#! /usr/bin/atf-sh
#	$NetBSD: net_common.sh,v 1.18.2.1 2017/07/07 13:57:26 martin Exp $
#
# Copyright (c) 2016 Internet Initiative Japan Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#

#
# Common utility functions for tests/net
#

HIJACKING="env LD_PRELOAD=/usr/lib/librumphijack.so \
    RUMPHIJACK=path=/rump,socket=all:nolocal,sysctl=yes"
ONEDAYISH="(23h5[0-9]m|1d0h0m)[0-9]+s ?"

extract_new_packets()
{
	local bus=$1
	local old=./.__old

	if [ ! -f $old ]; then
		old=/dev/null
	fi

	shmif_dumpbus -p - $bus 2>/dev/null| \
	    tcpdump -n -e -r - 2>/dev/null > ./.__new
	diff -u $old ./.__new |grep '^+' |cut -d '+' -f 2 > ./.__diff
	mv -f ./.__new ./.__old
	cat ./.__diff
}

check_route()
{
	local target=$1
	local gw=$2
	local flags=${3:-\.\+}
	local ifname=${4:-\.\+}

	target=$(echo $target |sed 's/\./\\./g')
	if [ "$gw" = "" ]; then
		gw=".+"
	else
		gw=$(echo $gw |sed 's/\./\\./g')
	fi

	atf_check -s exit:0 -e ignore \
	    -o match:"^$target +$gw +$flags +- +- +.+ +$ifname" \
	    rump.netstat -rn
}

check_route_flags()
{

	check_route "$1" "" "$2" ""
}

check_route_gw()
{

	check_route "$1" "$2" "" ""
}

check_route_no_entry()
{
	local target=$(echo $1 |sed 's/\./\\./g')

	atf_check -s exit:0 -e ignore -o not-match:"^$target" \
	    rump.netstat -rn
}

get_linklocal_addr()
{

	export RUMP_SERVER=${1}
	rump.ifconfig ${2} inet6 |
	    awk "/fe80/ {sub(/%$2/, \"\"); sub(/\\/[0-9]*/, \"\"); print \$2;}"
	unset RUMP_SERVER

	return 0
}

get_macaddr()
{

	env RUMP_SERVER=${1} \
	    rump.ifconfig ${2} |awk '/address/ {print $2;}'
}

HTTPD_PID=./.__httpd.pid
start_httpd()
{
	local sock=$1
	local ip=$2
	local backup=$RUMP_SERVER

	export RUMP_SERVER=$sock

	# start httpd in daemon mode
	atf_check -s exit:0 env LD_PRELOAD=/usr/lib/librumphijack.so \
	    /usr/libexec/httpd -P $HTTPD_PID -i $ip -b -s $(pwd)

	export RUMP_SERVER=$backup

	sleep 3
}

stop_httpd()
{

	if [ -f $HTTPD_PID ]; then
		kill -9 $(cat $HTTPD_PID)
		rm -f $HTTPD_PID
		sleep 1
	fi
}

NC_PID=./.__nc.pid
start_nc_server()
{
	local sock=$1
	local port=$2
	local outfile=$3
	local proto=${4:-ipv4}
	local backup=$RUMP_SERVER
	local pid= opts=

	export RUMP_SERVER=$sock

	if [ $proto = ipv4 ]; then
		opts="-l -4"
	else
		opts="-l -6"
	fi

	env LD_PRELOAD=/usr/lib/librumphijack.so \
	    nc $opts $port > $outfile &
	pid=$!
	echo $pid > $NC_PID

	if [ $proto = ipv4 ]; then
		$DEBUG && rump.netstat -a -f inet
	else
		$DEBUG && rump.netstat -a -f inet6
	fi

	export RUMP_SERVER=$backup

	sleep 1
}

stop_nc_server()
{

	if [ -f $NC_PID ]; then
		kill -9 $(cat $NC_PID)
		rm -f $NC_PID
		sleep 1
	fi
}

BASIC_LIBS="-lrumpnet -lrumpnet_net -lrumpnet_netinet \
    -lrumpnet_shmif -lrumpdev"
FS_LIBS="$BASIC_LIBS -lrumpvfs -lrumpfs_ffs"
CRYPTO_LIBS="$BASIC_LIBS -lrumpvfs -lrumpdev_opencrypto \
    -lrumpkern_z -lrumpkern_crypto"

# We cannot keep variables between test phases, so need to store in files
_rump_server_socks=./.__socks
_rump_server_ifaces=./.__ifaces
_rump_server_buses=./.__buses

DEBUG_SYSCTL_ENTRIES="net.inet.arp.debug net.inet6.icmp6.nd6_debug \
    net.inet.ipsec.debug"

IPSEC_KEY_DEBUG=${IPSEC_KEY_DEBUG:-false}

_rump_server_start_common()
{
	local sock=$1
	local libs=
	local backup=$RUMP_SERVER

	shift 1
	libs="$*"

	atf_check -s exit:0 rump_server $libs $sock

	if $DEBUG; then
		# Enable debugging features in the kernel
		export RUMP_SERVER=$sock
		for ent in $DEBUG_SYSCTL_ENTRIES; do
			if rump.sysctl -q $ent; then
				atf_check -s exit:0 rump.sysctl -q -w $ent=1
			fi
		done
		export RUMP_SERVER=$backup
	fi
	if $IPSEC_KEY_DEBUG; then
		# Enable debugging features in the kernel
		export RUMP_SERVER=$sock
		if rump.sysctl -q net.key.debug; then
			atf_check -s exit:0 \
			    rump.sysctl -q -w net.key.debug=0xffff
		fi
		export RUMP_SERVER=$backup
	fi

	echo $sock >> $_rump_server_socks
	$DEBUG && cat $_rump_server_socks
}

rump_server_start()
{
	local sock=$1
	local _libs=
	local libs="$BASIC_LIBS"

	shift 1
	_libs="$*"

	for lib in $_libs; do
		libs="$libs -lrumpnet_$lib"
	done

	_rump_server_start_common $sock $libs

	return 0
}

rump_server_fs_start()
{
	local sock=$1
	local _libs=
	local libs="$FS_LIBS"

	shift 1
	_libs="$*"

	for lib in $_libs; do
		libs="$libs -lrumpnet_$lib"
	done

	_rump_server_start_common $sock $libs

	return 0
}

rump_server_crypto_start()
{
	local sock=$1
	local _libs=
	local libs="$CRYPTO_LIBS"

	shift 1
	_libs="$*"

	for lib in $_libs; do
		libs="$libs -lrumpnet_$lib"
	done

	_rump_server_start_common $sock $libs

	return 0
}

rump_server_add_iface()
{
	local sock=$1
	local ifname=$2
	local bus=$3
	local backup=$RUMP_SERVER

	export RUMP_SERVER=$sock
	atf_check -s exit:0 rump.ifconfig $ifname create
	atf_check -s exit:0 rump.ifconfig $ifname linkstr $bus
	export RUMP_SERVER=$backup

	echo $sock $ifname >> $_rump_server_ifaces
	$DEBUG && cat $_rump_server_ifaces

	echo $bus >> $_rump_server_buses
	cat $_rump_server_buses |sort -u >./.__tmp
	mv -f ./.__tmp $_rump_server_buses
	$DEBUG && cat $_rump_server_buses

	return 0
}

rump_server_destroy_ifaces()
{
	local backup=$RUMP_SERVER

	$DEBUG && cat $_rump_server_ifaces

	# Try to dump states before destroying interfaces
	for sock in $(cat $_rump_server_socks); do
		export RUMP_SERVER=$sock
		atf_check -s exit:0 -o ignore rump.ifconfig
		atf_check -s exit:0 -o ignore rump.netstat -nr
		# XXX still need hijacking
		atf_check -s exit:0 -o ignore $HIJACKING rump.netstat -i -a
		atf_check -s exit:0 -o ignore rump.arp -na
		atf_check -s exit:0 -o ignore rump.ndp -na
		atf_check -s exit:0 -o ignore $HIJACKING ifmcstat
	done

	# XXX using pipe doesn't work. See PR bin/51667
	#cat $_rump_server_ifaces | while read sock ifname; do
	while read sock ifname; do
		export RUMP_SERVER=$sock
		if rump.ifconfig -l |grep -q $ifname; then
			atf_check -s exit:0 rump.ifconfig $ifname destroy
		fi
		atf_check -s exit:0 -o ignore rump.ifconfig
	done < $_rump_server_ifaces
	export RUMP_SERVER=$backup

	return 0
}

rump_server_halt_servers()
{
	local backup=$RUMP_SERVER

	$DEBUG && cat $_rump_server_socks
	for sock in $(cat $_rump_server_socks); do
		env RUMP_SERVER=$sock rump.halt
	done
	export RUMP_SERVER=$backup

	return 0
}

rump_server_dump_servers()
{
	local backup=$RUMP_SERVER

	$DEBUG && cat $_rump_server_socks
	for sock in $(cat $_rump_server_socks); do
		echo "### Dumping $sock"
		export RUMP_SERVER=$sock
		rump.ifconfig
		rump.netstat -nr
		# XXX still need hijacking
		$HIJACKING rump.netstat -i -a
		rump.arp -na
		rump.ndp -na
		$HIJACKING ifmcstat
		$HIJACKING dmesg
	done
	export RUMP_SERVER=$backup

	if [ -f rump_server.core ]; then
		gdb -ex bt /usr/bin/rump_server rump_server.core
		strings rump_server.core |grep panic
	fi
	return 0
}

rump_server_dump_buses()
{

	if [ ! -f $_rump_server_buses ]; then
		return 0
	fi

	$DEBUG && cat $_rump_server_buses
	for bus in $(cat $_rump_server_buses); do
		echo "### Dumping $bus"
		shmif_dumpbus -p - $bus 2>/dev/null| tcpdump -n -e -r -
	done
	return 0
}

cleanup()
{

	rump_server_halt_servers
}

dump()
{

	rump_server_dump_servers
	rump_server_dump_buses
}
#	$NetBSD: t_flags.sh,v 1.15.6.1 2017/07/07 13:57:26 martin Exp $
#
# Copyright (c) 2015 The NetBSD Foundation, Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#

SOCK_LOCAL=unix://commsock1
SOCK_PEER=unix://commsock2
SOCK_GW=unix://commsock3
BUS=bus1
BUS2=bus2

DEBUG=${DEBUG:-false}

setup_local()
{

	rump_server_start $SOCK_LOCAL
	rump_server_add_iface $SOCK_LOCAL shmif0 $BUS

	export RUMP_SERVER=$SOCK_LOCAL
	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 10.0.0.2/24
	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 up
	atf_check -s exit:0 -o ignore rump.ifconfig -w 10

	$DEBUG && rump.ifconfig
	$DEBUG && rump.netstat -rn -f inet
}

setup_peer()
{

	rump_server_start $SOCK_PEER
	rump_server_add_iface $SOCK_PEER shmif0 $BUS

	export RUMP_SERVER=$SOCK_PEER
	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 10.0.0.1/24
	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 up
	atf_check -s exit:0 -o ignore rump.ifconfig -w 10

	$DEBUG && rump.ifconfig
	$DEBUG && rump.netstat -rn -f inet
}

setup_gw()
{

	rump_server_start $SOCK_GW
	rump_server_add_iface $SOCK_GW shmif0 $BUS
	rump_server_add_iface $SOCK_GW shmif1 $BUS2

	export RUMP_SERVER=$SOCK_GW
	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 10.0.0.254/24
	atf_check -s exit:0 -o ignore rump.ifconfig shmif0 up

	atf_check -s exit:0 -o ignore rump.ifconfig shmif1 10.0.2.1/24
	atf_check -s exit:0 -o ignore rump.ifconfig shmif1 alias 10.0.2.2/24
	atf_check -s exit:0 -o ignore rump.ifconfig shmif1 up

	# Wait until DAD completes (10 sec at most)
	atf_check -s exit:0 -o ignore rump.ifconfig -w 10
	atf_check -s not-exit:0 -x "rump.ifconfig shmif1 |grep -q tentative"

	$DEBUG && rump.ifconfig
	$DEBUG && rump.netstat -rn -f inet
}

test_lo()
{

	export RUMP_SERVER=$SOCK_LOCAL

	# Up, Host, local
	check_route_flags 127.0.0.1 UHl
}

test_connected()
{

	export RUMP_SERVER=$SOCK_LOCAL

	# Up, Host, local
	check_route_flags 10.0.0.2 UHl

	# Up, Cloning
	check_route_flags 10.0.0/24 UC
}

test_default_gateway()
{

	export RUMP_SERVER=$SOCK_LOCAL

	atf_check -s exit:0 -o ignore rump.route add default 10.0.0.1
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Static
	check_route_flags default UGS
}

test_static()
{

	export RUMP_SERVER=$SOCK_LOCAL

	# Static route to host
	atf_check -s exit:0 -o ignore rump.route add 10.0.1.1 10.0.0.1
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Host, Static
	check_route_flags 10.0.1.1 UGHS

	# Static route to network
	atf_check -s exit:0 -o ignore rump.route add -net 10.0.2.0/24 10.0.0.1
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Static
	check_route_flags 10.0.2/24 UGS
}

test_blackhole()
{

	export RUMP_SERVER=$SOCK_LOCAL

	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 10.0.0.1

	# Delete an existing route first
	atf_check -s exit:0 -o ignore rump.route delete -net 10.0.0.0/24
	# Should be removed too
	atf_check -s not-exit:0 -e match:'no entry' rump.arp -n 10.0.0.1

	# Gateway must be lo0
	atf_check -s exit:0 -o ignore \
	    rump.route add -net 10.0.0.0/24 127.0.0.1 -blackhole
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Blackhole, Static
	check_route_flags 10.0.0/24 UGBS

	atf_check -s not-exit:0 -o match:'100.0% packet loss' \
	    rump.ping -n -w 1 -c 1 10.0.0.1
	$DEBUG && rump.netstat -rn -f inet

	# Shouldn't be created
	check_route_no_entry 10.0.0.1
	atf_check -s not-exit:0 -e match:'no entry' rump.arp -n 10.0.0.1
}

test_reject()
{

	export RUMP_SERVER=$SOCK_LOCAL

	# Delete an existing route first
	atf_check -s exit:0 -o ignore rump.route delete -net 10.0.0.0/24

	atf_check -s exit:0 -o ignore rump.route add -net 10.0.0.0/24 10.0.0.1 -reject
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Reject, Static
	check_route_flags 10.0.0/24 UGRS

	atf_check -s not-exit:0 -o ignore -e match:'No route to host' \
	    rump.ping -n -w 1 -c 1 10.0.0.1
	$DEBUG && rump.netstat -rn -f inet

	# Shouldn't be created
	check_route_no_entry 10.0.0.1
	atf_check -s not-exit:0 -e match:'no entry' rump.arp -n 10.0.0.1

	# Gateway is lo0 (RTF_GATEWAY)

	# Delete an existing route first
	atf_check -s exit:0 -o ignore rump.route delete -net 10.0.0.0/24

	atf_check -s exit:0 -o ignore \
	    rump.route add -net 10.0.0.0/24 127.0.0.1 -reject
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Reject, Static
	check_route_flags 10.0.0/24 UGRS

	atf_check -s not-exit:0 -o ignore -e match:'Network is unreachable' \
	    rump.ping -n -w 1 -c 1 10.0.0.1
	$DEBUG && rump.netstat -rn -f inet

	# Shouldn't be created
	check_route_no_entry 10.0.0.1
	atf_check -s not-exit:0 -e match:'no entry' rump.arp -n 10.0.0.1

	# Gateway is lo0 (RTF_HOST)

	# Delete an existing route first
	atf_check -s exit:0 -o ignore rump.route delete -net 10.0.0.0/24

	atf_check -s exit:0 -o ignore \
	    rump.route add -host 10.0.0.1/24 127.0.0.1 -iface -reject
	$DEBUG && rump.netstat -rn -f inet

	# Up, Host, Reject, Static
	check_route_flags 10.0.0.1 UHRS

	atf_check -s not-exit:0 -o ignore -e match:'No route to host' \
	    rump.ping -n -w 1 -c 1 10.0.0.1
	$DEBUG && rump.netstat -rn -f inet

	return 0
}

test_icmp_redirect()
{

	### Testing Dynamic flag ###

	#
	# Setup a gateway 10.0.0.254. 10.0.2.1 is behind it.
	#
	setup_gw

	#
	# Teach the peer that 10.0.2.* is behind 10.0.0.254
	#
	export RUMP_SERVER=$SOCK_PEER
	atf_check -s exit:0 -o ignore rump.route add -net 10.0.2.0/24 10.0.0.254
	# Up, Gateway, Static
	check_route_flags 10.0.2/24 UGS

	#
	# Setup the default gateway to the peer, 10.0.0.1
	#
	export RUMP_SERVER=$SOCK_LOCAL
	atf_check -s exit:0 -o ignore rump.route add default 10.0.0.1
	# Up, Gateway, Static
	check_route_flags default UGS

	# Try ping 10.0.2.1
	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 10.0.2.1
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Host, Dynamic
	check_route_flags 10.0.2.1 UGHD
	check_route_gw 10.0.2.1 10.0.0.254

	export RUMP_SERVER=$SOCK_PEER
	$DEBUG && rump.netstat -rn -f inet

	### Testing Modified flag ###

	#
	# Teach a wrong route to 10.0.2.2
	#
	export RUMP_SERVER=$SOCK_LOCAL
	atf_check -s exit:0 -o ignore rump.route add 10.0.2.2 10.0.0.1
	# Up, Gateway, Host, Static
	check_route_flags 10.0.2.2 UGHS
	check_route_gw 10.0.2.2 10.0.0.1

	# Try ping 10.0.2.2
	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 10.0.2.2
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Host, Modified, Static
	check_route_flags 10.0.2.2 UGHMS
	check_route_gw 10.0.2.2 10.0.0.254
}

test_announce()
{
	export RUMP_SERVER=$SOCK_LOCAL

	# Delete an existing route first
	atf_check -s exit:0 -o ignore rump.route delete -net 10.0.0.0/24

	atf_check -s exit:0 -o ignore rump.route add -net 10.0.0.0/24 10.0.0.1 -proxy
	$DEBUG && rump.netstat -rn -f inet

	# Up, Gateway, Static, proxy
	check_route_flags 10.0.0/24 UGSp

	# TODO test its behavior
}

test_llinfo()
{
	local peer_macaddr=

	peer_macaddr=$(get_macaddr $SOCK_PEER shmif0)

	export RUMP_SERVER=$SOCK_LOCAL

	atf_check -s exit:0 -o ignore rump.ping -n -w 1 -c 1 10.0.0.1

	# Up, Host, LLINFO
	check_route 10.0.0.1 $peer_macaddr UHL shmif0
}

add_test()
{
	local name=$1
	local desc="$2"

	atf_test_case "route_flags_${name}" cleanup
	eval "route_flags_${name}_head() { \
			atf_set \"descr\" \"${desc}\"; \
			atf_set \"require.progs\" \"rump_server\"; \
		}; \
	    route_flags_${name}_body() { \
			setup_local; \
			setup_peer; \
			test_${name}; \
			rump_server_destroy_ifaces; \
		}; \
	    route_flags_${name}_cleanup() { \
			$DEBUG && dump; \
			cleanup; \
		}"
	atf_add_test_case "route_flags_${name}"
}

atf_init_test_cases()
{

	add_test lo              "Tests route flags: loop back interface"
	add_test connected       "Tests route flags: connected route"
	add_test default_gateway "Tests route flags: default gateway"
	add_test static          "Tests route flags: static route"
	add_test blackhole       "Tests route flags: blackhole route"
	add_test reject          "Tests route flags: reject route"
	add_test icmp_redirect   "Tests route flags: icmp redirect"
	add_test announce        "Tests route flags: announce flag"
	add_test llinfo          "Tests route flags: ARP caches"
}
