1 # $NetBSD: t_tcpip.sh,v 1.13 2014/01/03 13:18:00 pooka Exp $
3 # Copyright (c) 2011 The NetBSD Foundation, Inc.
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions
9 # 1. Redistributions of source code must retain the above copyright
10 # notice, this list of conditions and the following disclaimer.
11 # 2. Redistributions in binary form must reproduce the above copyright
12 # notice, this list of conditions and the following disclaimer in the
13 # documentation and/or other materials provided with the distribution.
15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
18 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
25 # POSSIBILITY OF SUCH DAMAGE.
28 rumpnetsrv='rump_server -lrumpnet -lrumpnet_net -lrumpnet_netinet'
29 export RUMP_SERVER=unix://csock
31 atf_test_case http cleanup
34 atf_set "descr" "Start hijacked httpd and get webpage from it"
40 atf_check -s exit:0 ${rumpnetsrv} -lrumpnet_netinet6 ${RUMP_SERVER}
42 # start bozo in daemon mode
43 atf_check -s exit:0 env LD_PRELOAD=/usr/lib/librumphijack.so \
44 /usr/libexec/httpd -P ./httpd.pid -b -s $(atf_get_srcdir)
46 atf_check -s exit:0 -o file:"$(atf_get_srcdir)/netstat.expout" \
50 atf_check -s exit:0 env LD_PRELOAD=/usr/lib/librumphijack.so \
51 $(atf_get_srcdir)/h_netget 127.0.0.1 80 webfile
53 # check that we got what we wanted
54 atf_check -o match:'HTTP/1.0 200 OK' cat webfile
55 atf_check -o match:'Content-Length: 95' cat webfile
56 atf_check -o file:"$(atf_get_srcdir)/index.html" \
57 sed -n '1,/^$/!p' webfile
62 if [ -f httpd.pid ]; then
63 kill -9 "$(cat httpd.pid)"
71 # Starts a SSH server and sets up the client to access it.
72 # Authentication is allowed and done using an RSA key exclusively, which
73 # is generated on the fly as part of the test case.
74 # XXX: Ideally, all the tests in this test program should be able to share
75 # the generated key, because creating it can be a very slow process on some
78 # XXX2: copypasted from jmmv's sshd thingamob in the psshfs test.
79 # ideally code (and keys, like jmmv notes above) could be shared
82 echo "Setting up SSH server configuration"
83 sed -e "s,@SRCDIR@,$(atf_get_srcdir),g" -e "s,@WORKDIR@,$(pwd),g" \
84 $(atf_get_srcdir)/sshd_config.in >sshd_config || \
85 atf_fail "Failed to create sshd_config"
86 atf_check -s ignore -o empty -e ignore \
87 cp $(atf_get_srcdir)/ssh_host_key .
88 atf_check -s ignore -o empty -e ignore \
89 cp $(atf_get_srcdir)/ssh_host_key.pub .
90 atf_check -s eq:0 -o empty -e empty chmod 400 ssh_host_key
91 atf_check -s eq:0 -o empty -e empty chmod 444 ssh_host_key.pub
93 env LD_PRELOAD=/usr/lib/librumphijack.so \
94 /usr/sbin/sshd -e -f ./sshd_config
95 while [ ! -f sshd.pid ]; do
98 echo "SSH server started (pid $(cat sshd.pid))"
100 echo "Setting up SSH client configuration"
101 atf_check -s eq:0 -o empty -e empty \
102 ssh-keygen -f ssh_user_key -t rsa -b 1024 -N "" -q
103 atf_check -s eq:0 -o empty -e empty \
104 cp ssh_user_key.pub authorized_keys
105 echo "127.0.0.1,localhost,::1 " \
106 "$(cat $(atf_get_srcdir)/ssh_host_key.pub)" >known_hosts || \
107 atf_fail "Failed to create known_hosts"
108 atf_check -s eq:0 -o empty -e empty chmod 600 authorized_keys
109 sed -e "s,@SRCDIR@,$(atf_get_srcdir),g" -e "s,@WORKDIR@,$(pwd),g" \
110 $(atf_get_srcdir)/ssh_config.in >ssh_config || \
111 atf_fail "Failed to create ssh_config"
116 atf_test_case ssh cleanup
119 atf_set "descr" "Test that hijacked ssh/sshd works"
125 atf_check -s exit:0 ${rumpnetsrv} ${RUMP_SERVER}
126 # make sure clients die after we nuke the server
127 export RUMPHIJACK_RETRYCONNECT='die'
131 # create some sort of directory for us to "ls"
135 jot 11 12 | xargs mkdir
138 atf_check -s exit:0 -o save:ssh.out \
139 env LD_PRELOAD=/usr/lib/librumphijack.so \
140 ssh -T -F ssh_config 127.0.0.1 env BLOCKSIZE=512 \
141 ls -li $(pwd)/testdir
142 atf_check -s exit:0 -o file:ssh.out env BLOCKSIZE=512 \
143 ls -li $(pwd)/testdir
149 # sshd dies due to RUMPHIJACK_RETRYCONNECT=1d6
155 magicstr='wind in my hair'
156 # create ffs file system we'll be serving from
157 atf_check -s exit:0 -o ignore newfs -F -s 10000 ffs.img
159 # start nfs kernel server. this is a mouthful
160 export RUMP_SERVER=unix://serversock
161 atf_check -s exit:0 rump_server $* ${RUMP_SERVER}
163 atf_check -s exit:0 rump.ifconfig shmif0 create
164 atf_check -s exit:0 rump.ifconfig shmif0 linkstr shmbus
165 atf_check -s exit:0 rump.ifconfig shmif0 inet 10.1.1.1
167 export RUMPHIJACK_RETRYCONNECT=die
168 export LD_PRELOAD=/usr/lib/librumphijack.so
170 atf_check -s exit:0 mkdir -p /rump/var/run
171 atf_check -s exit:0 mkdir -p /rump/var/db
172 atf_check -s exit:0 touch /rump/var/db/mountdtab
173 atf_check -s exit:0 mkdir /rump/etc
174 atf_check -s exit:0 mkdir /rump/export
176 atf_check -s exit:0 -x \
177 'echo "/export -noresvport -noresvmnt 10.1.1.100" | \
178 dd of=/rump/etc/exports 2> /dev/null'
180 atf_check -s exit:0 -e ignore mount_ffs /dk /rump/export
181 atf_check -s exit:0 -x "echo ${magicstr} > /rump/export/im_alive"
183 # start rpcbind. we want /var/run/rpcbind.sock
184 export RUMPHIJACK='blanket=/var/run,socket=all'
185 atf_check -s exit:0 rpcbind
187 # ok, then we want mountd in the similar fashion
188 export RUMPHIJACK='blanket=/var/run:/var/db:/export,socket=all,path=/rump,vfs=all'
189 atf_check -s exit:0 mountd /rump/etc/exports
191 # finally, le nfschuck
192 export RUMPHIJACK='blanket=/var/run,socket=all,vfs=all'
193 atf_check -s exit:0 nfsd
196 # now, time for the client server and associated madness.
199 export RUMP_SERVER=unix://clientsock
203 # at least the kernel server is easier
204 atf_check -s exit:0 rump_server -lrumpvfs -lrumpnet \
205 -lrumpnet_net -lrumpnet_netinet -lrumpnet_shmif -lrumpfs_nfs\
208 atf_check -s exit:0 rump.ifconfig shmif0 create
209 atf_check -s exit:0 rump.ifconfig shmif0 linkstr shmbus
210 atf_check -s exit:0 rump.ifconfig shmif0 inet 10.1.1.100
212 export LD_PRELOAD=/usr/lib/librumphijack.so
214 atf_check -s exit:0 mkdir /rump/mnt
215 atf_check -s exit:0 mount_nfs 10.1.1.1:/export /rump/mnt
217 atf_check -s exit:0 -o inline:"${magicstr}\n" cat /rump/mnt/im_alive
218 atf_check -s exit:0 -o match:'.*im_alive$' ls -l /rump/mnt/im_alive
222 atf_test_case nfs cleanup
225 atf_set "descr" "Test hijacked nfsd and mount_nfs"
230 test_nfs -lrumpvfs -lrumpdev -lrumpnet -lrumpnet_net \
231 -lrumpnet_netinet -lrumpnet_local -lrumpnet_shmif \
232 -lrumpdev_disk -lrumpfs_ffs -lrumpfs_nfs -lrumpfs_nfsserver \
233 -d key=/dk,hostpath=ffs.img,size=host
238 RUMP_SERVER=unix://serversock rump.halt 2> /dev/null
239 RUMP_SERVER=unix://clientsock rump.halt 2> /dev/null
243 atf_test_case nfs_autoload cleanup
246 atf_set "descr" "Test hijacked nfsd with autoload from /stand"
251 [ `uname -m` = "i386" ] || atf_skip "test currently valid only on i386"
252 test_nfs -lrumpvfs -lrumpdev -lrumpnet -lrumpnet_net \
253 -lrumpnet_netinet -lrumpnet_local -lrumpnet_shmif \
254 -lrumpdev_disk -d key=/dk,hostpath=ffs.img,size=host
257 nfs_autoload_cleanup()
262 atf_init_test_cases()
264 atf_add_test_case http
265 atf_add_test_case ssh
266 atf_add_test_case nfs
267 atf_add_test_case nfs_autoload