From nobody Thu Aug 11 09:38:32 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M3MF46wbPz4YnRb; Thu, 11 Aug 2022 09:38:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M3MF46Bq6z3hk1; Thu, 11 Aug 2022 09:38:32 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660210712; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=K6F79H7lTok1jHmssB9GCNPlJuLoqcLxhOzA2Ql1zYw=; b=QOcr7mYy8VDI5VBrUlfH9Ke5A39vP8dqumPwCn/01/zMcxCn1RgeAYagXOTUhTvBrS1Pr4 nc/RrFnPTtIQzcVqpbwYv/whbU2H4aigrtI5TqjDROLIDKNyfAHGQ9dej3kxHYq8e2kXp9 7pGz0onB4W6uiky7G+CyKPkUtzYkaTRSemF1ONiZWbwAo5lDgdmPhgCtyWv1Z2Em1LZmxR F9+ITjfAfVJKOHvQV+sT61BmX6AUdv+M262SPbXyiel8zAqwVv0Ea2NN1gw+NF+xv9ldoV alWXS80gWM17mOxAsjDvn/ljbRrDzM5UPJ2B5gxJB3kyPw9vH7J/Oy79SNAqPw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4M3MF45DYgzmh7; Thu, 11 Aug 2022 09:38:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 27B9cWaj097931; Thu, 11 Aug 2022 09:38:32 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 27B9cWVd097930; Thu, 11 Aug 2022 09:38:32 GMT (envelope-from git) Date: Thu, 11 Aug 2022 09:38:32 GMT Message-Id: <202208110938.27B9cWVd097930@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 248da7940aa2 - main - if_ovpn tests: Test using a TCP socket for DCO List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 248da7940aa20177218dddb28d90a570d6eddf2d Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660210712; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=K6F79H7lTok1jHmssB9GCNPlJuLoqcLxhOzA2Ql1zYw=; b=g/98H2qL0bHkmSWmv2J/JphfoDjnFaxlElTCZ+H39cqiYUU0uS1oJCKliMNLVhRzTPkZwW MJ1JfZCHMSanwSZrUvwK3+z+TCifyizRWF+SCBuW9XphpeC+PuM2VyZn8QBPK/Bt3IFv40 lSMvbVr8nbzazZMENxxDkvHwJVVVzSgJijBGtzJnFUhvn2fCidyjnyOuYhelQZ4fm6IC8C fLDQS1WaI1nYWOI++9XCCG4dIneNgrMjK/hj14i2F/7kS21IeIDuo4xCqJF0RRvodxLdmS d9mmcQ9QT7/7dtk9a3UHYwIpDe3iCOFvF5rEIX72v9G+TZFfmEb7jQ76ZApaDA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660210712; a=rsa-sha256; cv=none; b=VOlU/m7PUwLhjPR+ZB5jY9VxohAPtgpHdxq4eKV/VTdiwUS4bOTRYSne34OsZIHx663V1r 03J9XqN/gZE0o2kc7oa2/9WFO3l8OG1VNvPEEr9e5P0DDG+cPq/llD0rQ8Ra4pxTygjhl9 INMkc53S/DNsmh7psIaIvFFEdRhzDwu44YMvfnfyDcgR6g77GDjDNRSZrKN4CYFyMPUXM3 iHXc01EmLv6WjxelLstlGlmwvc1wMjHxp3HafgG6HwKA+zcmJ9BGWGPasb++AGxPqTFYqv 9rpkvTfzTNy4sNy5BAZzgT8AkD1VT1hcKZZ+aJxXxOobMdlND+Awwam3IRCXvw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=248da7940aa20177218dddb28d90a570d6eddf2d commit 248da7940aa20177218dddb28d90a570d6eddf2d Author: Kristof Provost AuthorDate: 2022-08-11 08:34:01 +0000 Commit: Kristof Provost CommitDate: 2022-08-11 08:40:03 +0000 if_ovpn tests: Test using a TCP socket for DCO This used to trigger panics, so try to reproduce it. Create an if_ovpn interface, set a new peer on it with a TCP fd (as opposed to the expected UDP) and ensure that this is rejected. Sponsored by: Rubicon Communications, LLC ("Netgate") --- tests/sys/net/if_ovpn/Makefile | 3 + tests/sys/net/if_ovpn/if_ovpn_c.c | 134 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 137 insertions(+) diff --git a/tests/sys/net/if_ovpn/Makefile b/tests/sys/net/if_ovpn/Makefile index 6c9d61965dfb..a221e25b7e92 100644 --- a/tests/sys/net/if_ovpn/Makefile +++ b/tests/sys/net/if_ovpn/Makefile @@ -3,6 +3,9 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/net/if_ovpn ATF_TESTS_SH+= if_ovpn +ATF_TESTS_C+= if_ovpn_c + +LIBADD+= nv TESTS_SUBDIRS+= ccd diff --git a/tests/sys/net/if_ovpn/if_ovpn_c.c b/tests/sys/net/if_ovpn/if_ovpn_c.c new file mode 100644 index 000000000000..44363620d277 --- /dev/null +++ b/tests/sys/net/if_ovpn/if_ovpn_c.c @@ -0,0 +1,134 @@ +//#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#define OVPN_NEW_PEER _IO ('D', 1) + +static nvlist_t * +fake_sockaddr() +{ + uint32_t addr = htonl(INADDR_LOOPBACK); + nvlist_t *nvl; + + nvl = nvlist_create(0); + + nvlist_add_number(nvl, "af", AF_INET); + nvlist_add_binary(nvl, "address", &addr, 4); + nvlist_add_number(nvl, "port", 1024); + + return (nvl); +} + +static char ovpn_ifname[IFNAMSIZ]; +static int ovpn_fd; + +static int +create_interface(int fd) +{ + int ret; + struct ifreq ifr; + + bzero(&ifr, sizeof(ifr)); + + /* Create ovpnx first, then rename it. */ + snprintf(ifr.ifr_name, IFNAMSIZ, "ovpn"); + ret = ioctl(fd, SIOCIFCREATE2, &ifr); + if (ret) + return (ret); + + snprintf(ovpn_ifname, IFNAMSIZ, "%s", ifr.ifr_name); + printf("Created %s\n", ovpn_ifname); + + return (0); +} + +static void +destroy_interface(int fd) +{ + int ret; + struct ifreq ifr; + + if (ovpn_ifname[0] == 0) + return; + + printf("Destroy %s\n", ovpn_ifname); + + bzero(&ifr, sizeof(ifr)); + snprintf(ifr.ifr_name, IFNAMSIZ, "%s", ovpn_ifname); + + ret = ioctl(fd, SIOCIFDESTROY, &ifr); + if (ret) + atf_tc_fail("Failed to destroy interface"); + + ovpn_ifname[0] = 0; +} + +ATF_TC_WITH_CLEANUP(tcp); +ATF_TC_HEAD(tcp, tc) +{ + atf_tc_set_md_var(tc, "require.user", "root"); +} + +ATF_TC_BODY(tcp, tc) +{ + struct ifdrv drv; + struct sockaddr_in sock_in; + int ret; + nvlist_t *nvl; + + /* Ensure the module is loaded. */ + (void)kldload("if_ovpn"); + + ovpn_fd = socket(AF_INET, SOCK_STREAM | SOCK_NONBLOCK, 0); + + /* Kick off a connect so there's a local address set, which we need for + * ovpn_new_peer() to get to the critical point. */ + bzero(&sock_in, sizeof(sock_in)); + sock_in.sin_family = AF_INET; + sock_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + sock_in.sin_port = htons(1024); + connect(ovpn_fd, (struct sockaddr *)&sock_in, sizeof(sock_in)); + + ret = create_interface(ovpn_fd); + if (ret) + atf_tc_fail("Failed to create interface"); + + nvl = nvlist_create(0); + + nvlist_add_number(nvl, "peerid", 0); + nvlist_add_number(nvl, "fd", ovpn_fd); + nvlist_add_nvlist(nvl, "remote", fake_sockaddr()); + + bzero(&drv, sizeof(drv)); + snprintf(drv.ifd_name, IFNAMSIZ, "%s", ovpn_ifname); + drv.ifd_cmd = OVPN_NEW_PEER; + drv.ifd_data = nvlist_pack(nvl, &drv.ifd_len); + + ret = ioctl(ovpn_fd, SIOCSDRVSPEC, &drv); + ATF_CHECK_EQ(ret, -1); + ATF_CHECK_EQ(errno, EPROTOTYPE); +} + +ATF_TC_CLEANUP(tcp, tc) +{ + destroy_interface(ovpn_fd); + close(ovpn_fd); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, tcp); + + return (atf_no_error()); +}