From 242925f26c01181a09f3a86412a186906d234e77 Mon Sep 17 00:00:00 2001
From: Michael Rash <mbr@cipherdyne.org>
Date: Sat, 3 Feb 2024 19:12:36 -0500
Subject: [PATCH 1/3] [test suite] prefer the 'ip' command to the older
 'ifconfig' command

---
 test/test-fwknop.pl | 89 +++++++++++++++++++++++++++++++++------------
 1 file changed, 66 insertions(+), 23 deletions(-)

diff --git a/test/test-fwknop.pl b/test/test-fwknop.pl
index 5c5f6ae0..ec46b38f 100755
--- a/test/test-fwknop.pl
+++ b/test/test-fwknop.pl
@@ -305,6 +305,7 @@
 our $perl_path = '';
 our $prove_path = '';
 our $ifconfig_path = '';
+our $ip_path = '';
 my  $readelf_path = '';
 our $platform = '';
 our $help = 0;
@@ -760,7 +761,9 @@
 ### run an fwknop command under gdb from a previous test run
 exit &gdb_test_cmd() if $gdb_test_file;
 
-$ifconfig_path = &find_command('ifconfig') unless $ifconfig_path;
+### only need one of 'ip' or 'ifconfig', prefer 'ip'
+$ip_path = &find_command('ip') unless $ip_path;
+$ifconfig_path = &find_command('ifconfig') unless $ifconfig_path or $ip_path;
 &identify_loopback_intf() unless $list_mode or $client_only_mode;
 
 ### make sure everything looks as expected before continuing
@@ -6133,9 +6136,15 @@ ()
 
     &start_fwknopd($test_hr);
 
-    &run_cmd("$ifconfig_path lo down", $cmd_out_tmp, $curr_test_file);
-    sleep 5;
-    &run_cmd("$ifconfig_path lo up", $cmd_out_tmp, $curr_test_file);
+    if ($ip_path) {
+        &run_cmd("$ip_path link set $loopback_intf down", $cmd_out_tmp, $curr_test_file);
+        sleep 5;
+        &run_cmd("$ip_path link set $loopback_intf up", $cmd_out_tmp, $curr_test_file);
+    } else {
+        &run_cmd("$ifconfig_path $loopback_intf down", $cmd_out_tmp, $curr_test_file);
+        sleep 5;
+        &run_cmd("$ifconfig_path $loopback_intf up", $cmd_out_tmp, $curr_test_file);
+    }
 
     if (&is_fwknopd_running()) {
         $rv = 0 unless $test_hr->{'no_exit_intf_down'} eq $YES;
@@ -7107,11 +7116,17 @@ ()
             $cmd_out_tmp, $curr_test_file);
 
     my $have_gpgme = 0;
+    my $net_cmd = '';
+    if ($ip_path) {
+        $net_cmd = "$ip_path addr";
+    } else {
+        $net_cmd = "$ifconfig_path -a";
+    }
 
     for my $cmd (
         'uname -a',
         'uptime',
-        'ifconfig -a',
+        "$net_cmd",
         'ls -l /etc', 'if [ -e /etc/issue ]; then cat /etc/issue; fi',
         'if [ `which iptables` ]; then iptables -V; fi',
         'if [ -e /proc/cpuinfo ]; then cat /proc/cpuinfo; fi',
@@ -7761,7 +7776,7 @@ ()
     $lcov_path = &find_command('lcov') unless $lcov_path;
     $genhtml_path = &find_command('genhtml') unless $genhtml_path;
 
-    unless ($ifconfig_path) {
+    unless ($ip_path or $ifconfig_path) {
         push @tests_to_exclude, qr/down interface/;
     }
 
@@ -7980,10 +7995,18 @@ ()
 sub identify_loopback_intf() {
     return if $loopback_intf;
 
-    die "[*] ifconfig command not found, use --loopback <name>"
-        unless $ifconfig_path;
+    die "[*] ip and ifconfig commands not found, use --loopback <name>"
+        unless $ip_path or $ifconfig_path;
+
+    ### Linux 'ip addr'
+    ### 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
+    ###     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+    ###     inet 127.0.0.1/8 scope host lo
+    ###         valid_lft forever preferred_lft forever
+    ###     inet6 ::1/128 scope host
+    ###         valid_lft forever preferred_lft forever
 
-    ### Linux:
+    ### Linux 'ifconfig -a':
 
     ### lo    Link encap:Local Loopback
     ###       inet addr:127.0.0.1  Mask:255.0.0.0
@@ -8006,23 +8029,43 @@ ()
     my $intf = '';
     my $found_loopback_intf = 0;
 
-    my $cmd = "$ifconfig_path -a";
-    open C, "$cmd |" or die "[*] (use --loopback <name>) $cmd: $!";
-    while (<C>) {
-        if (/^(\S+?):?\s+.*loopback/i) {
-            $intf = $1;
-            next;
-        }
-        if (/^\S/ and $intf and not $found_loopback_intf) {
-            ### should not happen
-            last;
+    if ($ip_path) {
+        my $cmd = "$ip_path addr";
+        open C, "$cmd |" or die "[*] (use --loopback <name>) $cmd: $!";
+        while (<C>) {
+            if (/^\s*\d+\:\s+(\S+?)\:\s+.*loopback/i) {
+                $intf = $1;
+                next;
+            }
+            if (/^\S/ and $intf and not $found_loopback_intf) {
+                ### should not happen
+                last;
+            }
+            if ($intf and /\b127\.0\.0\.1/) {
+                $found_loopback_intf = 1;
+                last;
+            }
         }
-        if ($intf and /\b127\.0\.0\.1\b/) {
-            $found_loopback_intf = 1;
-            last;
+        close C;
+    } else {
+        my $cmd = "$ifconfig_path -a";
+        open C, "$cmd |" or die "[*] (use --loopback <name>) $cmd: $!";
+        while (<C>) {
+            if (/^(\S+?):?\s+.*loopback/i) {
+                $intf = $1;
+                next;
+            }
+            if (/^\S/ and $intf and not $found_loopback_intf) {
+                ### should not happen
+                last;
+            }
+            if ($intf and /\b127\.0\.0\.1\b/) {
+                $found_loopback_intf = 1;
+                last;
+            }
         }
+        close C;
     }
-    close C;
 
     die "[*] could not determine loopback interface, use --loopback <name>"
         unless $found_loopback_intf;

From 091335a6dcddd77b6075bc6e2194f495af6dcc68 Mon Sep 17 00:00:00 2001
From: Michael Rash <mbr@cipherdyne.org>
Date: Sat, 3 Feb 2024 19:12:54 -0500
Subject: [PATCH 2/3] ChangeLog updates for 2.6.11

---
 ChangeLog | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index ccafc9cc..5be1f225 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,11 @@ fwknop-2.6.11 (12/09/2019):
       --user-agent option to specify any desired User-Agent string. This
       feature was added to close issue #296 reported by github user
       @fishcreek.
+    - [test suite] Add gpg.conf and gpg-agent.conf to set 'pinentry-mode
+      loopback' to restore GPG full cycle tests. This works with GPG 2.2.27 on
+      Ubuntu 22.04 for example.
+    - [test suite] Prefer the 'ip' command over the older 'ifconfig' command
+      for interface operations and loopback detection.
 
 fwknop-2.6.10 (08/06/2018):
     - [server] Add MAX_FW_TIMEOUT to access.conf stanzas to allow a maximum

From 77cc88a01119328a26cf4eb81463b0413956ced6 Mon Sep 17 00:00:00 2001
From: Michael Rash <mbr@cipherdyne.org>
Date: Sat, 3 Feb 2024 19:22:39 -0500
Subject: [PATCH 3/3] [test suite] paths fixes for Makefile.am tests

---
 test/test-fwknop.pl | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/test/test-fwknop.pl b/test/test-fwknop.pl
index ec46b38f..67791c31 100755
--- a/test/test-fwknop.pl
+++ b/test/test-fwknop.pl
@@ -1985,15 +1985,15 @@ ()
 
     open F, "< $make_file" or die $!;
     while (<F>) {
-        if (m|test/$conf_dir/(\S+)|) {
+        if (m|conf/(\S+)|) {
             $makefile_conf_files{$1} = '';
-        } elsif (m|test/$tests_dir/(\S+)|) {
+        } elsif (m|test/tests/(\S+)|) {
             $makefile_test_scripts{$1} = '';
         }
     }
     close F;
 
-    for my $f (glob("$conf_dir/*")) {
+    for my $f (glob("conf/*")) {
         next if -d $f;
         next unless $f =~ /\.conf/ or $f =~ /fwknop/;
         if ($f =~ m|$conf_dir/(\S+)|) {
@@ -2005,8 +2005,8 @@ ()
         }
     }
 
-    for my $f (glob("$tests_dir/*.pl")) {
-        if ($f =~ m|$tests_dir/(\S+)|) {
+    for my $f (glob("tests/*.pl")) {
+        if ($f =~ m|tests/(\S+)|) {
             unless (defined $makefile_test_scripts{$1}) {
                 &write_test_file("[-] test suite script file $1 not in $make_file.\n",
                     $curr_test_file);