addr" \
$HIJACKING setkey -D
# TODO: more detail checks
}

46
tests/net/ipsec/t_ipsec_gif.sh
View File

@ -1,4 +1,4 @@
# $NetBSD: t_ipsec_gif.sh,v 1.3 2017/05/09 04:25:28 ozaki-r Exp $
# $NetBSD: t_ipsec_gif.sh,v 1.4 2017/05/10 04:46:13 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@ -161,12 +161,6 @@ test_ipsec4_gif()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
export RUMP_SERVER=$SOCK_TUN_REMOTE
cat > $tmpfile <<-EOF
@ -179,12 +173,6 @@ test_ipsec4_gif()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
else # transport mode
export RUMP_SERVER=$SOCK_TUN_LOCAL
# from https://www.netbsd.org/docs/network/ipsec/
@ -198,12 +186,6 @@ test_ipsec4_gif()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
export RUMP_SERVER=$SOCK_TUN_REMOTE
cat > $tmpfile <<-EOF
@ -216,14 +198,11 @@ test_ipsec4_gif()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
fi
check_sa_entries $SOCK_TUN_LOCAL $ip_gwlo_tun $ip_gwre_tun
check_sa_entries $SOCK_TUN_REMOTE $ip_gwlo_tun $ip_gwre_tun
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s exit:0 -o ignore rump.ping -c 1 -n -w 3 $ip_remote
@ -378,21 +357,8 @@ test_ipsec6_gif()
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
fi
export RUMP_SERVER=$SOCK_TUN_LOCAL
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
export RUMP_SERVER=$SOCK_TUN_REMOTE
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_TUN_LOCAL $ip_gwlo_tun $ip_gwre_tun
check_sa_entries $SOCK_TUN_REMOTE $ip_gwlo_tun $ip_gwre_tun
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s exit:0 -o ignore rump.ping6 -c 1 -n -X 3 $ip_remote

46
tests/net/ipsec/t_ipsec_l2tp.sh
View File

@ -1,4 +1,4 @@
# $NetBSD: t_ipsec_l2tp.sh,v 1.3 2017/05/09 04:25:28 ozaki-r Exp $
# $NetBSD: t_ipsec_l2tp.sh,v 1.4 2017/05/10 04:46:13 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@ -196,21 +196,8 @@ test_ipsec4_l2tp()
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
fi
export RUMP_SERVER=$SOCK_TUN_LOCAL
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
export RUMP_SERVER=$SOCK_TUN_REMOTE
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_TUN_LOCAL $ip_gwlo_tun $ip_gwre_tun
check_sa_entries $SOCK_TUN_REMOTE $ip_gwlo_tun $ip_gwre_tun
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s exit:0 -o ignore rump.ping -c 1 -n -w 3 $ip_remote
@ -319,12 +306,6 @@ test_ipsec6_l2tp()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
export RUMP_SERVER=$SOCK_TUN_REMOTE
cat > $tmpfile <<-EOF
@ -337,12 +318,6 @@ test_ipsec6_l2tp()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
else # transport mode
export RUMP_SERVER=$SOCK_TUN_LOCAL
# from https://www.netbsd.org/docs/network/ipsec/
@ -356,12 +331,6 @@ test_ipsec6_l2tp()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
export RUMP_SERVER=$SOCK_TUN_REMOTE
cat > $tmpfile <<-EOF
@ -374,14 +343,11 @@ test_ipsec6_l2tp()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwlo_tun $ip_gwre_tun" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_gwre_tun $ip_gwlo_tun" \
$HIJACKING setkey -D
# TODO: more detail checks
fi
check_sa_entries $SOCK_TUN_LOCAL $ip_gwlo_tun $ip_gwre_tun
check_sa_entries $SOCK_TUN_REMOTE $ip_gwlo_tun $ip_gwre_tun
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s exit:0 -o ignore rump.ping6 -c 1 -n -X 3 $ip_remote

30
tests/net/ipsec/t_ipsec_transport.sh
View File

@ -1,4 +1,4 @@
# $NetBSD: t_ipsec_transport.sh,v 1.2 2017/05/09 04:25:28 ozaki-r Exp $
# $NetBSD: t_ipsec_transport.sh,v 1.3 2017/05/10 04:46:13 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@ -84,12 +84,7 @@ test_ipsec4_transport()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_local $ip_peer" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_peer $ip_local" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_LOCAL $ip_local $ip_peer
export RUMP_SERVER=$SOCK_PEER
cat > $tmpfile <<-EOF
@ -99,12 +94,7 @@ test_ipsec4_transport()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_local $ip_peer" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_peer $ip_local" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_PEER $ip_local $ip_peer
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s exit:0 -o ignore rump.ping -c 1 -n -w 3 $ip_peer
@ -172,12 +162,7 @@ test_ipsec6_transport()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_local $ip_peer" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_peer $ip_local" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_LOCAL $ip_local $ip_peer
export RUMP_SERVER=$SOCK_PEER
cat > $tmpfile <<-EOF
@ -187,12 +172,7 @@ test_ipsec6_transport()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_local $ip_peer" \
$HIJACKING setkey -D
atf_check -s exit:0 -o match:"$ip_peer $ip_local" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_PEER $ip_local $ip_peer
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s exit:0 -o ignore rump.ping6 -c 1 -n -X 3 $ip_peer

42
tests/net/ipsec/t_ipsec_tunnel.sh
View File

@ -1,4 +1,4 @@
# $NetBSD: t_ipsec_tunnel.sh,v 1.4 2017/05/09 04:25:28 ozaki-r Exp $
# $NetBSD: t_ipsec_tunnel.sh,v 1.5 2017/05/10 04:46:13 ozaki-r Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@ -124,14 +124,8 @@ test_ipsec4_tunnel()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 \
-o match:"$ip_gw_local_tunnel $ip_gw_remote_tunnel" \
$HIJACKING setkey -D
atf_check -s exit:0 \
-o match:"$ip_gw_remote_tunnel $ip_gw_local_tunnel" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_TUNNEL_LOCAL $ip_gw_local_tunnel \
$ip_gw_remote_tunnel
export RUMP_SERVER=$SOCK_TUNNEL_REMOTE
cat > $tmpfile <<-EOF
@ -144,14 +138,8 @@ test_ipsec4_tunnel()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 \
-o match:"$ip_gw_local_tunnel $ip_gw_remote_tunnel" \
$HIJACKING setkey -D
atf_check -s exit:0 \
-o match:"$ip_gw_remote_tunnel $ip_gw_local_tunnel" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_TUNNEL_REMOTE $ip_gw_local_tunnel \
$ip_gw_remote_tunnel
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s exit:0 -o ignore rump.ping -c 1 -n -w 3 $ip_remote
@ -256,14 +244,8 @@ test_ipsec6_tunnel()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 \
-o match:"$ip_gw_local_tunnel $ip_gw_remote_tunnel" \
$HIJACKING setkey -D
atf_check -s exit:0 \
-o match:"$ip_gw_remote_tunnel $ip_gw_local_tunnel" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_TUNNEL_LOCAL $ip_gw_local_tunnel \
$ip_gw_remote_tunnel
export RUMP_SERVER=$SOCK_TUNNEL_REMOTE
cat > $tmpfile <<-EOF
@ -276,14 +258,8 @@ test_ipsec6_tunnel()
EOF
$DEBUG && cat $tmpfile
atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
$DEBUG && $HIJACKING setkey -D
atf_check -s exit:0 \
-o match:"$ip_gw_local_tunnel $ip_gw_remote_tunnel" \
$HIJACKING setkey -D
atf_check -s exit:0 \
-o match:"$ip_gw_remote_tunnel $ip_gw_local_tunnel" \
$HIJACKING setkey -D
# TODO: more detail checks
check_sa_entries $SOCK_TUNNEL_REMOTE $ip_gw_local_tunnel \
$ip_gw_remote_tunnel
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s exit:0 -o ignore rump.ping6 -c 1 -n -X 3 $ip_remote