From patchwork Tue Jul 8 07:33:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4299 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:3846:b0:671:5a2c:6455 with SMTP id n6csp7410358mal; Tue, 8 Jul 2025 00:34:16 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXW8BeVF/CN44Z/tC8C8mSE7LCvyrbsgUnVEjE8hwSMjpjevrH60ozvoloI8UK2CH1KHpjlP9oUkMY=@openvpn.net X-Google-Smtp-Source: AGHT+IEjFtcZsW+ABlc6U6dwOkjMLR0SUtjtuOldy8kbn38163KXWWDQd4KlgCvBCrisROFg/NIg X-Received: by 2002:a05:6808:1a17:b0:401:918a:5b89 with SMTP id 5614622812f47-41110337dbamr1812005b6e.26.1751960056140; Tue, 08 Jul 2025 00:34:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1751960056; cv=none; d=google.com; s=arc-20240605; b=YEfrDTILJ4WJK4EkWh8+UiffPfsmwd8KIJ1kG0x4ABoW+hG5FW6iqQptNdoquV3Q4w Sp8ICLctHIF5MBxLdPbEEqRnlkcpNdjyl6/sPLZgBw6pzfYSiXe69SHMsrJsqiSLqTQ0 4+Ax79gBjZr1nMbt3oI9unT2zJ2kKHr7m3d7rPv8wTj4hGiFPBtObXkLWs8B1PI+idHf CHz091i5laURgShHi4nE2ODUvpK/03Fq5TxRMShIE6us5sv/y9hGmiSLblqO3+91Ccnh QzRNS93vAeZQWhBbgFSQCEFGG+XrmqMl55VND2zSBAWXHEGre5+KMNAWRd4OmKAsiqqG 38zQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=1fSN+Rl/IWWFgd9SQ3WqGb9jGdPdO1V9WeXIXZdnn+c=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=MSrEilTVrVyFYo8K0GZboC1ABUGwegRz8wfqZelES9iQ06IqCYLU6i0v6NRSNxdRXR 1MDtKIaVVZPRH3MtgWxh99aC3bwx8DPkeVcC0oA4jpooVAZvqRCSmCwSjp+M1xnR4lm+ 7DRqHBdsW6Nt5/sPMfW5H7LaTF0DUrSm8nxdexrF85PFe0dRC32pZcD6FGnu9BrGS3Lg Z0YBZ9yWrJrG6Fi38Br8v3pUR/AspBCCasXRvJ0AheIi78kFyJKl7/lazdUvuW+pDsGe gWUZByBuNkFdp71J1VEgm1QQaTKFUYb2a0ksv/asbzdif3ScM+vKidnlL162Q61KNJiN Cdbg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=UDy0GhkA; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=ZgHXuFGO; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=HQRHBR1U; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-40d02a3972bsi6823228b6e.42.2025.07.08.00.34.12 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 08 Jul 2025 00:34:15 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=UDy0GhkA; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=ZgHXuFGO; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=HQRHBR1U; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=1fSN+Rl/IWWFgd9SQ3WqGb9jGdPdO1V9WeXIXZdnn+c=; b=UDy0GhkAKKn12uN1COJ73H4pxt u2C2INpPeucpkYp73Cn9Oi+9kXSHqrdoZHpbTiZRWSZOhc1T+zfFkso6oId/AZIPsoQkyJeStX4eE KT4mNhSKPLrvoEy4UbH4aMPcxIK2/GleaODL3DsGqo+a88Atzxu7gGpP/GUsown9XyYM=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1uZ2q9-0001g4-Ti; Tue, 08 Jul 2025 07:34:09 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1uZ2q8-0001fy-Kf for openvpn-devel@lists.sourceforge.net; Tue, 08 Jul 2025 07:34:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version :References:In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=9hkIzSqtbFWmEHw0tnLj5aWAuJprgKuv0kbR1foxB14=; b=ZgHXuFGONtU8EuxE+30ZgYEYTn NUSJIdy2peAweHHMgG54ML8qLMZpndcRWUIyV3v8efQ7JcTnUpXQoSY5XUxyHBQEL6i3O9qldvqrQ 0tH7oWorl1UPTRaKUs+xXemaVxDqZH2/8upe6CKWVfef49d0cQHuEh6BMXXUiyBUsNUQ=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=9hkIzSqtbFWmEHw0tnLj5aWAuJprgKuv0kbR1foxB14=; b=HQRHBR1UXlTpCM/wP/vbRt4QMq GD+YR8mP6IH9ZGEP4nP67tmvPe+Xse+PMwocs0amSvrUyyu2dOD2EHh7PQ6MtjSNFFH+h4QML/R70 HFFDbtRxaPEiTBhd/olzgv0ng1/seoHytylxDdaDtSjeWZE7uVO7bDFrxxP8UUk8LQz4=; Received: from [193.149.48.143] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1uZ2q7-0001Ud-BX for openvpn-devel@lists.sourceforge.net; Tue, 08 Jul 2025 07:34:08 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 5687Y0VH032575 for ; Tue, 8 Jul 2025 09:34:00 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 5687Y0si032574 for openvpn-devel@lists.sourceforge.net; Tue, 8 Jul 2025 09:34:00 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Tue, 8 Jul 2025 09:33:51 +0200 Message-ID: <20250708073359.32549-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.49.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: =?unknown-8bit?q?Spam_detection_software=2C_running_on_the_sy?= =?unknown-8bit?q?stem_=22sfi-spamd-2=2Ehosts=2Ecolo=2Esdot=2Eme=22=2C?= =?unknown-8bit?q?_has_NOT_identified_this_incoming_email_as_spam=2E__The_ori?= =?unknown-8bit?q?ginal?= =?unknown-8bit?q?_message_has_been_attached_to_this_so_you_can_view_it_or_la?= =?unknown-8bit?q?bel?= =?unknown-8bit?q?_similar_future_email=2E__If_you_have_any_questions=2C_see?= =?unknown-8bit?q?_the_administrator_of_that_system_for_details=2E?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_Content_preview=3A__From=3A_Samuli_Sepp=C3=A4nen_=3Csamuli?= =?unknown-8bit?q?=2Eseppanen=40gmail=2Ecom=3E_This_adds?= =?unknown-8bit?q?_a_new_multi-socket_server_that_listens_on_IPv4_and_IPv6_lo?= =?unknown-8bit?q?calhost_addresses?= =?unknown-8bit?q?_for_TCP_and_UDP_connections_respectively=2E_It_also_adds_t?= =?unknown-8bit?q?wo_success_tests?= =?unknown-8bit?q?_and_one_failure_test_with_wrong_protocol_=5B=2E=2E=2E=5D_?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_Content_analysis_details=3A___=281=2E3_points=2C_5=2E0_req?= =?unknown-8bit?q?uired=29?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_pts_rule_name______________description?= =?unknown-8bit?q?_----_----------------------_------------------------------?= =?unknown-8bit?q?--------------------?= =?unknown-8bit?q?_1=2E3_RDNS=5FNONE______________Delivered_to_internal_netwo?= =?unknown-8bit?q?rk_by_a_host_with_no_rDNS?= X-Headers-End: 1uZ2q7-0001Ud-BX Subject: [Openvpn-devel] [PATCH v6] t_server_null: add multi-socket testing X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1837063267684045268?= X-GMAIL-MSGID: =?utf-8?q?1837063267684045268?= From: Samuli Seppänen This adds a new multi-socket server that listens on IPv4 and IPv6 localhost addresses for TCP and UDP connections respectively. It also adds two success tests and one failure test with wrong protocol defined at the client side. Change-Id: I4ebe1158c36a641888131e824f59004a0f8fb4c5 Signed-off-by: Samuli Seppänen Acked-by: Gert Doering --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/919 This mail reflects revision 6 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/tests/t_server_null_default.rc b/tests/t_server_null_default.rc index 41ec591..a1c68cd 100755 --- a/tests/t_server_null_default.rc +++ b/tests/t_server_null_default.rc @@ -38,12 +38,14 @@ MAX_CLIENTS="10" CLIENT_MATCH="Test-Client" SERVER_EXEC="${top_builddir}/src/openvpn/openvpn" -SERVER_BASE_OPTS="--local 127.0.0.1 --dev tun --topology subnet --max-clients $MAX_CLIENTS --persist-tun --verb 3 --duplicate-cn" +SERVER_BASE_OPTS="--dev tun --topology subnet --max-clients $MAX_CLIENTS --persist-tun --verb 3 --duplicate-cn" +SERVER_BIND_OPTS="--local 127.0.0.1" SERVER_CIPHER_OPTS="" SERVER_CERT_OPTS="--ca ${CA} --cert ${SERVER_CERT} --key ${SERVER_KEY} --tls-auth ${TA} 0" -SERVER_CONF_BASE="${SERVER_BASE_OPTS} ${SERVER_CIPHER_OPTS} ${SERVER_CERT_OPTS}" +SERVER_CONF_BASE="${SERVER_BASE_OPTS} ${SERVER_CIPHER_OPTS} ${SERVER_CERT_OPTS} ${SERVER_BIND_OPTS}" +SERVER_CONF_BASE_MULTISOCKET="${SERVER_BASE_OPTS} ${SERVER_CIPHER_OPTS} ${SERVER_CERT_OPTS}" -TEST_SERVER_LIST="1 2 3" +TEST_SERVER_LIST="1 2 3 4" SERVER_NAME_1="t_server_null_server-1194_udp" SERVER_SERVER_1="--server 10.29.41.0 255.255.255.0" @@ -63,6 +65,12 @@ SERVER_EXEC_3="${SERVER_EXEC}" SERVER_CONF_3="${SERVER_CONF_BASE} ${SERVER_SERVER_3} --lport 1196 --proto udp --management 127.0.0.1 ${SERVER_MGMT_PORT_3} --dh none --cipher AES-192-CBC --data-ciphers DEFAULT:AES-192-CBC" +SERVER_NAME_4="t_server_null_server-1197_multisocket_ipv4_ipv6" +SERVER_SERVER_4="--server 10.29.44.0 255.255.255.0" +SERVER_MGMT_PORT_4="11197" +SERVER_EXEC_4="${SERVER_EXEC}" +SERVER_CONF_4="${SERVER_CONF_BASE_MULTISOCKET} ${SERVER_SERVER_4} --local 127.0.0.1 1197 tcp --local ::1 1197 udp --management 127.0.0.1 ${SERVER_MGMT_PORT_4}" + # Test client configurations CLIENT_EXEC="${top_builddir}/src/openvpn/openvpn" CLIENT_BASE_OPTS="--client --nobind --remote-cert-tls server --persist-tun --verb 3 --resolv-retry infinite --connect-retry-max 3 --server-poll-timeout 5 --explicit-exit-notify 3 --script-security 2" @@ -72,7 +80,7 @@ CLIENT_CIPHER_OPTS="" CLIENT_CERT_OPTS="--ca ${CA} --cert ${CLIENT_CERT} --key ${CLIENT_KEY} --tls-auth ${TA} 1" -TEST_RUN_LIST="1 1L 2 2L 3 4a 4b 4c" +TEST_RUN_LIST="1 1L 2 2L 3 4a 4b 4c 5a 5b 5c" CLIENT_CONF_BASE="${CLIENT_NULL_OPTS} ${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}" CLIENT_CONF_BASE_LWIP="${CLIENT_LWIP_OPTS} ${CLIENT_BASE_OPTS} ${CLIENT_CIPHER_OPTS} ${CLIENT_CERT_OPTS}" @@ -121,3 +129,18 @@ SHOULD_PASS_4c="no" CLIENT_EXEC_4c="${CLIENT_EXEC}" CLIENT_CONF_4c="${CLIENT_CONF_BASE} --remote 127.0.0.1 1196 udp --proto udp --cipher AES-192-CBC --data-ciphers AES-128-CBC" + +TEST_NAME_5a="t_server_null_client.sh-openvpn_current_multisocket_ipv4_tcp" +SHOULD_PASS_5a="yes" +CLIENT_EXEC_5a="${CLIENT_EXEC}" +CLIENT_CONF_5a="${CLIENT_CONF_BASE} --remote 127.0.0.1 1197 tcp" + +TEST_NAME_5b="t_server_null_client.sh-openvpn_current_multisocket_ipv6_udp" +SHOULD_PASS_5b="yes" +CLIENT_EXEC_5b="${CLIENT_EXEC}" +CLIENT_CONF_5b="${CLIENT_CONF_BASE} --remote ::1 1197 udp" + +TEST_NAME_5c="t_server_null_client.sh-openvpn_current_multisocket_ipv6_tcp_fail" +SHOULD_PASS_5c="no" +CLIENT_EXEC_5c="${CLIENT_EXEC}" +CLIENT_CONF_5c="${CLIENT_CONF_BASE} --remote ::1 1197 tcp"