ESP path MTU discovery over IPv6 tunnel has been fixed. Add test.

diff --git a/regress/sys/netinet/ipsec/Makefile b/regress/sys/netinet/ipsec/Makefile
index ed7425b..76fa3d4 100644 (file)
--- a/regress/sys/netinet/ipsec/Makefile
+++ b/regress/sys/netinet/ipsec/Makefile
@@ -1,4 +1,4 @@
-#      $OpenBSD: Makefile,v 1.30 2021/01/20 17:38:18 bluhm Exp $
+#      $OpenBSD: Makefile,v 1.31 2021/02/01 18:11:46 bluhm Exp $
 
 # This test needs a manual setup of four machines, the make
 # target create-setup can be used to distribute the configuration.
@@ -155,10 +155,10 @@ PROGS =           nonxt-sendrecv nonxt-reflect
 
 .if empty (IPS_SSH) || empty (RT_SSH) || empty (ECO_SSH)
 regress:
-       # This tests needs three remote machines to operate on.
-       # IPS_SSH RT_SSH ECO_SSH are empty.
-       # Fill out these variables for additional tests, then
-       # check whether your test machines are set up properly.
+       @echo This tests needs three remote machines to operate on.
+       @echo IPS_SSH RT_SSH ECO_SSH are empty.
+       @echo Fill out these variables for additional tests, then
+       @echo check whether your test machines are set up properly.
        @echo SKIPPED
 
 .elif make (regress) || make (all)
@@ -365,7 +365,7 @@ run-send-tcp-${host}_${sec}_${mode}_${ipv}:
 # Send large tcp stream, this should trigger path mtu discovery.
 # but it works only fo a few cases
 
-.if "${sec}" == ESP && "${mode}" == TUNNEL4
+.if "${sec}" == ESP && ("${mode}" == TUNNEL4 || "${mode}" == TUNNEL6)
 TARGETS +=     tcp-pmtu-${host}_${sec}_${mode}_${ipv}
 tcp pmtu ${host:L} ${sec:L} ${mode:L} ${ipv:L}:\
     run-send-tcp-pmtu-${host}_${sec}_${mode}_${ipv}
@@ -510,6 +510,20 @@ run-bpf-tcp-pmtu-IPS_ESP_TUNNEL4_IPV6: stamp-stop
            ${REGEX_REQ_IPS_ESP_TUNNEL4_IPV6_TCP}\
            .* 1:1...\(1352\) ack ' enc0.tcpdump
 
+run-bpf-tcp-pmtu-IPS_ESP_TUNNEL6_IPV4: stamp-stop
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_REQ_TUNNEL6}\
+           ${REGEX_REQ_IPS_ESP_TUNNEL6_IPV4_TCP}\
+           .* 1:1...\(1352\) ack ' enc0.tcpdump
+
+run-bpf-tcp-pmtu-IPS_ESP_TUNNEL6_IPV6: stamp-stop
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_REQ_TUNNEL6}\
+           ${REGEX_REQ_IPS_ESP_TUNNEL6_IPV6_TCP}\
+           .* 1:1...\(1332\) ack ' enc0.tcpdump
+
 run-bpf-tcp-pmtu-ECO_ESP_TUNNEL4_IPV4: stamp-stop
        egrep -q '\
            ${REGEX_ESP}\
@@ -566,6 +580,62 @@ run-bpf-tcp-pmtu-ECO_ESP_TUNNEL4_IPV6: stamp-stop
            ${REGEX_REQ_ECO_ESP_TUNNEL4_IPV6_TCP}\
            .* 1:1...\(1228\) ack ' enc0.tcpdump
 
+run-bpf-tcp-pmtu-ECO_ESP_TUNNEL6_IPV4: stamp-stop
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_REQ_TUNNEL6}\
+           ${REGEX_REQ_ECO_ESP_TUNNEL6_IPV4_TCP}\
+           .* 1:1...\(1352\) ack ' enc0.tcpdump
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_RPL_TUNNEL4}\
+           ${IPS_IN_IPV4} > ${SRC_ESP_TUNNEL_IPV4}:\
+           icmp: ${ECO_ESP_TUNNEL6_IPV4} unreachable -\
+           need to frag \(mtu 1400\) ' enc0.tcpdump
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_REQ_TUNNEL6}\
+           ${REGEX_REQ_ECO_ESP_TUNNEL6_IPV4_TCP}\
+           .* 1:1...\(1348\) ack ' enc0.tcpdump
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_RPL_TUNNEL4}\
+           ${RT_IN_IPV4} > ${SRC_ESP_TUNNEL_IPV4}:\
+           icmp: ${ECO_ESP_TUNNEL6_IPV4} unreachable -\
+           need to frag \(mtu 1300\) ' enc0.tcpdump
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_REQ_TUNNEL6}\
+           ${REGEX_REQ_ECO_ESP_TUNNEL6_IPV4_TCP}\
+           .* 1:1...\(1248\) ack ' enc0.tcpdump
+
+run-bpf-tcp-pmtu-ECO_ESP_TUNNEL6_IPV6: stamp-stop
+       egrep  '\
+           ${REGEX_ESP}\
+           ${REGEX_REQ_TUNNEL6}\
+           ${REGEX_REQ_ECO_ESP_TUNNEL6_IPV6_TCP}\
+           .* 1:1...\(1332\) ack ' enc0.tcpdump
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_RPL_TUNNEL6}\
+           ${IPS_IN_IPV6} > ${SRC_ESP_TUNNEL_IPV6}:\
+           icmp6: too big 1400 ' enc0.tcpdump
+       egrep  '\
+           ${REGEX_ESP}\
+           ${REGEX_REQ_TUNNEL6}\
+           ${REGEX_REQ_ECO_ESP_TUNNEL6_IPV6_TCP}\
+           .* 1:1...\(1328\) ack ' enc0.tcpdump
+       egrep -q '\
+           ${REGEX_ESP}\
+           ${REGEX_RPL_TUNNEL6}\
+           ${RT_IN_IPV6} > ${SRC_ESP_TUNNEL_IPV6}:\
+           icmp6: too big 1300 ' enc0.tcpdump
+       egrep  '\
+           ${REGEX_ESP}\
+           ${REGEX_REQ_TUNNEL6}\
+           ${REGEX_REQ_ECO_ESP_TUNNEL6_IPV6_TCP}\
+           .* 1:1...\(1228\) ack ' enc0.tcpdump
+
 REGRESS_TARGETS =      ${TARGETS:S/^/run-send-/} \
     ${TARGETS:N*_IPIP_*:N*_BUNDLE_*:N*_IN_*:N*_OUT_*:N*-SRC_*:Nudp-*_IPCOMP_*:Ntcp-*_IPCOMP_*:N*-small-*:Nnonxt-*_IPCOMP_*:S/-big-/-/:S/^/run-bpf-/} \
     ${TARGETS:N*_IPIP_*:N*_IPCOMP_*:N*_IN_*:N*_OUT_*:N*-SRC_*:N*-small-*:N*-pmtu-*:S/-big-/-/:S/^/run-pflog-/}