@@ -45,17 +45,22 @@ VRF_TABLE=1101
4545NSA_IP=172.16.1.1
4646NSB_IP=172.16.1.2
4747VRF_IP=172.16.3.1
48+ NS_NET=172.16.1.0/24
4849
4950# IPv6 config
5051NSA_IP6=2001:db8:1::1
5152NSB_IP6=2001:db8:1::2
5253VRF_IP6=2001:db8:3::1
54+ NS_NET6=2001:db8:1::/120
5355
5456NSA_LO_IP=172.16.2.1
5557NSB_LO_IP=172.16.2.2
5658NSA_LO_IP6=2001:db8:2::1
5759NSB_LO_IP6=2001:db8:2::2
5860
61+ MD5_PW=abc123
62+ MD5_WRONG_PW=abc1234
63+
5964MCAST=ff02::1
6065# set after namespace create
6166NSA_LINKIP6=
@@ -714,6 +719,74 @@ ipv4_ping()
714719# ###############################################################################
715720# IPv4 TCP
716721
722+ #
723+ # MD5 tests without VRF
724+ #
725+ ipv4_tcp_md5_novrf ()
726+ {
727+ #
728+ # single address
729+ #
730+
731+ # basic use case
732+ log_start
733+ run_cmd nettest -s -M ${MD5_PW} -r ${NSB_IP} &
734+ sleep 1
735+ run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
736+ log_test $? 0 " MD5: Single address config"
737+
738+ # client sends MD5, server not configured
739+ log_start
740+ show_hint " Should timeout due to MD5 mismatch"
741+ run_cmd nettest -s &
742+ sleep 1
743+ run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
744+ log_test $? 2 " MD5: Server no config, client uses password"
745+
746+ # wrong password
747+ log_start
748+ show_hint " Should timeout since client uses wrong password"
749+ run_cmd nettest -s -M ${MD5_PW} -r ${NSB_IP} &
750+ sleep 1
751+ run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_WRONG_PW}
752+ log_test $? 2 " MD5: Client uses wrong password"
753+
754+ # client from different address
755+ log_start
756+ show_hint " Should timeout due to MD5 mismatch"
757+ run_cmd nettest -s -M ${MD5_PW} -r ${NSB_LO_IP} &
758+ sleep 1
759+ run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
760+ log_test $? 2 " MD5: Client address does not match address configured with password"
761+
762+ #
763+ # MD5 extension - prefix length
764+ #
765+
766+ # client in prefix
767+ log_start
768+ run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} &
769+ sleep 1
770+ run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
771+ log_test $? 0 " MD5: Prefix config"
772+
773+ # client in prefix, wrong password
774+ log_start
775+ show_hint " Should timeout since client uses wrong password"
776+ run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} &
777+ sleep 1
778+ run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_WRONG_PW}
779+ log_test $? 2 " MD5: Prefix config, client uses wrong password"
780+
781+ # client outside of prefix
782+ log_start
783+ show_hint " Should timeout due to MD5 mismatch"
784+ run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} &
785+ sleep 1
786+ run_cmd_nsb nettest -l ${NSB_LO_IP} -r ${NSA_IP} -M ${MD5_PW}
787+ log_test $? 2 " MD5: Prefix config, client address not in configured prefix"
788+ }
789+
717790ipv4_tcp_novrf ()
718791{
719792 local a
@@ -831,6 +904,8 @@ ipv4_tcp_novrf()
831904 show_hint " Should fail 'Connection refused'"
832905 run_cmd nettest -d ${NSA_DEV} -r ${a}
833906 log_test_addr ${a} $? 1 " No server, device client, local conn"
907+
908+ ipv4_tcp_md5_novrf
834909}
835910
836911ipv4_tcp_vrf ()
@@ -1961,6 +2036,74 @@ ipv6_ping()
19612036# ###############################################################################
19622037# IPv6 TCP
19632038
2039+ #
2040+ # MD5 tests without VRF
2041+ #
2042+ ipv6_tcp_md5_novrf ()
2043+ {
2044+ #
2045+ # single address
2046+ #
2047+
2048+ # basic use case
2049+ log_start
2050+ run_cmd nettest -6 -s -M ${MD5_PW} -r ${NSB_IP6} &
2051+ sleep 1
2052+ run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
2053+ log_test $? 0 " MD5: Single address config"
2054+
2055+ # client sends MD5, server not configured
2056+ log_start
2057+ show_hint " Should timeout due to MD5 mismatch"
2058+ run_cmd nettest -6 -s &
2059+ sleep 1
2060+ run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
2061+ log_test $? 2 " MD5: Server no config, client uses password"
2062+
2063+ # wrong password
2064+ log_start
2065+ show_hint " Should timeout since client uses wrong password"
2066+ run_cmd nettest -6 -s -M ${MD5_PW} -r ${NSB_IP6} &
2067+ sleep 1
2068+ run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_WRONG_PW}
2069+ log_test $? 2 " MD5: Client uses wrong password"
2070+
2071+ # client from different address
2072+ log_start
2073+ show_hint " Should timeout due to MD5 mismatch"
2074+ run_cmd nettest -6 -s -M ${MD5_PW} -r ${NSB_LO_IP6} &
2075+ sleep 1
2076+ run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
2077+ log_test $? 2 " MD5: Client address does not match address configured with password"
2078+
2079+ #
2080+ # MD5 extension - prefix length
2081+ #
2082+
2083+ # client in prefix
2084+ log_start
2085+ run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} &
2086+ sleep 1
2087+ run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
2088+ log_test $? 0 " MD5: Prefix config"
2089+
2090+ # client in prefix, wrong password
2091+ log_start
2092+ show_hint " Should timeout since client uses wrong password"
2093+ run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} &
2094+ sleep 1
2095+ run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_WRONG_PW}
2096+ log_test $? 2 " MD5: Prefix config, client uses wrong password"
2097+
2098+ # client outside of prefix
2099+ log_start
2100+ show_hint " Should timeout due to MD5 mismatch"
2101+ run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} &
2102+ sleep 1
2103+ run_cmd_nsb nettest -6 -l ${NSB_LO_IP6} -r ${NSA_IP6} -M ${MD5_PW}
2104+ log_test $? 2 " MD5: Prefix config, client address not in configured prefix"
2105+ }
2106+
19642107ipv6_tcp_novrf ()
19652108{
19662109 local a
@@ -2077,6 +2220,8 @@ ipv6_tcp_novrf()
20772220 run_cmd nettest -6 -d ${NSA_DEV} -r ${a}
20782221 log_test_addr ${a} $? 1 " No server, device client, local conn"
20792222 done
2223+
2224+ ipv6_tcp_md5_novrf
20802225}
20812226
20822227ipv6_tcp_vrf ()
0 commit comments