arti/tests/shadow/run.sh

#!/usr/bin/env bash

set -xeuo pipefail

# Remove output of previous run
rm -rf shadow.data

# Run the simulation
shadow \
  --model-unblocked-syscall-latency=true \
  --log-level=debug \
  --strace-logging-mode=standard \
  --parallelism="$(nproc)" \
  --template-directory=./shadow.data.template \
  --progress=true \
  --use-memory-manager=false \
  shadow.yaml \
  > shadow.log

# Check whether file transfers via arti inside the simulation succeeded
successes="$(grep -c stream-success shadow.data/hosts/articlient/articlient.tgen.1001.stdout || true)"
if [ "$successes" = 10 ]
then
  echo "Simulation successful"
else
  echo "Failed. Only got $successes successful streams."
fi

pushd shadow.data/hosts/articlient_bridge/
for PCAP in *.pcap; do
	# verify all connection are either from/to the bridge, or local.
	LEAK=$(tshark -r "$PCAP" 'ip.src != 100.0.0.2 && ip.dst != 100.0.0.2 && ip.dst != 127.0.0.0/8')
	if [ "$LEAK" ]; then
		echo "Found tcp leaks in PCAP: $PCAP"
	        echo "$LEAK"
		exit 1
	fi
done

DNS_LEAK=$(grep -l shadow_hostname_to_addr_ipv4 articlient_bridge.arti.*.strace || true)
if [ "$DNS_LEAK" ]; then
	echo "Found DNS leaks in $DNS_LEAK"
	exit 1
fi
popd
shell: use /usr/bin/env instead of absolute paths This commit changes the shebang in all shell scripts from absolute paths (such as `/bin/bash` or `/usr/bin/python3`) to the `/usr/bin/env` binary with the accompanying interpreter as it's argument. The reason for this are as follows: - NixOS cannot work with absolute paths - BSD systems install their packages in /usr/local/bin 2023-01-25 17:35:53 +00:00			`#!/usr/bin/env bash`
Create a shadow-based integration test Fixes https://gitlab.torproject.org/tpo/core/arti/-/issues/174 2022-08-30 19:45:12 +01:00
verify leakage and run shadow with less shm 2022-11-30 17:40:59 +00:00			`set -xeuo pipefail`
Create a shadow-based integration test Fixes https://gitlab.torproject.org/tpo/core/arti/-/issues/174 2022-08-30 19:45:12 +01:00
			`# Remove output of previous run`
			`rm -rf shadow.data`

			`# Run the simulation`
			`shadow \`
			`--model-unblocked-syscall-latency=true \`
			`--log-level=debug \`
			`--strace-logging-mode=standard \`
			`--parallelism="$(nproc)" \`
			`--template-directory=./shadow.data.template \`
			`--progress=true \`
verify leakage and run shadow with less shm 2022-11-30 17:40:59 +00:00			`--use-memory-manager=false \`
Create a shadow-based integration test Fixes https://gitlab.torproject.org/tpo/core/arti/-/issues/174 2022-08-30 19:45:12 +01:00			`shadow.yaml \`
			`> shadow.log`

			`# Check whether file transfers via arti inside the simulation succeeded`
			`successes="$(grep -c stream-success shadow.data/hosts/articlient/articlient.tgen.1001.stdout \|\| true)"`
			`if [ "$successes" = 10 ]`
			`then`
Fix typo 2022-12-12 19:36:57 +00:00			`echo "Simulation successful"`
Create a shadow-based integration test Fixes https://gitlab.torproject.org/tpo/core/arti/-/issues/174 2022-08-30 19:45:12 +01:00			`else`
			`echo "Failed. Only got $successes successful streams."`
			`fi`
verify leakage and run shadow with less shm 2022-11-30 17:40:59 +00:00
			`pushd shadow.data/hosts/articlient_bridge/`
			`for PCAP in *.pcap; do`
			`# verify all connection are either from/to the bridge, or local.`
			`LEAK=$(tshark -r "$PCAP" 'ip.src != 100.0.0.2 && ip.dst != 100.0.0.2 && ip.dst != 127.0.0.0/8')`
			`if [ "$LEAK" ]; then`
			`echo "Found tcp leaks in PCAP: $PCAP"`
			`echo "$LEAK"`
			`exit 1`
			`fi`
			`done`

			`DNS_LEAK=$(grep -l shadow_hostname_to_addr_ipv4 articlient_bridge.arti.*.strace \|\| true)`
			`if [ "$DNS_LEAK" ]; then`
			`echo "Found DNS leaks in $DNS_LEAK"`
			`exit 1`
			`fi`
			`popd`