From a23e71839a8b7caff67b837245236882cc4a23b4 Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 29 Sep 2019 14:17:54 +0100
Subject: [PATCH] proxy/tripe-mitm.c, server/tests.at: Optionally use
 kernel-assigned ports.

Add an option for the `peer' ports in `tripe-mitm' to be allocated by
the kernel, and for the port numbers to be written to named files.  Use
this in the tests so as to avoid conflicts between concurrent instances
of the tests.  It's not perfect: some of the tests require that a new
`tripe-mitm' take over a port from an old one, and there's a chance that
some other process might have grabbed it in between -- but it's much
better than it was before.

I should also consider using `noip' for this testing.
---
 proxy/tripe-mitm.8.in |  9 +++++++-
 proxy/tripe-mitm.c    | 28 +++++++++++++++++++++++--
 server/tests.at       | 57 +++++++++++++++++++++++++++++++--------------------
 3 files changed, 69 insertions(+), 25 deletions(-)

diff --git a/proxy/tripe-mitm.8.in b/proxy/tripe-mitm.8.in
index e939919e..ade7dc05 100644
--- a/proxy/tripe-mitm.8.in
+++ b/proxy/tripe-mitm.8.in
@@ -123,7 +123,14 @@ may be numbers or UDP service names;
 .I remote-addr
 may be a hostname, an IPv4 address in dotted-quad format, or an IPv6
 address in hex-and-colons format (this last obviously requires selecting
-a different delimeter character).  Exactly two
+a different delimeter character).  Additionally,
+.I local-port
+may be a string of the form
+.BI ? file
+to get the kernel to allocate an unused port number, and then write the
+port to the named
+.IR file .
+Exactly two
 .B peer
 directives must be present.  The one first registered is the
 .I left
diff --git a/proxy/tripe-mitm.c b/proxy/tripe-mitm.c
index 6acf2a1d..648296ee 100644
--- a/proxy/tripe-mitm.c
+++ b/proxy/tripe-mitm.c
@@ -119,9 +119,17 @@ static void addpeer_common(const char *cmd, int af, unsigned ac, char **av)
 {
   struct addrinfo aihint = { 0 }, *ai0, *ai1;
   int len = PKBUFSZ, yes = 1;
+  const char *outf, *serv;
+  FILE *fp;
+  union {
+    struct sockaddr sa;
+    struct sockaddr_in sin;
+    struct sockaddr_in6 sin6;
+  } addr;
+  socklen_t salen;
   int err;
   peer *p;
-  int fd;
+  int fd, port;
 
   if (ac != 4) die(1, "syntax: %s:NAME:PORT:ADDR:PORT", cmd);
   if (!key_bytag(&keys, av[0])) die(1, "no key named `%s'", av[0]);
@@ -132,9 +140,11 @@ static void addpeer_common(const char *cmd, int af, unsigned ac, char **av)
   aihint.ai_flags = AI_ADDRCONFIG;
   if ((err = getaddrinfo(av[2], av[3], &aihint, &ai1)) != 0)
     die(1, "getaddrinfo(`%s', `%s'): %s", av[2], av[3], gai_strerror(err));
+  if (*av[1] == '?') { serv = "0"; outf = av[1] + 1; }
+  else { serv = av[1]; outf = 0; }
   aihint.ai_family = ai1->ai_family;
   aihint.ai_flags = AI_ADDRCONFIG | AI_PASSIVE;
-  if ((err = getaddrinfo(0, av[1], &aihint, &ai0)) != 0)
+  if ((err = getaddrinfo(0, serv, &aihint, &ai0)) != 0)
     die(1, "getaddrinfo(passive, `%s'): %s", av[1], gai_strerror(err));
   if ((fd = socket(ai1->ai_family, SOCK_DGRAM, ai1->ai_protocol)) < 0)
     die(1, "socket: %s", strerror(errno));
@@ -149,6 +159,20 @@ static void addpeer_common(const char *cmd, int af, unsigned ac, char **av)
     die(1, "setsockopt: %s", strerror(errno));
   if (connect(fd, ai1->ai_addr, ai1->ai_addrlen))
     die(1, "connect: %s", strerror(errno));
+  if (outf) {
+    salen = sizeof(addr);
+    if (getsockname(fd, &addr.sa, &salen))
+      die(1, "getsockname: %s", strerror(errno));
+    switch (addr.sa.sa_family) {
+      case AF_INET: port = ntohs(addr.sin.sin_port); break;
+      case AF_INET6: port = ntohs(addr.sin6.sin6_port); break;
+      default: assert(0);
+    }
+    fp = fopen(outf, "w");
+    if (!fp) die(1, "fopen(%s): %s", outf, strerror(errno));
+    fprintf(fp, "%d\n", port);
+    fclose(fp);
+  }
   sel_initfile(&sel, &p->sf, fd, SEL_READ, dopacket, p);
   sel_addfile(&p->sf);
   freeaddrinfo(ai0); freeaddrinfo(ai1);
diff --git a/server/tests.at b/server/tests.at
index eb2e5612..a86c179b 100644
--- a/server/tests.at
+++ b/server/tests.at
@@ -43,6 +43,9 @@ m4_define([BULKTEST],
   [$abs_top_builddir/server/tripe-test \
      ${TRIPE_TEST_TRACEOPTS+-T$TRIPE_TEST_TRACEOPTS}])
 
+## Pause for a bit.
+m4_define([SLEEP], [sleep 0.2])
+
 ## WITH_STRACE(tag, cmd)
 ##
 ## There's an awful hack here.  If a process running under strace exits with
@@ -407,13 +410,19 @@ for p in alice bob carol; do (mkdir $p; cd $p; SETUPDIR([alpha])); done
 
 ## WITH_MITM(adir, aport, bdir, bport, body)
 m4_define([WITH_MITM], [
-  echo >&2 "mitm: $1 <--> :$2 <-mitm-> :$4 <--> $3"
+  aspec="$2" bspec="$4"
+  case $aspec in =*) aport="?$1/$3.mitm" ;; *) aport=$aspec ;; esac
+  case $bspec in =*) bport="?$3/$1.mitm" ;; *) bport=$bspec ;; esac
   MITM -k$1/keyring.pub \
-	peer:$1:$2:127.0.0.1:$(cat $1/port) \
-	peer:$3:$4:127.0.0.1:$(cat $3/port) \
+	peer:$1:$aport:127.0.0.1:$(cat $1/port) \
+	peer:$3:$bport:127.0.0.1:$(cat $3/port) \
 	filt:send& mitmpid_$1_$3=$!
+  SLEEP
+  case $aspec in =*) aport=$(cat ${aport#\?}); eval ${aspec#=}=\$aport ;; esac
+  case $bspec in =*) bport=$(cat ${bport#\?}); eval ${bspec#=}=\$bport ;; esac
+  echo >&2 "mitm: $1 <--> :$aport <-mitm-> :$bport <--> $3"
   trap 'kill $mitmpid_$1_$3; exit 127' EXIT INT QUIT TERM HUP
-  sleep 1
+  SLEEP
   $5
   kill $mitmpid_$1_$3; trap - EXIT INT QUIT TERM HUP
 ])
@@ -428,30 +437,33 @@ WITH_3TRIPES([alice], [bob], [carol], [-nslip],
   ## alice <--> :5311 <-mitm-> :5312 <--> bob
   ## alice <--> :5321 <-mitm-> :5322 <--> carol
 
-  WITH_MITM([alice], [5311], [bob], [5312], [
-    ESTABLISH([alice], [alice], [], [bob], [bob], [-mobile], [5312], [5311])
+  WITH_MITM([alice], [=bob_from_alice], [bob], [=alice_from_bob], [
+    ESTABLISH([alice], [alice], [],
+	      [bob], [bob], [-mobile],
+	      [$alice_from_bob], [$bob_from_alice])
   ])
 
-  WITH_MITM([alice], [5319], [bob], [5312], [
+  WITH_MITM([alice], [=new_bob_from_alice], [bob], [$alice_from_bob], [
     COMMS_EPING([bob], [bob], [alice], [alice])
     COMMS_SLIP([bob], [bob], [alice], [alice])
   ])
 
-  WITH_MITM([alice], [5321], [carol], [5322], [
-    ESTABLISH([alice], [alice], [], [carol], [carol], [-mobile],
-	[5322], [5321])
+  WITH_MITM([alice], [=carol_from_alice], [carol], [=alice_from_carol], [
+    ESTABLISH([alice], [alice], [],
+	      [carol], [carol], [-mobile],
+	      [$alice_from_carol], [$carol_from_alice])
   ])
 
-  WITH_MITM([alice], [5311], [bob], [5312], [
-  WITH_MITM([alice], [5321], [carol], [5322], [
+  WITH_MITM([alice], [$bob_from_alice], [bob], [$alice_from_bob], [
+  WITH_MITM([alice], [$carol_from_alice], [carol], [$alice_from_carol], [
     COMMS_EPING([bob], [bob], [alice], [alice])
     COMMS_EPING([carol], [carol], [alice], [alice])
     COMMS_SLIP([bob], [bob], [alice], [alice])
     COMMS_SLIP([carol], [carol], [alice], [alice])
   ])])
 
-  WITH_MITM([alice], [5321], [bob], [5312], [
-  WITH_MITM([alice], [5311], [carol], [5322], [
+  WITH_MITM([alice], [$carol_from_alice], [bob], [$alice_from_bob], [
+  WITH_MITM([alice], [$bob_from_alice], [carol], [$alice_from_carol], [
     COMMS_EPING([bob], [bob], [alice], [alice])
     COMMS_EPING([carol], [carol], [alice], [alice])
     COMMS_SLIP([bob], [bob], [alice], [alice])
@@ -474,15 +486,16 @@ for i in alice bob; do (mkdir $i; cd $i; SETUPDIR([beta])); done
 WITH_2TRIPES([alice], [bob], [-nslip], [-talice], [-tbob], [
 
   ## Set up the evil proxy.
-  alicemitm=24516 bobmitm=14016
   mknod pipe-mitmpid p
   WITH_STRACE([mitm],
 	      [sh -c 'echo $$ >pipe-mitmpid; exec "$@"' - \
 	       MITM -kalice/keyring.pub >mitm.out 2>mitm.err \
-		 peer:alice:$alicemitm:127.0.0.1:$(cat alice/port) \
-		 peer:bob:$bobmitm:127.0.0.1:$(cat bob/port) \
+		 peer:alice:\?alice.mitm:127.0.0.1:$(cat alice/port) \
+		 peer:bob:\?bob.mitm:127.0.0.1:$(cat bob/port) \
 		 filt:drop:5 filt:send])&
   read mitmpid <pipe-mitmpid
+  SLEEP
+  alicemitm=$(cat alice.mitm) bobmitm=$(cat bob.mitm)
   trap 'kill $mitmpid; exit 127' EXIT INT QUIT TERM HUP
   exec 3>&-
 
@@ -764,7 +777,7 @@ export TRIPE_SLIPIF=USLIP
 for i in alice bob; do (mkdir $i; cd $i; SETUPDIR([gamma])); done
 
 WITH_2TRIPES([alice], [bob], [-nslip], [-talice], [-tbob], [
-  WITH_MITM([alice], [5311], [bob], [5312], [
+  WITH_MITM([alice], [=bob_from_alice], [bob], [=alice_from_bob], [
 
     COPROCESSES([wait-knock], [
       echo WATCH +n
@@ -782,21 +795,21 @@ WITH_2TRIPES([alice], [bob], [-nslip], [-talice], [-tbob], [
       TRIPECTL -dalice
     ])& waiter=$!
 
-    AT_CHECK([TRIPECTL -dbob ADD -knock bob alice INET 127.0.0.1 5312])
+    AT_CHECK([TRIPECTL -dbob ADD -knock bob alice INET 127.0.0.1 $alice_from_bob])
 
     wait $waiter; waitrc=$?
     AT_CHECK([echo $waitrc],, [0[]nl])
-    AT_CHECK([cat knock-addr],, [INET 127.0.0.1 5311[]nl])
+    AT_CHECK_UNQUOTED([cat knock-addr],, [INET 127.0.0.1 $bob_from_alice[]nl])
 
     AWAIT_KXDONE([alice], [alice], [bob], [bob], [
-      AT_CHECK([TRIPECTL -dalice ADD -ephemeral bob INET 127.0.0.1 5311])
+      AT_CHECK([TRIPECTL -dalice ADD -ephemeral bob INET 127.0.0.1 $bob_from_alice])
     ])
 
     COMMS_EPING([alice], [alice], [bob], [bob])
     COMMS_SLIP([alice], [alice], [bob], [bob])
   ])
 
-  WITH_MITM([alice], [5319], [bob], [5312], [
+  WITH_MITM([alice], [=new_bob_from_alice], [bob], [$alice_from_bob], [
     AWAIT_KXDONE([alice], [alice], [bob], [bob], [
       AT_CHECK([TRIPECTL -dalice FORCEKX bob])
       AT_CHECK([TRIPECTL -dbob FORCEKX alice])
-- 
2.11.0