mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 19:00:49 +02:00
5f755f6bd5
Correct the logic for checking if the client and server examples are compiled in the test scripts. The previous logic was inverted, causing the tests to always skip if the examples *were* compiled.
183 lines
5.5 KiB
Bash
Executable File
183 lines
5.5 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# This script can be run with several environment variables set dictating its
|
|
# run. You can set the following to what you like:
|
|
WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)}
|
|
UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"}
|
|
DTLS_VERSION=${DTLS_VERSION:-"-v4"}
|
|
PCAP_FILENAME=${PCAP_FILENAME:-"dtls${DTLS_VERSION}.pcap"}
|
|
# Additionally, you can add the following tests by setting it to '1':
|
|
DO_EXTENDED_SERVER_PERMUTATION_TEST=${DO_EXTENDED_SERVER_PERMUTATION_TEST:-0}
|
|
DO_DELAY_TEST=${DO_DELAY_TEST:-0}
|
|
|
|
# An example use would be: DTLS_VERSION=-v3 scripts/dtls.test
|
|
# Note the output also consists of a single PCAP file which has a set of
|
|
# three packets (1-byte, strlen()-byte, 1-byte payload) deliniating each test.
|
|
|
|
#set -x # enable debug output
|
|
|
|
[ ! -x ./examples/client/client ] && printf '\n\n%s\n' "Client doesn't exist" \
|
|
&& exit 1
|
|
|
|
if ./examples/client/client -? 2>&1 | grep "Client not compiled in!" ; then
|
|
echo 'skipping dtls.test because client not compiled in.' 1>&2
|
|
exit 77
|
|
fi
|
|
|
|
if ./examples/server/server -? 2>&1 | grep "Server not compiled in!" ; then
|
|
echo 'skipping dtls.test because server not compiled in.' 1>&2
|
|
exit 77
|
|
fi
|
|
|
|
# bwrap execution environment to avoid port conflicts
|
|
if [ "${AM_BWRAPPED-}" != "yes" ]; then
|
|
bwrap_path="$(command -v bwrap)"
|
|
if [ -n "$bwrap_path" ]; then
|
|
export AM_BWRAPPED=yes
|
|
exec "$bwrap_path" --cap-add ALL --unshare-net --dev-bind / / "$0" "$@"
|
|
fi
|
|
fi
|
|
|
|
kill_server() {
|
|
for i in $(jobs -pr); do
|
|
if [ "$i" != "$TCPDUMP_PID" ]; then
|
|
kill -9 $i
|
|
fi
|
|
done
|
|
# empty print to show which backgrounded processes were killed
|
|
sleep 0.2 && echo
|
|
}
|
|
|
|
cleanup () {
|
|
echo
|
|
echo "Cleaning up..."
|
|
kill_server
|
|
|
|
if [ ! -z "$TCPDUMP_PID" ];then
|
|
echo "Killing tcpdump $TCPDUMP_PID"
|
|
sleep 1
|
|
kill $TCPDUMP_PID
|
|
fi
|
|
}
|
|
|
|
trap cleanup err exit
|
|
|
|
PROXY_PORT=1234
|
|
SERVER_PORT=4321
|
|
KEY_UPDATE_SIZE=35
|
|
NUM_TESTS_FAILED=0
|
|
NUM_TESTS_RUN=0
|
|
|
|
if [ "$DTLS_VERSION" = "-v4" ]; then
|
|
UDP_PROXY_EXTRA_ARGS="-u"
|
|
fi
|
|
|
|
# $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf
|
|
|
|
set -o pipefail
|
|
prepend() { # Usage: cmd 2>&1 | prepend "sometext "
|
|
while read line; do echo "${1}${line}"; done
|
|
}
|
|
|
|
run_test() { # usage: run_test "<testName>" "<udp-proxy args>" "<server args>" "<client args>"
|
|
((NUM_TESTS_RUN++))
|
|
echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
|
|
echo "$1" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
|
|
echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
|
|
echo -e "\n${1}\n"
|
|
stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $3 2>&1 | prepend "[server] " &
|
|
sleep 0.2
|
|
stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $2 2>&1 | prepend "[udp-proxy] " &
|
|
sleep 0.2
|
|
# Wrap this command in a timeout so that a deadlock won't bring down the entire test
|
|
timeout -s KILL 1m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $4 2>&1 | prepend "[client] "
|
|
if [ $? != 0 ]; then
|
|
echo "***Test failed***"
|
|
((NUM_TESTS_FAILED++))
|
|
fi
|
|
kill_server
|
|
}
|
|
|
|
test_dropping_packets () {
|
|
for i in $(seq 0 11);do
|
|
run_test "Dropping ${i}th packet" "-f $i" "-Ta" ""
|
|
done
|
|
|
|
# dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error
|
|
for i in $(seq 0 10);do
|
|
run_test "Testing WANT_WRITE: dropping packet $i" "-f $i" "-Ta -6" "-6"
|
|
done
|
|
}
|
|
|
|
# this test is based on detecting newSessionTicket message by its size. This is rather fragile.
|
|
test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket <size>
|
|
run_test "Dropping new session ticket packet of size $1" "-F $1" "-w" "-w --waitTicket"
|
|
}
|
|
|
|
test_permutations () {
|
|
SIDE=$1
|
|
PERMUTATIONS=$(python3 << EOF
|
|
import itertools
|
|
for p in itertools.permutations("$2"):
|
|
print(''.join(p))
|
|
EOF
|
|
)
|
|
for i in $PERMUTATIONS;do
|
|
UDP_LOGFILE=$(mktemp)
|
|
run_test "Testing $SIDE permutations order $i" "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w"
|
|
echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
|
|
rm -f $UDP_LOGFILE
|
|
done
|
|
echo "All $SIDE msg permutations succeeded"
|
|
}
|
|
|
|
|
|
test_time_delays () {
|
|
DELAYS=$(python3 << EOF
|
|
import itertools
|
|
t = [0.1, 0.5, 1.1]
|
|
tt = []
|
|
for i in itertools.product(t, t, t):
|
|
tt.append(i * 15)
|
|
for i in tt:
|
|
print(','.join(map(lambda x: str(x) , i)))
|
|
EOF
|
|
)
|
|
for DELAY in $DELAYS;do
|
|
UDP_LOGFILE=$(mktemp)
|
|
run_test "Testing delay $DELAY" "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w"
|
|
echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
|
|
rm -f $UDP_LOGFILE
|
|
done
|
|
}
|
|
|
|
echo "Starting capture"
|
|
tcpdump -i lo -n port ${SERVER_PORT} -w ${PCAP_FILENAME} -U &
|
|
TCPDUMP_PID=$!
|
|
sleep 0.5
|
|
|
|
test_dropping_packets
|
|
test_permutations client 012
|
|
|
|
if [ "$DO_EXTENDED_SERVER_PERMUTATION_TEST" = "1" ];then
|
|
test_permutations server 0123456
|
|
else
|
|
test_permutations server 012
|
|
fi
|
|
|
|
test_dropping_new_session_ticket 200
|
|
|
|
# TODO: fix udp_proxy to not re-order close alert before app data
|
|
if [ "$DO_DELAY_TEST" = "1" ];then
|
|
test_time_delays
|
|
fi
|
|
|
|
if [ $NUM_TESTS_FAILED == 0 ]; then
|
|
echo -e "\nAll $NUM_TESTS_RUN tests SUCCEEDED!!!\n"
|
|
else
|
|
echo -e "\nThere were $NUM_TESTS_FAILED failures out of $NUM_TESTS_RUN tests\n"
|
|
fi
|
|
|
|
echo "The script ran for $SECONDS seconds"
|
|
exit $NUM_TESTS_FAILED
|