summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorBernhard Schmidt <berni@debian.org>2020-10-28 19:46:08 +0100
committerBernhard Schmidt <berni@debian.org>2020-10-28 19:46:08 +0100
commit8231554c9f1ba25cb4e698ad5cfb3a56b258610a (patch)
tree029108888123856ca13e34c612d4dd4845c2b6c3 /tests
parent5bac5f7608a14e0989e95db1a1da2e65d9322127 (diff)
parent76fee93e6fe89e5575bae2840b585d2f025b9050 (diff)
Merge tag 'debian/2.5.0-1' into buster-backports
openvpn Debian release 2.5.0-1
Diffstat (limited to 'tests')
-rwxr-xr-xtests/t_lpback.sh8
-rw-r--r--tests/unit_tests/openvpn/test_ncp.c14
2 files changed, 16 insertions, 6 deletions
diff --git a/tests/t_lpback.sh b/tests/t_lpback.sh
index f2729fd..6206899 100755
--- a/tests/t_lpback.sh
+++ b/tests/t_lpback.sh
@@ -44,7 +44,7 @@ set +e
e=0
for cipher in ${CIPHERS}
do
- echo -n "Testing cipher ${cipher}... "
+ printf "Testing cipher ${cipher}... "
( "${top_builddir}/src/openvpn/openvpn" --test-crypto --secret key.$$ --cipher ${cipher} ) >log.$$ 2>&1
if [ $? != 0 ] ; then
echo "FAILED"
@@ -55,7 +55,7 @@ do
fi
done
-echo -n "Testing tls-crypt-v2 server key generation..."
+printf "Testing tls-crypt-v2 server key generation... "
"${top_builddir}/src/openvpn/openvpn" \
--genkey tls-crypt-v2-server tc-server-key.$$ >log.$$ 2>&1
if [ $? != 0 ] ; then
@@ -66,7 +66,7 @@ else
echo "OK"
fi
-echo -n "Testing tls-crypt-v2 key generation (no metadata)..."
+printf "Testing tls-crypt-v2 key generation (no metadata)... "
"${top_builddir}/src/openvpn/openvpn" --tls-crypt-v2 tc-server-key.$$ \
--genkey tls-crypt-v2-client tc-client-key.$$ >log.$$ 2>&1
if [ $? != 0 ] ; then
@@ -84,7 +84,7 @@ while [ $i -lt 732 ]; do
METADATA="${METADATA}A"
i=$(expr $i + 1)
done
-echo -n "Testing tls-crypt-v2 key generation (max length metadata)..."
+printf "Testing tls-crypt-v2 key generation (max length metadata)... "
"${top_builddir}/src/openvpn/openvpn" --tls-crypt-v2 tc-server-key.$$ \
--genkey tls-crypt-v2-client tc-client-key.$$ "${METADATA}" \
>log.$$ 2>&1
diff --git a/tests/unit_tests/openvpn/test_ncp.c b/tests/unit_tests/openvpn/test_ncp.c
index a4334c8..4077be5 100644
--- a/tests/unit_tests/openvpn/test_ncp.c
+++ b/tests/unit_tests/openvpn/test_ncp.c
@@ -50,7 +50,9 @@ test_check_ncp_ciphers_list(void **state)
struct gc_arena gc = gc_new();
bool have_chacha = cipher_kt_get("CHACHA20-POLY1305");
-
+ assert_string_equal(mutate_ncp_cipher_list("none", &gc), "none");
+ assert_string_equal(mutate_ncp_cipher_list("AES-256-GCM:none", &gc),
+ "AES-256-GCM:none");
assert_string_equal(mutate_ncp_cipher_list(aes_ciphers, &gc), aes_ciphers);
@@ -139,7 +141,7 @@ test_poor_man(void **state)
char *best_cipher;
const char *serverlist = "CHACHA20_POLY1305:AES-128-GCM";
- const char *serverlistbfcbc = "CHACHA20_POLY1305:AES-128-GCM:BF-CBC";
+ const char *serverlistbfcbc = "CHACHA20_POLY1305:AES-128-GCM:BF-CBC:none";
best_cipher = ncp_get_best_cipher(serverlist,
"IV_YOLO=NO\nIV_BAR=7",
@@ -166,6 +168,14 @@ test_poor_man(void **state)
assert_string_equal(best_cipher, "AES-128-GCM");
+ best_cipher = ncp_get_best_cipher(serverlist, NULL,
+ "none", &gc);
+ assert_ptr_equal(best_cipher, NULL);
+
+ best_cipher = ncp_get_best_cipher(serverlistbfcbc, NULL,
+ "none", &gc);
+ assert_string_equal(best_cipher, "none");
+
best_cipher = ncp_get_best_cipher(serverlist, NULL,NULL, &gc);
assert_ptr_equal(best_cipher, NULL);