From abf665fc6ca2974e13acede83e0a77967fdccf9a Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Sun, 13 Apr 2014 15:10:28 +0100 Subject: [PATCH] test-example: Provide test which uses unshare(8) This allows more realistic testing, with the "outside" copy of secnet in a separate environment with its own instance of the network stack. We have to go through some contortions to get the user a shell in the "outside" environment, since unshare -n also breaks AF_UNIX, and we want to keep the terminal secnet is invoked in just for secnet. Signed-off-by: Ian Jackson --- debian/changelog | 1 + test-example/README | 5 +++++ test-example/fake-userv | 11 +++++++++++ test-example/outside-unshare.conf | 16 ++++++++++++++++ 4 files changed, 33 insertions(+) create mode 100755 test-example/fake-userv create mode 100644 test-example/outside-unshare.conf diff --git a/debian/changelog b/debian/changelog index 9f02f1e..f979239 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,7 @@ secnet (0.3.1~~unstable) unstable; urgency=low * Internal code rearrangements and improvements. * Fix netlink SEGV on clientless netlinks (i.e. configuration error). * Fix formatting error in p-t-p startup message. + * Additions to the test-example suite. -- diff --git a/test-example/README b/test-example/README index 4c2eca3..7ec95ea 100644 --- a/test-example/README +++ b/test-example/README @@ -24,3 +24,8 @@ For running under valgrind memcheck, do something like this: --leak-check=full --suppressions=test-example/memcheck.suppressions \ ./secnet -dvnc test-example/outside.conf NB that --num-callers is needed as secnet's stack can be deep. + +The config file outside-unshare.conf can be used on Linux in +conjunction with test-example/fake-userv and a built checkout of +userv-utils.git to run the "outside" copy of secnet in a new "network +namespace". diff --git a/test-example/fake-userv b/test-example/fake-userv new file mode 100755 index 0000000..6f5da40 --- /dev/null +++ b/test-example/fake-userv @@ -0,0 +1,11 @@ +#!/bin/sh +set -e +echo >&2 "$0: invoked as $0 $*" +shift +shift +exec 3<&0 4>&1 5>&2 >&2 &4 2>&5 & + sleep 0.1 + env - bash -i +' x "$@" diff --git a/test-example/outside-unshare.conf b/test-example/outside-unshare.conf new file mode 100644 index 0000000..c6c3b6f --- /dev/null +++ b/test-example/outside-unshare.conf @@ -0,0 +1,16 @@ +netlink userv-ipif { + name "netlink-ipif"; # Printed in log messages from this netlink + local-address "172.18.232.1"; + secnet-address "172.18.232.2"; + remote-networks "172.18.232.0/28"; + mtu 1000; + buffer sysbuffer(2048); + userv-path "test-example/fake-userv"; +}; +comm udp { + port 16900; + buffer sysbuffer(4096); +}; +local-name "test-example/outside/outside"; +local-key rsa-private("test-example/outside.key"); +include test-example/common.conf -- 2.30.2