Merge tag 'debian/2.5.0-1' into buster-backports

openvpn Debian release 2.5.0-1
author: Bernhard Schmidt <berni@debian.org> 2020-10-28 19:46:08 +0100
committer: Bernhard Schmidt <berni@debian.org> 2020-10-28 19:46:08 +0100
commit: 8231554c9f1ba25cb4e698ad5cfb3a56b258610a (patch)
tree: 029108888123856ca13e34c612d4dd4845c2b6c3 /tests
parent: 5bac5f7608a14e0989e95db1a1da2e65d9322127 (diff)
parent: 76fee93e6fe89e5575bae2840b585d2f025b9050 (diff)
2 files changed, 16 insertions, 6 deletions
diff --git a/tests/t_lpback.sh b/tests/t_lpback.sh
index f2729fd..6206899 100755
--- a/tests/t_lpback.sh
+++ b/tests/t_lpback.sh
@@ -44,7 +44,7 @@ set +e
 e=0
 for cipher in ${CIPHERS}
 do
-    echo -n "Testing cipher ${cipher}... "
+    printf "Testing cipher ${cipher}... "
     ( "${top_builddir}/src/openvpn/openvpn" --test-crypto --secret key.$$ --cipher ${cipher} ) >log.$$ 2>&1
     if [ $? != 0 ] ; then
         echo "FAILED"
@@ -55,7 +55,7 @@ do
     fi
 done
 
-echo -n "Testing tls-crypt-v2 server key generation..."
+printf "Testing tls-crypt-v2 server key generation... "
 "${top_builddir}/src/openvpn/openvpn" \
     --genkey tls-crypt-v2-server tc-server-key.$$ >log.$$ 2>&1
 if [ $? != 0 ] ; then
@@ -66,7 +66,7 @@ else
     echo "OK"
 fi
 
-echo -n "Testing tls-crypt-v2 key generation (no metadata)..."
+printf "Testing tls-crypt-v2 key generation (no metadata)... "
 "${top_builddir}/src/openvpn/openvpn" --tls-crypt-v2 tc-server-key.$$ \
     --genkey tls-crypt-v2-client tc-client-key.$$ >log.$$ 2>&1
 if [ $? != 0 ] ; then
@@ -84,7 +84,7 @@ while [ $i -lt 732 ]; do
     METADATA="${METADATA}A"
     i=$(expr $i + 1)
 done
-echo -n "Testing tls-crypt-v2 key generation (max length metadata)..."
+printf "Testing tls-crypt-v2 key generation (max length metadata)... "
 "${top_builddir}/src/openvpn/openvpn" --tls-crypt-v2 tc-server-key.$$ \
     --genkey tls-crypt-v2-client tc-client-key.$$ "${METADATA}" \
     >log.$$ 2>&1
diff --git a/tests/unit_tests/openvpn/test_ncp.c b/tests/unit_tests/openvpn/test_ncp.c
index a4334c8..4077be5 100644
--- a/tests/unit_tests/openvpn/test_ncp.c
+++ b/tests/unit_tests/openvpn/test_ncp.c
@@ -50,7 +50,9 @@ test_check_ncp_ciphers_list(void **state)
     struct gc_arena gc = gc_new();
     bool have_chacha = cipher_kt_get("CHACHA20-POLY1305");
 
-
+    assert_string_equal(mutate_ncp_cipher_list("none", &gc), "none");
+    assert_string_equal(mutate_ncp_cipher_list("AES-256-GCM:none", &gc),
+                        "AES-256-GCM:none");
 
     assert_string_equal(mutate_ncp_cipher_list(aes_ciphers, &gc), aes_ciphers);
 
@@ -139,7 +141,7 @@ test_poor_man(void **state)
     char *best_cipher;
 
     const char *serverlist = "CHACHA20_POLY1305:AES-128-GCM";
-    const char *serverlistbfcbc = "CHACHA20_POLY1305:AES-128-GCM:BF-CBC";
+    const char *serverlistbfcbc = "CHACHA20_POLY1305:AES-128-GCM:BF-CBC:none";
 
     best_cipher = ncp_get_best_cipher(serverlist,
                                       "IV_YOLO=NO\nIV_BAR=7",
@@ -166,6 +168,14 @@ test_poor_man(void **state)
 
     assert_string_equal(best_cipher, "AES-128-GCM");
 
+    best_cipher = ncp_get_best_cipher(serverlist, NULL,
+                                      "none", &gc);
+    assert_ptr_equal(best_cipher, NULL);
+
+    best_cipher = ncp_get_best_cipher(serverlistbfcbc, NULL,
+                                      "none", &gc);
+    assert_string_equal(best_cipher, "none");
+
     best_cipher = ncp_get_best_cipher(serverlist, NULL,NULL, &gc);
     assert_ptr_equal(best_cipher, NULL);
author	Bernhard Schmidt <berni@debian.org>	2020-10-28 19:46:08 +0100
committer	Bernhard Schmidt <berni@debian.org>	2020-10-28 19:46:08 +0100
commit	8231554c9f1ba25cb4e698ad5cfb3a56b258610a (patch)
tree	029108888123856ca13e34c612d4dd4845c2b6c3 /tests
parent	5bac5f7608a14e0989e95db1a1da2e65d9322127 (diff)
parent	76fee93e6fe89e5575bae2840b585d2f025b9050 (diff)