X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=stest%2Fcommon.tcl;h=8897bd90da340a99b4529b65e736691673c7cbb9;hb=5f9e3ffe07bd4412e35e90637694a3e5bc2eac7a;hp=5b87e73fc643b921c1894a8452de21336d0a19c3;hpb=18c4e5eaf4d400ebee86caafe34f18aa5734c3ca;p=secnet.git

diff --git a/stest/common.tcl b/stest/common.tcl
index 5b87e73..8897bd9 100644
--- a/stest/common.tcl
+++ b/stest/common.tcl
@@ -25,6 +25,18 @@ set extra(inside) {
 }
 set extra(outside) {}
 
+set privkey(inside) test-example/inside.privkeys/
+set privkey(outside) test-example/outside.privkeys/
+
+set initiator inside
+
+proc sitesconf_hook {l} { return $l }
+
+proc oldsecnet {site} {
+    upvar #0 oldsecnet($site) oldsecnet
+    expr {[info exists oldsecnet] && [set oldsecnet]}
+}
+
 proc mkconf {location site} {
     global tmp
     global builddir
@@ -32,6 +44,7 @@ proc mkconf {location site} {
     global ports
     global extra
     global netlinkfh
+    upvar #0 privkey($site) privkey
     set pipefp $tmp/$site.netlink
     foreach tr {t r} {
 	file delete $pipefp.$tr
@@ -54,6 +67,7 @@ exec cat
 "
     close $fakeuh
     set cfg "
+	hash sha1;
 	netlink userv-ipif {
 	    name \"netlink\";
             userv-path \"$fakeuf\";
@@ -77,13 +91,41 @@ exec cat
     }
     append cfg ";
 	local-name \"test-example/$location/$site\";
-	local-key rsa-private(\"$builddir/test-example/$site.key\");
 "
+    switch -glob $privkey {
+	*/ {
+	    set sitesconf sites.conf
+	    append cfg "
+	        key-cache priv-cache({
+		    privkeys \"$builddir/${privkey}priv.\";
+                });
+"
+	}
+	{load-private *} {
+	    set sitesconf sites-nonego.conf
+	    append cfg "
+		local-key load-private(\"[lindex $privkey 1]\",\"$builddir/[lindex $privkey 2]\");
+"
+	}
+	* {
+	    set sitesconf sites-nonego.conf
+	    append cfg "
+		local-key rsa-private(\"$builddir/$privkey\");
+"
+	}
+    }
+    set sitesconf $builddir/test-example/$sitesconf
+    
     append cfg $extra($site)
     append cfg "
 	log logfile {
 	    prefix \"$site\";
 	    class \"debug\",\"info\",\"notice\",\"warning\",\"error\",\"security\",\"fatal\";
+    "
+    if {[oldsecnet $site]} { append cfg "
+	    filename \"/dev/stderr\";
+    " }
+    append cfg "
 	};
     "
     append cfg {
@@ -100,9 +142,10 @@ exec cat
     file delete -force $pubkeys
     exec cp -rl $builddir/test-example/pubkeys $pubkeys
 
-    set f [open $builddir/test-example/sites.conf r]
+    set f [open $sitesconf r]
     while {[gets $f l] >= 0} {
 	regsub {\"[^\"]*test-example/pubkeys/} $l "\"$pubkeys/" l
+	set l [sitesconf_hook $l]
 	append cfg $l "\n"
     }
     set sites [read $f]
@@ -128,30 +171,41 @@ proc spawn-secnet {location site} {
     set ch [open $cf w]
     puts $ch [mkconf $location $site]
     close $ch
-    set argl [list $builddir/secnet -dvnc $cf]
+    set secnet $builddir/secnet
+    if {[oldsecnet $site]} {
+	set secnet $env(OLD_SECNET_DIR)/secnet
+    }
+    set argl [list $secnet -dvnc $cf]
     set divertk SECNET_STEST_DIVERT_$site
-    puts -nonewline "spawn"
+    puts "spawn:"
     foreach k [array names env] {
 	switch -glob $k {
 	    SECNET_STEST_DIVERT_* -
-	    SECNET_TEST_BUILDDIR { }
+	    SECNET_TEST_BUILDDIR - OLD_SECNET_DIR { }
 	    *SECNET* -
 	    *PRELOAD* { puts -nonewline " $k=$env($k)" }
 	}
     }
-    puts " $argl"
     if {[info exists env($divertk)]} {
 	switch -glob $env($divertk) {
-	    i {
+	    i - {i *} {
+		regsub {^i} $env($divertk) {} divert_prefix
+		puts "$divert_prefix $argl"
 		puts -nonewline "run ^ command, hit return "
 		flush stdout
 		gets stdin
 		set argl {}
 	    }
 	    0 - "" {
+		puts " $argl"
 	    }
-	    * {
+	    /* - ./* {
+		puts " $argl"
 		set argl [split $env($divertk)]
+		puts "... $argl"
+	    }
+	    * {
+		error "$divertk not understood"
 	    }
 	}
     }
@@ -186,9 +240,10 @@ proc netlink-readable {location site} {
 }
 
 proc netlink-got-packet {location site data} {
+    global initiator
     if {![hbytes length $data]} return 
-    switch -exact $site {
-	inside {
+    switch -exact $site!$initiator {
+	inside!inside - outside!outside {
 	    switch -glob $data {
 		45000054ed9d4000fe0166d9ac12e802ac12e80900* {
 		    puts "OK $data"
@@ -199,8 +254,8 @@ proc netlink-got-packet {location site data} {
 		}
 	    }
 	}
-	outside {
-	    error "inside rx'd!"
+	default {
+	    error "$site rx'd! (initiator $initiator)"
 	}
     }
 }
@@ -222,6 +277,7 @@ $message
 
 proc sendpkt {} {
     global netlinkfh
+    global initiator
     set p {
         4500 0054 ed9d 4000 4001 24da ac12 e809
         ac12 e802 0800 1de4 2d96 0001 f1d4 a05d
@@ -230,7 +286,7 @@ proc sendpkt {} {
         2425 2627 2829 2a2b 2c2d 2e2f 3031 3233
         3435 3637
     }
-    puts -nonewline $netlinkfh(inside.t) \
+    puts -nonewline $netlinkfh($initiator.t) \
 	[hbytes h2raw c0[join $p ""]c0]
 }
 
@@ -300,14 +356,20 @@ proc udp-relay {data src sock args} {
     }
 }
 
+proc adj-after {timeout args} {
+    upvar #0 env(SECNET_STEST_TIMEOUT_MUL) mul
+    if {[info exists mul]} { set timeout [expr {$timeout * $mul}] }
+    eval after $timeout $args
+}
+
 proc test-kex {} {
     udp-proxy
     spawn-secnet in inside
     spawn-secnet out outside
 
-    after 500 sendpkt
-    after 1000 sendpkt
-    after 5000 timed-out
+    adj-after 500 sendpkt
+    adj-after 1000 sendpkt
+    adj-after 5000 timed-out
 
     vwait ok
 }