t_misc.sh revision 1.8
1 # $NetBSD: t_misc.sh,v 1.8 2021/06/16 23:45:52 riastradh Exp $ 2 # 3 # Copyright (c) 2018 Ryota Ozaki <ozaki.ryota (at] gmail.com> 4 # All rights reserved. 5 # 6 # Redistribution and use in source and binary forms, with or without 7 # modification, are permitted provided that the following conditions 8 # are met: 9 # 1. Redistributions of source code must retain the above copyright 10 # notice, this list of conditions and the following disclaimer. 11 # 2. Redistributions in binary form must reproduce the above copyright 12 # notice, this list of conditions and the following disclaimer in the 13 # documentation and/or other materials provided with the distribution. 14 # 15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 # POSSIBILITY OF SUCH DAMAGE. 26 # 27 28 BUS=bus 29 SOCK_LOCAL=unix://wg_local 30 SOCK_PEER=unix://wg_peer 31 32 33 atf_test_case wg_rekey cleanup 34 wg_rekey_head() 35 { 36 37 atf_set "descr" "tests of rekeying of wg(4)" 38 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 39 } 40 41 wg_rekey_body() 42 { 43 local ifconfig="atf_check -s exit:0 rump.ifconfig" 44 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 45 local ip_local=192.168.1.1 46 local ip_peer=192.168.1.2 47 local ip_wg_local=10.0.0.1 48 local ip_wg_peer=10.0.0.2 49 local port=51820 50 local rekey_after_time=3 51 local latest_handshake= 52 53 setup_servers 54 55 export RUMP_SERVER=$SOCK_LOCAL 56 atf_check -s exit:0 -o ignore \ 57 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 58 export RUMP_SERVER=$SOCK_PEER 59 atf_check -s exit:0 -o ignore \ 60 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 61 62 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 63 generate_keys 64 65 export RUMP_SERVER=$SOCK_LOCAL 66 setup_common shmif0 inet $ip_local 24 67 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 68 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 69 $ifconfig -w 10 70 71 export RUMP_SERVER=$SOCK_PEER 72 setup_common shmif0 inet $ip_peer 24 73 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 74 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 75 $ifconfig -w 10 76 77 export RUMP_SERVER=$SOCK_LOCAL 78 79 $ping $ip_wg_peer 80 81 latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ 82 | awk -F ': ' '/latest-handshake/ {print $2;}') 83 $DEBUG && echo $latest_handshake 84 85 sleep 1 86 87 $ping $ip_wg_peer 88 89 # No reinitiation is performed 90 atf_check -s exit:0 -o match:"$latest_handshake" \ 91 $HIJACKING wgconfig wg0 show peer peer0 92 93 # Wait for a reinitiation to be performed 94 sleep $rekey_after_time 95 96 $ping $ip_wg_peer 97 98 # A reinitiation should be performed 99 atf_check -s exit:0 -o not-match:"$latest_handshake" \ 100 $HIJACKING wgconfig wg0 show peer peer0 101 102 latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ 103 | awk -F ': ' '/latest-handshake/ {print $2;}') 104 $DEBUG && echo $latest_handshake 105 106 # Wait for a reinitiation to be performed again 107 sleep $((rekey_after_time+1)) 108 109 $ping $ip_wg_peer 110 111 # A reinitiation should be performed 112 atf_check -s exit:0 -o not-match:"$latest_handshake" \ 113 $HIJACKING wgconfig wg0 show peer peer0 114 115 destroy_wg_interfaces 116 } 117 118 wg_rekey_cleanup() 119 { 120 121 $DEBUG && dump 122 cleanup 123 } 124 125 atf_test_case wg_handshake_timeout cleanup 126 wg_handshake_timeout_head() 127 { 128 129 atf_set "descr" "tests of handshake timeout of wg(4)" 130 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 131 } 132 133 wg_handshake_timeout_body() 134 { 135 local ifconfig="atf_check -s exit:0 rump.ifconfig" 136 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 137 local ip_local=192.168.1.1 138 local ip_peer=192.168.1.2 139 local ip_wg_local=10.0.0.1 140 local ip_wg_peer=10.0.0.2 141 local port=51820 142 local rekey_after_time=3 143 local outfile=./out 144 local rekey_timeout=3 145 local rekey_attempt_time=8 146 local n= 147 148 setup_servers 149 150 export RUMP_SERVER=$SOCK_LOCAL 151 atf_check -s exit:0 -o ignore \ 152 rump.sysctl -w net.wg.rekey_timeout=$rekey_timeout 153 atf_check -s exit:0 -o ignore \ 154 rump.sysctl -w net.wg.rekey_attempt_time=$rekey_attempt_time 155 export RUMP_SERVER=$SOCK_PEER 156 atf_check -s exit:0 -o ignore \ 157 rump.sysctl -w net.wg.rekey_timeout=$rekey_timeout 158 atf_check -s exit:0 -o ignore \ 159 rump.sysctl -w net.wg.rekey_attempt_time=$rekey_attempt_time 160 161 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 162 generate_keys 163 164 export RUMP_SERVER=$SOCK_LOCAL 165 setup_common shmif0 inet $ip_local 24 166 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 167 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 168 $ifconfig -w 10 169 170 export RUMP_SERVER=$SOCK_PEER 171 setup_common shmif0 inet $ip_peer 24 172 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 173 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 174 $ifconfig -w 10 175 176 # Resolve arp 177 export RUMP_SERVER=$SOCK_LOCAL 178 $ping $ip_peer 179 180 export RUMP_SERVER=$SOCK_PEER 181 $ifconfig shmif0 down 182 export RUMP_SERVER=$SOCK_LOCAL 183 184 extract_new_packets $BUS > $outfile 185 186 # Should fail 187 atf_check -s not-exit:0 -o match:'100.0% packet loss' \ 188 rump.ping -n -c 1 -w 1 $ip_wg_peer 189 190 sleep $((rekey_attempt_time + rekey_timeout)) 191 192 extract_new_packets $BUS > $outfile 193 $DEBUG && cat $outfile 194 195 n=$(grep "$ip_local.$port > $ip_peer.$port" $outfile |wc -l) 196 197 # Give up handshaking after three attempts 198 atf_check_equal $n 3 199 200 export RUMP_SERVER=$SOCK_PEER 201 $ifconfig shmif0 up 202 export RUMP_SERVER=$SOCK_LOCAL 203 204 destroy_wg_interfaces 205 } 206 207 wg_handshake_timeout_cleanup() 208 { 209 210 $DEBUG && dump 211 cleanup 212 } 213 214 atf_test_case wg_cookie cleanup 215 wg_cookie_head() 216 { 217 218 atf_set "descr" "tests of cookie messages of the wg(4) protocol" 219 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 220 } 221 222 wg_cookie_body() 223 { 224 local ifconfig="atf_check -s exit:0 rump.ifconfig" 225 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 226 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 227 local ip_local=192.168.1.1 228 local ip_peer=192.168.1.2 229 local ip_wg_local=10.0.0.1 230 local ip_wg_peer=10.0.0.2 231 local port=51820 232 local outfile=./out 233 local rekey_timeout=5 234 235 setup_servers 236 237 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 238 generate_keys 239 240 export RUMP_SERVER=$SOCK_LOCAL 241 setup_common shmif0 inet $ip_local 24 242 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 243 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 244 $ifconfig -w 10 245 246 export RUMP_SERVER=$SOCK_PEER 247 setup_common shmif0 inet $ip_peer 24 248 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 249 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 250 $ifconfig -w 10 251 252 export RUMP_SERVER=$SOCK_PEER 253 # Emulate load on the peer 254 atf_check -s exit:0 -o ignore \ 255 rump.sysctl -w net.wg.force_underload=1 256 257 export RUMP_SERVER=$SOCK_LOCAL 258 259 extract_new_packets $BUS > $outfile 260 $DEBUG && cat $outfile 261 262 # The peer doesn't return a response message but a cookie message 263 # and a session doesn't start 264 $ping_fail $ip_wg_peer 265 266 extract_new_packets $BUS > $outfile 267 $DEBUG && cat $outfile 268 # XXX length 64 indicates the message is a cookie message 269 atf_check -s exit:0 \ 270 -o match:"$ip_peer.$port > $ip_local.$port: UDP, length 64" \ 271 cat $outfile 272 273 $DEBUG && $HIJACKING wgconfig wg0 show all 274 atf_check -s exit:0 -o match:"latest-handshake: \(never\)" \ 275 $HIJACKING wgconfig wg0 276 277 # Wait for restarting a session 278 sleep $rekey_timeout 279 280 # The second attempt should be success because the init message has 281 # a valid cookie. 282 $ping $ip_wg_peer 283 284 $DEBUG && $HIJACKING wgconfig wg0 show all 285 atf_check -s exit:0 -o not-match:"latest-handshake: \(never\)" \ 286 $HIJACKING wgconfig wg0 287 288 destroy_wg_interfaces 289 } 290 291 wg_cookie_cleanup() 292 { 293 294 $DEBUG && dump 295 cleanup 296 } 297 298 atf_test_case wg_mobility cleanup 299 wg_mobility_head() 300 { 301 302 atf_set "descr" "tests of the mobility of wg(4)" 303 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 304 } 305 306 wg_mobility_body() 307 { 308 local ifconfig="atf_check -s exit:0 rump.ifconfig" 309 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 310 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 311 local ip_local=192.168.1.1 312 local ip_peer=192.168.1.2 313 local ip_peer_new=192.168.1.3 314 local ip_wg_local=10.0.0.1 315 local ip_wg_peer=10.0.0.2 316 local port=51820 317 local outfile=./out 318 319 setup_servers 320 321 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 322 generate_keys 323 324 export RUMP_SERVER=$SOCK_LOCAL 325 setup_common shmif0 inet $ip_local 24 326 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 327 # Initially, the local doesn't know the endpoint of the peer 328 add_peer wg0 peer0 $key_pub_peer "" $ip_wg_peer/32 329 $ifconfig -w 10 330 331 export RUMP_SERVER=$SOCK_PEER 332 setup_common shmif0 inet $ip_peer 24 333 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 334 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 335 $ifconfig -w 10 336 337 extract_new_packets $BUS > $outfile 338 $DEBUG && cat $outfile 339 340 # Ping from the local to the peer doesn't work because the local 341 # doesn't know the endpoint of the peer 342 export RUMP_SERVER=$SOCK_LOCAL 343 $ping_fail $ip_wg_peer 344 345 extract_new_packets $BUS > $outfile 346 $DEBUG && cat $outfile 347 348 export RUMP_SERVER=$SOCK_PEER 349 $ping $ip_wg_local 350 351 extract_new_packets $BUS > $outfile 352 $DEBUG && cat $outfile 353 354 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer.$port" cat $outfile 355 356 # Change the IP address of the peer 357 setup_common shmif0 inet $ip_peer_new 24 358 $ifconfig -w 10 359 360 # Ping from the local to the peer doesn't work because the local 361 # doesn't know the change of the IP address of the peer 362 export RUMP_SERVER=$SOCK_LOCAL 363 $ping_fail $ip_wg_peer 364 365 extract_new_packets $BUS > $outfile 366 $DEBUG && cat $outfile 367 368 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer.$port" cat $outfile 369 370 # Ping from the peer to the local works because the local notices 371 # the change and updates the IP address of the peer 372 export RUMP_SERVER=$SOCK_PEER 373 $ping $ip_wg_local 374 375 extract_new_packets $BUS > $outfile 376 $DEBUG && cat $outfile 377 378 atf_check -s exit:0 -o match:"$ip_local.$port > $ip_peer_new.$port" cat $outfile 379 atf_check -s exit:0 -o match:"$ip_peer_new.$port > $ip_local.$port" cat $outfile 380 atf_check -s exit:0 -o not-match:"$ip_local.$port > $ip_peer.$port" cat $outfile 381 382 destroy_wg_interfaces 383 } 384 385 wg_mobility_cleanup() 386 { 387 388 $DEBUG && dump 389 cleanup 390 } 391 392 atf_test_case wg_keepalive cleanup 393 wg_keepalive_head() 394 { 395 396 atf_set "descr" "tests keepalive messages" 397 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 398 } 399 400 wg_keepalive_body() 401 { 402 local ifconfig="atf_check -s exit:0 rump.ifconfig" 403 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 404 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 405 local ip_local=192.168.1.1 406 local ip_peer=192.168.1.2 407 local ip_peer_new=192.168.1.3 408 local ip_wg_local=10.0.0.1 409 local ip_wg_peer=10.0.0.2 410 local port=51820 411 local outfile=./out 412 local keepalive_timeout=3 413 414 setup_servers 415 416 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 417 generate_keys 418 419 export RUMP_SERVER=$SOCK_LOCAL 420 setup_common shmif0 inet $ip_local 24 421 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 422 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 423 $ifconfig -w 10 424 425 export RUMP_SERVER=$SOCK_PEER 426 setup_common shmif0 inet $ip_peer 24 427 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 428 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 429 $ifconfig -w 10 430 431 # Shorten keepalive_timeout of the peer 432 atf_check -s exit:0 -o ignore \ 433 rump.sysctl -w net.wg.keepalive_timeout=$keepalive_timeout 434 435 export RUMP_SERVER=$SOCK_LOCAL 436 437 extract_new_packets $BUS > $outfile 438 $DEBUG && cat $outfile 439 440 $ping $ip_wg_peer 441 442 extract_new_packets $BUS > $outfile 443 $DEBUG && cat $outfile 444 445 sleep $((keepalive_timeout + 1)) 446 447 $ping $ip_wg_peer 448 449 extract_new_packets $BUS > $outfile 450 $DEBUG && cat $outfile 451 452 # XXX length 32 indicates the message is a keepalive (empty) message 453 atf_check -s exit:0 -o match:"$ip_peer.$port > $ip_local.$port: UDP, length 32" \ 454 cat $outfile 455 456 destroy_wg_interfaces 457 } 458 459 wg_keepalive_cleanup() 460 { 461 462 $DEBUG && dump 463 cleanup 464 } 465 466 atf_test_case wg_psk cleanup 467 wg_psk_head() 468 { 469 470 atf_set "descr" "tests preshared-key" 471 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 472 } 473 474 test_psk_common() 475 { 476 } 477 478 wg_psk_body() 479 { 480 local ifconfig="atf_check -s exit:0 rump.ifconfig" 481 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 482 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 483 local ip_local=192.168.1.1 484 local ip_peer=192.168.1.2 485 local ip_peer_new=192.168.1.3 486 local ip_wg_local=10.0.0.1 487 local ip_wg_peer=10.0.0.2 488 local port=51820 489 local outfile=./out 490 local pskfile=./psk 491 local rekey_after_time=3 492 493 setup_servers 494 495 export RUMP_SERVER=$SOCK_LOCAL 496 atf_check -s exit:0 -o ignore \ 497 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 498 export RUMP_SERVER=$SOCK_PEER 499 atf_check -s exit:0 -o ignore \ 500 rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time 501 502 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 503 generate_keys 504 key_psk=$(wg-keygen --psk) 505 $DEBUG && echo $key_psk 506 507 export RUMP_SERVER=$SOCK_LOCAL 508 setup_common shmif0 inet $ip_local 24 509 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 510 511 export RUMP_SERVER=$SOCK_PEER 512 setup_common shmif0 inet $ip_peer 24 513 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 514 515 echo "$key_psk" > $pskfile 516 517 export RUMP_SERVER=$SOCK_LOCAL 518 519 # The local always has the preshared key 520 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 \ 521 $pskfile "$key_psk" 522 $ifconfig -w 10 523 524 export RUMP_SERVER=$SOCK_PEER 525 526 # First, try the peer without the preshared key 527 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 528 $ifconfig -w 10 529 530 export RUMP_SERVER=$SOCK_LOCAL 531 532 extract_new_packets $BUS > $outfile 533 $DEBUG && cat $outfile 534 535 $ping_fail $ip_wg_peer 536 537 extract_new_packets $BUS > $outfile 538 $DEBUG && cat $outfile 539 540 # Next, try with the preshared key 541 export RUMP_SERVER=$SOCK_PEER 542 delete_peer wg0 peer0 543 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 \ 544 $pskfile "$key_psk" 545 $ifconfig -w 10 546 547 # Need a rekey 548 atf_check -s exit:0 sleep $((rekey_after_time + 1)) 549 550 export RUMP_SERVER=$SOCK_LOCAL 551 552 extract_new_packets $BUS > $outfile 553 $DEBUG && cat $outfile 554 555 $ping $ip_wg_peer 556 557 extract_new_packets $BUS > $outfile 558 $DEBUG && cat $outfile 559 560 # Then, try again without the preshared key just in case 561 export RUMP_SERVER=$SOCK_PEER 562 delete_peer wg0 peer0 563 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 564 $ifconfig -w 10 565 566 # Need a rekey 567 atf_check -s exit:0 sleep $((rekey_after_time + 1)) 568 569 export RUMP_SERVER=$SOCK_LOCAL 570 $ping_fail $ip_wg_peer 571 572 rm -f $pskfile 573 574 destroy_wg_interfaces 575 } 576 577 wg_psk_cleanup() 578 { 579 580 $DEBUG && dump 581 cleanup 582 } 583 584 atf_test_case wg_malformed cleanup 585 wg_malformed_head() 586 { 587 588 atf_set "descr" "tests malformed packet headers" 589 atf_set "require.progs" "nc" "rump_server" "wgconfig" "wg-keygen" 590 atf_set "timeout" "10" 591 } 592 593 wg_malformed_body() 594 { 595 local ifconfig="atf_check -s exit:0 rump.ifconfig" 596 local ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 597 local ip_local=192.168.1.1 598 local ip_peer=192.168.1.2 599 local ip_wg_local=10.0.0.1 600 local ip_wg_peer=10.0.0.2 601 local port=51820 602 setup_servers 603 604 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 605 generate_keys 606 607 export RUMP_SERVER=$SOCK_LOCAL 608 setup_common shmif0 inet $ip_local 24 609 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 610 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 611 $ifconfig -w 10 612 613 export RUMP_SERVER=$SOCK_PEER 614 setup_common shmif0 inet $ip_peer 24 615 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 616 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 617 $ifconfig -w 10 618 619 export RUMP_SERVER=$SOCK_LOCAL 620 621 $ping $ip_wg_peer 622 623 printf 'send malformed packets\n' 624 625 $HIJACKING ping -c 1 -n $ip_peer 626 627 printf 'x' | $HIJACKING nc -Nu -w 0 $ip_peer $port 628 printf 'xy' | $HIJACKING nc -Nu -w 0 $ip_peer $port 629 printf 'xyz' | $HIJACKING nc -Nu -w 0 $ip_peer $port 630 printf 'xyzw' | $HIJACKING nc -Nu -w 0 $ip_peer $port 631 printf '\x00\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 632 printf '\x00\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 633 printf '\x01\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 634 printf '\x01\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 635 printf '\x02\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 636 printf '\x02\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 637 printf '\x03\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 638 printf '\x03\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 639 printf '\x04\x00\x00\x00' | $HIJACKING nc -Nu -w 0 $ip_peer $port 640 printf '\x04\x00\x00\x00z' | $HIJACKING nc -Nu -w 0 $ip_peer $port 641 642 printf 'done sending malformed packets\n' 643 644 $ping $ip_wg_peer 645 } 646 647 wg_malformed_cleanup() 648 { 649 650 $DEBUG && dump 651 cleanup 652 } 653 654 atf_init_test_cases() 655 { 656 657 atf_add_test_case wg_rekey 658 atf_add_test_case wg_handshake_timeout 659 atf_add_test_case wg_cookie 660 atf_add_test_case wg_mobility 661 atf_add_test_case wg_keepalive 662 atf_add_test_case wg_psk 663 atf_add_test_case wg_malformed 664 } 665
Indexes created Sun Sep 28 16:09:52 GMT 2025