From: Antonio Quartulli Date: Tue, 6 May 2025 13:01:00 +0000 (+0200) Subject: selftest/net/ovpn: extend coverage with more test cases X-Git-Tag: v6.16-rc1~132^2~82^2~3 X-Git-Url: https://git.kernel.dk/?a=commitdiff_plain;h=944f8b6abab6;p=linux-block.git selftest/net/ovpn: extend coverage with more test cases To increase code coverage, extend the ovpn selftests with the following cases: * connect UDP peers using a mix of IPv6 and IPv4 at the transport layer * run full test with tunnel MTU equal to transport MTU (exercising IP layer fragmentation) * ping "LAN IP" served by VPN peer ("LAN behind a client" test case) Signed-off-by: Antonio Quartulli --- diff --git a/tools/testing/selftests/net/ovpn/Makefile b/tools/testing/selftests/net/ovpn/Makefile index 2d102878cb6d..e0926d76b4c8 100644 --- a/tools/testing/selftests/net/ovpn/Makefile +++ b/tools/testing/selftests/net/ovpn/Makefile @@ -20,6 +20,7 @@ LDLIBS += $(VAR_LDLIBS) TEST_FILES = common.sh TEST_PROGS = test.sh \ + test-large-mtu.sh \ test-chachapoly.sh \ test-tcp.sh \ test-float.sh \ diff --git a/tools/testing/selftests/net/ovpn/common.sh b/tools/testing/selftests/net/ovpn/common.sh index 7502292a1ee0..88869c675d03 100644 --- a/tools/testing/selftests/net/ovpn/common.sh +++ b/tools/testing/selftests/net/ovpn/common.sh @@ -11,6 +11,8 @@ ALG=${ALG:-aes} PROTO=${PROTO:-UDP} FLOAT=${FLOAT:-0} +LAN_IP="11.11.11.11" + create_ns() { ip netns add peer${1} } @@ -24,15 +26,25 @@ setup_ns() { ip link add veth${p} netns peer0 type veth peer name veth${p} netns peer${p} ip -n peer0 addr add 10.10.${p}.1/24 dev veth${p} + ip -n peer0 addr add fd00:0:0:${p}::1/64 dev veth${p} ip -n peer0 link set veth${p} up ip -n peer${p} addr add 10.10.${p}.2/24 dev veth${p} + ip -n peer${p} addr add fd00:0:0:${p}::2/64 dev veth${p} ip -n peer${p} link set veth${p} up done fi ip netns exec peer${1} ${OVPN_CLI} new_iface tun${1} $MODE ip -n peer${1} addr add ${2} dev tun${1} + # add a secondary IP to peer 1, to test a LAN behind a client + if [ ${1} -eq 1 -a -n "${LAN_IP}" ]; then + ip -n peer${1} addr add ${LAN_IP} dev tun${1} + ip -n peer0 route add ${LAN_IP} via $(echo ${2} |sed -e s'!/.*!!') dev tun0 + fi + if [ -n "${3}" ]; then + ip -n peer${1} link set mtu ${3} dev tun${1} + fi ip -n peer${1} link set tun${1} up } @@ -46,7 +58,11 @@ add_peer() { data64.key done else - ip netns exec peer${1} ${OVPN_CLI} new_peer tun${1} ${1} 1 10.10.${1}.1 1 + RADDR=$(awk "NR == ${1} {print \$2}" ${UDP_PEERS_FILE}) + RPORT=$(awk "NR == ${1} {print \$3}" ${UDP_PEERS_FILE}) + LPORT=$(awk "NR == ${1} {print \$5}" ${UDP_PEERS_FILE}) + ip netns exec peer${1} ${OVPN_CLI} new_peer tun${1} ${1} ${LPORT} \ + ${RADDR} ${RPORT} ip netns exec peer${1} ${OVPN_CLI} new_key tun${1} ${1} 1 0 ${ALG} 1 \ data64.key fi diff --git a/tools/testing/selftests/net/ovpn/ovpn-cli.c b/tools/testing/selftests/net/ovpn/ovpn-cli.c index c6372a1b4728..de9c26f98b2e 100644 --- a/tools/testing/selftests/net/ovpn/ovpn-cli.c +++ b/tools/testing/selftests/net/ovpn/ovpn-cli.c @@ -1934,7 +1934,8 @@ static void ovpn_waitbg(void) static int ovpn_run_cmd(struct ovpn_ctx *ovpn) { - char peer_id[10], vpnip[INET6_ADDRSTRLEN], raddr[128], rport[10]; + char peer_id[10], vpnip[INET6_ADDRSTRLEN], laddr[128], lport[10]; + char raddr[128], rport[10]; int n, ret; FILE *fp; @@ -2050,8 +2051,8 @@ static int ovpn_run_cmd(struct ovpn_ctx *ovpn) return -1; } - while ((n = fscanf(fp, "%s %s %s %s\n", peer_id, raddr, rport, - vpnip)) == 4) { + while ((n = fscanf(fp, "%s %s %s %s %s %s\n", peer_id, laddr, + lport, raddr, rport, vpnip)) == 6) { struct ovpn_ctx peer_ctx = { 0 }; peer_ctx.ifindex = ovpn->ifindex; @@ -2355,7 +2356,7 @@ int main(int argc, char *argv[]) } memset(&ovpn, 0, sizeof(ovpn)); - ovpn.sa_family = AF_INET; + ovpn.sa_family = AF_UNSPEC; ovpn.cipher = OVPN_CIPHER_ALG_NONE; ovpn.cmd = ovpn_parse_cmd(argv[1]); diff --git a/tools/testing/selftests/net/ovpn/test.sh b/tools/testing/selftests/net/ovpn/test.sh index 7b62897b0240..e8acdc303307 100755 --- a/tools/testing/selftests/net/ovpn/test.sh +++ b/tools/testing/selftests/net/ovpn/test.sh @@ -18,7 +18,7 @@ for p in $(seq 0 ${NUM_PEERS}); do done for p in $(seq 0 ${NUM_PEERS}); do - setup_ns ${p} 5.5.5.$((${p} + 1))/24 + setup_ns ${p} 5.5.5.$((${p} + 1))/24 ${MTU} done for p in $(seq 0 ${NUM_PEERS}); do @@ -34,8 +34,12 @@ sleep 1 for p in $(seq 1 ${NUM_PEERS}); do ip netns exec peer0 ping -qfc 500 -w 3 5.5.5.$((${p} + 1)) + ip netns exec peer0 ping -qfc 500 -s 3000 -w 3 5.5.5.$((${p} + 1)) done +# ping LAN behind client 1 +ip netns exec peer0 ping -qfc 500 -w 3 ${LAN_IP} + if [ "$FLOAT" == "1" ]; then # make clients float.. for p in $(seq 1 ${NUM_PEERS}); do diff --git a/tools/testing/selftests/net/ovpn/udp_peers.txt b/tools/testing/selftests/net/ovpn/udp_peers.txt index 32f14bd9347a..e9773ddf875c 100644 --- a/tools/testing/selftests/net/ovpn/udp_peers.txt +++ b/tools/testing/selftests/net/ovpn/udp_peers.txt @@ -1,5 +1,6 @@ -1 10.10.1.2 1 5.5.5.2 -2 10.10.2.2 1 5.5.5.3 -3 10.10.3.2 1 5.5.5.4 -4 10.10.4.2 1 5.5.5.5 -5 10.10.5.2 1 5.5.5.6 +1 10.10.1.1 1 10.10.1.2 1 5.5.5.2 +2 10.10.2.1 1 10.10.2.2 1 5.5.5.3 +3 10.10.3.1 1 10.10.3.2 1 5.5.5.4 +4 fd00:0:0:4::1 1 fd00:0:0:4::2 1 5.5.5.5 +5 fd00:0:0:5::1 1 fd00:0:0:5::2 1 5.5.5.6 +6 fd00:0:0:6::1 1 fd00:0:0:6::2 1 5.5.5.7