From: Mark Wooding <mdw@distorted.org.uk>
Date: Tue, 18 Sep 2012 02:30:28 +0000 (+0100)
Subject: Merge branch 'mdw/backoff'
X-Git-Tag: 1.0.0pre11~2
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/commitdiff_plain/9cda68ab3974b1f2c08a5896929890bf4a973e9a?ds=inline

Merge branch 'mdw/backoff'

* mdw/backoff:
  server/tests.at: Test key exchange and retransmit with a flaky network.
  server/tests.at: Add a retry loop in `COMMS_EPING'.
  proxy: Add a `drop' filter to randomly discard packets.
  server/keyexch.c: Randomized exponential retransmit backoff.
  server/keyexch.c: Use high-resolution `struct timeval' timers.
  server/{keyexch.c,keyset.c}: Eliminate `ks_tregen'.
  server/{keyexch.c,keyset.c}: Move timing parameters to tripe.h.

Conflicts:
	server/tests.at
---

9cda68ab3974b1f2c08a5896929890bf4a973e9a
diff --cc server/tests.at
index ab64c538,19790a91..e0eaa05b
--- a/server/tests.at
+++ b/server/tests.at
@@@ -38,8 -38,7 +38,9 @@@ m4_define([TRIPE]
       $abs_top_builddir/server/tripe -F -d. -aadmin -p0 -b127.0.0.1 -talice])
  m4_define([TRIPECTL], [$abs_top_builddir/client/tripectl -d. -aadmin])
  m4_define([USLIP], [$abs_top_builddir/uslip/tripe-uslip])
 +m4_define([PKSTREAM],
 +  [$abs_top_builddir/pkstream/pkstream -b127.0.0.1 -p127.0.0.1])
+ m4_define([MITM], [$abs_top_builddir/proxy/tripe-mitm])
  
  ## Sequences.  (These are used for testing the replay protection machinery.)
  m4_define([R32], [ 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15   dnl
@@@ -174,17 -173,24 +175,31 @@@ m4_define([WITH_TRIPE], [WITH_TRIPEX([.
  m4_define([WITH_2TRIPES],
  	  [WITH_TRIPEX([$1], [$3 $4], [WITH_TRIPEX([$2], [$3 $5], [$6])])])
  
 +## WITH_3TRIPES(adir, bdir, cdir, allargs, aargs, bargs, cargs, body)
 +m4_define([WITH_3TRIPES],
 +	  [WITH_TRIPEX([$1], [$4 $5],
 +	  [WITH_TRIPEX([$2], [$4 $6],
 +	  [WITH_TRIPEX([$3], [$4 $7],
 +	  [$8])])])])
 +
- ## COMMS_EPING(adir, aname, bdir, bname)
+ ## RETRY(n, body)
+ m4_define([RETRY], [
+   n=0 rc=1
+   while test $n -lt $1; do
+     if $2
+     then rc=0; break
+     fi
+     n=$(( $n + 1 ))
+   done
+   exit $rc
+ ])
+ 
+ ## COMMS_EPING(adir, aname, bdir, bname, [n])
  m4_define([COMMS_EPING], [
-   AT_CHECK([TRIPECTL -d$1 EPING $4],, [ignore])
-   AT_CHECK([TRIPECTL -d$3 EPING $2],, [ignore])
+   AT_CHECK([RETRY([m4_default([$5], [1])],
+     [TRIPECTL -d$1 EPING $4])],, [ignore])
+   AT_CHECK([RETRY([m4_default([$5], [1])],
+     [TRIPECTL -d$3 EPING $2])],, [ignore])
  ])
  
  ## COMMS_SLIP(adir, aname, bdir, bname)
@@@ -358,71 -362,44 +373,109 @@@ WITH_2TRIPES([alice], [bob], [-nslip], 
  
  AT_CLEANUP
  
 +###--------------------------------------------------------------------------
 +### Mobile peer tracking.
 +
 +AT_SETUP([peer tracking])
 +AT_KEYWORDS([mobile])
 +export TRIPE_SLIPIF=USLIP
 +
 +for p in alice bob carol; do (mkdir $p; cd $p; SETUPDIR([alpha])); done
 +
 +## WITH_PKSTREAM(adir, aport, bdir, bport, body)
 +m4_define([WITH_PKSTREAM], [
 +  echo >&2 "pkstream: $1 <--> :$2 <-pkstream-> :$4 <--> $3"
 +  PKSTREAM -l$4 127.0.0.1:$4 127.0.0.1:$(cat $3/port)& pkstream_$3_$1=$!
 +  sleep 1
 +  PKSTREAM -c127.0.0.1:$4 127.0.0.1:$2 127.0.0.1:$(cat $1/port)&
 +  pkstream_$1_$3=$!
 +  set +x
 +  $5
 +  kill $pkstream_$3_$1 $pkstream_$1_$3
 +])
 +
 +WITH_3TRIPES([alice], [bob], [carol], [-nslip],
 +	     [-talice], [-tbob], [-tcarol], [
 +
 +  ## We need an indirection layer between the two peers so that we can
 +  ## simulate the effects of NAT remapping.  The nearest thing we have to
 +  ## this is pkstream, so we may as well use that.
 +  ##
 +  ## alice <--> :5311 <-pkstream-> :5312 <--> bob
 +  ## alice <--> :5321 <-pkstream-> :5322 <--> carol
 +
 +  WITH_PKSTREAM([alice], [5311], [bob], [5312], [
 +    ESTABLISH([alice], [alice], [], [bob], [bob], [-mobile], [5312], [5311])
 +  ])
 +
 +  WITH_PKSTREAM([alice], [5319], [bob], [5312], [
 +    COMMS_EPING([bob], [bob], [alice], [alice])
 +    COMMS_SLIP([bob], [bob], [alice], [alice])
 +  ])
 +
 +  WITH_PKSTREAM([alice], [5321], [carol], [5322], [
 +    ESTABLISH([alice], [alice], [], [carol], [carol], [-mobile],
 +	[5322], [5321])
 +  ])
 +
 +  WITH_PKSTREAM([alice], [5311], [bob], [5312], [
 +  WITH_PKSTREAM([alice], [5321], [carol], [5322], [
 +    COMMS_EPING([bob], [bob], [alice], [alice])
 +    COMMS_EPING([carol], [carol], [alice], [alice])
 +    COMMS_SLIP([bob], [bob], [alice], [alice])
 +    COMMS_SLIP([carol], [carol], [alice], [alice])
 +  ])])
 +
 +  WITH_PKSTREAM([alice], [5321], [bob], [5312], [
 +  WITH_PKSTREAM([alice], [5311], [carol], [5322], [
 +    COMMS_EPING([bob], [bob], [alice], [alice])
 +    COMMS_EPING([carol], [carol], [alice], [alice])
 +    COMMS_SLIP([bob], [bob], [alice], [alice])
 +    COMMS_SLIP([carol], [carol], [alice], [alice])
 +  ])])
 +  wait
 +])
 +
 +AT_CLEANUP
 +
+ ###--------------------------------------------------------------------------
+ ### Adverse communication.
+ 
+ AT_SETUP([server retry])
+ AT_KEYWORDS([backoff])
+ export TRIPE_SLIPIF=USLIP
+ 
 -for i in alice bob; do (mkdir $i; cd $i; SETUPDIR([dh])); done
++for i in alice bob; do (mkdir $i; cd $i; SETUPDIR([beta])); done
+ 
+ WITH_2TRIPES([alice], [bob], [-nslip], [-talice], [-tbob], [
+ 
+   ## Set up the evil proxy.
+   alicemitm=24516 bobmitm=14016
+   MITM -kalice/keyring.pub >mitm.out 2>mitm.err \
+     peer:alice:$alicemitm:127.0.0.1:$(cat alice/port) \
+     peer:bob:$bobmitm:127.0.0.1:$(cat bob/port) \
+     filt:drop:5 filt:send& mitmpid=$!
+   strace -omitm.trace -p$mitmpid& mitmtrace=$!
+   trap 'kill $mitmpid $mitmtrace; exit 127' EXIT INT QUIT TERM HUP
+ 
+   ## Try to establish keys anyway.
+   AWAIT_KXDONE([alice], [alice], [bob], [bob], [
+     AT_CHECK([TRIPECTL -dalice ADD -cork bob   INET 127.0.0.1 $alicemitm])
+     AT_CHECK([TRIPECTL -dbob   ADD       alice INET 127.0.0.1 $bobmitm])
+   ])
+ 
+   ## Check pinging.
+   COMMS_EPING([alice], [alice], [bob], [bob], [10])
+   COMMS_EPING([bob], [bob], [alice], [alice], [10])
+ 
+   ## Tear down the MITM proxy.
+   kill $mitmpid
+   wait $mitmpid
+   wait $mitmtrace
+ ])
+ 
+ AT_CLEANUP
+ 
  ###--------------------------------------------------------------------------
  ### Services.