1 files changed, 171 insertions, 0 deletions
diff --git a/tests/t_net.sh b/tests/t_net.sh
new file mode 100755
index 0000000..246ee07
--- /dev/null
+++ b/tests/t_net.sh
@@ -0,0 +1,171 @@
+#!/usr/bin/env bash
+
+IFACE="dummy0"
+UNIT_TEST="./unit_tests/openvpn/networking_testdriver"
+MAX_TEST=${1:-7}
+
+srcdir="${srcdir:-.}"
+top_builddir="${top_builddir:-..}"
+openvpn="${top_builddir}/src/openvpn/openvpn"
+
+
+# bail out right away on non-linux. NetLink (the object of this test) is only
+# used on Linux, therefore testing other platform is not needed.
+#
+# Note: statements in the rest of the script may not even pass syntax check on
+# solaris/bsd. It uses /bin/bash
+if [ "$(uname -s)" != "Linux" ]; then
+    echo "$0: this test runs only on Linux. SKIPPING TEST."
+    exit 77
+fi
+
+# Commands used to retrieve the network state.
+# State is retrieved after running sitnl and after running
+# iproute commands. The two are then compared and expected to be equal.
+typeset -a GET_STATE
+GET_STATE[0]="ip link show dev $IFACE | sed 's/^[0-9]\+: //'"
+GET_STATE[1]="ip addr show dev $IFACE | sed 's/^[0-9]\+: //'"
+GET_STATE[2]="ip route show dev $IFACE"
+GET_STATE[3]="ip -6 route show dev $IFACE"
+
+LAST_STATE=$((${#GET_STATE[@]} - 1))
+
+reload_dummy()
+{
+    $RUN_SUDO ip link del $IFACE
+    $RUN_SUDO ip link add $IFACE address 00:11:22:33:44:55 type dummy
+    $RUN_SUDO ip link set dev $IFACE state up
+
+    if [ $? -ne 0 ]; then
+        echo "can't create interface $IFACE"
+        exit 1
+    fi
+}
+
+run_test()
+{
+    # run all test cases from 0 to $1 in sequence
+    CMD=
+    for k in $(seq 0 $1); do
+        # the unit-test prints to stdout the iproute command corresponding
+        # to the sitnl operation being executed.
+        # Format is "CMD: <commandhere>"
+        OUT=$($RUN_SUDO $UNIT_TEST $k $IFACE)
+        # ensure unit test worked properly
+        if [ $? -ne 0 ]; then
+            echo "unit-test $k errored out:"
+            echo "$OUT"
+            exit 1
+        fi
+
+        NEW=$(echo "$OUT" | sed -n 's/CMD: //p')
+        CMD="$CMD $RUN_SUDO $NEW ;"
+    done
+
+    # collect state for later comparison
+    for k in $(seq 0 $LAST_STATE); do
+        STATE_TEST[$k]="$(eval ${GET_STATE[$k]})"
+    done
+}
+
+
+## execution starts here
+
+# t_client.rc required only for RUN_SUDO definition
+if [ -r "${top_builddir}"/t_client.rc ]; then
+    . "${top_builddir}"/t_client.rc
+elif [ -r "${srcdir}"/t_client.rc ]; then
+    . "${srcdir}"/t_client.rc
+fi
+
+if [ ! -x "$openvpn" ]; then
+    echo "no (executable) openvpn binary in current build tree. FAIL." >&2
+    exit 1
+fi
+
+if [ ! -x "$UNIT_TEST" ]; then
+    echo "no test_networking driver available. SKIPPING TEST." >&2
+    exit 77
+fi
+
+
+# Ensure PREFER_KSU is in a known state
+PREFER_KSU="${PREFER_KSU:-0}"
+
+# make sure we have permissions to run the networking unit-test
+ID=`id`
+if expr "$ID" : "uid=0" >/dev/null
+then :
+else
+    if [ "${PREFER_KSU}" -eq 1 ];
+    then
+        # Check if we have a valid kerberos ticket
+        klist -l 1>/dev/null 2>/dev/null
+        if [ $? -ne 0 ];
+        then
+            # No kerberos ticket found, skip ksu and fallback to RUN_SUDO
+            PREFER_KSU=0
+            echo "$0: No Kerberos ticket available.  Will not use ksu."
+        else
+            RUN_SUDO="ksu -q -e"
+        fi
+    fi
+
+    if [ -z "$RUN_SUDO" ]
+    then
+        echo "$0: no RUN_SUDO=... in t_client.rc or environment, defaulting to 'sudo'." >&2
+        echo "      if that does not work, set RUN_SUDO= correctly for your system." >&2
+        RUN_SUDO="sudo"
+    fi
+
+    # check that we can run the unit-test binary with sudo
+    if $RUN_SUDO $UNIT_TEST test
+    then
+        echo "$0: $RUN_SUDO $UNIT_TEST succeeded, good."
+    else
+        echo "$0: $RUN_SUDO $UNIT_TEST failed, cannot go on. SKIP." >&2
+        exit 77
+    fi
+fi
+
+for i in $(seq 0 $MAX_TEST); do
+    # reload dummy module to cleanup state
+    reload_dummy
+    typeset -a STATE_TEST
+    run_test $i
+
+    # reload dummy module to cleanup state before running iproute commands
+    reload_dummy
+
+    # CMD has been set by the unit test
+    eval $CMD
+    if [ $? -ne 0 ]; then
+        echo "error while executing:"
+        echo "$CMD"
+        exit 1
+    fi
+
+    # collect state after running manual ip command
+    for k in $(seq 0 $LAST_STATE); do
+        STATE_IP[$k]="$(eval ${GET_STATE[$k]})"
+    done
+
+    # ensure states after running unit test matches the one after running
+    # manual iproute commands
+    for j in $(seq 0 $LAST_STATE); do
+        if [ "${STATE_TEST[$j]}" != "${STATE_IP[$j]}" ]; then
+            echo "state $j mismatching after '$CMD'"
+            echo "after unit-test:"
+            echo "${STATE_TEST[$j]}"
+            echo "after iproute command:"
+            echo "${STATE_IP[$j]}"
+            exit 1
+        fi
+    done
+    echo "Test $i: OK"
+done
+
+# remove interface for good
+$RUN_SUDO $openvpn --dev $IFACE --dev-type tun --rmtun >/dev/null
+
+exit 0