diff options
| author | tobhe <tobhe@cvs.openbsd.org> | 2020-08-29 20:04:15 +0000 |
|---|---|---|
| committer | tobhe <tobhe@cvs.openbsd.org> | 2020-08-29 20:04:15 +0000 |
| commit | 636326d633ea3b65cb702f531f89c5b7be4b1194 (patch) | |
| tree | 150427ffcdc2a9aed32d4c777394573964a3cbf8 | |
| parent | d50ab670f5d5dcc032db195af39878292af3e97e (diff) | |
Add 'enforcesingleikesa' test.
| -rw-r--r-- | regress/sbin/iked/live/Makefile | 36 |
1 files changed, 31 insertions, 5 deletions
diff --git a/regress/sbin/iked/live/Makefile b/regress/sbin/iked/live/Makefile index b4bf6cc95d8..b82f73f44ed 100644 --- a/regress/sbin/iked/live/Makefile +++ b/regress/sbin/iked/live/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.13 2020/07/21 13:45:13 tobhe Exp $ +# $OpenBSD: Makefile,v 1.14 2020/08/29 20:04:14 tobhe Exp $ # Copyright (c) 2020 Tobias Heider <tobhe@openbsd.org> # @@ -76,6 +76,13 @@ TEST_PING = \ fi; \ echo "$$dump" +TEST_SINGLEIKESA = \ + count=`ssh ${LEFT_SSH} "ikectl show sa | grep -c iked_sas"`; \ + if [[ "$$count" != "1" ]]; then \ + echo "error: too many IKE SAs."; \ + exit 1; \ + fi + SETUP_CONFIGS = \ authstr=""; \ if [[ "$$auth" = "psk" ]]; then \ @@ -86,11 +93,15 @@ SETUP_CONFIGS = \ if [[ "$$flowtype" = "ipcomp" ]]; then \ ipcomp="ipcomp"; \ fi; \ - fragstr=""; \ + configstr=""; \ if [ "$$fragmentation" = true ]; then \ - fragstr="set fragmentation"; \ + configstr="set fragmentation"; \ fi; \ - echo "FRAGMENTATION=\"$$fragstr\"" > $@_left.conf; \ + configstr=""; \ + if [ "$$singleikesa" = true ]; then \ + configstr="set enforcesingleikesa"; \ + fi; \ + echo "FRAGMENTATION=\"$$configstr\"" > $@_left.conf; \ echo "TMODE=\"$$tmode\"" >> $@_left.conf; \ echo "LOCAL_ADDR=\"${LEFT_ADDR}\"" >> $@_left.conf; \ echo "PEER_ADDR=\"${RIGHT_ADDR}\"" >> $@_left.conf; \ @@ -100,7 +111,7 @@ SETUP_CONFIGS = \ cat ${.CURDIR}/iked.in >> $@_left.conf; \ chmod 0600 $@_left.conf; \ echo "cd /tmp\nput $@_left.conf test.conf" | sftp -q ${LEFT_SSH}; \ - echo "FRAGMENTATION=\"$$fragstr\"" > $@_right.conf; \ + echo "FRAGMENTATION=\"$$configstr\"" > $@_right.conf; \ echo "TMODE=\"$$tmode\"" >> $@_right.conf; \ echo "LOCAL_ADDR=\"${RIGHT_ADDR}\"" >> $@_right.conf; \ echo "PEER_ADDR=\"${LEFT_ADDR}\"" >> $@_right.conf; \ @@ -119,6 +130,9 @@ SETUP_START = \ ssh ${LEFT_SSH} "ipsecctl -F; pkill iked; iked $$iked_flags -f /tmp/test.conf"; \ ssh ${RIGHT_SSH} "ipsecctl -F; pkill iked; iked $$iked_flags -f /tmp/test.conf" +SETUP_RELOAD_RIGHT = \ + ssh ${RIGHT_SSH} "ikectl reload" + SETUP_CERT = \ echo "ALTNAME = $$name-from-$$caname" > $$name-from-$$caname.cnf; \ cat ${.CURDIR}/crt.in >> $$name-from-$$caname.cnf; \ @@ -267,6 +281,18 @@ run-transport: ${TEST_FLOWS} ${TEST_PING} +REGRESS_TARGETS += run-singleikesa +run-singleikesa: + @echo '======= $@ ========' + flowtype=esp; \ + singleikesa=true; \ + leftid=left-from-ca-both; \ + rightid=right-from-ca-both; \ + ${SETUP_CONFIGS} + ${SETUP_START} + sleep 1; ${SETUP_RELOAD_RIGHT}; \ + sleep 3; ${TEST_SINGLEIKESA} + REGRESS_TARGETS += run-ipcomp run-ipcomp: @echo '======= $@ ========' |