2010-08-10 12:39:28 +02:00
|
|
|
#!@SHELL@
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
#
|
|
|
|
# run OpenVPN client against ``test reference'' server
|
|
|
|
# - check that ping, http, ... via tunnel works
|
|
|
|
# - check that interface config / routes are properly cleaned after test end
|
|
|
|
#
|
|
|
|
# prerequisites:
|
|
|
|
# - openvpn binary in current directory
|
|
|
|
# - writable current directory to create subdir for logs
|
|
|
|
# - t_client.rc in current directory OR source dir that specifies tests
|
|
|
|
# - for "ping4" checks: fping binary in $PATH
|
|
|
|
# - for "ping6" checks: fping6 binary in $PATH
|
|
|
|
#
|
|
|
|
|
2010-08-18 15:00:13 +02:00
|
|
|
if [ -r ./t_client.rc ] ; then
|
|
|
|
. ./t_client.rc
|
|
|
|
elif [ -r "${srcdir}"/t_client.rc ] ; then
|
|
|
|
. "${srcdir}"/t_client.rc
|
|
|
|
else
|
|
|
|
echo "$0: cannot find 't_client.rc' in current directory or" >&2
|
|
|
|
echo "$0: source dir ('${srcdir}'). SKIPPING TEST." >&2
|
|
|
|
exit 77
|
|
|
|
fi
|
|
|
|
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
if [ ! -x ./openvpn ]
|
|
|
|
then
|
|
|
|
echo "no (executable) openvpn binary in current directory. FAIL." >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ ! -w . ]
|
|
|
|
then
|
|
|
|
echo "current directory is not writable (required for logging). FAIL." >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -z "$CA_CERT" ] ; then
|
|
|
|
echo "CA_CERT not defined in 't_client.rc'. SKIP test." >&2
|
2010-08-18 17:05:09 +02:00
|
|
|
exit 77
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -z "$TEST_RUN_LIST" ] ; then
|
|
|
|
echo "TEST_RUN_LIST empty, no tests defined. SKIP test." >&2
|
2010-08-18 17:05:09 +02:00
|
|
|
exit 77
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# make sure we have permissions to run ifconfig/route from OpenVPN
|
|
|
|
# can't use "id -u" here - doesn't work on Solaris
|
|
|
|
ID=`id`
|
|
|
|
if expr "$ID" : "uid=0" >/dev/null
|
|
|
|
then :
|
|
|
|
else
|
|
|
|
echo "$0: this test must run be as root. SKIP." >&2
|
2010-08-18 17:05:09 +02:00
|
|
|
exit 77
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
LOGDIR=t_client-`hostname`-`date +%Y%m%d-%H%M%S`
|
|
|
|
if mkdir $LOGDIR
|
|
|
|
then :
|
|
|
|
else
|
|
|
|
echo "can't create log directory '$LOGDIR'. FAIL." >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
exit_code=0
|
|
|
|
|
|
|
|
# ----------------------------------------------------------
|
|
|
|
# helper functions
|
|
|
|
# ----------------------------------------------------------
|
|
|
|
# print failure message, increase FAIL counter
|
|
|
|
fail()
|
|
|
|
{
|
|
|
|
echo ""
|
|
|
|
echo "FAIL: $@" >&2
|
|
|
|
fail_count=$(( $fail_count + 1 ))
|
|
|
|
}
|
|
|
|
|
|
|
|
# print "all interface IP addresses" + "all routes"
|
|
|
|
# this is higly system dependent...
|
|
|
|
get_ifconfig_route()
|
|
|
|
{
|
2010-08-10 12:39:28 +02:00
|
|
|
# linux / iproute2? (-> if configure got a path)
|
|
|
|
if [ "@IPROUTE@" != "ip" ]
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
then
|
|
|
|
echo "-- linux iproute2 --"
|
2010-08-10 12:39:28 +02:00
|
|
|
@IPROUTE@ addr show | grep -v valid_lft
|
|
|
|
@IPROUTE@ route show
|
|
|
|
@IPROUTE@ -6 route show | sed -e 's/expires [0-9]*sec //'
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
return
|
|
|
|
fi
|
|
|
|
|
|
|
|
# try uname
|
|
|
|
case `uname -s` in
|
|
|
|
Linux)
|
|
|
|
echo "-- linux / ifconfig --"
|
2010-08-10 12:39:28 +02:00
|
|
|
LANG=C @IFCONFIG@ -a |egrep "( addr:|encap:)"
|
|
|
|
LANG=C @NETSTAT@ -rn -4 -6
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
return
|
|
|
|
;;
|
|
|
|
FreeBSD|NetBSD|Darwin)
|
|
|
|
echo "-- FreeBSD/NetBSD/Darwin [MacOS X] --"
|
2010-08-10 12:39:28 +02:00
|
|
|
@IFCONFIG@ -a | egrep "(flags=|inet)"
|
|
|
|
@NETSTAT@ -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
return
|
|
|
|
;;
|
|
|
|
OpenBSD)
|
|
|
|
echo "-- OpenBSD --"
|
2010-08-10 12:39:28 +02:00
|
|
|
@IFCONFIG@ -a | egrep "(flags=|inet)" | \
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
sed -e 's/pltime [0-9]*//' -e 's/vltime [0-9]*//'
|
2010-08-10 12:39:28 +02:00
|
|
|
@NETSTAT@ -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
return
|
|
|
|
;;
|
|
|
|
SunOS)
|
|
|
|
echo "-- Solaris --"
|
2010-08-10 12:39:28 +02:00
|
|
|
@IFCONFIG@ -a | egrep "(flags=|inet)"
|
|
|
|
@NETSTAT@ -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }'
|
full "VPN client connect" test framework for OpenVPN
Run from "make check" if "t_client.rc" is found in workdir or srcdir
(copy t_client.rc-sample, fill in specifics for your test server)
How does it work?
- you run "sudo make check" (needs root access to configure tun if!)
- t_client.sh reads t_client.rc from current dir or ${srcdir}
- t_client.rc defines a number of "test suffixes" to run (could be
"1" "2" "3" or "p2m", "p2p", "special" or whatever you like), and
for each suffix, there's config variables to specify
- how to call OpenVPN
- which hosts to ping for IPv4 and IPv6 when OpenVPN is up
(and actually before starting OpenVPN - to make the test more
meaningful, I have decided that the test hosts must not ping
before the tests starts)
- which addresses must show up in the output of "ifconfig" after
OpenVPN has started
- all variables except OPENVPN_CONF_<x> are optional
(this should all be fairly obvious from looking at t_client.rc-sample)
- the script wants to connect to a well-defined OpenVPN server that
will assign well-known IPv4 (and IPv6) addresses, have well-defined
pingable addresse, etc. - so you need to setup the test server before
the script is useful for you. (Whether you use certificates or
username/password is up to you, you could even mix and match - run
one test with certs, and one with user/pass against different target
ports... :-) )
[we *could* run a "reference server" somewhere and ship a sample
t_client.rc + cert so that users could use this right away, but I
do not currently have the resources to run such a public server]
- whatever the script does is logged to a newly created directory
below the current directory (openvpn output, ifconfig+route before
starting OpenVPN, while running it, after ending it)
- important: at least on NetBSD and OpenBSD, the script will print
one failure, because the tun0 interface created is not destroyed
after openvpn ends. For OpenBSD, I have changed close_tun() to
do so ("ifconfig tun0 destroy"), for NetBSD I have not yet changed
anything - but I strongly believe that the output of "ifconfig+route"
should be reverted to exactly how it looked like before OpenVPN
was started, so I consider this a bug in the NetBSD-specific bits
of OpenVPN (and will look into this).
- the test framework has been tested on Linux, NetBSD and OpenBSD.
It *should* work fine on FreeBSD and Solaris.
It works on MacOS X (but the output looks funny, because /bin/sh
does not implement "echo -e" - need to add configure trickery)
It will *not* work on Windows yet - I haven't looked into what's
needed to make it work (background processes and signals in mingw
bash?), maybe it's as easy as adding the necessary "ipconfig" and
"netsh" commands to print interface + routing config...
- I have only tested "connect via IPv4 transport, use IPv4+IPv6 payload",
but the framework is generic enough that "connect via IPv6 transport"
should work just fine (just setup OPENVPN_CONF_x accordingly in the
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
2010-08-08 21:24:30 +02:00
|
|
|
return
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
echo "get_ifconfig_route(): no idea how to get info on your OS. FAIL." >&2
|
|
|
|
exit 20
|
|
|
|
}
|
|
|
|
|
|
|
|
# ----------------------------------------------------------
|
|
|
|
# check ifconfig
|
|
|
|
# arg1: "4" or "6" -> for message
|
|
|
|
# arg2: IPv4/IPv6 address that must show up in out of "get_ifconfig_route"
|
|
|
|
check_ifconfig()
|
|
|
|
{
|
|
|
|
proto=$1 ; shift
|
|
|
|
expect_list="$@"
|
|
|
|
|
|
|
|
if [ -z "$expect_list" ] ; then return ; fi
|
|
|
|
|
|
|
|
for expect in $expect_list
|
|
|
|
do
|
|
|
|
if get_ifconfig_route | fgrep "$expect" >/dev/null
|
|
|
|
then :
|
|
|
|
else
|
|
|
|
fail "check_ifconfig(): expected IPv$proto address '$expect' not found in ifconfig output."
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
}
|
|
|
|
|
|
|
|
# ----------------------------------------------------------
|
|
|
|
# run pings
|
|
|
|
# arg1: "4" or "6" -> fping/fing6
|
|
|
|
# arg2: "want_ok" or "want_fail" (expected ping result)
|
|
|
|
# arg3... -> fping arguments (host list)
|
|
|
|
run_ping_tests()
|
|
|
|
{
|
|
|
|
proto=$1 ; want=$2 ; shift ; shift
|
|
|
|
targetlist="$@"
|
|
|
|
|
|
|
|
# "no targets" is fine
|
|
|
|
if [ -z "$targetlist" ] ; then return ; fi
|
|
|
|
|
|
|
|
case $proto in
|
|
|
|
4) cmd=fping ;;
|
|
|
|
6) cmd=fping6 ;;
|
|
|
|
*) echo "internal error in run_ping_tests arg 1: '$proto'" >&2
|
|
|
|
exit 1 ;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
case $want in
|
|
|
|
want_ok) sizes_list="64 1440 3000" ;;
|
|
|
|
want_fail) sizes_list="64" ;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
for bytes in $sizes_list
|
|
|
|
do
|
|
|
|
echo "run IPv$proto ping tests ($want), $bytes byte packets..."
|
|
|
|
|
|
|
|
echo "$cmd -b $bytes -C 20 -p 250 -q $targetlist" >>$LOGDIR/$SUF:fping.out
|
|
|
|
$cmd -b $bytes -C 20 -p 250 -q $targetlist >>$LOGDIR/$SUF:fping.out 2>&1
|
|
|
|
|
|
|
|
# while OpenVPN is running, pings must succeed (want='want_ok')
|
|
|
|
# before OpenVPN is up, pings must NOT succeed (want='want_fail')
|
|
|
|
|
|
|
|
rc=$?
|
|
|
|
if [ $rc = 0 ] # all ping OK
|
|
|
|
then
|
|
|
|
if [ $want = "want_fail" ] # not what we want
|
|
|
|
then
|
|
|
|
fail "IPv$proto ping test succeeded, but needs to *fail*."
|
|
|
|
fi
|
|
|
|
else # ping failed
|
|
|
|
if [ $want = "want_ok" ] # not what we wanted
|
|
|
|
then
|
|
|
|
fail "IPv$proto ping test ($bytes bytes) failed, but should succeed."
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
}
|
|
|
|
|
|
|
|
# ----------------------------------------------------------
|
|
|
|
# main test loop
|
|
|
|
# ----------------------------------------------------------
|
|
|
|
for SUF in $TEST_RUN_LIST
|
|
|
|
do
|
|
|
|
echo -e "\n### test run $SUF ###\n"
|
|
|
|
fail_count=0
|
|
|
|
|
|
|
|
echo "save pre-openvpn ifconfig + route"
|
|
|
|
get_ifconfig_route >$LOGDIR/$SUF:ifconfig_route_pre.txt
|
|
|
|
|
|
|
|
# get config variables
|
|
|
|
eval openvpn_conf=\"\$OPENVPN_CONF_$SUF\"
|
|
|
|
eval expect_ifconfig4=\"\$EXPECT_IFCONFIG4_$SUF\"
|
|
|
|
eval expect_ifconfig6=\"\$EXPECT_IFCONFIG6_$SUF\"
|
|
|
|
eval ping4_hosts=\"\$PING4_HOSTS_$SUF\"
|
|
|
|
eval ping6_hosts=\"\$PING6_HOSTS_$SUF\"
|
|
|
|
|
|
|
|
echo -e "\nrun pre-openvpn ping tests - targets must not be reachable..."
|
|
|
|
run_ping_tests 4 want_fail "$ping4_hosts"
|
|
|
|
run_ping_tests 6 want_fail "$ping6_hosts"
|
|
|
|
if [ "$fail_count" = 0 ] ; then
|
|
|
|
echo -e "OK.\n"
|
|
|
|
else
|
|
|
|
echo -e "FAIL: make sure that ping hosts are ONLY reachable via VPN, SKIP test $SUF".
|
|
|
|
exit_code=31
|
|
|
|
continue
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo " run ./openvpn $openvpn_conf"
|
|
|
|
./openvpn $openvpn_conf >$LOGDIR/$SUF:openvpn.log &
|
|
|
|
opid=$!
|
|
|
|
|
|
|
|
# make sure openvpn client is terminated in case shell exits
|
|
|
|
trap "kill $opid" 0
|
|
|
|
trap "kill $opid ; trap - 0 ; exit 1" 1 2 3 15
|
|
|
|
|
|
|
|
echo "wait for connection to establish..."
|
|
|
|
sleep 10
|
|
|
|
|
|
|
|
# test whether OpenVPN process is still there
|
|
|
|
if kill -0 $opid
|
|
|
|
then :
|
|
|
|
else
|
|
|
|
echo -e "OpenVPN process has failed to start up, check log ($LOGDIR/$SUF:openvpn.log). FAIL.\ntail of logfile follows:\n..." >&2
|
|
|
|
tail $LOGDIR/$SUF:openvpn.log >&2
|
|
|
|
trap - 0 1 2 3 15
|
|
|
|
exit 10
|
|
|
|
fi
|
|
|
|
|
|
|
|
# compare whether anything changed in ifconfig/route setup?
|
|
|
|
echo "save ifconfig+route"
|
|
|
|
get_ifconfig_route >$LOGDIR/$SUF:ifconfig_route.txt
|
|
|
|
|
|
|
|
echo -n "compare pre-openvpn ifconfig+route with current values..."
|
|
|
|
if diff $LOGDIR/$SUF:ifconfig_route_pre.txt \
|
|
|
|
$LOGDIR/$SUF:ifconfig_route.txt >/dev/null
|
|
|
|
then
|
|
|
|
fail "no differences between ifconfig/route before OpenVPN start and now."
|
|
|
|
else
|
|
|
|
echo -e " OK!\n"
|
|
|
|
fi
|
|
|
|
|
|
|
|
# expected ifconfig values in there?
|
|
|
|
check_ifconfig 4 "$expect_ifconfig4"
|
|
|
|
check_ifconfig 6 "$expect_ifconfig6"
|
|
|
|
|
|
|
|
run_ping_tests 4 want_ok "$ping4_hosts"
|
|
|
|
run_ping_tests 6 want_ok "$ping6_hosts"
|
|
|
|
echo -e "ping tests done.\n"
|
|
|
|
|
|
|
|
echo "stopping OpenVPN"
|
|
|
|
kill $opid
|
|
|
|
wait $!
|
|
|
|
rc=$?
|
|
|
|
if [ $rc != 0 ] ; then
|
|
|
|
fail "OpenVPN return code $rc, expect 0"
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo -e "\nsave post-openvpn ifconfig + route..."
|
|
|
|
get_ifconfig_route >$LOGDIR/$SUF:ifconfig_route_post.txt
|
|
|
|
|
|
|
|
echo -n "compare pre- and post-openvpn ifconfig + route..."
|
|
|
|
if diff $LOGDIR/$SUF:ifconfig_route_pre.txt \
|
|
|
|
$LOGDIR/$SUF:ifconfig_route_post.txt >$LOGDIR/$SUF:ifconfig_route_diff.txt
|
|
|
|
then
|
|
|
|
echo -e " OK.\n"
|
|
|
|
else
|
|
|
|
cat $LOGDIR/$SUF:ifconfig_route_diff.txt >&2
|
|
|
|
fail "differences between pre- and post-ifconfig/route"
|
|
|
|
fi
|
|
|
|
if [ "$fail_count" = 0 ] ; then
|
|
|
|
echo -e "test run $SUF: all tests OK.\n"
|
|
|
|
else
|
|
|
|
echo -e "test run $SUF: $fail_count test failures. FAIL.\n";
|
|
|
|
exit_code=30
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
# remove trap handler
|
|
|
|
trap - 0 1 2 3 15
|
|
|
|
exit $exit_code
|