|
| 1 | +#!/bin/bash |
| 2 | + |
| 3 | +# This script can be run with several environment variables set dictating its |
| 4 | +# run. You can set the following to what you like: |
| 5 | +WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)} |
| 6 | +UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"} |
| 7 | +DTLS_VERSION=${DTLS_VERSION:-"-v4"} |
| 8 | +# Additionally, you can add the following tests by setting it to '1': |
| 9 | +DO_EXTENDED_SERVER_PERMUTATION_TEST=${DO_EXTENDED_SERVER_PERMUTATION_TEST:-0} |
| 10 | +DO_DELAY_TEST=${DO_DELAY_TEST:-0} |
| 11 | + |
| 12 | +# An example use would be: DTLS_VERSION=-v3 scripts/dtls.test |
| 13 | + |
| 14 | +#set -x # enable debug output |
| 15 | + |
| 16 | +cleanup () { |
| 17 | + echo |
| 18 | + echo "Cleaning up..." |
| 19 | + if [ ! -z "$UDP_PROXY_PID" ];then |
| 20 | + echo "Killing udp_proxy $UDP_PROXY_PID" |
| 21 | + kill $UDP_PROXY_PID |
| 22 | + fi |
| 23 | + if [ ! -z "$SERVER_PID" ];then |
| 24 | + echo "Killing server $SERVER_PID" |
| 25 | + kill $SERVER_PID |
| 26 | + fi |
| 27 | + if [ ! -z "$TCPDUMP_PID" ];then |
| 28 | + echo "Killing tcpdump $TCPDUMP_PID" |
| 29 | + sleep 1 |
| 30 | + kill $TCPDUMP_PID |
| 31 | + fi |
| 32 | +} |
| 33 | + |
| 34 | +trap cleanup err exit |
| 35 | + |
| 36 | +PROXY_PORT=1234 |
| 37 | +SERVER_PORT=4321 |
| 38 | +KEY_UPDATE_SIZE=35 |
| 39 | +NUM_TESTS_FAILED=0 |
| 40 | +NUM_TESTS_RUN=0 |
| 41 | + |
| 42 | +if [ "$DTLS_VERSION" = "-v4" ]; then |
| 43 | + UDP_PROXY_EXTRA_ARGS="-u" |
| 44 | +fi |
| 45 | + |
| 46 | +# $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf |
| 47 | + |
| 48 | +set -o pipefail |
| 49 | +prepend() { # Usage: cmd 2>&1 | prepend "sometext " |
| 50 | + while read line; do echo "${1}${line}"; done |
| 51 | +} |
| 52 | + |
| 53 | +run_test() { # usage: run_test "<testName>" "<udp-proxy args>" "<server args>" "<client args>" |
| 54 | + ((NUM_TESTS_RUN++)) |
| 55 | + echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file |
| 56 | + echo "$1" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file |
| 57 | + echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file |
| 58 | + echo -e "\n${1}\n" |
| 59 | + stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $3 2>&1 | prepend "[server] " & |
| 60 | + SERVER_PID=$(($! - 1)) |
| 61 | + stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $2 2>&1 | prepend "[udp-proxy] " & |
| 62 | + UDP_PROXY_PID=$(($! - 1)) |
| 63 | + sleep 0.2 |
| 64 | + # Wrap this command in a timeout so that a deadlock won't bring down the entire test |
| 65 | + timeout -s KILL 5m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $4 2>&1 | prepend "[client] " |
| 66 | + if [ $? != 0 ]; then |
| 67 | + echo "***Test failed***" |
| 68 | + ((NUM_TESTS_FAILED++)) |
| 69 | + fi |
| 70 | + kill $SERVER_PID >&/dev/null # make sure the server is no longer running |
| 71 | + SERVER_PID= |
| 72 | + kill $UDP_PROXY_PID |
| 73 | + UDP_PROXY_PID= |
| 74 | +} |
| 75 | + |
| 76 | +test_dropping_packets () { |
| 77 | + for i in $(seq 3 11);do |
| 78 | + run_test "Dropping ${i}th packet" "-d $i" "-Ta" "" |
| 79 | + done |
| 80 | + |
| 81 | + # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error |
| 82 | + for i in $(seq 0 10);do |
| 83 | + run_test "Testing WANT_WRITE: dropping packet $i" "-f $i" "-Ta -6" "-6" |
| 84 | + done |
| 85 | +} |
| 86 | + |
| 87 | +# this test is based on detecting newSessionTicket message by its size. This is rather fragile. |
| 88 | +test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket <size> |
| 89 | + run_test "Dropping new session ticket packet of size $1" "-F $1" "-w" "-w --waitTicket" |
| 90 | +} |
| 91 | + |
| 92 | +test_permutations () { |
| 93 | + SIDE=$1 |
| 94 | + PERMUTATIONS=$(python3 << EOF |
| 95 | +import itertools |
| 96 | +for p in itertools.permutations("$2"): |
| 97 | + print(''.join(p)) |
| 98 | +EOF |
| 99 | + ) |
| 100 | + for i in $PERMUTATIONS;do |
| 101 | + UDP_LOGFILE=$(mktemp) |
| 102 | + run_test "Testing $SIDE permutations order $i" "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w" |
| 103 | + echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" |
| 104 | + rm -f $UDP_LOGFILE |
| 105 | + done |
| 106 | + echo "All $SIDE msg permutations succeeded" |
| 107 | +} |
| 108 | + |
| 109 | + |
| 110 | +test_time_delays () { |
| 111 | + DELAYS=$(python3 << EOF |
| 112 | +import itertools |
| 113 | +t = [0.1, 0.5, 1.1] |
| 114 | +tt = [] |
| 115 | +for i in itertools.product(t, t, t): |
| 116 | + tt.append(i * 15) |
| 117 | +for i in tt: |
| 118 | + print(','.join(map(lambda x: str(x) , i))) |
| 119 | +EOF |
| 120 | + ) |
| 121 | + for DELAY in $DELAYS;do |
| 122 | + UDP_LOGFILE=$(mktemp) |
| 123 | + run_test "Testing delay $DELAY" "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w" |
| 124 | + echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages" |
| 125 | + rm -f $UDP_LOGFILE |
| 126 | + done |
| 127 | +} |
| 128 | + |
| 129 | +echo "Starting capture" |
| 130 | +tcpdump -i lo -n port ${SERVER_PORT} -w ./dtls${DTLS_VERSION}.pcap -U & |
| 131 | +TCPDUMP_PID=$! |
| 132 | +sleep 0.5 |
| 133 | + |
| 134 | +test_dropping_packets |
| 135 | +test_permutations client 012 |
| 136 | + |
| 137 | +if [ "$DO_EXTENDED_SERVER_PERMUTATION_TEST" = "1" ];then |
| 138 | + test_permutations server 0123456 |
| 139 | +else |
| 140 | + test_permutations server 012 |
| 141 | +fi |
| 142 | + |
| 143 | +test_dropping_new_session_ticket 200 |
| 144 | + |
| 145 | +# TODO: fix udp_proxy to not re-order close alert before app data |
| 146 | +if [ "$DO_DELAY_TEST" = "1" ];then |
| 147 | + test_time_delays |
| 148 | +fi |
| 149 | + |
| 150 | +if [ $NUM_TESTS_FAILED == 0 ]; then |
| 151 | + echo -e "\nAll $NUM_TESTS_RUN tests SUCCEEDED!!!\n" |
| 152 | +else |
| 153 | + echo -e "\nThere were $NUM_TESTS_FAILED failures out of $NUM_TESTS_RUN tests\n" |
| 154 | +fi |
| 155 | + |
| 156 | +exit $NUM_TESTS_FAILED |
0 commit comments