#!/usr/bin/perl
#
# SCTP Conformance Test Suite Implementation
# (C) Copyright Fujitsu Ltd. 2008, 2009
#
# This file is part of the SCTP Conformance Test Suite implementation.
#
# The SCTP Conformance Test Suite implementation is free software;
# you can redistribute it and/or modify it under the terms of
# the GNU General Public License version 2 as published by
# the Free Software Foundation.
#
# The SCTP Conformance Test Suite implementation is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even
# the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with GNU CC; see the file COPYING.  If not, write to
# the Free Software Foundation, 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
#
# Please send any bug reports or fixes you make to the
# email address(es):
#    networktest sctp <networktest-sctp@lists.sourceforge.net>
#
# Or submit a bug report through the following website:
#    http://networktest.sourceforge.net/
#
# Written or modified by:
#    Hiroaki Kago <linuxsctp-kg@ml.css.fujitsu.com>
#    Wei Yongjun <yjwei@cn.fujitsu.com>
#
# Any bugs reported given to us we will try to fix... any fixes shared will
# be incorporated into the next SCTP release.
#
##############################################################################
BEGIN {	$V6evalTool::TestVersion = '$Name: REL_1_0_0 $'; }

use lib "../common";
use V6evalTool;
use SCTP;

%pktdesc = (
	sctp_chunk_cookie_echo_bad_md5	=> "Send CHUNK_COOKIE_ECHO (with wrong MD5 signature)"
);

$IF0 = Link0;

vCapture($IF0);

sctpCheckEnv($IF0);

sctpStartServer($IF0);

vLogHTML('<B>================ Main Test =================</B>');

vSend($IF0, sctp_chunk_init_snd);

%ret = vWarpRecv3($IF0, 10, 0, 0, sctp_chunk_init_ack_rcv);
if($ret{status} != 0 || $ret{recvFrame} ne sctp_chunk_init_ack_rcv) {
	vLogHTML('Cannot receive SCTP CHUNK_INIT_ACK<BR>');
	vLogHTML('<FONT COLOR="#FF0000">NG</FONT>'); 
	exit $V6evalTool::exitFail;
}

sctpFetchInitField(\%ret);
$BADCOOKIE = sctpMakeBadMD5Cookie($SCTP::CONF{'COOKIE'});
vWarpCPP("-DBADCOOKIE=hexstr\\\(\\\"$BADCOOKIE\\\"\\\) -DCOOKIE=hexstr\\\(\\\"$SCTP::CONF{'COOKIE'}\\\"\\\)");

vSend($IF0, sctp_chunk_cookie_echo_bad_md5);

%ret = vWarpRecv($IF0, 10, 0, 0, sctp_chunk_cookie_ack_rcv);
if($ret{status} == 0 && $ret{recvFrame} eq sctp_chunk_cookie_ack_rcv) {
	vLogHTML('Received unexpected SCTP CHUNK_COOKIE_ACK<BR>');
	vLogHTML('<FONT COLOR="#FF0000">NG</FONT>'); 
	exit $V6evalTool::exitFail;
}

vSend($IF0, sctp_chunk_cookie_echo_snd);

%ret = vWarpRecv($IF0, 10, 0, 0, sctp_chunk_cookie_ack_rcv);
if($ret{status} != 0 || $ret{recvFrame} ne sctp_chunk_cookie_ack_rcv) {
	vLogHTML('Cannot receive SCTP CHUNK_COOKIE_ACK<BR>');
	vLogHTML('<FONT COLOR="#FF0000">NG</FONT>'); 
	exit $V6evalTool::exitFail;
}

vSendMsg($IF0);

vClose($IF0);

vLogHTML(OK);
exit $V6evalTool::exitPass;

######################################################################
__END__

=head1 NAME

  CookieEchoBadMD5.seq - COOKIE-ECHO chunk is received with wrong MD5 signature

=head1 PURPOSE

  To check that if COOKIE-ECHO chunk is received with wrong MD5 signature
  then the endpoint should silent discard the COOKIE-ECHO chunk.

=head1 SYNOPSIS

=begin html
<PRE>
  <A HREF="./CookieEchoBadMD5.seq">./CookieEchoBadMD5.seq</A> [-tooloption ...] -pkt <A HREF="./CookieEchoBadMD5.def">./CookieEchoBadMD5.def</A>
    -tooloption : v6eval tool option
  See Also: <A HREF="../common/STD_PKT_COMMON.def">../common/STD_PKT_COMMON.def</A>
            <A HREF="../common/SCTP_COMMON.def">../common/SCTP_COMMON.def</A>
</PRE>

=end html

=head1 PRE-TEST CONDITION

  Association is not established between endpoint A and B. Arrange the data
  in endpoint A such that COOKIE-ECHO message is sent with MD5 signature
  different from received cookie in INIT-ACK. 

=head1 TEST PROCEDURE

  Endpoint A                           Endpoint B                ULP
  (CLOSED)                             (CLOSED)

                                                   <-----    Associate
  INIT          ----------------->

                <-----------------      INIT-ACK

  COOKIE-ECHO   ----------------->      Silently discarded
  (with wrong MD5 signature)
  COOKIE-ECHO   ----------------->

                <-----------------      COOKIE-ACK

  TEST DESCRIPTION:

  1. Try to initiate an association from endpoint A to B.Send COOKIE-ECHO 
     message containing different MD5 signature from the one received in 
     INIT-ACK. 
     Record the message sequence using a signal emulator.
  2. Check A: COOKIE-ECHO message is discarded.
  3. Check B: Association remains in closed state. 
  4. Check C: COOKIE-ACK will not be sent from endpoint B.

=head1 NOTE

  None

=head1 REFERENCE

  RFC 4960

  5.1.5.  State Cookie Authentication

    When an endpoint receives a COOKIE ECHO chunk from another endpoint
    with which it has no association, it shall take the following
    actions:

    1)  Compute a MAC using the TCB data carried in the State Cookie and
        the secret key (note the timestamp in the State Cookie MAY be
        used to determine which secret key to use).  [RFC2104] can be
        used as a guideline for generating the MAC,

=begin html
<PRE>
    <B>2)  Authenticate the State Cookie as one that it previously generated
        by comparing the computed MAC against the one carried in the
        State Cookie.  If this comparison fails, the SCTP packet,
        including the COOKIE ECHO and any DATA chunks, should be silently
        discarded,</B>
</PRE>

=end html

    3)  Compare the port numbers and the Verification Tag contained
        within the COOKIE ECHO chunk to the actual port numbers and the
        Verification Tag within the SCTP common header of the received
        packet.  If these values do not match, the packet MUST be
        silently discarded.