eb53c23236
per Intel policy to include file commit date using git cmd below. The policy does not apply to non-Intel (C) notices. git log --follow -C90% --format=%ad --date default <file> | tail -1 and then pull just the year from the result. Intel copyrights were not added to files where Intel either had no contribution ot the contribution lacked substance (ie license header updates, formatting changes, etc) For intel copyrights added, --follow and -C95% were used. Signed-off-by: paul luse <paul.e.luse@intel.com> Change-Id: I2ef86976095b88a9bf5b1003e59f3943cd6bbe4c Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/15209 Tested-by: SPDK CI Jenkins <sys_sgci@intel.com> Community-CI: Mellanox Build Bot Reviewed-by: Ben Walker <benjamin.walker@intel.com> Reviewed-by: Krzysztof Karas <krzysztof.karas@intel.com> Reviewed-by: Jim Harris <james.r.harris@intel.com>
139 lines
4.5 KiB
Bash
Executable File
139 lines
4.5 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# SPDX-License-Identifier: BSD-3-Clause
|
|
# All rights reserved.
|
|
#
|
|
|
|
testdir=$(readlink -f $(dirname $0))
|
|
rootdir=$(readlink -f $testdir/../../..)
|
|
|
|
source $rootdir/test/common/autotest_common.sh
|
|
source $rootdir/test/nvmf/common.sh
|
|
|
|
rpc_py="$rootdir/scripts/rpc.py"
|
|
|
|
nvmftestinit
|
|
nvmfappstart -m 0x2 --wait-for-rpc
|
|
|
|
if [ "$TEST_TRANSPORT" != tcp ]; then
|
|
echo "Unsupported transport: $TEST_TRANSPORT"
|
|
exit 0
|
|
fi
|
|
|
|
$rpc_py sock_set_default_impl -i ssl
|
|
|
|
# Check default TLS version
|
|
version=$($rpc_py sock_impl_get_options -i ssl | jq -r .tls_version)
|
|
if [[ "$version" != "0" ]]; then
|
|
echo "TLS version was not set correctly $version != 0"
|
|
exit 1
|
|
fi
|
|
|
|
# Check TLS version set to 13
|
|
$rpc_py sock_impl_set_options -i ssl --tls-version 13
|
|
version=$($rpc_py sock_impl_get_options -i ssl | jq -r .tls_version)
|
|
if [[ "$version" != "13" ]]; then
|
|
echo "TLS version was not set correctly $version != 13"
|
|
exit 1
|
|
fi
|
|
|
|
# Check TLS version set to 12
|
|
$rpc_py sock_impl_set_options -i ssl --tls-version 12
|
|
version=$($rpc_py sock_impl_get_options -i ssl | jq -r .tls_version)
|
|
if [[ "$version" != "12" ]]; then
|
|
echo "TLS version was not set correctly $version != 12"
|
|
exit 1
|
|
fi
|
|
|
|
# Check incorrect TLS version set to 7
|
|
$rpc_py sock_impl_set_options -i ssl --tls-version 7
|
|
version=$($rpc_py sock_impl_get_options -i ssl | jq -r .tls_version)
|
|
if [[ "$version" != "7" ]]; then
|
|
echo "TLS version was not set correctly $version != 7"
|
|
exit 1
|
|
fi
|
|
|
|
# Check default KTLS is disabled
|
|
ktls=$($rpc_py sock_impl_get_options -i ssl | jq -r .enable_ktls)
|
|
if [[ "$ktls" != "false" ]]; then
|
|
echo "KTLS was not set correctly $ktls != false"
|
|
exit 1
|
|
fi
|
|
|
|
# Check KTLS enable
|
|
$rpc_py sock_impl_set_options -i ssl --enable-ktls
|
|
ktls=$($rpc_py sock_impl_get_options -i ssl | jq -r .enable_ktls)
|
|
if [[ "$ktls" != "true" ]]; then
|
|
echo "KTLS was not set correctly $ktls != true"
|
|
exit 1
|
|
fi
|
|
|
|
# Check KTLS disable
|
|
$rpc_py sock_impl_set_options -i ssl --disable-ktls
|
|
ktls=$($rpc_py sock_impl_get_options -i ssl | jq -r .enable_ktls)
|
|
if [[ "$ktls" != "false" ]]; then
|
|
echo "KTLS was not set correctly $ktls != false"
|
|
exit 1
|
|
fi
|
|
|
|
# Check default PSK key
|
|
key=$($rpc_py sock_impl_get_options -i ssl | jq -r .psk_key)
|
|
if [[ "$key" != "null" ]]; then
|
|
echo "TLS default key should be empty and not $key"
|
|
exit 1
|
|
fi
|
|
|
|
# Check default PSK key set
|
|
$rpc_py sock_impl_set_options -i ssl --psk-key 1234567890ABCDEF
|
|
key=$($rpc_py sock_impl_get_options -i ssl | jq -r .psk_key)
|
|
if [[ "$key" != "1234567890ABCDEF" ]]; then
|
|
echo "TLS key was not set correctly $key != 1234567890ABCDEF"
|
|
exit 1
|
|
fi
|
|
|
|
# Check default PSK identity
|
|
identity=$($rpc_py sock_impl_get_options -i ssl | jq -r .psk_identity)
|
|
if [[ "$identity" != "null" ]]; then
|
|
echo "TLS default identity should be empty and not $identity"
|
|
exit 1
|
|
fi
|
|
|
|
# Check default PSK identity set
|
|
$rpc_py sock_impl_set_options -i ssl --psk-identity psk.spdk.io
|
|
identity=$($rpc_py sock_impl_get_options -i ssl | jq -r .psk_identity)
|
|
if [[ "$identity" != "psk.spdk.io" ]]; then
|
|
echo "PSK ID was not set correctly $identity != psk.spdk.io"
|
|
exit 1
|
|
fi
|
|
|
|
$rpc_py sock_impl_set_options -i ssl --tls-version 13
|
|
$rpc_py framework_start_init
|
|
$rpc_py nvmf_create_transport $NVMF_TRANSPORT_OPTS
|
|
$rpc_py nvmf_create_subsystem nqn.2016-06.io.spdk:cnode1 -a -s SPDK00000000000001 -m 10
|
|
$rpc_py nvmf_subsystem_add_listener nqn.2016-06.io.spdk:cnode1 -t $TEST_TRANSPORT \
|
|
-a $NVMF_FIRST_TARGET_IP -s $NVMF_PORT
|
|
$rpc_py bdev_malloc_create 32 4096 -b malloc0
|
|
$rpc_py nvmf_subsystem_add_ns nqn.2016-06.io.spdk:cnode1 malloc0 -n 1
|
|
|
|
# Send IO
|
|
"${NVMF_TARGET_NS_CMD[@]}" $SPDK_EXAMPLE_DIR/perf -S ssl -q 64 -o 4096 -w randrw -M 30 -t 10 \
|
|
-r "trtype:${TEST_TRANSPORT} adrfam:IPv4 traddr:${NVMF_FIRST_TARGET_IP} trsvcid:${NVMF_PORT} \
|
|
subnqn:nqn.2016-06.io.spdk:cnode1" --psk-key 1234567890ABCDEF --psk-identity psk.spdk.io
|
|
|
|
# use bdevperf to test "bdev_nvme_attach_controller"
|
|
bdevperf_rpc_sock=/var/tmp/bdevperf.sock
|
|
$rootdir/build/examples/bdevperf -m 0x4 -z -r $bdevperf_rpc_sock -q 128 -o 4096 -w verify -t 10 &
|
|
bdevperf_pid=$!
|
|
|
|
trap 'process_shm --id $NVMF_APP_SHM_ID; killprocess $bdevperf_pid; nvmftestfini; exit 1' SIGINT SIGTERM EXIT
|
|
waitforlisten $bdevperf_pid $bdevperf_rpc_sock
|
|
# send RPC
|
|
$rpc_py -s $bdevperf_rpc_sock bdev_nvme_attach_controller -b TLSTEST -t $TEST_TRANSPORT -a $NVMF_FIRST_TARGET_IP \
|
|
-s $NVMF_PORT -f ipv4 -n nqn.2016-06.io.spdk:cnode1 --psk 1234567890ABCDEF
|
|
# run I/O and wait
|
|
$rootdir/examples/bdev/bdevperf/bdevperf.py -t 20 -s $bdevperf_rpc_sock perform_tests
|
|
# finish
|
|
killprocess $bdevperf_pid
|
|
|
|
trap - SIGINT SIGTERM EXIT
|
|
nvmftestfini
|