1# $NetBSD: t_basic.sh,v 1.4 2021/03/02 07:16:24 simonb Exp $ 2# 3# Copyright (c) 2018 Ryota Ozaki <ozaki.ryota@gmail.com> 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: 9# 1. Redistributions of source code must retain the above copyright 10# notice, this list of conditions and the following disclaimer. 11# 2. Redistributions in binary form must reproduce the above copyright 12# notice, this list of conditions and the following disclaimer in the 13# documentation and/or other materials provided with the distribution. 14# 15# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25# POSSIBILITY OF SUCH DAMAGE. 26# 27 28BUS=bus 29SOCK_LOCAL=unix://wg_local 30SOCK_PEER=unix://wg_peer 31SOCK_PEER2=unix://wg_peer2 32 33 34check_ping_payload() 35{ 36 local proto=$1 37 local ip=$2 38 local ping= size= 39 40 if [ $proto = inet ]; then 41 ping="atf_check -s exit:0 -o ignore rump.ping -n -c 1 -w 1" 42 else 43 ping="atf_check -s exit:0 -o ignore rump.ping6 -n -c 1 -X 1" 44 fi 45 46 for size in $(seq 1 100) $(seq 450 550) $(seq 1400 1500); do 47 $ping -s $size $ip 48 done 49} 50 51test_common() 52{ 53 local type=$1 54 local outer_proto=$2 55 local inner_proto=$3 56 local ifconfig="atf_check -s exit:0 rump.ifconfig" 57 local port=51820 58 local ip_local= ip_peer= 59 local ip_wg_local= ip_wg_peer= 60 local outer_prefix= outer_prefixall= 61 local inner_prefix= inner_prefixall= 62 63 if [ $outer_proto = inet ]; then 64 ip_local=192.168.1.1 65 ip_peer=192.168.1.2 66 outer_prefix=24 67 outer_prefixall=32 68 else 69 ip_local=fc00::1 70 ip_peer=fc00::2 71 outer_prefix=64 72 outer_prefixall=128 73 fi 74 75 if [ $inner_proto = inet ]; then 76 ip_wg_local=10.0.0.1 77 ip_wg_peer=10.0.0.2 78 inner_prefix=24 79 inner_prefixall=32 80 else 81 ip_wg_local=fd00::1 82 ip_wg_peer=fd00::2 83 inner_prefix=64 84 inner_prefixall=128 85 fi 86 87 setup_servers 88 89 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 90 generate_keys 91 92 export RUMP_SERVER=$SOCK_LOCAL 93 setup_common shmif0 $outer_proto $ip_local $outer_prefix 94 setup_wg_common wg0 $inner_proto $ip_wg_local $inner_prefix $port "$key_priv_local" 95 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/$inner_prefixall 96 $ifconfig -w 10 97 98 export RUMP_SERVER=$SOCK_PEER 99 setup_common shmif0 $outer_proto $ip_peer $outer_prefix 100 setup_wg_common wg0 $inner_proto $ip_wg_peer $inner_prefix $port "$key_priv_peer" 101 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/$inner_prefixall 102 $ifconfig -w 10 103 104 if [ $type = basic ]; then 105 export RUMP_SERVER=$SOCK_LOCAL 106 check_ping $inner_proto $ip_wg_peer 107 elif [ $type = payload ]; then 108 export RUMP_SERVER=$SOCK_LOCAL 109 check_ping_payload $inner_proto $ip_wg_peer 110 fi 111 112 destroy_wg_interfaces 113} 114 115atf_test_case wg_create_destroy cleanup 116wg_create_destroy_head() 117{ 118 119 atf_set "descr" "tests to create/destroy wg(4) interfaces" 120 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 121} 122 123wg_create_destroy_body() 124{ 125 126 rump_server_crypto_start $SOCK_LOCAL netinet6 wg 127 128 test_create_destroy_common $SOCK_LOCAL wg0 true 129} 130 131wg_create_destroy_cleanup() 132{ 133 134 $DEBUG && dump 135 cleanup 136} 137 138wg_create_destroy_peers_common() 139{ 140 local proto=$1 141 local ifconfig="atf_check -s exit:0 rump.ifconfig" 142 local port=51820 143 local ip_local= ip_peer= 144 local ip_wg_local= ip_wg_peer= 145 local outer_prefix= outer_prefixall= 146 local inner_prefix= inner_prefixall= 147 148 if [ $proto = inet ]; then 149 ip_local=192.168.1.1 150 ip_peer=192.168.1.2 151 outer_prefix=24 152 outer_prefixall=32 153 ip_wg_local=10.0.0.1 154 ip_wg_peer=10.0.0.2 155 inner_prefix=24 156 inner_prefixall=32 157 else 158 ip_local=fc00::1 159 ip_peer=fc00::2 160 outer_prefix=64 161 outer_prefixall=128 162 ip_wg_local=fd00::1 163 ip_wg_peer=fd00::2 164 inner_prefix=64 165 inner_prefixall=128 166 fi 167 168 rump_server_crypto_start $SOCK_LOCAL netinet6 wg 169 rump_server_add_iface $SOCK_LOCAL shmif0 $BUS 170 171 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 172 generate_keys 173 174 export RUMP_SERVER=$SOCK_LOCAL 175 setup_common shmif0 $proto $ip_local $outer_prefix 176 setup_wg_common wg0 $proto $ip_wg_local $inner_prefix $port "$key_priv_local" 177 178 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/$inner_prefixall 179 180 delete_peer wg0 peer0 181} 182 183atf_test_case wg_create_destroy_peers_ipv4 cleanup 184wg_create_destroy_peers_ipv4_head() 185{ 186 187 atf_set "descr" "tests to create/destroy peers (IPv4)" 188 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 189} 190 191wg_create_destroy_peers_ipv4_body() 192{ 193 194 wg_create_destroy_peers_common inet 195} 196 197wg_create_destroy_peers_ipv4_cleanup() 198{ 199 200 $DEBUG && dump 201 cleanup 202} 203 204atf_test_case wg_create_destroy_peers_ipv6 cleanup 205wg_create_destroy_peers_ipv6_head() 206{ 207 208 atf_set "descr" "tests to create/destroy peers (IPv6)" 209 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 210} 211 212wg_create_destroy_peers_ipv6_body() 213{ 214 215 wg_create_destroy_peers_common inet6 216} 217 218wg_create_destroy_peers_ipv6_cleanup() 219{ 220 221 $DEBUG && dump 222 cleanup 223} 224 225add_basic_test() 226{ 227 local inner=$1 228 local outer=$2 229 local ipv4=inet 230 local ipv6=inet6 231 232 name="wg_basic_${inner}_over_${outer}" 233 fulldesc="Test wg(4) with ${inner} over ${outer}" 234 235 eval inner=\$$inner 236 eval outer=\$$outer 237 238 atf_test_case ${name} cleanup 239 eval " 240 ${name}_head() { 241 atf_set descr \"${fulldesc}\" 242 atf_set require.progs rump_server wgconfig wg-keygen 243 } 244 ${name}_body() { 245 test_common basic $outer $inner 246 rump_server_destroy_ifaces 247 } 248 ${name}_cleanup() { 249 \$DEBUG && dump 250 cleanup 251 }" 252 atf_add_test_case ${name} 253} 254 255add_payload_sizes_test() 256{ 257 local inner=$1 258 local outer=$2 259 local ipv4=inet 260 local ipv6=inet6 261 262 name="wg_payload_sizes_${inner}_over_${outer}" 263 fulldesc="Test wg(4) with ${inner} over ${outer} with various payload sizes" 264 265 eval inner=\$$inner 266 eval outer=\$$outer 267 268 atf_test_case ${name} cleanup 269 eval " 270 ${name}_head() { 271 atf_set descr \"${fulldesc}\" 272 atf_set require.progs rump_server wgconfig wg-keygen 273 } 274 ${name}_body() { 275 test_common payload $outer $inner 276 rump_server_destroy_ifaces 277 } 278 ${name}_cleanup() { 279 \$DEBUG && dump 280 cleanup 281 }" 282 atf_add_test_case ${name} 283} 284 285atf_test_case wg_multiple_interfaces cleanup 286wg_multiple_interfaces_head() 287{ 288 289 atf_set "descr" "tests multiple wg(4) interfaces" 290 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 291} 292 293wg_multiple_interfaces_body() 294{ 295 local ifconfig="atf_check -s exit:0 rump.ifconfig" 296 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 297 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 298 local key_priv_peer2= 299 local key_pub_peer2= 300 local ip_local=192.168.1.1 301 local ip_local2=192.168.2.1 302 local ip_peer=192.168.1.2 303 local ip_peer2=192.168.2.2 304 local ip_wg_local=10.0.0.1 305 local ip_wg_local2=10.0.1.1 306 local ip_wg_peer=10.0.0.2 307 local ip_wg_peer2=10.0.1.2 308 local port=51820 309 local port2=51821 310 local outfile=./out 311 312 setup_servers 313 rump_server_add_iface $SOCK_LOCAL shmif1 $BUS 314 315 rump_server_crypto_start $SOCK_PEER2 netinet6 wg 316 rump_server_add_iface $SOCK_PEER2 shmif0 $BUS 317 318 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 319 generate_keys 320 key_priv_peer2=$(wg-keygen) 321 key_pub_peer2=$(echo $key_priv_peer2| wg-keygen --pub) 322 323 export RUMP_SERVER=$SOCK_LOCAL 324 setup_common shmif0 inet $ip_local 24 325 setup_common shmif1 inet $ip_local2 24 326 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 327 setup_wg_common wg1 inet $ip_wg_local2 24 $port2 "$key_priv_local" 328 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 329 add_peer wg1 peer0 $key_pub_peer2 $ip_peer2:$port2 $ip_wg_peer2/32 330 $ifconfig -w 10 331 332 export RUMP_SERVER=$SOCK_PEER 333 setup_common shmif0 inet $ip_peer 24 334 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 335 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 336 $ifconfig -w 10 337 338 export RUMP_SERVER=$SOCK_PEER2 339 setup_common shmif0 inet $ip_peer2 24 340 setup_wg_common wg0 inet $ip_wg_peer2 24 $port2 "$key_priv_peer2" 341 add_peer wg0 peer0 $key_pub_local $ip_local2:$port2 $ip_wg_local2/32 342 $ifconfig -w 10 343 344 export RUMP_SERVER=$SOCK_LOCAL 345 346 extract_new_packets $BUS > $outfile 347 $DEBUG && cat $outfile 348 349 $ping $ip_wg_peer 350 351 extract_new_packets $BUS > $outfile 352 $DEBUG && cat $outfile 353 354 $ping $ip_wg_peer2 355 356 extract_new_packets $BUS > $outfile 357 $DEBUG && cat $outfile 358 359 export RUMP_SERVER=$SOCK_LOCAL 360 $ifconfig wg0 destroy 361 $ifconfig wg1 destroy 362 export RUMP_SERVER=$SOCK_PEER 363 $ifconfig wg0 destroy 364 export RUMP_SERVER=$SOCK_PEER2 365 $ifconfig wg0 destroy 366} 367 368wg_multiple_interfaces_cleanup() 369{ 370 371 $DEBUG && dump 372 cleanup 373} 374 375atf_test_case wg_multiple_peers cleanup 376wg_multiple_peers_head() 377{ 378 379 atf_set "descr" "tests multiple wg(4) peers" 380 atf_set "require.progs" "rump_server" "wgconfig" "wg-keygen" 381} 382 383wg_multiple_peers_body() 384{ 385 local ifconfig="atf_check -s exit:0 rump.ifconfig" 386 local ping="atf_check -s exit:0 -o ignore rump.ping -n -i 0.1 -c 3 -w 1" 387 local ping_fail="atf_check -s not-exit:0 -o ignore rump.ping -n -c 1 -w 1" 388 local key_priv_peer2= 389 local key_pub_peer2= 390 local ip_local=192.168.1.1 391 local ip_peer=192.168.1.2 392 local ip_peer2=192.168.1.3 393 local ip_wg_local=10.0.0.1 394 local ip_wg_peer=10.0.0.2 395 local ip_wg_peer2=10.0.0.3 396 local port=51820 397 local outfile=./out 398 399 setup_servers 400 rump_server_add_iface $SOCK_LOCAL shmif1 $BUS 401 402 rump_server_crypto_start $SOCK_PEER2 netinet6 wg 403 rump_server_add_iface $SOCK_PEER2 shmif0 $BUS 404 405 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer 406 generate_keys 407 key_priv_peer2=$(wg-keygen) 408 key_pub_peer2=$(echo $key_priv_peer2| wg-keygen --pub) 409 410 export RUMP_SERVER=$SOCK_LOCAL 411 setup_common shmif0 inet $ip_local 24 412 setup_wg_common wg0 inet $ip_wg_local 24 $port "$key_priv_local" 413 add_peer wg0 peer0 $key_pub_peer $ip_peer:$port $ip_wg_peer/32 414 add_peer wg0 peer1 $key_pub_peer2 $ip_peer2:$port $ip_wg_peer2/32 415 $ifconfig -w 10 416 417 export RUMP_SERVER=$SOCK_PEER 418 setup_common shmif0 inet $ip_peer 24 419 setup_wg_common wg0 inet $ip_wg_peer 24 $port "$key_priv_peer" 420 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 421 $ifconfig -w 10 422 423 export RUMP_SERVER=$SOCK_PEER2 424 setup_common shmif0 inet $ip_peer2 24 425 setup_wg_common wg0 inet $ip_wg_peer2 24 $port "$key_priv_peer2" 426 add_peer wg0 peer0 $key_pub_local $ip_local:$port $ip_wg_local/32 427 $ifconfig -w 10 428 429 export RUMP_SERVER=$SOCK_LOCAL 430 431 extract_new_packets $BUS > $outfile 432 $DEBUG && cat $outfile 433 434 $ping $ip_wg_peer 435 436 extract_new_packets $BUS > $outfile 437 $DEBUG && cat $outfile 438 439 $ping $ip_wg_peer2 440 441 extract_new_packets $BUS > $outfile 442 $DEBUG && cat $outfile 443 444 export RUMP_SERVER=$SOCK_LOCAL 445 $ifconfig wg0 destroy 446 export RUMP_SERVER=$SOCK_PEER 447 $ifconfig wg0 destroy 448 export RUMP_SERVER=$SOCK_PEER2 449 $ifconfig wg0 destroy 450} 451 452wg_multiple_peers_cleanup() 453{ 454 455 $DEBUG && dump 456 cleanup 457} 458 459atf_init_test_cases() 460{ 461 462 add_basic_test ipv4 ipv4 463 add_basic_test ipv4 ipv6 464 add_basic_test ipv6 ipv4 465 add_basic_test ipv6 ipv6 466 467 add_payload_sizes_test ipv4 ipv4 468 add_payload_sizes_test ipv4 ipv6 469 add_payload_sizes_test ipv6 ipv4 470 add_payload_sizes_test ipv6 ipv6 471 472 atf_add_test_case wg_create_destroy 473 atf_add_test_case wg_create_destroy_peers_ipv4 474 atf_add_test_case wg_create_destroy_peers_ipv6 475 atf_add_test_case wg_multiple_interfaces 476 atf_add_test_case wg_multiple_peers 477} 478