tcp_fastopen_backup_key.sh 1.1 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455
  1. #!/bin/bash
  2. # SPDX-License-Identifier: GPL-2.0
  3. #
  4. # rotate TFO keys for ipv4/ipv6 and verify that the client does
  5. # not present an invalid cookie.
  6. set +x
  7. set -e
  8. readonly NETNS="ns-$(mktemp -u XXXXXX)"
  9. setup() {
  10. ip netns add "${NETNS}"
  11. ip -netns "${NETNS}" link set lo up
  12. ip netns exec "${NETNS}" sysctl -w net.ipv4.tcp_fastopen=3 \
  13. >/dev/null 2>&1
  14. }
  15. cleanup() {
  16. ip netns del "${NETNS}"
  17. }
  18. trap cleanup EXIT
  19. setup
  20. do_test() {
  21. # flush routes before each run, otherwise successive runs can
  22. # initially present an old TFO cookie
  23. ip netns exec "${NETNS}" ip tcp_metrics flush
  24. ip netns exec "${NETNS}" ./tcp_fastopen_backup_key "$1"
  25. val=$(ip netns exec "${NETNS}" nstat -az | \
  26. grep TcpExtTCPFastOpenPassiveFail | awk '{print $2}')
  27. if [ "$val" != 0 ]; then
  28. echo "FAIL: TcpExtTCPFastOpenPassiveFail non-zero"
  29. return 1
  30. fi
  31. }
  32. do_test "-4"
  33. do_test "-6"
  34. do_test "-4"
  35. do_test "-6"
  36. do_test "-4s"
  37. do_test "-6s"
  38. do_test "-4s"
  39. do_test "-6s"
  40. do_test "-4r"
  41. do_test "-6r"
  42. do_test "-4r"
  43. do_test "-6r"
  44. do_test "-4sr"
  45. do_test "-6sr"
  46. do_test "-4sr"
  47. do_test "-6sr"
  48. echo "all tests done"