Commit 7ce065a1 authored by Andrei Vagin's avatar Andrei Vagin Committed by Pavel Emelyanov

zdmt: add more checks into socket-closed-tcp

Check source and destination addresses for closed tcp sockets.

travis-ci: success for series starting with [01/21] build: install libnet-dev
Signed-off-by: 's avatarAndrei Vagin <avagin@virtuozzo.com>
Signed-off-by: 's avatarPavel Emelyanov <xemul@virtuozzo.com>
parent 16644f73
......@@ -73,7 +73,6 @@ TST_NOFILE := \
socket-tcpbuf-local \
socket-tcpbuf6-local \
socket-tcpbuf6 \
socket-closed-tcp \
socket-tcp-fin-wait1 \
socket-tcp6-fin-wait1 \
socket-tcp-fin-wait2 \
......@@ -84,6 +83,9 @@ TST_NOFILE := \
socket-tcp6-last-ack \
socket-tcp-closing \
socket-tcp6-closing \
socket-tcp-closed \
socket-tcp-closed-last-ack \
socket-tcp6-closed \
sock_opts00 \
sock_opts01 \
sk-unix-unconn \
......@@ -414,6 +416,8 @@ socket-tcp6-local: override CFLAGS += -D ZDTM_TCP_LOCAL -D ZDTM_IPV6
socket-tcp-local: override CFLAGS += -D ZDTM_TCP_LOCAL
socket-tcp-nfconntrack: override CFLAGS += -D ZDTM_TCP_LOCAL -DZDTM_CONNTRACK
socket_listen6: override CFLAGS += -D ZDTM_IPV6
socket-tcp6-closed: override CFLAGS += -D ZDTM_IPV6
socket-tcp-closed-last-ack: override CFLAGS += -D ZDTM_TCP_LAST_ACK
mnt_ext_manual: override CFLAGS += -D ZDTM_EXTMAP_MANUAL
sigpending: override LDLIBS += -lrt
vdso01: override LDLIBS += -lrt
......
socket-tcp-closed.c
\ No newline at end of file
{ 'deps': [ '/bin/sh',
'/sbin/iptables',
'/usr/lib64/xtables/libxt_tcp.so|/lib/xtables/libxt_tcp.so|/usr/lib/powerpc64le-linux-gnu/xtables/libxt_tcp.so|/usr/lib/x86_64-linux-gnu/xtables/libxt_tcp.so',
'/usr/lib64/xtables/libxt_standard.so|/lib/xtables/libxt_standard.so|/usr/lib/powerpc64le-linux-gnu/xtables/libxt_standard.so|/usr/lib/x86_64-linux-gnu/xtables/libxt_standard.so',
],
'opts': '--tcp-established',
'flags': 'suid nouser samens',
'feature' : 'tcp_half_closed',
'flavor': 'ns uns',
}
socket-tcp-fin-wait1.hook
\ No newline at end of file
......@@ -6,7 +6,7 @@
#define ZDTM_FAMILY AF_INET
#endif
const char *test_doc = "Check, that a TCP socket in the TCP_CLOSE state can be restored\n";
const char *test_doc = "Check closed tcp sockets\n";
const char *test_author = "Andrey Vagin <avagin@openvz.org";
#include <stdio.h>
......@@ -17,15 +17,34 @@ const char *test_author = "Andrey Vagin <avagin@openvz.org";
#include <stdlib.h>
#include <signal.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
static int port = 8880;
union sockaddr_inet {
struct sockaddr addr;
struct sockaddr_in v4;
struct sockaddr_in6 v6;
};
int main(int argc, char **argv)
{
int fd, fd_s, clt;
int fd, fd_s, clt, sk;
union sockaddr_inet src_addr, dst_addr, addr;
socklen_t aux;
char c = 5;
#ifdef ZDTM_TCP_LAST_ACK
char cmd[4096];
#endif
test_init(argc, argv);
sk = socket(ZDTM_FAMILY, SOCK_STREAM, 0);
if (sk < 0) {
pr_perror("socket");
return 1;
}
if ((fd_s = tcp_init_server(ZDTM_FAMILY, &port)) < 0) {
pr_err("initializing server failed\n");
return 1;
......@@ -45,13 +64,75 @@ int main(int argc, char **argv)
}
close(fd_s);
shutdown(fd, SHUT_WR);
shutdown(clt, SHUT_WR);
close(fd);
#ifdef ZDTM_TCP_LAST_ACK
snprintf(cmd, sizeof(cmd), "iptables -w -t filter --protocol tcp -A INPUT --dport %d -j DROP", port);
if (system(cmd))
return -1;
#endif
shutdown(fd, SHUT_WR);
if (ZDTM_FAMILY == AF_INET)
aux = sizeof(struct sockaddr_in);
else if (ZDTM_FAMILY == AF_INET6)
aux = sizeof(struct sockaddr_in6);
else
return 1;
if (getsockopt(clt, SOL_SOCKET, SO_PEERNAME, &dst_addr, &aux)) {
pr_perror("SO_PEERNAME");
return 1;
}
if (getsockname(clt, &src_addr.addr, &aux)) {
pr_perror("getsockname");
return 1;
}
test_daemon();
test_waitsig();
#ifdef ZDTM_TCP_LAST_ACK
snprintf(cmd, sizeof(cmd), "iptables -w -t filter --protocol tcp -D INPUT --dport %d -j DROP", port);
if (system(cmd))
return -1;
#endif
if (read(fd, &c, 1) != 0) {
fail("read");
return 1;
}
if (read(clt, &c, 1) != 0) {
fail("read");
return 1;
}
if (write(clt, &c, 1) != -1) {
fail("write");
return 1;
}
if (write(fd, &c, 1) != -1) {
fail("write");
return 1;
}
if (getsockopt(clt, SOL_SOCKET, SO_PEERNAME, &addr, &aux)) {
pr_perror("SO_PEERNAME");
return 1;
}
if (memcmp(&addr, &dst_addr, aux)) {
pr_err("A destination address mismatch");
return 1;
}
if (getsockname(clt, &addr.addr, &aux)) {
pr_perror("getsockname");
return 1;
}
if (memcmp(&addr, &src_addr, aux)) {
pr_err("A source address mismatch");
return 1;
}
pass();
return 0;
......
{'opts': '--tcp-established', 'flags': 'nouser samens', 'feature' : 'tcp_half_closed', 'flavor' : 'ns uns'}
socket-tcp-closed.c
\ No newline at end of file
socket-tcp-closed.desc
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment