2
0

dtls.test 5.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169
  1. #!/bin/bash
  2. # This script can be run with several environment variables set dictating its
  3. # run. You can set the following to what you like:
  4. WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)}
  5. UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"}
  6. DTLS_VERSION=${DTLS_VERSION:-"-v4"}
  7. PCAP_FILENAME=${PCAP_FILENAME:-"dtls${DTLS_VERSION}.pcap"}
  8. # Additionally, you can add the following tests by setting it to '1':
  9. DO_EXTENDED_SERVER_PERMUTATION_TEST=${DO_EXTENDED_SERVER_PERMUTATION_TEST:-0}
  10. DO_DELAY_TEST=${DO_DELAY_TEST:-0}
  11. # An example use would be: DTLS_VERSION=-v3 scripts/dtls.test
  12. # Note the output also consists of a single PCAP file which has a set of
  13. # three packets (1-byte, strlen()-byte, 1-byte payload) deliniating each test.
  14. #set -x # enable debug output
  15. # bwrap execution environment to avoid port conflicts
  16. if [ "${AM_BWRAPPED-}" != "yes" ]; then
  17. bwrap_path="$(command -v bwrap)"
  18. if [ -n "$bwrap_path" ]; then
  19. export AM_BWRAPPED=yes
  20. exec "$bwrap_path" --cap-add ALL --unshare-net --dev-bind / / "$0" "$@"
  21. fi
  22. fi
  23. cleanup () {
  24. echo
  25. echo "Cleaning up..."
  26. if [ ! -z "$UDP_PROXY_PID" ];then
  27. echo "Killing udp_proxy $UDP_PROXY_PID"
  28. kill $UDP_PROXY_PID
  29. fi
  30. if [ ! -z "$SERVER_PID" ];then
  31. echo "Killing server $SERVER_PID"
  32. kill $SERVER_PID
  33. fi
  34. if [ ! -z "$TCPDUMP_PID" ];then
  35. echo "Killing tcpdump $TCPDUMP_PID"
  36. sleep 1
  37. kill $TCPDUMP_PID
  38. fi
  39. }
  40. trap cleanup err exit
  41. PROXY_PORT=1234
  42. SERVER_PORT=4321
  43. KEY_UPDATE_SIZE=35
  44. NUM_TESTS_FAILED=0
  45. NUM_TESTS_RUN=0
  46. if [ "$DTLS_VERSION" = "-v4" ]; then
  47. UDP_PROXY_EXTRA_ARGS="-u"
  48. fi
  49. # $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf
  50. set -o pipefail
  51. prepend() { # Usage: cmd 2>&1 | prepend "sometext "
  52. while read line; do echo "${1}${line}"; done
  53. }
  54. run_test() { # usage: run_test "<testName>" "<udp-proxy args>" "<server args>" "<client args>"
  55. ((NUM_TESTS_RUN++))
  56. echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
  57. echo "$1" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
  58. echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
  59. echo -e "\n${1}\n"
  60. stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $3 2>&1 | prepend "[server] " &
  61. SERVER_PID=$(($! - 1))
  62. stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $2 2>&1 | prepend "[udp-proxy] " &
  63. UDP_PROXY_PID=$(($! - 1))
  64. sleep 0.2
  65. # Wrap this command in a timeout so that a deadlock won't bring down the entire test
  66. timeout -s KILL 1m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $4 2>&1 | prepend "[client] "
  67. if [ $? != 0 ]; then
  68. echo "***Test failed***"
  69. ((NUM_TESTS_FAILED++))
  70. fi
  71. kill $SERVER_PID >&/dev/null # make sure the server is no longer running
  72. SERVER_PID=
  73. kill $UDP_PROXY_PID
  74. UDP_PROXY_PID=
  75. }
  76. test_dropping_packets () {
  77. for i in $(seq 0 11);do
  78. run_test "Dropping ${i}th packet" "-f $i" "-Ta" ""
  79. done
  80. # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error
  81. for i in $(seq 0 10);do
  82. run_test "Testing WANT_WRITE: dropping packet $i" "-f $i" "-Ta -6" "-6"
  83. done
  84. }
  85. # this test is based on detecting newSessionTicket message by its size. This is rather fragile.
  86. test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket <size>
  87. run_test "Dropping new session ticket packet of size $1" "-F $1" "-w" "-w --waitTicket"
  88. }
  89. test_permutations () {
  90. SIDE=$1
  91. PERMUTATIONS=$(python3 << EOF
  92. import itertools
  93. for p in itertools.permutations("$2"):
  94. print(''.join(p))
  95. EOF
  96. )
  97. for i in $PERMUTATIONS;do
  98. UDP_LOGFILE=$(mktemp)
  99. run_test "Testing $SIDE permutations order $i" "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w"
  100. echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
  101. rm -f $UDP_LOGFILE
  102. done
  103. echo "All $SIDE msg permutations succeeded"
  104. }
  105. test_time_delays () {
  106. DELAYS=$(python3 << EOF
  107. import itertools
  108. t = [0.1, 0.5, 1.1]
  109. tt = []
  110. for i in itertools.product(t, t, t):
  111. tt.append(i * 15)
  112. for i in tt:
  113. print(','.join(map(lambda x: str(x) , i)))
  114. EOF
  115. )
  116. for DELAY in $DELAYS;do
  117. UDP_LOGFILE=$(mktemp)
  118. run_test "Testing delay $DELAY" "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w"
  119. echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
  120. rm -f $UDP_LOGFILE
  121. done
  122. }
  123. echo "Starting capture"
  124. tcpdump -i lo -n port ${SERVER_PORT} -w ${PCAP_FILENAME} -U &
  125. TCPDUMP_PID=$!
  126. sleep 0.5
  127. test_dropping_packets
  128. test_permutations client 012
  129. if [ "$DO_EXTENDED_SERVER_PERMUTATION_TEST" = "1" ];then
  130. test_permutations server 0123456
  131. else
  132. test_permutations server 012
  133. fi
  134. test_dropping_new_session_ticket 200
  135. # TODO: fix udp_proxy to not re-order close alert before app data
  136. if [ "$DO_DELAY_TEST" = "1" ];then
  137. test_time_delays
  138. fi
  139. if [ $NUM_TESTS_FAILED == 0 ]; then
  140. echo -e "\nAll $NUM_TESTS_RUN tests SUCCEEDED!!!\n"
  141. else
  142. echo -e "\nThere were $NUM_TESTS_FAILED failures out of $NUM_TESTS_RUN tests\n"
  143. fi
  144. echo "The script ran for $SECONDS seconds"
  145. exit $NUM_TESTS_FAILED