21 Commits

Author SHA1 Message Date
Dave Wallace
85ce93160f tests: fix make test python issues on ubuntu 24.04
- add patch to scapy to use latest six module instead
  of the old scapy specific six module which fails to
  import moves sub-module on python 3.12
- fix warning for deprecated legacy editable install of vpp_papi
- skip failing testcases on ubuntu-24.04

Type: test

Change-Id: Idc1a008c6e45ba69caa50c2e245012eb05effed7
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-08-22 07:35:40 +00:00
Stanislav Zaikin
0f2c6cd1ab ikev2: handoff packets
current approach saves state in per-thread data structure. in
multi-worker + nat-t cases udp/500 and udp/4500 might be dispatched on
different workers. this patch adds hands off packet to 1 explicit thread
- 1st worker (or main thread in case there're no workers) or to thread
  that was explicitly set by user via configuration

Type: improvement

Change-Id: Ib5cd9a4b8612dfaa63b276035709524f7a492d4f
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
2024-08-07 12:07:13 +00:00
Stanislav Zaikin
fa7b7a41e7 ikev2: fix BN_bn2bin re-allocation
the former code was re-allocating the vector when padding takes place.
it's not necessary since we have the correct size. also, it caused
issues since upper layer doesn't know about re-allocation and it caused
crash. with this patch many test-cases are enabled again.

Type: fix

Change-Id: Idf0b320101670ec64d62e9aac6399cc7c54c996f
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
2024-08-07 10:12:22 +00:00
Dave Wallace
cf9356d642 tests: update scapy to version 2.4.5
- Required for Ubuntu 24.04 LTS jobs
- temporarily disable TestIpsecEsp1 and
  TestIpsecAhAll tests until a patch can
  be added to fix them

Type: test

Change-Id: I1ae7b170117182c3252629bbbb770775e2c496c9
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-08-07 09:15:17 +00:00
Andrew Yourtchenko
9987d470a6 tests: disable failing tests on Ubuntu 22.04
Also rework the logic so the skipping of marked Ubuntu 22.04 occurs at framework level

Leave debian11 special cases as-is.

Type: fix
Change-Id: I481eb32cd1a0860935482e9f930ced409da653c9
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2024-07-03 12:43:57 +02:00
Dave Wallace
940a70fff4 tests: upgrade python packages
Type: test

Change-Id: I01500466f3d15c79e38028677ce7e5c75d427fdc
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-04-03 14:10:47 -04:00
Tom Jones
800386ac3f tests: Add missing socket imports in tests
Type: fix
Change-Id: I646f96517d3bda5c0f5644e6bb89ade7818fc466
Signed-off-by: Tom Jones <thj@freebsd.org>
2024-04-02 02:25:22 +00:00
Denys Haryachyy
f40a354dab ikev2: dump state and profile name in CLI and API
Type: improvement

Change-Id: Ide4b45da99e3a67376281f6438997f3148be08e5
Signed-off-by: Denys Haryachyy <garyachy@gmail.com>
2024-02-14 18:47:23 +02:00
Atzm Watanabe
d4f405a70f ikev2: accept rekey request for IKE SA
RFC 7296 describes the way to rekey IKE SAs: to rekey an IKE SA,
establish a new equivalent IKE SA with the peer to whom the old
IKE SA is shared using a CREATE_CHILD_SA within the existing IKE
SA.  An IKE SA so created inherits all of the original IKE SA's
Child SAs, and the new IKE SA is used for all control messages
needed to maintain those Child SAs.

Type: improvement
Signed-off-by: Atzm Watanabe <atzmism@gmail.com>
Change-Id: Icdf43b67c38bf183913a28a08a85236ba16343af
2024-02-09 14:19:31 +00:00
Dave Wallace
8800f732f8 tests: refactor asf framework code
- Make framework.py classes a subset of asfframework.py classes
- Remove all packet related code from asfframework.py
- Add test class and test case set up debug output to log
- Repatriate packet tests from asf to test directory
- Remove non-packet related code from framework.py and
  inherit them from asfframework.py classes
- Clean up unused import variables
- Re-enable BFD tests on Ubuntu 22.04 and fix
  intermittent test failures in echo_looped_back
  testcases (where # control packets verified but
  not guaranteed to be received during test)
- Re-enable Wireguard tests on Ubuntu 22.04 and fix
  intermittent test failures in handshake ratelimiting
  testcases and event testcase
- Run Wiregard testcase suites solo
- Improve debug output in log.txt
- Increase VCL/LDP post sleep timeout to allow iperf server
  to finish cleanly.
- Fix pcap history files to be sorted by suite and testcase
  and ensure order/timestamp is correct based on creation
  in the testcase.
- Decode pcap files for each suite and testcase for all
  errors or if configured via comandline option / env var
- Improve vpp corefile detection to allow complete corefile
  generation
- Disable vm vpp interfaces testcases on debian11
- Clean up failed unittest dir when retrying failed testcases
  and unify testname directory and failed linknames into
  framwork functions

Type: test

Change-Id: I0764f79ea5bb639d278bf635ed2408d4d5220e1e
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-11-03 05:06:43 +00:00
Andrew Yourtchenko
bc37878ecb build: add ability to disable some plugins from packaging and tests
When custom-packaging the VPP artifacts, it can be useful to exclude
some of the core plugins from packaging/testing, for some reasons.
A removal of a plugin(s) from the worktree needs to be tracked as
a separate change, and thus is tricky from the maintenance
point of view.

This change adds the ability to "pretend they do not exist" -
plugins which are added to the comma-separated environment
variable "VPP_EXCLUDED_PLUGINS" will not be added to the build
process and not packaged.

The tests do not have the 1:1 relationship as plugins,
so they might need to be modified separately. This change
includes some of these modifications as an example.

Type: feature
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Id31562d00a01ced1acbb4996a633517cbd6f09d8
2023-10-03 13:23:25 +00:00
Dave Wallace
670724c51e tests: disable failing tests on ubuntu-22.04 debian-11
Type: test

Change-Id: I7b2314a731c83b3dcd69c999edb8ebed53839724
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2022-09-27 03:26:15 +00:00
Atzm Watanabe
c65921f774 ikev2: accept key exchange on CREATE_CHILD_SA
In RFC 7296, CREATE_CHILD_SA Exchange may contain the KE payload
to enable stronger guarantees of forward secrecy.
When the KEi payload is included in the CREATE_CHILD_SA request,
responder should reply with the KEr payload and complete the key
exchange, in accordance with the RFC.

Type: improvement
Signed-off-by: Atzm Watanabe <atzmism@gmail.com>
Change-Id: I13cf6cf24359c11c3366757e585195bb7e999638
2022-08-18 08:03:13 +00:00
Atzm Watanabe
7e6ffba672 ikev2: do not accept rekey until old SA is deleted
Type: fix
Signed-off-by: Atzm Watanabe <atzmism@gmail.com>
Change-Id: I11b6107492004a45104857dc2dae01b9a5a01e3b
2022-08-10 07:44:55 +00:00
Atzm Watanabe
03aae96379 ikev2: fix rekeying with multiple notify payloads
Type: fix
Signed-off-by: Atzm Watanabe <atzmism@gmail.com>
Change-Id: I065bd5c26055d863d786023970e7deeed261b31c
2022-08-08 16:33:39 +09:00
Klement Sekera
d9b0c6fbf7 tests: replace pycodestyle with black
Drop pycodestyle for code style checking in favor of black. Black is
much faster, stable PEP8 compliant code style checker offering also
automatic formatting. It aims to be very stable and produce smallest
diffs. It's used by many small and big projects.

Running checkstyle with black takes a few seconds with a terse output.
Thus, test-checkstyle-diff is no longer necessary.

Expand scope of checkstyle to all python files in the repo, replacing
test-checkstyle with checkstyle-python.

Also, fixstyle-python is now available for automatic style formatting.

Note: python virtualenv has been consolidated in test/Makefile,
test/requirements*.txt which will eventually be moved to a central
location.  This is required to simply the automated generation of
docker executor images in the CI.

Type: improvement
Change-Id: I022a326603485f58585e879ac0f697fceefbc9c8
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2022-05-10 18:52:08 +00:00
Klement Sekera
b23ffd7ef2 tests: make tests less make dependent
Implement command line argument parsing instead of passing arguments via
environment variables. Add script for running tests without having to
invoke make. Deprecate running tests via make.

Type: improvement
Change-Id: I2e3054a61a2ae25d460e9be00be7d7705fbf943e
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2022-02-17 18:02:35 +00:00
Benoît Ganne
c7cceeebb7 ikev2: do not require optional IDr on IKE AUTH
IDr is optional in IKE AUTH from the initiator. In that case, the
responder is free to use any matching profile and fills the
corresponding IDr in the response.
The initiator is then free to accept or reject it.

Type: improvement

Change-Id: I07a1c64a40ed22bd41767c259406238bbbab5cf4
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-10-07 15:22:17 +00:00
Benoît Ganne
a427690b80 ikev2: support variable-length nonces
IKEv2 nonces can be 16 to 256 bytes.

Type: fix

Change-Id: Ib332028594355c9e5b462bddb7e4dffbcdc9a927
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-09-27 14:39:15 +00:00
Benoît Ganne
1eaaba4198 ikev2: check for valid cipher + integrity
Type: improvement

Change-Id: Ic09b2c777a7c82e8d7074164280f817f9141529b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-08-26 14:47:35 +00:00
Dave Wallace
eddd8e3588 tests: move test source to vpp/test
- Generate copyright year and version
  instead of using hard-coded data

Type: refactor

Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I6058f5025323b3aa483f5df4a2c4371e27b5914e
2021-05-13 09:33:06 +00:00