From patchwork Thu Jan  9 14:42:47 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Gert Doering <gert@greenie.muc.de>
X-Patchwork-Id: 4041
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:1539:b0:5e7:b9eb:58e8 with SMTP id
 a25csp1379400mar;
        Thu, 9 Jan 2025 06:43:10 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCVcvdwFkw62DGPIoGIvMAZjrmbOIjGwdKml00rbE6TNroVXWr1P8USrAgRQJYRnsdy+kCiMKYo9tbE=@openvpn.net
X-Google-Smtp-Source: 
 AGHT+IFtWJBBHxursMT3RVsGBgDB0ROhDirLbqYylwhMis1lT2LIkR0uwET35Xdd+gW+ykTBDOWd
X-Received: by 2002:a05:6808:6413:b0:3ec:d30f:60e3 with SMTP id
 5614622812f47-3ef2edca72dmr3668647b6e.39.1736433790339;
        Thu, 09 Jan 2025 06:43:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1736433790; cv=none;
        d=google.com; s=arc-20240605;
        b=kSxFxcnBRnsPev5zlgvRPpRPmcUD3hJetHaNN0MCfhBPwficHYfDMlYuRQotUJOt7H
         C87WOXQmU4fLfaXuLtFyiCrs7QxPbqo68sVmuNTq7OoY8A5s0jij1FqBnqtott7YKXAi
         JkBHOJe6Z2VEV20qdtD7AXev2gHy6s3BdFxfGK67uC1JhlLKdt3zdGoX02Minhk0YFW+
         Oiko663mPAjVsPQEb8Qfh8aDYqh7uct/vo0Hx28FJgqHb6YyeUXPLO7Lta2ftWCWpclg
         iugsH0AaJ7sm4E+wbTaY0nJo3ubR15djYzkX8POoszrJr9sjUNaZYuMsBaND2YMcxrtU
         Tg/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:references:in-reply-to:message-id:date:to:from
         :dkim-signature:dkim-signature;
        bh=48qjVvSKNUuIeOEKdCkS9USlhGLWkd48vDENBpArnzM=;
        fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=;
        b=ULrSFEljw5tH9HdTtILbOW42CIP/HWBmZguzMAQCh7urR/1+tYIwCKV0iKBeaiJ9EY
         aq4mCh777qpYIea7fqVrcLGje3Oecn3sbnMpoaknUzk0/9z9iXhw3gOSGsQJGP38Nwcl
         xjI7umYUfpeq5TCcYmhWjj7yLxGdBlIBDcBm2QlbWOmlGUaDk6i561gobyn06urGQiXF
         ZYZK61rniZ4fDdyUQ3ipFj0Q9G1ykGq2381kO2OIn/O51z3H6gNe+AQ1yNHo2oX3a+BQ
         SA1+PwhGH+gmIvi3YBXkgD1CxADFm27uxMZCF9l4Dm7hkU3828p19adS0zi2ucB59z9C
         zI2Q==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=Gm58sdf9;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=CxTDk1sx;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 5614622812f47-3f037aa87f7si1020868b6e.288.2025.01.09.06.43.10
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 09 Jan 2025 06:43:10 -0800 (PST)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=Gm58sdf9;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=CxTDk1sx;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
	by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1tVtkW-0000mU-DD;
	Thu, 09 Jan 2025 14:43:05 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
 by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <gert@blue.greenie.muc.de>) id 1tVtkV-0000mM-0H
 for openvpn-devel@lists.sourceforge.net;
 Thu, 09 Jan 2025 14:43:03 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version
 :References:In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=uFOwbG8SXJmssUXJx3jjDeTWYiC1HnhDp1SfX3esBRs=; b=Gm58sdf9qxnRh4CnDsHBGumO7W
 U+I2CTQ3XkagUDiZw1msTdE2Nw3r8/4Unm2VJWXEoXDRXrHsljTrK+8jnK41RQj35DgYGXauDJkBV
 Y79cWa9oU135m0Ny50itPMh7O6pnBMtlmb+AslmjyOAhtc1ueEFxYQryUfRSbmvCZSXI=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:Content-Type:MIME-Version:References:
 In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=uFOwbG8SXJmssUXJx3jjDeTWYiC1HnhDp1SfX3esBRs=; b=CxTDk1sx+AnHIUqTITA15iKROi
 BSFqLRhyn7wqveN6J+iv9+ZLu7/kuy+mzleiGj+mf4tabF4X+Ih2lP1N/+1tfAnYHHRHwc6CeoBnv
 t6zmZV1/vF40tumYCxC+0zdfPaGAsUSweIhvVSBVpBW4TVuUtIdRGyiklJaovpYUqg9w=;
Received: from dhcp-174.greenie.muc.de ([193.149.48.174]
 helo=blue.greenie.muc.de)
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1tVtkT-0000Rs-AT for openvpn-devel@lists.sourceforge.net;
 Thu, 09 Jan 2025 14:43:03 +0000
Received: from blue.greenie.muc.de (localhost [127.0.0.1])
 by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 509EgnDR009144
 for <openvpn-devel@lists.sourceforge.net>; Thu, 9 Jan 2025 15:42:49 +0100
Received: (from gert@localhost)
 by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 509EgnEc009143
 for openvpn-devel@lists.sourceforge.net; Thu, 9 Jan 2025 15:42:49 +0100
From: Gert Doering <gert@greenie.muc.de>
To: openvpn-devel@lists.sourceforge.net
Date: Thu,  9 Jan 2025 15:42:47 +0100
Message-ID: <20250109144248.9133-1-gert@greenie.muc.de>
X-Mailer: git-send-email 2.45.2
In-Reply-To: 
 <gerrit.1732208116000.Ie63f302402f469c3aa48ac146ca6b8c029f0d250@gerrit.openvpn.net>
References: 
 <gerrit.1732208116000.Ie63f302402f469c3aa48ac146ca6b8c029f0d250@gerrit.openvpn.net>
MIME-Version: 1.0
X-Spam-Score: 0.0 (/)
X-Spam-Report: =?unknown-8bit?q?Spam_detection_software=2C_running_on_the_sy?=
	=?unknown-8bit?q?stem_=22util-spamd-2=2Ev13=2Elw=2Esourceforge=2Ecom=22=2C?=
	=?unknown-8bit?q?_has_NOT_identified_this_incoming_email_as_spam=2E__The_ori?=
	=?unknown-8bit?q?ginal?=
	=?unknown-8bit?q?_message_has_been_attached_to_this_so_you_can_view_it_or_la?=
	=?unknown-8bit?q?bel?=
	=?unknown-8bit?q?_similar_future_email=2E__If_you_have_any_questions=2C_see?=
	=?unknown-8bit?q?_the_administrator_of_that_system_for_details=2E?=
	=?unknown-8bit?q?_?=
	=?unknown-8bit?q?_Content_preview=3A__From=3A_Samuli_Sepp=C3=A4nen_=3Csamuli?=
	=?unknown-8bit?q?=2Eseppanen=40gmail=2Ecom=3E_Change-Id=3A?=
	=?unknown-8bit?q?_Ie63f302402f469c3aa48ac146ca6b8c029f0d250_Signed-off-by=3A?=
	=?unknown-8bit?q?_Samuli_Sepp=C3=A4nen?=
	=?unknown-8bit?q?_=3Csamuli=2Eseppanen=40gmail=2Ecom=3E_Acked-by=3A_Frank_Li?=
	=?unknown-8bit?q?chtenheld_=3Cfrank=40lichtenheld=2Ecom=3E?=
	=?unknown-8bit?q?_---_?=
	=?unknown-8bit?q?_?=
	=?unknown-8bit?q?_Content_analysis_details=3A___=280=2E0_points=2C_6=2E0_req?=
	=?unknown-8bit?q?uired=29?=
	=?unknown-8bit?q?_?=
	=?unknown-8bit?q?_pts_rule_name______________description?=
	=?unknown-8bit?q?_----_----------------------_------------------------------?=
	=?unknown-8bit?q?--------------------?=
	=?unknown-8bit?q?_0=2E0_RCVD=5FIN=5FVALIDITY=5FRPBL=5FBLOCKED_RBL=3A_ADMINIS?=
	=?unknown-8bit?q?TRATOR_NOTICE=3A_The?=
	=?unknown-8bit?q?_query_to_Validity_was_blocked=2E__See?=
	=?unknown-8bit?q?_https=3A//knowledge=2Evalidity=2Ecom/hc/en-us/articles/209?=
	=?unknown-8bit?q?61730681243?=
	=?unknown-8bit?q?_for_more_information=2E?=
	=?unknown-8bit?q?_=5B193=2E149=2E48=2E174_listed_in_bl=2Escore=2Esenderscore?=
	=?unknown-8bit?q?=2Ecom=5D?=
	=?unknown-8bit?q?_0=2E0_RCVD=5FIN=5FVALIDITY=5FSAFE=5FBLOCKED_RBL=3A_ADMINIS?=
	=?unknown-8bit?q?TRATOR_NOTICE=3A_The?=
	=?unknown-8bit?q?_query_to_Validity_was_blocked=2E__See?=
	=?unknown-8bit?q?_https=3A//knowledge=2Evalidity=2Ecom/hc/en-us/articles/209?=
	=?unknown-8bit?q?61730681243?=
	=?unknown-8bit?q?_for_more_information=2E?=
	=?unknown-8bit?q?_=5B193=2E149=2E48=2E174_listed_in_sa-trusted=2Ebondedsende?=
	=?unknown-8bit?q?r=2Eorg=5D?=
	=?unknown-8bit?q?_-0=2E0_SPF=5FHELO=5FPASS__________SPF=3A_HELO_matches_SPF_?=
	=?unknown-8bit?q?record?=
	=?unknown-8bit?q?_-0=2E0_SPF=5FPASS_______________SPF=3A_sender_matches_SPF_?=
	=?unknown-8bit?q?record?=
X-Headers-End: 1tVtkT-0000Rs-AT
Subject: [Openvpn-devel] [PATCH v8] Add lwip support to t_server_null
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1820782798177824590?=
X-GMAIL-MSGID: =?utf-8?q?1820782798177824590?=

From: Samuli Seppänen <samuli.seppanen@gmail.com>

Change-Id: Ie63f302402f469c3aa48ac146ca6b8c029f0d250
Signed-off-by: Samuli Seppänen <samuli.seppanen@gmail.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/811
This mail reflects revision 8 of this Change.

Acked-by according to Gerrit (reflected above):
Frank Lichtenheld <frank@lichtenheld.com>

diff --git a/doc/t_server_null.rst b/doc/t_server_null.rst
index 5fe9080..473a7bd 100644
--- a/doc/t_server_null.rst
+++ b/doc/t_server_null.rst
@@ -16,7 +16,7 @@
 
 * Parallelized for fairly high performance
 * Mostly operating-system agnostic
-* Tested on Fedora Linux 38/39/40 and FreeBSD 14
+* Tested on Fedora Linux 38/39/40, FreeBSD 14, NetBSD 10.0 and OpenBSD 7.5
 * POSIX-compliant
 * Tested and known to work with Bash, Dash, Ksh, Yash and FreeBSD's default /bin/sh
 * Uses the sample certificates and keys
@@ -31,6 +31,7 @@
 * Test cases (client configurations) and server setups (server configurations) are stored in a configuration file, i.e. data and code have been separated
 * Configuration file format is nearly identical to t_client.rc configuration
 * Supports a set of default tests, overriding default test settings and adding local tests
+* Supports client ping tests if ovpnlwip is available
 
 Prerequisites
 -------------
@@ -60,8 +61,9 @@
 #. Server instances start
 #. Brief wait
 #. Client instances start
-#. Tests run
+#. ovpnlwip ping tests run
 #. Client instances stop
+#. Test results are collected
 #. Brief wait
 #. Server instances stop
 
@@ -77,7 +79,8 @@
 
     * t_server_null_client.sh
 
-      * Waits until servers have launched. Then launch all clients, wait for them to exit and then check test results by parsing the client log files. Each client kills itself after some delay using an "--up" script.
+      * Waits until servers have launched. Then launch all clients, run ovpnlwip ping tests (if any), wait for clients to exit and then check test results by parsing the client log files. Each client kills itself after some delay using an "--up" script.
+
 
 Configuration
 -------------
@@ -116,6 +119,19 @@
 
   TEST_RUN_LIST="1 2 5 9"
 
+Client ping tests that use ovpnlwip can be added similarly:
+
+  TEST_NAME_9L="t_server_null_client.sh-openvpn_current_udp_custom_lwip"
+  SHOULD_PASS_9L="yes"
+  CLIENT_EXEC_9L="${CLIENT_EXEC}"
+  CLIENT_CONF_9L="${CLIENT_CONF_BASE_LWIP} --remote 127.0.0.1 1194 udp --proto udp"
+
+Note that all ovpnlwip test names need to include a "_lwip" suffix: without it
+ping tests won't get activated. Also note that the *tests* directory needs to
+have the lwipovpn executable or ovpnlwip tests will get skipped. The ovpnlwip
+ping tests get the IP addresses to ping from the \*.ips files created by the
+lwip_client_up.sh script --up script.
+
 Stress-testing the --dev null test suite
 ----------------------------------------
 
diff --git a/tests/lwip_client_up.sh b/tests/lwip_client_up.sh
new file mode 100755
index 0000000..307a9cb
--- /dev/null
+++ b/tests/lwip_client_up.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+#
+# Add this client's IP to a file
+if ! grep -q "$ifconfig_local" ./$test_name.ips; then
+    echo -n "$ifconfig_local " >> ./$test_name.ips
+fi
+
+# Determine the OpenVPN PID from its pid file. This works reliably even when
+# the OpenVPN process is backgrounded for parallel tests.
+MY_PPID=`cat $pid`
+
+# Allow OpenVPN to finish initializing while waiting in the background and then
+# killing the process gracefully. Also wait for fping tests to finish.
+(sleep 5
+
+count=0
+maxcount=15
+while [ $count -le $maxcount ]; do
+    if pgrep fping > /dev/null 2>&1; then
+        echo "Waiting for fping to exit ($count/$maxcount)"
+        count=$(( count + 1))
+        sleep 1
+    else
+        echo "fping not running anymore"
+        break
+    fi
+done
+
+kill -15 $MY_PPID
+) &
diff --git a/tests/t_server_null_client.sh b/tests/t_server_null_client.sh
index 2210e63..78050ae 100755
--- a/tests/t_server_null_client.sh
+++ b/tests/t_server_null_client.sh
@@ -1,5 +1,17 @@
 #!/bin/sh
 
+should_run_test() {
+    test_name="$1"
+
+    if echo "$test_name"|grep -q _lwip; then
+        if [ "$has_lwipovpn" = "no" ]; then
+            return 1
+        fi
+    fi
+
+    return 0
+}
+
 launch_client() {
     test_name=$1
     log="${test_name}.log"
@@ -13,10 +25,47 @@
     "${client_exec}" \
         $client_conf \
         --writepid "${pid}" \
-        --setenv pid $pid \
+        --setenv pid "$pid" \
+        --setenv test_name "$test_name" \
         --log "${t_server_null_logdir}/${log}" &
 }
 
+ping_lwip_clients() {
+    if [ "$has_lwipovpn" = "yes" ]; then
+        lwip_client_count=$(echo "$lwip_test_names"|wc -w|tr -d " ")
+    else
+        lwip_client_count=0
+    fi
+
+    if [ $lwip_client_count -eq 0 ]; then
+        return 0
+    fi
+
+    count=0
+    maxcount=10
+    while [ $count -le $maxcount ]; do
+        lwip_client_ips=$(cat ./*.ips 2>/dev/null|wc -w|tr -d " ")
+        if [ $lwip_client_ips -lt $lwip_client_count ]; then
+            echo "Waiting for LWIP clients to start up ($count/$maxcount)"
+            count=$(( count + 1))
+            sleep 1
+        else
+            echo "$lwip_client_ips/$lwip_client_count LWIP clients up"
+            break
+        fi
+    done
+
+    LWIP_CLIENTS=$(cat ./*.ips 2>/dev/null)
+    if [ "$LWIP_CLIENTS" ]; then
+        if fping -c 5 $LWIP_CLIENTS; then
+            echo "PASS: lwipovpn client ping tests passed"
+        else
+            echo "FAIL: pinging one or more lwipovpn client IP addresses failed"
+            retval=1
+        fi
+    fi
+}
+
 wait_for_results() {
     tests_running="yes"
 
@@ -77,7 +126,7 @@
 server_max_wait=15
 while [ $count -lt $server_max_wait ]; do
     servers_up=0
-    server_count=$(echo $TEST_SERVER_LIST|wc -w)
+    server_count=$(echo "$TEST_SERVER_LIST"|wc -w|tr -d " ")
 
     # We need to trim single-quotes because some shells return quoted values
     # and some don't. Using "set -o posix" which would resolve this problem is
@@ -85,8 +134,8 @@
     #
     # While inactive server configurations may get checked they won't increase
     # the active server count as the processes won't be running.
-    for i in `set|grep 'SERVER_NAME_'|cut -d "=" -f 2|tr -d "[\']"`; do
-        server_pid=$(cat $i.pid 2> /dev/null)
+    for i in $(set|grep 'SERVER_NAME_'|cut -d "=" -f 2|tr -d "[\']"); do
+        server_pid=$(cat "$i.pid" 2> /dev/null)
         if [ -z "$server_pid" ] ; then
             continue
         fi
@@ -111,6 +160,18 @@
     fi
 done
 
+# Check for presence of the lwipovpn executable
+if test -r "$LWIPOVPN_PATH"; then
+    has_lwipovpn="yes"
+else
+    has_lwipovpn="no"
+    echo "WARNING: lwipovpn executable is missing: lwip tests will be skipped"
+fi
+
+# Remove existing LWIP client IP files. This is to avoid pinging non-existent
+# IP addresses when tests are disabled.
+$RUN_SUDO rm -f ./*.ips
+
 # Wait a while to let server processes to settle down
 sleep 1
 
@@ -118,6 +179,7 @@
 # is used later to determine when all OpenVPN clients have exited and it is
 # safe to check the test results.
 test_names=""
+lwip_test_names=""
 for SUF in $TEST_RUN_LIST
 do
     eval test_name=\"\$TEST_NAME_$SUF\"
@@ -125,9 +187,18 @@
     eval client_conf=\"\$CLIENT_CONF_$SUF\"
 
     test_names="${test_names} ${test_name}"
-    (launch_client "${test_name}" "${client_exec}" "${client_conf}")
+
+    if echo "$test_name"|grep -q _lwip; then
+        lwip_test_names="${lwip_test_names} ${test_name}"
+    fi
+
+    if should_run_test "$test_name"; then
+        (launch_client "${test_name}" "${client_exec}" "${client_conf}")
+    fi
 done
 
+ping_lwip_clients
+
 # Wait until all OpenVPN clients have exited
 (wait_for_results)
 
@@ -137,7 +208,9 @@
     eval test_name=\"\$TEST_NAME_$SUF\"
     eval should_pass=\"\$SHOULD_PASS_$SUF\"
 
-    get_client_test_result "${test_name}" "${should_pass}"
+    if should_run_test "$test_name"; then
+        get_client_test_result "${test_name}" "${should_pass}"
+    fi
 done
 
 exit $retval
diff --git a/tests/t_server_null_default.rc b/tests/t_server_null_default.rc
index cbf4877..e7bf5bc 100755
--- a/tests/t_server_null_default.rc
+++ b/tests/t_server_null_default.rc
@@ -20,6 +20,15 @@
 SERVER_KEY="${sample_keys}/server.key"
 TA="${sample_keys}/ta.key"
 
+# This parameter can't be overridden in t_server_null.rc because that gets
+# loaded too late. However, you can use
+#
+# LWIPOVPN_PATH=/some/path/to/lwipovpn make check
+#
+# to run the tests using lwipovpn in a custom location
+#
+LWIPOVPN_PATH="${LWIPOVPN_PATH:-lwipovpn}"
+
 # Used to detect if graceful kill of any server instance failed during the test
 # run
 SERVER_KILL_FAIL_FILE=".t_server_null_server.kill_failed"
@@ -28,7 +37,7 @@
 MAX_CLIENTS="10"
 CLIENT_MATCH="Test-Client"
 SERVER_EXEC="${top_builddir}/src/openvpn/openvpn"
-SERVER_BASE_OPTS="--daemon --local 127.0.0.1 --dev tun --topology subnet --max-clients $MAX_CLIENTS --persist-tun --verb 3"
+SERVER_BASE_OPTS="--daemon --local 127.0.0.1 --dev tun --topology subnet --max-clients $MAX_CLIENTS --persist-tun --verb 3 --duplicate-cn"
 SERVER_CIPHER_OPTS=""
 SERVER_CERT_OPTS="--ca ${CA} --dh ${DH} --cert ${SERVER_CERT} --key ${SERVER_KEY} --tls-auth ${TA} 0"
 SERVER_CONF_BASE="${SERVER_BASE_OPTS} ${SERVER_CIPHER_OPTS} ${SERVER_CERT_OPTS}"
@@ -49,23 +58,37 @@
 
 # Test client configurations
 CLIENT_EXEC="${top_builddir}/src/openvpn/openvpn"
-CLIENT_BASE_OPTS="--client --dev null --ifconfig-noexec --nobind --remote-cert-tls server --persist-tun --verb 3 --resolv-retry infinite --connect-retry-max 3 --server-poll-timeout 5 --explicit-exit-notify 3 --script-security 2 --up ${srcdir}/null_client_up.sh"
+CLIENT_BASE_OPTS="--client --nobind --remote-cert-tls server --persist-tun --verb 3 --resolv-retry infinite --connect-retry-max 3 --server-poll-timeout 5 --explicit-exit-notify 3 --script-security 2"
+CLIENT_NULL_OPTS="--dev null --ifconfig-noexec --up ${srcdir}/null_client_up.sh"
+CLIENT_LWIP_OPTS="--dev null --dev-node unix:${LWIPOVPN_PATH} --up ${srcdir}/lwip_client_up.sh"
+
 CLIENT_CIPHER_OPTS=""
 CLIENT_CERT_OPTS="--ca ${CA} --cert ${CLIENT_CERT} --key ${CLIENT_KEY} --tls-auth ${TA} 1"
 
-TEST_RUN_LIST="1 2 3"
-CLIENT_CONF_BASE="${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}"
+TEST_RUN_LIST="1 1L 2 2L 3"
+CLIENT_CONF_BASE="${CLIENT_NULL_OPTS} ${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}"
+CLIENT_CONF_BASE_LWIP="${CLIENT_LWIP_OPTS} ${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}"
 
 TEST_NAME_1="t_server_null_client.sh-openvpn_current_udp"
 SHOULD_PASS_1="yes"
 CLIENT_EXEC_1="${CLIENT_EXEC}"
 CLIENT_CONF_1="${CLIENT_CONF_BASE} --remote 127.0.0.1 1194 udp --proto udp"
 
+TEST_NAME_1L="t_server_null_client.sh-openvpn_current_udp_lwip"
+SHOULD_PASS_1L="yes"
+CLIENT_EXEC_1L="${CLIENT_EXEC}"
+CLIENT_CONF_1L="${CLIENT_CONF_BASE_LWIP} --remote 127.0.0.1 1194 udp --proto udp"
+
 TEST_NAME_2="t_server_null_client.sh-openvpn_current_tcp"
 SHOULD_PASS_2="yes"
 CLIENT_EXEC_2="${CLIENT_EXEC}"
 CLIENT_CONF_2="${CLIENT_CONF_BASE} --remote 127.0.0.1 1195 tcp --proto tcp"
 
+TEST_NAME_2L="t_server_null_client.sh-openvpn_current_tcp_lwip"
+SHOULD_PASS_2L="yes"
+CLIENT_EXEC_2L="${CLIENT_EXEC}"
+CLIENT_CONF_2L="${CLIENT_CONF_BASE_LWIP} --remote 127.0.0.1 1195 tcp --proto tcp"
+
 TEST_NAME_3="t_server_null_client.sh-openvpn_current_udp_fail"
 SHOULD_PASS_3="no"
 CLIENT_EXEC_3="${CLIENT_EXEC}"