wolfssl/scripts/dtls.test

#!/bin/bash

#set -x # enable debug output

cleanup () {
    echo
    echo "Cleaning up..."
    if [ ! -z "$UDP_PROXY_PID" ];then
        echo "Killing udp_proxy $UDP_PROXY_PID"
        kill $UDP_PROXY_PID
    fi
    if [ ! -z "$SERVER_PID" ];then
        echo "Killing server $SERVER_PID"
        kill $SERVER_PID
    fi
    if [ ! -z "$TCPDUMP_PID" ];then
        echo "Killing tcpdump $TCPDUMP_PID"
        sleep 1
        kill $TCPDUMP_PID
    fi
}

trap cleanup err exit

WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)}
UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"}
DTLS_VERSION=${DTLS_VERSION:-"-v4"}
PROXY_PORT=1234
SERVER_PORT=4321
KEY_UPDATE_SIZE=35
NUM_TESTS_FAILED=0
NUM_TESTS_RUN=0

if [ "$DTLS_VERSION" = "-v4" ]; then
    UDP_PROXY_EXTRA_ARGS="-u"
fi

# $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf

set -o pipefail
prepend() { # Usage: cmd 2>&1 | prepend "sometext "
    while read line; do echo "${1}${line}"; done
}

run_test() { # usage: run_test "<udp-proxy args>" "<server args>" "<client args>"
    ((NUM_TESTS_RUN++))
    stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $2 2>&1 | prepend "[server] " &
    SERVER_PID=$(($! - 1))
    stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $1 2>&1 | prepend "[udp-proxy] " &
    UDP_PROXY_PID=$(($! - 1))
    sleep 0.2
    # Wrap this command in a timeout so that a deadlock won't bring down the entire test
    timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $3 2>&1 | prepend "[client] "
    if [ $? != 0 ]; then
        echo "***Test failed***"
        ((NUM_TESTS_FAILED++))
    fi
    kill $SERVER_PID >&/dev/null # make sure the server is no longer running
    SERVER_PID=
    kill $UDP_PROXY_PID
    UDP_PROXY_PID=
}

test_dropping_packets () {
    for i in $(seq 3 11);do
        echo -e "\ndropping ${i}th packet\n"
        run_test "-d $i" "-Ta" ""
    done

    # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error
    for i in $(seq 0 10);do
        echo -e "\nTesting WANT_WRITE: dropping packet $i\n"
        run_test "-f $i" "-Ta -6" "-6"
    done
}

# this test is based on detecting newSessionTicket message by its size. This is rather fragile.
test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket <size>
    echo -e "\ndropping new session ticket packet of size $1\n"
    run_test "-F $1" "-w" "-w --waitTicket"
}

test_permutations () {
    SIDE=$1
    PERMUTATIONS=$(python3 << EOF
import itertools
for p in itertools.permutations("$2"):
    print(''.join(p))
EOF
    )
    for i in $PERMUTATIONS;do
        echo -e "\nTesting $SIDE permutations order $i...\n"
        UDP_LOGFILE=/tmp/udp-$SIDE-$i
        rm -f $UDP_LOGFILE
        run_test "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w"
        echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
    done
    echo "All $SIDE msg permutations succeeded"
}


test_time_delays () {
    DELAYS=$(python3 << EOF
import itertools
t = [0.1, 0.5, 1.1]
tt = []
for i in itertools.product(t, t, t):
    tt.append(i * 15)
for i in tt:
    print(','.join(map(lambda x: str(x) , i)))
EOF
    )
    for DELAY in $DELAYS;do
        echo -e "\nTesting delay $DELAY...\n"
        UDP_LOGFILE=/tmp/udp-delay-$DELAY
        rm -f $UDP_LOGFILE
        run_test "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w"
        echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
    done
}

echo "Starting capture"
tcpdump -i lo -n port ${SERVER_PORT} -w ./dtls${DTLS_VERSION}.pcap -U &
TCPDUMP_PID=$!

test_dropping_packets
test_permutations client 012
test_dropping_new_session_ticket 200

if [ ! -z $DO_SERVER_PERMUTATION_TEST ];then
   test_permutations server 0123456
fi

# TODO: fix udp_proxy to not re-order close alert before app data
if [ ! -z $DO_DELAY_TEST ];then
   test_time_delays
fi

if [ $NUM_TESTS_FAILED == 0 ]; then
    echo -e "\nAll $NUM_TESTS_RUN tests SUCCEEDED!!!\n"
else
    echo -e "\nThere were $NUM_TESTS_FAILED failures out of $NUM_TESTS_RUN tests\n"
fi

exit $NUM_TESTS_FAILED
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`#!/bin/bash`

Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`#set -x # enable debug output`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00
			`cleanup () {`
			`echo`
			`echo "Cleaning up..."`
			`if [ ! -z "$UDP_PROXY_PID" ];then`
			`echo "Killing udp_proxy $UDP_PROXY_PID"`
			`kill $UDP_PROXY_PID`
			`fi`
			`if [ ! -z "$SERVER_PID" ];then`
			`echo "Killing server $SERVER_PID"`
			`kill $SERVER_PID`
			`fi`
Adding in tcpdump capture 2023-08-18 11:04:45 -04:00			`if [ ! -z "$TCPDUMP_PID" ];then`
			`echo "Killing tcpdump $TCPDUMP_PID"`
			`sleep 1`
			`kill $TCPDUMP_PID`
			`fi`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`}`

			`trap cleanup err exit`

Massively simplified the tests 2023-08-18 09:41:13 -04:00			`WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)}`
			`UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"}`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`DTLS_VERSION=${DTLS_VERSION:-"-v4"}`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`PROXY_PORT=1234`
			`SERVER_PORT=4321`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`KEY_UPDATE_SIZE=35`
Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`NUM_TESTS_FAILED=0`
Add in total test run count 2023-08-18 13:06:13 -04:00			`NUM_TESTS_RUN=0`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00
Add extra flags for DTLS1.3 2023-08-18 11:11:25 -04:00			`if [ "$DTLS_VERSION" = "-v4" ]; then`
			`UDP_PROXY_EXTRA_ARGS="-u"`
			`fi`

scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`# $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf`

Massively simplified the tests 2023-08-18 09:41:13 -04:00			`set -o pipefail`
			`prepend() { # Usage: cmd 2>&1 \| prepend "sometext "`
			`while read line; do echo "${1}${line}"; done`
			`}`

			`run_test() { # usage: run_test "<udp-proxy args>" "<server args>" "<client args>"`
Add in total test run count 2023-08-18 13:06:13 -04:00			`((NUM_TESTS_RUN++))`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $2 2>&1 \| prepend "[server] " &`
Clean up the script 2023-08-18 13:04:36 -04:00			`SERVER_PID=$(($! - 1))`
Add extra flags for DTLS1.3 2023-08-18 11:11:25 -04:00			`stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $1 2>&1 \| prepend "[udp-proxy] " &`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`UDP_PROXY_PID=$(($! - 1))`
			`sleep 0.2`
Clean up the script 2023-08-18 13:04:36 -04:00			`# Wrap this command in a timeout so that a deadlock won't bring down the entire test`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $3 2>&1 \| prepend "[client] "`
Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`if [ $? != 0 ]; then`
Clean up the script 2023-08-18 13:04:36 -04:00			`echo "*Test failed*"`
Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`((NUM_TESTS_FAILED++))`
			`fi`
Clean up the script 2023-08-18 13:04:36 -04:00			`kill $SERVER_PID >&/dev/null # make sure the server is no longer running`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`SERVER_PID=`
Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`kill $UDP_PROXY_PID`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`UDP_PROXY_PID=`
			`}`

scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`test_dropping_packets () {`
Drop every i'th packet 2023-08-18 10:05:12 -04:00			`for i in $(seq 3 11);do`
			`echo -e "\ndropping ${i}th packet\n"`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`run_test "-d $i" "-Ta" ""`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`done`

			`# dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error`
			`for i in $(seq 0 10);do`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`echo -e "\nTesting WANT_WRITE: dropping packet $i\n"`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`run_test "-f $i" "-Ta -6" "-6"`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`done`
			`}`

			`# this test is based on detecting newSessionTicket message by its size. This is rather fragile.`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket <size>`
			`echo -e "\ndropping new session ticket packet of size $1\n"`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`run_test "-F $1" "-w" "-w --waitTicket"`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`}`

			`test_permutations () {`
			`SIDE=$1`
			`PERMUTATIONS=$(python3 << EOF`
			`import itertools`
			`for p in itertools.permutations("$2"):`
			`print(''.join(p))`
			`EOF`
			`)`
			`for i in $PERMUTATIONS;do`
Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`echo -e "\nTesting $SIDE permutations order $i...\n"`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`UDP_LOGFILE=/tmp/udp-$SIDE-$i`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`rm -f $UDP_LOGFILE`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`run_test "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w"`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`echo "...produced $(grep -P 'client:\|server:' $UDP_LOGFILE \| wc -l) messages"`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`done`
			`echo "All $SIDE msg permutations succeeded"`
			`}`


			`test_time_delays () {`
			`DELAYS=$(python3 << EOF`
			`import itertools`
			`t = [0.1, 0.5, 1.1]`
			`tt = []`
			`for i in itertools.product(t, t, t):`
			`tt.append(i * 15)`
			`for i in tt:`
			`print(','.join(map(lambda x: str(x) , i)))`
			`EOF`
			`)`
			`for DELAY in $DELAYS;do`
Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`echo -e "\nTesting delay $DELAY...\n"`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`UDP_LOGFILE=/tmp/udp-delay-$DELAY`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`rm -f $UDP_LOGFILE`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`run_test "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w"`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`echo "...produced $(grep -P 'client:\|server:' $UDP_LOGFILE \| wc -l) messages"`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`done`
			`}`

Adding in tcpdump capture 2023-08-18 11:04:45 -04:00			`echo "Starting capture"`
Able to adjust DTLS version globally 2023-08-18 11:05:36 -04:00			`tcpdump -i lo -n port ${SERVER_PORT} -w ./dtls${DTLS_VERSION}.pcap -U &`
Adding in tcpdump capture 2023-08-18 11:04:45 -04:00			`TCPDUMP_PID=$!`

scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`test_dropping_packets`
			`test_permutations client 012`
Massively simplified the tests 2023-08-18 09:41:13 -04:00			`test_dropping_new_session_ticket 200`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00
Clean up the script 2023-08-18 13:04:36 -04:00			`if [ ! -z $DO_SERVER_PERMUTATION_TEST ];then`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`test_permutations server 0123456`
			`fi`

			`# TODO: fix udp_proxy to not re-order close alert before app data`
Clean up the script 2023-08-18 13:04:36 -04:00			`if [ ! -z $DO_DELAY_TEST ];then`
scripts: test for dtls13 retransmission Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com> 2022-05-20 10:00:42 +02:00			`test_time_delays`
			`fi`

Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`if [ $NUM_TESTS_FAILED == 0 ]; then`
Add in total test run count 2023-08-18 13:06:13 -04:00			`echo -e "\nAll $NUM_TESTS_RUN tests SUCCEEDED!!!\n"`
Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`else`
Add in total test run count 2023-08-18 13:06:13 -04:00			`echo -e "\nThere were $NUM_TESTS_FAILED failures out of $NUM_TESTS_RUN tests\n"`
Run through all the tests and give a tally for failed 2023-08-18 10:03:58 -04:00			`fi`

			`exit $NUM_TESTS_FAILED`