2005-09-26 07:28:27 +02:00
|
|
|
#! /bin/sh
|
|
|
|
#
|
|
|
|
# t_lpback.sh - script to test OpenVPN's crypto loopback
|
|
|
|
# Copyright (C) 2005 Matthias Andree
|
2014-06-08 18:16:15 +02:00
|
|
|
# Copyright (C) 2014 Steffan Karger
|
2005-09-26 07:28:27 +02:00
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or
|
|
|
|
# modify it under the terms of the GNU General Public License
|
|
|
|
# as published by the Free Software Foundation; either version 2
|
|
|
|
# of the License, or (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with this program; if not, write to the Free Software
|
|
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
|
|
# 02110-1301, USA.
|
|
|
|
|
2014-06-08 18:16:15 +02:00
|
|
|
set -eu
|
2012-02-29 21:11:59 +01:00
|
|
|
top_builddir="${top_builddir:-..}"
|
2005-11-05 08:42:33 +01:00
|
|
|
trap "rm -f key.$$ log.$$ ; trap 0 ; exit 77" 1 2 15
|
|
|
|
trap "rm -f key.$$ log.$$ ; exit 1" 0 3
|
2014-06-08 18:16:15 +02:00
|
|
|
|
|
|
|
# Get list of supported ciphers from openvpn --show-ciphers output
|
2014-07-08 16:45:58 +02:00
|
|
|
CIPHERS=$(${top_builddir}/src/openvpn/openvpn --show-ciphers | \
|
2016-08-16 16:45:42 +02:00
|
|
|
sed -e '/The following/,/^$/d' -e s'/ .*//' -e '/^\s*$/d')
|
2014-06-08 18:16:15 +02:00
|
|
|
|
|
|
|
# SK, 2014-06-04: currently the DES-EDE3-CFB1 implementation of OpenSSL is
|
|
|
|
# broken (see http://rt.openssl.org/Ticket/Display.html?id=2867), so exclude
|
|
|
|
# that cipher from this test.
|
2014-07-08 16:45:58 +02:00
|
|
|
# GD, 2014-07-06 so is DES-CFB1
|
|
|
|
# GD, 2014-07-06 do not test RC5-* either (fails on NetBSD w/o libcrypto_rc5)
|
|
|
|
CIPHERS=$(echo "$CIPHERS" | egrep -v '^(DES-EDE3-CFB1|DES-CFB1|RC5-)' )
|
2014-06-08 18:16:15 +02:00
|
|
|
|
2014-12-02 21:42:00 +01:00
|
|
|
# Also test cipher 'none'
|
|
|
|
CIPHERS=${CIPHERS}$(printf "\nnone")
|
|
|
|
|
2012-02-29 21:11:59 +01:00
|
|
|
"${top_builddir}/src/openvpn/openvpn" --genkey --secret key.$$
|
2005-09-26 07:28:27 +02:00
|
|
|
set +e
|
2014-06-08 18:16:15 +02:00
|
|
|
|
|
|
|
e=0
|
|
|
|
for cipher in ${CIPHERS}
|
|
|
|
do
|
|
|
|
echo -n "Testing cipher ${cipher}... "
|
|
|
|
( "${top_builddir}/src/openvpn/openvpn" --test-crypto --secret key.$$ --cipher ${cipher} ) >log.$$ 2>&1
|
|
|
|
if [ $? != 0 ] ; then
|
|
|
|
echo "FAILED"
|
|
|
|
cat log.$$
|
|
|
|
e=1
|
|
|
|
else
|
|
|
|
echo "OK"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
2005-11-05 08:42:33 +01:00
|
|
|
rm key.$$ log.$$
|
|
|
|
trap 0
|
2005-09-26 07:28:27 +02:00
|
|
|
exit $e
|