search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
turns printfs back on
[freebsd-src/fkvm-freebsd.git] / tools / regression / ipsec / ipsec6.t
bloba13edd3611858355431367ad775a947e53d30e18
1 #!/bin/sh
2 # $FreeBSD$
3 #
4 # IPv6 IPsec test based on ipsec.t, in this same directory, which tests
5 # IPsec by setting up a set of tunnels and then sending ICMPv6 packets,
6 # aka those generated with ping6(8), across the tunnel.
7 #
8 # This test should ONLY be used as a smoke test to verify that nothing
9 # drastic has been broken, it is insufficient for true protocol conformance
10 # testing.
11 #
12 # Expected Output: No failures.
13
14 netif="lo0"
15 spi="10000"
16
17 echo "1..414"
18
19 #sysctl net.inet.ipsec.crypto_support=1 >/dev/null 2>&1
20
21 ifconfig $netif inet6 alias 1::1
22 ifconfig $netif inet6 alias 2::1
23
24 i=1
25
26 for ecipher in \
27 des-cbc:12345678 \
28 3des-cbc:012345678901234567890123 \
29 blowfish-cbc:0123456789012345 \
30 blowfish-cbc:01234567890123456789 \
31 blowfish-cbc:012345678901234567890123 \
32 blowfish-cbc:0123456789012345678901234567 \
33 blowfish-cbc:01234567890123456789012345678901 \
34 blowfish-cbc:012345678901234567890123456789012345 \
35 blowfish-cbc:0123456789012345678901234567890123456789 \
36 blowfish-cbc:01234567890123456789012345678901234567890123 \
37 blowfish-cbc:012345678901234567890123456789012345678901234567 \
38 blowfish-cbc:0123456789012345678901234567890123456789012345678901 \
39 blowfish-cbc:01234567890123456789012345678901234567890123456789012345 \
40 cast128-cbc:0123456789012345 \
41 aes-ctr:01234567890123456789\
42 aes-ctr:0123456789012345678901234567\
43 aes-ctr:012345678901234567890123456789012345\
44 camellia-cbc:0123456789012345\
45 camellia-cbc:012345678901234567890123\
46 camellia-cbc:01234567890123456789012345678901\
47 rijndael-cbc:0123456789012345 \
48 rijndael-cbc:012345678901234567890123 \
49 rijndael-cbc:01234567890123456789012345678901; do
50
51 ealgo=${ecipher%%:*}
52 ekey=${ecipher##*:}
53
54 for acipher in \
55 hmac-md5:0123456789012345 \
56 hmac-sha1:01234567890123456789 \
57 hmac-ripemd160:01234567890123456789 \
58 hmac-sha2-256:01234567890123456789012345678901 \
59 hmac-sha2-384:012345678901234567890123456789012345678901234567 \
60 hmac-sha2-512:0123456789012345678901234567890123456789012345678901234567890123; do
61
62 aalgo=${acipher%%:*}
63 akey=${acipher##*:}
64
65 setkey -F
66 setkey -FP
67
68 (echo "add -6 1::1 2::1 esp $spi -m transport -E $ealgo \"${ekey}\" -A $aalgo \"${akey}\" ;"
69 echo "add -6 2::1 1::1 esp `expr $spi + 1` -m transport -E $ealgo \"${ekey}\" -A $aalgo \"${akey}\" ;"
70
71 echo "spdadd -6 1::1 2::1 any -P out ipsec esp/transport//require;"
72 echo "spdadd -6 2::1 1::1 any -P in ipsec esp/transport//require;"
73 echo "spdadd -6 1::1 2::1 any -P in ipsec esp/transport//require;"
74 echo "spdadd -6 2::1 1::1 any -P out ipsec esp/transport//require;"
75 ) | setkey -c >/dev/null 2>&1
76 if [ $? -eq 0 ]; then
77 echo "ok $i - setkey ${ealgo} ${ekey} ${aalgo} ${akey}"
78 else
79 echo "not ok $i - setkey ${ealgo} ${ekey} ${aalgo} ${akey}"
80 fi
81 i=$((i+1))
82
83 ping6 -c 1 -i 1 -S 1::1 2::1 >/dev/null
84 if [ $? -eq 0 ]; then
85 echo "ok $i - test 1 ${ealgo} ${ekey} ${aalgo} ${akey}"
86 else
87 echo "not ok $i - test 1 ${ealgo} ${ekey} ${aalgo} ${akey}"
88 fi
89 i=$((i+1))
90 ping6 -c 1 -i 1 -S 2::1 1::1 >/dev/null
91 if [ $? -eq 0 ]; then
92 echo "ok $i - test 2 ${ealgo} ${ekey} ${aalgo} ${akey}"
93 else
94 echo "not ok $i - test 2 ${ealgo} ${ekey} ${aalgo} ${akey}"
95 fi
96 i=$((i+1))
97 done
98 done
99
100 setkey -F
101 setkey -FP
102
103 ifconfig $netif inet6 1::1 delete
104 ifconfig $netif inet6 2::1 delete
FreeBSD kvm: FreeBSD sources