diff options
author | Bernhard Schmidt <berni@debian.org> | 2020-10-28 19:46:08 +0100 |
---|---|---|
committer | Bernhard Schmidt <berni@debian.org> | 2020-10-28 19:46:08 +0100 |
commit | 8231554c9f1ba25cb4e698ad5cfb3a56b258610a (patch) | |
tree | 029108888123856ca13e34c612d4dd4845c2b6c3 /tests | |
parent | 5bac5f7608a14e0989e95db1a1da2e65d9322127 (diff) | |
parent | 76fee93e6fe89e5575bae2840b585d2f025b9050 (diff) |
Merge tag 'debian/2.5.0-1' into buster-backports
openvpn Debian release 2.5.0-1
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/t_lpback.sh | 8 | ||||
-rw-r--r-- | tests/unit_tests/openvpn/test_ncp.c | 14 |
2 files changed, 16 insertions, 6 deletions
diff --git a/tests/t_lpback.sh b/tests/t_lpback.sh index f2729fd..6206899 100755 --- a/tests/t_lpback.sh +++ b/tests/t_lpback.sh @@ -44,7 +44,7 @@ set +e e=0 for cipher in ${CIPHERS} do - echo -n "Testing cipher ${cipher}... " + printf "Testing cipher ${cipher}... " ( "${top_builddir}/src/openvpn/openvpn" --test-crypto --secret key.$$ --cipher ${cipher} ) >log.$$ 2>&1 if [ $? != 0 ] ; then echo "FAILED" @@ -55,7 +55,7 @@ do fi done -echo -n "Testing tls-crypt-v2 server key generation..." +printf "Testing tls-crypt-v2 server key generation... " "${top_builddir}/src/openvpn/openvpn" \ --genkey tls-crypt-v2-server tc-server-key.$$ >log.$$ 2>&1 if [ $? != 0 ] ; then @@ -66,7 +66,7 @@ else echo "OK" fi -echo -n "Testing tls-crypt-v2 key generation (no metadata)..." +printf "Testing tls-crypt-v2 key generation (no metadata)... " "${top_builddir}/src/openvpn/openvpn" --tls-crypt-v2 tc-server-key.$$ \ --genkey tls-crypt-v2-client tc-client-key.$$ >log.$$ 2>&1 if [ $? != 0 ] ; then @@ -84,7 +84,7 @@ while [ $i -lt 732 ]; do METADATA="${METADATA}A" i=$(expr $i + 1) done -echo -n "Testing tls-crypt-v2 key generation (max length metadata)..." +printf "Testing tls-crypt-v2 key generation (max length metadata)... " "${top_builddir}/src/openvpn/openvpn" --tls-crypt-v2 tc-server-key.$$ \ --genkey tls-crypt-v2-client tc-client-key.$$ "${METADATA}" \ >log.$$ 2>&1 diff --git a/tests/unit_tests/openvpn/test_ncp.c b/tests/unit_tests/openvpn/test_ncp.c index a4334c8..4077be5 100644 --- a/tests/unit_tests/openvpn/test_ncp.c +++ b/tests/unit_tests/openvpn/test_ncp.c @@ -50,7 +50,9 @@ test_check_ncp_ciphers_list(void **state) struct gc_arena gc = gc_new(); bool have_chacha = cipher_kt_get("CHACHA20-POLY1305"); - + assert_string_equal(mutate_ncp_cipher_list("none", &gc), "none"); + assert_string_equal(mutate_ncp_cipher_list("AES-256-GCM:none", &gc), + "AES-256-GCM:none"); assert_string_equal(mutate_ncp_cipher_list(aes_ciphers, &gc), aes_ciphers); @@ -139,7 +141,7 @@ test_poor_man(void **state) char *best_cipher; const char *serverlist = "CHACHA20_POLY1305:AES-128-GCM"; - const char *serverlistbfcbc = "CHACHA20_POLY1305:AES-128-GCM:BF-CBC"; + const char *serverlistbfcbc = "CHACHA20_POLY1305:AES-128-GCM:BF-CBC:none"; best_cipher = ncp_get_best_cipher(serverlist, "IV_YOLO=NO\nIV_BAR=7", @@ -166,6 +168,14 @@ test_poor_man(void **state) assert_string_equal(best_cipher, "AES-128-GCM"); + best_cipher = ncp_get_best_cipher(serverlist, NULL, + "none", &gc); + assert_ptr_equal(best_cipher, NULL); + + best_cipher = ncp_get_best_cipher(serverlistbfcbc, NULL, + "none", &gc); + assert_string_equal(best_cipher, "none"); + best_cipher = ncp_get_best_cipher(serverlist, NULL,NULL, &gc); assert_ptr_equal(best_cipher, NULL); |