1# $NetBSD: t_tcpip.sh,v 1.13 2014/01/03 13:18:00 pooka Exp $ 2# 3# Copyright (c) 2011 The NetBSD Foundation, Inc. 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: 9# 1. Redistributions of source code must retain the above copyright 10# notice, this list of conditions and the following disclaimer. 11# 2. Redistributions in binary form must reproduce the above copyright 12# notice, this list of conditions and the following disclaimer in the 13# documentation and/or other materials provided with the distribution. 14# 15# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25# POSSIBILITY OF SUCH DAMAGE. 26# 27 28rumpnetsrv='rump_server -lrumpnet -lrumpnet_net -lrumpnet_netinet' 29export RUMP_SERVER=unix://csock 30 31atf_test_case http cleanup 32http_head() 33{ 34 atf_set "descr" "Start hijacked httpd and get webpage from it" 35} 36 37http_body() 38{ 39 40 atf_check -s exit:0 ${rumpnetsrv} -lrumpnet_netinet6 ${RUMP_SERVER} 41 42 # start bozo in daemon mode 43 atf_check -s exit:0 env LD_PRELOAD=/usr/lib/librumphijack.so \ 44 /usr/libexec/httpd -P ./httpd.pid -b -s $(atf_get_srcdir) 45 46 atf_check -s exit:0 -o file:"$(atf_get_srcdir)/netstat.expout" \ 47 rump.netstat -a 48 49 # get the webpage 50 atf_check -s exit:0 env LD_PRELOAD=/usr/lib/librumphijack.so \ 51 $(atf_get_srcdir)/h_netget 127.0.0.1 80 webfile 52 53 # check that we got what we wanted 54 atf_check -o match:'HTTP/1.0 200 OK' cat webfile 55 atf_check -o match:'Content-Length: 95' cat webfile 56 atf_check -o file:"$(atf_get_srcdir)/index.html" \ 57 sed -n '1,/^$/!p' webfile 58} 59 60http_cleanup() 61{ 62 if [ -f httpd.pid ]; then 63 kill -9 "$(cat httpd.pid)" 64 rm -f httpd.pid 65 fi 66 67 rump.halt 68} 69 70# 71# Starts a SSH server and sets up the client to access it. 72# Authentication is allowed and done using an RSA key exclusively, which 73# is generated on the fly as part of the test case. 74# XXX: Ideally, all the tests in this test program should be able to share 75# the generated key, because creating it can be a very slow process on some 76# machines. 77# 78# XXX2: copypasted from jmmv's sshd thingamob in the psshfs test. 79# ideally code (and keys, like jmmv notes above) could be shared 80# 81start_sshd() { 82 echo "Setting up SSH server configuration" 83 sed -e "s,@SRCDIR@,$(atf_get_srcdir),g" -e "s,@WORKDIR@,$(pwd),g" \ 84 $(atf_get_srcdir)/sshd_config.in >sshd_config || \ 85 atf_fail "Failed to create sshd_config" 86 atf_check -s ignore -o empty -e ignore \ 87 cp $(atf_get_srcdir)/ssh_host_key . 88 atf_check -s ignore -o empty -e ignore \ 89 cp $(atf_get_srcdir)/ssh_host_key.pub . 90 atf_check -s eq:0 -o empty -e empty chmod 400 ssh_host_key 91 atf_check -s eq:0 -o empty -e empty chmod 444 ssh_host_key.pub 92 93 env LD_PRELOAD=/usr/lib/librumphijack.so \ 94 /usr/sbin/sshd -e -f ./sshd_config 95 while [ ! -f sshd.pid ]; do 96 sleep 0.01 97 done 98 echo "SSH server started (pid $(cat sshd.pid))" 99 100 echo "Setting up SSH client configuration" 101 atf_check -s eq:0 -o empty -e empty \ 102 ssh-keygen -f ssh_user_key -t rsa -b 1024 -N "" -q 103 atf_check -s eq:0 -o empty -e empty \ 104 cp ssh_user_key.pub authorized_keys 105 echo "127.0.0.1,localhost,::1 " \ 106 "$(cat $(atf_get_srcdir)/ssh_host_key.pub)" >known_hosts || \ 107 atf_fail "Failed to create known_hosts" 108 atf_check -s eq:0 -o empty -e empty chmod 600 authorized_keys 109 sed -e "s,@SRCDIR@,$(atf_get_srcdir),g" -e "s,@WORKDIR@,$(pwd),g" \ 110 $(atf_get_srcdir)/ssh_config.in >ssh_config || \ 111 atf_fail "Failed to create ssh_config" 112 113 echo "sshd running" 114} 115 116atf_test_case ssh cleanup 117ssh_head() 118{ 119 atf_set "descr" "Test that hijacked ssh/sshd works" 120} 121 122ssh_body() 123{ 124 125 atf_check -s exit:0 ${rumpnetsrv} ${RUMP_SERVER} 126 # make sure clients die after we nuke the server 127 export RUMPHIJACK_RETRYCONNECT='die' 128 129 start_sshd 130 131 # create some sort of directory for us to "ls" 132 mkdir testdir 133 cd testdir 134 jot 11 | xargs touch 135 jot 11 12 | xargs mkdir 136 cd .. 137 138 atf_check -s exit:0 -o save:ssh.out \ 139 env LD_PRELOAD=/usr/lib/librumphijack.so \ 140 ssh -T -F ssh_config 127.0.0.1 env BLOCKSIZE=512 \ 141 ls -li $(pwd)/testdir 142 atf_check -s exit:0 -o file:ssh.out env BLOCKSIZE=512 \ 143 ls -li $(pwd)/testdir 144} 145 146ssh_cleanup() 147{ 148 rump.halt 149 # sshd dies due to RUMPHIJACK_RETRYCONNECT=1d6 150} 151 152test_nfs() 153{ 154 155 magicstr='wind in my hair' 156 # create ffs file system we'll be serving from 157 atf_check -s exit:0 -o ignore newfs -F -s 10000 ffs.img 158 159 # start nfs kernel server. this is a mouthful 160 export RUMP_SERVER=unix://serversock 161 atf_check -s exit:0 rump_server $* ${RUMP_SERVER} 162 163 atf_check -s exit:0 rump.ifconfig shmif0 create 164 atf_check -s exit:0 rump.ifconfig shmif0 linkstr shmbus 165 atf_check -s exit:0 rump.ifconfig shmif0 inet 10.1.1.1 166 167 export RUMPHIJACK_RETRYCONNECT=die 168 export LD_PRELOAD=/usr/lib/librumphijack.so 169 170 atf_check -s exit:0 mkdir -p /rump/var/run 171 atf_check -s exit:0 mkdir -p /rump/var/db 172 atf_check -s exit:0 touch /rump/var/db/mountdtab 173 atf_check -s exit:0 mkdir /rump/etc 174 atf_check -s exit:0 mkdir /rump/export 175 176 atf_check -s exit:0 -x \ 177 'echo "/export -noresvport -noresvmnt 10.1.1.100" | \ 178 dd of=/rump/etc/exports 2> /dev/null' 179 180 atf_check -s exit:0 -e ignore mount_ffs /dk /rump/export 181 atf_check -s exit:0 -x "echo ${magicstr} > /rump/export/im_alive" 182 183 # start rpcbind. we want /var/run/rpcbind.sock 184 export RUMPHIJACK='blanket=/var/run,socket=all' 185 atf_check -s exit:0 rpcbind 186 187 # ok, then we want mountd in the similar fashion 188 export RUMPHIJACK='blanket=/var/run:/var/db:/export,socket=all,path=/rump,vfs=all' 189 atf_check -s exit:0 mountd /rump/etc/exports 190 191 # finally, le nfschuck 192 export RUMPHIJACK='blanket=/var/run,socket=all,vfs=all' 193 atf_check -s exit:0 nfsd 194 195 # 196 # now, time for the client server and associated madness. 197 # 198 199 export RUMP_SERVER=unix://clientsock 200 unset RUMPHIJACK 201 unset LD_PRELOAD 202 203 # at least the kernel server is easier 204 atf_check -s exit:0 rump_server -lrumpvfs -lrumpnet \ 205 -lrumpnet_net -lrumpnet_netinet -lrumpnet_shmif -lrumpfs_nfs\ 206 ${RUMP_SERVER} 207 208 atf_check -s exit:0 rump.ifconfig shmif0 create 209 atf_check -s exit:0 rump.ifconfig shmif0 linkstr shmbus 210 atf_check -s exit:0 rump.ifconfig shmif0 inet 10.1.1.100 211 212 export LD_PRELOAD=/usr/lib/librumphijack.so 213 214 atf_check -s exit:0 mkdir /rump/mnt 215 atf_check -s exit:0 mount_nfs 10.1.1.1:/export /rump/mnt 216 217 atf_check -s exit:0 -o inline:"${magicstr}\n" cat /rump/mnt/im_alive 218 atf_check -s exit:0 -o match:'.*im_alive$' ls -l /rump/mnt/im_alive 219} 220 221 222atf_test_case nfs cleanup 223nfs_head() 224{ 225 atf_set "descr" "Test hijacked nfsd and mount_nfs" 226} 227 228nfs_body() 229{ 230 test_nfs -lrumpvfs -lrumpdev -lrumpnet -lrumpnet_net \ 231 -lrumpnet_netinet -lrumpnet_local -lrumpnet_shmif \ 232 -lrumpdev_disk -lrumpfs_ffs -lrumpfs_nfs -lrumpfs_nfsserver \ 233 -d key=/dk,hostpath=ffs.img,size=host 234} 235 236nfs_cleanup() 237{ 238 RUMP_SERVER=unix://serversock rump.halt 2> /dev/null 239 RUMP_SERVER=unix://clientsock rump.halt 2> /dev/null 240 : 241} 242 243atf_test_case nfs_autoload cleanup 244nfs_autoload_head() 245{ 246 atf_set "descr" "Test hijacked nfsd with autoload from /stand" 247} 248 249nfs_autoload_body() 250{ 251 [ `uname -m` = "i386" ] || atf_skip "test currently valid only on i386" 252 test_nfs -lrumpvfs -lrumpdev -lrumpnet -lrumpnet_net \ 253 -lrumpnet_netinet -lrumpnet_local -lrumpnet_shmif \ 254 -lrumpdev_disk -d key=/dk,hostpath=ffs.img,size=host 255} 256 257nfs_autoload_cleanup() 258{ 259 nfs_cleanup 260} 261 262atf_init_test_cases() 263{ 264 atf_add_test_case http 265 atf_add_test_case ssh 266 atf_add_test_case nfs 267 atf_add_test_case nfs_autoload 268} 269