OpenVPN test coverage

This page is an attempt to describe the (automated) test infrastructure we currently have, what features are tested - or at least covered - by which of the automated tests, and where more test coverage is needed

code path / test module mapping

config file stuff

code path test module
file based key loading (ca, key, cert, tls-auth)
inline key loading (ca, key, cert, tls-auth)
file based key loading (tls-crypt/tls-crypt-v2) no
inline key loading (tls-crypt/tls-crypt-v2) no

TLS stuff

code path test module

networking stuff ("outside networking")

code path test module
TCP connection, v4/v6 t_client
UDP connection, v4/v6 t_client
* connection, v4/v6 failover could be t_client, not currently setup (needs single-stack server instances with dual stack DNS)
--multihome across platforms, v4, v4-mapped-v6, v6 t_client can test this to some extent, more work needed
http proxy t_client
http proxy auth t_client (?)
WINS auth t_client could do this, no server set up yet
SOCKS proxy, TCP t_client
SOCKS proxy, UDP t_client (note: --proto udp6 failing today)
floating client no

interface (ifconfig etc) stuff

code path test module
tun/tap interface setup (unix)
ifconfig (unix) t_client
route (unix) t_client
netlink sanity (linux) t_net
ifconfig/netsh (windows) openvpn-testing-windows(?)
ifconfig/iservice (windows) openvpn-testing-windows(?)
route/netsh (windows) openvpn-testing-windows(?)
all of the above with topology subnet, topology net30, topology p2p (?)

packet forwarding / mangling

code path test module
basic ping test, v4+v6 t_client
TCP MSS testing no
pf testing no
client side NAT testing no

authentication and "server side networking" stuff (server side)

code path test module
server: p2mp server, tun t_server
server: p2mp server, tap t_server
server: p2p server, tun t_server
server: p2p server, tap, --inetd t_server
server: plugin interface no
server: management interface no
server: cert based auth t_server
server: password auth (pass/fail) no
server: challenge response auth (pass/fail) no

test module description

"Where does this module live, how do I run it, what prerequisites are needed"

  • t_cltsrv
  • t_loopback
  • t_net
  • cmocka
  • t_client
  • t_server
Last modified 13 months ago Last modified on 05/28/20 14:40:30