OpenVPN test coverage
This page is an attempt to describe the (automated) test infrastructure we currently have, what features are tested - or at least covered - by which of the automated tests, and where more test coverage is needed
code path / test module mapping
config file stuff
| code path | test module
|
|---|
| file based key loading (ca, key, cert, tls-auth) | t_lpback.sh
|
| inline key loading (ca, key, cert, tls-auth) | t_lpback.sh
|
| file based key loading (tls-crypt/tls-crypt-v2) | no
|
| inline key loading (tls-crypt/tls-crypt-v2) | no
|
TLS stuff
networking stuff ("outside networking")
| code path | test module
|
|---|
| TCP connection, v4/v6 | t_client
|
| UDP connection, v4/v6 | t_client
|
| * connection, v4/v6 failover | could be t_client, not currently setup (needs single-stack server instances with dual stack DNS)
|
| --multihome across platforms, v4, v4-mapped-v6, v6 | t_client can test this to some extent, more work needed
|
| http proxy | t_client
|
| http proxy auth | t_client (?)
|
| WINS auth | t_client could do this, no server set up yet
|
| SOCKS proxy, TCP | t_client
|
| SOCKS proxy, UDP | t_client (note: --proto udp6 failing today)
|
| floating client | no
|
interface (ifconfig etc) stuff
| code path | test module
|
|---|
| tun/tap interface setup (unix) | t_client.sh
|
| ifconfig (unix) | t_client
|
| route (unix) | t_client
|
| netlink sanity (linux) | t_net
|
| ifconfig/netsh (windows) | openvpn-testing-windows(?)
|
| ifconfig/iservice (windows) | openvpn-testing-windows(?)
|
| route/netsh (windows) | openvpn-testing-windows(?)
|
| all of the above with topology subnet, topology net30, topology p2p | (?)
|
packet forwarding / mangling
| code path | test module
|
|---|
| basic ping test, v4+v6 | t_client
|
| TCP MSS testing | no
|
| pf testing | no
|
| client side NAT testing | no
|
authentication and "server side networking" stuff (server side)
| code path | test module
|
|---|
| server: p2mp server, tun | t_server
|
| server: p2mp server, tap | t_server
|
| server: p2p server, tun | t_server
|
| server: p2p server, tap, --inetd | t_server
|
| server: plugin interface | no
|
| server: management interface | no
|
| server: cert based auth | t_server
|
| server: password auth (pass/fail) | no
|
| server: challenge response auth (pass/fail) | no
|
test module description
"Where does this module live, how do I run it, what prerequisites are needed"
- t_cltsrv
- t_loopback
- t_net
- cmocka
- t_client
- t_server
