secnet (lack of) test suite

Ian Jackson ijackson at chiark.greenend.org.uk
Sat Oct 12 23:43:45 BST 2019 

Ian Jackson writes ("secnet (lack of) test suite"):
> Ingredients would seem to be:

I have now pushed an implementation of this to master.

It includes:

> * Stunt config generation script
> 
> * For inside network interfaces, [...]:
...
>   - Use the userv module with a stunt command, to avoid needing
>     to be root.  The stunt command would use pipes or something.
>   - Ad-hoc IP packet creation (eg literal ping packets committed
>     to the test cases)
> 
> * For outside networking, [...]:
>   - 
An LD_PRELOAD hack
>     with stunt versions of the following syscalls:
> 	socket
> 	bind
> 	getsockname
> 	sendto
> 	recvfrom
> 	setsockopt IPV6_V6ONLY
>     and [...] the fd is actually an AF_UNIX socket to a
>     test suite mock daemon thing.
> 
> * test suite mock daemon thing which pretends to be both the outer
>   and inner networks.  tcl is really good for this.  [It uses]
>   chiark-tcl's AF_UNIX listener or somthing.
...
> I think the need for concurrent handling of network stuff means the
> test implementation language should be tcl.

All of this worked out really well, under 600loc for a working "make
check".  It won't work on non-ELF systems but apparently MacOS has a
rough equivalent DYLD_INSERT_LIBRARIES [1].  Patches welcome.

Originally I thought I would use the SOCKSv5 protocol between my
LD_PRELOAD hack and the test case.  But that involves a separate
stream socket for control messages and a lot of marshalling.  Instead
I have a simple protocol where each UDP socket is actually an AF_UNIX
datagram socket.  bind() gets you a socket name derived from the name
you choose.  The packets all go to (or from) a central daemon socket
and have the intended destination (resp. nominal source) address
stuffed in at the front (in a fairly cheesy way).

I also wrapped close() since secnet may call that in some cases, and
my code would leak memory otherwise.  I didn't bother with dup() et
al.  They aren't needed by secnet.

The following features are *not* yet implemented but seem like they
would fit in reasonably well:

> * ability to be pointed to a 2nd secnet git tree and run the
>   old secnet for one of the ends: tests backward compat.
>
[Implementation in the LD_PRELOAD hack of]
>       setsockopt SO_BINDTODEVICE (polypath)
> 
> * faketime to speed up timeouts etc.  This is crude but will make the
>   tests much less annoying without having to set too many artificial
>   config parameters.

Ian.

[1]
  https://stackoverflow.com/questions/8514783/what-is-the-exact-equivalent-to-ld-preload-on-osx
  Thanks to Colin Watson for helpful irc comments.

More information about the sgo-software-discuss mailing list