diff mbox series

[Openvpn-devel,v6] t_server_null: add multi-socket testing

Message ID 20250708073359.32549-1-gert@greenie.muc.de
State New
Headers show
Series [Openvpn-devel,v6] t_server_null: add multi-socket testing | expand

Commit Message

Gert Doering July 8, 2025, 7:33 a.m. UTC 
From: Samuli Seppänen <samuli.seppanen@gmail.com>

This adds a new multi-socket server that listens on IPv4 and IPv6
localhost addresses for TCP and UDP connections respectively. It also
adds two success tests and one failure test with wrong protocol defined
at the client side.

Change-Id: I4ebe1158c36a641888131e824f59004a0f8fb4c5
Signed-off-by: Samuli Seppänen <sasepp@pm.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/919
This mail reflects revision 6 of this Change.

Acked-by according to Gerrit (reflected above):
Gert Doering <gert@greenie.muc.de>

Comments

Gert Doering July 8, 2025, 7:54 a.m. UTC | #1 
The buildbots have tested this very thoroughly, I just figured out why
it fails on NetBSD and OpenBSD - these systems, by default, have a limit
of 4 tun devices and the BBs use one of them for the community VPN, 
so when starting 4 server instances, we run out.

 Fix: # cd /dev ; ./MAKEDEV tun4

yes, nothing dynamic there...

Also, we agreed that we should fix the number mapping "client instance 
number -> server number" so that it's easier to maintain because we
know "all client tests 4<x> go to server instance <4>" while it's a bit
unorderly right now.  But this will be a different patch as it affects
existing instances that are unrelated to *this* new feature.

Your patch has been applied to the master branch.

commit fd6d0f3cf67622c3ae052c5f94abd5fd70ee7995
Author: Samuli Seppänen
Date:   Tue Jul 8 09:33:51 2025 +0200

     t_server_null: add multi-socket testing

     Signed-off-by: Samuli Seppänen <sasepp@pm.me>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <20250708073359.32549-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32061.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/tests/t_server_null_default.rc b/tests/t_server_null_default.rc
index 41ec591..a1c68cd 100755
--- a/tests/t_server_null_default.rc
+++ b/tests/t_server_null_default.rc
@@ -38,12 +38,14 @@ 
 MAX_CLIENTS="10"
 CLIENT_MATCH="Test-Client"
 SERVER_EXEC="${top_builddir}/src/openvpn/openvpn"
-SERVER_BASE_OPTS="--local 127.0.0.1 --dev tun --topology subnet --max-clients $MAX_CLIENTS --persist-tun --verb 3 --duplicate-cn"
+SERVER_BASE_OPTS="--dev tun --topology subnet --max-clients $MAX_CLIENTS --persist-tun --verb 3 --duplicate-cn"
+SERVER_BIND_OPTS="--local 127.0.0.1"
 SERVER_CIPHER_OPTS=""
 SERVER_CERT_OPTS="--ca ${CA} --cert ${SERVER_CERT} --key ${SERVER_KEY} --tls-auth ${TA} 0"
-SERVER_CONF_BASE="${SERVER_BASE_OPTS} ${SERVER_CIPHER_OPTS} ${SERVER_CERT_OPTS}"
+SERVER_CONF_BASE="${SERVER_BASE_OPTS} ${SERVER_CIPHER_OPTS} ${SERVER_CERT_OPTS} ${SERVER_BIND_OPTS}"
+SERVER_CONF_BASE_MULTISOCKET="${SERVER_BASE_OPTS} ${SERVER_CIPHER_OPTS} ${SERVER_CERT_OPTS}"
 
-TEST_SERVER_LIST="1 2 3"
+TEST_SERVER_LIST="1 2 3 4"
 
 SERVER_NAME_1="t_server_null_server-1194_udp"
 SERVER_SERVER_1="--server 10.29.41.0 255.255.255.0"
@@ -63,6 +65,12 @@ 
 SERVER_EXEC_3="${SERVER_EXEC}"
 SERVER_CONF_3="${SERVER_CONF_BASE} ${SERVER_SERVER_3} --lport 1196 --proto udp --management 127.0.0.1 ${SERVER_MGMT_PORT_3} --dh none --cipher AES-192-CBC --data-ciphers DEFAULT:AES-192-CBC"
 
+SERVER_NAME_4="t_server_null_server-1197_multisocket_ipv4_ipv6"
+SERVER_SERVER_4="--server 10.29.44.0 255.255.255.0"
+SERVER_MGMT_PORT_4="11197"
+SERVER_EXEC_4="${SERVER_EXEC}"
+SERVER_CONF_4="${SERVER_CONF_BASE_MULTISOCKET} ${SERVER_SERVER_4} --local 127.0.0.1 1197 tcp --local ::1 1197 udp --management 127.0.0.1 ${SERVER_MGMT_PORT_4}"
+
 # Test client configurations
 CLIENT_EXEC="${top_builddir}/src/openvpn/openvpn"
 CLIENT_BASE_OPTS="--client --nobind --remote-cert-tls server --persist-tun --verb 3 --resolv-retry infinite --connect-retry-max 3 --server-poll-timeout 5 --explicit-exit-notify 3 --script-security 2"
@@ -72,7 +80,7 @@ 
 CLIENT_CIPHER_OPTS=""
 CLIENT_CERT_OPTS="--ca ${CA} --cert ${CLIENT_CERT} --key ${CLIENT_KEY} --tls-auth ${TA} 1"
 
-TEST_RUN_LIST="1 1L 2 2L 3 4a 4b 4c"
+TEST_RUN_LIST="1 1L 2 2L 3 4a 4b 4c 5a 5b 5c"
 CLIENT_CONF_BASE="${CLIENT_NULL_OPTS} ${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}"
 CLIENT_CONF_BASE_LWIP="${CLIENT_LWIP_OPTS} ${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}"
 
@@ -121,3 +129,18 @@ 
 SHOULD_PASS_4c="no"
 CLIENT_EXEC_4c="${CLIENT_EXEC}"
 CLIENT_CONF_4c="${CLIENT_CONF_BASE} --remote 127.0.0.1 1196 udp --proto udp --cipher AES-192-CBC --data-ciphers AES-128-CBC"
+
+TEST_NAME_5a="t_server_null_client.sh-openvpn_current_multisocket_ipv4_tcp"
+SHOULD_PASS_5a="yes"
+CLIENT_EXEC_5a="${CLIENT_EXEC}"
+CLIENT_CONF_5a="${CLIENT_CONF_BASE} --remote 127.0.0.1 1197 tcp"
+
+TEST_NAME_5b="t_server_null_client.sh-openvpn_current_multisocket_ipv6_udp"
+SHOULD_PASS_5b="yes"
+CLIENT_EXEC_5b="${CLIENT_EXEC}"
+CLIENT_CONF_5b="${CLIENT_CONF_BASE} --remote ::1 1197 udp"
+
+TEST_NAME_5c="t_server_null_client.sh-openvpn_current_multisocket_ipv6_tcp_fail"
+SHOULD_PASS_5c="no"
+CLIENT_EXEC_5c="${CLIENT_EXEC}"
+CLIENT_CONF_5c="${CLIENT_CONF_BASE} --remote ::1 1197 tcp"