t_misc.sh revision 1.14
1 # $NetBSD: t_misc.sh,v 1.14 2024/07/28 14:46:44 riastradh Exp $ 2 # 3 # Copyright (c) 2018 Ryota Ozaki <ozaki.ryota (at] gmail.com> 4 # All rights reserved. 5 # 6 # Redistribution and use in source and binary forms, with or without 7 # modification, are permitted provided that the following conditions 8 # are met: 9 # 1. Redistributions of source code must retain the above copyright 10 # notice, this list of conditions and the following disclaimer. 11 # 2. Redistributions in binary form must reproduce the above copyright 12 # notice, this list of conditions and the following disclaimer in the 13 # documentation and/or other materials provided with the distribution. 14 # 15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 # POSSIBILITY OF SUCH DAMAGE. 26 # 27 28 BUS=bus 29 SOCK_LOCAL=unix://wg_local 30 SOCK_PEER=unix://wg_peer 31 32 33 atf_test_case wg_rekey cleanup 34 wg_rekey_head() 35 { 36 37 atf_set "descr" "tests of rekeying of wg(4)" 38 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 39 } 40 41 wg_rekey_body() 42 { 43 local ifconfig="atf_check -s exit:0 rump.ifconfig" 44 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 45 local ip_local=192.168.1.1 46 local ip_peer=192.168.1.2 47 local ip_wg_local=10.0.0.1 48 local ip_wg_peer=10.0.0.2 49 local port=51820 50 local rekey_after_time=3 51 local latest_handshake= 52 53 setup_servers 54 55 export RUMP_SERVER=$SOCK_LOCAL 56 atf_check -s exit:0 -o ignore \ 57 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 58 export RUMP_SERVER=$SOCK_PEER 59 atf_check -s exit:0 -o ignore \ 60 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 61 62 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 63 generate_keys 64 65 export RUMP_SERVER=$SOCK_LOCAL 66 setup_common shmif0 inet $ip_local 24 67 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 68 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 69 $ifconfig -w 10 70 71 export RUMP_SERVER=$SOCK_PEER 72 setup_common shmif0 inet $ip_peer 24 73 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 74 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 75 $ifconfig -w 10 76 77 export RUMP_SERVER=$SOCK_LOCAL 78 79 $ping $ip_wg_peer 80 81 latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ 82 | awk -F ': ' '/latest-handshake/ {print $2;}') 83 $DEBUG && echo handshake1=$latest_handshake 84 85 sleep 1 86 87 $ping $ip_wg_peer 88 89 atf_expect_fail "PR kern/56252" 90 91 # No reinitiation is performed 92 atf_check -s exit:0 -o match:"$latest_handshake" \ 93 $HIJACKING wgconfig wg0 show peer peer0 94 95 # Wait for a reinitiation to be performed 96 sleep $rekey_after_time 97 98 $ping $ip_wg_peer 99 100 # A reinitiation should be performed 101 atf_check -s exit:0 -o not-match:"$latest_handshake" \ 102 $HIJACKING wgconfig wg0 show peer peer0 103 104 latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ 105 | awk -F ': ' '/latest-handshake/ {print $2;}') 106 $DEBUG && echo handshake2=$latest_handshake 107 108 # Wait for a reinitiation to be performed again 109 sleep $((rekey_after_time+1)) 110 111 $ping $ip_wg_peer 112 113 # A reinitiation should be performed 114 atf_check -s exit:0 -o not-match:"$latest_handshake" \ 115 $HIJACKING wgconfig wg0 show peer peer0 116 117 destroy_wg_interfaces 118 119 atf_fail "failed to trigger PR kern/56252" 120 } 121 122 wg_rekey_cleanup() 123 { 124 125 $DEBUG && dump 126 cleanup 127 } 128 129 atf_test_case wg_handshake_timeout cleanup 130 wg_handshake_timeout_head() 131 { 132 133 atf_set "descr" "tests of handshake timeout of wg(4)" 134 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 135 } 136 137 wg_handshake_timeout_body() 138 { 139 local ifconfig="atf_check -s exit:0 rump.ifconfig" 140 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 141 local ip_local=192.168.1.1 142 local ip_peer=192.168.1.2 143 local ip_wg_local=10.0.0.1 144 local ip_wg_peer=10.0.0.2 145 local port=51820 146 local outfile=./out 147 local rekey_timeout=4 148 local rekey_attempt_time=10 149 local n= 150 151 setup_servers 152 153 export RUMP_SERVER=$SOCK_LOCAL 154 atf_check -s exit:0 -o ignore \ 155 rump.sysctl -w net.wg.rekey_timeout=$rekey_timeout 156 atf_check -s exit:0 -o ignore \ 157 rump.sysctl -w net.wg.rekey_attempt_time=$rekey_attempt_time 158 export RUMP_SERVER=$SOCK_PEER 159 atf_check -s exit:0 -o ignore \ 160 rump.sysctl -w net.wg.rekey_timeout=$rekey_timeout 161 atf_check -s exit:0 -o ignore \ 162 rump.sysctl -w net.wg.rekey_attempt_time=$rekey_attempt_time 163 164 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 165 generate_keys 166 167 export RUMP_SERVER=$SOCK_LOCAL 168 setup_common shmif0 inet $ip_local 24 169 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 170 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 171 $ifconfig -w 10 172 173 export RUMP_SERVER=$SOCK_PEER 174 setup_common shmif0 inet $ip_peer 24 175 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 176 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 177 $ifconfig -w 10 178 179 # Resolve arp 180 export RUMP_SERVER=$SOCK_LOCAL 181 $ping $ip_peer 182 183 export RUMP_SERVER=$SOCK_PEER 184 $ifconfig shmif0 down 185 export RUMP_SERVER=$SOCK_LOCAL 186 187 extract_new_packets $BUS > $outfile 188 189 # Should fail 190 atf_check -s not-exit:0 -o match:'100.0% packet loss' \ 191 rump.ping -n -c 1 -w 1 $ip_wg_peer 192 193 sleep $((rekey_attempt_time + rekey_timeout)) 194 195 extract_new_packets $BUS > $outfile 196 $DEBUG && cat $outfile 197 198 n=$(grep "$ip_local.$port > $ip_peer.$port" $outfile |wc -l) 199 200 atf_expect_fail "PR kern/56252" 201 202 # Give up handshaking after three attempts 203 atf_check_equal $n 3 204 205 export RUMP_SERVER=$SOCK_PEER 206 $ifconfig shmif0 up 207 export RUMP_SERVER=$SOCK_LOCAL 208 209 destroy_wg_interfaces 210 211 atf_fail "failed to trigger PR kern/56252" 212 } 213 214 wg_handshake_timeout_cleanup() 215 { 216 217 $DEBUG && dump 218 cleanup 219 } 220 221 atf_test_case wg_cookie cleanup 222 wg_cookie_head() 223 { 224 225 atf_set "descr" "tests of cookie messages of the wg(4) protocol" 226 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 227 } 228 229 wg_cookie_body() 230 { 231 local ifconfig="atf_check -s exit:0 rump.ifconfig" 232 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 233 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 234 local ip_local=192.168.1.1 235 local ip_peer=192.168.1.2 236 local ip_wg_local=10.0.0.1 237 local ip_wg_peer=10.0.0.2 238 local port=51820 239 local outfile=./out 240 local rekey_timeout=5 241 242 setup_servers 243 244 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 245 generate_keys 246 247 export RUMP_SERVER=$SOCK_LOCAL 248 setup_common shmif0 inet $ip_local 24 249 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 250 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 251 $ifconfig -w 10 252 253 export RUMP_SERVER=$SOCK_PEER 254 setup_common shmif0 inet $ip_peer 24 255 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 256 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 257 $ifconfig -w 10 258 259 export RUMP_SERVER=$SOCK_PEER 260 # Emulate load on the peer 261 atf_check -s exit:0 -o ignore \ 262 rump.sysctl -w net.wg.force_underload=1 263 264 export RUMP_SERVER=$SOCK_LOCAL 265 266 extract_new_packets $BUS > $outfile 267 $DEBUG && cat $outfile 268 269 # The peer doesn't return a response message but a cookie message 270 # and a session doesn't start 271 $ping_fail $ip_wg_peer 272 273 atf_expect_fail "PR kern/56252" 274 275 extract_new_packets $BUS > $outfile 276 $DEBUG && cat $outfile 277 # XXX length 64 indicates the message is a cookie message 278 atf_check -s exit:0 \ 279 -o match:"$ip_peer.$port > $ip_local.$port: UDP, length 64" \ 280 cat $outfile 281 282 $DEBUG && $HIJACKING wgconfig wg0 show all 283 atf_check -s exit:0 -o match:"latest-handshake: \(never\)" \ 284 $HIJACKING wgconfig wg0 285 286 # Wait for restarting a session 287 sleep $rekey_timeout 288 289 # The second attempt should be success because the init message has 290 # a valid cookie. 291 $ping $ip_wg_peer 292 293 $DEBUG && $HIJACKING wgconfig wg0 show all 294 atf_check -s exit:0 -o not-match:"latest-handshake: \(never\)" \ 295 $HIJACKING wgconfig wg0 296 297 destroy_wg_interfaces 298 299 atf_fail "failed to trigger PR kern/56252" 300 } 301 302 wg_cookie_cleanup() 303 { 304 305 $DEBUG && dump 306 cleanup 307 } 308 309 atf_test_case wg_mobility cleanup 310 wg_mobility_head() 311 { 312 313 atf_set "descr" "tests of the mobility of wg(4)" 314 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 315 } 316 317 wg_mobility_body() 318 { 319 local ifconfig="atf_check -s exit:0 rump.ifconfig" 320 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 321 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 322 local ip_local=192.168.1.1 323 local ip_peer=192.168.1.2 324 local ip_peer_new=192.168.1.3 325 local ip_wg_local=10.0.0.1 326 local ip_wg_peer=10.0.0.2 327 local port=51820 328 local outfile=./out 329 330 setup_servers 331 332 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 333 generate_keys 334 335 export RUMP_SERVER=$SOCK_LOCAL 336 setup_common shmif0 inet $ip_local 24 337 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 338 # Initially, the local doesn't know the endpoint of the peer 339 add_peer wg0 peer0 $key_pub_peer "" $ip_wg_peer/32 340 $ifconfig -w 10 341 342 export RUMP_SERVER=$SOCK_PEER 343 setup_common shmif0 inet $ip_peer 24 344 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 345 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 346 $ifconfig -w 10 347 348 extract_new_packets $BUS > $outfile 349 $DEBUG && cat $outfile 350 351 # Ping from the local to the peer doesn't work because the local 352 # doesn't know the endpoint of the peer 353 export RUMP_SERVER=$SOCK_LOCAL 354 $ping_fail $ip_wg_peer 355 356 atf_expect_fail "PR kern/56252" 357 358 extract_new_packets $BUS > $outfile 359 $DEBUG && cat $outfile 360 361 export RUMP_SERVER=$SOCK_PEER 362 $ping $ip_wg_local 363 364 extract_new_packets $BUS > $outfile 365 $DEBUG && cat $outfile 366 367 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer.$port" cat $outfile 368 369 # Change the IP address of the peer 370 setup_common shmif0 inet $ip_peer_new 24 371 $ifconfig -w 10 372 373 # Ping from the local to the peer doesn't work because the local 374 # doesn't know the change of the IP address of the peer 375 export RUMP_SERVER=$SOCK_LOCAL 376 $ping_fail $ip_wg_peer 377 378 extract_new_packets $BUS > $outfile 379 $DEBUG && cat $outfile 380 381 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer.$port" cat $outfile 382 383 # Ping from the peer to the local works because the local notices 384 # the change and updates the IP address of the peer 385 export RUMP_SERVER=$SOCK_PEER 386 $ping $ip_wg_local 387 388 extract_new_packets $BUS > $outfile 389 $DEBUG && cat $outfile 390 391 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer_new.$port" cat $outfile 392 atf_check -s exit:0 -o match:"$ip_peer_new.$port > $ip_local.$port" cat $outfile 393 atf_check -s exit:0 -o not-match:"$ip_local.$port > $ip_peer.$port" cat $outfile 394 395 destroy_wg_interfaces 396 397 atf_fail "failed to trigger PR kern/56252" 398 } 399 400 wg_mobility_cleanup() 401 { 402 403 $DEBUG && dump 404 cleanup 405 } 406 407 atf_test_case wg_keepalive cleanup 408 wg_keepalive_head() 409 { 410 411 atf_set "descr" "tests keepalive messages" 412 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 413 } 414 415 wg_keepalive_body() 416 { 417 local ifconfig="atf_check -s exit:0 rump.ifconfig" 418 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 419 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 420 local ip_local=192.168.1.1 421 local ip_peer=192.168.1.2 422 local ip_peer_new=192.168.1.3 423 local ip_wg_local=10.0.0.1 424 local ip_wg_peer=10.0.0.2 425 local port=51820 426 local outfile=./out 427 local keepalive_timeout=3 428 429 setup_servers 430 431 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 432 generate_keys 433 434 export RUMP_SERVER=$SOCK_LOCAL 435 setup_common shmif0 inet $ip_local 24 436 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 437 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 438 $ifconfig -w 10 439 440 export RUMP_SERVER=$SOCK_PEER 441 setup_common shmif0 inet $ip_peer 24 442 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 443 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 444 $ifconfig -w 10 445 446 # Shorten keepalive_timeout of the peer 447 atf_check -s exit:0 -o ignore \ 448 rump.sysctl -w net.wg.keepalive_timeout=$keepalive_timeout 449 450 export RUMP_SERVER=$SOCK_LOCAL 451 452 extract_new_packets $BUS > $outfile 453 $DEBUG && cat $outfile 454 455 $ping $ip_wg_peer 456 457 extract_new_packets $BUS > $outfile 458 $DEBUG && cat $outfile 459 460 sleep $((keepalive_timeout + 1)) 461 462 $ping $ip_wg_peer 463 464 extract_new_packets $BUS > $outfile 465 $DEBUG && cat $outfile 466 467 # XXX length 32 indicates the message is a keepalive (empty) message 468 atf_check -s exit:0 -o match:"$ip_peer.$port > $ip_local.$port: UDP, length 32" \ 469 cat $outfile 470 471 destroy_wg_interfaces 472 } 473 474 wg_keepalive_cleanup() 475 { 476 477 $DEBUG && dump 478 cleanup 479 } 480 481 atf_test_case wg_psk cleanup 482 wg_psk_head() 483 { 484 485 atf_set "descr" "tests preshared-key" 486 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 487 } 488 489 test_psk_common() 490 { 491 } 492 493 wg_psk_body() 494 { 495 local ifconfig="atf_check -s exit:0 rump.ifconfig" 496 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 497 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 498 local ip_local=192.168.1.1 499 local ip_peer=192.168.1.2 500 local ip_peer_new=192.168.1.3 501 local ip_wg_local=10.0.0.1 502 local ip_wg_peer=10.0.0.2 503 local port=51820 504 local outfile=./out 505 local pskfile=./psk 506 local rekey_after_time=3 507 508 setup_servers 509 510 export RUMP_SERVER=$SOCK_LOCAL 511 atf_check -s exit:0 -o ignore \ 512 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 513 export RUMP_SERVER=$SOCK_PEER 514 atf_check -s exit:0 -o ignore \ 515 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 516 517 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 518 generate_keys 519 key_psk=$(wg-keygen --psk) 520 $DEBUG && echo $key_psk 521 522 export RUMP_SERVER=$SOCK_LOCAL 523 setup_common shmif0 inet $ip_local 24 524 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 525 526 export RUMP_SERVER=$SOCK_PEER 527 setup_common shmif0 inet $ip_peer 24 528 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 529 530 echo "$key_psk" > $pskfile 531 532 export RUMP_SERVER=$SOCK_LOCAL 533 534 # The local always has the preshared key 535 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 \ 536 $pskfile "$key_psk" 537 $ifconfig -w 10 538 539 export RUMP_SERVER=$SOCK_PEER 540 541 # First, try the peer without the preshared key 542 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 543 $ifconfig -w 10 544 545 export RUMP_SERVER=$SOCK_LOCAL 546 547 extract_new_packets $BUS > $outfile 548 $DEBUG && cat $outfile 549 550 $ping_fail $ip_wg_peer 551 552 extract_new_packets $BUS > $outfile 553 $DEBUG && cat $outfile 554 555 # Next, try with the preshared key 556 export RUMP_SERVER=$SOCK_PEER 557 delete_peer wg0 peer0 558 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 \ 559 $pskfile "$key_psk" 560 $ifconfig -w 10 561 562 # Need a rekey 563 atf_check -s exit:0 sleep $((rekey_after_time + 1)) 564 565 export RUMP_SERVER=$SOCK_LOCAL 566 567 extract_new_packets $BUS > $outfile 568 $DEBUG && cat $outfile 569 570 $ping $ip_wg_peer 571 572 extract_new_packets $BUS > $outfile 573 $DEBUG && cat $outfile 574 575 # Then, try again without the preshared key just in case 576 export RUMP_SERVER=$SOCK_PEER 577 delete_peer wg0 peer0 578 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 579 $ifconfig -w 10 580 581 # Need a rekey 582 atf_check -s exit:0 sleep $((rekey_after_time + 1)) 583 584 export RUMP_SERVER=$SOCK_LOCAL 585 $ping_fail $ip_wg_peer 586 587 rm -f $pskfile 588 589 destroy_wg_interfaces 590 } 591 592 wg_psk_cleanup() 593 { 594 595 $DEBUG && dump 596 cleanup 597 } 598 599 atf_test_case wg_malformed cleanup 600 wg_malformed_head() 601 { 602 603 atf_set "descr" "tests malformed packet headers" 604 atf_set "require.progs" "nc" "rump_server" "wgconfig" "wg-keygen" 605 atf_set "timeout" "100" 606 } 607 608 wg_malformed_body() 609 { 610 local ifconfig="atf_check -s exit:0 rump.ifconfig" 611 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 612 local ip_local=192.168.1.1 613 local ip_peer=192.168.1.2 614 local ip_wg_local=10.0.0.1 615 local ip_wg_peer=10.0.0.2 616 local port=51820 617 setup_servers 618 619 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 620 generate_keys 621 622 export RUMP_SERVER=$SOCK_LOCAL 623 setup_common shmif0 inet $ip_local 24 624 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 625 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 626 $ifconfig -w 10 627 628 export RUMP_SERVER=$SOCK_PEER 629 setup_common shmif0 inet $ip_peer 24 630 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 631 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 632 $ifconfig -w 10 633 634 export RUMP_SERVER=$SOCK_LOCAL 635 636 $ping $ip_wg_peer 637 638 printf 'send malformed packets\n' 639 640 $HIJACKING ping -c 1 -n $ip_peer 641 642 printf 'x' | $HIJACKING nc -Nu -w 0 $ip_peer $port 643 printf 'xy' | $HIJACKING nc -Nu -w 0 $ip_peer $port 644 printf 'xyz' | $HIJACKING nc -Nu -w 0 $ip_peer $port 645 printf 'xyzw' | $HIJACKING nc -Nu -w 0 $ip_peer $port 646 printf '\x00\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 647 printf '\x00\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 648 printf '\x01\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 649 printf '\x01\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 650 printf '\x02\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 651 printf '\x02\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 652 printf '\x03\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 653 printf '\x03\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 654 printf '\x04\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 655 printf '\x04\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 656 657 printf 'done sending malformed packets\n' 658 659 $ping $ip_wg_peer 660 } 661 662 wg_malformed_cleanup() 663 { 664 665 $DEBUG && dump 666 cleanup 667 } 668 669 atf_init_test_cases() 670 { 671 672 atf_add_test_case wg_rekey 673 atf_add_test_case wg_handshake_timeout 674 atf_add_test_case wg_cookie 675 atf_add_test_case wg_mobility 676 atf_add_test_case wg_keepalive 677 atf_add_test_case wg_psk 678 atf_add_test_case wg_malformed 679 } 680
Indexes created Fri Sep 26 20:09:58 GMT 2025