diff options
Diffstat (limited to '')
-rw-r--r-- | src/if_wg.c | 22 | ||||
-rw-r--r-- | src/selftest/cookie.c | 33 | ||||
-rw-r--r-- | src/selftest/counter.c | 3 | ||||
-rw-r--r-- | src/wg_cookie.h | 2 | ||||
-rw-r--r-- | src/wg_noise.h | 2 |
5 files changed, 42 insertions, 20 deletions
diff --git a/src/if_wg.c b/src/if_wg.c index 2ab9a99..a6e19d6 100644 --- a/src/if_wg.c +++ b/src/if_wg.c @@ -2986,19 +2986,23 @@ wg_prison_remove(void *obj, void *data __unused) #ifdef SELFTESTS #include "selftest/allowedips.c" -static void wg_run_selftests(void) +static bool wg_run_selftests(void) { - wg_allowedips_selftest(); - noise_counter_selftest(); - cookie_selftest(); + bool ret = true; + ret &= wg_allowedips_selftest(); + ret &= noise_counter_selftest(); + ret &= cookie_selftest(); + return ret; } #else -static inline void wg_run_selftests(void) { } +static inline bool wg_run_selftests(void) { return true; } #endif static int wg_module_init(void) { + int ret = ENOMEM; + osd_method_t methods[PR_MAXMETHOD] = { [PR_METHOD_REMOVE] = wg_prison_remove, }; @@ -3010,13 +3014,17 @@ wg_module_init(void) goto free_zone; wg_osd_jail_slot = osd_jail_register(NULL, methods); - wg_run_selftests(); + + ret = ENOTRECOVERABLE; + if (!wg_run_selftests()) + goto free_zone; + return (0); free_zone: uma_zdestroy(wg_packet_zone); free_none: - return (ENOMEM); + return (ret); } static void diff --git a/src/selftest/cookie.c b/src/selftest/cookie.c index 543aacb..4076e4c 100644 --- a/src/selftest/cookie.c +++ b/src/selftest/cookie.c @@ -30,9 +30,10 @@ static const struct expected_results { static struct ratelimit rl; -static void +static bool cookie_ratelimit_timings_test(void) { + bool ret = false; struct sockaddr_in sin; #ifdef INET6 struct sockaddr_in6 sin6; @@ -91,15 +92,18 @@ cookie_ratelimit_timings_test(void) #endif } T_PASSED; + ret = true; cleanup: ratelimit_deinit(&rl); + return ret; } -static void +static bool cookie_ratelimit_capacity_test(void) { struct sockaddr_in sin; int i; + bool ret = false; bzero(&rl, sizeof(rl)); ratelimit_init(&rl); @@ -120,15 +124,18 @@ cookie_ratelimit_capacity_test(void) } } T_PASSED; + ret = true; cleanup: ratelimit_deinit(&rl); + return ret; } -static void +static bool cookie_ratelimit_gc_test(void) { struct sockaddr_in sin; int i; + bool ret = false; bzero(&rl, sizeof(rl)); ratelimit_init(&rl); @@ -165,11 +172,13 @@ cookie_ratelimit_gc_test(void) if (rl.rl_table_num != 0) T_FAILED("gc"); T_PASSED; + ret = true; cleanup: ratelimit_deinit(&rl); + return ret; } -static void +static bool cookie_mac_test(void) { struct cookie_checker checker; @@ -177,6 +186,7 @@ cookie_mac_test(void) struct cookie_macs cm; struct sockaddr_in sin; int res, i; + bool ret = false; uint8_t nonce[COOKIE_NONCE_SIZE]; uint8_t cookie[COOKIE_ENCRYPTED_SIZE]; @@ -280,15 +290,18 @@ cookie_mac_test(void) T_FAILED("validate_macs_load_normal_mac2_retry"); T_PASSED; + ret = true; cleanup: - return; + return ret; } -void +bool cookie_selftest(void) { - cookie_ratelimit_timings_test(); - cookie_ratelimit_capacity_test(); - cookie_ratelimit_gc_test(); - cookie_mac_test(); + bool ret = true; + ret &= cookie_ratelimit_timings_test(); + ret &= cookie_ratelimit_capacity_test(); + ret &= cookie_ratelimit_gc_test(); + ret &= cookie_mac_test(); + return ret; } diff --git a/src/selftest/counter.c b/src/selftest/counter.c index c715dec..1fedb71 100644 --- a/src/selftest/counter.c +++ b/src/selftest/counter.c @@ -16,7 +16,7 @@ } \ } while (0) -void +bool noise_counter_selftest(void) { struct noise_keypair kp; @@ -95,4 +95,5 @@ noise_counter_selftest(void) if (success) printf("nonce counter self-test: pass\n"); + return success; } diff --git a/src/wg_cookie.h b/src/wg_cookie.h index 099cda6..8e59c32 100644 --- a/src/wg_cookie.h +++ b/src/wg_cookie.h @@ -68,7 +68,7 @@ int cookie_checker_validate_macs(struct cookie_checker *, struct vnet *); #ifdef SELFTESTS -void cookie_selftest(void); +bool cookie_selftest(void); #endif /* SELFTESTS */ #endif /* __COOKIE_H__ */ diff --git a/src/wg_noise.h b/src/wg_noise.h index 6fa282b..219b268 100644 --- a/src/wg_noise.h +++ b/src/wg_noise.h @@ -129,7 +129,7 @@ int noise_consume_response( uint8_t en[0 + NOISE_AUTHTAG_LEN]); #ifdef SELFTESTS -void noise_counter_selftest(void); +bool noise_counter_selftest(void); #endif /* SELFTESTS */ #endif /* __NOISE_H__ */ |