xref: /openbsd/regress/usr.bin/nc/Makefile (revision d89ec533) 
1#	$OpenBSD: Makefile,v 1.10 2021/07/14 05:04:08 anton Exp $
2
3# Copyright (c) 2020 Alexander Bluhm <bluhm@openbsd.org>
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16
17PROGS =			client-tcp server-tcp
18SRCS_client-tcp =	client-tcp.c util.c
19SRCS_server-tcp =	server-tcp.c util.c
20WARNINGS =		yes
21
22NC =			./netcat-regress
23
24CLEANFILES =		${NC:T} {client,server}.{out,err,port,sock} ktrace.out
25
26REGRESS_SETUP =		setup
27setup:
28	pkill ${NC:T} || true
29	rm -f ${NC:T}
30	# copying global netcat to local name allows to pkill it during cleanup
31	cp /usr/bin/nc ${NC:T}
32	chmod 755 ${NC:T}
33
34REGRESS_CLEANUP =	cleanup
35cleanup:
36	-pkill ${NC:T} || true
37
38REGRESS_TARGETS =
39
40SERVER_NC = rm -f server.err; echo greeting | ${NC}
41CLIENT_NC = rm -f client.err; echo command | ${NC}
42SERVER_BG = 2>&1 >server.out | tee server.err &
43CLIENT_BG = 2>&1 >client.out | tee client.err &
44SERVER_LOG = >server.out 2>server.err
45CLIENT_LOG = >client.out 2>client.err
46
47PORT_GET = \
48	sed -E -n 's/(Listening|Bound) on .* //p' server.err >server.port
49PORT = `cat server.port`
50
51LISTEN_WAIT = \
52	let timeout=`date +%s`+5; \
53	until grep -q 'Listening on ' server.err; \
54	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
55
56BIND_WAIT = \
57	let timeout=`date +%s`+5; \
58	until grep -q 'Bound on ' server.err; \
59	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
60
61BIND_CLIENT_WAIT = \
62	let timeout=`date +%s`+5; \
63	until grep -q 'Bound on ' client.err; \
64	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
65
66CONNECT_WAIT = \
67	let timeout=`date +%s`+5; \
68	until grep -q 'Connection to .* succeeded' client.err; \
69	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
70
71TLS_WAIT = \
72	let timeout=`date +%s`+5; \
73	until grep -q 'Cert Hash:' client.err; \
74	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
75
76TRANSFER_WAIT = \
77	let timeout=`date +%s`+5; \
78	until grep -q 'greeting' client.out && grep -q 'command' server.out; \
79	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
80
81TRANSFER_CLIENT_WAIT = \
82	let timeout=`date +%s`+5; \
83	until grep -q 'greeting' client.out; \
84	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
85
86TRANSFER_SERVER_WAIT = \
87	let timeout=`date +%s`+5; \
88	until grep -q 'command' server.out; \
89	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
90
91RUNNING_WAIT = \
92	let timeout=`date +%s`+5; \
93	while ps -xww -o comm,stat | grep -q '${NC:T} .*R'; \
94	do [[ `date +%s` -lt $$timeout ]] || { echo timeout; exit 1; }; done
95
96### TCP ####
97
98REGRESS_TARGETS +=	run-tcp
99run-tcp:
100	${SERVER_NC} -n -v -l 127.0.0.1 0 ${SERVER_BG}
101	${LISTEN_WAIT}
102	${PORT_GET}
103	${CLIENT_NC} -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
104	${CONNECT_WAIT}
105	${TRANSFER_WAIT}
106	grep '^greeting$$' client.out
107	grep '^command$$' server.out
108	grep 'Listening on 127.0.0.1 ' server.err
109	grep 'Connection received on 127.0.0.1 ' server.err
110	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
111
112REGRESS_TARGETS +=	run-tcp6
113run-tcp6:
114	${SERVER_NC} -n -v -l ::1 0 ${SERVER_BG}
115	${LISTEN_WAIT}
116	${PORT_GET}
117	${CLIENT_NC} -n -v ::1 ${PORT} ${CLIENT_BG}
118	${CONNECT_WAIT}
119	${TRANSFER_WAIT}
120	grep '^greeting$$' client.out
121	grep '^command$$' server.out
122	grep 'Listening on ::1 ' server.err
123	grep 'Connection received on ::1 ' server.err
124	grep 'Connection to ::1 .* succeeded!' client.err
125
126# TCP resolver
127
128REGRESS_TARGETS +=	run-tcp-localhost-server
129run-tcp-localhost-server:
130	${SERVER_NC} -4 -v -l localhost 0 ${SERVER_BG}
131	${LISTEN_WAIT}
132	${PORT_GET}
133	${CLIENT_NC} -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
134	${CONNECT_WAIT}
135	${TRANSFER_WAIT}
136	grep '^greeting$$' client.out
137	grep '^command$$' server.out
138	grep 'Listening on localhost ' server.err
139	grep 'Connection received on localhost ' server.err
140	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
141
142REGRESS_TARGETS +=	run-tcp6-localhost-server
143run-tcp6-localhost-server:
144	${SERVER_NC} -6 -v -l localhost 0 ${SERVER_BG}
145	${LISTEN_WAIT}
146	${PORT_GET}
147	${CLIENT_NC} -n -v ::1 ${PORT} ${CLIENT_BG}
148	${CONNECT_WAIT}
149	${TRANSFER_WAIT}
150	grep '^greeting$$' client.out
151	grep '^command$$' server.out
152	grep 'Listening on localhost ' server.err
153	grep 'Connection received on localhost ' server.err
154	grep 'Connection to ::1 .* succeeded!' client.err
155
156REGRESS_TARGETS +=	run-tcp-localhost-client
157run-tcp-localhost-client:
158	${SERVER_NC} -n -v -l 127.0.0.1 0 ${SERVER_BG}
159	${LISTEN_WAIT}
160	${PORT_GET}
161	${CLIENT_NC} -4 -v localhost ${PORT} ${CLIENT_BG}
162	${CONNECT_WAIT}
163	${TRANSFER_WAIT}
164	grep '^greeting$$' client.out
165	grep '^command$$' server.out
166	grep 'Listening on 127.0.0.1 ' server.err
167	grep 'Connection received on 127.0.0.1 ' server.err
168	grep 'Connection to localhost .* succeeded!' client.err
169
170REGRESS_TARGETS +=	run-tcp6-localhost-client
171run-tcp6-localhost-client:
172	${SERVER_NC} -n -v -l ::1 0 ${SERVER_BG}
173	${LISTEN_WAIT}
174	${PORT_GET}
175	${CLIENT_NC} -6 -v localhost ${PORT} ${CLIENT_BG}
176	${CONNECT_WAIT}
177	${TRANSFER_WAIT}
178	grep '^greeting$$' client.out
179	grep '^command$$' server.out
180	grep 'Listening on ::1 ' server.err
181	grep 'Connection received on ::1 ' server.err
182	grep 'Connection to localhost .* succeeded!' client.err
183
184REGRESS_TARGETS +=	run-tcp-bad-localhost-server
185run-tcp-bad-localhost-server:
186	! ${NC} -4 -v -l ::1 0 ${SERVER_LOG}
187	grep 'no address associated with name' server.err
188
189REGRESS_TARGETS +=	run-tcp6-bad-localhost-server
190run-tcp6-bad-localhost-server:
191	! ${NC} -6 -v -l 127.0.0.0 0 ${SERVER_LOG}
192	grep 'no address associated with name' server.err
193
194REGRESS_TARGETS +=	run-tcp-bad-localhost-client
195run-tcp-bad-localhost-client:
196	${SERVER_NC} -n -v -l 127.0.0.1 0 ${SERVER_BG}
197	${LISTEN_WAIT}
198	${PORT_GET}
199	! ${NC} -4 -v ::1 ${PORT} ${CLIENT_LOG}
200	grep 'no address associated with name' client.err
201
202REGRESS_TARGETS +=	run-tcp6-bad-localhost-client
203run-tcp6-bad-localhost-client:
204	${SERVER_NC} -n -v -l 127.0.0.1 0 ${SERVER_BG}
205	${LISTEN_WAIT}
206	${PORT_GET}
207	! ${NC} -6 -v 127.0.0.1 ${PORT} ${CLIENT_LOG}
208	grep 'no address associated with name' client.err
209
210REGRESS_TARGETS +=	run-tcp-sleep
211run-tcp-sleep:
212	${SERVER_NC} -n -v -l 127.0.0.1 0 ${SERVER_BG}
213	${LISTEN_WAIT}
214	${PORT_GET}
215	${CLIENT_NC} -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
216	${CONNECT_WAIT}
217	${TRANSFER_WAIT}
218	grep '^greeting$$' client.out
219	grep '^command$$' server.out
220	grep 'Listening on 127.0.0.1 ' server.err
221	grep 'Connection received on 127.0.0.1 ' server.err
222	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
223	# netcat waits for the other side to terminate, check it is sleeping
224	${RUNNING_WAIT}
225	ps -xww -o comm,stat,args | grep '^${NC:T} .*S.* -v -l 127'
226	ps -xww -o comm,stat,args | grep '^${NC:T} .*S.* -v 127'
227
228# TCP keep
229
230REGRESS_TARGETS +=	run-tcp-keep
231run-tcp-keep:
232	${SERVER_NC} -k -n -v -l 127.0.0.1 0 ${SERVER_BG}
233	${LISTEN_WAIT}
234	${PORT_GET}
235	${CLIENT_NC} -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
236	${CONNECT_WAIT}
237	${TRANSFER_WAIT}
238	grep '^greeting$$' client.out
239	grep '^command$$' server.out
240	grep 'Listening on 127.0.0.1 ' server.err
241	grep 'Connection received on 127.0.0.1 ' server.err
242	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
243	# kill client and reconnect with a new one
244	:> server.err
245	pkill -l -f "^${NC} .* 127.0.0.1 ${PORT}$$"
246	rm -f client.{out,err}
247	:> server.out
248	# server closes the listen socket and binds a new one with new port
249	${LISTEN_WAIT}
250	${PORT_GET}
251	${CLIENT_NC} -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
252	${CONNECT_WAIT}
253	# server sends only one greeting, do not wait for a second one
254	${TRANSFER_SERVER_WAIT}
255	! grep 'greeting' client.out
256	# truncation of log results in NUL bytes, do not match ^
257	grep 'command$$' server.out
258	grep 'Listening on 127.0.0.1 ' server.err
259	grep 'Connection received on 127.0.0.1 ' server.err
260	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
261
262### TLS ###
263
264REGRESS_TARGETS +=	run-tls
265run-tls: 127.0.0.1.crt
266	${SERVER_NC} -c -C 127.0.0.1.crt -K 127.0.0.1.key -n -v -l 127.0.0.1 0 \
267	    ${SERVER_BG}
268	${LISTEN_WAIT}
269	${PORT_GET}
270	${CLIENT_NC} -c -R 127.0.0.1.crt -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
271	${CONNECT_WAIT}
272	${TLS_WAIT}
273	${TRANSFER_WAIT}
274	grep '^greeting$$' client.out
275	grep '^command$$' server.out
276	grep 'Listening on 127.0.0.1 ' server.err
277	grep 'Connection received on 127.0.0.1 ' server.err
278	# XXX success message should be issued after TLS handshake
279	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
280	grep 'Subject: .*/OU=server/CN=127.0.0.1' client.err
281	grep 'Issuer: .*/OU=server/CN=127.0.0.1' client.err
282
283REGRESS_TARGETS +=	run-tls6
284run-tls6: 1.crt
285	${SERVER_NC} -c -C 1.crt -K 1.key -n -v -l ::1 0 ${SERVER_BG}
286	${LISTEN_WAIT}
287	${PORT_GET}
288	${CLIENT_NC} -c -R 1.crt -n -v ::1 ${PORT} ${CLIENT_BG}
289	${CONNECT_WAIT}
290	${TLS_WAIT}
291	${TRANSFER_WAIT}
292	grep '^greeting$$' client.out
293	grep '^command$$' server.out
294	grep 'Listening on ::1 ' server.err
295	grep 'Connection received on ::1 ' server.err
296	grep 'Connection to ::1 .* succeeded!' client.err
297	grep 'Subject: .*/OU=server/CN=::1' client.err
298	grep 'Issuer: .*/OU=server/CN=::1' client.err
299
300REGRESS_TARGETS +=	run-tls-localhost
301run-tls-localhost: server.crt ca.crt
302	${SERVER_NC} -c -C server.crt -K server.key -v -l localhost 0 \
303	    ${SERVER_BG}
304	${LISTEN_WAIT}
305	${PORT_GET}
306	${CLIENT_NC} -c -R ca.crt -v localhost ${PORT} ${CLIENT_BG}
307	${CONNECT_WAIT}
308	${TLS_WAIT}
309	${TRANSFER_WAIT}
310	grep '^greeting$$' client.out
311	grep '^command$$' server.out
312	grep 'Listening on localhost ' server.err
313	grep 'Connection received on localhost ' server.err
314	grep 'Connection to localhost .* succeeded!' client.err
315	grep 'Subject: .*/OU=server/CN=localhost' client.err
316	grep 'Issuer: .*/OU=ca/CN=root' client.err
317
318REGRESS_TARGETS +=	run-tls-bad-ca
319run-tls-bad-ca: server.crt fake-ca.crt
320	${SERVER_NC} -c -C server.crt -K server.key -v -l localhost 0 \
321	    ${SERVER_BG}
322	${LISTEN_WAIT}
323	${PORT_GET}
324	# the client uses the wrong root ca to verify the server cert
325	! ${NC} -c -R fake-ca.crt -v localhost ${PORT} ${CLIENT_LOG}
326	${CONNECT_WAIT}
327	grep 'Listening on localhost ' server.err
328	grep 'Connection received on localhost ' server.err
329	grep 'certificate verification failed' client.err
330	! grep 'greeting' client.out
331	! grep 'command' server.out
332
333REGRESS_TARGETS +=	run-tls-name
334run-tls-name: server.crt ca.crt
335	${SERVER_NC} -c -C server.crt -K server.key -n -v -l 127.0.0.1 0 \
336	    ${SERVER_BG}
337	${LISTEN_WAIT}
338	${PORT_GET}
339	${CLIENT_NC} -c -e localhost -R ca.crt -n -v 127.0.0.1 ${PORT} \
340	    ${CLIENT_BG}
341	${CONNECT_WAIT}
342	${TLS_WAIT}
343	${TRANSFER_WAIT}
344	grep '^greeting$$' client.out
345	grep '^command$$' server.out
346	grep 'Listening on 127.0.0.1 ' server.err
347	grep 'Connection received on 127.0.0.1 ' server.err
348	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
349	grep 'Subject: .*/OU=server/CN=localhost' client.err
350	grep 'Issuer: .*/OU=ca/CN=root' client.err
351
352REGRESS_TARGETS +=	run-tls-bad-name
353run-tls-bad-name: server.crt ca.crt
354	${SERVER_NC} -c -C server.crt -K server.key -n -v -l 127.0.0.1 0 \
355	    ${SERVER_BG}
356	${LISTEN_WAIT}
357	${PORT_GET}
358	# the common name in server.crt is localhost, not 127.0.0.1
359	! ${NC} -c -e 127.0.0.1 -R ca.crt -n -v 127.0.0.1 ${PORT} ${CLIENT_LOG}
360	${CONNECT_WAIT}
361	grep 'Listening on 127.0.0.1 ' server.err
362	grep 'Connection received on 127.0.0.1 ' server.err
363	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
364	grep "name \`127.0.0.1\' not present in server certificate" client.err
365	! grep 'greeting' client.out
366	! grep 'command' server.out
367
368REGRESS_TARGETS +=	run-tls-hash
369run-tls-hash: server.crt ca.crt server.hash
370	${SERVER_NC} -c -C server.crt -K server.key -v -l localhost 0 \
371	    ${SERVER_BG}
372	${LISTEN_WAIT}
373	${PORT_GET}
374	# check that the server presents certificate with correct hash
375	${CLIENT_NC} -c -H `cat server.hash` -R ca.crt -v localhost ${PORT} \
376	    ${CLIENT_BG}
377	${CONNECT_WAIT}
378	${TLS_WAIT}
379	${TRANSFER_WAIT}
380	grep '^greeting$$' client.out
381	grep '^command$$' server.out
382	grep 'Listening on localhost ' server.err
383	grep 'Connection received on localhost ' server.err
384	grep 'Connection to localhost .* succeeded!' client.err
385	grep 'Subject: .*/OU=server/CN=localhost' client.err
386	grep 'Issuer: .*/OU=ca/CN=root' client.err
387	grep 'Cert Hash: SHA256:' client.err
388
389REGRESS_TARGETS +=	run-tls-bad-hash
390run-tls-bad-hash: server.crt ca.crt ca.hash
391	${SERVER_NC} -c -C server.crt -K server.key -v -l localhost 0 \
392	    ${SERVER_BG}
393	${LISTEN_WAIT}
394	${PORT_GET}
395	# server presents certificate with server.hash, ca.hash is wrong
396	! ${NC} -c -H `cat ca.hash` -R ca.crt -v localhost ${PORT} \
397	    ${CLIENT_LOG}
398	${CONNECT_WAIT}
399	${TLS_WAIT}
400	grep 'Listening on localhost ' server.err
401	grep 'Connection received on localhost ' server.err
402	grep 'Connection to localhost .* succeeded!' client.err
403	grep 'peer certificate is not SHA256:' client.err
404	! grep 'greeting' client.out
405	! grep 'command' server.out
406
407# TLS client certificate
408
409REGRESS_TARGETS +=	run-tls-client
410run-tls-client: client.crt server.crt ca.crt
411	# use client certificate and validate at server
412	${SERVER_NC} -c -R ca.crt -C server.crt -K server.key -v -l \
413	    localhost 0 ${SERVER_BG}
414	${LISTEN_WAIT}
415	${PORT_GET}
416	${CLIENT_NC} -c -R ca.crt -C client.crt -K client.key -v \
417	    localhost ${PORT} ${CLIENT_BG}
418	${CONNECT_WAIT}
419	${TLS_WAIT}
420	${TRANSFER_WAIT}
421	grep '^greeting$$' client.out
422	grep '^command$$' server.out
423	grep 'Listening on localhost ' server.err
424	grep 'Connection received on localhost ' server.err
425	grep 'Connection to localhost .* succeeded!' client.err
426	grep 'Subject: .*/OU=server/CN=localhost' client.err
427	grep 'Issuer: .*/OU=ca/CN=root' client.err
428	grep 'Subject: .*/OU=client/CN=localhost' server.err
429	grep 'Issuer: .*/OU=ca/CN=root' server.err
430
431REGRESS_TARGETS +=	run-tls-bad-client
432run-tls-bad-client: client.crt server.crt ca.crt
433	# require client certificate at server
434	${SERVER_NC} -c -T clientcert -R ca.crt -C server.crt -K server.key \
435	    -v -l localhost 0 ${SERVER_BG}
436	${LISTEN_WAIT}
437	${PORT_GET}
438	# client does not provide certificate
439	${CLIENT_NC} -c -R ca.crt -v localhost ${PORT} ${CLIENT_BG}
440	${CONNECT_WAIT}
441	${TLS_WAIT}
442	grep 'Listening on localhost ' server.err
443	grep 'Connection received on localhost ' server.err
444	grep 'Connection to localhost .* succeeded!' client.err
445	grep 'Subject: .*/OU=server/CN=localhost' client.err
446	grep 'Issuer: .*/OU=ca/CN=root' client.err
447	grep 'No client certificate provided' server.err
448	! grep 'greeting' client.out
449	! grep 'command' server.out
450
451REGRESS_TARGETS +=	run-tls-client-bad-ca
452run-tls-client-bad-ca: client.crt server.crt ca.crt fake-ca.crt
453	# the server uses the wrong root ca to verify the client cert
454	${SERVER_NC} -c -R fake-ca.crt -C server.crt -K server.key -v -l \
455	    localhost 0 ${SERVER_BG}
456	${LISTEN_WAIT}
457	${PORT_GET}
458	! ${NC} -c -R ca.crt -C client.crt -K client.key -v \
459	    localhost ${PORT} ${CLIENT_LOG}
460	${CONNECT_WAIT}
461	grep 'Listening on localhost ' server.err
462	grep 'Connection received on localhost ' server.err
463	grep 'Connection to localhost .* succeeded!' client.err
464	# XXX no specific error message for bogus ca
465	egrep \
466	    'CRYPTO_internal:(block type is not 01|data too large for modulus)'\
467	    server.err
468	! grep 'greeting' client.out
469	! grep 'command' server.out
470
471REGRESS_TARGETS +=	run-tls-client-name
472run-tls-client-name: client.crt server.crt ca.crt
473	# check client certificate name at server
474	${SERVER_NC} -c -e localhost -R ca.crt -C server.crt -K server.key \
475	    -n -v -l 127.0.0.1 0 ${SERVER_BG}
476	${LISTEN_WAIT}
477	${PORT_GET}
478	${CLIENT_NC} -4 -c -R ca.crt -C client.crt -K client.key -v \
479	    localhost ${PORT} ${CLIENT_BG}
480	${CONNECT_WAIT}
481	${TLS_WAIT}
482	${TRANSFER_WAIT}
483	grep '^greeting$$' client.out
484	grep '^command$$' server.out
485	grep 'Listening on 127.0.0.1 ' server.err
486	grep 'Connection received on 127.0.0.1 ' server.err
487	grep 'Connection to localhost .* succeeded!' client.err
488	grep 'Subject: .*/OU=server/CN=localhost' client.err
489	grep 'Issuer: .*/OU=ca/CN=root' client.err
490	grep 'Subject: .*/OU=client/CN=localhost' server.err
491	grep 'Issuer: .*/OU=ca/CN=root' server.err
492
493REGRESS_TARGETS +=	run-tls-client-bad-name
494run-tls-client-bad-name: client.crt server.crt ca.crt
495	# client certificate is for localhost, check with 127.0.0.1 should fail
496	${SERVER_NC} -c -e 127.0.0.1 -R ca.crt -C server.crt -K server.key \
497	    -n -v -l 127.0.0.1 0 ${SERVER_BG}
498	${LISTEN_WAIT}
499	${PORT_GET}
500	# client does not see any problem, TLS handshake works, wait for exit
501	${CLIENT_NC} -4 -c -R ca.crt -C client.crt -K client.key -v \
502	    localhost ${PORT} ${CLIENT_BG}
503	${CONNECT_WAIT}
504	${TLS_WAIT}
505	grep 'Listening on 127.0.0.1 ' server.err
506	grep 'Connection received on 127.0.0.1 ' server.err
507	grep 'Connection to localhost .* succeeded!' client.err
508	grep 'Subject: .*/OU=server/CN=localhost' client.err
509	grep 'Issuer: .*/OU=ca/CN=root' client.err
510	grep 'Subject: .*/OU=client/CN=localhost' server.err
511	grep 'Issuer: .*/OU=ca/CN=root' server.err
512	grep 'name (127.0.0.1) not found in client cert' server.err
513	! grep 'greeting' client.out
514	! grep 'command' server.out
515
516REGRESS_TARGETS +=	run-tls-client-hash
517run-tls-client-hash: client.crt server.crt ca.crt client.hash
518	# check client certificate hash at server
519	${SERVER_NC} -c -H `cat client.hash` -R ca.crt \
520	    -C server.crt -K server.key -v -l localhost 0 ${SERVER_BG}
521	${LISTEN_WAIT}
522	${PORT_GET}
523	${CLIENT_NC} -c -R ca.crt -C client.crt -K client.key -v \
524	    localhost ${PORT} ${CLIENT_BG}
525	${CONNECT_WAIT}
526	${TLS_WAIT}
527	${TRANSFER_WAIT}
528	grep '^greeting$$' client.out
529	grep '^command$$' server.out
530	grep 'Listening on localhost ' server.err
531	grep 'Connection received on localhost ' server.err
532	grep 'Connection to localhost .* succeeded!' client.err
533	grep 'Subject: .*/OU=server/CN=localhost' client.err
534	grep 'Issuer: .*/OU=ca/CN=root' client.err
535	grep 'Subject: .*/OU=client/CN=localhost' server.err
536	grep 'Issuer: .*/OU=ca/CN=root' server.err
537
538REGRESS_TARGETS +=	run-tls-client-bad-hash
539run-tls-client-bad-hash: client.crt server.crt ca.crt ca.hash
540	# client presents certificate with client.hash, ca.hash is wrong
541	${SERVER_NC} -c -H `cat ca.hash` -R ca.crt \
542	    -C server.crt -K server.key -v -l localhost 0 ${SERVER_BG}
543	${LISTEN_WAIT}
544	${PORT_GET}
545	# client does not see any problem, TLS handshake works, wait for exit
546	${CLIENT_NC} -c -R ca.crt -C client.crt -K client.key -v \
547	    localhost ${PORT} ${CLIENT_BG}
548	${CONNECT_WAIT}
549	${TLS_WAIT}
550	grep 'Listening on localhost ' server.err
551	grep 'Connection received on localhost ' server.err
552	grep 'Connection to localhost .* succeeded!' client.err
553	grep 'Subject: .*/OU=server/CN=localhost' client.err
554	grep 'Issuer: .*/OU=ca/CN=root' client.err
555	grep 'Subject: .*/OU=client/CN=localhost' server.err
556	grep 'Issuer: .*/OU=ca/CN=root' server.err
557	grep 'peer certificate is not SHA256:' server.err
558	! grep 'greeting' client.out
559	! grep 'command' server.out
560
561REGRESS_TARGETS +=	run-tls-client-no-hash
562run-tls-client-no-hash: client.crt server.crt ca.crt client.hash
563	# check client certificate hash at server if available
564	${SERVER_NC} -c -H `cat client.hash` -R ca.crt \
565	    -C server.crt -K server.key -v -l localhost 0 ${SERVER_BG}
566	${LISTEN_WAIT}
567	${PORT_GET}
568	# client provides no certificate
569	${CLIENT_NC} -c -R ca.crt -v localhost ${PORT} ${CLIENT_BG}
570	${CONNECT_WAIT}
571	${TLS_WAIT}
572	${TRANSFER_WAIT}
573	# client certificate and hash is optional, transfer is successful
574	grep '^greeting$$' client.out
575	grep '^command$$' server.out
576	grep 'Listening on localhost ' server.err
577	grep 'Connection received on localhost ' server.err
578	grep 'Connection to localhost .* succeeded!' client.err
579	grep 'Subject: .*/OU=server/CN=localhost' client.err
580	grep 'Issuer: .*/OU=ca/CN=root' client.err
581	# non existing hash is not checked
582	! grep 'Cert Hash: SHA256:' server.err
583
584REGRESS_TARGETS +=	run-tls-sleep
585run-tls-sleep: 127.0.0.1.crt
586	${SERVER_NC} -c -C 127.0.0.1.crt -K 127.0.0.1.key -n -v -l 127.0.0.1 0 \
587	    ${SERVER_BG}
588	${LISTEN_WAIT}
589	${PORT_GET}
590	${CLIENT_NC} -c -R 127.0.0.1.crt -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
591	${CONNECT_WAIT}
592	${TLS_WAIT}
593	${TRANSFER_WAIT}
594	grep '^greeting$$' client.out
595	grep '^command$$' server.out
596	grep 'Listening on 127.0.0.1 ' server.err
597	grep 'Connection received on 127.0.0.1 ' server.err
598	# XXX success message should be issued after TLS handshake
599	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
600	grep 'Subject: .*/OU=server/CN=127.0.0.1' client.err
601	grep 'Issuer: .*/OU=server/CN=127.0.0.1' client.err
602	# netcat waits for the other side to terminate, check it is sleeping
603	${RUNNING_WAIT}
604	ps -xww -o comm,stat,args | grep '^${NC:T} .*S.* -v -l 127'
605	ps -xww -o comm,stat,args | grep '^${NC:T} .*S.* -v 127'
606
607# TLS keep
608
609REGRESS_TARGETS +=	run-tls-keep
610run-tls-keep: 127.0.0.1.crt
611	${SERVER_NC} -k -c -C 127.0.0.1.crt -K 127.0.0.1.key -n -v -l \
612	    127.0.0.1 0 ${SERVER_BG}
613	${LISTEN_WAIT}
614	${PORT_GET}
615	${CLIENT_NC} -c -R 127.0.0.1.crt -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
616	${CONNECT_WAIT}
617	${TLS_WAIT}
618	${TRANSFER_WAIT}
619	grep '^greeting$$' client.out
620	grep '^command$$' server.out
621	grep 'Listening on 127.0.0.1 ' server.err
622	grep 'Connection received on 127.0.0.1 ' server.err
623	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
624	grep 'Subject: .*/OU=server/CN=127.0.0.1' client.err
625	grep 'Issuer: .*/OU=server/CN=127.0.0.1' client.err
626	# kill client and reconnect with a new one
627	:> server.err
628	pkill -l -f "^${NC} .* 127.0.0.1 ${PORT}$$"
629	rm -f client.{out,err}
630	:> server.out
631	# server closes the listen socket and binds a new one with new port
632	${LISTEN_WAIT}
633	${PORT_GET}
634	${CLIENT_NC} -c -R 127.0.0.1.crt -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
635	${CONNECT_WAIT}
636	${TLS_WAIT}
637	# server sends only one greeting, do not wait for a second one
638	${TRANSFER_SERVER_WAIT}
639	! grep 'greeting' client.out
640	# truncation of log results in NUL bytes, do not match ^
641	grep 'command$$' server.out
642	grep 'Listening on 127.0.0.1 ' server.err
643	grep 'Connection received on 127.0.0.1 ' server.err
644	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
645	grep 'Subject: .*/OU=server/CN=127.0.0.1' client.err
646	grep 'Issuer: .*/OU=server/CN=127.0.0.1' client.err
647
648### UDP ####
649
650REGRESS_TARGETS +=	run-udp
651run-udp:
652	${SERVER_NC} -u -n -v -l 127.0.0.1 0 ${SERVER_BG}
653	${BIND_WAIT}
654	${PORT_GET}
655	# the -v option would cause udptest() to write additional X
656	${CLIENT_NC} -u -n 127.0.0.1 ${PORT} ${CLIENT_BG}
657	${TRANSFER_WAIT}
658	grep '^greeting$$' client.out
659	grep '^command$$' server.out
660	grep 'Bound on 127.0.0.1 ' server.err
661	grep 'Connection received on 127.0.0.1 ' server.err
662
663REGRESS_TARGETS +=	run-udp6
664run-udp6:
665	${SERVER_NC} -u -n -v -l ::1 0 ${SERVER_BG}
666	${BIND_WAIT}
667	${PORT_GET}
668	# the -v option would cause udptest() to write additional X
669	${CLIENT_NC} -u -n ::1 ${PORT} ${CLIENT_BG}
670	${TRANSFER_WAIT}
671	grep '^greeting$$' client.out
672	grep '^command$$' server.out
673	grep 'Bound on ::1 ' server.err
674	grep 'Connection received on ::1 ' server.err
675
676REGRESS_TARGETS +=	run-udp-probe
677run-udp-probe:
678	${SERVER_NC} -u -n -v -l 127.0.0.1 0 ${SERVER_BG}
679	${BIND_WAIT}
680	${PORT_GET}
681	${CLIENT_NC} -u -v -n 127.0.0.1 ${PORT} ${CLIENT_BG}
682	${TRANSFER_WAIT}
683	grep '^greeting$$' client.out
684	# client sends 4 X UDP packets to check connection
685	grep '^XXXXcommand$$' server.out
686	grep 'Bound on 127.0.0.1 ' server.err
687	grep 'Connection received on 127.0.0.1 ' server.err
688	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
689
690# UDP resolver
691
692REGRESS_TARGETS +=	run-udp-localhost
693run-udp-localhost:
694	${SERVER_NC} -u -4 -v -l localhost 0 ${SERVER_BG}
695	${BIND_WAIT}
696	${PORT_GET}
697	# the -v option would cause udptest() to write additional X
698	${CLIENT_NC} -u -4 localhost ${PORT} ${CLIENT_BG}
699	${TRANSFER_WAIT}
700	grep '^greeting$$' client.out
701	grep '^command$$' server.out
702	grep 'Bound on localhost ' server.err
703	grep 'Connection received on localhost ' server.err
704
705REGRESS_TARGETS +=	run-udp6-localhost
706run-udp6-localhost:
707	${SERVER_NC} -u -6 -v -l localhost 0 ${SERVER_BG}
708	${BIND_WAIT}
709	${PORT_GET}
710	# the -v option would cause udptest() to write additional X
711	${CLIENT_NC} -u -6 localhost ${PORT} ${CLIENT_BG}
712	${TRANSFER_WAIT}
713	grep '^greeting$$' client.out
714	grep '^command$$' server.out
715	grep 'Bound on localhost ' server.err
716	grep 'Connection received on localhost ' server.err
717
718# UDP keep
719
720REGRESS_TARGETS +=	run-udp-keep
721run-udp-keep:
722	${SERVER_NC} -k -u -n -v -l 127.0.0.1 0 ${SERVER_BG}
723	${BIND_WAIT}
724	${PORT_GET}
725	# the -v option causes udptest() to write additional X
726	${CLIENT_NC} -u -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
727	# server does not connect, nothing reaches the client
728	${TRANSFER_SERVER_WAIT}
729	! grep 'greeting' client.out
730	grep '^XXXXcommand$$' server.out
731	grep 'Bound on 127.0.0.1 ' server.err
732	# client does not connect
733	! grep 'Connection received on ' server.err
734	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
735	# kill client and reconnect with a new one
736	:> server.err
737	pkill -l -f "^${NC} .* 127.0.0.1 ${PORT}$$"
738	rm -f client.{out,err}
739	:> server.out
740	${CLIENT_NC} -u -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
741	${TRANSFER_SERVER_WAIT}
742	! grep 'greeting' client.out
743	# truncation of log results in NUL bytes, do not match ^
744	grep 'XXXXcommand$$' server.out
745	# server keeps socket and does not bind again
746	! grep 'Bound on ' server.err
747	# client does not connect
748	! grep 'Connection received on ' server.err
749	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
750
751REGRESS_TARGETS +=	run-udp-sleep
752run-udp-sleep:
753	${SERVER_NC} -u -n -v -l 127.0.0.1 0 ${SERVER_BG}
754	${BIND_WAIT}
755	${PORT_GET}
756	# the -v option would cause udptest() to write additional X
757	${CLIENT_NC} -u -n 127.0.0.1 ${PORT} ${CLIENT_BG}
758	${TRANSFER_WAIT}
759	grep '^greeting$$' client.out
760	grep '^command$$' server.out
761	grep 'Bound on 127.0.0.1 ' server.err
762	grep 'Connection received on 127.0.0.1 ' server.err
763	# netcat waits for the other side to terminate, check it is sleeping
764	${RUNNING_WAIT}
765	ps -xww -o comm,stat,args | grep '^${NC:T} .*S.* -v -l 127'
766	ps -xww -o comm,stat,args | grep '^${NC:T} .*S.* -n 127'
767
768### UNIX ####
769
770REGRESS_TARGETS +=	run-unix
771run-unix:
772	rm -f server.sock
773	${SERVER_NC} -U -n -v -l server.sock ${SERVER_BG}
774	${LISTEN_WAIT}
775	${CLIENT_NC} -U -n -v server.sock ${CLIENT_BG}
776	${TRANSFER_WAIT}
777	grep '^greeting$$' client.out
778	grep '^command$$' server.out
779	# XXX message Bound and Listening is redundant
780	grep 'Bound on server.sock$$' server.err
781	grep 'Listening on server.sock$$' server.err
782	grep 'Connection received on server.sock$$' server.err
783	# XXX message succeeded is missing
784	! grep 'Connection to server.sock .* succeeded!' client.err
785
786REGRESS_TARGETS +=	run-unix-namelookup
787run-unix-namelookup:
788	rm -f server.sock
789	${SERVER_NC} -U -v -l server.sock ${SERVER_BG}
790	${LISTEN_WAIT}
791	${CLIENT_NC} -U -v server.sock ${CLIENT_BG}
792	${TRANSFER_WAIT}
793	grep '^greeting$$' client.out
794	grep '^command$$' server.out
795	# XXX message Bound and Listening is redundant
796	grep 'Bound on server.sock$$' server.err
797	grep 'Listening on server.sock$$' server.err
798	grep 'Connection received on server.sock$$' server.err
799	# XXX message succeeded is missing
800	! grep 'Connection to server.sock .* succeeded!' client.err
801
802REGRESS_TARGETS +=	run-unix-probe
803run-unix-probe:
804	rm -f server.sock
805	${SERVER_NC} -U -n -v -l server.sock ${SERVER_BG}
806	${LISTEN_WAIT}
807	# connect and close immediately, check if socket is listening
808	${NC} -N -U -v server.sock </dev/null ${CLIENT_LOG}
809	# XXX message Bound and Listening is redundant
810	grep 'Bound on server.sock$$' server.err
811	grep 'Listening on server.sock$$' server.err
812	grep 'Connection received on server.sock$$' server.err
813	# XXX message succeeded is missing
814	! grep 'Connection to server.sock .* succeeded!' client.err
815	# server accepts one connection, second connection should be refused
816	! ${NC} -N -U -v server.sock </dev/null ${CLIENT_LOG}
817	grep 'server.sock: Connection refused' client.err
818	# connection to non existing socket file should fail
819	rm server.sock
820	! ${NC} -N -U -v server.sock </dev/null ${CLIENT_LOG}
821	grep 'server.sock: No such file or directory' client.err
822
823# UNIX keep
824
825REGRESS_TARGETS +=	run-unix-keep
826run-unix-keep:
827	rm -f server.sock
828	${SERVER_NC} -k -U -n -v -l server.sock ${SERVER_BG}
829	${LISTEN_WAIT}
830	${CLIENT_NC} -U -n -v server.sock ${CLIENT_BG}
831	${TRANSFER_WAIT}
832	grep '^greeting$$' client.out
833	grep '^command$$' server.out
834	# XXX message Bound and Listening is redundant
835	grep 'Bound on server.sock$$' server.err
836	grep 'Listening on server.sock$$' server.err
837	grep 'Connection received on server.sock$$' server.err
838	# XXX message succeeded is missing
839	! grep 'Connection to server.sock .* succeeded!' client.err
840	# kill client and reconnect with a new one
841	:> server.err
842	pkill -l -f "^${NC} .* -v server.sock$$"
843	rm -f client.{out,err}
844	:> server.out
845	${CLIENT_NC} -U -n -v server.sock ${CLIENT_BG}
846	# server sends only one greeting, do not wait for a second one
847	${TRANSFER_SERVER_WAIT}
848	! grep 'greeting' client.out
849	# truncation of log results in NUL bytes, do not match ^
850	grep 'command$$' server.out
851	grep 'Connection received on server.sock$$' server.err
852	# XXX message succeeded is missing
853	! grep 'Connection to server.sock .* succeeded!' client.err
854
855# UNIX dgram
856
857REGRESS_TARGETS +=	run-unix-dgram
858run-unix-dgram:
859	rm -f {client,server}.sock
860	${SERVER_NC} -U -u -n -v -l server.sock ${SERVER_BG}
861	${BIND_WAIT}
862	${CLIENT_NC} -U -u -n -v server.sock ${CLIENT_BG}
863	${TRANSFER_WAIT}
864	${BIND_CLIENT_WAIT}
865	grep '^greeting$$' client.out
866	grep '^command$$' server.out
867	grep 'Bound on server.sock$$' server.err
868	grep 'Connection received on server.sock$$' server.err
869	# XXX message succeeded is missing
870	! grep 'Connection to server.sock .* succeeded!' client.err
871
872REGRESS_TARGETS +=	run-unix-dgram-namelookup
873run-unix-dgram-namelookup:
874	rm -f {client,server}.sock
875	${SERVER_NC} -U -u -v -l server.sock ${SERVER_BG}
876	${BIND_WAIT}
877	${CLIENT_NC} -U -u -v server.sock ${CLIENT_BG}
878	${TRANSFER_WAIT}
879	${BIND_CLIENT_WAIT}
880	grep '^greeting$$' client.out
881	grep '^command$$' server.out
882	grep 'Bound on server.sock$$' server.err
883	grep 'Connection received on server.sock$$' server.err
884	# XXX message succeeded is missing
885	! grep 'Connection to server.sock .* succeeded!' client.err
886
887REGRESS_TARGETS +=	run-unix-dgram-clientsock
888run-unix-dgram-clientsock:
889	rm -f {client,server}.sock
890	${SERVER_NC} -U -u -n -v -l server.sock ${SERVER_BG}
891	${BIND_WAIT}
892	${CLIENT_NC} -U -u -n -v -s client.sock server.sock ${CLIENT_BG}
893	${TRANSFER_WAIT}
894	grep '^greeting$$' client.out
895	grep '^command$$' server.out
896	grep 'Bound on server.sock$$' server.err
897	grep 'Connection received on server.sock$$' server.err
898	# XXX message succeeded is missing
899	! grep 'Connection to server.sock .* succeeded!' client.err
900
901# UNIX dgram keep
902
903REGRESS_TARGETS +=	run-unix-dgram-keep
904run-unix-dgram-keep:
905	rm -f {client,server}.sock
906	${SERVER_NC} -k -U -u -n -v -l server.sock ${SERVER_BG}
907	${BIND_WAIT}
908	${CLIENT_NC} -U -u -n -v server.sock ${CLIENT_BG}
909	# server does not connect, nothing reaches the client
910	${TRANSFER_SERVER_WAIT}
911	${BIND_CLIENT_WAIT}
912	! grep 'greeting' client.out
913	grep '^command$$' server.out
914	grep 'Bound on server.sock$$' server.err
915	# client does not connect
916	! grep 'Connection received on ' server.err
917	# XXX message succeeded is missing
918	! grep 'Connection to server.sock .* succeeded!' client.err
919	# kill client and reconnect with a new one
920	:> server.err
921	pkill -l -f "^${NC} .* -v server.sock$$"
922	rm -f client.{out,err}
923	:> server.out
924	${CLIENT_NC} -U -u -n -v server.sock ${CLIENT_BG}
925	${TRANSFER_SERVER_WAIT}
926	${BIND_CLIENT_WAIT}
927	! grep 'greeting' client.out
928	# truncation of log results in NUL bytes, do not match ^
929	grep 'command$$' server.out
930	# server keeps socket and does not bind again
931	! grep 'Bound on ' server.err
932	# client does not connect
933	! grep 'Connection received on ' server.err
934	# XXX message succeeded is missing
935	! grep 'Connection to 127.0.0.1 .* succeeded!' client.err
936
937### TCP with test peer
938
939REGRESS_TARGETS +=	run-tcp-test
940run-tcp-test: server-tcp client-tcp
941	# test the test tools
942	./server-tcp -s greeting -r command 127.0.0.1 0 >server.port
943	./client-tcp -r greeting -s command 127.0.0.1 ${PORT} >client.port
944
945REGRESS_TARGETS +=	run-tcp-test-shutdown
946run-tcp-test-shutdown: server-tcp client-tcp
947	# test the test tools
948	./server-tcp -s greeting -N -r command -E 127.0.0.1 0 >server.port
949	./client-tcp -r greeting -E -s command -N 127.0.0.1 ${PORT} >client.port
950
951# TCP netcat server with test client
952
953REGRESS_TARGETS +=	run-tcp-server
954run-tcp-server: client-tcp
955	${SERVER_NC} -n -v -l 127.0.0.1 0 ${SERVER_BG}
956	${LISTEN_WAIT}
957	${PORT_GET}
958	# test client read from netcat, then send line and exit
959	./client-tcp -r greeting -s command 127.0.0.1 ${PORT} >client.port
960	${TRANSFER_SERVER_WAIT}
961	grep '^command$$' server.out
962	grep 'Listening on 127.0.0.1 ' server.err
963	grep 'Connection received on 127.0.0.1 ' server.err
964
965REGRESS_TARGETS +=	run-tcp-server-eof
966run-tcp-server-eof: client-tcp
967	${SERVER_NC} -n -v -l 127.0.0.1 0 ${SERVER_BG}
968	${LISTEN_WAIT}
969	${PORT_GET}
970	# test client read from netcat, then send line, shutdown, wait for eof
971	./client-tcp -r greeting -s command -N -E 127.0.0.1 ${PORT} >client.port
972	${TRANSFER_SERVER_WAIT}
973	grep '^command$$' server.out
974	grep 'Listening on 127.0.0.1 ' server.err
975	grep 'Connection received on 127.0.0.1 ' server.err
976
977REGRESS_TARGETS +=	run-tcp-server-reverse-eof
978run-tcp-server-reverse-eof: client-tcp
979	${SERVER_NC} -n -v -l 127.0.0.1 0 ${SERVER_BG}
980	${LISTEN_WAIT}
981	${PORT_GET}
982	# test client send to netcat, shutdown, then read line, wait for eof
983	./client-tcp -s command -N -r greeting -E 127.0.0.1 ${PORT} >client.port
984	${TRANSFER_SERVER_WAIT}
985	grep '^command$$' server.out
986	grep 'Listening on 127.0.0.1 ' server.err
987	grep 'Connection received on 127.0.0.1 ' server.err
988
989REGRESS_TARGETS +=	run-tcp-server-shutdown-eof
990run-tcp-server-shutdown-eof: client-tcp
991	# netcat calls shutdown on output after EOF on input
992	${SERVER_NC} -N -n -v -l 127.0.0.1 0 ${SERVER_BG}
993	${LISTEN_WAIT}
994	${PORT_GET}
995	# test client read from netcat, then send line, wait for eof, shutdown
996	./client-tcp -r greeting -s command -E -N 127.0.0.1 ${PORT} >client.port
997	${TRANSFER_SERVER_WAIT}
998	grep '^command$$' server.out
999	grep 'Listening on 127.0.0.1 ' server.err
1000	grep 'Connection received on 127.0.0.1 ' server.err
1001
1002REGRESS_TARGETS +=	run-tcp-server-shutdown-reverse-eof
1003run-tcp-server-shutdown-reverse-eof: client-tcp
1004	# netcat calls shutdown on output after EOF on input
1005	${SERVER_NC} -N -n -v -l 127.0.0.1 0 ${SERVER_BG}
1006	${LISTEN_WAIT}
1007	${PORT_GET}
1008	# test client send to netcat, shutdown, then read line, wait for eof
1009	./client-tcp -s command -N -r greeting -E 127.0.0.1 ${PORT} >client.port
1010	${TRANSFER_SERVER_WAIT}
1011	grep '^command$$' server.out
1012	grep 'Listening on 127.0.0.1 ' server.err
1013	grep 'Connection received on 127.0.0.1 ' server.err
1014
1015# TCP netcat client with test server
1016
1017REGRESS_TARGETS +=	run-tcp-client
1018run-tcp-client: server-tcp
1019	# test server send to netcat, then read line and exit
1020	./server-tcp -s greeting -r command 127.0.0.1 0 >server.port
1021	${CLIENT_NC} -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
1022	${CONNECT_WAIT}
1023	${TRANSFER_CLIENT_WAIT}
1024	grep '^greeting$$' client.out
1025	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
1026
1027REGRESS_TARGETS +=	run-tcp-client-eof
1028run-tcp-client-eof: server-tcp
1029	# test server send to netcat, shutdown, then read line, wait for eof
1030	./server-tcp -s greeting -N -r command -E 127.0.0.1 0 >server.port
1031	${CLIENT_NC} -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
1032	${CONNECT_WAIT}
1033	${TRANSFER_CLIENT_WAIT}
1034	grep '^greeting$$' client.out
1035	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
1036
1037REGRESS_TARGETS +=	run-tcp-client-reverse-eof
1038run-tcp-client-reverse-eof: server-tcp
1039	# test server read from netcat, then read line, wait for eof, shutdown
1040	./server-tcp -r command -s greeting -E -N 127.0.0.1 0 >server.port
1041	${CLIENT_NC} -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
1042	${CONNECT_WAIT}
1043	${TRANSFER_CLIENT_WAIT}
1044	grep '^greeting$$' client.out
1045	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
1046
1047REGRESS_TARGETS +=	run-tcp-client-shutdown-eof
1048run-tcp-client-shutdown-eof: server-tcp
1049	# test server send to netcat, shutdown, then read line, wait for eof
1050	./server-tcp -s greeting -N -r command -E 127.0.0.1 0 >server.port
1051	# netcat calls shutdown on output after EOF on input
1052	${CLIENT_NC} -N -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
1053	${CONNECT_WAIT}
1054	${TRANSFER_CLIENT_WAIT}
1055	grep '^greeting$$' client.out
1056	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
1057
1058REGRESS_TARGETS +=	run-tcp-client-shutdown-reverse-eof
1059run-tcp-client-shutdown-reverse-eof: server-tcp
1060	# test server read from netcat, wait for eof, then read line, shutdown
1061	./server-tcp -r command -E -s greeting -N 127.0.0.1 0 >server.port
1062	# netcat calls shutdown on output after EOF on input
1063	${CLIENT_NC} -N -n -v 127.0.0.1 ${PORT} ${CLIENT_BG}
1064	${CONNECT_WAIT}
1065	${TRANSFER_CLIENT_WAIT}
1066	grep '^greeting$$' client.out
1067	grep 'Connection to 127.0.0.1 .* succeeded!' client.err
1068
1069
1070.PHONY: ${REGRESS_SETUP} ${REGRESS_CLEANUP} ${REGRESS_TARGETS}
1071
1072### create certificates for TLS
1073
1074CLEANFILES +=		{127.0.0.1,1}.{crt,key} \
1075			ca.{crt,key,srl,hash} fake-ca.{crt,key,hash} \
1076			{client,server}.{req,crt,key,hash}
1077
1078127.0.0.1.crt:
1079	openssl req -batch -new \
1080	    -subj /L=OpenBSD/O=netcat-regress/OU=server/CN=${@:R}/ \
1081	    -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@
1082
10831.crt:
1084	openssl req -batch -new \
1085	    -subj /L=OpenBSD/O=netcat-regress/OU=server/CN=::1/ \
1086	    -nodes -newkey rsa -keyout 1.key -x509 -out $@
1087
1088ca.crt fake-ca.crt:
1089	openssl req -batch -new \
1090	    -subj /L=OpenBSD/O=netcat-regress/OU=ca/CN=root/ \
1091	    -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@
1092
1093client.req server.req:
1094	openssl req -batch -new \
1095	    -subj /L=OpenBSD/O=netcat-regress/OU=${@:R}/CN=localhost/ \
1096	    -nodes -newkey rsa -keyout ${@:R}.key -out $@
1097
1098client.crt server.crt: ca.crt ${@:R}.req
1099	openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \
1100	    -req -in ${@:R}.req -out $@
1101
1102client.hash server.hash ca.hash: ${@:R}.crt
1103	openssl x509 -in ${@:R}.crt -outform der | sha256 | sed s/^/SHA256:/ >$@
1104
1105.include <bsd.regress.mk>
1106