diff options
author | Steffan Karger | 2014-06-08 18:16:15 +0200 |
---|---|---|
committer | Gert Doering | 2014-07-07 22:35:44 +0200 |
commit | e97aa06dc058dd099cf3a5facde73aa92d61277c (patch) | |
tree | ad0d20f9bb094364a0dfd0493df2df2cb7c0244a /tests | |
parent | d66ba9b212e95cdd1880be58036e62d59e5dbb6a (diff) | |
download | openvpn-e97aa06dc058dd099cf3a5facde73aa92d61277c.zip openvpn-e97aa06dc058dd099cf3a5facde73aa92d61277c.tar.gz |
Extend t_lpback tests to test all ciphers reported by --show-ciphers
... instead of just BF-CBC. Should catch more mistakes.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1402244175-31462-5-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8777
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit b2bff9fa15695f2850999688b0ca6047016fd7f5)
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/t_lpback.sh | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/tests/t_lpback.sh b/tests/t_lpback.sh index 40767a1..c224797 100755 --- a/tests/t_lpback.sh +++ b/tests/t_lpback.sh @@ -2,6 +2,7 @@ # # t_lpback.sh - script to test OpenVPN's crypto loopback # Copyright (C) 2005 Matthias Andree +# Copyright (C) 2014 Steffan Karger # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -18,15 +19,36 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301, USA. -set -e +set -eu top_builddir="${top_builddir:-..}" trap "rm -f key.$$ log.$$ ; trap 0 ; exit 77" 1 2 15 trap "rm -f key.$$ log.$$ ; exit 1" 0 3 + +# Get list of supported ciphers from openvpn --show-ciphers output +CIPHERS=$(${top_builddir}/src/openvpn/openvpn --show-ciphers | tail -n+7 | sed 's/ .*//' | sed '/^\s*$/d' | sort) + +# SK, 2014-06-04: currently the DES-EDE3-CFB1 implementation of OpenSSL is +# broken (see http://rt.openssl.org/Ticket/Display.html?id=2867), so exclude +# that cipher from this test. +CIPHERS=$(echo "$CIPHERS" | sed '/.*DES-EDE3-CFB1.*/d') + "${top_builddir}/src/openvpn/openvpn" --genkey --secret key.$$ set +e -( "${top_builddir}/src/openvpn/openvpn" --test-crypto --secret key.$$ ) >log.$$ 2>&1 -e=$? -if [ $e != 0 ] ; then cat log.$$ ; fi + +e=0 +for cipher in ${CIPHERS} +do + echo -n "Testing cipher ${cipher}... " + ( "${top_builddir}/src/openvpn/openvpn" --test-crypto --secret key.$$ --cipher ${cipher} ) >log.$$ 2>&1 + if [ $? != 0 ] ; then + echo "FAILED" + cat log.$$ + e=1 + else + echo "OK" + fi +done + rm key.$$ log.$$ trap 0 exit $e |