t_ipsec_spflags.sh revision 1.1
1 # $NetBSD: t_ipsec_spflags.sh,v 1.1 2022/10/11 09:55:21 knakahara Exp $ 2 # 3 # Copyright (c) 2022 Internet Initiative Japan Inc. 4 # All rights reserved. 5 # 6 # Redistribution and use in source and binary forms, with or without 7 # modification, are permitted provided that the following conditions 8 # are met: 9 # 1. Redistributions of source code must retain the above copyright 10 # notice, this list of conditions and the following disclaimer. 11 # 2. Redistributions in binary form must reproduce the above copyright 12 # notice, this list of conditions and the following disclaimer in the 13 # documentation and/or other materials provided with the distribution. 14 # 15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 # POSSIBILITY OF SUCH DAMAGE. 26 # 27 28 SOCK_LOCAL=unix://ipsec_local 29 30 DEBUG=${DEBUG:-false} 31 32 test_flag_if_ipsec_sp_common() 33 { 34 local ip_gwlo_tun=20.0.0.1 35 local ip_gwre_tun=20.0.0.2 36 37 rump_server_crypto_start $SOCK_LOCAL netipsec ipsec 38 export RUMP_SERVER=$SOCK_LOCAL 39 atf_check -s exit:0 rump.ifconfig ipsec0 create 40 atf_check -s exit:0 rump.ifconfig ipsec0 \ 41 tunnel $ip_gwlo_tun $ip_gwre_tun 42 atf_check -s exit:0 -o match:'sadb_x_policy\{ type=2 dir=2 flags=0x80' $HIJACKING setkey -DPv 43 } 44 45 test_flag_userland_sp_common() 46 { 47 local ip_gwlo_tun=20.0.0.1 48 local ip_gwre_tun=20.0.0.2 49 local tmpfile=./tmp 50 51 name="ipsec_spflag_userland_sp" 52 desc="Tests of IPsec SPD flags at userland" 53 54 atf_test_case ${name} cleanup 55 56 rump_server_crypto_start $SOCK_LOCAL netipsec ipsec 57 58 export RUMP_SERVER=$SOCK_LOCAL 59 60 cat > $tmpfile <<-EOF 61 spdadd $ip_gwlo_tun $ip_gwre_tun ipv4 -P in ipsec esp/transport//require ; 62 spdadd $ip_gwre_tun $ip_gwlo_tun ipv4 -P out ipsec esp/transport//require ; 63 EOF 64 $DEBUG && cat $tmpfile 65 atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile 66 atf_check -s exit:0 -o match:'sadb_x_policy\{ type=2 dir=2 flags=0x00' $HIJACKING setkey -DPv 67 } 68 69 add_test_spflag() 70 { 71 local name=$1 72 local desc=$2 73 74 atf_test_case ${name} cleanup 75 eval " \ 76 ${name}_head() { \ 77 atf_set \"descr\" \"$desc\"; \ 78 atf_set \"require.progs\" \"rump_server\" \"setkey\"; \ 79 }; \ 80 ${name}_body() { \ 81 test_${name}_common; \ 82 }; \ 83 ${name}_cleanup() { \ 84 $DEBUG && dump; \ 85 cleanup; \ 86 } \ 87 " 88 atf_add_test_case ${name} 89 90 } 91 92 atf_init_test_cases() 93 { 94 95 add_test_spflag "flag_if_ipsec_sp" "Tests of IPsec SPD flags at IPsec interface" 96 add_test_spflag "flag_userland_sp" "Tests of IPsec SPD flags at userland" 97 } 98
Indexes created Tue Sep 23 07:09:52 GMT 2025