Domů Procházet Nápověda
Přihlásit se
khubaib
/
Fastestvpn_JetpackCompose
1
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Strom: 8da06f8933
Větve Značky
Fastestvpn_J...
/
strongSwanLib
/
testing
/
do-tests

do-tests 28 KB
Historie Surový

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009 
  1. #!/bin/bash
    2. 

  2. # Automatically execute the strongSwan test cases
    3. 

  3. #
    4. 

  4. # Copyright (C) 2004  Eric Marchionni, Patrik Rayo
    5. 

  5. # Zuercher Hochschule Winterthur
    6. 

  6. #
    7. 

  7. # This program is free software; you can redistribute it and/or modify it
    8. 

  8. # under the terms of the GNU General Public License as published by the
    9. 

  9. # Free Software Foundation; either version 2 of the License, or (at your
    10. 

  10. # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
    11. 

  11. #
    12. 

  12. # This program is distributed in the hope that it will be useful, but
    13. 

  13. # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
    14. 

  14. # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
    15. 

  15. # for more details.
    16. 

  16. 

  17. DIR=$(dirname `readlink -f $0`)
    18. 

  18. . $DIR/testing.conf
    19. 

  19. . $DIR/scripts/function.sh
    20. 

  20. SSHCONF="-F $DIR/ssh_config"
    21. 

  21. 

  22. [ -d $DIR/hosts ] || die "Directory 'hosts' not found"
    23. 

  23. [ -d $DIR/tests ] || die "Directory 'tests' not found"
    24. 

  24. [ -d $BUILDDIR ] ||
    25. 

  25. 	die "Directory '$BUILDDIR' does not exist, please run make-testing first"
    26. 

  26. running_any $STRONGSWANHOSTS || die "Please start test environment before running $0"
    27. 

  27. 

  28. ln -sfT $DIR $TESTDIR/testing
    29. 

  29. 

  30. ##############################################################################
    31. 

  31. # take care of new path and file variables
    32. 

  32. #
    33. 

  33. 

  34. [ -d $TESTRESULTSDIR ] || mkdir $TESTRESULTSDIR
    35. 

  35. 

  36. TESTDATE=`date +%Y%m%d-%H%M-%S`
    37. 

  37. 

  38. TODAYDIR=$TESTRESULTSDIR/$TESTDATE
    39. 

  39. mkdir $TODAYDIR
    40. 

  40. TESTRESULTSHTML=$TODAYDIR/all.html
    41. 

  41. INDEX=$TODAYDIR/index.html
    42. 

  42. DEFAULTTESTSDIR=$TESTDIR/testing/tests
    43. 

  43. 

  44. SOURCEIP_ROUTING_TABLE=220
    45. 

  45. 

  46. testnumber="0"
    47. 

  47. failed_cnt="0"
    48. 

  48. passed_cnt="0"
    49. 

  49. subdir_cnt="0"
    50. 

  50. 

  51. ##############################################################################
    52. 

  52. # parse optional arguments
    53. 

  53. #
    54. 

  54. while getopts "vt" opt
    55. 

  55. do
    56. 

  56. 	case "$opt" in
    57. 

  57. 	v)
    58. 

  58. 		verbose=YES
    59. 

  59. 		timestamps=YES
    60. 

  60. 		;;
    61. 

  61. 	t)
    62. 

  62. 		timestamps=YES
    63. 

  63. 		;;
    64. 

  64. 	esac
    65. 

  65. done
    66. 

  66. shift $((OPTIND-1))
    67. 

  67. 

  68. 

  69. function print_time()
    70. 

  70. {
    71. 

  71. 	[ "$timestamps" == "YES" ] && echo "$(date +%T.%N) ~ "
    72. 

  72. }
    73. 

  73. 

  74. ##############################################################################
    75. 

  75. # copy default tests to $BUILDDIR
    76. 

  76. #
    77. 

  77. 

  78. TESTSDIR=$BUILDDIR/tests
    79. 

  79. [ -d $TESTSDIR ] || mkdir $TESTSDIR
    80. 

  80. 

  81. ##############################################################################
    82. 

  82. # assign IP for each host to hostname
    83. 

  83. #
    84. 

  84. 

  85. for host in $STRONGSWANHOSTS
    86. 

  86. do
    87. 

  87.     eval ipv4_${host}="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`"
    88. 

  88.     eval ipv6_${host}="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`"
    89. 

  89. 

  90.     case $host in
    91. 

  91.     moon)
    92. 

  92.         eval ipv4_moon1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    93. 

  93.         eval ipv6_moon1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    94. 

  94.         ;;
    95. 

  95.     sun)
    96. 

  96.         eval ipv4_sun1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    97. 

  97.         eval ipv6_sun1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    98. 

  98.         ;;
    99. 

  99.     alice)
    100. 

  100.         eval ipv4_alice1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    101. 

  101.         eval ipv6_alice1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    102. 

  102.         ;;
    103. 

  103.     venus)
    104. 

  104.         ;;
    105. 

  105.     bob)
    106. 

  106.         ;;
    107. 

  107.     carol)
    108. 

  108.         eval ipv4_carol1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    109. 

  109.         eval ipv6_carol1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    110. 

  110.          ;;
    111. 

  111.     dave)
    112. 

  112.         eval ipv4_dave1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    113. 

  113.         eval ipv6_dave1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`"
    114. 

  114.         ;;
    115. 

  115.     winnetou)
    116. 

  116.         ;;
    117. 

  117.     esac
    118. 

  118. done
    119. 

  119. 

  120. 

  121. ##############################################################################
    122. 

  122. # open ssh sessions
    123. 

  123. #
    124. 

  124. for host in $STRONGSWANHOSTS
    125. 

  125. do
    126. 

  126.     ssh $SSHCONF -N root@`eval echo \\\$ipv4_$host` >/dev/null 2>&1 &
    127. 

  127.     eval ssh_pid_$host="`echo $!`"
    128. 

  128.     do_on_exit kill `eval echo \\\$ssh_pid_$host`
    129. 

  129. done
    130. 

  130. 

  131. ##############################################################################
    132. 

  132. # determine actual software versions
    133. 

  133. #
    134. 

  134. 

  135. [ -f $SHAREDDIR/.strongswan-version ] && SWANVERSION=`cat $SHAREDDIR/.strongswan-version`
    136. 

  136. KERNELVERSION=`ssh $SSHCONF root@\$ipv4_winnetou uname -r 2>/dev/null`
    137. 

  137. 

  138. # check if tcpdump supports --immediate-mode
    139. 

  139. ssh $SSHCONF root@$ipv4_winnetou tcpdump --immediate-mode -c 1 >/dev/null 2>&1
    140. 

  140. if [ $? -eq 0 ]
    141. 

  141. then
    142. 

  142. 	TCPDUMP_IM=--immediate-mode
    143. 

  143. fi
    144. 

  144. 

  145. ##############################################################################
    146. 

  146. # create header for the results html file
    147. 

  147. #
    148. 

  148. 

  149. ENVIRONMENT_HEADER=$(cat <<@EOF
    150. 

  150.   <table border="0" cellspacing="2" cellpadding="2">
    151. 

  151.     <tr valign="top">
    152. 

  152.       <td><b>Host</b></td>
    153. 

  153.       <td colspan="3">`uname -a`</td>
    154. 

  154.     </tr>
    155. 

  155.     <tr valign="top">
    156. 

  156.       <td><b>Guest kernel</b></td>
    157. 

  157.       <td colspan="3">$KERNELVERSION</td>
    158. 

  158.     </tr>
    159. 

  159.     <tr valign="top">
    160. 

  160.       <td><b>strongSwan</b></td>
    161. 

  161.       <td colspan="3">$SWANVERSION</td>
    162. 

  162.     </tr>
    163. 

  163.     <tr valign="top">
    164. 

  164.       <td><b>Date</b></td>
    165. 

  165.       <td colspan="3">$TESTDATE</td>
    166. 

  166.     </tr>
    167. 

  167.     <tr>
    168. 

  168.       <td width="100">&nbsp;</td>
    169. 

  169.       <td width="300">&nbsp;</td>
    170. 

  170.       <td width=" 80">&nbsp;</td>
    171. 

  171.       <td >&nbsp;</td>
    172. 

  172.     </tr>
    173. 

  173. @EOF
    174. 

  174. )
    175. 

  175. 

  176. cat > $INDEX <<@EOF
    177. 

  177. <html>
    178. 

  178. <head>
    179. 

  179.   <title>strongSwan KVM Tests</title>
    180. 

  180. </head>
    181. 

  181. <body>
    182. 

  182.   <h2>strongSwan KVM Tests</h2>
    183. 

  183.   $ENVIRONMENT_HEADER
    184. 

  184. @EOF
    185. 

  185. 

  186. cat > $TESTRESULTSHTML <<@EOF
    187. 

  187. <html>
    188. 

  188. <head>
    189. 

  189.   <title>strongSwan KVM Tests - All Tests</title>
    190. 

  190. </head>
    191. 

  191. <body>
    192. 

  192.   <div><a href="index.html">strongSwan KVM Tests</a> / All Tests</div>
    193. 

  193.   <h2>All Tests</h2>
    194. 

  194.   $ENVIRONMENT_HEADER
    195. 

  195.     <tr align="left">
    196. 

  196.       <th>Number</th>
    197. 

  197.       <th>Test</th>
    198. 

  198.       <th align="right">Time [s]</th>
    199. 

  199.       <th>Result</th>
    200. 

  200.     </tr>
    201. 

  201. @EOF
    202. 

  202. 

  203. echo "Guest kernel : $KERNELVERSION"
    204. 

  204. echo "strongSwan   : $SWANVERSION"
    205. 

  205. echo "Date         : $TESTDATE"
    206. 

  206. echo
    207. 

  207. 

  208. ##############################################################################
    209. 

  209. # trap CTRL-C to properly terminate a long run
    210. 

  210. #
    211. 

  211. 

  212. function abort_tests()
    213. 

  213. {
    214. 

  214. 	echo -n "...aborting..." > /dev/tty
    215. 

  215. 	aborted=YES
    216. 

  216. }
    217. 

  217. trap abort_tests INT
    218. 

  218. 

  219. ##############################################################################
    220. 

  220. # enter specific test directory
    221. 

  221. #
    222. 

  222. if [ $# -gt 0 ]
    223. 

  223. then
    224. 

  224.     TESTS=$(printf "%s\n" $* | sort -u)
    225. 

  225. else
    226. 

  226.     TESTS=$(ls $DEFAULTTESTSDIR)
    227. 

  227. fi
    228. 

  228. 

  229. for SUBDIR in $TESTS
    230. 

  230. do
    231. 

  231.     SUBTESTS="`basename $SUBDIR`"
    232. 

  232. 

  233. 	if [ $SUBTESTS = $SUBDIR ]
    234. 

  234. 	then
    235. 

  235. 		SUBTESTS="`ls $DEFAULTTESTSDIR/$SUBDIR`"
    236. 

  236. 	else
    237. 

  237. 		if [[ $SUBTESTS == *'*'* ]]
    238. 

  238. 		then
    239. 

  239. 			SUBTESTS="`basename -a $DEFAULTTESTSDIR/$SUBDIR`"
    240. 

  240. 		fi
    241. 

  241. 		SUBDIR="`dirname $SUBDIR`"
    242. 

  242. 	fi
    243. 

  243. 

  244.     if [ ! -d $TODAYDIR/$SUBDIR ]
    245. 

  245.     then
    246. 

  246. 	mkdir $TODAYDIR/$SUBDIR
    247. 

  247. 	if [ $testnumber == 0 ]
    248. 

  248. 	then
    249. 

  249. 	    FIRST="<b>Category</b>"
    250. 

  250. 	else
    251. 

  251. 	    FIRST="&nbsp;"
    252. 

  252. 	fi
    253. 

  253. 

  254. 	if [ $subdir_cnt != 0 ]
    255. 

  255. 	then
    256. 

  256. 	    echo "      <td align=\"right\">$subdir_cnt</td>" >> $INDEX
    257. 

  257. 	    echo "      <td>&nbsp;</td>" >> $INDEX
    258. 

  258. 	    echo "    </tr>" >> $INDEX
    259. 

  259. 	    subdir_cnt="0"
    260. 

  260. 	fi
    261. 

  261. 	echo "    <tr>" >> $INDEX
    262. 

  262.     echo "      <td>$FIRST</td>">> $INDEX
    263. 

  263.     echo "      <td><a href=\"$SUBDIR/index.html\">$SUBDIR</a></td>" >> $INDEX
    264. 

  264. 

  265. 	SUBTESTSINDEX=$TODAYDIR/$SUBDIR/index.html
    266. 

  266. 	cat > $SUBTESTSINDEX <<@EOF
    267. 

  267. <html>
    268. 

  268. <head>
    269. 

  269.   <title>strongSwan $SUBDIR Tests</title>
    270. 

  270. </head>
    271. 

  271. <body>
    272. 

  272.   <div><a href="../index.html">strongSwan KVM Tests</a> / $SUBDIR</div>
    273. 

  273.   <h2>strongSwan $SUBDIR Tests</h2>
    274. 

  274.   <table border="0" cellspacing="2" cellpadding="2">
    275. 

  275.     <tr valign="top">
    276. 

  276.       <td><b>Guest kernel</b></td>
    277. 

  277.       <td colspan="3">$KERNELVERSION</td>
    278. 

  278.     </tr>
    279. 

  279.     <tr valign="top">
    280. 

  280.       <td><b>strongSwan</b></td>
    281. 

  281.       <td colspan="3">$SWANVERSION</td>
    282. 

  282.     </tr>
    283. 

  283.     <tr valign="top">
    284. 

  284.       <td><b>Date</b></td>
    285. 

  285.       <td colspan="3">$TESTDATE</td>
    286. 

  286.     </tr>
    287. 

  287.     <tr>
    288. 

  288.       <td width="100">&nbsp;</td>
    289. 

  289.       <td width="300">&nbsp;</td>
    290. 

  290.       <td width=" 50">&nbsp;</td>
    291. 

  291.       <td >&nbsp;</td>
    292. 

  292.     </tr>
    293. 

  293.     <tr align="left">
    294. 

  294.        <th>Number</th>
    295. 

  295.        <th>Test</th>
    296. 

  296.        <th colspan="2">Result</th>
    297. 

  297.     </tr>
    298. 

  298. @EOF
    299. 

  299.     fi
    300. 

  300. 

  301.     for name in $SUBTESTS
    302. 

  302.     do
    303. 

  303. 	let "testnumber += 1"
    304. 

  304. 	let "subdir_cnt += 1"
    305. 

  305. 	testname=$SUBDIR/$name
    306. 

  306. 	log_action " $testnumber $testname:"
    307. 

  307. 

  308. 	teststart=$(date +%s)
    309. 

  309. 

  310. 	if [ ! -d $DEFAULTTESTSDIR/${testname} ]
    311. 

  311. 	then
    312. 

  312. 	    echo "is missing..skipped"
    313. 

  313. 	    continue
    314. 

  314. 	fi
    315. 

  315. 

  316. 	[ -f $DEFAULTTESTSDIR/${testname}/description.txt ] || die "!! File 'description.txt' is missing"
    317. 

  317. 	[ -f $DEFAULTTESTSDIR/${testname}/test.conf ]       || die "!! File 'test.conf' is missing"
    318. 

  318. 	[ -f $DEFAULTTESTSDIR/${testname}/pretest.dat ]     || die "!! File 'pretest.dat' is missing"
    319. 

  319. 	[ -f $DEFAULTTESTSDIR/${testname}/posttest.dat ]    || die "!! File 'posttest.dat' is missing"
    320. 

  320. 	[ -f $DEFAULTTESTSDIR/${testname}/evaltest.dat ]    || die "!! File 'evaltest.dat' is missing"
    321. 

  321. 

  322. 	TESTRESULTDIR=$TODAYDIR/$testname
    323. 

  323. 	mkdir -p $TESTRESULTDIR
    324. 

  324. 	CONSOLE_LOG=$TESTRESULTDIR/console.log
    325. 

  325. 	touch $CONSOLE_LOG
    326. 

  326. 

  327. 	TESTDIR=$TESTSDIR/${testname}
    328. 

  328. 

  329. 	##########################################################################
    330. 

  330. 	# copy test specific configurations to hosts and clear log files
    331. 

  331. 	#
    332. 

  332. 

  333. 	DBDIR=/etc/db.d
    334. 

  334. 

  335. 	$DIR/scripts/load-testconfig $testname
    336. 

  336. 	unset RADIUSHOSTS
    337. 

  337. 	unset DBHOSTS
    338. 

  338. 	unset IPV6
    339. 

  339. 	unset SWANCTL
    340. 

  340. 	source $TESTDIR/test.conf
    341. 

  341. 

  342. 

  343. 	##########################################################################
    344. 

  344. 	# run tcpdump in the background
    345. 

  345. 	#
    346. 

  346. 

  347. 	if [ "$TCPDUMPHOSTS" != "" ]
    348. 

  348. 	then
    349. 

  349. 	    echo -e "TCPDUMP\n" >> $CONSOLE_LOG 2>&1
    350. 

  350. 

  351. 	    for host_iface in $TCPDUMPHOSTS
    352. 

  352. 	    do
    353. 

  353. 		host=`echo $host_iface | awk -F ":" '{print $1}'`
    354. 

  354. 		iface=`echo $host_iface | awk -F ":" '{if ($2 != "") { print $2 } else { printf("eth0") }}'`
    355. 

  355. 		tcpdump_cmd="tcpdump -l $TCPDUMP_IM -i $iface not port ssh and not port domain >/tmp/tcpdump.log 2>/tmp/tcpdump.err.log &"
    356. 

  356. 		echo "$(print_time)${host}# $tcpdump_cmd" >> $CONSOLE_LOG
    357. 

  357. 		ssh $SSHCONF root@`eval echo \\\$ipv4_$host '$tcpdump_cmd'`
    358. 

  358. 		eval TDUP_${host}="true"
    359. 

  359. 	    done
    360. 

  360. 	fi
    361. 

  361. 

  362. 	##########################################################################
    363. 

  363. 	# create database directory in RAM
    364. 

  364. 	#
    365. 

  365. 

  366. 	for host in $DBHOSTS
    367. 

  367. 	do
    368. 

  368. 		eval HOSTLOGIN=root@\$ipv4_${host}
    369. 

  369. 	    ssh $SSHCONF $HOSTLOGIN "mkdir -p $DBDIR; mount -t ramfs -o size=5m ramfs $DBDIR" >/dev/null 2>&1
    370. 

  370. 	    ssh $SSHCONF $HOSTLOGIN "chgrp www-data $DBDIR; chmod g+w $DBDIR" >/dev/null 2>&1
    371. 

  371. 	done
    372. 

  372. 

  373. 	##########################################################################
    374. 

  374. 	# flush conntrack table on all hosts
    375. 

  375. 	#
    376. 

  376. 

  377. 	for host in $STRONGSWANHOSTS
    378. 

  378. 	do
    379. 

  379. 		ssh $SSHCONF root@`eval echo \\\$ipv4_$host` 'conntrack -F' >/dev/null 2>&1
    380. 

  380. 	done
    381. 

  381. 

  382. 	##########################################################################
    383. 

  383. 	# remove leak detective log on all hosts
    384. 

  384. 	#
    385. 

  385. 

  386. 	export LEAK_DETECTIVE_LOG=/var/log/leak-detective.log
    387. 

  387. 	for host in $STRONGSWANHOSTS
    388. 

  388. 	do
    389. 

  389. 		ssh $SSHCONF root@`eval echo \\\$ipv4_$host` 'rm -f $LEAK_DETECTIVE_LOG' >/dev/null 2>&1
    390. 

  390. 	done
    391. 

  391. 

  392. 	##########################################################################
    393. 

  393. 	# flush IPsec state on all hosts
    394. 

  394. 	#
    395. 

  395. 

  396. 	for host in $STRONGSWANHOSTS
    397. 

  397. 	do
    398. 

  398. 		ssh $SSHCONF root@`eval echo \\\$ipv4_$host` 'ip xfrm state flush; ip xfrm policy flush' >/dev/null 2>&1
    399. 

  399. 	done
    400. 

  400. 

  401. 	##########################################################################
    402. 

  402. 	# execute pre-test commands
    403. 

  403. 	#
    404. 

  404. 

  405. 	echo -n "pre.."
    406. 

  406. 	echo -e "\nPRE-TEST\n" >> $CONSOLE_LOG 2>&1
    407. 

  407. 

  408. 	eval `awk -F "::" '{
    409. 

  409. 	    if ($1 !~ /^#.*/ && $2 != "")
    410. 

  410. 	    {
    411. 

  411. 		printf("echo \"$(print_time)%s# %s\"; ", $1, $2)
    412. 

  412. 		printf("ssh \044SSHCONF root@\044ipv4_%s \"%s\"; ", $1, $2)
    413. 

  413. 		printf("echo;\n")
    414. 

  414. 	    }
    415. 

  415. 	}' $TESTDIR/pretest.dat` >> $CONSOLE_LOG 2>&1
    416. 

  416. 

  417. 

  418. 	##########################################################################
    419. 

  419. 	# stop tcpdump
    420. 

  420. 	#
    421. 

  421. 

  422. 	function stop_tcpdump {
    423. 

  423. 	    # wait for packets to get processed, but don't wait longer than 1s
    424. 

  424. 	    eval ssh $SSHCONF root@\$ipv4_${1} "\"i=100; while [ \\\$i -gt 0 ]; do pkill -USR1 tcpdump; tail -1 /tmp/tcpdump.err.log | perl -n -e '/(\\d+).*?(\\d+)/; exit (\\\$1 == \\\$2)' || break; sleep 0.01; i=\\\$((\\\$i-1)); done;\""
    425. 

  425. 	    echo "$(print_time)${1}# killall tcpdump" >> $CONSOLE_LOG
    426. 

  426. 	    eval ssh $SSHCONF root@\$ipv4_${1} "\"killall tcpdump; while true; do killall -q -0 tcpdump || break; sleep 0.01; done;\""
    427. 

  427. 	    eval TDUP_${1}="false"
    428. 

  428. 	    echo "" >> $CONSOLE_LOG
    429. 

  429. 	}
    430. 

  430. 

  431. 

  432. 	##########################################################################
    433. 

  433. 	# get and evaluate test results
    434. 

  434. 	#
    435. 

  435. 

  436. 	echo -n "test.."
    437. 

  437. 	echo -e "\nTEST\n" >> $CONSOLE_LOG 2>&1
    438. 

  438. 

  439. 	STATUS="passed"
    440. 

  440. 

  441. 	eval `awk -F "::" '{
    442. 

  442. 		host=$1
    443. 

  443. 		command=$2
    444. 

  444. 		pattern=$3
    445. 

  445. 		hit=$4
    446. 

  446. 		if (host ~ /^#.*/ || command == "")
    447. 

  447. 		{
    448. 

  448. 			next
    449. 

  449. 		}
    450. 

  450. 		printf("cmd_err=\044(tempfile -p test -s err); ")
    451. 

  451. 		printf("cmd_out=\044(tempfile -p test -s out); ")
    452. 

  452. 		if (command == "tcpdump")
    453. 

  453. 		{
    454. 

  454. 			printf("if [ \044TDUP_%s == \"true\" ]; then stop_tcpdump %s; fi; \n", host, host)
    455. 

  455. 			printf("ssh \044SSHCONF root@\044ipv4_%s cat /tmp/tcpdump.log > \044cmd_out; ", host)
    456. 

  456. 		}
    457. 

  457. 		else
    458. 

  458. 		{
    459. 

  459. 			printf("ssh \044SSHCONF root@\044ipv4_%s %s >\044cmd_out 2>\044cmd_err; ",  host, command)
    460. 

  460. 		}
    461. 

  461. 		printf("cmd_res=\044(cat \044cmd_out | grep \"%s\"); ", pattern)
    462. 

  462. 		printf("cmd_exit=\044?; ")
    463. 

  463. 		printf("cmd_fail=0; ")
    464. 

  464. 		if (hit ~ /^[0-9]+$/)
    465. 

  465. 		{
    466. 

  466. 			printf("if [ \044(echo \"\044cmd_res\" | wc -l) -ne %d ] ", hit)
    467. 

  467. 		}
    468. 

  468. 		else
    469. 

  469. 		{
    470. 

  470. 			printf("if [ \044cmd_exit -eq 0 -a \"%s\" = \"NO\"  ] ", hit)
    471. 

  471. 			printf("|| [ \044cmd_exit -ne 0 -a \"%s\" = \"YES\" ] ", hit)
    472. 

  472. 		}
    473. 

  473. 		printf("; then STATUS=\"failed\"; cmd_fail=1; fi; \n")
    474. 

  474. 

  475. 		printf("if [ \044cmd_fail -ne 0 ]; then echo \"~~~~~~~ FAIL ~~~~~~~\"; fi; \n")
    476. 

  476. 		if (command == "tcpdump")
    477. 

  477. 		{
    478. 

  478. 			printf("echo \"$(print_time)%s# cat /tmp/tcpdump.log | grep \047%s\047  [%s]\"; ", host, pattern, hit)
    479. 

  479. 		}
    480. 

  480. 		else
    481. 

  481. 		{
    482. 

  482. 			printf("echo \"$(print_time)%s# %s | grep \047%s\047  [%s]\"; ", host, command, pattern, hit)
    483. 

  483. 		}
    484. 

  484. 		printf("if [ -n \"\044cmd_res\" ]; then echo \"\044cmd_res\"; fi; \n")
    485. 

  485. 		printf("cat \044cmd_err; \n")
    486. 

  486. 		printf("if [ \044cmd_fail -ne 0 ]; then \n")
    487. 

  487. 		printf("if [ -s \044cmd_out ]; then echo \"~~ output ~~~~~~~~~~\"; \n")
    488. 

  488. 		printf("if [ \"\044verbose\" == \"YES\" ]; then cat \044cmd_out;\n")
    489. 

  489. 		printf("else cat \044cmd_out | head; fi; fi; \n")
    490. 

  490. 		printf("echo \"~~~~~~~~~~~~~~~~~~~~\"; fi; \n")
    491. 

  491. 		printf("rm -f -- \044cmd_out \044cmd_err; \n")
    492. 

  492. 		printf("echo; ")
    493. 

  493. 	}' $TESTDIR/evaltest.dat` >> $CONSOLE_LOG 2>&1
    494. 

  494. 

  495. 

  496. 	##########################################################################
    497. 

  497. 	# log statusall and listall output
    498. 

  498. 	# get copies of ipsec.conf, ipsec.secrets
    499. 

  499. 	# create index.html for the given test case
    500. 

  500. 

  501. 	cat > $TESTRESULTDIR/index.html <<@EOF
    502. 

  502. <html>
    503. 

  503. <head>
    504. 

  504.   <title>Test $testname</title>
    505. 

  505. </head>
    506. 

  506. <body>
    507. 

  507. <table border="0" cellpadding="0" cellspacing="0" width="600">
    508. 

  508.   <tr><td>
    509. 

  509.     <div><a href="../../index.html">strongSwan KVM Tests</a> / <a href="../index.html">$SUBDIR</a> / $name</div>
    510. 

  510.     <h2>Test $testname</h2>
    511. 

  511.     <h3>Description</h3>
    512. 

  512. @EOF
    513. 

  513. 

  514. 	cat $TESTDIR/description.txt >> $TESTRESULTDIR/index.html
    515. 

  515. 

  516. 	cat >> $TESTRESULTDIR/index.html <<@EOF
    517. 

  517.     <ul>
    518. 

  518.       <li><a href="console.log">console.log</a></li>
    519. 

  519.     </ul>
    520. 

  520.     <img src="../../images/$DIAGRAM" alt="$VIRTHOSTS">
    521. 

  521. @EOF
    522. 

  522. 

  523. 	IPTABLES_CMD_V4="echo -e '=== filter table ==='; iptables  -v -n -L; echo -e '\n=== nat table ==='; iptables  -v -n -t nat -L; echo -e '\n=== mangle table ==='; iptables  -v -n -t mangle -L"
    524. 

  524. 	IPTABLES_CMD_V6="echo -e '=== filter table ==='; ip6tables -v -n -L; echo -e '\n=== nat table ==='; ip6tables -v -n -t nat -L; echo -e '\n=== mangle table ==='; ip6tables -v -n -t mangle -L"
    525. 

  525. 

  526. 	if [ -n "$IPV6" ]
    527. 

  527. 	then
    528. 

  528. 	    IPROUTE_CMD="ip -6 route list table $SOURCEIP_ROUTING_TABLE"
    529. 

  529. 	    IPROUTE_DSP=$IPROUTE_CMD
    530. 

  530. 	    IPTABLES_CMD="$IPTABLES_CMD_V6"
    531. 

  531. 	    IPTABLES_DSP="ip6tables -L"
    532. 

  532. 	    IPTABLES_SAVE_CMD="ip6tables-save"
    533. 

  533. 	    IPTABLES_SAVE_DSP="ip6tables-save"
    534. 

  534. 	else
    535. 

  535. 	    IPROUTE_CMD="ip route list table $SOURCEIP_ROUTING_TABLE"
    536. 

  536. 	    IPROUTE_DSP=$IPROUTE_CMD
    537. 

  537. 	    IPTABLES_CMD="$IPTABLES_CMD_V4"
    538. 

  538. 	    IPTABLES_DSP="iptables -L"
    539. 

  539. 	    IPTABLES_SAVE_CMD="iptables-save"
    540. 

  540. 	    IPTABLES_SAVE_DSP="iptables-save"
    541. 

  541. 	fi
    542. 

  542. 

  543. 	if [ $name = "net2net-ip4-in-ip6-ikev2" -o $name = "net2net-ip6-in-ip4-ikev2" ]
    544. 

  544. 	then
    545. 

  545. 	    IPROUTE_CMD="ip route list table $SOURCEIP_ROUTING_TABLE; echo; ip -6 route list table $SOURCEIP_ROUTING_TABLE"
    546. 

  546. 	    IPROUTE_DSP="ip (-6) route list table $SOURCEIP_ROUTING_TABLE"
    547. 

  547. 	    IPTABLES_CMD="$IPTABLES_CMD_V4; echo; $IPTABLES_CMD_V6"
    548. 

  548. 	    IPTABLES_DSP="iptables -L ; ip6tables -L"
    549. 

  549. 	    IPTABLES_SAVE_CMD="iptables-save; echo; ip6tables-save"
    550. 

  550. 	    IPTABLES_SAVE_DSP="iptables-save ; ip6tables-save"
    551. 

  551. 	fi
    552. 

  552. 

  553. 	for host in $DBHOSTS
    554. 

  554. 	do
    555. 

  555. 	    eval HOSTLOGIN=root@\$ipv4_${host}
    556. 

  556. 

  557. 		scp $SSHCONF $HOSTLOGIN:/etc/db.d/ipsec.sql \
    558. 

  558. 		    $TESTRESULTDIR/${host}.ipsec.sql  > /dev/null 2>&1
    559. 

  559. 	done
    560. 

  560. 

  561. 	for host in $IPSECHOSTS
    562. 

  562. 	do
    563. 

  563. 	    eval HOSTLOGIN=root@\$ipv4_${host}
    564. 

  564. 

  565. 		scp $SSHCONF $HOSTLOGIN:/etc/strongswan.conf \
    566. 

  566. 		    $TESTRESULTDIR/${host}.strongswan.conf  > /dev/null 2>&1
    567. 

  567. 		if [  -n "$SWANCTL" ]
    568. 

  568. 		then
    569. 

  569. 			scp $SSHCONF $HOSTLOGIN:/etc/swanctl/swanctl.conf \
    570. 

  570. 			$TESTRESULTDIR/${host}.swanctl.conf  > /dev/null 2>&1
    571. 

  571. 

  572. 			for subsys in conns algs certs pools authorities sas pols
    573. 

  573. 			do
    574. 

  574. 				ssh $SSHCONF $HOSTLOGIN swanctl --list-$subsys \
    575. 

  575. 					> $TESTRESULTDIR/${host}.swanctl.$subsys 2>/dev/null
    576. 

  576. 			done
    577. 

  577. 

  578. 			ssh $SSHCONF $HOSTLOGIN swanctl --stats \
    579. 

  579. 				> $TESTRESULTDIR/${host}.swanctl.stats 2>/dev/null
    580. 

  580. 

  581. 			echo "" >> $TESTRESULTDIR/${host}.swanctl.sas
    582. 

  582. 			cat $TESTRESULTDIR/${host}.swanctl.pols >> \
    583. 

  583. 				$TESTRESULTDIR/${host}.swanctl.sas
    584. 

  584. 			cat $TESTRESULTDIR/${host}.swanctl.algs >> \
    585. 

  585. 				$TESTRESULTDIR/${host}.swanctl.stats
    586. 

  586. 		else
    587. 

  587. 		    for file in ipsec.conf ipsec.secrets
    588. 

  588. 		    do
    589. 

  589. 				scp $SSHCONF $HOSTLOGIN:/etc/$file \
    590. 

  590. 			    $TESTRESULTDIR/${host}.$file  > /dev/null 2>&1
    591. 

  591. 		    done
    592. 

  592. 

  593. 		    for command in statusall listall
    594. 

  594. 		    do
    595. 

  595. 				ssh $SSHCONF $HOSTLOGIN ipsec $command \
    596. 

  596. 			    > $TESTRESULTDIR/${host}.$command 2>/dev/null
    597. 

  597. 		    done
    598. 

  598. 		fi
    599. 

  599. 

  600. 		if (! [ -f $TESTRESULTDIR/${host}.ipsec.sql ] ) then
    601. 

  601. 			scp $SSHCONF $HOSTLOGIN:/etc/ipsec.d/ipsec.sql \
    602. 

  602. 				$TESTRESULTDIR/${host}.ipsec.sql  > /dev/null 2>&1
    603. 

  603. 		fi
    604. 

  604. 

  605. 	    ssh $SSHCONF $HOSTLOGIN ip -s xfrm policy \
    606. 

  606. 		    > $TESTRESULTDIR/${host}.ip.policy 2>/dev/null
    607. 

  607. 	    ssh $SSHCONF $HOSTLOGIN ip -s xfrm state \
    608. 

  608. 		    > $TESTRESULTDIR/${host}.ip.state 2>/dev/null
    609. 

  609. 	    ssh $SSHCONF $HOSTLOGIN $IPROUTE_CMD \
    610. 

  610. 		    > $TESTRESULTDIR/${host}.ip.route 2>/dev/null
    611. 

  611. 	    ssh $SSHCONF $HOSTLOGIN $IPTABLES_CMD \
    612. 

  612. 		    > $TESTRESULTDIR/${host}.iptables 2>/dev/null
    613. 

  613. 		ssh $SSHCONF $HOSTLOGIN $IPTABLES_SAVE_CMD \
    614. 

  614. 		    > $TESTRESULTDIR/${host}.iptables-save 2>/dev/null
    615. 

  615. 	    chmod a+r $TESTRESULTDIR/*
    616. 

  616. 

  617. 		if [ -n "$SWANCTL" ]
    618. 

  618. 		then
    619. 

  619. 		    cat >> $TESTRESULTDIR/index.html <<@EOF
    620. 

  620.     <h3>$host</h3>
    621. 

  621.       <table border="0" cellspacing="0" width="600">
    622. 

  622.       <tr>
    623. 

  623. 	<td valign="top">
    624. 

  624. 	  <ul>
    625. 

  625. 	    <li><a href="$host.swanctl.conf">swanctl.conf</a></li>
    626. 

  626. 	    <li><a href="$host.swanctl.conns">swanctl --list-conns</a></li>
    627. 

  627. 	    <li><a href="$host.swanctl.certs">swanctl --list-certs</a></li>
    628. 

  628. 	    <li><a href="$host.strongswan.conf">strongswan.conf</a></li>
    629. 

  629. 	    <li><a href="$host.ipsec.sql">ipsec.sql</a></li>
    630. 

  630. 	  </ul>
    631. 

  631. 	</td>
    632. 

  632. 	<td valign="top">
    633. 

  633. 	  <ul>
    634. 

  634. 	    <li><a href="$host.swanctl.sas">swanctl --list-sas|--list-pols</a></li>
    635. 

  635. 	    <li><a href="$host.swanctl.pools">swanctl --list-pools</a></li>
    636. 

  636. 	    <li><a href="$host.swanctl.authorities">swanctl --list-authorities</a></li>
    637. 

  637. 	    <li><a href="$host.swanctl.stats">swanctl --stats|--list-algs</a></li>
    638. 

  638. 	    <li><a href="$host.auth.log">auth.log</a></li>
    639. 

  639. 	    <li><a href="$host.daemon.log">daemon.log</a></li>
    640. 

  640. 	  </ul>
    641. 

  641.       </td>
    642. 

  642. 	<td valign="top">
    643. 

  643. 	  <ul>
    644. 

  644. 	    <li><a href="$host.ip.policy">ip -s xfrm policy</a></li>
    645. 

  645. 	    <li><a href="$host.ip.state">ip -s xfrm state</a></li>
    646. 

  646. 	    <li><a href="$host.ip.route">$IPROUTE_DSP</a></li>
    647. 

  647. 	    <li><a href="$host.iptables">$IPTABLES_DSP</a></li>
    648. 

  648. 	    <li><a href="$host.iptables-save">$IPTABLES_SAVE_DSP</a></li>
    649. 

  649. 	  </ul>
    650. 

  650. 	  &nbsp;
    651. 

  651.       </td>
    652. 

  652.     </tr>
    653. 

  653.     </table>
    654. 

  654. @EOF
    655. 

  655. 

  656. 		else
    657. 

  657. 		    cat >> $TESTRESULTDIR/index.html <<@EOF
    658. 

  658.     <h3>$host</h3>
    659. 

  659.       <table border="0" cellspacing="0" width="600">
    660. 

  660.       <tr>
    661. 

  661. 	<td valign="top">
    662. 

  662. 	  <ul>
    663. 

  663. 	    <li><a href="$host.ipsec.conf">ipsec.conf</a></li>
    664. 

  664. 	    <li><a href="$host.ipsec.secrets">ipsec.secrets</a></li>
    665. 

  665. 	    <li><a href="$host.ipsec.sql">ipsec.sql</a></li>
    666. 

  666. 	    <li><a href="$host.strongswan.conf">strongswan.conf</a></li>
    667. 

  667. 	  </ul>
    668. 

  668. 	</td>
    669. 

  669. 	<td valign="top">
    670. 

  670. 	  <ul>
    671. 

  671. 	    <li><a href="$host.statusall">ipsec statusall</a></li>
    672. 

  672. 	    <li><a href="$host.listall">ipsec listall</a></li>
    673. 

  673. 	    <li><a href="$host.auth.log">auth.log</a></li>
    674. 

  674. 	    <li><a href="$host.daemon.log">daemon.log</a></li>
    675. 

  675. 	  </ul>
    676. 

  676.       </td>
    677. 

  677. 	<td valign="top">
    678. 

  678. 	  <ul>
    679. 

  679. 	    <li><a href="$host.ip.policy">ip -s xfrm policy</a></li>
    680. 

  680. 	    <li><a href="$host.ip.state">ip -s xfrm state</a></li>
    681. 

  681. 	    <li><a href="$host.ip.route">$IPROUTE_DSP</a></li>
    682. 

  682. 	    <li><a href="$host.iptables">$IPTABLES_DSP</a></li>
    683. 

  683. 	    <li><a href="$host.iptables-save">$IPTABLES_SAVE_DSP</a></li>
    684. 

  684. 	  </ul>
    685. 

  685.       </td>
    686. 

  686.     </tr>
    687. 

  687.     </table>
    688. 

  688. @EOF
    689. 

  689. 		fi
    690. 

  690. 	done
    691. 

  691. 

  692. 	for host in $RADIUSHOSTS
    693. 

  693. 	do
    694. 

  694. 	    eval HOSTLOGIN=root@\$ipv4_${host}
    695. 

  695. 

  696. 		RADIUS_DIR=/etc/freeradius/3.0
    697. 

  697. 		RADIUS_EAP_FILE=mods-enabled/eap
    698. 

  698. 		RADIUS_EAP_NAME=eap
    699. 

  699. 		if [ "$BASEIMGSUITE" == "jessie" ]
    700. 

  700. 		then
    701. 

  701. 			RADIUS_DIR=/etc/freeradius
    702. 

  702. 			RADIUS_EAP_FILE=eap.conf
    703. 

  703. 			RADIUS_EAP_NAME=eap.conf
    704. 

  704. 		fi
    705. 

  705. 

  706. 		for file in clients.conf radiusd.conf proxy.conf users sites-enabled/default sites-enabled/inner-tunnel $RADIUS_EAP_FILE
    707. 

  707. 	    do
    708. 

  708. 		scp $SSHCONF $HOSTLOGIN:$RADIUS_DIR/$file \
    709. 

  709. 		    $TESTRESULTDIR/${host}.$(basename $file) > /dev/null 2>&1
    710. 

  710. 	    done
    711. 

  711. 

  712. 	    scp $SSHCONF $HOSTLOGIN:/var/log/freeradius/radius.log \
    713. 

  713. 		$TESTRESULTDIR/${host}.radius.log  > /dev/null 2>&1
    714. 

  714. 

  715. 	    chmod a+r $TESTRESULTDIR/*
    716. 

  716. 	    cat >> $TESTRESULTDIR/index.html <<@EOF
    717. 

  717.     <h3>$host</h3>
    718. 

  718.       <table border="0" cellspacing="0" width="600">
    719. 

  719.       <tr>
    720. 

  720. 	<td valign="top">
    721. 

  721. 	  <ul>
    722. 

  722. 	    <li><a href="$host.clients.conf">clients.conf</a></li>
    723. 

  723. 	    <li><a href="$host.radiusd.conf">radiusd.conf</a></li>
    724. 

  724. 	    <li><a href="$host.$RADIUS_EAP_NAME">$RADIUS_EAP_NAME</a></li>
    725. 

  725. 	  </ul>
    726. 

  726. 	</td>
    727. 

  727. 	<td valign="top">
    728. 

  728. 	  <ul>
    729. 

  729. 	    <li><a href="$host.default">sites-enabled/default</a></li>
    730. 

  730. 	    <li><a href="$host.inner-tunnel">sites-enabled/inner-tunnel</a></li>
    731. 

  731. 	    <li><a href="$host.radius.log">radius.log</a></li>
    732. 

  732. 	  </ul>
    733. 

  733.       </td>
    734. 

  734. 	<td valign="top">
    735. 

  735. 	  <ul>
    736. 

  736. 	    <li><a href="$host.proxy.conf">proxy.conf</a></li>
    737. 

  737. 	    <li><a href="$host.users">users</a></li>
    738. 

  738. 	  </ul>
    739. 

  739.       </td>
    740. 

  740.     </tr>
    741. 

  741.     </table>
    742. 

  742. @EOF
    743. 

  743. 

  744. 	done
    745. 

  745. 

  746. 	cat >> $TESTRESULTDIR/index.html <<@EOF
    747. 

  747. 	<h3>tcpdump</h3>
    748. 

  748. 	<ul>
    749. 

  749. @EOF
    750. 

  750. 

  751. 	for host in $TCPDUMPHOSTS
    752. 

  752. 	do
    753. 

  753. 	    cat >> $TESTRESULTDIR/index.html <<@EOF
    754. 

  754. 	    <li><a href="$host.tcpdump.log">$host tcpdump.log</a></li>
    755. 

  755. @EOF
    756. 

  756. 	done
    757. 

  757. 

  758. 	cat >> $TESTRESULTDIR/index.html <<@EOF
    759. 

  759. 	</ul>
    760. 

  760. @EOF
    761. 

  761. 

  762. 	cat >> $TESTRESULTDIR/index.html <<@EOF
    763. 

  763.   </td></tr>
    764. 

  764. </table>
    765. 

  765. </body>
    766. 

  766. </html>
    767. 

  767. @EOF
    768. 

  768. 

  769. 

  770. 	##########################################################################
    771. 

  771. 	# execute post-test commands
    772. 

  772. 	#
    773. 

  773. 

  774. 	echo -n "post"
    775. 

  775. 	echo -e "\nPOST-TEST\n" >> $CONSOLE_LOG 2>&1
    776. 

  776. 

  777. 	eval `awk -F "::" '{
    778. 

  778. 	    if ($1 !~ /^#.*/ && $2 != "")
    779. 

  779. 	    {
    780. 

  780. 		printf("echo \"$(print_time)%s# %s\"; ", $1, $2)
    781. 

  781. 		printf("ssh \044SSHCONF root@\044ipv4_%s \"%s\"; ", $1, $2)
    782. 

  782. 		printf("echo;\n")
    783. 

  783. 	    }
    784. 

  784. 	}' $TESTDIR/posttest.dat` >> $CONSOLE_LOG 2>&1
    785. 

  785. 

  786. 	##########################################################################
    787. 

  787. 	# check that IPsec state was cleaned up properly
    788. 

  788. 	#
    789. 

  789. 

  790. 	for host in $IPSECHOSTS
    791. 

  791. 	do
    792. 

  792. 		eval HOSTLOGIN=root@\$ipv4_${host}
    793. 

  793. 		IPSECSTATE=`ssh $SSHCONF $HOSTLOGIN 'ip xfrm state'`
    794. 

  794. 		# ignore IPv4/v6 states created with IPComp SAs
    795. 

  795. 		IPSECSTATEISSUE=`echo "$IPSECSTATE" | grep 'proto.*spi' | grep -v 'proto 4'`
    796. 

  796. 		IPSECPOLICY=`ssh $SSHCONF $HOSTLOGIN 'ip xfrm policy'`
    797. 

  797. 		if [ -n "$IPSECSTATEISSUE" -o -n "$IPSECPOLICY" ]
    798. 

  798. 		then
    799. 

  799. 			echo -e "\n$host# ip xfrm state [NO]" >> $CONSOLE_LOG
    800. 

  800. 			echo "$IPSECSTATE" >> $CONSOLE_LOG
    801. 

  801. 			echo -e "\n$host# ip xfrm policy [NO]" >> $CONSOLE_LOG
    802. 

  802. 			echo "$IPSECPOLICY" >> $CONSOLE_LOG
    803. 

  803. 			STATUS="failed"
    804. 

  804. 		fi
    805. 

  805. 	done
    806. 

  806. 

  807. 

  808. 	##########################################################################
    809. 

  809. 	# make sure there were no leaks
    810. 

  810. 	#
    811. 

  811. 

  812. 	for host in $STRONGSWANHOSTS
    813. 

  813. 	do
    814. 

  814. 		eval HOSTLOGIN=root@\$ipv4_${host}
    815. 

  815. 		LEAKS=`ssh $SSHCONF $HOSTLOGIN 'cat $LEAK_DETECTIVE_LOG 2>/dev/null | grep -v "No leaks detected.*"'`
    816. 

  816. 		if [ -n "$LEAKS" ]
    817. 

  817. 		then
    818. 

  818. 			echo -e "\n$host# cat $LEAK_DETECTIVE_LOG [NO]" >> $CONSOLE_LOG
    819. 

  819. 			echo "$LEAKS" >> $CONSOLE_LOG
    820. 

  820. 			echo "<<< $host $LEAK_DETECTIVE_LOG >>>" >> $CONSOLE_LOG
    821. 

  821. 			STATUS="failed"
    822. 

  822. 		fi
    823. 

  823. 	done
    824. 

  824. 

  825. 

  826. 	##########################################################################
    827. 

  827. 	# get a copy of /var/log/auth.log
    828. 

  828. 	#
    829. 

  829. 

  830. 	for host in $IPSECHOSTS
    831. 

  831. 	do
    832. 

  832. 	    eval HOSTLOGIN=root@\$ipv4_${host}
    833. 

  833. 	    ssh $SSHCONF $HOSTLOGIN "grep -s -E 'charon|last message repeated|imcv|pt-tls-client' \
    834. 

  834. 		/var/log/auth.log" >> $TESTRESULTDIR/${host}.auth.log
    835. 

  835. 	done
    836. 

  836. 

  837. 

  838. 	##########################################################################
    839. 

  839. 	# get a copy of /var/log/daemon.log
    840. 

  840. 	#
    841. 

  841. 

  842. 	for host in $IPSECHOSTS
    843. 

  843. 	do
    844. 

  844. 	    eval HOSTLOGIN=root@\$ipv4_${host}
    845. 

  845. 	    ssh $SSHCONF $HOSTLOGIN "grep -s -E 'systemd|swanctl|charon|last message repeated|imcv' \
    846. 

  846. 		/var/log/daemon.log" >> $TESTRESULTDIR/${host}.daemon.log
    847. 

  847. 	done
    848. 

  848. 

  849. 

  850. 	##########################################################################
    851. 

  851. 	# stop tcpdump if necessary
    852. 

  852. 	#
    853. 

  853. 

  854. 	for host in $TCPDUMPHOSTS
    855. 

  855. 	do
    856. 

  856. 	    if [ "`eval echo \\\$TDUP_${host}`" = "true" ]
    857. 

  857. 	    then
    858. 

  858. 			stop_tcpdump $host
    859. 

  859. 	    fi
    860. 

  860. 	    eval HOSTLOGIN=root@\$ipv4_${host}
    861. 

  861. 		scp $SSHCONF $HOSTLOGIN:/tmp/tcpdump.log \
    862. 

  862. 			$TESTRESULTDIR/${host}.tcpdump.log > /dev/null 2>&1
    863. 

  863. 	done
    864. 

  864. 

  865. 	##########################################################################
    866. 

  866. 	# remove database directory if needed
    867. 

  867. 	#
    868. 

  868. 

  869. 	for host in $DBHOSTS
    870. 

  870. 	do
    871. 

  871. 		eval HOSTLOGIN=root@\$ipv4_${host}
    872. 

  872. 	    ssh $SSHCONF $HOSTLOGIN "umount $DBDIR; rm -r $DBDIR" > /dev/null 2>&1
    873. 

  873. 	done
    874. 

  874. 

  875. 	##########################################################################
    876. 

  876. 	# copy default host config back if necessary
    877. 

  877. 	#
    878. 

  878. 

  879. 	$DIR/scripts/restore-defaults $testname
    880. 

  880. 

  881. 

  882. 	##########################################################################
    883. 

  883. 	# set counters
    884. 

  884. 	#
    885. 

  885. 

  886. 	if [ $STATUS = "failed" ]
    887. 

  887. 	then
    888. 

  888. 	    let "failed_cnt += 1"
    889. 

  889. 	else
    890. 

  890. 	    let "passed_cnt += 1"
    891. 

  891. 	fi
    892. 

  892. 

  893. 

  894. 	##########################################################################
    895. 

  895. 	# write test status to html file
    896. 

  896. 	#
    897. 

  897. 	testend=$(date +%s)
    898. 

  898. 	let "testend -= teststart"
    899. 

  899. 	let "timetotal += testend"
    900. 

  900. 

  901. 	if [ $STATUS = "passed" ]
    902. 

  902. 	then
    903. 

  903. 		COLOR="green"
    904. 

  904. 		log_status 0
    905. 

  905. 	else
    906. 

  906. 		COLOR="red"
    907. 

  907. 		log_status 1
    908. 

  908. 	fi
    909. 

  909. 

  910. 	cat >> $TESTRESULTSHTML << @EOF
    911. 

  911.   <tr>
    912. 

  912.     <td>$testnumber</td>
    913. 

  913.     <td><a href="$testname/index.html">$testname</a></td>
    914. 

  914.     <td align="right">$testend</td>
    915. 

  915.     <td><a href="$testname/console.log"><font color="$COLOR">$STATUS</font></a></td>
    916. 

  916.   </tr>
    917. 

  917. @EOF
    918. 

  918. 	cat >> $SUBTESTSINDEX << @EOF
    919. 

  919.   <tr>
    920. 

  920.     <td>$testnumber</td>
    921. 

  921.     <td><a href="$name/index.html">$name</a></td>
    922. 

  922.     <td><a href="$name/console.log"><font color="$COLOR">$STATUS</font></a></td>
    923. 

  923.     <td>&nbsp;</td>
    924. 

  924.   </tr>
    925. 

  925. @EOF
    926. 

  926. 

  927. 

  928. 	##########################################################################
    929. 

  929. 	# remove any charon.pid files that still may exist
    930. 

  930. 	#
    931. 

  931. 

  932. 	for host in $IPSECHOSTS
    933. 

  933. 	do
    934. 

  934. 	    eval HOSTLOGIN=root@\$ipv4_${host}
    935. 

  935. 	    ssh $SSHCONF $HOSTLOGIN 'if [ -f /var/run/charon.pid ]; then rm /var/run/charon.pid; echo "    removed charon.pid on `hostname`"; fi'
    936. 

  936. 	done
    937. 

  937. 

  938. 	if [ -n "$aborted" ]
    939. 

  939. 	then
    940. 

  940. 	    break 2
    941. 

  941. 	fi
    942. 

  942. 

  943.     done
    944. 

  944. 

  945. done
    946. 

  946. 

  947. 

  948. ##############################################################################
    949. 

  949. # finish the results html file
    950. 

  950. #
    951. 

  951. 

  952. cat >> $TESTRESULTSHTML << @EOF
    953. 

  953.     <tr>
    954. 

  954.       <td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td>
    955. 

  955.     </tr>
    956. 

  956.     <tr>
    957. 

  957.       <td><b>Passed</b></td><td><b><font color="green">$passed_cnt</font></b></td><td>&nbsp;</td><td>&nbsp;</td>
    958. 

  958.     </tr>
    959. 

  959.     <tr>
    960. 

  960.       <td><b>Failed</b></td><td><b><font color="red">$failed_cnt</font></b></td><td>&nbsp;</td><td>&nbsp;</td>
    961. 

  961.     </tr>
    962. 

  962.     <tr>
    963. 

  963.       <td><b>Time [s]</b></td><td><b><font color="blue">$timetotal</font></b></td><td>&nbsp;</td><td>&nbsp;</td>
    964. 

  964.     </tr>
    965. 

  965.   </table>
    966. 

  966. </body>
    967. 

  967. </html>
    968. 

  968. @EOF
    969. 

  969. 

  970. if [ $subdir_cnt != 0 ]
    971. 

  971. then
    972. 

  972. cat >> $INDEX << @EOF
    973. 

  973.       <td align="right">$subdir_cnt</td>
    974. 

  974.       <td>&nbsp;</td>
    975. 

  975.     </tr>
    976. 

  976. @EOF
    977. 

  977. fi
    978. 

  978. 

  979. let "all_cnt = $passed_cnt + $failed_cnt"
    980. 

  980. 

  981. cat >> $INDEX << @EOF
    982. 

  982.     <tr>
    983. 

  983.       <td>&nbsp;</td>
    984. 

  984.       <td><a href="all.html"><b>all</b></a></td>
    985. 

  985.       <td align="right"><b>$all_cnt</b></td>
    986. 

  986.       <td>&nbsp;</td>
    987. 

  987.     </tr>
    988. 

  988.     <tr>
    989. 

  989.       <td><b>Failed</b></td>
    990. 

  990.       <td>&nbsp;</td>
    991. 

  991.       <td align="right"><b><font color="red">$failed_cnt</font></b></td>
    992. 

  992.       <td>&nbsp;</td>
    993. 

  993.     </tr>
    994. 

  994.   </table>
    995. 

  995. </body>
    996. 

  996. </html>
    997. 

  997. @EOF
    998. 

  998. 

  999. echo
    1000. 

  1000. echo_ok     "Passed : $passed_cnt"
    1001. 

  1001. echo_failed "Failed : $failed_cnt"
    1002. 

  1002. 

  1003. echo
    1004. 

  1004. echo "The results are available in $TODAYDIR"
    1005. 

  1005. echo "or via the link http://$ipv4_winnetou/testresults/$TESTDATE"
    1006. 

  1006. 

  1007. ENDDATE=`date +%Y%m%d-%H%M-%S`
    1008. 

  1008. echo
    1009. 

  1009. echo "Finished : $ENDDATE"
    1010.