From patchwork Wed Mar 5 13:46:42 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 4163 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:b342:b0:5e7:b9eb:58e8 with SMTP id w2csp764924maz; Wed, 5 Mar 2025 05:47:06 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCVhPc2QVUMyzo8Ixn5PNfa7OrT2HegNv574jtgqBWKEYWixiu66pOnO4hqx8PafgH3uvDJiE1DQut4=@openvpn.net X-Google-Smtp-Source: AGHT+IHsN1boGseP/qtrj04Bf69fiKnLScgOA46Zymy9ZVP/WnReQycpWbGEPpJwXzsPT7jxrDks X-Received: by 2002:a05:6870:3c8a:b0:29e:6b27:72d with SMTP id 586e51a60fabf-2c21cdb8fbdmr1733694fac.26.1741182426491; Wed, 05 Mar 2025 05:47:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1741182426; cv=none; d=google.com; s=arc-20240605; b=VHvJNnU1uQ87JwKRVabbshYGTPIJwi0sEREr79E6FxpNxNztAJPEIXawrZDhHKhNcV Vu1Znwn1IR58s4mD6fDm9D55UkemYmWqowmLFyRLcFsjMTqKJJD6sTvdN//17N5gRbNm iNiZG8L+A/csr+JobxZkgb1AAcUC9fgK8djjq4q6sKLPeRlsMd/bLuzhalAWxEQUG2XD KpM7lljEPTZq59gINZaDBUgRnO1RcKXavyDs9bw9wlaIEMk/AIMwFSnH0c6Z+7zwD1EF y2AMOJmOcR6OLndEKyNImVmw8eo9AVw5Icx7OwnpuXa/jSOT3pYZHkBzVvruVSvF+vd/ IwcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=+HMbnZSYxb1vE9nrS7VhuVLpeuPOoGuc+prwSAiRF1c=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=TmW0oYgyMbIs8aon6cQxs2MxzAsLX9NbBYI1BfGfM6sn2s4TcQ3rDrOroOsexbURBU 7vwxI482abeXmLhudpWSyd5CF+WH+jgIV+kLwv/TgJkZMgxJO00Qnx7OwCpqTF+askSX 5H9TIQtV49TvsYIXB8ub0ZSFM+TYRVHj79XmAUB8MqUlnzs4nPLwK5KBo16aCLjKqgU2 rsed3wexmTFJmhTOt6N70KilKB+PLbmHcchmQ7gx5jS1ZYiur6xg4dFDmY7WYDbD6u4b OzWuxaeT1y7iJb8y1eiNxDuq1qCaV/AkB0+lJH9M5zXwLLFLfC4ZgI9clARjL6NbbGPX jIUA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=KqpaZHOL; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=JWftpjbJ; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=BgXVsS9S; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-2c15c12ff12si10841116fac.72.2025.03.05.05.47.06 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Mar 2025 05:47:06 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=KqpaZHOL; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=JWftpjbJ; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=BgXVsS9S; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1tpp5R-00031j-Sb; Wed, 05 Mar 2025 13:47:01 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tpp5P-00031c-Ru for openvpn-devel@lists.sourceforge.net; Wed, 05 Mar 2025 13:47:00 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version :References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=uqfKrF4ll7CzeboqFhDdY88dWfHxzVpIbbXzT49gpIY=; b=KqpaZHOLyQLLno+mKRWg2yTlGe i7rKak/iaT0BcJwPa7YojCR7oCGVQttPqeUCQKTtDKqxuVM6/mHVWpWTanJFNZIG49EJ1Fqh85vyn pHehoug7KqQdmiFIDwoNjirUqbHVxXSvoJyZIjCI925NYrCRj63ql7yX18g0SAl3jG5M=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=uqfKrF4ll7CzeboqFhDdY88dWfHxzVpIbbXzT49gpIY=; b=JWftpjbJHClCU9JjbFbDwe/Xy/ Tj7idEIF9wvOumgllKcO82neZOdwXkGxd3KPBM2DJvD7xA4+HkvafSQjRB0V3OL2j9PAbkkYfaR3L 32JQ5hkSz4bH7IYFEuUZG1JoiD1rCUgjl0oueFF6zBgcQgQlboDAcIIFbZ64L+Y6Anhc=; Received: from mout-p-201.mailbox.org ([80.241.56.171]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1tpp5N-0005YZ-Bo for openvpn-devel@lists.sourceforge.net; Wed, 05 Mar 2025 13:46:59 +0000 Received: from smtp2.mailbox.org (smtp2.mailbox.org [10.196.197.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-201.mailbox.org (Postfix) with ESMTPS id 4Z7DNz5DLqz9t49; Wed, 5 Mar 2025 14:46:43 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com; s=MBO0001; t=1741182403; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=uqfKrF4ll7CzeboqFhDdY88dWfHxzVpIbbXzT49gpIY=; b=BgXVsS9SfabjTDMsMKcFLVq7k8Vg0lfaaidJRHjH+J759bE80yX6acOjMv8k5mkRXYV53Q pbbKwGGj5Y+E0ilq/LY3bJVWHDKVcC18bn4gTfQFqzmn7SRClAQWYphfEskLQzBYOLt+Gn roYKy/1lBoADQYBFAl8wd6ptaEsn9M2XJ3BrDVuhWhbxO1HiWdNd7lC1+mQQbeqoTBe7sa 5VgXKg5xWNytRdDo5nasyGC1aJuXejsckJYIYqVtK1C8uuavM7B7JF0Tu3ODC1N6YZN41Z J3XJr9A+5GVR11DNidAVGJlsy5xLOVeRlbbIGeuSOFm2kLXGD7D92A/NfZmVog== From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Wed, 5 Mar 2025 14:46:42 +0100 Message-Id: <20250305134642.196598-1-frank@lichtenheld.com> In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: -0.9 (/) X-Spam-Report: =?unknown-8bit?q?Spam_detection_software=2C_running_on_the_sy?= =?unknown-8bit?q?stem_=22util-spamd-2=2Ev13=2Elw=2Esourceforge=2Ecom=22=2C?= =?unknown-8bit?q?_has_NOT_identified_this_incoming_email_as_spam=2E__The_ori?= =?unknown-8bit?q?ginal?= =?unknown-8bit?q?_message_has_been_attached_to_this_so_you_can_view_it_or_la?= =?unknown-8bit?q?bel?= =?unknown-8bit?q?_similar_future_email=2E__If_you_have_any_questions=2C_see?= =?unknown-8bit?q?_the_administrator_of_that_system_for_details=2E?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_Content_preview=3A__From=3A_Samuli_Sepp=C3=A4nen_=3Csamuli?= =?unknown-8bit?q?=2Eseppanen=40gmail=2Ecom=3E_Change-Id=3A?= =?unknown-8bit?q?_Ie63f302402f469c3aa48ac146ca6b8c029f0d250_Signed-off-by=3A?= =?unknown-8bit?q?_Samuli_Sepp=C3=A4nen?= =?unknown-8bit?q?_=3Csamuli=2Eseppanen=40gmail=2Ecom=3E_Acked-by=3A_Frank_Li?= =?unknown-8bit?q?chtenheld_=3Cfrank=40lichtenheld=2Ecom=3E?= =?unknown-8bit?q?_---_?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_Content_analysis_details=3A___=28-0=2E9_points=2C_6=2E0_re?= =?unknown-8bit?q?quired=29?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_pts_rule_name______________description?= =?unknown-8bit?q?_----_----------------------_------------------------------?= =?unknown-8bit?q?--------------------?= =?unknown-8bit?q?_-0=2E7_RCVD=5FIN=5FDNSWL=5FLOW______RBL=3A_Sender_listed_a?= =?unknown-8bit?q?t_https=3A//www=2Ednswl=2Eorg/=2C?= =?unknown-8bit?q?_low_trust?= =?unknown-8bit?q?_=5B80=2E241=2E56=2E171_listed_in_list=2Ednswl=2Eorg=5D?= =?unknown-8bit?q?_0=2E0_RCVD=5FIN=5FVALIDITY=5FSAFE=5FBLOCKED_RBL=3A_ADMINIS?= =?unknown-8bit?q?TRATOR_NOTICE=3A_The?= =?unknown-8bit?q?_query_to_Validity_was_blocked=2E__See?= =?unknown-8bit?q?_https=3A//knowledge=2Evalidity=2Ecom/hc/en-us/articles/209?= =?unknown-8bit?q?61730681243?= =?unknown-8bit?q?_for_more_information=2E?= =?unknown-8bit?q?_=5B80=2E241=2E56=2E171_listed_in_sa-accredit=2Ehabeas=2Eco?= =?unknown-8bit?q?m=5D?= =?unknown-8bit?q?_0=2E0_RCVD=5FIN=5FVALIDITY=5FRPBL=5FBLOCKED_RBL=3A_ADMINIS?= =?unknown-8bit?q?TRATOR_NOTICE=3A_The?= =?unknown-8bit?q?_query_to_Validity_was_blocked=2E__See?= =?unknown-8bit?q?_https=3A//knowledge=2Evalidity=2Ecom/hc/en-us/articles/209?= =?unknown-8bit?q?61730681243?= =?unknown-8bit?q?_for_more_information=2E?= =?unknown-8bit?q?_=5B80=2E241=2E56=2E171_listed_in_bl=2Escore=2Esenderscore?= =?unknown-8bit?q?=2Ecom=5D?= =?unknown-8bit?q?_0=2E0_SPF=5FHELO=5FNONE__________SPF=3A_HELO_does_not_publ?= =?unknown-8bit?q?ish_an_SPF_Record?= =?unknown-8bit?q?_-0=2E0_SPF=5FPASS_______________SPF=3A_sender_matches_SPF_?= =?unknown-8bit?q?record?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID=5FAU__________Message_has_a_valid_DKIM?= =?unknown-8bit?q?_or_DK_signature_from?= =?unknown-8bit?q?_author=27s_domain?= =?unknown-8bit?q?_0=2E1_DKIM=5FSIGNED____________Message_has_a_DKIM_or_DK_si?= =?unknown-8bit?q?gnature=2C_not_necessarily?= =?unknown-8bit?q?_valid?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID=5FEF__________Message_has_a_valid_DKIM?= =?unknown-8bit?q?_or_DK_signature_from?= =?unknown-8bit?q?_envelope-from_domain?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID_____________Message_has_at_least_one_v?= =?unknown-8bit?q?alid_DKIM_or_DK_signature?= X-Headers-End: 1tpp5N-0005YZ-Bo Subject: [Openvpn-devel] [PATCH v11] Add lwip support to t_server_null X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1820782798177824590?= X-GMAIL-MSGID: =?utf-8?q?1825762104167393367?= From: Samuli Seppänen Change-Id: Ie63f302402f469c3aa48ac146ca6b8c029f0d250 Signed-off-by: Samuli Seppänen Acked-by: Frank Lichtenheld --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/811 This mail reflects revision 11 of this Change. Acked-by according to Gerrit (reflected above): Frank Lichtenheld diff --git a/doc/t_server_null.rst b/doc/t_server_null.rst index 5fe9080..473a7bd 100644 --- a/doc/t_server_null.rst +++ b/doc/t_server_null.rst @@ -16,7 +16,7 @@ * Parallelized for fairly high performance * Mostly operating-system agnostic -* Tested on Fedora Linux 38/39/40 and FreeBSD 14 +* Tested on Fedora Linux 38/39/40, FreeBSD 14, NetBSD 10.0 and OpenBSD 7.5 * POSIX-compliant * Tested and known to work with Bash, Dash, Ksh, Yash and FreeBSD's default /bin/sh * Uses the sample certificates and keys @@ -31,6 +31,7 @@ * Test cases (client configurations) and server setups (server configurations) are stored in a configuration file, i.e. data and code have been separated * Configuration file format is nearly identical to t_client.rc configuration * Supports a set of default tests, overriding default test settings and adding local tests +* Supports client ping tests if ovpnlwip is available Prerequisites ------------- @@ -60,8 +61,9 @@ #. Server instances start #. Brief wait #. Client instances start -#. Tests run +#. ovpnlwip ping tests run #. Client instances stop +#. Test results are collected #. Brief wait #. Server instances stop @@ -77,7 +79,8 @@ * t_server_null_client.sh - * Waits until servers have launched. Then launch all clients, wait for them to exit and then check test results by parsing the client log files. Each client kills itself after some delay using an "--up" script. + * Waits until servers have launched. Then launch all clients, run ovpnlwip ping tests (if any), wait for clients to exit and then check test results by parsing the client log files. Each client kills itself after some delay using an "--up" script. + Configuration ------------- @@ -116,6 +119,19 @@ TEST_RUN_LIST="1 2 5 9" +Client ping tests that use ovpnlwip can be added similarly: + + TEST_NAME_9L="t_server_null_client.sh-openvpn_current_udp_custom_lwip" + SHOULD_PASS_9L="yes" + CLIENT_EXEC_9L="${CLIENT_EXEC}" + CLIENT_CONF_9L="${CLIENT_CONF_BASE_LWIP} --remote 127.0.0.1 1194 udp --proto udp" + +Note that all ovpnlwip test names need to include a "_lwip" suffix: without it +ping tests won't get activated. Also note that the *tests* directory needs to +have the lwipovpn executable or ovpnlwip tests will get skipped. The ovpnlwip +ping tests get the IP addresses to ping from the \*.ips files created by the +lwip_client_up.sh script --up script. + Stress-testing the --dev null test suite ---------------------------------------- diff --git a/tests/lwip_client_up.sh b/tests/lwip_client_up.sh new file mode 100755 index 0000000..a6b4d24 --- /dev/null +++ b/tests/lwip_client_up.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# +# Determine the OpenVPN PID from its pid file. This works reliably even when +# the OpenVPN process is backgrounded for parallel tests. +MY_PPID=`cat $pid` + +# Add this client's VPN IP and PID to a file. This enables +# t_server_null_client.sh to kill this OpenVPN client after fping tests have +# finished. +echo "$ifconfig_local,$MY_PPID" >> ./$test_name.lwip + +# Wait long enough to allow fping tests to finish. Also ensure that this +# OpenVPN client is killed even if t_server_null_client.sh failed to do it. +(sleep 15 +echo "ERROR: t_server_null_client.sh failed to kill OpenVPN client with PID $MY_PPID in test $test_name. Killing it in lwip_client_up.sh." +kill -15 $MY_PPID +) & diff --git a/tests/t_server_null_client.sh b/tests/t_server_null_client.sh index 2210e63..1745de5 100755 --- a/tests/t_server_null_client.sh +++ b/tests/t_server_null_client.sh @@ -1,5 +1,17 @@ #!/bin/sh +should_run_test() { + test_name="$1" + + if echo "$test_name"|grep -q _lwip; then + if [ "$has_lwipovpn" = "no" ]; then + return 1 + fi + fi + + return 0 +} + launch_client() { test_name=$1 log="${test_name}.log" @@ -13,10 +25,65 @@ "${client_exec}" \ $client_conf \ --writepid "${pid}" \ - --setenv pid $pid \ + --setenv pid "$pid" \ + --setenv test_name "$test_name" \ --log "${t_server_null_logdir}/${log}" & } +ping_and_kill() { + if fping -q -c 5 $1; then + echo "PASS: fping lwipovpn client $target" + else + echo "FAIL: fping lwipovpn client $target" + + # This function runs multiple times in parallel in subshells. That + # makes it hard to implement "fail the test suite if any single fping + # test fails" using exit codes or variables given the limitations of + # "wait". Therefore we use a marker file here, which solves the + # problem trivially. + touch ./lwip_failed + fi + kill -15 $2 +} + +ping_lwip_clients() { + if [ "$has_lwipovpn" = "yes" ]; then + lwip_client_count=$(echo "$lwip_test_names"|wc -w|tr -d " ") + else + lwip_client_count=0 + fi + + if [ $lwip_client_count -eq 0 ]; then + return 0 + fi + + count=0 + maxcount=10 + while [ $count -le $maxcount ]; do + lwip_client_ips=$(cat ./*.lwip 2>/dev/null|wc -l) + if [ $lwip_client_ips -lt $lwip_client_count ]; then + echo "Waiting for LWIP clients to start up ($count/$maxcount)" + count=$(( count + 1)) + sleep 1 + else + echo "$lwip_client_ips/$lwip_client_count LWIP clients up" + break + fi + done + + wait_pids="" + for line in $(cat ./*.lwip 2>/dev/null); do + target_ip=$(echo $line|cut -d "," -f 1) + client_pid=$(echo $line|cut -d "," -f 2) + ping_and_kill $target_ip $client_pid & + wait_pids="$wait_pids $!" + done + + wait $wait_pids + + test -e ./lwip_failed && return 1 || return 0 +} + wait_for_results() { tests_running="yes" @@ -77,7 +144,7 @@ server_max_wait=15 while [ $count -lt $server_max_wait ]; do servers_up=0 - server_count=$(echo $TEST_SERVER_LIST|wc -w) + server_count=$(echo "$TEST_SERVER_LIST"|wc -w|tr -d " ") # We need to trim single-quotes because some shells return quoted values # and some don't. Using "set -o posix" which would resolve this problem is @@ -85,8 +152,8 @@ # # While inactive server configurations may get checked they won't increase # the active server count as the processes won't be running. - for i in `set|grep 'SERVER_NAME_'|cut -d "=" -f 2|tr -d "[\']"`; do - server_pid=$(cat $i.pid 2> /dev/null) + for i in $(set|grep 'SERVER_NAME_'|cut -d "=" -f 2|tr -d "[\']"); do + server_pid=$(cat "$i.pid" 2> /dev/null) if [ -z "$server_pid" ] ; then continue fi @@ -111,6 +178,19 @@ fi done +# Check for presence of the lwipovpn executable +if test -r "$LWIPOVPN_PATH"; then + has_lwipovpn="yes" +else + has_lwipovpn="no" + echo "WARNING: lwipovpn executable is missing: lwip tests will be skipped" +fi + +# Remove existing LWIP client IP files. This is to avoid pinging non-existent +# IP addresses when tests are disabled. +rm -f ./*.lwip +rm -f ./lwip_failed + # Wait a while to let server processes to settle down sleep 1 @@ -118,6 +198,7 @@ # is used later to determine when all OpenVPN clients have exited and it is # safe to check the test results. test_names="" +lwip_test_names="" for SUF in $TEST_RUN_LIST do eval test_name=\"\$TEST_NAME_$SUF\" @@ -125,9 +206,20 @@ eval client_conf=\"\$CLIENT_CONF_$SUF\" test_names="${test_names} ${test_name}" - (launch_client "${test_name}" "${client_exec}" "${client_conf}") + + if echo "$test_name"|grep -q _lwip; then + lwip_test_names="${lwip_test_names} ${test_name}" + fi + + if should_run_test "$test_name"; then + (launch_client "${test_name}" "${client_exec}" "${client_conf}") + fi done +ping_lwip_clients +retval=$? + + # Wait until all OpenVPN clients have exited (wait_for_results) @@ -137,7 +229,9 @@ eval test_name=\"\$TEST_NAME_$SUF\" eval should_pass=\"\$SHOULD_PASS_$SUF\" - get_client_test_result "${test_name}" "${should_pass}" + if should_run_test "$test_name"; then + get_client_test_result "${test_name}" "${should_pass}" + fi done exit $retval diff --git a/tests/t_server_null_default.rc b/tests/t_server_null_default.rc index cbf4877..e7bf5bc 100755 --- a/tests/t_server_null_default.rc +++ b/tests/t_server_null_default.rc @@ -20,6 +20,15 @@ SERVER_KEY="${sample_keys}/server.key" TA="${sample_keys}/ta.key" +# This parameter can't be overridden in t_server_null.rc because that gets +# loaded too late. However, you can use +# +# LWIPOVPN_PATH=/some/path/to/lwipovpn make check +# +# to run the tests using lwipovpn in a custom location +# +LWIPOVPN_PATH="${LWIPOVPN_PATH:-lwipovpn}" + # Used to detect if graceful kill of any server instance failed during the test # run SERVER_KILL_FAIL_FILE=".t_server_null_server.kill_failed" @@ -28,7 +37,7 @@ MAX_CLIENTS="10" CLIENT_MATCH="Test-Client" SERVER_EXEC="${top_builddir}/src/openvpn/openvpn" -SERVER_BASE_OPTS="--daemon --local 127.0.0.1 --dev tun --topology subnet --max-clients $MAX_CLIENTS --persist-tun --verb 3" +SERVER_BASE_OPTS="--daemon --local 127.0.0.1 --dev tun --topology subnet --max-clients $MAX_CLIENTS --persist-tun --verb 3 --duplicate-cn" SERVER_CIPHER_OPTS="" SERVER_CERT_OPTS="--ca ${CA} --dh ${DH} --cert ${SERVER_CERT} --key ${SERVER_KEY} --tls-auth ${TA} 0" SERVER_CONF_BASE="${SERVER_BASE_OPTS} ${SERVER_CIPHER_OPTS} ${SERVER_CERT_OPTS}" @@ -49,23 +58,37 @@ # Test client configurations CLIENT_EXEC="${top_builddir}/src/openvpn/openvpn" -CLIENT_BASE_OPTS="--client --dev null --ifconfig-noexec --nobind --remote-cert-tls server --persist-tun --verb 3 --resolv-retry infinite --connect-retry-max 3 --server-poll-timeout 5 --explicit-exit-notify 3 --script-security 2 --up ${srcdir}/null_client_up.sh" +CLIENT_BASE_OPTS="--client --nobind --remote-cert-tls server --persist-tun --verb 3 --resolv-retry infinite --connect-retry-max 3 --server-poll-timeout 5 --explicit-exit-notify 3 --script-security 2" +CLIENT_NULL_OPTS="--dev null --ifconfig-noexec --up ${srcdir}/null_client_up.sh" +CLIENT_LWIP_OPTS="--dev null --dev-node unix:${LWIPOVPN_PATH} --up ${srcdir}/lwip_client_up.sh" + CLIENT_CIPHER_OPTS="" CLIENT_CERT_OPTS="--ca ${CA} --cert ${CLIENT_CERT} --key ${CLIENT_KEY} --tls-auth ${TA} 1" -TEST_RUN_LIST="1 2 3" -CLIENT_CONF_BASE="${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}" +TEST_RUN_LIST="1 1L 2 2L 3" +CLIENT_CONF_BASE="${CLIENT_NULL_OPTS} ${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}" +CLIENT_CONF_BASE_LWIP="${CLIENT_LWIP_OPTS} ${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}" TEST_NAME_1="t_server_null_client.sh-openvpn_current_udp" SHOULD_PASS_1="yes" CLIENT_EXEC_1="${CLIENT_EXEC}" CLIENT_CONF_1="${CLIENT_CONF_BASE} --remote 127.0.0.1 1194 udp --proto udp" +TEST_NAME_1L="t_server_null_client.sh-openvpn_current_udp_lwip" +SHOULD_PASS_1L="yes" +CLIENT_EXEC_1L="${CLIENT_EXEC}" +CLIENT_CONF_1L="${CLIENT_CONF_BASE_LWIP} --remote 127.0.0.1 1194 udp --proto udp" + TEST_NAME_2="t_server_null_client.sh-openvpn_current_tcp" SHOULD_PASS_2="yes" CLIENT_EXEC_2="${CLIENT_EXEC}" CLIENT_CONF_2="${CLIENT_CONF_BASE} --remote 127.0.0.1 1195 tcp --proto tcp" +TEST_NAME_2L="t_server_null_client.sh-openvpn_current_tcp_lwip" +SHOULD_PASS_2L="yes" +CLIENT_EXEC_2L="${CLIENT_EXEC}" +CLIENT_CONF_2L="${CLIENT_CONF_BASE_LWIP} --remote 127.0.0.1 1195 tcp --proto tcp" + TEST_NAME_3="t_server_null_client.sh-openvpn_current_udp_fail" SHOULD_PASS_3="no" CLIENT_EXEC_3="${CLIENT_EXEC}"