2026-03-11 07:17:02 +08:00 · 2015-02-16 13:21:14 +01:00
parent a2f52c58cc
commit 683fd2ec28
5 changed files with 20 additions and 18 deletions
							
							
								
							
							
						
@@ -13,12 +13,13 @@ SUBDIRS = docker-ocserv
dist_check_SCRIPTS = test-pass test-pass-cert test-cert test-iroute test-pass-script \
	test-multi-cookie test-pam test-stress full-test test-group-pass test-pass-group-cert \
	ocpasswd-test test-pass-group-cert-no-pass unix-test test-pass-opt-cert \
	test-cookie-timeout test-cookie-timeout-2 radius-test test-explicit-ip
	test-cookie-timeout test-cookie-timeout-2 radius-test test-explicit-ip \
	radius-test
TESTS = test-pass test-pass-cert test-cert test-iroute test-pass-script \
	test-multi-cookie full-test test-group-pass test-pass-group-cert \
	ocpasswd-test test-pass-group-cert-no-pass unix-test test-pass-opt-cert \
	test-cookie-timeout test-cookie-timeout-2 test-explicit-ip
	test-cookie-timeout test-cookie-timeout-2 test-explicit-ip radius-test
TESTS_ENVIRONMENT = srcdir="$(srcdir)" \
	top_builddir="$(top_builddir)"
							
							
							
						
 
							
							
								
							
							
						
@@ -4,7 +4,8 @@ RUN yum install -y gnutls gnutls-utils protobuf-c iproute pcllib http-parser tcp
RUN yum install -y bash openssh-server nuttcp
RUN yum install -y libnl3 libtalloc
RUN yum install -y lz4
RUN yum install -y freeradius freeradius-client
RUN yum install -y freeradius-client
RUN yum install -y freeradius
RUN systemctl enable sshd
RUN sed 's/PermitRootLogin without-password/PermitRootLogin yes/g' -i /etc/ssh/sshd_config
							
							
							
								
							
						
@@ -27,7 +28,7 @@ ADD cert.pem /etc/ocserv/
ADD ocserv-radius.conf /etc/ocserv/ocserv.conf
ADD radiusclient.conf /etc/radiusclient/
ADD radius-clients.conf /etc/raddb/clients.conf
ADD radiusclient-servers /etc/raddb/servers
ADD radiusclient-servers /etc/radiusclient/servers
ADD ocserv /usr/sbin/
ADD ocpasswd /usr/bin/
ADD occtl /usr/bin/
							
								
							
							
							
						
 
							
							
								
							
							
						
@@ -252,7 +252,7 @@ ping-leases = false
# comment out all routes from the server.
route = 192.168.1.0/255.255.255.0
#route = 192.168.5.0/255.255.255.0
#route = fef4:db8:1000:1001::/64
route = fd91:6d87:7341:db6a::/64
# Configuration files that will be applied per user connection or
# per group. Each file name on these directories must match the username
							
								
							
							
							
						
 
							
							
								
							
							
						
@@ -146,7 +146,7 @@ client localhost {
	#	other		# for all other types
	#
	nastype     = other	# localhost isn't usually a NAS...
	nas_type     = other	# localhost isn't usually a NAS...
	#
	#  The following two configurations are for future use.
							
								
							
							
							
						
 
							
							
								
							
							
						
@@ -66,26 +66,26 @@ rm -f pass.tmp
sleep 5
# The client IP depends on the username so it shouldn't change.
ping -w 5 192.168.1.190
ping -w 5 192.168.1.0
if test $? != 0;then
	kill $PID
	echo "Cannot ping ocserv"
	stop
fi
ping -w 5 192.168.1.190 -s 1500
ping -w 5 192.168.1.0 -s 1500
if test $? != 0;then
	kill $PID
	echo "Cannot ping ocserv"
	stop
fi
ping6 -w 5 fd91:6d87:7341:db6a:0:52:190c:be00
if test $? != 0;then
	kill $PID
	echo "Cannot ping the IPv6 of ocserv"
	stop
fi
#ping6 -w 5 fd91:6d87:7341:db6a::
#if test $? != 0;then
#	kill $PID
#	echo "Cannot ping the IPv6 of ocserv"
#	stop
#fi
echo "UserKnownHostsFile ./known-hosts.tmp" >config.tmp
printf "#\!/bin/sh\n" >echo-admin.tmp
							
							
							
								
							
						
@@ -94,14 +94,14 @@ printf "echo root" >>echo-admin.tmp
printf "\n" >>echo-admin.tmp
chmod 755 echo-admin.tmp
export SSH_ASKPASS="./echo-admin.tmp"
setsid ssh -T -F config.tmp root@192.168.1.190 occtl show user test >out.tmp 2>&1
setsid ssh -T -F config.tmp root@192.168.1.0 occtl show user test >out.tmp 2>&1
cat out.tmp
printf "#\!/bin/sh\n" >echo-admin.tmp
printf "echo root" >>echo-admin.tmp
printf "\n" >>echo-admin.tmp
chmod 755 echo-admin.tmp
setsid ssh -T -F config.tmp root@192.168.1.190 occtl show user test >out.tmp 2>&1
setsid ssh -T -F config.tmp root@192.168.1.0 occtl show user test >out.tmp 2>&1
cat out.tmp
rm -f echo-admin.tmp
rm -f config.tmp
							
							
							
								
							
						
@@ -119,14 +119,14 @@ rm -f out.tmp
# There is an issue in nuttcp that makes it crash under docker if
# /proc/sys/net/ipv4/tcp_adv_win_scale does not exist.
if test "$FEDORA" = 1;then
nuttcp -T 10 -t 192.168.1.190
nuttcp -T 10 -t 192.168.1.0
if test $? != 0;then
	kill $PID
	echo "Cannot send to ocserv"
	stop
fi
nuttcp -T 10 -r 192.168.1.190
nuttcp -T 10 -r 192.168.1.0
if test $? != 0;then
	kill $PID
	echo "Cannot recv from ocserv"