t_misc.sh revision 1.12
1 # $NetBSD: t_misc.sh,v 1.12 2022/06/13 07:59:15 martin Exp $ 2 # 3 # Copyright (c) 2018 Ryota Ozaki <ozaki.ryota (at] gmail.com> 4 # All rights reserved. 5 # 6 # Redistribution and use in source and binary forms, with or without 7 # modification, are permitted provided that the following conditions 8 # are met: 9 # 1. Redistributions of source code must retain the above copyright 10 # notice, this list of conditions and the following disclaimer. 11 # 2. Redistributions in binary form must reproduce the above copyright 12 # notice, this list of conditions and the following disclaimer in the 13 # documentation and/or other materials provided with the distribution. 14 # 15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 # POSSIBILITY OF SUCH DAMAGE. 26 # 27 28 BUS=bus 29 SOCK_LOCAL=unix://wg_local 30 SOCK_PEER=unix://wg_peer 31 32 33 atf_test_case wg_rekey cleanup 34 wg_rekey_head() 35 { 36 37 atf_set "descr" "tests of rekeying of wg(4)" 38 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 39 } 40 41 wg_rekey_body() 42 { 43 local ifconfig="atf_check -s exit:0 rump.ifconfig" 44 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 45 local ip_local=192.168.1.1 46 local ip_peer=192.168.1.2 47 local ip_wg_local=10.0.0.1 48 local ip_wg_peer=10.0.0.2 49 local port=51820 50 local rekey_after_time=3 51 local latest_handshake= 52 53 setup_servers 54 55 export RUMP_SERVER=$SOCK_LOCAL 56 atf_check -s exit:0 -o ignore \ 57 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 58 export RUMP_SERVER=$SOCK_PEER 59 atf_check -s exit:0 -o ignore \ 60 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 61 62 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 63 generate_keys 64 65 export RUMP_SERVER=$SOCK_LOCAL 66 setup_common shmif0 inet $ip_local 24 67 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 68 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 69 $ifconfig -w 10 70 71 export RUMP_SERVER=$SOCK_PEER 72 setup_common shmif0 inet $ip_peer 24 73 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 74 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 75 $ifconfig -w 10 76 77 export RUMP_SERVER=$SOCK_LOCAL 78 79 $ping $ip_wg_peer 80 81 latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ 82 | awk -F ': ' '/latest-handshake/ {print $2;}') 83 $DEBUG && echo $latest_handshake 84 85 sleep 1 86 87 $ping $ip_wg_peer 88 89 atf_expect_fail "PR kern/56252" 90 91 # No reinitiation is performed 92 atf_check -s exit:0 -o match:"$latest_handshake" \ 93 $HIJACKING wgconfig wg0 show peer peer0 94 95 # Wait for a reinitiation to be performed 96 sleep $rekey_after_time 97 98 $ping $ip_wg_peer 99 100 # A reinitiation should be performed 101 atf_check -s exit:0 -o not-match:"$latest_handshake" \ 102 $HIJACKING wgconfig wg0 show peer peer0 103 104 latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ 105 | awk -F ': ' '/latest-handshake/ {print $2;}') 106 $DEBUG && echo $latest_handshake 107 108 # Wait for a reinitiation to be performed again 109 sleep $((rekey_after_time+1)) 110 111 $ping $ip_wg_peer 112 113 # A reinitiation should be performed 114 atf_check -s exit:0 -o not-match:"$latest_handshake" \ 115 $HIJACKING wgconfig wg0 show peer peer0 116 117 destroy_wg_interfaces 118 119 atf_fail "failed to trigger PR kern/56252" 120 } 121 122 wg_rekey_cleanup() 123 { 124 125 $DEBUG && dump 126 cleanup 127 } 128 129 atf_test_case wg_handshake_timeout cleanup 130 wg_handshake_timeout_head() 131 { 132 133 atf_set "descr" "tests of handshake timeout of wg(4)" 134 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 135 } 136 137 wg_handshake_timeout_body() 138 { 139 local ifconfig="atf_check -s exit:0 rump.ifconfig" 140 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 141 local ip_local=192.168.1.1 142 local ip_peer=192.168.1.2 143 local ip_wg_local=10.0.0.1 144 local ip_wg_peer=10.0.0.2 145 local port=51820 146 local rekey_after_time=3 147 local outfile=./out 148 local rekey_timeout=3 149 local rekey_attempt_time=8 150 local n= 151 152 setup_servers 153 154 export RUMP_SERVER=$SOCK_LOCAL 155 atf_check -s exit:0 -o ignore \ 156 rump.sysctl -w net.wg.rekey_timeout=$rekey_timeout 157 atf_check -s exit:0 -o ignore \ 158 rump.sysctl -w net.wg.rekey_attempt_time=$rekey_attempt_time 159 export RUMP_SERVER=$SOCK_PEER 160 atf_check -s exit:0 -o ignore \ 161 rump.sysctl -w net.wg.rekey_timeout=$rekey_timeout 162 atf_check -s exit:0 -o ignore \ 163 rump.sysctl -w net.wg.rekey_attempt_time=$rekey_attempt_time 164 165 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 166 generate_keys 167 168 export RUMP_SERVER=$SOCK_LOCAL 169 setup_common shmif0 inet $ip_local 24 170 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 171 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 172 $ifconfig -w 10 173 174 export RUMP_SERVER=$SOCK_PEER 175 setup_common shmif0 inet $ip_peer 24 176 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 177 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 178 $ifconfig -w 10 179 180 # Resolve arp 181 export RUMP_SERVER=$SOCK_LOCAL 182 $ping $ip_peer 183 184 export RUMP_SERVER=$SOCK_PEER 185 $ifconfig shmif0 down 186 export RUMP_SERVER=$SOCK_LOCAL 187 188 extract_new_packets $BUS > $outfile 189 190 # Should fail 191 atf_check -s not-exit:0 -o match:'100.0% packet loss' \ 192 rump.ping -n -c 1 -w 1 $ip_wg_peer 193 194 sleep $((rekey_attempt_time + rekey_timeout)) 195 196 extract_new_packets $BUS > $outfile 197 $DEBUG && cat $outfile 198 199 n=$(grep "$ip_local.$port > $ip_peer.$port" $outfile |wc -l) 200 201 atf_expect_fail "PR kern/56252" 202 203 # Give up handshaking after three attempts 204 atf_check_equal $n 3 205 206 export RUMP_SERVER=$SOCK_PEER 207 $ifconfig shmif0 up 208 export RUMP_SERVER=$SOCK_LOCAL 209 210 destroy_wg_interfaces 211 212 atf_fail "failed to trigger PR kern/56252" 213 } 214 215 wg_handshake_timeout_cleanup() 216 { 217 218 $DEBUG && dump 219 cleanup 220 } 221 222 atf_test_case wg_cookie cleanup 223 wg_cookie_head() 224 { 225 226 atf_set "descr" "tests of cookie messages of the wg(4) protocol" 227 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 228 } 229 230 wg_cookie_body() 231 { 232 local ifconfig="atf_check -s exit:0 rump.ifconfig" 233 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 234 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 235 local ip_local=192.168.1.1 236 local ip_peer=192.168.1.2 237 local ip_wg_local=10.0.0.1 238 local ip_wg_peer=10.0.0.2 239 local port=51820 240 local outfile=./out 241 local rekey_timeout=5 242 243 setup_servers 244 245 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 246 generate_keys 247 248 export RUMP_SERVER=$SOCK_LOCAL 249 setup_common shmif0 inet $ip_local 24 250 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 251 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 252 $ifconfig -w 10 253 254 export RUMP_SERVER=$SOCK_PEER 255 setup_common shmif0 inet $ip_peer 24 256 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 257 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 258 $ifconfig -w 10 259 260 export RUMP_SERVER=$SOCK_PEER 261 # Emulate load on the peer 262 atf_check -s exit:0 -o ignore \ 263 rump.sysctl -w net.wg.force_underload=1 264 265 export RUMP_SERVER=$SOCK_LOCAL 266 267 extract_new_packets $BUS > $outfile 268 $DEBUG && cat $outfile 269 270 # The peer doesn't return a response message but a cookie message 271 # and a session doesn't start 272 $ping_fail $ip_wg_peer 273 274 atf_expect_fail "PR kern/56252" 275 276 extract_new_packets $BUS > $outfile 277 $DEBUG && cat $outfile 278 # XXX length 64 indicates the message is a cookie message 279 atf_check -s exit:0 \ 280 -o match:"$ip_peer.$port > $ip_local.$port: UDP, length 64" \ 281 cat $outfile 282 283 $DEBUG && $HIJACKING wgconfig wg0 show all 284 atf_check -s exit:0 -o match:"latest-handshake: \(never\)" \ 285 $HIJACKING wgconfig wg0 286 287 # Wait for restarting a session 288 sleep $rekey_timeout 289 290 # The second attempt should be success because the init message has 291 # a valid cookie. 292 $ping $ip_wg_peer 293 294 $DEBUG && $HIJACKING wgconfig wg0 show all 295 atf_check -s exit:0 -o not-match:"latest-handshake: \(never\)" \ 296 $HIJACKING wgconfig wg0 297 298 destroy_wg_interfaces 299 300 atf_fail "failed to trigger PR kern/56252" 301 } 302 303 wg_cookie_cleanup() 304 { 305 306 $DEBUG && dump 307 cleanup 308 } 309 310 atf_test_case wg_mobility cleanup 311 wg_mobility_head() 312 { 313 314 atf_set "descr" "tests of the mobility of wg(4)" 315 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 316 } 317 318 wg_mobility_body() 319 { 320 local ifconfig="atf_check -s exit:0 rump.ifconfig" 321 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 322 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 323 local ip_local=192.168.1.1 324 local ip_peer=192.168.1.2 325 local ip_peer_new=192.168.1.3 326 local ip_wg_local=10.0.0.1 327 local ip_wg_peer=10.0.0.2 328 local port=51820 329 local outfile=./out 330 331 setup_servers 332 333 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 334 generate_keys 335 336 export RUMP_SERVER=$SOCK_LOCAL 337 setup_common shmif0 inet $ip_local 24 338 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 339 # Initially, the local doesn't know the endpoint of the peer 340 add_peer wg0 peer0 $key_pub_peer "" $ip_wg_peer/32 341 $ifconfig -w 10 342 343 export RUMP_SERVER=$SOCK_PEER 344 setup_common shmif0 inet $ip_peer 24 345 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 346 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 347 $ifconfig -w 10 348 349 extract_new_packets $BUS > $outfile 350 $DEBUG && cat $outfile 351 352 # Ping from the local to the peer doesn't work because the local 353 # doesn't know the endpoint of the peer 354 export RUMP_SERVER=$SOCK_LOCAL 355 $ping_fail $ip_wg_peer 356 357 atf_expect_fail "PR kern/56252" 358 359 extract_new_packets $BUS > $outfile 360 $DEBUG && cat $outfile 361 362 export RUMP_SERVER=$SOCK_PEER 363 $ping $ip_wg_local 364 365 extract_new_packets $BUS > $outfile 366 $DEBUG && cat $outfile 367 368 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer.$port" cat $outfile 369 370 # Change the IP address of the peer 371 setup_common shmif0 inet $ip_peer_new 24 372 $ifconfig -w 10 373 374 # Ping from the local to the peer doesn't work because the local 375 # doesn't know the change of the IP address of the peer 376 export RUMP_SERVER=$SOCK_LOCAL 377 $ping_fail $ip_wg_peer 378 379 extract_new_packets $BUS > $outfile 380 $DEBUG && cat $outfile 381 382 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer.$port" cat $outfile 383 384 # Ping from the peer to the local works because the local notices 385 # the change and updates the IP address of the peer 386 export RUMP_SERVER=$SOCK_PEER 387 $ping $ip_wg_local 388 389 extract_new_packets $BUS > $outfile 390 $DEBUG && cat $outfile 391 392 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer_new.$port" cat $outfile 393 atf_check -s exit:0 -o match:"$ip_peer_new.$port > $ip_local.$port" cat $outfile 394 atf_check -s exit:0 -o not-match:"$ip_local.$port > $ip_peer.$port" cat $outfile 395 396 destroy_wg_interfaces 397 398 atf_fail "failed to trigger PR kern/56252" 399 } 400 401 wg_mobility_cleanup() 402 { 403 404 $DEBUG && dump 405 cleanup 406 } 407 408 atf_test_case wg_keepalive cleanup 409 wg_keepalive_head() 410 { 411 412 atf_set "descr" "tests keepalive messages" 413 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 414 } 415 416 wg_keepalive_body() 417 { 418 local ifconfig="atf_check -s exit:0 rump.ifconfig" 419 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 420 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 421 local ip_local=192.168.1.1 422 local ip_peer=192.168.1.2 423 local ip_peer_new=192.168.1.3 424 local ip_wg_local=10.0.0.1 425 local ip_wg_peer=10.0.0.2 426 local port=51820 427 local outfile=./out 428 local keepalive_timeout=3 429 430 setup_servers 431 432 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 433 generate_keys 434 435 export RUMP_SERVER=$SOCK_LOCAL 436 setup_common shmif0 inet $ip_local 24 437 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 438 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 439 $ifconfig -w 10 440 441 export RUMP_SERVER=$SOCK_PEER 442 setup_common shmif0 inet $ip_peer 24 443 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 444 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 445 $ifconfig -w 10 446 447 # Shorten keepalive_timeout of the peer 448 atf_check -s exit:0 -o ignore \ 449 rump.sysctl -w net.wg.keepalive_timeout=$keepalive_timeout 450 451 export RUMP_SERVER=$SOCK_LOCAL 452 453 extract_new_packets $BUS > $outfile 454 $DEBUG && cat $outfile 455 456 $ping $ip_wg_peer 457 458 extract_new_packets $BUS > $outfile 459 $DEBUG && cat $outfile 460 461 sleep $((keepalive_timeout + 1)) 462 463 $ping $ip_wg_peer 464 465 extract_new_packets $BUS > $outfile 466 $DEBUG && cat $outfile 467 468 # XXX length 32 indicates the message is a keepalive (empty) message 469 atf_check -s exit:0 -o match:"$ip_peer.$port > $ip_local.$port: UDP, length 32" \ 470 cat $outfile 471 472 destroy_wg_interfaces 473 } 474 475 wg_keepalive_cleanup() 476 { 477 478 $DEBUG && dump 479 cleanup 480 } 481 482 atf_test_case wg_psk cleanup 483 wg_psk_head() 484 { 485 486 atf_set "descr" "tests preshared-key" 487 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 488 } 489 490 test_psk_common() 491 { 492 } 493 494 wg_psk_body() 495 { 496 local ifconfig="atf_check -s exit:0 rump.ifconfig" 497 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 498 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 499 local ip_local=192.168.1.1 500 local ip_peer=192.168.1.2 501 local ip_peer_new=192.168.1.3 502 local ip_wg_local=10.0.0.1 503 local ip_wg_peer=10.0.0.2 504 local port=51820 505 local outfile=./out 506 local pskfile=./psk 507 local rekey_after_time=3 508 509 setup_servers 510 511 export RUMP_SERVER=$SOCK_LOCAL 512 atf_check -s exit:0 -o ignore \ 513 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 514 export RUMP_SERVER=$SOCK_PEER 515 atf_check -s exit:0 -o ignore \ 516 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 517 518 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 519 generate_keys 520 key_psk=$(wg-keygen --psk) 521 $DEBUG && echo $key_psk 522 523 export RUMP_SERVER=$SOCK_LOCAL 524 setup_common shmif0 inet $ip_local 24 525 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 526 527 export RUMP_SERVER=$SOCK_PEER 528 setup_common shmif0 inet $ip_peer 24 529 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 530 531 echo "$key_psk" > $pskfile 532 533 export RUMP_SERVER=$SOCK_LOCAL 534 535 # The local always has the preshared key 536 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 \ 537 $pskfile "$key_psk" 538 $ifconfig -w 10 539 540 export RUMP_SERVER=$SOCK_PEER 541 542 # First, try the peer without the preshared key 543 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 544 $ifconfig -w 10 545 546 export RUMP_SERVER=$SOCK_LOCAL 547 548 extract_new_packets $BUS > $outfile 549 $DEBUG && cat $outfile 550 551 $ping_fail $ip_wg_peer 552 553 extract_new_packets $BUS > $outfile 554 $DEBUG && cat $outfile 555 556 # Next, try with the preshared key 557 export RUMP_SERVER=$SOCK_PEER 558 delete_peer wg0 peer0 559 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 \ 560 $pskfile "$key_psk" 561 $ifconfig -w 10 562 563 # Need a rekey 564 atf_check -s exit:0 sleep $((rekey_after_time + 1)) 565 566 export RUMP_SERVER=$SOCK_LOCAL 567 568 extract_new_packets $BUS > $outfile 569 $DEBUG && cat $outfile 570 571 $ping $ip_wg_peer 572 573 extract_new_packets $BUS > $outfile 574 $DEBUG && cat $outfile 575 576 # Then, try again without the preshared key just in case 577 export RUMP_SERVER=$SOCK_PEER 578 delete_peer wg0 peer0 579 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 580 $ifconfig -w 10 581 582 # Need a rekey 583 atf_check -s exit:0 sleep $((rekey_after_time + 1)) 584 585 export RUMP_SERVER=$SOCK_LOCAL 586 $ping_fail $ip_wg_peer 587 588 rm -f $pskfile 589 590 destroy_wg_interfaces 591 } 592 593 wg_psk_cleanup() 594 { 595 596 $DEBUG && dump 597 cleanup 598 } 599 600 atf_test_case wg_malformed cleanup 601 wg_malformed_head() 602 { 603 604 atf_set "descr" "tests malformed packet headers" 605 atf_set "require.progs" "nc" "rump_server" "wgconfig" "wg-keygen" 606 atf_set "timeout" "100" 607 } 608 609 wg_malformed_body() 610 { 611 local ifconfig="atf_check -s exit:0 rump.ifconfig" 612 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 613 local ip_local=192.168.1.1 614 local ip_peer=192.168.1.2 615 local ip_wg_local=10.0.0.1 616 local ip_wg_peer=10.0.0.2 617 local port=51820 618 setup_servers 619 620 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 621 generate_keys 622 623 export RUMP_SERVER=$SOCK_LOCAL 624 setup_common shmif0 inet $ip_local 24 625 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 626 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 627 $ifconfig -w 10 628 629 export RUMP_SERVER=$SOCK_PEER 630 setup_common shmif0 inet $ip_peer 24 631 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 632 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 633 $ifconfig -w 10 634 635 export RUMP_SERVER=$SOCK_LOCAL 636 637 $ping $ip_wg_peer 638 639 printf 'send malformed packets\n' 640 641 $HIJACKING ping -c 1 -n $ip_peer 642 643 printf 'x' | $HIJACKING nc -Nu -w 0 $ip_peer $port 644 printf 'xy' | $HIJACKING nc -Nu -w 0 $ip_peer $port 645 printf 'xyz' | $HIJACKING nc -Nu -w 0 $ip_peer $port 646 printf 'xyzw' | $HIJACKING nc -Nu -w 0 $ip_peer $port 647 printf '\x00\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 648 printf '\x00\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 649 printf '\x01\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 650 printf '\x01\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 651 printf '\x02\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 652 printf '\x02\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 653 printf '\x03\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 654 printf '\x03\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 655 printf '\x04\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 656 printf '\x04\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 657 658 printf 'done sending malformed packets\n' 659 660 $ping $ip_wg_peer 661 } 662 663 wg_malformed_cleanup() 664 { 665 666 $DEBUG && dump 667 cleanup 668 } 669 670 atf_init_test_cases() 671 { 672 673 atf_add_test_case wg_rekey 674 atf_add_test_case wg_handshake_timeout 675 atf_add_test_case wg_cookie 676 atf_add_test_case wg_mobility 677 atf_add_test_case wg_keepalive 678 atf_add_test_case wg_psk 679 atf_add_test_case wg_malformed 680 } 681
Indexes created Mon Sep 29 21:09:56 GMT 2025