OpenVPN test coverage
This page is an attempt to describe the (automated) test infrastructure we currently have, what features are tested - or at least covered - by which of the automated tests, and where more test coverage is needed
code path / test module mapping
config file stuff
code path | test module
|
---|
file based key loading (ca, key, cert, tls-auth) | t_lpback.sh
|
inline key loading (ca, key, cert, tls-auth) | t_lpback.sh
|
file based key loading (tls-crypt/tls-crypt-v2) | no
|
inline key loading (tls-crypt/tls-crypt-v2) | no
|
TLS stuff
networking stuff ("outside networking")
code path | test module
|
---|
http proxy | t_client
|
SOCKS proxy | t_client
|
interface (ifconfig etc) stuff
code path | test module
|
---|
tun/tap interface setup (unix) | t_client.sh
|
ifconfig (unix) | t_client
|
route (unix) | t_client
|
netlink sanity (linux) | t_net
|
ifconfig/netsh (windows) | openvpn-testing-windows(?)
|
ifconfig/iservice (windows) | openvpn-testing-windows(?)
|
route/netsh (windows) | openvpn-testing-windows(?)
|
all of the above with topology subnet, topology net30, topology p2p | (?)
|
packet forwarding / mangling
code path | test module
|
---|
basic ping test, v4+v6 | t_client
|
TCP MSS testing | no
|
pf testing | no
|
client side NAT testing | no
|
authentication and "server side networking" stuff (server side)
code path | test module
|
---|
server: p2mp server, tun | t_server
|
server: p2mp server, tap | t_server
|
server: p2p server, tun | t_server
|
server: p2p server, tap, --inetd | t_server
|
server: plugin interface | no
|
server: management interface | no
|
server: cert based auth | t_server
|
server: password auth (pass/fail) | no
|
server: challenge response auth (pass/fail) | no
|
test module description
"Where does this module live, how do I run it, what prerequisites are needed"
- t_cltsrv
- t_loopback
- t_net
- cmocka
- t_client
- t_server