mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 00:37:00 +08:00
tests: reproduce #231
This modifies test-pass-script to force a DPD timeout to
verify whether ${IP_REMOTE} is set on the disconnect script.
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
This commit is contained in:
Nikos Mavrogiannopoulos
committed by
Nikos Mavrogiannopoulos
Nikos Mavrogiannopoulos
parent
8d1aa343b4
commit
d852195e64
@@ -2,28 +2,32 @@
|
||||
|
||||
#echo $USERNAME : $REASON : $DEVICE
|
||||
|
||||
env >/tmp/out.$REASON.tmp
|
||||
|
||||
if test -z "${IP_REMOTE}";then
|
||||
echo "Remote IP environment variable was not set"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
case "$REASON" in
|
||||
connect)
|
||||
test "${OCSERV_DNS}" = "192.168.1.1 192.168.5.1 " && \
|
||||
test "${OCSERV_DNS4}" = "192.168.1.1 192.168.5.1 " && \
|
||||
test "${OCSERV_ROUTES}" = "192.168.1.0/255.255.255.0 192.168.5.0/255.255.255.0 " && \
|
||||
test "${OCSERV_ROUTES4}" = "192.168.1.0/255.255.255.0 192.168.5.0/255.255.255.0 " && \
|
||||
echo > connect.ok
|
||||
echo "${IP_REMOTE}" > connect.ok
|
||||
;;
|
||||
disconnect)
|
||||
if ! test -z "$DEVICE";then
|
||||
#ifconfig $DEVICE
|
||||
#if test "$?" = "0";then
|
||||
if ! test -z "$DEVICE";then
|
||||
test "${OCSERV_DNS}" = "192.168.1.1 192.168.5.1 " && \
|
||||
test "${OCSERV_DNS4}" = "192.168.1.1 192.168.5.1 " && \
|
||||
test "${OCSERV_ROUTES}" = "192.168.1.0/255.255.255.0 192.168.5.0/255.255.255.0 " && \
|
||||
test "${OCSERV_ROUTES4}" = "192.168.1.0/255.255.255.0 192.168.5.0/255.255.255.0 " && \
|
||||
echo > disconnect.ok
|
||||
#fi
|
||||
echo "${IP_REMOTE}" > disconnect.ok
|
||||
fi
|
||||
;;
|
||||
"host-update")
|
||||
echo > host-update.ok
|
||||
echo > host-update.ok
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
@@ -35,7 +35,7 @@ udp-port = 4448
|
||||
keepalive = 32400
|
||||
|
||||
# Dead peer detection in seconds
|
||||
dpd = 440
|
||||
dpd = 5
|
||||
|
||||
# MTU discovery (DPD must be enabled)
|
||||
try-mtu-discovery = false
|
||||
@@ -101,6 +101,10 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is allowed to stay idle (no traffic)
|
||||
# before being disconnected. Unset to disable.
|
||||
#idle-timeout = 5
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
#
|
||||
# Copyright (C) 2013-2016 Nikos Mavrogiannopoulos
|
||||
# Copyright (C) 2013-2020 Nikos Mavrogiannopoulos
|
||||
#
|
||||
# This file is part of ocserv.
|
||||
#
|
||||
@@ -22,24 +22,41 @@ SERV="${SERV:-../src/ocserv}"
|
||||
srcdir=${srcdir:-.}
|
||||
builddir=${builddir:-.}
|
||||
PORT=4448
|
||||
OPIDFILE=pass-script.$$.tmp
|
||||
PARAMSFILE=pass-script.params.$$.tmp
|
||||
|
||||
. `dirname $0`/common.sh
|
||||
|
||||
echo "Testing script behavior"
|
||||
|
||||
function finish {
|
||||
echo " * Cleaning up..."
|
||||
rm -f ${builddir}/connect.ok
|
||||
rm -f ${builddir}/disconnect.ok
|
||||
rm -f ${builddir}/host-update.ok
|
||||
test -n "${PID}" && kill ${PID} >/dev/null 2>&1
|
||||
test -f ${OPIDFILE} && kill $(cat ${OPIDFILE}) >/dev/null 2>&1
|
||||
rm -f ${OPIDFILE}
|
||||
rm -f ${TMPFILE}
|
||||
rm -f ${PARAMSFILE}
|
||||
}
|
||||
trap finish EXIT
|
||||
|
||||
rm -f ${builddir}/connect.ok
|
||||
rm -f ${builddir}/disconnect.ok
|
||||
|
||||
$OPENCONNECT --help|grep local-hostname
|
||||
$OPENCONNECT --help|grep local-hostname >/dev/null
|
||||
if test $? != 0;then
|
||||
echo "Openconnect doesn't support --local-hostname"
|
||||
exit 77
|
||||
fi
|
||||
|
||||
echo "Testing local backend with username-password... "
|
||||
echo " * Testing local backend with username-password... "
|
||||
|
||||
launch_server -d 1 -f -c "${srcdir}/data/test-pass-script.config" & PID=$!
|
||||
wait_server $PID
|
||||
|
||||
echo "Connecting to obtain cookie with wrong username... "
|
||||
echo " * Connecting to obtain cookie with wrong username... "
|
||||
( echo "tost" | $OPENCONNECT -q localhost:$PORT -u tost --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1 ) &&
|
||||
fail $PID "Received cookie when we shouldn't"
|
||||
|
||||
@@ -48,15 +65,12 @@ rm -f ${builddir}/disconnect.ok
|
||||
rm -f ${builddir}/host-update.ok
|
||||
#test special characters
|
||||
|
||||
echo "Connecting to obtain cookie... "
|
||||
echo " * Connecting to obtain cookie... "
|
||||
( echo "!@#$%^&*()<>" | $OPENCONNECT -q localhost:$PORT -u "sp@c/al" --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1 ) ||
|
||||
fail $PID "Could not receive cookie from server"
|
||||
|
||||
echo "Re-connecting to force script run... "
|
||||
echo "!@#$%^&*()<>" | timeout 7 $OPENCONNECT -q --local-hostname='mylocalname' localhost:$PORT -u "sp@c/al" --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 -s /bin/true #>/dev/null 2>&1
|
||||
|
||||
kill $PID
|
||||
wait
|
||||
echo " * Re-connecting to force script run... "
|
||||
echo "!@#$%^&*()<>" | timeout 7 $OPENCONNECT -q --local-hostname='mylocalname' localhost:$PORT -u "sp@c/al" --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 -s /bin/true
|
||||
|
||||
sleep 5
|
||||
|
||||
@@ -66,18 +80,82 @@ if ! test -f ${builddir}/connect.ok;then
|
||||
fi
|
||||
|
||||
if ! test -f ${builddir}/host-update.ok;then
|
||||
echo "Host-update script was not run"
|
||||
echo "Host-update script was not run (1)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! test -f ${builddir}/disconnect.ok;then
|
||||
echo "Disconnect script was not run properly"
|
||||
echo "Disconnect script was not run properly (1)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
rm -f ${builddir}/connect.ok
|
||||
rm -f ${builddir}/disconnect.ok
|
||||
rm -f ${builddir}/host-update.ok
|
||||
rm -f $TMPFILE
|
||||
|
||||
exit 0
|
||||
echo " * Re-connecting to get cookie... "
|
||||
echo "test2" | $OPENCONNECT -q localhost:$PORT -u "test2" --authenticate --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 -s /bin/true >${PARAMSFILE}
|
||||
if test $? != 0;then
|
||||
echo "Could not connect"
|
||||
cat ${PARAMSFILE}
|
||||
exit 1
|
||||
fi
|
||||
|
||||
grep COOKIE ${PARAMSFILE}
|
||||
if test $? != 0;then
|
||||
echo "Did not get cookie"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo " * Re-connecting to force timeout disconnect... "
|
||||
eval "$(grep COOKIE ${PARAMSFILE})"
|
||||
echo ${COOKIE}| $OPENCONNECT localhost:$PORT -u "test2" --cookie-on-stdin --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 -s /bin/true --pid-file=${OPIDFILE} -b
|
||||
|
||||
sleep 4
|
||||
echo " - Pausing client"
|
||||
if ! test -f ${OPIDFILE};then
|
||||
echo "Could not find pid file"
|
||||
exit 1
|
||||
fi
|
||||
kill -s STOP $(cat ${OPIDFILE})
|
||||
sleep 50
|
||||
echo " - Resuming client"
|
||||
|
||||
ret=0
|
||||
if ! test -f ${builddir}/connect.ok;then
|
||||
echo "Connect script was not run (2)"
|
||||
ret=1
|
||||
fi
|
||||
|
||||
if ! test -f ${builddir}/disconnect.ok;then
|
||||
echo "Disconnect script was not run properly (2)"
|
||||
ret=1
|
||||
fi
|
||||
|
||||
rm -f ${builddir}/connect.ok
|
||||
rm -f ${builddir}/disconnect.ok
|
||||
|
||||
kill -s CONT $(cat ${OPIDFILE})
|
||||
test -f ${OPIDFILE} && kill $(cat ${OPIDFILE})
|
||||
|
||||
echo " * Re-connecting to check whether resumption results to IP address... "
|
||||
echo ${COOKIE} | $OPENCONNECT -q localhost:$PORT -u "test2" --cookie-on-stdin --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 -s /bin/true --pid-file=${OPIDFILE} -b
|
||||
sleep 5
|
||||
test -f ${OPIDFILE} && kill $(cat ${OPIDFILE})
|
||||
sleep 6
|
||||
kill $PID
|
||||
wait
|
||||
|
||||
if ! test -f ${builddir}/connect.ok;then
|
||||
echo "Connect script was not run (3)"
|
||||
ret=1
|
||||
fi
|
||||
|
||||
if ! test -f ${builddir}/disconnect.ok;then
|
||||
echo "Disconnect script was not run properly (3)"
|
||||
ret=1
|
||||
fi
|
||||
|
||||
echo "Script tests were successful"
|
||||
|
||||
exit $ret
|
||||
|
||||
Reference in New Issue
Block a user