diff options
| author | Jörg Frings-Fürst <debian@jff.email> | 2021-11-29 20:51:58 +0100 |
|---|---|---|
| committer | Jörg Frings-Fürst <debian@jff.email> | 2021-11-29 20:51:58 +0100 |
| commit | 6e3e95a9da9458ddf0874b4bd1c8ce6b47fcef27 (patch) | |
| tree | 6e3667709d99f857d90b9831426f6a32ee70d113 /tests/t_lpback.sh | |
| parent | b29f419d68b26b75a44e3ac00748875f1003b900 (diff) | |
| parent | f2b3dda12a731c2e0971cb7889728edaf23f6cb0 (diff) | |
Merge branch 'upstream' into develop
Diffstat (limited to 'tests/t_lpback.sh')
| -rwxr-xr-x | tests/t_lpback.sh | 51 |
1 files changed, 46 insertions, 5 deletions
diff --git a/tests/t_lpback.sh b/tests/t_lpback.sh index bb8a1d5..6206899 100755 --- a/tests/t_lpback.sh +++ b/tests/t_lpback.sh @@ -21,8 +21,8 @@ set -eu top_builddir="${top_builddir:-..}" -trap "rm -f key.$$ log.$$ ; trap 0 ; exit 77" 1 2 15 -trap "rm -f key.$$ log.$$ ; exit 1" 0 3 +trap "rm -f key.$$ tc-server-key.$$ tc-client-key.$$ log.$$ ; trap 0 ; exit 77" 1 2 15 +trap "rm -f key.$$ tc-server-key.$$ tc-client-key.$$ log.$$ ; exit 1" 0 3 # Get list of supported ciphers from openvpn --show-ciphers output CIPHERS=$(${top_builddir}/src/openvpn/openvpn --show-ciphers | \ @@ -38,13 +38,13 @@ CIPHERS=$(echo "$CIPHERS" | egrep -v '^(DES-EDE3-CFB1|DES-CFB1|RC5-)' ) # Also test cipher 'none' CIPHERS=${CIPHERS}$(printf "\nnone") -"${top_builddir}/src/openvpn/openvpn" --genkey --secret key.$$ +"${top_builddir}/src/openvpn/openvpn" --genkey secret key.$$ set +e e=0 for cipher in ${CIPHERS} do - echo -n "Testing cipher ${cipher}... " + printf "Testing cipher ${cipher}... " ( "${top_builddir}/src/openvpn/openvpn" --test-crypto --secret key.$$ --cipher ${cipher} ) >log.$$ 2>&1 if [ $? != 0 ] ; then echo "FAILED" @@ -55,6 +55,47 @@ do fi done -rm key.$$ log.$$ +printf "Testing tls-crypt-v2 server key generation... " +"${top_builddir}/src/openvpn/openvpn" \ + --genkey tls-crypt-v2-server tc-server-key.$$ >log.$$ 2>&1 +if [ $? != 0 ] ; then + echo "FAILED" + cat log.$$ + e=1 +else + echo "OK" +fi + +printf "Testing tls-crypt-v2 key generation (no metadata)... " +"${top_builddir}/src/openvpn/openvpn" --tls-crypt-v2 tc-server-key.$$ \ + --genkey tls-crypt-v2-client tc-client-key.$$ >log.$$ 2>&1 +if [ $? != 0 ] ; then + echo "FAILED" + cat log.$$ + e=1 +else + echo "OK" +fi + +# Generate max-length base64 metadata ('A' is 0b000000 in base64) +METADATA="" +i=0 +while [ $i -lt 732 ]; do + METADATA="${METADATA}A" + i=$(expr $i + 1) +done +printf "Testing tls-crypt-v2 key generation (max length metadata)... " +"${top_builddir}/src/openvpn/openvpn" --tls-crypt-v2 tc-server-key.$$ \ + --genkey tls-crypt-v2-client tc-client-key.$$ "${METADATA}" \ + >log.$$ 2>&1 +if [ $? != 0 ] ; then + echo "FAILED" + cat log.$$ + e=1 +else + echo "OK" +fi + +rm key.$$ tc-server-key.$$ tc-client-key.$$ log.$$ trap 0 exit $e |