t_misc.sh revision 1.10
1 # $NetBSD: t_misc.sh,v 1.10 2021/06/17 12:45:58 riastradh Exp $ 2 # 3 # Copyright (c) 2018 Ryota Ozaki <ozaki.ryota (at] gmail.com> 4 # All rights reserved. 5 # 6 # Redistribution and use in source and binary forms, with or without 7 # modification, are permitted provided that the following conditions 8 # are met: 9 # 1. Redistributions of source code must retain the above copyright 10 # notice, this list of conditions and the following disclaimer. 11 # 2. Redistributions in binary form must reproduce the above copyright 12 # notice, this list of conditions and the following disclaimer in the 13 # documentation and/or other materials provided with the distribution. 14 # 15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 # POSSIBILITY OF SUCH DAMAGE. 26 # 27 28 BUS=bus 29 SOCK_LOCAL=unix://wg_local 30 SOCK_PEER=unix://wg_peer 31 32 33 atf_test_case wg_rekey cleanup 34 wg_rekey_head() 35 { 36 37 atf_set "descr" "tests of rekeying of wg(4)" 38 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 39 } 40 41 wg_rekey_body() 42 { 43 local ifconfig="atf_check -s exit:0 rump.ifconfig" 44 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 45 local ip_local=192.168.1.1 46 local ip_peer=192.168.1.2 47 local ip_wg_local=10.0.0.1 48 local ip_wg_peer=10.0.0.2 49 local port=51820 50 local rekey_after_time=3 51 local latest_handshake= 52 53 setup_servers 54 55 export RUMP_SERVER=$SOCK_LOCAL 56 atf_check -s exit:0 -o ignore \ 57 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 58 export RUMP_SERVER=$SOCK_PEER 59 atf_check -s exit:0 -o ignore \ 60 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 61 62 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 63 generate_keys 64 65 export RUMP_SERVER=$SOCK_LOCAL 66 setup_common shmif0 inet $ip_local 24 67 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 68 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 69 $ifconfig -w 10 70 71 export RUMP_SERVER=$SOCK_PEER 72 setup_common shmif0 inet $ip_peer 24 73 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 74 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 75 $ifconfig -w 10 76 77 export RUMP_SERVER=$SOCK_LOCAL 78 79 $ping $ip_wg_peer 80 81 latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ 82 | awk -F ': ' '/latest-handshake/ {print $2;}') 83 $DEBUG && echo $latest_handshake 84 85 sleep 1 86 87 $ping $ip_wg_peer 88 89 atf_expect_fail "PR kern/56252" 90 91 # No reinitiation is performed 92 atf_check -s exit:0 -o match:"$latest_handshake" \ 93 $HIJACKING wgconfig wg0 show peer peer0 94 95 # Wait for a reinitiation to be performed 96 sleep $rekey_after_time 97 98 $ping $ip_wg_peer 99 100 # A reinitiation should be performed 101 atf_check -s exit:0 -o not-match:"$latest_handshake" \ 102 $HIJACKING wgconfig wg0 show peer peer0 103 104 latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ 105 | awk -F ': ' '/latest-handshake/ {print $2;}') 106 $DEBUG && echo $latest_handshake 107 108 # Wait for a reinitiation to be performed again 109 sleep $((rekey_after_time+1)) 110 111 $ping $ip_wg_peer 112 113 # A reinitiation should be performed 114 atf_check -s exit:0 -o not-match:"$latest_handshake" \ 115 $HIJACKING wgconfig wg0 show peer peer0 116 117 destroy_wg_interfaces 118 119 atf_fail "failed to trigger PR kern/56252" 120 } 121 122 wg_rekey_cleanup() 123 { 124 125 $DEBUG && dump 126 cleanup 127 } 128 129 atf_test_case wg_handshake_timeout cleanup 130 wg_handshake_timeout_head() 131 { 132 133 atf_set "descr" "tests of handshake timeout of wg(4)" 134 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 135 } 136 137 wg_handshake_timeout_body() 138 { 139 local ifconfig="atf_check -s exit:0 rump.ifconfig" 140 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 141 local ip_local=192.168.1.1 142 local ip_peer=192.168.1.2 143 local ip_wg_local=10.0.0.1 144 local ip_wg_peer=10.0.0.2 145 local port=51820 146 local rekey_after_time=3 147 local outfile=./out 148 local rekey_timeout=3 149 local rekey_attempt_time=8 150 local n= 151 152 setup_servers 153 154 export RUMP_SERVER=$SOCK_LOCAL 155 atf_check -s exit:0 -o ignore \ 156 rump.sysctl -w net.wg.rekey_timeout=$rekey_timeout 157 atf_check -s exit:0 -o ignore \ 158 rump.sysctl -w net.wg.rekey_attempt_time=$rekey_attempt_time 159 export RUMP_SERVER=$SOCK_PEER 160 atf_check -s exit:0 -o ignore \ 161 rump.sysctl -w net.wg.rekey_timeout=$rekey_timeout 162 atf_check -s exit:0 -o ignore \ 163 rump.sysctl -w net.wg.rekey_attempt_time=$rekey_attempt_time 164 165 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 166 generate_keys 167 168 export RUMP_SERVER=$SOCK_LOCAL 169 setup_common shmif0 inet $ip_local 24 170 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 171 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 172 $ifconfig -w 10 173 174 export RUMP_SERVER=$SOCK_PEER 175 setup_common shmif0 inet $ip_peer 24 176 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 177 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 178 $ifconfig -w 10 179 180 # Resolve arp 181 export RUMP_SERVER=$SOCK_LOCAL 182 $ping $ip_peer 183 184 export RUMP_SERVER=$SOCK_PEER 185 $ifconfig shmif0 down 186 export RUMP_SERVER=$SOCK_LOCAL 187 188 extract_new_packets $BUS > $outfile 189 190 # Should fail 191 atf_check -s not-exit:0 -o match:'100.0% packet loss' \ 192 rump.ping -n -c 1 -w 1 $ip_wg_peer 193 194 sleep $((rekey_attempt_time + rekey_timeout)) 195 196 extract_new_packets $BUS > $outfile 197 $DEBUG && cat $outfile 198 199 n=$(grep "$ip_local.$port > $ip_peer.$port" $outfile |wc -l) 200 201 # Give up handshaking after three attempts 202 atf_check_equal $n 3 203 204 export RUMP_SERVER=$SOCK_PEER 205 $ifconfig shmif0 up 206 export RUMP_SERVER=$SOCK_LOCAL 207 208 destroy_wg_interfaces 209 210 atf_fail "failed to trigger PR kern/56252" 211 } 212 213 wg_handshake_timeout_cleanup() 214 { 215 216 $DEBUG && dump 217 cleanup 218 } 219 220 atf_test_case wg_cookie cleanup 221 wg_cookie_head() 222 { 223 224 atf_set "descr" "tests of cookie messages of the wg(4) protocol" 225 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 226 } 227 228 wg_cookie_body() 229 { 230 local ifconfig="atf_check -s exit:0 rump.ifconfig" 231 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 232 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 233 local ip_local=192.168.1.1 234 local ip_peer=192.168.1.2 235 local ip_wg_local=10.0.0.1 236 local ip_wg_peer=10.0.0.2 237 local port=51820 238 local outfile=./out 239 local rekey_timeout=5 240 241 setup_servers 242 243 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 244 generate_keys 245 246 export RUMP_SERVER=$SOCK_LOCAL 247 setup_common shmif0 inet $ip_local 24 248 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 249 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 250 $ifconfig -w 10 251 252 export RUMP_SERVER=$SOCK_PEER 253 setup_common shmif0 inet $ip_peer 24 254 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 255 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 256 $ifconfig -w 10 257 258 export RUMP_SERVER=$SOCK_PEER 259 # Emulate load on the peer 260 atf_check -s exit:0 -o ignore \ 261 rump.sysctl -w net.wg.force_underload=1 262 263 export RUMP_SERVER=$SOCK_LOCAL 264 265 extract_new_packets $BUS > $outfile 266 $DEBUG && cat $outfile 267 268 # The peer doesn't return a response message but a cookie message 269 # and a session doesn't start 270 $ping_fail $ip_wg_peer 271 272 atf_expect_fail "PR kern/56252" 273 274 extract_new_packets $BUS > $outfile 275 $DEBUG && cat $outfile 276 # XXX length 64 indicates the message is a cookie message 277 atf_check -s exit:0 \ 278 -o match:"$ip_peer.$port > $ip_local.$port: UDP, length 64" \ 279 cat $outfile 280 281 $DEBUG && $HIJACKING wgconfig wg0 show all 282 atf_check -s exit:0 -o match:"latest-handshake: \(never\)" \ 283 $HIJACKING wgconfig wg0 284 285 # Wait for restarting a session 286 sleep $rekey_timeout 287 288 # The second attempt should be success because the init message has 289 # a valid cookie. 290 $ping $ip_wg_peer 291 292 $DEBUG && $HIJACKING wgconfig wg0 show all 293 atf_check -s exit:0 -o not-match:"latest-handshake: \(never\)" \ 294 $HIJACKING wgconfig wg0 295 296 destroy_wg_interfaces 297 298 atf_fail "failed to trigger PR kern/56252" 299 } 300 301 wg_cookie_cleanup() 302 { 303 304 $DEBUG && dump 305 cleanup 306 } 307 308 atf_test_case wg_mobility cleanup 309 wg_mobility_head() 310 { 311 312 atf_set "descr" "tests of the mobility of wg(4)" 313 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 314 } 315 316 wg_mobility_body() 317 { 318 local ifconfig="atf_check -s exit:0 rump.ifconfig" 319 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 320 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 321 local ip_local=192.168.1.1 322 local ip_peer=192.168.1.2 323 local ip_peer_new=192.168.1.3 324 local ip_wg_local=10.0.0.1 325 local ip_wg_peer=10.0.0.2 326 local port=51820 327 local outfile=./out 328 329 setup_servers 330 331 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 332 generate_keys 333 334 export RUMP_SERVER=$SOCK_LOCAL 335 setup_common shmif0 inet $ip_local 24 336 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 337 # Initially, the local doesn't know the endpoint of the peer 338 add_peer wg0 peer0 $key_pub_peer "" $ip_wg_peer/32 339 $ifconfig -w 10 340 341 export RUMP_SERVER=$SOCK_PEER 342 setup_common shmif0 inet $ip_peer 24 343 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 344 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 345 $ifconfig -w 10 346 347 extract_new_packets $BUS > $outfile 348 $DEBUG && cat $outfile 349 350 # Ping from the local to the peer doesn't work because the local 351 # doesn't know the endpoint of the peer 352 export RUMP_SERVER=$SOCK_LOCAL 353 $ping_fail $ip_wg_peer 354 355 atf_expect_fail "PR kern/56252" 356 357 extract_new_packets $BUS > $outfile 358 $DEBUG && cat $outfile 359 360 export RUMP_SERVER=$SOCK_PEER 361 $ping $ip_wg_local 362 363 extract_new_packets $BUS > $outfile 364 $DEBUG && cat $outfile 365 366 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer.$port" cat $outfile 367 368 # Change the IP address of the peer 369 setup_common shmif0 inet $ip_peer_new 24 370 $ifconfig -w 10 371 372 # Ping from the local to the peer doesn't work because the local 373 # doesn't know the change of the IP address of the peer 374 export RUMP_SERVER=$SOCK_LOCAL 375 $ping_fail $ip_wg_peer 376 377 extract_new_packets $BUS > $outfile 378 $DEBUG && cat $outfile 379 380 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer.$port" cat $outfile 381 382 # Ping from the peer to the local works because the local notices 383 # the change and updates the IP address of the peer 384 export RUMP_SERVER=$SOCK_PEER 385 $ping $ip_wg_local 386 387 extract_new_packets $BUS > $outfile 388 $DEBUG && cat $outfile 389 390 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer_new.$port" cat $outfile 391 atf_check -s exit:0 -o match:"$ip_peer_new.$port > $ip_local.$port" cat $outfile 392 atf_check -s exit:0 -o not-match:"$ip_local.$port > $ip_peer.$port" cat $outfile 393 394 destroy_wg_interfaces 395 396 atf_fail "failed to trigger PR kern/56252" 397 } 398 399 wg_mobility_cleanup() 400 { 401 402 $DEBUG && dump 403 cleanup 404 } 405 406 atf_test_case wg_keepalive cleanup 407 wg_keepalive_head() 408 { 409 410 atf_set "descr" "tests keepalive messages" 411 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 412 } 413 414 wg_keepalive_body() 415 { 416 local ifconfig="atf_check -s exit:0 rump.ifconfig" 417 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 418 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 419 local ip_local=192.168.1.1 420 local ip_peer=192.168.1.2 421 local ip_peer_new=192.168.1.3 422 local ip_wg_local=10.0.0.1 423 local ip_wg_peer=10.0.0.2 424 local port=51820 425 local outfile=./out 426 local keepalive_timeout=3 427 428 setup_servers 429 430 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 431 generate_keys 432 433 export RUMP_SERVER=$SOCK_LOCAL 434 setup_common shmif0 inet $ip_local 24 435 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 436 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 437 $ifconfig -w 10 438 439 export RUMP_SERVER=$SOCK_PEER 440 setup_common shmif0 inet $ip_peer 24 441 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 442 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 443 $ifconfig -w 10 444 445 # Shorten keepalive_timeout of the peer 446 atf_check -s exit:0 -o ignore \ 447 rump.sysctl -w net.wg.keepalive_timeout=$keepalive_timeout 448 449 export RUMP_SERVER=$SOCK_LOCAL 450 451 extract_new_packets $BUS > $outfile 452 $DEBUG && cat $outfile 453 454 $ping $ip_wg_peer 455 456 extract_new_packets $BUS > $outfile 457 $DEBUG && cat $outfile 458 459 sleep $((keepalive_timeout + 1)) 460 461 $ping $ip_wg_peer 462 463 extract_new_packets $BUS > $outfile 464 $DEBUG && cat $outfile 465 466 # XXX length 32 indicates the message is a keepalive (empty) message 467 atf_check -s exit:0 -o match:"$ip_peer.$port > $ip_local.$port: UDP, length 32" \ 468 cat $outfile 469 470 destroy_wg_interfaces 471 } 472 473 wg_keepalive_cleanup() 474 { 475 476 $DEBUG && dump 477 cleanup 478 } 479 480 atf_test_case wg_psk cleanup 481 wg_psk_head() 482 { 483 484 atf_set "descr" "tests preshared-key" 485 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 486 } 487 488 test_psk_common() 489 { 490 } 491 492 wg_psk_body() 493 { 494 local ifconfig="atf_check -s exit:0 rump.ifconfig" 495 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 496 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 497 local ip_local=192.168.1.1 498 local ip_peer=192.168.1.2 499 local ip_peer_new=192.168.1.3 500 local ip_wg_local=10.0.0.1 501 local ip_wg_peer=10.0.0.2 502 local port=51820 503 local outfile=./out 504 local pskfile=./psk 505 local rekey_after_time=3 506 507 setup_servers 508 509 export RUMP_SERVER=$SOCK_LOCAL 510 atf_check -s exit:0 -o ignore \ 511 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 512 export RUMP_SERVER=$SOCK_PEER 513 atf_check -s exit:0 -o ignore \ 514 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 515 516 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 517 generate_keys 518 key_psk=$(wg-keygen --psk) 519 $DEBUG && echo $key_psk 520 521 export RUMP_SERVER=$SOCK_LOCAL 522 setup_common shmif0 inet $ip_local 24 523 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 524 525 export RUMP_SERVER=$SOCK_PEER 526 setup_common shmif0 inet $ip_peer 24 527 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 528 529 echo "$key_psk" > $pskfile 530 531 export RUMP_SERVER=$SOCK_LOCAL 532 533 # The local always has the preshared key 534 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 \ 535 $pskfile "$key_psk" 536 $ifconfig -w 10 537 538 export RUMP_SERVER=$SOCK_PEER 539 540 # First, try the peer without the preshared key 541 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 542 $ifconfig -w 10 543 544 export RUMP_SERVER=$SOCK_LOCAL 545 546 extract_new_packets $BUS > $outfile 547 $DEBUG && cat $outfile 548 549 $ping_fail $ip_wg_peer 550 551 extract_new_packets $BUS > $outfile 552 $DEBUG && cat $outfile 553 554 # Next, try with the preshared key 555 export RUMP_SERVER=$SOCK_PEER 556 delete_peer wg0 peer0 557 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 \ 558 $pskfile "$key_psk" 559 $ifconfig -w 10 560 561 # Need a rekey 562 atf_check -s exit:0 sleep $((rekey_after_time + 1)) 563 564 export RUMP_SERVER=$SOCK_LOCAL 565 566 extract_new_packets $BUS > $outfile 567 $DEBUG && cat $outfile 568 569 $ping $ip_wg_peer 570 571 extract_new_packets $BUS > $outfile 572 $DEBUG && cat $outfile 573 574 # Then, try again without the preshared key just in case 575 export RUMP_SERVER=$SOCK_PEER 576 delete_peer wg0 peer0 577 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 578 $ifconfig -w 10 579 580 # Need a rekey 581 atf_check -s exit:0 sleep $((rekey_after_time + 1)) 582 583 export RUMP_SERVER=$SOCK_LOCAL 584 $ping_fail $ip_wg_peer 585 586 rm -f $pskfile 587 588 destroy_wg_interfaces 589 } 590 591 wg_psk_cleanup() 592 { 593 594 $DEBUG && dump 595 cleanup 596 } 597 598 atf_test_case wg_malformed cleanup 599 wg_malformed_head() 600 { 601 602 atf_set "descr" "tests malformed packet headers" 603 atf_set "require.progs" "nc" "rump_server" "wgconfig" "wg-keygen" 604 atf_set "timeout" "10" 605 } 606 607 wg_malformed_body() 608 { 609 local ifconfig="atf_check -s exit:0 rump.ifconfig" 610 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 611 local ip_local=192.168.1.1 612 local ip_peer=192.168.1.2 613 local ip_wg_local=10.0.0.1 614 local ip_wg_peer=10.0.0.2 615 local port=51820 616 setup_servers 617 618 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 619 generate_keys 620 621 export RUMP_SERVER=$SOCK_LOCAL 622 setup_common shmif0 inet $ip_local 24 623 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 624 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 625 $ifconfig -w 10 626 627 export RUMP_SERVER=$SOCK_PEER 628 setup_common shmif0 inet $ip_peer 24 629 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 630 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 631 $ifconfig -w 10 632 633 export RUMP_SERVER=$SOCK_LOCAL 634 635 $ping $ip_wg_peer 636 637 printf 'send malformed packets\n' 638 639 $HIJACKING ping -c 1 -n $ip_peer 640 641 printf 'x' | $HIJACKING nc -Nu -w 0 $ip_peer $port 642 printf 'xy' | $HIJACKING nc -Nu -w 0 $ip_peer $port 643 printf 'xyz' | $HIJACKING nc -Nu -w 0 $ip_peer $port 644 printf 'xyzw' | $HIJACKING nc -Nu -w 0 $ip_peer $port 645 printf '\x00\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 646 printf '\x00\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 647 printf '\x01\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 648 printf '\x01\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 649 printf '\x02\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 650 printf '\x02\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 651 printf '\x03\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 652 printf '\x03\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 653 printf '\x04\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 654 printf '\x04\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 655 656 printf 'done sending malformed packets\n' 657 658 $ping $ip_wg_peer 659 } 660 661 wg_malformed_cleanup() 662 { 663 664 $DEBUG && dump 665 cleanup 666 } 667 668 atf_init_test_cases() 669 { 670 671 atf_add_test_case wg_rekey 672 atf_add_test_case wg_handshake_timeout 673 atf_add_test_case wg_cookie 674 atf_add_test_case wg_mobility 675 atf_add_test_case wg_keepalive 676 atf_add_test_case wg_psk 677 atf_add_test_case wg_malformed 678 } 679
Indexes created Wed Oct 22 13:09:56 GMT 2025