1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00

test-network: add tests for MACsec

This commit is contained in:
Yu Watanabe 2019-04-05 15:58:50 +09:00
parent e57319dd54
commit 02849d8b4f
5 changed files with 117 additions and 0 deletions

View File

@ -0,0 +1 @@
85858585858585858585858585858585

View File

@ -0,0 +1,68 @@
[NetDev]
Name=macsec99
Kind=macsec
[MACsec]
Port=11
Encrypt=yes
[MACsecTransmitAssociation]
PacketNumber=1024
KeyId=01
Key=81818181818181818181818181818181
Activate=yes
[MACsecTransmitAssociation]
PacketNumber=512
KeyId=0203
Key=82828282828282828282828282828282
UseForEncoding=yes
[MACsecReceiveChannel]
Port=2
MACAddress=8c:16:45:6c:83:a9
[MACsecReceiveAssociation]
Port=2
MACAddress=8c:16:45:6c:83:a9
PacketNumber=16
KeyId=020304
Key=83838383838383838383838383838383
[MACsecReceiveAssociation]
Port=256
MACAddress=c6:19:52:8f:e6:a0
PacketNumber=32
KeyId=02030405
Key=84848484848484848484848484848484
Activate=yes
[MACsecReceiveAssociation]
Port=256
MACAddress=c6:19:52:8f:e6:a0
PacketNumber=128
KeyId=0203040506
KeyFile=/run/systemd/network/25-macsec.key
Activate=yes
[MACsecReceiveAssociation]
Port=256
MACAddress=c6:19:52:8f:e6:a0
KeyId=020304050607
Key=86868686868686868686868686868686
Activate=no
[MACsecReceiveAssociation]
Port=256
MACAddress=c6:19:52:8f:e6:a0
KeyId=02030405060708
Key=87878787878787878787878787878787
Activate=no
[MACsecReceiveAssociation]
# This section should be dropped.
Port=256
MACAddress=c6:19:52:8f:e6:a0
KeyId=0203040506070809
Key=88888888888888888888888888888888
Activate=no

View File

@ -0,0 +1,6 @@
[Match]
Name=macsec99
[Network]
IPv6AcceptRA=no
Address=10.1.2.3/16

View File

@ -0,0 +1,9 @@
[Match]
Name=dummy98
[Link]
MACAddress=00:50:56:c0:00:19
[Network]
IPv6AcceptRA=no
MACsec=macsec99

View File

@ -290,6 +290,9 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
'25-ipip-tunnel.netdev',
'25-ipvlan.netdev',
'25-isatap-tunnel.netdev',
'25-macsec.key',
'25-macsec.netdev',
'25-macsec.network',
'25-sit-tunnel-local-any.netdev',
'25-sit-tunnel-remote-any.netdev',
'25-sit-tunnel.netdev',
@ -322,6 +325,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
'ipip.network',
'ipvlan.network',
'isatap.network',
'macsec.network',
'macvlan.network',
'macvtap.network',
'sit.network',
@ -875,6 +879,35 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
self.assertRegex(output, 'remcsumrx')
self.assertRegex(output, 'gbp')
def test_macsec(self):
self.copy_unit_to_networkd_unit_path('25-macsec.netdev', '25-macsec.network', '25-macsec.key',
'macsec.network', '12-dummy.netdev')
self.start_networkd(0)
self.wait_online(['dummy98:degraded', 'macsec99:routable'])
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'macsec99']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'macsec99@dummy98')
self.assertRegex(output, 'macsec sci [0-9a-f]*000b')
self.assertRegex(output, 'encrypt on')
output = subprocess.check_output(['ip', 'macsec', 'show', 'macsec99']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'encrypt on')
self.assertRegex(output, 'TXSC: [0-9a-f]*000b on SA 1')
self.assertRegex(output, '0: PN [0-9]*, state on, key 01000000000000000000000000000000')
self.assertRegex(output, '1: PN [0-9]*, state on, key 02030000000000000000000000000000')
self.assertRegex(output, 'RXSC: c619528fe6a00100, state on')
self.assertRegex(output, '0: PN [0-9]*, state on, key 02030405000000000000000000000000')
self.assertRegex(output, '1: PN [0-9]*, state on, key 02030405060000000000000000000000')
self.assertRegex(output, '2: PN [0-9]*, state off, key 02030405060700000000000000000000')
self.assertRegex(output, '3: PN [0-9]*, state off, key 02030405060708000000000000000000')
self.assertNotRegex(output, 'key 02030405067080900000000000000000')
self.assertRegex(output, 'RXSC: 8c16456c83a90002, state on')
self.assertRegex(output, '0: PN [0-9]*, state off, key 02030400000000000000000000000000')
class NetworkdL2TPTests(unittest.TestCase, Utilities):
links =[