From 7023f86e660e59040010b4a8324a6e6944c0aa42 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 16 Aug 2023 16:01:47 -0400 Subject: [PATCH 01/15] Remove unnecessary code 'bc' is not installed in VM images. Don't want to run 'killall' in Jenkins tests --- scripts/dtls13.test | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/scripts/dtls13.test b/scripts/dtls13.test index af04b444e..1eb112686 100755 --- a/scripts/dtls13.test +++ b/scripts/dtls13.test @@ -26,10 +26,6 @@ SERVER_PORT=11111 NEW_SESSION_TICKET_SIZE=200 KEY_UPDATE_SIZE=35 -(killall udp_proxy || true) -(killall lt-server || true) -(killall lt-client || true) - # $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf test_dropping_packets () { @@ -40,10 +36,7 @@ test_dropping_packets () { $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta 2>>/tmp/serr & SERVER_PID=$! sleep 0.2 - now=$(date +%s.%N) $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT 2>>/tmp/cerr - elapsed=$(echo $(date +%s.%N) - $now | bc) - echo "it took ${elapsed} sec(s)" >> /tmp/udp wait $SERVER_PID SERVER_PID= kill $UDP_PROXY_PID @@ -61,10 +54,7 @@ test_dropping_packets () { $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -6 2>>/tmp/serr & SERVER_PID=$! sleep 0.2 - now=$(date +%s.%N) $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -6 2>>/tmp/cerr - elapsed=$(echo $(date +%s.%N) - $now | bc) - echo "it took ${elapsed} sec(s)" >> /tmp/udp wait $SERVER_PID SERVER_PID= kill $UDP_PROXY_PID From bc7c8af5de8ea163e500739e5b1a6078ab455988 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 09:41:13 -0400 Subject: [PATCH 02/15] Massively simplified the tests --- scripts/dtls13.test | 123 +++++++++++++++----------------------------- 1 file changed, 42 insertions(+), 81 deletions(-) diff --git a/scripts/dtls13.test b/scripts/dtls13.test index 1eb112686..cf67bb0c6 100755 --- a/scripts/dtls13.test +++ b/scripts/dtls13.test @@ -17,67 +17,53 @@ cleanup () { trap cleanup err exit -WOLFSSL_ROOT=$(pwd) -if [ -z $UDP_PROXY_PATH ];then -UDP_PROXY_PATH=$WOLFSSL_ROOT/../udp-proxy/udp_proxy -fi -PROXY_PORT=12345 -SERVER_PORT=11111 -NEW_SESSION_TICKET_SIZE=200 +WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)} +UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"} +PROXY_PORT=1234 +SERVER_PORT=4321 KEY_UPDATE_SIZE=35 # $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf +set -o pipefail +prepend() { # Usage: cmd 2>&1 | prepend "sometext " + while read line; do echo "${1}${line}"; done +} + +run_test() { # usage: run_test "" "" "" + stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u $1 2>&1 | prepend "[udp-proxy] " & + UDP_PROXY_PID=$(($! - 1)) + echo "UDP-proxy: $UDP_PROXY_PID" + stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $2 2>&1 | prepend "[server] " & + SERVER_PID=$! + sleep 0.2 + timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $3 2>&1 | prepend "[client] " + wait $SERVER_PID + SERVER_PID= + kill -INT $UDP_PROXY_PID + sleep 0.2 && kill $UDP_PROXY_PID || true + UDP_PROXY_PID= + echo "Test complete" +} + + test_dropping_packets () { for i in $(seq 0 11);do - echo -e "\ndropping packet $i\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp - $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -f $i -u >>/tmp/udp & - UDP_PROXY_PID=$! - $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta 2>>/tmp/serr & - SERVER_PID=$! - sleep 0.2 - $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT 2>>/tmp/cerr - wait $SERVER_PID - SERVER_PID= - kill $UDP_PROXY_PID - UDP_PROXY_PID= + echo -e "\ndropping packet $i\n" + run_test "-f $i" "-v4 -Ta" "-v4" done - - echo -e "\nTesting WANT_WRITE\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp - # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error for i in $(seq 0 10);do - echo -e "\ndropping packet $i\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp - $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -f $i -u >>/tmp/udp & - UDP_PROXY_PID=$! - $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -6 2>>/tmp/serr & - SERVER_PID=$! - sleep 0.2 - $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -6 2>>/tmp/cerr - wait $SERVER_PID - SERVER_PID= - kill $UDP_PROXY_PID - UDP_PROXY_PID= + echo -e "\nTesting WANT_WRITE: dropping packet $i\n" + run_test "-f $i" "-v4 -Ta -6" "-v4 -6" done } # this test is based on detecting newSessionTicket message by its size. This is rather fragile. -test_dropping_new_session_ticket() { - echo -e "\ndropping new session ticket packet of size $NEW_SESSION_TICKET_SIZE\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp - $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -F $NEW_SESSION_TICKET_SIZE -u >>/tmp/udp & - UDP_PROXY_PID=$! - $WOLFSSL_ROOT/examples/server/server -v4 -w -u 2>>/tmp/serr & - SERVER_PID=$! - sleep 0.2 - now=$(date +%s.%N) - $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w --waitTicket 2>>/tmp/cerr - elapsed=$(echo $(date +%s.%N) - $now | bc) - echo "it took ${elapsed} sec(s)" >> /tmp/udp - wait $SERVER_PID - SERVER_PID= - kill $UDP_PROXY_PID - UDP_PROXY_PID= +test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket + echo -e "\ndropping new session ticket packet of size $1\n" + run_test "-F $1" "-v4 -w" "-v4 -w --waitTicket" } test_permutations () { @@ -88,25 +74,12 @@ for p in itertools.permutations("$2"): print(''.join(p)) EOF ) - echo "Testing $SIDE msg permutations" for i in $PERMUTATIONS;do - echo -n "Testing $SIDE order $i" + echo -n "\nTesting $SIDE permutations order $i...\n" UDP_LOGFILE=/tmp/udp-$SIDE-$i - $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u -r $i -l $UDP_LOGFILE -S $SIDE & - UDP_PROXY_PID=$! - $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -w &> /tmp/serr & - SERVER_PID=$! - sleep 0.2 - now=$(date +%s.%N) - $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w &> /tmp/cerr - elapsed=$(echo $(date +%s.%N) - $now | bc) - udp_lines=$(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) - echo " took ${elapsed} sec(s) and produced ${udp_lines} messages" - wait $SERVER_PID - SERVER_PID= - kill $UDP_PROXY_PID - UDP_PROXY_PID= - rm $UDP_LOGFILE + rm -f $UDP_LOGFILE + run_test "-r $i -S $SIDE -l $UDP_LOGFILE" "-v4 -Ta -w" "-v4 -w" + echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" done echo "All $SIDE msg permutations succeeded" } @@ -124,29 +97,17 @@ for i in tt: EOF ) for DELAY in $DELAYS;do - echo -n "Testing delay $DELAY" + echo -n "\nTesting delay $DELAY...\n" UDP_LOGFILE=/tmp/udp-delay-$DELAY - $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u -l "$UDP_LOGFILE" -t $DELAY & - UDP_PROXY_PID=$! - $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -w &> /tmp/serr & - SERVER_PID=$! - sleep 0.2 - now=$(date +%s.%N) - $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w &> /tmp/cerr - elapsed=$(echo $(date +%s.%N) - $now | bc) - udp_lines=$(grep -P 'client:|server:' "$UDP_LOGFILE" | wc -l) - echo " took ${elapsed} sec(s) and produced ${udp_lines} messages" - wait $SERVER_PID - SERVER_PID= - kill $UDP_PROXY_PID - UDP_PROXY_PID= - rm "$UDP_LOGFILE" + rm -f $UDP_LOGFILE + run_test "-l $UDP_LOGFILE -t $DELAY" "-v4 -Ta -w" "-v4 -w" + echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" done } test_dropping_packets test_permutations client 012 -test_dropping_new_session_ticket +test_dropping_new_session_ticket 200 if [ ! -z $DTLS13_DO_SERVER_PERMUTATION_TEST ];then test_permutations server 0123456 From 49dc3a473bd24c9bac0bf6cd8abff60418122957 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 10:03:58 -0400 Subject: [PATCH 03/15] Run through all the tests and give a tally for failed --- scripts/dtls13.test | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/scripts/dtls13.test b/scripts/dtls13.test index cf67bb0c6..8adec11de 100755 --- a/scripts/dtls13.test +++ b/scripts/dtls13.test @@ -1,6 +1,7 @@ #!/bin/bash -set -e +#set -x # enable debug output +#set -e cleanup () { echo @@ -22,6 +23,7 @@ UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"} PROXY_PORT=1234 SERVER_PORT=4321 KEY_UPDATE_SIZE=35 +NUM_TESTS_FAILED=0 # $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf @@ -38,12 +40,14 @@ run_test() { # usage: run_test "" "" " SERVER_PID=$! sleep 0.2 timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $3 2>&1 | prepend "[client] " + if [ $? != 0 ]; then + echo "Test failed" + ((NUM_TESTS_FAILED++)) + fi wait $SERVER_PID SERVER_PID= - kill -INT $UDP_PROXY_PID - sleep 0.2 && kill $UDP_PROXY_PID || true + kill $UDP_PROXY_PID UDP_PROXY_PID= - echo "Test complete" } @@ -75,7 +79,7 @@ for p in itertools.permutations("$2"): EOF ) for i in $PERMUTATIONS;do - echo -n "\nTesting $SIDE permutations order $i...\n" + echo -e "\nTesting $SIDE permutations order $i...\n" UDP_LOGFILE=/tmp/udp-$SIDE-$i rm -f $UDP_LOGFILE run_test "-r $i -S $SIDE -l $UDP_LOGFILE" "-v4 -Ta -w" "-v4 -w" @@ -97,7 +101,7 @@ for i in tt: EOF ) for DELAY in $DELAYS;do - echo -n "\nTesting delay $DELAY...\n" + echo -e "\nTesting delay $DELAY...\n" UDP_LOGFILE=/tmp/udp-delay-$DELAY rm -f $UDP_LOGFILE run_test "-l $UDP_LOGFILE -t $DELAY" "-v4 -Ta -w" "-v4 -w" @@ -118,5 +122,10 @@ if [ ! -z $DTLS13_DO_DELAY_TEST ];then test_time_delays fi -echo -echo "All tests SUCCEEDED!!!" +if [ $NUM_TESTS_FAILED == 0 ]; then + echo -e "\nAll tests SUCCEEDED!!!\n" +else + echo -e "\nThere were $NUM_TESTS_FAILED failures\n" +fi + +exit $NUM_TESTS_FAILED From fea48e250534d829837548df7b3d5c9e93f649bc Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 10:05:12 -0400 Subject: [PATCH 04/15] Drop every i'th packet --- scripts/dtls13.test | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/dtls13.test b/scripts/dtls13.test index 8adec11de..05005bcf1 100755 --- a/scripts/dtls13.test +++ b/scripts/dtls13.test @@ -52,9 +52,9 @@ run_test() { # usage: run_test "" "" " test_dropping_packets () { - for i in $(seq 0 11);do - echo -e "\ndropping packet $i\n" - run_test "-f $i" "-v4 -Ta" "-v4" + for i in $(seq 3 11);do + echo -e "\ndropping ${i}th packet\n" + run_test "-d $i" "-v4 -Ta" "-v4" done # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error From f089b2c2f6af7b751ce49975fa20c64787cc5e8d Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 10:21:44 -0400 Subject: [PATCH 05/15] Clean up code --- scripts/dtls13.test | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/scripts/dtls13.test b/scripts/dtls13.test index 05005bcf1..63f18f9d5 100755 --- a/scripts/dtls13.test +++ b/scripts/dtls13.test @@ -1,7 +1,6 @@ #!/bin/bash #set -x # enable debug output -#set -e cleanup () { echo @@ -33,11 +32,11 @@ prepend() { # Usage: cmd 2>&1 | prepend "sometext " } run_test() { # usage: run_test "" "" "" + stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $2 2>&1 | prepend "[server] " & + SERVER_PID=$! stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u $1 2>&1 | prepend "[udp-proxy] " & UDP_PROXY_PID=$(($! - 1)) echo "UDP-proxy: $UDP_PROXY_PID" - stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $2 2>&1 | prepend "[server] " & - SERVER_PID=$! sleep 0.2 timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $3 2>&1 | prepend "[client] " if [ $? != 0 ]; then From bad00ea9f7688c068f1bf212f24f4518577f4b06 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 11:04:45 -0400 Subject: [PATCH 06/15] Adding in tcpdump capture --- scripts/dtls13.test | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/dtls13.test b/scripts/dtls13.test index 63f18f9d5..30bcd079a 100755 --- a/scripts/dtls13.test +++ b/scripts/dtls13.test @@ -13,6 +13,11 @@ cleanup () { echo "Killing server $SERVER_PID" kill $SERVER_PID fi + if [ ! -z "$TCPDUMP_PID" ];then + echo "Killing tcpdump $TCPDUMP_PID" + sleep 1 + kill $TCPDUMP_PID + fi } trap cleanup err exit @@ -108,6 +113,10 @@ EOF done } +echo "Starting capture" +tcpdump -i lo -n port ${SERVER_PORT} -w ./dtls.pcap -U & +TCPDUMP_PID=$! + test_dropping_packets test_permutations client 012 test_dropping_new_session_ticket 200 From 8772d8b8688c5bbbe894163dfd80cc0ff6a1f2fb Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 11:05:36 -0400 Subject: [PATCH 07/15] Able to adjust DTLS version globally --- scripts/dtls13.test | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/scripts/dtls13.test b/scripts/dtls13.test index 30bcd079a..2d6f58714 100755 --- a/scripts/dtls13.test +++ b/scripts/dtls13.test @@ -24,6 +24,7 @@ trap cleanup err exit WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)} UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"} +DTLS_VERSION=${DTLS_VERSION:-"-v4"} PROXY_PORT=1234 SERVER_PORT=4321 KEY_UPDATE_SIZE=35 @@ -37,13 +38,13 @@ prepend() { # Usage: cmd 2>&1 | prepend "sometext " } run_test() { # usage: run_test "" "" "" - stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $2 2>&1 | prepend "[server] " & + stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $2 2>&1 | prepend "[server] " & SERVER_PID=$! stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u $1 2>&1 | prepend "[udp-proxy] " & UDP_PROXY_PID=$(($! - 1)) echo "UDP-proxy: $UDP_PROXY_PID" sleep 0.2 - timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $3 2>&1 | prepend "[client] " + timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $3 2>&1 | prepend "[client] " if [ $? != 0 ]; then echo "Test failed" ((NUM_TESTS_FAILED++)) @@ -58,20 +59,20 @@ run_test() { # usage: run_test "" "" " test_dropping_packets () { for i in $(seq 3 11);do echo -e "\ndropping ${i}th packet\n" - run_test "-d $i" "-v4 -Ta" "-v4" + run_test "-d $i" "-Ta" "" done # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error for i in $(seq 0 10);do echo -e "\nTesting WANT_WRITE: dropping packet $i\n" - run_test "-f $i" "-v4 -Ta -6" "-v4 -6" + run_test "-f $i" "-Ta -6" "-6" done } # this test is based on detecting newSessionTicket message by its size. This is rather fragile. test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket echo -e "\ndropping new session ticket packet of size $1\n" - run_test "-F $1" "-v4 -w" "-v4 -w --waitTicket" + run_test "-F $1" "-w" "-w --waitTicket" } test_permutations () { @@ -86,7 +87,7 @@ EOF echo -e "\nTesting $SIDE permutations order $i...\n" UDP_LOGFILE=/tmp/udp-$SIDE-$i rm -f $UDP_LOGFILE - run_test "-r $i -S $SIDE -l $UDP_LOGFILE" "-v4 -Ta -w" "-v4 -w" + run_test "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w" echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" done echo "All $SIDE msg permutations succeeded" @@ -108,13 +109,13 @@ EOF echo -e "\nTesting delay $DELAY...\n" UDP_LOGFILE=/tmp/udp-delay-$DELAY rm -f $UDP_LOGFILE - run_test "-l $UDP_LOGFILE -t $DELAY" "-v4 -Ta -w" "-v4 -w" + run_test "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w" echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" done } echo "Starting capture" -tcpdump -i lo -n port ${SERVER_PORT} -w ./dtls.pcap -U & +tcpdump -i lo -n port ${SERVER_PORT} -w ./dtls${DTLS_VERSION}.pcap -U & TCPDUMP_PID=$! test_dropping_packets From e0b90a04636d69ae6008f47b792da75cf0a16b57 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 11:11:08 -0400 Subject: [PATCH 08/15] Rename the script to be a bit more generic --- scripts/{dtls13.test => dtls.test} | 0 scripts/include.am | 3 ++- 2 files changed, 2 insertions(+), 1 deletion(-) rename scripts/{dtls13.test => dtls.test} (100%) diff --git a/scripts/dtls13.test b/scripts/dtls.test similarity index 100% rename from scripts/dtls13.test rename to scripts/dtls.test diff --git a/scripts/include.am b/scripts/include.am index ef65d0d7f..2ee03e41c 100644 --- a/scripts/include.am +++ b/scripts/include.am @@ -116,8 +116,9 @@ EXTRA_DIST += scripts/stm32l4-v4_0_1_build.sh EXTRA_DIST += scripts/cleanup_testfiles.sh +EXTRA_DIST += scripts/dtls.test + if BUILD_DTLS13 -EXTRA_DIST += scripts/dtls13.test EXTRA_DIST += scripts/dtlscid.test endif From dfc4850e7579cd42e7d29c57623516e87c43c189 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 11:11:25 -0400 Subject: [PATCH 09/15] Add extra flags for DTLS1.3 --- scripts/dtls.test | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/dtls.test b/scripts/dtls.test index 2d6f58714..52f768ecd 100755 --- a/scripts/dtls.test +++ b/scripts/dtls.test @@ -30,6 +30,10 @@ SERVER_PORT=4321 KEY_UPDATE_SIZE=35 NUM_TESTS_FAILED=0 +if [ "$DTLS_VERSION" = "-v4" ]; then + UDP_PROXY_EXTRA_ARGS="-u" +fi + # $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf set -o pipefail @@ -40,7 +44,7 @@ prepend() { # Usage: cmd 2>&1 | prepend "sometext " run_test() { # usage: run_test "" "" "" stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $2 2>&1 | prepend "[server] " & SERVER_PID=$! - stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u $1 2>&1 | prepend "[udp-proxy] " & + stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $1 2>&1 | prepend "[udp-proxy] " & UDP_PROXY_PID=$(($! - 1)) echo "UDP-proxy: $UDP_PROXY_PID" sleep 0.2 From 62bb434aa6f2a0cd00958c4a136ea5cc86d8cf34 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 11:14:50 -0400 Subject: [PATCH 10/15] Remove debugging code --- scripts/dtls.test | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/dtls.test b/scripts/dtls.test index 52f768ecd..ae52ef26a 100755 --- a/scripts/dtls.test +++ b/scripts/dtls.test @@ -46,7 +46,6 @@ run_test() { # usage: run_test "" "" " SERVER_PID=$! stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $1 2>&1 | prepend "[udp-proxy] " & UDP_PROXY_PID=$(($! - 1)) - echo "UDP-proxy: $UDP_PROXY_PID" sleep 0.2 timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $3 2>&1 | prepend "[client] " if [ $? != 0 ]; then From 883d4dc219fc60427f7c9ed28b26f101b130d16b Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 13:04:36 -0400 Subject: [PATCH 11/15] Clean up the script --- scripts/dtls.test | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/scripts/dtls.test b/scripts/dtls.test index ae52ef26a..1aea8b266 100755 --- a/scripts/dtls.test +++ b/scripts/dtls.test @@ -43,22 +43,22 @@ prepend() { # Usage: cmd 2>&1 | prepend "sometext " run_test() { # usage: run_test "" "" "" stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $2 2>&1 | prepend "[server] " & - SERVER_PID=$! + SERVER_PID=$(($! - 1)) stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $1 2>&1 | prepend "[udp-proxy] " & UDP_PROXY_PID=$(($! - 1)) sleep 0.2 + # Wrap this command in a timeout so that a deadlock won't bring down the entire test timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $3 2>&1 | prepend "[client] " if [ $? != 0 ]; then - echo "Test failed" + echo "***Test failed***" ((NUM_TESTS_FAILED++)) fi - wait $SERVER_PID + kill $SERVER_PID >&/dev/null # make sure the server is no longer running SERVER_PID= kill $UDP_PROXY_PID UDP_PROXY_PID= } - test_dropping_packets () { for i in $(seq 3 11);do echo -e "\ndropping ${i}th packet\n" @@ -125,12 +125,12 @@ test_dropping_packets test_permutations client 012 test_dropping_new_session_ticket 200 -if [ ! -z $DTLS13_DO_SERVER_PERMUTATION_TEST ];then +if [ ! -z $DO_SERVER_PERMUTATION_TEST ];then test_permutations server 0123456 fi # TODO: fix udp_proxy to not re-order close alert before app data -if [ ! -z $DTLS13_DO_DELAY_TEST ];then +if [ ! -z $DO_DELAY_TEST ];then test_time_delays fi From 3df434930e53e22e5dbc66c208928eb0f6f4f570 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 13:06:13 -0400 Subject: [PATCH 12/15] Add in total test run count --- scripts/dtls.test | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/dtls.test b/scripts/dtls.test index 1aea8b266..cab69dbdb 100755 --- a/scripts/dtls.test +++ b/scripts/dtls.test @@ -29,6 +29,7 @@ PROXY_PORT=1234 SERVER_PORT=4321 KEY_UPDATE_SIZE=35 NUM_TESTS_FAILED=0 +NUM_TESTS_RUN=0 if [ "$DTLS_VERSION" = "-v4" ]; then UDP_PROXY_EXTRA_ARGS="-u" @@ -42,6 +43,7 @@ prepend() { # Usage: cmd 2>&1 | prepend "sometext " } run_test() { # usage: run_test "" "" "" + ((NUM_TESTS_RUN++)) stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $2 2>&1 | prepend "[server] " & SERVER_PID=$(($! - 1)) stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $1 2>&1 | prepend "[udp-proxy] " & @@ -135,9 +137,9 @@ if [ ! -z $DO_DELAY_TEST ];then fi if [ $NUM_TESTS_FAILED == 0 ]; then - echo -e "\nAll tests SUCCEEDED!!!\n" + echo -e "\nAll $NUM_TESTS_RUN tests SUCCEEDED!!!\n" else - echo -e "\nThere were $NUM_TESTS_FAILED failures\n" + echo -e "\nThere were $NUM_TESTS_FAILED failures out of $NUM_TESTS_RUN tests\n" fi exit $NUM_TESTS_FAILED From bea1b6f89b77d3157137a5a106a5c10cbd90e36c Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 13:11:31 -0400 Subject: [PATCH 13/15] Use unique temp file names --- scripts/dtls.test | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/dtls.test b/scripts/dtls.test index cab69dbdb..51c668fe6 100755 --- a/scripts/dtls.test +++ b/scripts/dtls.test @@ -90,10 +90,10 @@ EOF ) for i in $PERMUTATIONS;do echo -e "\nTesting $SIDE permutations order $i...\n" - UDP_LOGFILE=/tmp/udp-$SIDE-$i - rm -f $UDP_LOGFILE + UDP_LOGFILE=$(mktemp) run_test "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w" echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" + rm -f $UDP_LOGFILE done echo "All $SIDE msg permutations succeeded" } @@ -112,10 +112,10 @@ EOF ) for DELAY in $DELAYS;do echo -e "\nTesting delay $DELAY...\n" - UDP_LOGFILE=/tmp/udp-delay-$DELAY - rm -f $UDP_LOGFILE + UDP_LOGFILE=$(mktemp) run_test "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w" echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" + rm -f $UDP_LOGFILE done } From 9a007604e40d41e61875503eebf7c07c179a32f1 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 14:05:07 -0400 Subject: [PATCH 14/15] Usage documentation --- scripts/dtls.test | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/scripts/dtls.test b/scripts/dtls.test index 51c668fe6..291a6d724 100755 --- a/scripts/dtls.test +++ b/scripts/dtls.test @@ -1,5 +1,16 @@ #!/bin/bash +# This script can be run with several environment variables set dictating its +# run. You can set the following to what you like: +WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)} +UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"} +DTLS_VERSION=${DTLS_VERSION:-"-v4"} +# Additionally, you can add the following tests by setting it to '1': +DO_EXTENDED_SERVER_PERMUTATION_TEST=${DO_EXTENDED_SERVER_PERMUTATION_TEST:-0} +DO_DELAY_TEST=${DO_DELAY_TEST:-0} + +# An example use would be: DTLS_VERSION=-v3 scripts/dtls.test + #set -x # enable debug output cleanup () { @@ -22,9 +33,6 @@ cleanup () { trap cleanup err exit -WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)} -UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"} -DTLS_VERSION=${DTLS_VERSION:-"-v4"} PROXY_PORT=1234 SERVER_PORT=4321 KEY_UPDATE_SIZE=35 @@ -122,17 +130,21 @@ EOF echo "Starting capture" tcpdump -i lo -n port ${SERVER_PORT} -w ./dtls${DTLS_VERSION}.pcap -U & TCPDUMP_PID=$! +sleep 0.5 test_dropping_packets test_permutations client 012 -test_dropping_new_session_ticket 200 -if [ ! -z $DO_SERVER_PERMUTATION_TEST ];then +if [ "$DO_EXTENDED_SERVER_PERMUTATION_TEST" = "1" ];then test_permutations server 0123456 +else + test_permutations server 012 fi +test_dropping_new_session_ticket 200 + # TODO: fix udp_proxy to not re-order close alert before app data -if [ ! -z $DO_DELAY_TEST ];then +if [ "$DO_DELAY_TEST" = "1" ];then test_time_delays fi From dbd5d713e77c2a6acc5be1221019a9c924dfa6ff Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 18 Aug 2023 14:10:47 -0400 Subject: [PATCH 15/15] Add in a marker to the PCAP file --- scripts/dtls.test | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/scripts/dtls.test b/scripts/dtls.test index 291a6d724..ebdd61c61 100755 --- a/scripts/dtls.test +++ b/scripts/dtls.test @@ -50,15 +50,19 @@ prepend() { # Usage: cmd 2>&1 | prepend "sometext " while read line; do echo "${1}${line}"; done } -run_test() { # usage: run_test "" "" "" +run_test() { # usage: run_test "" "" "" "" ((NUM_TESTS_RUN++)) - stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $2 2>&1 | prepend "[server] " & + echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file + echo "$1" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file + echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file + echo -e "\n${1}\n" + stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $3 2>&1 | prepend "[server] " & SERVER_PID=$(($! - 1)) - stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $1 2>&1 | prepend "[udp-proxy] " & + stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $2 2>&1 | prepend "[udp-proxy] " & UDP_PROXY_PID=$(($! - 1)) sleep 0.2 # Wrap this command in a timeout so that a deadlock won't bring down the entire test - timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $3 2>&1 | prepend "[client] " + timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $4 2>&1 | prepend "[client] " if [ $? != 0 ]; then echo "***Test failed***" ((NUM_TESTS_FAILED++)) @@ -71,21 +75,18 @@ run_test() { # usage: run_test "" "" " test_dropping_packets () { for i in $(seq 3 11);do - echo -e "\ndropping ${i}th packet\n" - run_test "-d $i" "-Ta" "" + run_test "Dropping ${i}th packet" "-d $i" "-Ta" "" done # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error for i in $(seq 0 10);do - echo -e "\nTesting WANT_WRITE: dropping packet $i\n" - run_test "-f $i" "-Ta -6" "-6" + run_test "Testing WANT_WRITE: dropping packet $i" "-f $i" "-Ta -6" "-6" done } # this test is based on detecting newSessionTicket message by its size. This is rather fragile. test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket - echo -e "\ndropping new session ticket packet of size $1\n" - run_test "-F $1" "-w" "-w --waitTicket" + run_test "Dropping new session ticket packet of size $1" "-F $1" "-w" "-w --waitTicket" } test_permutations () { @@ -97,9 +98,8 @@ for p in itertools.permutations("$2"): EOF ) for i in $PERMUTATIONS;do - echo -e "\nTesting $SIDE permutations order $i...\n" UDP_LOGFILE=$(mktemp) - run_test "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w" + run_test "Testing $SIDE permutations order $i" "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w" echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" rm -f $UDP_LOGFILE done @@ -119,9 +119,8 @@ for i in tt: EOF ) for DELAY in $DELAYS;do - echo -e "\nTesting delay $DELAY...\n" UDP_LOGFILE=$(mktemp) - run_test "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w" + run_test "Testing delay $DELAY" "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w" echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" rm -f $UDP_LOGFILE done