= OpenVPN test coverage = This page is an attempt to describe the (automated) test infrastructure we currently have, what features are tested - or at least covered - by which of the automated tests, and where more test coverage is needed == code path / test module mapping == === config file stuff === ||= code path =||= test module =|| || file based key loading (ca, key, cert, tls-auth) || t_lpback.sh || || inline key loading (ca, key, cert, tls-auth) || t_lpback.sh || || file based key loading (tls-crypt/tls-crypt-v2) || **no** || || inline key loading (tls-crypt/tls-crypt-v2) || **no** || === TLS stuff === ||= code path =||= test module =|| === networking stuff ("outside networking") === ||= code path =||= test module =|| || TCP connection, v4/v6 || t_client || || UDP connection, v4/v6 || t_client || || * connection, v4/v6 failover || could be t_client, not currently setup (needs single-stack server instances with dual stack DNS) || || --multihome across platforms, v4, v4-mapped-v6, v6 || t_client can test this to some extent, more work needed || || http proxy || t_client || || http proxy auth || t_client (?) || || WINS auth || t_client could do this, no server set up yet || || SOCKS proxy, TCP || t_client || || SOCKS proxy, UDP || t_client (note: --proto udp6 failing today) || || floating client || **no** || === interface (ifconfig etc) stuff === ||= code path =||= test module =|| || tun/tap interface setup (unix) || t_client.sh || || ifconfig (unix) || t_client || || route (unix) || t_client || || netlink sanity (linux) || t_net || || ifconfig/netsh (windows) || openvpn-testing-windows(?) || || ifconfig/iservice (windows) || openvpn-testing-windows(?) || || route/netsh (windows) || openvpn-testing-windows(?) || || all of the above with topology subnet, topology net30, topology p2p || (?) || === packet forwarding / mangling === ||= code path =||= test module =|| || basic ping test, v4+v6 || t_client || || TCP MSS testing || **no** || || pf testing || **no** || || client side NAT testing || **no** || === authentication and "server side networking" stuff (server side) === ||= code path =||= test module =|| || server: p2mp server, tun || t_server || || server: p2mp server, tap || t_server || || server: p2p server, tun || t_server || || server: p2p server, tap, --inetd || t_server || || server: plugin interface || ** no ** || || server: management interface || ** no ** || || server: cert based auth || t_server || || server: password auth (pass/fail) || ** no ** || || server: challenge response auth (pass/fail) || ** no ** || == test module description == "Where does this module live, how do I run it, what prerequisites are needed" * t_cltsrv * t_loopback * t_net * cmocka * t_client * t_server