Ticket #168: test-bug-168.sh

#!/bin/bash
# This script automatically tests for OpenVPN bug #168.
# It assumes that sample configurations and keys are installed at
# /usr/share/doc/openvpn-*

cd /usr/share/doc/openvpn-*
TEMPFILE="/dev/shm/$$.$RANDOM"
( for cipher in $(openvpn --show-ciphers | awk '{if (NF==0){ok=1; next}; if (ok) {print $1}}'); do
        openvpn --test-crypto --secret sample-keys/ta.key --cipher $cipher >$TEMPFILE 2>&1
        ECODE=$?
        if [ $ECODE -eq 1 ]; then
          if grep 'Assertion failed at crypto.c:161' $TEMPFILE >/dev/null; then
                echo "BAD: Cipher $cipher does not work in Shared Secret mode."
          else
                echo "ERROR: There was some other problem while testing cipher $cipher in Shared Secret mode."
          fi
        else
                if [ $ECODE -gt 0 ]; then
                        echo "ERROR: Server exited with code $ECODE while testing cipher $cipher in Shared Secret mode."
                else
                        echo "GOOD: Cipher $cipher seems to work fine in Shared Secret mode."
                fi
        fi
        openvpn --config sample-config-files/loopback-server --cipher $cipher >$TEMPFILE 2>&1 &
        PID=$!
        openvpn --config sample-config-files/loopback-client --cipher $cipher >/dev/null 2>&1
        ECODE=$?
        wait $PID
        if [ $ECODE -eq 1 ]; then
          if grep 'Assertion failed at crypto.c:161' $TEMPFILE >/dev/null; then
                echo "BAD: Cipher $cipher does not work in TLS mode."
          else
                echo "ERROR: There was some other problem while testing cipher $cipher in TLS mode."
          fi
        else
                if [ $ECODE -gt 0 ]; then
                        echo "ERROR: Server exited with code $ECODE while testing cipher $cipher in TLS mode."
                else
                        echo "GOOD: Cipher $cipher seems to work fine in TLS mode."
                fi
        fi
done
rm -f $TEMPFILE
) | sort