From 92c82730dbbd856307ab1dcda3c6696bcb18cfb7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20=22=27=20OR=201=3D=3D1=3B=20--=20=23=20Ib=C3=A1?=
 =?UTF-8?q?=C3=B1ez?= <carlos.ibanez@tii.ae>
Date: Wed, 3 Apr 2024 15:56:25 +0400
Subject: [PATCH 1/3] Add cbma_check_running.sh functional test

---
 .../test_cbma/cbma_check_running.sh           | 51 +++++++++++++++----
 .../cbma_check_bat1_neighbor.sh               |  0
 .../{ => old-cbma}/cbma_check_enabled.sh      |  0
 .../cbma_check_lower_running.sh               |  0
 .../{ => old-cbma}/cbma_check_macsec.sh       |  0
 .../test_cbma/old-cbma/cbma_check_running.sh  | 17 +++++++
 .../cbma_check_upper_running.sh               |  0
 .../{ => old-cbma}/cbma_mdm_integration.sh    |  0
 8 files changed, 58 insertions(+), 10 deletions(-)
 rename common/tests/functional/test_cbma/{ => old-cbma}/cbma_check_bat1_neighbor.sh (100%)
 rename common/tests/functional/test_cbma/{ => old-cbma}/cbma_check_enabled.sh (100%)
 rename common/tests/functional/test_cbma/{ => old-cbma}/cbma_check_lower_running.sh (100%)
 rename common/tests/functional/test_cbma/{ => old-cbma}/cbma_check_macsec.sh (100%)
 create mode 100755 common/tests/functional/test_cbma/old-cbma/cbma_check_running.sh
 rename common/tests/functional/test_cbma/{ => old-cbma}/cbma_check_upper_running.sh (100%)
 rename common/tests/functional/test_cbma/{ => old-cbma}/cbma_mdm_integration.sh (100%)

diff --git a/common/tests/functional/test_cbma/cbma_check_running.sh b/common/tests/functional/test_cbma/cbma_check_running.sh
index 63e5c7491..e8b459353 100755
--- a/common/tests/functional/test_cbma/cbma_check_running.sh
+++ b/common/tests/functional/test_cbma/cbma_check_running.sh
@@ -1,17 +1,48 @@
 #!/bin/sh
 
-mdm_constants='/opt/mesh_com/modules/sc-mesh-secure-deployment/src/nats/src/constants.py'
-lower_or_upper="$(awk "BEGIN{print toupper(\"$1\")}")"
+MULTICAST_PORT=15002
+MULTICAST_PREFIX='ff33'
+TIMEOUT_SECONDS=10
 
-if [ $# -ne 1 ] || case "$lower_or_upper" in LOWER|UPPER) false;; esac; then
-    echo "Usage: $0 <lower|upper>"
+
+if [ $# -eq 0 ]; then
+    echo "Usage: $0 <iface> [<port>]"
     exit 1
 fi
 
-port="$(awk "/^[[:space:]]*CBMA_PORT_${lower_or_upper}/{print \$NF}" $mdm_constants)"
+check_dependencies() {
+    for t in tcpdump timeout; do
+        if ! type $t >/dev/null 2>&1; then
+            echo "[!] FATAL: '$t' is missing!" >&2
+            exit 2
+        fi
+    done
+}
 
-if ! ss -lp | grep -q "\\b$port\\b.*python"; then
-    echo "Fail"
-    exit 1
-fi
-echo "Pass"
+check_interface() {
+    iface="$1"
+
+    if [ ! -e "/sys/class/net/${iface}/address" ]; then
+        echo "'$iface' does not exist" >&2
+        exit 3
+    fi
+    case "$iface" in bat*) MULTICAST_PORT=$((MULTICAST_PORT + 1));; esac
+}
+
+cbma_check_running() {
+    iface="$1"
+    port="${2:-$MULTICAST_PORT}"
+
+    packet="$(timeout $TIMEOUT_SECONDS tcpdump -c1 -i "$iface" -qQ out udp and port "$port" 2>/dev/null)"
+    mcast_group="$(expr "$packet" : '.*[[:space:]]\([^.]\+\).[0-9]\+:')"
+
+    if [ "${mcast_group%%:*}" != 'ff33' ]; then
+        echo 'Fail'
+        exit 4
+    fi
+    echo 'Pass'
+}
+
+check_dependencies
+check_interface $1
+cbma_check_running $@
diff --git a/common/tests/functional/test_cbma/cbma_check_bat1_neighbor.sh b/common/tests/functional/test_cbma/old-cbma/cbma_check_bat1_neighbor.sh
similarity index 100%
rename from common/tests/functional/test_cbma/cbma_check_bat1_neighbor.sh
rename to common/tests/functional/test_cbma/old-cbma/cbma_check_bat1_neighbor.sh
diff --git a/common/tests/functional/test_cbma/cbma_check_enabled.sh b/common/tests/functional/test_cbma/old-cbma/cbma_check_enabled.sh
similarity index 100%
rename from common/tests/functional/test_cbma/cbma_check_enabled.sh
rename to common/tests/functional/test_cbma/old-cbma/cbma_check_enabled.sh
diff --git a/common/tests/functional/test_cbma/cbma_check_lower_running.sh b/common/tests/functional/test_cbma/old-cbma/cbma_check_lower_running.sh
similarity index 100%
rename from common/tests/functional/test_cbma/cbma_check_lower_running.sh
rename to common/tests/functional/test_cbma/old-cbma/cbma_check_lower_running.sh
diff --git a/common/tests/functional/test_cbma/cbma_check_macsec.sh b/common/tests/functional/test_cbma/old-cbma/cbma_check_macsec.sh
similarity index 100%
rename from common/tests/functional/test_cbma/cbma_check_macsec.sh
rename to common/tests/functional/test_cbma/old-cbma/cbma_check_macsec.sh
diff --git a/common/tests/functional/test_cbma/old-cbma/cbma_check_running.sh b/common/tests/functional/test_cbma/old-cbma/cbma_check_running.sh
new file mode 100755
index 000000000..63e5c7491
--- /dev/null
+++ b/common/tests/functional/test_cbma/old-cbma/cbma_check_running.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+mdm_constants='/opt/mesh_com/modules/sc-mesh-secure-deployment/src/nats/src/constants.py'
+lower_or_upper="$(awk "BEGIN{print toupper(\"$1\")}")"
+
+if [ $# -ne 1 ] || case "$lower_or_upper" in LOWER|UPPER) false;; esac; then
+    echo "Usage: $0 <lower|upper>"
+    exit 1
+fi
+
+port="$(awk "/^[[:space:]]*CBMA_PORT_${lower_or_upper}/{print \$NF}" $mdm_constants)"
+
+if ! ss -lp | grep -q "\\b$port\\b.*python"; then
+    echo "Fail"
+    exit 1
+fi
+echo "Pass"
diff --git a/common/tests/functional/test_cbma/cbma_check_upper_running.sh b/common/tests/functional/test_cbma/old-cbma/cbma_check_upper_running.sh
similarity index 100%
rename from common/tests/functional/test_cbma/cbma_check_upper_running.sh
rename to common/tests/functional/test_cbma/old-cbma/cbma_check_upper_running.sh
diff --git a/common/tests/functional/test_cbma/cbma_mdm_integration.sh b/common/tests/functional/test_cbma/old-cbma/cbma_mdm_integration.sh
similarity index 100%
rename from common/tests/functional/test_cbma/cbma_mdm_integration.sh
rename to common/tests/functional/test_cbma/old-cbma/cbma_mdm_integration.sh

From ee97a9d0b673eddb6b7b25a13ce8c025aceea3b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20=22=27=20OR=201=3D=3D1=3B=20--=20=23=20Ib=C3=A1?=
 =?UTF-8?q?=C3=B1ez?= <carlos.ibanez@tii.ae>
Date: Wed, 3 Apr 2024 16:29:36 +0400
Subject: [PATCH 2/3] Add cbma_check_connected.sh functional test

---
 .../test_cbma/cbma_check_connected.sh         | 58 +++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100755 common/tests/functional/test_cbma/cbma_check_connected.sh

diff --git a/common/tests/functional/test_cbma/cbma_check_connected.sh b/common/tests/functional/test_cbma/cbma_check_connected.sh
new file mode 100755
index 000000000..f8fe98423
--- /dev/null
+++ b/common/tests/functional/test_cbma/cbma_check_connected.sh
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+TIMEOUT_SECONDS=10
+
+
+if [ $# -eq 0 ]; then
+    echo "Usage: $0 <bat-iface> [<peer-mac>]"
+    exit 1
+fi
+
+check_dependencies() {
+    for t in batctl; do
+        if ! type $t >/dev/null 2>&1; then
+            echo "[!] FATAL: '$t' is missing!" >&2
+            exit 2
+        fi
+    done
+}
+
+check_interface() {
+    iface="$1"
+
+    if [ ! -e "/sys/class/net/${iface}/address" ]; then
+        echo "'$iface' does not exist" >&2
+        exit 3
+    fi
+}
+
+check_mac_address() {
+    mac="$1"
+
+    if [ -n "$mac" ] && ! echo "$mac" | grep -Eiqx '([0-9a-f]{2}:){5}[0-9a-f]{2}'; then
+	      echo "'$mac' is not a valid MAC address" >&2
+	      exit 4
+    fi
+}
+
+cbma_check_connected() {
+    iface="$1"
+    peer_mac="${2:-.}"
+
+    elapsed_seconds=0
+    while [ $((elapsed_seconds++)) -lt $TIMEOUT_SECONDS ]; do
+        peers="$(batctl meshif $iface n -H -n)"
+        if expr "$peers" : "$peer_mac" 2>/dev/null >&2; then
+            echo 'Pass'
+            return
+        fi
+        sleep 1
+    done
+    echo 'Fail'
+    exit 5
+}
+
+check_dependencies
+check_interface $1
+check_mac_address $2
+cbma_check_connected $@

From 2021db9ee02e42ca777fa58f953f2ff6f4fd4cdb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20=22=27=20OR=201=3D=3D1=3B=20--=20=23=20Ib=C3=A1?=
 =?UTF-8?q?=C3=B1ez?= <carlos.ibanez@tii.ae>
Date: Wed, 3 Apr 2024 18:11:01 +0400
Subject: [PATCH 3/3] Add cbma_check_secured.sh functional test

---
 .../test_cbma/cbma_check_secured.sh           | 68 +++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100755 common/tests/functional/test_cbma/cbma_check_secured.sh

diff --git a/common/tests/functional/test_cbma/cbma_check_secured.sh b/common/tests/functional/test_cbma/cbma_check_secured.sh
new file mode 100755
index 000000000..bddacea69
--- /dev/null
+++ b/common/tests/functional/test_cbma/cbma_check_secured.sh
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+BATMAN_ETHER_PROTO='0x4305'
+MACSEC_ETHER_PROTO='0x88e5'
+MACSEC_PACKET_BYTES_OFFSET=36
+TIMEOUT_SECONDS=10
+
+
+if [ $# -eq 0 ]; then
+    echo "Usage: $0 <non-bat-iface> [<peer-mac>]"
+    exit 1
+fi
+
+check_dependencies() {
+    for t in tcpdump timeout; do
+        if ! type $t >/dev/null 2>&1; then
+            echo "[!] FATAL: '$t' is missing!" >&2
+            exit 2
+        fi
+    done
+}
+
+check_interface() {
+    iface="$1"
+
+    if [ ! -e "/sys/class/net/${iface}/address" ]; then
+        echo "'$iface' does not exist" >&2
+        exit 3
+    fi
+    case "$iface" in bat*) MULTICAST_PORT=$((MULTICAST_PORT + 1));; esac
+}
+
+check_mac_address() {
+    mac="$1"
+
+    if [ -n "$mac" ] && ! echo "$mac" | grep -Eiqx '([0-9a-f]{2}:){5}[0-9a-f]{2}'; then
+	      echo "'$mac' is not a valid MAC address" >&2
+	      exit 4
+    fi
+}
+
+cbma_check_secured() {
+    iface="$1"
+    peer_mac="$2"
+
+    if [ -n "$peer_mac" ]; then
+        capture_iface="lms$(echo $peer_mac | tr -d ':')"
+    else
+        capture_iface="lmb$(tr -d ':' < /sys/class/net/"$iface"/address)"
+    fi
+    if ! ( check_interface "$capture_iface" 2>/dev/null ); then
+        echo "'$peer_mac' peer is not connected"
+        exit 5
+    fi
+
+    packet="$(timeout $TIMEOUT_SECONDS tcpdump -c1 -i "$capture_iface" -qQ out ether proto $BATMAN_ETHER_PROTO and ether[$MACSEC_PACKET_BYTES_OFFSET:2] == $MACSEC_ETHER_PROTO 2>/dev/null)"
+
+    if [ -z "$packet" ]; then
+        echo 'Fail'
+        exit 6
+    fi
+    echo 'Pass'
+}
+
+check_dependencies
+check_interface $1
+check_mac_address $2
+cbma_check_secured $@