Thu May 18 14:43:42 2017 UTC ()
Don't check the existence of SA entries eagerly

They can be expired at that point if their lifetime is very short.
This may fix unexpected failures of tests running on anita.


(ozaki-r)
diff -r1.2 -r1.3 src/tests/net/ipsec/t_ipsec_misc.sh
cvs diff -r1.2 -r1.3 src/tests/net/ipsec/t_ipsec_misc.sh (expand / switch to unified diff)

--- src/tests/net/ipsec/t_ipsec_misc.sh 2017/05/17 06:30:15 1.2
+++ src/tests/net/ipsec/t_ipsec_misc.sh 2017/05/18 14:43:42 1.3
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: t_ipsec_misc.sh,v 1.2 2017/05/17 06:30:15 ozaki-r Exp $ 1# $NetBSD: t_ipsec_misc.sh,v 1.3 2017/05/18 14:43:42 ozaki-r Exp $
2# 2#
3# Copyright (c) 2017 Internet Initiative Japan Inc. 3# Copyright (c) 2017 Internet Initiative Japan Inc.
4# All rights reserved. 4# All rights reserved.
5# 5#
6# Redistribution and use in source and binary forms, with or without 6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions 7# modification, are permitted provided that the following conditions
8# are met: 8# are met:
9# 1. Redistributions of source code must retain the above copyright 9# 1. Redistributions of source code must retain the above copyright
10# notice, this list of conditions and the following disclaimer. 10# notice, this list of conditions and the following disclaimer.
11# 2. Redistributions in binary form must reproduce the above copyright 11# 2. Redistributions in binary form must reproduce the above copyright
12# notice, this list of conditions and the following disclaimer in the 12# notice, this list of conditions and the following disclaimer in the
13# documentation and/or other materials provided with the distribution. 13# documentation and/or other materials provided with the distribution.
14# 14#
@@ -38,37 +38,39 @@ setup_sasp() @@ -38,37 +38,39 @@ setup_sasp()
38 local ip_local=$3 38 local ip_local=$3
39 local ip_peer=$4 39 local ip_peer=$4
40 local lifetime=$5 40 local lifetime=$5
41 local tmpfile=./tmp 41 local tmpfile=./tmp
42 42
43 export RUMP_SERVER=$SOCK_LOCAL 43 export RUMP_SERVER=$SOCK_LOCAL
44 cat > $tmpfile <<-EOF 44 cat > $tmpfile <<-EOF
45 add $ip_local $ip_peer $proto 10000 -lh $lifetime -ls $lifetime $algo_args; 45 add $ip_local $ip_peer $proto 10000 -lh $lifetime -ls $lifetime $algo_args;
46 add $ip_peer $ip_local $proto 10001 -lh $lifetime -ls $lifetime $algo_args; 46 add $ip_peer $ip_local $proto 10001 -lh $lifetime -ls $lifetime $algo_args;
47 spdadd $ip_local $ip_peer any -P out ipsec $proto/transport//require; 47 spdadd $ip_local $ip_peer any -P out ipsec $proto/transport//require;
48 EOF 48 EOF
49 $DEBUG && cat $tmpfile 49 $DEBUG && cat $tmpfile
50 atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile 50 atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
51 check_sa_entries $SOCK_LOCAL $ip_local $ip_peer 51 # XXX it can be expired if $lifetime is very short
 52 #check_sa_entries $SOCK_LOCAL $ip_local $ip_peer
52 53
53 export RUMP_SERVER=$SOCK_PEER 54 export RUMP_SERVER=$SOCK_PEER
54 cat > $tmpfile <<-EOF 55 cat > $tmpfile <<-EOF
55 add $ip_local $ip_peer $proto 10000 -lh $lifetime -ls $lifetime $algo_args; 56 add $ip_local $ip_peer $proto 10000 -lh $lifetime -ls $lifetime $algo_args;
56 add $ip_peer $ip_local $proto 10001 -lh $lifetime -ls $lifetime $algo_args; 57 add $ip_peer $ip_local $proto 10001 -lh $lifetime -ls $lifetime $algo_args;
57 spdadd $ip_peer $ip_local any -P out ipsec $proto/transport//require; 58 spdadd $ip_peer $ip_local any -P out ipsec $proto/transport//require;
58 EOF 59 EOF
59 $DEBUG && cat $tmpfile 60 $DEBUG && cat $tmpfile
60 atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile 61 atf_check -s exit:0 -o empty $HIJACKING setkey -c < $tmpfile
61 check_sa_entries $SOCK_PEER $ip_local $ip_peer 62 # XXX it can be expired if $lifetime is very short
 63 #check_sa_entries $SOCK_PEER $ip_local $ip_peer
62} 64}
63 65
64test_ipsec4_lifetime() 66test_ipsec4_lifetime()
65{ 67{
66 local proto=$1 68 local proto=$1
67 local algo=$2 69 local algo=$2
68 local ip_local=10.0.0.1 70 local ip_local=10.0.0.1
69 local ip_peer=10.0.0.2 71 local ip_peer=10.0.0.2
70 local outfile=./out 72 local outfile=./out
71 local proto_cap=$(echo $proto | tr 'a-z' 'A-Z') 73 local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
72 local algo_args="$(generate_algo_args $proto $algo)" 74 local algo_args="$(generate_algo_args $proto $algo)"
73 local lifetime=3 75 local lifetime=3
74 76