Dedup some routines

tests/net/ipsec/algorithms.sh

@@ -1,4 +1,4 @@
-#	$NetBSD: algorithms.sh,v 1.3 2017/04/27 08:06:59 ozaki-r Exp $
+#	$NetBSD: algorithms.sh,v 1.4 2017/05/12 02:34:45 ozaki-r Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -160,3 +160,17 @@ generate_key()
 
 	echo $key
 }
+
+generate_algo_args()
+{
+	local proto=$1
+	local algo=$2
+	local keylen=$(get_one_valid_keylen $algo)
+	local key=$(generate_key $keylen)
+
+	if [ $proto = esp ]; then
+		echo "-E $algo $key"
+	else
+		echo "-A $algo $key"
+	fi
+}

tests/net/ipsec/t_ipsec_gif.sh

@@ -1,4 +1,4 @@
-#	$NetBSD: t_ipsec_gif.sh,v 1.4 2017/05/10 04:46:13 ozaki-r Exp $
+#	$NetBSD: t_ipsec_gif.sh,v 1.5 2017/05/12 02:34:45 ozaki-r Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -74,17 +74,10 @@ test_ipsec4_gif()
 	local ip_remote=10.0.2.2
 	local subnet_local=10.0.1.0
 	local subnet_remote=10.0.2.0
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= str=
-
-	if [ $proto = esp ]; then
-		opt=-E
-	else
-		opt=-A
-	fi
+	local str=
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	rump_server_crypto_start $SOCK_LOCAL
 	rump_server_crypto_start $SOCK_TUN_LOCAL netipsec gif
@@ -152,8 +145,8 @@ test_ipsec4_gif()
 		export RUMP_SERVER=$SOCK_TUN_LOCAL
 		# from https://www.netbsd.org/docs/network/ipsec/
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $subnet_local/24 $subnet_remote/24 any -P out ipsec
 		    $proto/tunnel/$ip_gwlo_tun-$ip_gwre_tun/require;
 		spdadd $subnet_remote/24 $subnet_local/24 any -P in ipsec
@@ -164,8 +157,8 @@ test_ipsec4_gif()
 
 		export RUMP_SERVER=$SOCK_TUN_REMOTE
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $subnet_remote/24 $subnet_local/24 any -P out ipsec
 		    $proto/tunnel/$ip_gwre_tun-$ip_gwlo_tun/require;
 		spdadd $subnet_local/24 $subnet_remote/24 any -P in ipsec
@@ -177,8 +170,8 @@ test_ipsec4_gif()
 		export RUMP_SERVER=$SOCK_TUN_LOCAL
 		# from https://www.netbsd.org/docs/network/ipsec/
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $ip_gwlo_tun/32 $ip_gwre_tun/32 any -P out ipsec
 		    $proto/transport//require;
 		spdadd $ip_gwre_tun/32 $ip_gwlo_tun/32 any -P in ipsec
@@ -189,8 +182,8 @@ test_ipsec4_gif()
 
 		export RUMP_SERVER=$SOCK_TUN_REMOTE
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $ip_gwre_tun/32 $ip_gwlo_tun/32 any -P out ipsec
 		    $proto/transport//require;
 		spdadd $ip_gwlo_tun/32 $ip_gwre_tun/32 any -P in ipsec
@@ -233,17 +226,10 @@ test_ipsec6_gif()
 	local ip_remote=fd00:2::2
 	local subnet_local=fd00:1::
 	local subnet_remote=fd00:2::
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= str=
-
-	if [ $proto = esp ]; then
-		opt=-E
-	else
-		opt=-A
-	fi
+	local str=
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	rump_server_crypto_start $SOCK_LOCAL netinet6
 	rump_server_crypto_start $SOCK_TUN_LOCAL netipsec netinet6 gif
@@ -309,8 +295,8 @@ test_ipsec6_gif()
 		export RUMP_SERVER=$SOCK_TUN_LOCAL
 		# from https://www.netbsd.org/docs/network/ipsec/
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $subnet_local/64 $subnet_remote/64 any -P out ipsec
 		    $proto/tunnel/$ip_gwlo_tun-$ip_gwre_tun/require;
 		spdadd $subnet_remote/64 $subnet_local/64 any -P in ipsec
@@ -321,8 +307,8 @@ test_ipsec6_gif()
 
 		export RUMP_SERVER=$SOCK_TUN_REMOTE
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $subnet_remote/64 $subnet_local/64 any -P out ipsec
 		    $proto/tunnel/$ip_gwre_tun-$ip_gwlo_tun/require;
 		spdadd $subnet_local/64 $subnet_remote/64 any -P in ipsec
@@ -334,8 +320,8 @@ test_ipsec6_gif()
 		export RUMP_SERVER=$SOCK_TUN_LOCAL
 		# from https://www.netbsd.org/docs/network/ipsec/
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $ip_gwlo_tun/128 $ip_gwre_tun/128 any -P out ipsec
 		    $proto/transport//require;
 		spdadd $ip_gwre_tun/128 $ip_gwlo_tun/128 any -P in ipsec
@@ -346,8 +332,8 @@ test_ipsec6_gif()
 
 		export RUMP_SERVER=$SOCK_TUN_REMOTE
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $ip_gwre_tun/128 $ip_gwlo_tun/128 any -P out ipsec
 		    $proto/transport//require;
 		spdadd $ip_gwlo_tun/128 $ip_gwre_tun/128 any -P in ipsec

tests/net/ipsec/t_ipsec_l2tp.sh

@@ -1,4 +1,4 @@
-#	$NetBSD: t_ipsec_l2tp.sh,v 1.4 2017/05/10 04:46:13 ozaki-r Exp $
+#	$NetBSD: t_ipsec_l2tp.sh,v 1.5 2017/05/12 02:34:45 ozaki-r Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -73,17 +73,10 @@ test_ipsec4_l2tp()
 	local ip_remote=10.0.0.2
 	local subnet_local=20.0.0.0
 	local subnet_remote=20.0.0.0
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= str=
-
-	if [ $proto = esp ]; then
-		opt=-E
-	else
-		opt=-A
-	fi
+	local str=
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	# See https://www.netbsd.org/docs/network/ipsec/#sample_vpn
 	rump_server_crypto_start $SOCK_LOCAL
@@ -148,8 +141,8 @@ test_ipsec4_l2tp()
 		export RUMP_SERVER=$SOCK_TUN_LOCAL
 		# from https://www.netbsd.org/docs/network/ipsec/
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $subnet_local/24 $subnet_remote/24 any -P out ipsec
 		    $proto/tunnel/$ip_gwlo_tun-$ip_gwre_tun/require;
 		spdadd $subnet_remote/24 $subnet_local/24 any -P in ipsec
@@ -160,8 +153,8 @@ test_ipsec4_l2tp()
 
 		export RUMP_SERVER=$SOCK_TUN_REMOTE
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $subnet_remote/24 $subnet_local/24 any -P out ipsec
 		    $proto/tunnel/$ip_gwre_tun-$ip_gwlo_tun/require;
 		spdadd $subnet_local/24 $subnet_remote/24 any -P in ipsec
@@ -173,8 +166,8 @@ test_ipsec4_l2tp()
 		export RUMP_SERVER=$SOCK_TUN_LOCAL
 		# from https://www.netbsd.org/docs/network/ipsec/
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $ip_gwlo_tun/32 $ip_gwre_tun/32 any -P out ipsec
 		    $proto/transport//require;
 		spdadd $ip_gwre_tun/32 $ip_gwlo_tun/32 any -P in ipsec
@@ -185,8 +178,8 @@ test_ipsec4_l2tp()
 
 		export RUMP_SERVER=$SOCK_TUN_REMOTE
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $ip_gwre_tun/32 $ip_gwlo_tun/32 any -P out ipsec
 		    $proto/transport//require;
 		spdadd $ip_gwlo_tun/32 $ip_gwre_tun/32 any -P in ipsec
@@ -223,17 +216,10 @@ test_ipsec6_l2tp()
 	local ip_remote=fd00::2
 	local subnet_local=fc00::
 	local subnet_remote=fc00::
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= str=
-
-	if [ $proto = esp ]; then
-		opt=-E
-	else
-		opt=-A
-	fi
+	local str=
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	rump_server_crypto_start $SOCK_LOCAL netinet6
 	rump_server_crypto_start $SOCK_TUN_LOCAL netipsec netinet6 l2tp bridge
@@ -297,8 +283,8 @@ test_ipsec6_l2tp()
 		export RUMP_SERVER=$SOCK_TUN_LOCAL
 		# from https://www.netbsd.org/docs/network/ipsec/
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $subnet_local/64 $subnet_remote/64 any -P out ipsec
 		    $proto/tunnel/$ip_gwlo_tun-$ip_gwre_tun/require;
 		spdadd $subnet_remote/64 $subnet_local/64 any -P in ipsec
@@ -309,8 +295,8 @@ test_ipsec6_l2tp()
 
 		export RUMP_SERVER=$SOCK_TUN_REMOTE
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $subnet_remote/64 $subnet_local/64 any -P out ipsec
 		    $proto/tunnel/$ip_gwre_tun-$ip_gwlo_tun/require;
 		spdadd $subnet_local/64 $subnet_remote/64 any -P in ipsec
@@ -322,8 +308,8 @@ test_ipsec6_l2tp()
 		export RUMP_SERVER=$SOCK_TUN_LOCAL
 		# from https://www.netbsd.org/docs/network/ipsec/
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $ip_gwlo_tun/128 $ip_gwre_tun/128 any -P out ipsec
 		    $proto/transport//require;
 		spdadd $ip_gwre_tun/128 $ip_gwlo_tun/128 any -P in ipsec
@@ -334,8 +320,8 @@ test_ipsec6_l2tp()
 
 		export RUMP_SERVER=$SOCK_TUN_REMOTE
 		cat > $tmpfile <<-EOF
-		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $opt $algo $key;
-		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $opt $algo $key;
+		add $ip_gwlo_tun $ip_gwre_tun $proto 10000 $algo_args;
+		add $ip_gwre_tun $ip_gwlo_tun $proto 10001 $algo_args;
 		spdadd $ip_gwre_tun/128 $ip_gwlo_tun/128 any -P out ipsec
 		    $proto/transport//require;
 		spdadd $ip_gwlo_tun/128 $ip_gwre_tun/128 any -P in ipsec

tests/net/ipsec/t_ipsec_transport.sh

@@ -1,4 +1,4 @@
-#	$NetBSD: t_ipsec_transport.sh,v 1.3 2017/05/10 04:46:13 ozaki-r Exp $
+#	$NetBSD: t_ipsec_transport.sh,v 1.4 2017/05/12 02:34:45 ozaki-r Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -37,19 +37,10 @@ test_ipsec4_transport()
 	local algo=$2
 	local ip_local=10.0.0.1
 	local ip_peer=10.0.0.2
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= proto_cap=
-
-	if [ $proto = esp ]; then
-		opt=-E
-		proto_cap=ESP
-	else
-		opt=-A
-		proto_cap=AH
-	fi
+	local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	rump_server_crypto_start $SOCK_LOCAL netipsec
 	rump_server_crypto_start $SOCK_PEER netipsec
@@ -78,8 +69,8 @@ test_ipsec4_transport()
 	export RUMP_SERVER=$SOCK_LOCAL
 	# from https://www.netbsd.org/docs/network/ipsec/
 	cat > $tmpfile <<-EOF
-	add $ip_local $ip_peer $proto 10000 $opt $algo $key;
-	add $ip_peer $ip_local $proto 10001 $opt $algo $key;
+	add $ip_local $ip_peer $proto 10000 $algo_args;
+	add $ip_peer $ip_local $proto 10001 $algo_args;
 	spdadd $ip_local $ip_peer any -P out ipsec $proto/transport//require;
 	EOF
 	$DEBUG && cat $tmpfile
@@ -88,8 +79,8 @@ test_ipsec4_transport()
 
 	export RUMP_SERVER=$SOCK_PEER
 	cat > $tmpfile <<-EOF
-	add $ip_local $ip_peer $proto 10000 $opt $algo $key;
-	add $ip_peer $ip_local $proto 10001 $opt $algo $key;
+	add $ip_local $ip_peer $proto 10000 $algo_args;
+	add $ip_peer $ip_local $proto 10001 $algo_args;
 	spdadd $ip_peer $ip_local any -P out ipsec $proto/transport//require;
 	EOF
 	$DEBUG && cat $tmpfile
@@ -115,19 +106,10 @@ test_ipsec6_transport()
 	local algo=$2
 	local ip_local=fd00::1
 	local ip_peer=fd00::2
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= proto_cap=
-
-	if [ $proto = esp ]; then
-		opt=-E
-		proto_cap=ESP
-	else
-		opt=-A
-		proto_cap=AH
-	fi
+	local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	rump_server_crypto_start $SOCK_LOCAL netinet6 netipsec
 	rump_server_crypto_start $SOCK_PEER netinet6 netipsec
@@ -156,8 +138,8 @@ test_ipsec6_transport()
 	export RUMP_SERVER=$SOCK_LOCAL
 	# from https://www.netbsd.org/docs/network/ipsec/
 	cat > $tmpfile <<-EOF
-	add $ip_local $ip_peer $proto 10000 $opt $algo $key;
-	add $ip_peer $ip_local $proto 10001 $opt $algo $key;
+	add $ip_local $ip_peer $proto 10000 $algo_args;
+	add $ip_peer $ip_local $proto 10001 $algo_args;
 	spdadd $ip_local $ip_peer any -P out ipsec $proto/transport//require;
 	EOF
 	$DEBUG && cat $tmpfile
@@ -166,8 +148,8 @@ test_ipsec6_transport()
 
 	export RUMP_SERVER=$SOCK_PEER
 	cat > $tmpfile <<-EOF
-	add $ip_local $ip_peer $proto 10000 $opt $algo $key;
-	add $ip_peer $ip_local $proto 10001 $opt $algo $key;
+	add $ip_local $ip_peer $proto 10000 $algo_args;
+	add $ip_peer $ip_local $proto 10001 $algo_args;
 	spdadd $ip_peer $ip_local any -P out ipsec $proto/transport//require;
 	EOF
 	$DEBUG && cat $tmpfile

tests/net/ipsec/t_ipsec_tunnel.sh

@@ -1,4 +1,4 @@
-#	$NetBSD: t_ipsec_tunnel.sh,v 1.7 2017/05/10 09:00:29 ozaki-r Exp $
+#	$NetBSD: t_ipsec_tunnel.sh,v 1.8 2017/05/12 02:34:45 ozaki-r Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -74,19 +74,10 @@ test_ipsec4_tunnel()
 	local ip_remote=10.0.2.2
 	local subnet_local=10.0.1.0
 	local subnet_remote=10.0.2.0
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= proto_cap=
-
-	if [ $proto = esp ]; then
-		opt=-E
-		proto_cap=ESP
-	else
-		opt=-A
-		proto_cap=AH
-	fi
+	local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	setup_servers
 
@@ -134,8 +125,8 @@ test_ipsec4_tunnel()
 	export RUMP_SERVER=$SOCK_TUNNEL_LOCAL
 	# from https://www.netbsd.org/docs/network/ipsec/
 	cat > $tmpfile <<-EOF
-	add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $opt $algo $key;
-	add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $opt $algo $key;
+	add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $algo_args;
+	add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $algo_args;
 	spdadd $subnet_local/24 $subnet_remote/24 any -P out ipsec
 	    $proto/tunnel/$ip_gw_local_tunnel-$ip_gw_remote_tunnel/require;
 	spdadd $subnet_remote/24 $subnet_local/24 any -P in ipsec
@@ -148,8 +139,8 @@ test_ipsec4_tunnel()
 
 	export RUMP_SERVER=$SOCK_TUNNEL_REMOTE
 	cat > $tmpfile <<-EOF
-	add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $opt $algo $key;
-	add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $opt $algo $key;
+	add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $algo_args;
+	add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $algo_args;
 	spdadd $subnet_remote/24 $subnet_local/24 any -P out ipsec
 	    $proto/tunnel/$ip_gw_remote_tunnel-$ip_gw_local_tunnel/require;
 	spdadd $subnet_local/24 $subnet_remote/24 any -P in ipsec
@@ -183,19 +174,10 @@ test_ipsec6_tunnel()
 	local ip_remote=fd00:2::2
 	local subnet_local=fd00:1::
 	local subnet_remote=fd00:2::
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= proto_cap=
-
-	if [ $proto = esp ]; then
-		opt=-E
-		proto_cap=ESP
-	else
-		opt=-A
-		proto_cap=AH
-	fi
+	local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	setup_servers
 
@@ -243,8 +225,8 @@ test_ipsec6_tunnel()
 	export RUMP_SERVER=$SOCK_TUNNEL_LOCAL
 	# from https://www.netbsd.org/docs/network/ipsec/
 	cat > $tmpfile <<-EOF
-	add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $opt $algo $key;
-	add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $opt $algo $key;
+	add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $algo_args;
+	add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $algo_args;
 	spdadd $subnet_local/64 $subnet_remote/64 any -P out ipsec
 	    $proto/tunnel/$ip_gw_local_tunnel-$ip_gw_remote_tunnel/require;
 	spdadd $subnet_remote/64 $subnet_local/64 any -P in ipsec
@@ -257,8 +239,8 @@ test_ipsec6_tunnel()
 
 	export RUMP_SERVER=$SOCK_TUNNEL_REMOTE
 	cat > $tmpfile <<-EOF
-	add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $opt $algo $key;
-	add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $opt $algo $key;
+	add $ip_gw_local_tunnel $ip_gw_remote_tunnel $proto 10000 $algo_args;
+	add $ip_gw_remote_tunnel $ip_gw_local_tunnel $proto 10001 $algo_args;
 	spdadd $subnet_remote/64 $subnet_local/64 any -P out ipsec
 	    $proto/tunnel/$ip_gw_remote_tunnel-$ip_gw_local_tunnel/require;
 	spdadd $subnet_local/64 $subnet_remote/64 any -P in ipsec

tests/net/ipsec/t_ipsec_tunnel_odd.sh

@@ -1,4 +1,4 @@
-#	$NetBSD: t_ipsec_tunnel_odd.sh,v 1.1 2017/05/10 09:08:25 ozaki-r Exp $
+#	$NetBSD: t_ipsec_tunnel_odd.sh,v 1.2 2017/05/12 02:34:45 ozaki-r Exp $
 #
 # Copyright (c) 2017 Internet Initiative Japan Inc.
 # All rights reserved.
@@ -76,19 +76,10 @@ test_ipsec46_tunnel()
 	local ip_remote=10.0.2.2
 	local subnet_local=10.0.1.0
 	local subnet_remote=10.0.2.0
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= proto_cap=
-
-	if [ $proto = esp ]; then
-		opt=-E
-		proto_cap=ESP
-	else
-		opt=-A
-		proto_cap=AH
-	fi
+	local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	setup_servers
 
@@ -140,8 +131,8 @@ test_ipsec46_tunnel()
 	export RUMP_SERVER=$SOCK_TUNNEL_LOCAL
 	# from https://www.netbsd.org/docs/network/ipsec/
 	cat > $tmpfile <<-EOF
-	add $ip6_gw_local_tunnel $ip6_gw_remote_tunnel $proto 10000 $opt $algo $key;
-	add $ip6_gw_remote_tunnel $ip6_gw_local_tunnel $proto 10001 $opt $algo $key;
+	add $ip6_gw_local_tunnel $ip6_gw_remote_tunnel $proto 10000 $algo_args;
+	add $ip6_gw_remote_tunnel $ip6_gw_local_tunnel $proto 10001 $algo_args;
 	spdadd $subnet_local/24 $subnet_remote/24 any -P out ipsec
 	    $proto/tunnel/$ip6_gw_local_tunnel-$ip6_gw_remote_tunnel/require;
 	spdadd $subnet_remote/24 $subnet_local/24 any -P in ipsec
@@ -154,8 +145,8 @@ test_ipsec46_tunnel()
 
 	export RUMP_SERVER=$SOCK_TUNNEL_REMOTE
 	cat > $tmpfile <<-EOF
-	add $ip6_gw_local_tunnel $ip6_gw_remote_tunnel $proto 10000 $opt $algo $key;
-	add $ip6_gw_remote_tunnel $ip6_gw_local_tunnel $proto 10001 $opt $algo $key;
+	add $ip6_gw_local_tunnel $ip6_gw_remote_tunnel $proto 10000 $algo_args;
+	add $ip6_gw_remote_tunnel $ip6_gw_local_tunnel $proto 10001 $algo_args;
 	spdadd $subnet_remote/24 $subnet_local/24 any -P out ipsec
 	    $proto/tunnel/$ip6_gw_remote_tunnel-$ip6_gw_local_tunnel/require;
 	spdadd $subnet_local/24 $subnet_remote/24 any -P in ipsec
@@ -191,19 +182,10 @@ test_ipsec64_tunnel()
 	local ip_remote=fd00:2::2
 	local subnet_local=fd00:1::
 	local subnet_remote=fd00:2::
-	local keylen=$(get_one_valid_keylen $algo)
-	local key=$(generate_key $keylen)
 	local tmpfile=./tmp
 	local outfile=./out
-	local opt= proto_cap=
-
-	if [ $proto = esp ]; then
-		opt=-E
-		proto_cap=ESP
-	else
-		opt=-A
-		proto_cap=AH
-	fi
+	local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
+	local algo_args="$(generate_algo_args $proto $algo)"
 
 	setup_servers
 
@@ -255,8 +237,8 @@ test_ipsec64_tunnel()
 	export RUMP_SERVER=$SOCK_TUNNEL_LOCAL
 	# from https://www.netbsd.org/docs/network/ipsec/
 	cat > $tmpfile <<-EOF
-	add $ip4_gw_local_tunnel $ip4_gw_remote_tunnel $proto 10000 $opt $algo $key;
-	add $ip4_gw_remote_tunnel $ip4_gw_local_tunnel $proto 10001 $opt $algo $key;
+	add $ip4_gw_local_tunnel $ip4_gw_remote_tunnel $proto 10000 $algo_args;
+	add $ip4_gw_remote_tunnel $ip4_gw_local_tunnel $proto 10001 $algo_args;
 	spdadd $subnet_local/64 $subnet_remote/64 any -P out ipsec
 	    $proto/tunnel/$ip4_gw_local_tunnel-$ip4_gw_remote_tunnel/require;
 	spdadd $subnet_remote/64 $subnet_local/64 any -P in ipsec
@@ -269,8 +251,8 @@ test_ipsec64_tunnel()
 
 	export RUMP_SERVER=$SOCK_TUNNEL_REMOTE
 	cat > $tmpfile <<-EOF
-	add $ip4_gw_local_tunnel $ip4_gw_remote_tunnel $proto 10000 $opt $algo $key;
-	add $ip4_gw_remote_tunnel $ip4_gw_local_tunnel $proto 10001 $opt $algo $key;
+	add $ip4_gw_local_tunnel $ip4_gw_remote_tunnel $proto 10000 $algo_args;
+	add $ip4_gw_remote_tunnel $ip4_gw_local_tunnel $proto 10001 $algo_args;
 	spdadd $subnet_remote/64 $subnet_local/64 any -P out ipsec
 	    $proto/tunnel/$ip4_gw_remote_tunnel-$ip4_gw_local_tunnel/require;
 	spdadd $subnet_local/64 $subnet_remote/64 any -P in ipsec