diff --git a/tests/Makefile.am b/tests/Makefile.am index 79c678b3..00072434 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -3,7 +3,7 @@ EXTRA_DIST = ca-key.pem ca.pem common.sh server-cert.pem server-key.pem test1.co user-config/test user-config-opt/test test-pass-script.config test-multi-cookie.config test-pam.config \ test-stress.config user-cert-wrong.pem connect-script test-group.passwd \ test-group-pass.config user-group-cert.pem user-group-key.pem test-user-group-cert.config \ - test-user-group-cert-no-pass.config + test-user-group-cert-no-pass.config docker-common.sh SUBDIRS = docker-ocserv diff --git a/tests/docker-common.sh b/tests/docker-common.sh new file mode 100755 index 00000000..66e6eb13 --- /dev/null +++ b/tests/docker-common.sh @@ -0,0 +1,74 @@ +if test -x /usr/bin/docker;then +DOCKER=/usr/bin/docker +else +DOCKER=/usr/bin/docker.io +fi + +if ! test -x $DOCKER;then + echo "The docker program is needed to perform this test" + exit 77 +fi + +if test -f /etc/debian_version;then + DEBIAN=1 +fi + +if test -f /etc/fedora-release;then + FEDORA=1 +fi + +if test -z $FEDORA && test -z $DEBIAN;then + echo "******************************************************" + echo "This test requires compiling ocserv in a Debian or Fedora systems" + echo "******************************************************" + exit 77 +fi + +lockfile docker.lock +if test "$UNIX" = 1;then + $DOCKER stop test_unix >/dev/null 2>&1 + $DOCKER rm test_unix >/dev/null 2>&1 +else + $DOCKER stop test_ocserv >/dev/null 2>&1 + $DOCKER rm test_ocserv >/dev/null 2>&1 +fi + +if test "$FEDORA" = 1;then + echo "Using the fedora image" + $DOCKER pull fedora:21 + if test $? != 0;then + echo "Cannot pull docker image" + rm -f docker.lock + exit 1 + fi + if test "$UNIX" = 1;then + cp docker-ocserv/Dockerfile-fedora-unix docker-ocserv/Dockerfile + else + cp docker-ocserv/Dockerfile-fedora-tcp docker-ocserv/Dockerfile + fi +else #DEBIAN + echo "Using the Debian image" + $DOCKER pull debian:jessie + if test $? != 0;then + echo "Cannot pull docker image" + rm -f docker.lock + exit 1 + fi + if test "$UNIX" = 1;then + cp docker-ocserv/Dockerfile-debian-unix docker-ocserv/Dockerfile + else + cp docker-ocserv/Dockerfile-debian-tcp docker-ocserv/Dockerfile + fi +fi + +cp ../src/ocserv ../src/ocpasswd ../src/occtl docker-ocserv/ + +echo "Creating image $IMAGE" +$DOCKER build -t $IMAGE docker-ocserv/ +if test $? != 0;then + echo "Cannot build docker image" + rm -f docker.lock + exit 1 +fi + +rm -f docker.lock diff --git a/tests/docker-ocserv/Dockerfile-tcp b/tests/docker-ocserv/Dockerfile-debian-tcp similarity index 97% rename from tests/docker-ocserv/Dockerfile-tcp rename to tests/docker-ocserv/Dockerfile-debian-tcp index 9e8f16af..629b2008 100644 --- a/tests/docker-ocserv/Dockerfile-tcp +++ b/tests/docker-ocserv/Dockerfile-debian-tcp @@ -1,4 +1,4 @@ -FROM tianon/debian:jessie +FROM debian:jessie RUN apt-get update;sleep 3 RUN apt-get install -y libgnutls-deb0-28 diff --git a/tests/docker-ocserv/Dockerfile-unix b/tests/docker-ocserv/Dockerfile-debian-unix similarity index 98% rename from tests/docker-ocserv/Dockerfile-unix rename to tests/docker-ocserv/Dockerfile-debian-unix index 994ef055..7917242f 100644 --- a/tests/docker-ocserv/Dockerfile-unix +++ b/tests/docker-ocserv/Dockerfile-debian-unix @@ -1,4 +1,4 @@ -FROM tianon/debian:jessie +FROM debian:jessie RUN apt-get update RUN apt-get install -y haproxy diff --git a/tests/docker-ocserv/Dockerfile-fedora-tcp b/tests/docker-ocserv/Dockerfile-fedora-tcp new file mode 100644 index 00000000..45b111a4 --- /dev/null +++ b/tests/docker-ocserv/Dockerfile-fedora-tcp @@ -0,0 +1,35 @@ +FROM fedora:21 + +RUN yum install -y gnutls gnutls-utils protobuf-c iproute pcllib http-parser tcp_wrappers pam systemd libseccomp +RUN yum install -y bash openssh-server nuttcp +RUN yum install -y libnl3 libtalloc +RUN systemctl enable sshd +RUN sed 's/PermitRootLogin without-password/PermitRootLogin yes/g' -i /etc/ssh/sshd_config + +RUN echo 'root:root' |chpasswd +RUN useradd -m -d /home/admin -s /bin/bash admin +RUN echo 'admin:admin' |chpasswd +EXPOSE 5000 +EXPOSE 5000/udp +EXPOSE 5001 +EXPOSE 5001/udp +EXPOSE 5551 +EXPOSE 5551/udp +EXPOSE 22 + +RUN mkdir /etc/ocserv + + +ADD key.pem /etc/ocserv/ +ADD cert.pem /etc/ocserv/ +ADD ocserv.conf /etc/ocserv/ +ADD passwd /etc/ocserv/ +ADD ocserv /usr/sbin/ +ADD ocpasswd /usr/bin/ +ADD occtl /usr/bin/ +ADD myscript /usr/bin/ +# It's not possible to use mknod inside a container with the default LXC +# template, so we untar it from this archive. +ADD dev-tun.tgz /dev/ + +CMD nuttcp -S;sshd-keygen;/usr/sbin/sshd;mkdir -p /tmp/disconnect/;usr/sbin/ocserv -d 1 -f;sleep 3600 diff --git a/tests/docker-ocserv/Dockerfile-fedora-unix b/tests/docker-ocserv/Dockerfile-fedora-unix new file mode 100644 index 00000000..12d9bcc4 --- /dev/null +++ b/tests/docker-ocserv/Dockerfile-fedora-unix @@ -0,0 +1,37 @@ +FROM fedora:21 + +RUN yum install -y gnutls gnutls-utils protobuf-c iproute pcllib http-parser tcp_wrappers pam systemd libseccomp +RUN yum install -y bash openssh-server nuttcp +RUN systemctl enable sshd +RUN yum install -y libnl3 libtalloc +RUN sed 's/PermitRootLogin without-password/PermitRootLogin yes/g' -i /etc/ssh/sshd_config + +RUN echo 'root:root' |chpasswd +RUN useradd -m -d /home/admin -s /bin/bash admin +RUN echo 'admin:admin' |chpasswd +EXPOSE 6000 +EXPOSE 6000/udp +EXPOSE 6001 +EXPOSE 6001/udp +EXPOSE 6551 +EXPOSE 6551/udp +EXPOSE 22 + +RUN mkdir /etc/ocserv + + +ADD key.pem /etc/ocserv/ +ADD cert.pem /etc/ocserv/ +ADD combo.pem /etc/ocserv/ +ADD haproxy.cfg /etc/haproxy/ +ADD ocserv-unix.conf /etc/ocserv/ocserv.conf +ADD passwd /etc/ocserv/ +ADD ocserv /usr/sbin/ +ADD ocpasswd /usr/bin/ +ADD occtl /usr/bin/ +ADD myscript /usr/bin/ +# It's not possible to use mknod inside a container with the default LXC +# template, so we untar it from this archive. +ADD dev-tun.tgz /dev/ + +CMD nuttcp -S;sshd-keygen;/usr/sbin/sshd;mkdir -p /tmp/disconnect/;/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg;/usr/sbin/ocserv -d 1 -f;sleep 3600 diff --git a/tests/docker-ocserv/Makefile.am b/tests/docker-ocserv/Makefile.am index e561281d..f479d565 100644 --- a/tests/docker-ocserv/Makefile.am +++ b/tests/docker-ocserv/Makefile.am @@ -1,5 +1,6 @@ -EXTRA_DIST = passwd ocserv.conf Dockerfile-tcp dev-tun.tgz myscript key.pem cert.pem \ - Dockerfile-unix ocserv-unix.conf haproxy.cfg combo.pem +EXTRA_DIST = passwd ocserv.conf Dockerfile-debian-tcp dev-tun.tgz myscript key.pem cert.pem \ + Dockerfile-debian-unix ocserv-unix.conf haproxy.cfg combo.pem Dockerfile-fedora-unix \ + Dockerfile-fedora-tcp TESTS_ENVIRONMENT = srcdir="$(srcdir)" \ top_builddir="$(top_builddir)" diff --git a/tests/full-test b/tests/full-test index 47d6cc35..c762ceb6 100755 --- a/tests/full-test +++ b/tests/full-test @@ -26,23 +26,8 @@ if [ $? != 0 ];then exit 77 fi -if test -x /usr/bin/docker;then -DOCKER=/usr/bin/docker -else -DOCKER=/usr/bin/docker.io -fi - -if ! test -x $DOCKER;then - echo "The docker program is needed to perform this test" - exit 77 -fi - -if ! test -f /etc/debian_version;then - echo "******************************************************" - echo "This test requires compiling ocserv in a Debian system" - echo "******************************************************" - exit 77 -fi +IMAGE=ocserv-test1 +. ./docker-common.sh stop() { $DOCKER stop test_ocserv @@ -50,30 +35,13 @@ stop() { exit 1 } -$DOCKER pull tianon/debian:jessie -if test $? != 0;then - echo "Cannot pull docker image" - exit 1 -fi - -cp ../src/ocserv ../src/ocpasswd ../src/occtl docker-ocserv/ - -cp docker-ocserv/Dockerfile-tcp docker-ocserv/Dockerfile -$DOCKER build -t ocserv-test1 docker-ocserv/ -if test $? != 0;then - echo "Cannot build docker image" - exit 1 -fi - -$DOCKER stop test_ocserv >/dev/null 2>&1 -$DOCKER rm test_ocserv >/dev/null 2>&1 - -$DOCKER run -P --privileged=true -p 5000:5000/udp -p 5001:5001/udp -p 22 -p 5551:5551/udp --tty=false -d --name test_ocserv ocserv-test1 +$DOCKER run -P --privileged=true -p 5000:5000/udp -p 5001:5001/udp -p 22 -p 5551:5551/udp --tty=false -d --name test_ocserv $IMAGE if test $? != 0;then echo "Cannot run docker image" exit 1 fi +echo "ocserv image was run" #wait for ocserv to server sleep 5 @@ -82,9 +50,10 @@ if test -z "$IP";then echo "Detected IP is null!" stop fi +echo "Detected IP: $IP" printf "test\ntest\n" >pass.tmp -openconnect $IP:5551 -u test --passwd-on-stdin --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 < pass.tmp & +openconnect $IP:5551 -u test --passwd-on-stdin -v --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 < pass.tmp & PID=$! rm -f pass.tmp @@ -107,6 +76,13 @@ if test $? != 0;then stop fi +ping6 -w 5 fd91:6d87:7341:db6a:0:52:190c:be00 +if test $? != 0;then + kill $PID + echo "Cannot ping the IPv6 of ocserv" + stop +fi + echo "UserKnownHostsFile ./known-hosts.tmp" >config.tmp printf "#\!/bin/sh\n" >echo-admin.tmp printf "echo yes" >>echo-admin.tmp diff --git a/tests/unix-test b/tests/unix-test index 01ca9c91..6faeaf3f 100755 --- a/tests/unix-test +++ b/tests/unix-test @@ -26,23 +26,9 @@ if [ $? != 0 ];then exit 77 fi -if test -x /usr/bin/docker;then -DOCKER=/usr/bin/docker -else -DOCKER=/usr/bin/docker.io -fi - -if ! test -x $DOCKER;then - echo "The docker program is needed to perform this test" - exit 77 -fi - -if ! test -f /etc/debian_version;then - echo "******************************************************" - echo "This test requires compiling ocserv in a Debian system" - echo "******************************************************" - exit 77 -fi +UNIX=1 +IMAGE=ocserv-test2 +. ./docker-common.sh stop() { $DOCKER stop test_unix @@ -50,26 +36,7 @@ stop() { exit 1 } -$DOCKER pull tianon/debian:jessie -if test $? != 0;then - echo "Cannot pull docker image" - exit 1 -fi - -cp ../src/ocserv ../src/ocpasswd ../src/occtl docker-ocserv/ - -cp docker-ocserv/Dockerfile-unix docker-ocserv/Dockerfile -$DOCKER build -t ocserv-test2 docker-ocserv/ -#$DOCKER build --no-cache=true -t ocserv-test2 docker-ocserv/ -if test $? != 0;then - echo "Cannot build docker image" - exit 1 -fi - -$DOCKER stop test_unix >/dev/null 2>&1 -$DOCKER rm test_unix >/dev/null 2>&1 - -$DOCKER run -P --privileged=true -p 6000:6000/udp -p 6001:6001/udp -p 22 -p 6551:6551/udp --tty=false -d --name test_unix ocserv-test2 +$DOCKER run -P --privileged=true -p 6000:6000/udp -p 6001:6001/udp -p 22 -p 6551:6551/udp --tty=false -d --name test_unix $IMAGE if test $? != 0;then echo "Cannot run docker image" exit 1