CoCalc -- if

GitHub Repository: freebsd/freebsd-src
Path: blob/main/tests/sys/net/if_ovpn/if_ovpn.sh
³⁹⁶⁰⁴ views
1
##
2
# SPDX-License-Identifier: BSD-2-Clause
3
#
4
# Copyright (c) 2022 Rubicon Communications, LLC ("Netgate")
5
#
6
# Redistribution and use in source and binary forms, with or without
7
# modification, are permitted provided that the following conditions
8
# are met:
9
# 1. Redistributions of source code must retain the above copyright
10
#    notice, this list of conditions and the following disclaimer.
11
# 2. Redistributions in binary form must reproduce the above copyright
12
#    notice, this list of conditions and the following disclaimer in the
13
#    documentation and/or other materials provided with the distribution.
14
#
15
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18
# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25
# SUCH DAMAGE.
26

27
. $(atf_get_srcdir)/utils.subr
28
. $(atf_get_srcdir)/../../netpfil/pf/utils.subr
29

30
atf_test_case "4in4" "cleanup"
31
4in4_head()
32
{
33
	atf_set descr 'IPv4 in IPv4 tunnel'
34
	atf_set require.user root
35
	atf_set require.progs openvpn
36
}
37

38
4in4_body()
39
{
40
	ovpn_init
41

42
	l=$(vnet_mkepair)
43

44
	vnet_mkjail a ${l}a
45
	jexec a ifconfig ${l}a 192.0.2.1/24 up
46
	vnet_mkjail b ${l}b
47
	jexec b ifconfig ${l}b 192.0.2.2/24 up
48

49
	# Sanity check
50
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
51

52
	ovpn_start a "
53
		dev ovpn0
54
		dev-type tun
55
		proto udp4
56

57
		cipher AES-256-GCM
58
		auth SHA256
59

60
		local 192.0.2.1
61
		server 198.51.100.0 255.255.255.0
62
		ca $(atf_get_srcdir)/ca.crt
63
		cert $(atf_get_srcdir)/server.crt
64
		key $(atf_get_srcdir)/server.key
65
		dh $(atf_get_srcdir)/dh.pem
66

67
		mode server
68
		script-security 2
69
		auth-user-pass-verify /usr/bin/true via-env
70
		topology subnet
71

72
		keepalive 100 600
73
	"
74
	ovpn_start b "
75
		dev tun0
76
		dev-type tun
77

78
		client
79

80
		remote 192.0.2.1
81
		auth-user-pass $(atf_get_srcdir)/user.pass
82

83
		ca $(atf_get_srcdir)/ca.crt
84
		cert $(atf_get_srcdir)/client.crt
85
		key $(atf_get_srcdir)/client.key
86
		dh $(atf_get_srcdir)/dh.pem
87

88
		keepalive 100 600
89
	"
90

91
	# Give the tunnel time to come up
92
	sleep 10
93

94
	atf_check -s exit:0 -o ignore jexec b ping -c 1 198.51.100.1
95

96
	echo 'foo' | jexec b nc -u -w 2 192.0.2.1 1194
97
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
98

99
	# Test routing loop protection
100
	jexec b route add 192.0.2.1 198.51.100.1
101
	atf_check -s exit:2 -o ignore jexec b ping -t 1 -c 1 198.51.100.1
102
}
103

104
4in4_cleanup()
105
{
106
	ovpn_cleanup
107
}
108

109
atf_test_case "bz283426" "cleanup"
110
bz283426_head()
111
{
112
	atf_set descr 'FreeBSD Bugzilla 283426'
113
	atf_set require.user root
114
	atf_set require.progs openvpn python3
115
}
116

117
bz283426_body()
118
{
119
	ovpn_init
120

121
	l=$(vnet_mkepair)
122

123
	vnet_mkjail a ${l}a
124
	jexec a ifconfig ${l}a 192.0.2.1/24 up
125
	vnet_mkjail b ${l}b
126
	jexec b ifconfig ${l}b 192.0.2.2/24 up
127

128
	# Sanity check
129
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
130

131
	ovpn_start a "
132
		dev ovpn0
133
		dev-type tun
134
		proto udp4
135

136
		cipher AES-256-GCM
137
		auth SHA256
138

139
		bind 0.0.0.0:1194
140
		server 198.51.100.0 255.255.255.0
141
		ca $(atf_get_srcdir)/ca.crt
142
		cert $(atf_get_srcdir)/server.crt
143
		key $(atf_get_srcdir)/server.key
144
		dh $(atf_get_srcdir)/dh.pem
145

146
		mode server
147
		script-security 2
148
		auth-user-pass-verify /usr/bin/true via-env
149
		topology subnet
150

151
		keepalive 100 600
152
	"
153
	ovpn_start b "
154
		dev tun0
155
		dev-type tun
156

157
		client
158

159
		remote 192.0.2.1
160
		auth-user-pass $(atf_get_srcdir)/user.pass
161

162
		ca $(atf_get_srcdir)/ca.crt
163
		cert $(atf_get_srcdir)/client.crt
164
		key $(atf_get_srcdir)/client.key
165
		dh $(atf_get_srcdir)/dh.pem
166

167
		keepalive 100 600
168
	"
169

170
	# Give the tunnel time to come up
171
	sleep 10
172

173
	atf_check -s exit:0 -o ignore jexec b ping -c 1 198.51.100.1
174

175
	# Send a broadcast packet in the outer link.
176
	echo "import socket as sk
177
s = sk.socket(sk.AF_INET, sk.SOCK_DGRAM)
178
s.setsockopt(sk.SOL_SOCKET, sk.SO_BROADCAST, 1)
179
s.sendto(b'x' * 1000, ('192.0.2.255', 1194))" | jexec b python3
180

181
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
182
}
183

184
bz283426_cleanup()
185
{
186
	ovpn_cleanup
187
}
188

189
atf_test_case "4mapped" "cleanup"
190
4mapped_head()
191
{
192
	atf_set descr 'IPv4 mapped addresses'
193
	atf_set require.user root
194
	atf_set require.progs openvpn
195
}
196

197
4mapped_body()
198
{
199
	ovpn_init
200

201
	l=$(vnet_mkepair)
202

203
	vnet_mkjail a ${l}a
204
	jexec a ifconfig ${l}a 192.0.2.1/24 up
205
	vnet_mkjail b ${l}b
206
	jexec b ifconfig ${l}b 192.0.2.2/24 up
207

208
	# Sanity check
209
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
210

211
	#jexec a ifconfig ${l}a
212

213
	ovpn_start a "
214
		dev ovpn0
215
		dev-type tun
216

217
		cipher AES-256-GCM
218
		auth SHA256
219

220
		server 198.51.100.0 255.255.255.0
221
		ca $(atf_get_srcdir)/ca.crt
222
		cert $(atf_get_srcdir)/server.crt
223
		key $(atf_get_srcdir)/server.key
224
		dh $(atf_get_srcdir)/dh.pem
225

226
		mode server
227
		script-security 2
228
		auth-user-pass-verify /usr/bin/true via-env
229
		topology subnet
230

231
		keepalive 100 600
232
	"
233
	ovpn_start b "
234
		dev tun0
235
		dev-type tun
236

237
		client
238

239
		remote 192.0.2.1
240
		auth-user-pass $(atf_get_srcdir)/user.pass
241

242
		ca $(atf_get_srcdir)/ca.crt
243
		cert $(atf_get_srcdir)/client.crt
244
		key $(atf_get_srcdir)/client.key
245
		dh $(atf_get_srcdir)/dh.pem
246

247
		keepalive 100 600
248
	"
249

250
	# Give the tunnel time to come up
251
	sleep 10
252

253
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
254
}
255

256
4mapped_cleanup()
257
{
258
	ovpn_cleanup
259
}
260

261
atf_test_case "6in4" "cleanup"
262
6in4_head()
263
{
264
	atf_set descr 'IPv6 in IPv4 tunnel'
265
	atf_set require.user root
266
	atf_set require.progs openvpn
267
}
268

269
6in4_body()
270
{
271
	ovpn_init
272

273
	l=$(vnet_mkepair)
274

275
	vnet_mkjail a ${l}a
276
	jexec a ifconfig ${l}a 192.0.2.1/24 up
277
	vnet_mkjail b ${l}b
278
	jexec b ifconfig ${l}b 192.0.2.2/24 up
279

280
	# Sanity check
281
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
282

283
	ovpn_start a "
284
		dev ovpn0
285
		dev-type tun
286
		proto udp
287

288
		cipher AES-256-GCM
289
		auth SHA256
290

291
		local 192.0.2.1
292
		server-ipv6 2001:db8:1::/64
293

294
		ca $(atf_get_srcdir)/ca.crt
295
		cert $(atf_get_srcdir)/server.crt
296
		key $(atf_get_srcdir)/server.key
297
		dh $(atf_get_srcdir)/dh.pem
298

299
		mode server
300
		script-security 2
301
		auth-user-pass-verify /usr/bin/true via-env
302
		topology subnet
303

304
		keepalive 100 600
305
	"
306
	ovpn_start b "
307
		dev tun0
308
		dev-type tun
309

310
		client
311

312
		remote 192.0.2.1
313
		auth-user-pass $(atf_get_srcdir)/user.pass
314

315
		ca $(atf_get_srcdir)/ca.crt
316
		cert $(atf_get_srcdir)/client.crt
317
		key $(atf_get_srcdir)/client.key
318
		dh $(atf_get_srcdir)/dh.pem
319

320
		keepalive 100 600
321
	"
322

323
	# Give the tunnel time to come up
324
	sleep 10
325

326
	atf_check -s exit:0 -o ignore jexec b ping6 -c 3 2001:db8:1::1
327
}
328

329
6in4_cleanup()
330
{
331
	ovpn_cleanup
332
}
333

334
atf_test_case "4in6" "cleanup"
335
4in6_head()
336
{
337
	atf_set descr 'IPv4 in IPv6 tunnel'
338
	atf_set require.user root
339
	atf_set require.progs openvpn
340
}
341

342
4in6_body()
343
{
344
	ovpn_init
345

346
	l=$(vnet_mkepair)
347

348
	vnet_mkjail a ${l}a
349
	jexec a ifconfig ${l}a inet6 2001:db8::1/64 up no_dad
350
	vnet_mkjail b ${l}b
351
	jexec b ifconfig ${l}b inet6 2001:db8::2/64 up no_dad
352

353
	# Sanity check
354
	atf_check -s exit:0 -o ignore jexec a ping6 -c 1 2001:db8::2
355

356
	ovpn_start a "
357
		dev ovpn0
358
		dev-type tun
359
		proto udp6
360

361
		cipher AES-256-GCM
362
		auth SHA256
363

364
		local 2001:db8::1
365
		server 198.51.100.0 255.255.255.0
366
		ca $(atf_get_srcdir)/ca.crt
367
		cert $(atf_get_srcdir)/server.crt
368
		key $(atf_get_srcdir)/server.key
369
		dh $(atf_get_srcdir)/dh.pem
370

371
		mode server
372
		script-security 2
373
		auth-user-pass-verify /usr/bin/true via-env
374
		topology subnet
375

376
		keepalive 100 600
377
	"
378
	ovpn_start b "
379
		dev tun0
380
		dev-type tun
381

382
		client
383

384
		remote 2001:db8::1
385
		auth-user-pass $(atf_get_srcdir)/user.pass
386

387
		ca $(atf_get_srcdir)/ca.crt
388
		cert $(atf_get_srcdir)/client.crt
389
		key $(atf_get_srcdir)/client.key
390
		dh $(atf_get_srcdir)/dh.pem
391

392
		keepalive 100 600
393
	"
394

395
	dd if=/dev/random of=test.img bs=1024 count=1024
396
	cat test.img | jexec a nc -N -l 1234 &
397

398
	# Give the tunnel time to come up
399
	sleep 10
400

401
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
402

403
	# MTU sweep
404
	for i in `seq 1000 1500`
405
	do
406
		atf_check -s exit:0 -o ignore jexec b \
407
		    ping -c 1 -s $i 198.51.100.1
408
	done
409

410
	rcvmd5=$(jexec b nc -N -w 3 198.51.100.1 1234 | md5)
411
	md5=$(md5 test.img)
412

413
	if [ $md5  != $rcvmd5 ];
414
	then
415
		atf_fail "Transmit corruption!"
416
	fi
417
}
418

419
4in6_cleanup()
420
{
421
	ovpn_cleanup
422
}
423

424
atf_test_case "6in6" "cleanup"
425
6in6_head()
426
{
427
	atf_set descr 'IPv6 in IPv6 tunnel'
428
	atf_set require.user root
429
	atf_set require.progs openvpn
430
}
431

432
6in6_body()
433
{
434
	ovpn_init
435

436
	l=$(vnet_mkepair)
437

438
	vnet_mkjail a ${l}a
439
	jexec a ifconfig ${l}a inet6 2001:db8::1/64 up no_dad
440
	vnet_mkjail b ${l}b
441
	jexec b ifconfig ${l}b inet6 2001:db8::2/64 up no_dad
442

443
	# Sanity check
444
	atf_check -s exit:0 -o ignore jexec a ping6 -c 1 2001:db8::2
445

446
	ovpn_start a "
447
		dev ovpn0
448
		dev-type tun
449
		proto udp6
450

451
		cipher AES-256-GCM
452
		auth SHA256
453

454
		local 2001:db8::1
455
		server-ipv6 2001:db8:1::/64
456

457
		ca $(atf_get_srcdir)/ca.crt
458
		cert $(atf_get_srcdir)/server.crt
459
		key $(atf_get_srcdir)/server.key
460
		dh $(atf_get_srcdir)/dh.pem
461

462
		mode server
463
		script-security 2
464
		auth-user-pass-verify /usr/bin/true via-env
465
		topology subnet
466

467
		keepalive 100 600
468
	"
469
	ovpn_start b "
470
		dev tun0
471
		dev-type tun
472

473
		client
474

475
		remote 2001:db8::1
476
		auth-user-pass $(atf_get_srcdir)/user.pass
477

478
		ca $(atf_get_srcdir)/ca.crt
479
		cert $(atf_get_srcdir)/client.crt
480
		key $(atf_get_srcdir)/client.key
481
		dh $(atf_get_srcdir)/dh.pem
482

483
		keepalive 100 600
484
	"
485

486
	# Give the tunnel time to come up
487
	sleep 10
488

489
	atf_check -s exit:0 -o ignore jexec b ping6 -c 3 2001:db8:1::1
490
	atf_check -s exit:0 -o ignore jexec b ping6 -c 3 -z 16 2001:db8:1::1
491

492
	# Test routing loop protection
493
	jexec b route add -6 2001:db8::1 2001:db8:1::1
494
	atf_check -s exit:2 -o ignore jexec b ping6 -t 1 -c 3 2001:db8:1::1
495
}
496

497
6in6_cleanup()
498
{
499
	ovpn_cleanup
500
}
501

502
atf_test_case "linklocal" "cleanup"
503
linklocal_head()
504
{
505
	atf_set descr 'Use IPv6 link-local addresses'
506
	atf_set require.user root
507
	atf_set require.progs openvpn
508
}
509

510
linklocal_body()
511
{
512
	ovpn_init
513
	ovpn_check_version 2.7.0
514

515
	l=$(vnet_mkepair)
516

517
	vnet_mkjail a ${l}a
518
	jexec a ifconfig ${l}a inet6 fe80::a/64 up no_dad
519
	vnet_mkjail b ${l}b
520
	jexec b ifconfig ${l}b inet6 fe80::b/64 up no_dad
521

522
	# Sanity check
523
	atf_check -s exit:0 -o ignore jexec a ping6 -c 1 fe80::b%${l}a
524

525
	ovpn_start a "
526
		dev ovpn0
527
		dev-type tun
528
		proto udp6
529

530
		cipher AES-256-GCM
531
		auth SHA256
532

533
		local fe80::a%${l}a
534
		server-ipv6 2001:db8:1::/64
535

536
		ca $(atf_get_srcdir)/ca.crt
537
		cert $(atf_get_srcdir)/server.crt
538
		key $(atf_get_srcdir)/server.key
539
		dh $(atf_get_srcdir)/dh.pem
540

541
		mode server
542
		script-security 2
543
		auth-user-pass-verify /usr/bin/true via-env
544
		topology subnet
545

546
		keepalive 100 600
547
	"
548
	ovpn_start b "
549
		dev tun0
550
		dev-type tun
551

552
		client
553

554
		remote fe80::a%${l}b
555
		auth-user-pass $(atf_get_srcdir)/user.pass
556

557
		ca $(atf_get_srcdir)/ca.crt
558
		cert $(atf_get_srcdir)/client.crt
559
		key $(atf_get_srcdir)/client.key
560
		dh $(atf_get_srcdir)/dh.pem
561

562
		keepalive 100 600
563
	"
564

565
	# Give the tunnel time to come up
566
	sleep 10
567
	jexec a ifconfig
568

569
	atf_check -s exit:0 -o ignore jexec b ping6 -c 3 2001:db8:1::1
570
	atf_check -s exit:0 -o ignore jexec b ping6 -c 3 -z 16 2001:db8:1::1
571
}
572

573
linklocal_cleanup()
574
{
575
	ovpn_cleanup
576
}
577

578
atf_test_case "timeout_client" "cleanup"
579
timeout_client_head()
580
{
581
	atf_set descr 'IPv4 in IPv4 tunnel'
582
	atf_set require.user root
583
	atf_set require.progs openvpn
584
}
585

586
timeout_client_body()
587
{
588
	ovpn_init
589

590
	l=$(vnet_mkepair)
591

592
	vnet_mkjail a ${l}a
593
	jexec a ifconfig ${l}a 192.0.2.1/24 up
594
	jexec a ifconfig lo0 127.0.0.1/8 up
595
	vnet_mkjail b ${l}b
596
	jexec b ifconfig ${l}b 192.0.2.2/24 up
597

598
	# Sanity check
599
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
600

601
	ovpn_start a "
602
		dev ovpn0
603
		dev-type tun
604
		proto udp4
605

606
		cipher AES-256-GCM
607
		auth SHA256
608

609
		local 192.0.2.1
610
		server 198.51.100.0 255.255.255.0
611
		ca $(atf_get_srcdir)/ca.crt
612
		cert $(atf_get_srcdir)/server.crt
613
		key $(atf_get_srcdir)/server.key
614
		dh $(atf_get_srcdir)/dh.pem
615

616
		mode server
617
		script-security 2
618
		auth-user-pass-verify /usr/bin/true via-env
619
		topology subnet
620

621
		keepalive 2 10
622

623
		management 192.0.2.1 1234
624
	"
625
	ovpn_start b "
626
		dev tun0
627
		dev-type tun
628

629
		client
630

631
		remote 192.0.2.1
632
		auth-user-pass $(atf_get_srcdir)/user.pass
633

634
		ca $(atf_get_srcdir)/ca.crt
635
		cert $(atf_get_srcdir)/client.crt
636
		key $(atf_get_srcdir)/client.key
637
		dh $(atf_get_srcdir)/dh.pem
638

639
		keepalive 2 10
640
	"
641

642
	# Give the tunnel time to come up
643
	sleep 10
644

645
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
646

647
	# Kill the client
648
	jexec b killall openvpn
649

650
	# Now wait for the server to notice
651
	sleep 15
652

653
	while echo "status" | jexec a nc -N 192.0.2.1 1234 | grep 192.0.2.2; do
654
		echo "Client disconnect not discovered"
655
		sleep 1
656
	done
657
}
658

659
timeout_client_cleanup()
660
{
661
	ovpn_cleanup
662
}
663

664
atf_test_case "explicit_exit" "cleanup"
665
explicit_exit_head()
666
{
667
	atf_set descr 'Test explicit exit notification'
668
	atf_set require.user root
669
	atf_set require.progs openvpn
670
}
671

672
explicit_exit_body()
673
{
674
	ovpn_init
675

676
	l=$(vnet_mkepair)
677

678
	vnet_mkjail a ${l}a
679
	jexec a ifconfig ${l}a 192.0.2.1/24 up
680
	jexec a ifconfig lo0 127.0.0.1/8 up
681
	vnet_mkjail b ${l}b
682
	jexec b ifconfig ${l}b 192.0.2.2/24 up
683

684
	# Sanity check
685
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
686

687
	ovpn_start a "
688
		dev ovpn0
689
		dev-type tun
690
		proto udp4
691

692
		cipher AES-256-GCM
693
		auth SHA256
694

695
		local 192.0.2.1
696
		server 198.51.100.0 255.255.255.0
697
		ca $(atf_get_srcdir)/ca.crt
698
		cert $(atf_get_srcdir)/server.crt
699
		key $(atf_get_srcdir)/server.key
700
		dh $(atf_get_srcdir)/dh.pem
701

702
		mode server
703
		script-security 2
704
		auth-user-pass-verify /usr/bin/true via-env
705
		topology subnet
706

707
		management 192.0.2.1 1234
708
	"
709
	ovpn_start b "
710
		dev tun0
711
		dev-type tun
712

713
		client
714

715
		remote 192.0.2.1
716
		auth-user-pass $(atf_get_srcdir)/user.pass
717

718
		ca $(atf_get_srcdir)/ca.crt
719
		cert $(atf_get_srcdir)/client.crt
720
		key $(atf_get_srcdir)/client.key
721
		dh $(atf_get_srcdir)/dh.pem
722

723
		explicit-exit-notify
724
	"
725

726
	# Give the tunnel time to come up
727
	sleep 10
728

729
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
730

731
	if ! echo "status" | jexec a nc -N 192.0.2.1 1234 | grep 192.0.2.2; then
732
		atf_fail "Client not found in status list!"
733
	fi
734

735
	# Kill the client
736
	jexec b killall openvpn
737

738
	while echo "status" | jexec a nc -N 192.0.2.1 1234 | grep 192.0.2.2; do
739
		jexec a ps auxf
740
		echo "Client disconnect not discovered"
741
		sleep 1
742
	done
743
}
744

745
explicit_exit_cleanup()
746
{
747
	ovpn_cleanup
748
}
749

750
atf_test_case "multi_client" "cleanup"
751
multi_client_head()
752
{
753
	atf_set descr 'Multiple simultaneous clients'
754
	atf_set require.user root
755
	atf_set require.progs openvpn
756
}
757

758
multi_client_body()
759
{
760
	ovpn_init
761
	vnet_init_bridge
762

763
	bridge=$(vnet_mkbridge)
764
	srv=$(vnet_mkepair)
765
	one=$(vnet_mkepair)
766
	two=$(vnet_mkepair)
767

768
	ifconfig ${bridge} up
769

770
	ifconfig ${srv}a up
771
	ifconfig ${bridge} addm ${srv}a
772
	ifconfig ${one}a up
773
	ifconfig ${bridge} addm ${one}a
774
	ifconfig ${two}a up
775
	ifconfig ${bridge} addm ${two}a
776

777
	vnet_mkjail srv ${srv}b
778
	jexec srv ifconfig ${srv}b 192.0.2.1/24 up
779
	vnet_mkjail one ${one}b
780
	jexec one ifconfig ${one}b 192.0.2.2/24 up
781
	vnet_mkjail two ${two}b
782
	jexec two ifconfig ${two}b 192.0.2.3/24 up
783
	jexec two ifconfig lo0 127.0.0.1/8 up
784
	jexec two ifconfig lo0 inet alias 203.0.113.1/24
785

786
	# Sanity checks
787
	atf_check -s exit:0 -o ignore jexec one ping -c 1 192.0.2.1
788
	atf_check -s exit:0 -o ignore jexec two ping -c 1 192.0.2.1
789

790
	jexec srv sysctl net.inet.ip.forwarding=1
791

792
	ovpn_start srv "
793
		dev ovpn0
794
		dev-type tun
795
		proto udp4
796

797
		cipher AES-256-GCM
798
		auth SHA256
799

800
		local 192.0.2.1
801
		server 198.51.100.0 255.255.255.0
802

803
		push \"route 203.0.113.0 255.255.255.0 198.51.100.1\"
804

805
		ca $(atf_get_srcdir)/ca.crt
806
		cert $(atf_get_srcdir)/server.crt
807
		key $(atf_get_srcdir)/server.key
808
		dh $(atf_get_srcdir)/dh.pem
809

810
		mode server
811
		duplicate-cn
812
		script-security 2
813
		auth-user-pass-verify /usr/bin/true via-env
814
		topology subnet
815

816
		keepalive 100 600
817

818
		client-config-dir $(atf_get_srcdir)/ccd
819
	"
820
	ovpn_start one "
821
		dev tun0
822
		dev-type tun
823

824
		client
825

826
		remote 192.0.2.1
827
		auth-user-pass $(atf_get_srcdir)/user.pass
828

829
		ca $(atf_get_srcdir)/ca.crt
830
		cert $(atf_get_srcdir)/client.crt
831
		key $(atf_get_srcdir)/client.key
832
		dh $(atf_get_srcdir)/dh.pem
833

834
		keepalive 100 600
835
	"
836
	ovpn_start two "
837
		dev tun0
838
		dev-type tun
839

840
		client
841

842
		remote 192.0.2.1
843
		auth-user-pass $(atf_get_srcdir)/user.pass
844

845
		ca $(atf_get_srcdir)/ca.crt
846
		cert $(atf_get_srcdir)/client2.crt
847
		key $(atf_get_srcdir)/client2.key
848
		dh $(atf_get_srcdir)/dh.pem
849

850
		keepalive 100 600
851
	"
852

853
	# Give the tunnel time to come up
854
	sleep 10
855

856
	atf_check -s exit:0 -o ignore jexec one ping -c 3 198.51.100.1
857
	atf_check -s exit:0 -o ignore jexec two ping -c 3 198.51.100.1
858

859
	# Client-to-client communication
860
	atf_check -s exit:0 -o ignore jexec one ping -c 3 198.51.100.3
861
	atf_check -s exit:0 -o ignore jexec two ping -c 3 198.51.100.2
862

863
	# iroute test
864
	atf_check -s exit:0 -o ignore jexec one ping -c 3 203.0.113.1
865
}
866

867
multi_client_cleanup()
868
{
869
	ovpn_cleanup
870
}
871

872
atf_test_case "route_to" "cleanup"
873
route_to_head()
874
{
875
	atf_set descr "Test pf's route-to with OpenVPN tunnels"
876
	atf_set require.user root
877
	atf_set require.progs openvpn
878
}
879

880
route_to_body()
881
{
882
	pft_init
883
	ovpn_init
884

885
	l=$(vnet_mkepair)
886
	n=$(vnet_mkepair)
887

888
	vnet_mkjail a ${l}a
889
	jexec a ifconfig ${l}a 192.0.2.1/24 up
890
	vnet_mkjail b ${l}b ${n}a
891
	jexec b ifconfig ${l}b 192.0.2.2/24 up
892
	jexec b ifconfig ${n}a up
893

894
	# Sanity check
895
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
896

897
	ovpn_start a "
898
		dev ovpn0
899
		dev-type tun
900
		proto udp4
901

902
		cipher AES-256-GCM
903
		auth SHA256
904

905
		local 192.0.2.1
906
		server 198.51.100.0 255.255.255.0
907
		ca $(atf_get_srcdir)/ca.crt
908
		cert $(atf_get_srcdir)/server.crt
909
		key $(atf_get_srcdir)/server.key
910
		dh $(atf_get_srcdir)/dh.pem
911

912
		mode server
913
		script-security 2
914
		auth-user-pass-verify /usr/bin/true via-env
915
		topology subnet
916

917
		keepalive 100 600
918
	"
919
	ovpn_start b "
920
		dev tun0
921
		dev-type tun
922

923
		client
924

925
		remote 192.0.2.1
926
		auth-user-pass $(atf_get_srcdir)/user.pass
927

928
		ca $(atf_get_srcdir)/ca.crt
929
		cert $(atf_get_srcdir)/client.crt
930
		key $(atf_get_srcdir)/client.key
931
		dh $(atf_get_srcdir)/dh.pem
932

933
		keepalive 100 600
934
	"
935

936
	# Give the tunnel time to come up
937
	sleep 10
938
	jexec a ifconfig ovpn0 inet alias 198.51.100.254/24
939

940
	# Check the tunnel
941
	atf_check -s exit:0 -o ignore jexec b ping -c 1 -S 198.51.100.2 198.51.100.1
942
	atf_check -s exit:0 -o ignore jexec b ping -c 1 -S 198.51.100.2 198.51.100.254
943

944
	# Break our route to .254 so that we need a route-to to make things work.
945
	jexec b ifconfig ${n}a 203.0.113.1/24 up
946
	jexec b route add 198.51.100.254 -interface ${n}a
947

948
	# Make sure it's broken.
949
	atf_check -s exit:2 -o ignore jexec b ping -c 1 -S 198.51.100.2 198.51.100.254
950

951
	jexec b pfctl -e
952
	pft_set_rules b \
953
		"pass out route-to (tun0 198.51.100.1) proto icmp from 198.51.100.2 "
954
	atf_check -s exit:0 -o ignore jexec b ping -c 3 -S 198.51.100.2 198.51.100.254
955
}
956

957
route_to_cleanup()
958
{
959
	ovpn_cleanup
960
	pft_cleanup
961
}
962

963
atf_test_case "ra" "cleanup"
964
ra_head()
965
{
966
	atf_set descr 'Remote access with multiple clients'
967
	atf_set require.user root
968
	atf_set require.progs openvpn
969
}
970

971
ra_body()
972
{
973
	ovpn_init
974
	vnet_init_bridge
975

976
	bridge=$(vnet_mkbridge)
977
	srv=$(vnet_mkepair)
978
	lan=$(vnet_mkepair)
979
	one=$(vnet_mkepair)
980
	two=$(vnet_mkepair)
981

982
	ifconfig ${bridge} up
983

984
	ifconfig ${srv}a up
985
	ifconfig ${bridge} addm ${srv}a
986
	ifconfig ${one}a up
987
	ifconfig ${bridge} addm ${one}a
988
	ifconfig ${two}a up
989
	ifconfig ${bridge} addm ${two}a
990

991
	vnet_mkjail srv ${srv}b ${lan}a
992
	jexec srv ifconfig lo0 inet 127.0.0.1/8 up
993
	jexec srv ifconfig ${srv}b 192.0.2.1/24 up
994
	jexec srv ifconfig ${lan}a 203.0.113.1/24 up
995
	vnet_mkjail lan ${lan}b
996
	jexec lan ifconfig lo0 inet 127.0.0.1/8 up
997
	jexec lan ifconfig ${lan}b 203.0.113.2/24 up
998
	jexec lan route add default 203.0.113.1
999
	vnet_mkjail one ${one}b
1000
	jexec one ifconfig lo0 inet 127.0.0.1/8 up
1001
	jexec one ifconfig ${one}b 192.0.2.2/24 up
1002
	vnet_mkjail two ${two}b
1003
	jexec two ifconfig lo0 inet 127.0.0.1/8 up
1004
	jexec two ifconfig ${two}b 192.0.2.3/24 up
1005

1006
	# Sanity checks
1007
	atf_check -s exit:0 -o ignore jexec one ping -c 1 192.0.2.1
1008
	atf_check -s exit:0 -o ignore jexec two ping -c 1 192.0.2.1
1009
	atf_check -s exit:0 -o ignore jexec srv ping -c 1 203.0.113.2
1010

1011
	jexec srv sysctl net.inet.ip.forwarding=1
1012

1013
	ovpn_start srv "
1014
		dev ovpn0
1015
		dev-type tun
1016
		proto udp4
1017

1018
		cipher AES-256-GCM
1019
		auth SHA256
1020

1021
		local 192.0.2.1
1022
		server 198.51.100.0 255.255.255.0
1023

1024
		push \"route 203.0.113.0 255.255.255.0\"
1025

1026
		ca $(atf_get_srcdir)/ca.crt
1027
		cert $(atf_get_srcdir)/server.crt
1028
		key $(atf_get_srcdir)/server.key
1029
		dh $(atf_get_srcdir)/dh.pem
1030

1031
		mode server
1032
		duplicate-cn
1033
		script-security 2
1034
		auth-user-pass-verify /usr/bin/true via-env
1035
		topology subnet
1036

1037
		keepalive 100 600
1038
	"
1039
	ovpn_start one "
1040
		dev tun0
1041
		dev-type tun
1042

1043
		client
1044

1045
		remote 192.0.2.1
1046
		auth-user-pass $(atf_get_srcdir)/user.pass
1047

1048
		ca $(atf_get_srcdir)/ca.crt
1049
		cert $(atf_get_srcdir)/client.crt
1050
		key $(atf_get_srcdir)/client.key
1051
		dh $(atf_get_srcdir)/dh.pem
1052

1053
		keepalive 100 600
1054
	"
1055
	sleep 2
1056
	ovpn_start two "
1057
		dev tun0
1058
		dev-type tun
1059

1060
		client
1061

1062
		remote 192.0.2.1
1063
		auth-user-pass $(atf_get_srcdir)/user.pass
1064

1065
		ca $(atf_get_srcdir)/ca.crt
1066
		cert $(atf_get_srcdir)/client2.crt
1067
		key $(atf_get_srcdir)/client2.key
1068
		dh $(atf_get_srcdir)/dh.pem
1069

1070
		keepalive 100 600
1071
	"
1072

1073
	# Give the tunnel time to come up
1074
	sleep 10
1075

1076
	atf_check -s exit:0 -o ignore jexec one ping -c 1 198.51.100.1
1077
	atf_check -s exit:0 -o ignore jexec two ping -c 1 198.51.100.1
1078

1079
	# Client-to-client communication
1080
	atf_check -s exit:0 -o ignore jexec one ping -c 1 198.51.100.3
1081
	atf_check -s exit:0 -o ignore jexec one ping -c 1 198.51.100.2
1082
	atf_check -s exit:0 -o ignore jexec two ping -c 1 198.51.100.2
1083
	atf_check -s exit:0 -o ignore jexec two ping -c 1 198.51.100.3
1084

1085
	# RA test
1086
	atf_check -s exit:0 -o ignore jexec one ping -c 1 203.0.113.1
1087
	atf_check -s exit:0 -o ignore jexec two ping -c 1 203.0.113.1
1088

1089
	atf_check -s exit:0 -o ignore jexec srv ping -c 1 -S 203.0.113.1 198.51.100.2
1090
	atf_check -s exit:0 -o ignore jexec srv ping -c 1 -S 203.0.113.1 198.51.100.3
1091

1092
	atf_check -s exit:0 -o ignore jexec one ping -c 1 203.0.113.2
1093
	atf_check -s exit:0 -o ignore jexec two ping -c 1 203.0.113.2
1094

1095
	atf_check -s exit:0 -o ignore jexec lan ping -c 1 198.51.100.1
1096
	atf_check -s exit:0 -o ignore jexec lan ping -c 1 198.51.100.2
1097
	atf_check -s exit:0 -o ignore jexec lan ping -c 1 198.51.100.3
1098
	atf_check -s exit:2 -o ignore jexec lan ping -c 1 198.51.100.4
1099
}
1100

1101
ra_cleanup()
1102
{
1103
	ovpn_cleanup
1104
}
1105

1106
ovpn_algo_body()
1107
{
1108
	algo=$1
1109

1110
	ovpn_init
1111

1112
	l=$(vnet_mkepair)
1113

1114
	vnet_mkjail a ${l}a
1115
	jexec a ifconfig ${l}a 192.0.2.1/24 up
1116
	vnet_mkjail b ${l}b
1117
	jexec b ifconfig ${l}b 192.0.2.2/24 up
1118

1119
	# Sanity check
1120
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
1121

1122
	ovpn_start a "
1123
		dev ovpn0
1124
		dev-type tun
1125
		proto udp4
1126

1127
		cipher ${algo}
1128
		data-ciphers ${algo}
1129
		auth SHA256
1130

1131
		local 192.0.2.1
1132
		server 198.51.100.0 255.255.255.0
1133
		ca $(atf_get_srcdir)/ca.crt
1134
		cert $(atf_get_srcdir)/server.crt
1135
		key $(atf_get_srcdir)/server.key
1136
		dh $(atf_get_srcdir)/dh.pem
1137

1138
		mode server
1139
		script-security 2
1140
		auth-user-pass-verify /usr/bin/true via-env
1141
		topology subnet
1142

1143
		keepalive 100 600
1144
	"
1145
	ovpn_start b "
1146
		dev tun0
1147
		dev-type tun
1148

1149
		client
1150

1151
		cipher ${algo}
1152
		data-ciphers ${algo}
1153

1154
		remote 192.0.2.1
1155
		auth-user-pass $(atf_get_srcdir)/user.pass
1156

1157
		ca $(atf_get_srcdir)/ca.crt
1158
		cert $(atf_get_srcdir)/client.crt
1159
		key $(atf_get_srcdir)/client.key
1160
		dh $(atf_get_srcdir)/dh.pem
1161

1162
		keepalive 100 600
1163
	"
1164

1165
	# Give the tunnel time to come up
1166
	sleep 10
1167

1168
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
1169
}
1170

1171
atf_test_case "chacha" "cleanup"
1172
chacha_head()
1173
{
1174
	atf_set descr 'Test DCO with the chacha algorithm'
1175
	atf_set require.user root
1176
	atf_set require.progs openvpn
1177
}
1178

1179
chacha_body()
1180
{
1181
	ovpn_algo_body CHACHA20-POLY1305
1182
}
1183

1184
chacha_cleanup()
1185
{
1186
	ovpn_cleanup
1187
}
1188

1189
atf_test_case "gcm_128" "cleanup"
1190
gcm_128_head()
1191
{
1192
	atf_set descr 'Test DCO with AES-128-GCM'
1193
	atf_set require.user root
1194
	atf_set require.progs openvpn
1195
}
1196

1197
gcm_128_body()
1198
{
1199
	ovpn_algo_body AES-128-GCM
1200
}
1201

1202
gcm_128_cleanup()
1203
{
1204
	ovpn_cleanup
1205
}
1206

1207
atf_test_case "destroy_unused" "cleanup"
1208
destroy_unused_head()
1209
{
1210
	atf_set descr 'Destroy an if_ovpn interface before it is used'
1211
	atf_set require.user root
1212
}
1213

1214
destroy_unused_body()
1215
{
1216
	ovpn_init
1217

1218
	intf=$(ifconfig ovpn create)
1219
	atf_check -s exit:0 \
1220
	    ifconfig ${intf} destroy
1221
}
1222

1223
destroy_unused_cleanup()
1224
{
1225
	ovpn_cleanup
1226
}
1227

1228
atf_test_case "multihome4" "cleanup"
1229
multihome4_head()
1230
{
1231
	atf_set descr 'Test multihome IPv4 with OpenVPN'
1232
	atf_set require.user root
1233
	atf_set require.progs openvpn
1234
}
1235

1236
multihome4_body()
1237
{
1238
	pft_init
1239
	ovpn_init
1240

1241
	l=$(vnet_mkepair)
1242

1243
	vnet_mkjail a ${l}a
1244
	atf_check jexec a ifconfig ${l}a inet 192.0.2.1/24
1245
	atf_check jexec a ifconfig ${l}a alias 192.0.2.2/24
1246
	vnet_mkjail b ${l}b
1247
	atf_check jexec b ifconfig ${l}b inet 192.0.2.3/24
1248

1249
	# Sanity check
1250
	atf_check -s exit:0 -o ignore jexec b ping -c 1 192.0.2.1
1251
	atf_check -s exit:0 -o ignore jexec b ping -c 1 192.0.2.2
1252

1253
	ovpn_start a "
1254
		dev ovpn0
1255
		dev-type tun
1256
		proto udp4
1257

1258
		cipher AES-256-GCM
1259
		auth SHA256
1260

1261
		multihome
1262
		server 198.51.100.0 255.255.255.0
1263
		ca $(atf_get_srcdir)/ca.crt
1264
		cert $(atf_get_srcdir)/server.crt
1265
		key $(atf_get_srcdir)/server.key
1266
		dh $(atf_get_srcdir)/dh.pem
1267

1268
		mode server
1269
		script-security 2
1270
		auth-user-pass-verify /usr/bin/true via-env
1271
		topology subnet
1272

1273
		keepalive 100 600
1274
	"
1275
	ovpn_start b "
1276
		dev tun0
1277
		dev-type tun
1278

1279
		client
1280

1281
		remote 192.0.2.2
1282
		auth-user-pass $(atf_get_srcdir)/user.pass
1283

1284
		ca $(atf_get_srcdir)/ca.crt
1285
		cert $(atf_get_srcdir)/client.crt
1286
		key $(atf_get_srcdir)/client.key
1287
		dh $(atf_get_srcdir)/dh.pem
1288

1289
		keepalive 100 600
1290
	"
1291

1292
	# Block packets from the primary address, openvpn should only use the
1293
	# configured remote address.
1294
	jexec b pfctl -e
1295
	pft_set_rules b \
1296
		"block in quick from 192.0.2.1 to any" \
1297
		"pass all"
1298

1299
	# Give the tunnel time to come up
1300
	sleep 10
1301

1302
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
1303
}
1304

1305
multihome4_cleanup()
1306
{
1307
	ovpn_cleanup
1308
	pft_cleanup
1309
}
1310

1311
multihome6_head()
1312
{
1313
	atf_set descr 'Test multihome IPv6 with OpenVPN'
1314
	atf_set require.user root
1315
	atf_set require.progs openvpn
1316
}
1317

1318
multihome6_body()
1319
{
1320
	ovpn_init
1321

1322
	l=$(vnet_mkepair)
1323

1324
	vnet_mkjail a ${l}a
1325
	atf_check jexec a ifconfig ${l}a inet6 2001:db8::1/64 no_dad
1326
	atf_check jexec a ifconfig ${l}a inet6 alias 2001:db8::2/64 no_dad
1327
	vnet_mkjail b ${l}b
1328
	atf_check jexec b ifconfig ${l}b inet6 2001:db8::3/64 no_dad
1329

1330
	# Sanity check
1331
	atf_check -s exit:0 -o ignore jexec b ping6 -c 1 2001:db8::1
1332
	atf_check -s exit:0 -o ignore jexec b ping6 -c 1 2001:db8::2
1333

1334
	ovpn_start a "
1335
		dev ovpn0
1336
		dev-type tun
1337
		proto udp6
1338

1339
		cipher AES-256-GCM
1340
		auth SHA256
1341

1342
		multihome
1343
		server-ipv6 2001:db8:1::/64
1344

1345
		ca $(atf_get_srcdir)/ca.crt
1346
		cert $(atf_get_srcdir)/server.crt
1347
		key $(atf_get_srcdir)/server.key
1348
		dh $(atf_get_srcdir)/dh.pem
1349

1350
		mode server
1351
		script-security 2
1352
		auth-user-pass-verify /usr/bin/true via-env
1353
		topology subnet
1354

1355
		keepalive 100 600
1356
	"
1357
	ovpn_start b "
1358
		dev tun0
1359
		dev-type tun
1360

1361
		client
1362

1363
		remote 2001:db8::2
1364
		auth-user-pass $(atf_get_srcdir)/user.pass
1365

1366
		ca $(atf_get_srcdir)/ca.crt
1367
		cert $(atf_get_srcdir)/client.crt
1368
		key $(atf_get_srcdir)/client.key
1369
		dh $(atf_get_srcdir)/dh.pem
1370

1371
		keepalive 100 600
1372
	"
1373

1374
	# Block packets from the primary address, openvpn should only use the
1375
	# configured remote address.
1376
	jexec b pfctl -e
1377
	pft_set_rules b \
1378
		"block in quick from 2001:db8::1 to any" \
1379
		"pass all"
1380

1381
	# Give the tunnel time to come up
1382
	sleep 10
1383

1384
	atf_check -s exit:0 -o ignore jexec b ping6 -c 3 2001:db8:1::1
1385
	atf_check -s exit:0 -o ignore jexec b ping6 -c 3 -z 16 2001:db8:1::1
1386
}
1387

1388
multihome6_cleanup()
1389
{
1390
	ovpn_cleanup
1391
}
1392

1393
atf_test_case "float" "cleanup"
1394
float_head()
1395
{
1396
	atf_set descr 'Test peer float notification'
1397
	atf_set require.user root
1398
}
1399

1400
float_body()
1401
{
1402
	ovpn_init
1403
	ovpn_check_version 2.7.0
1404

1405
	l=$(vnet_mkepair)
1406

1407
	vnet_mkjail a ${l}a
1408
	jexec a ifconfig ${l}a 192.0.2.1/24 up
1409
	jexec a ifconfig lo0 127.0.0.1/8 up
1410
	vnet_mkjail b ${l}b
1411
	jexec b ifconfig ${l}b 192.0.2.2/24 up
1412

1413
	# Sanity check
1414
	atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2
1415

1416
	ovpn_start a "
1417
		dev ovpn0
1418
		dev-type tun
1419
		proto udp4
1420

1421
		cipher AES-256-GCM
1422
		auth SHA256
1423

1424
		local 192.0.2.1
1425
		server 198.51.100.0 255.255.255.0
1426
		ca $(atf_get_srcdir)/ca.crt
1427
		cert $(atf_get_srcdir)/server.crt
1428
		key $(atf_get_srcdir)/server.key
1429
		dh $(atf_get_srcdir)/dh.pem
1430

1431
		mode server
1432
		script-security 2
1433
		auth-user-pass-verify /usr/bin/true via-env
1434
		topology subnet
1435

1436
		keepalive 2 10
1437

1438
		management 192.0.2.1 1234
1439
	"
1440
	ovpn_start b "
1441
		dev tun0
1442
		dev-type tun
1443

1444
		client
1445

1446
		remote 192.0.2.1
1447
		auth-user-pass $(atf_get_srcdir)/user.pass
1448

1449
		ca $(atf_get_srcdir)/ca.crt
1450
		cert $(atf_get_srcdir)/client.crt
1451
		key $(atf_get_srcdir)/client.key
1452
		dh $(atf_get_srcdir)/dh.pem
1453

1454
		keepalive 2 10
1455
	"
1456

1457
	# Give the tunnel time to come up
1458
	sleep 10
1459

1460
	atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
1461

1462
	# We expect the client on 192.0.2.2
1463
	if ! echo "status" | jexec a nc -N 192.0.2.1 1234 | grep 192.0.2.2; then
1464
		atf_fail "Client not found in status list!"
1465
	fi
1466

1467
	# Now change the client IP
1468
	jexec b ifconfig ${l}b 192.0.2.3/24 up
1469

1470
	# And wait for keepalives to trigger the float notification
1471
	sleep 5
1472

1473
	# So the client now has the new address in userspace
1474
	if ! echo "status" | jexec a nc -N 192.0.2.1 1234 | grep 192.0.2.3; then
1475
		atf_fail "Client not found in status list!"
1476
	fi
1477
}
1478

1479
float_cleanup()
1480
{
1481
	ovpn_cleanup
1482
}
1483

1484
atf_init_test_cases()
1485
{
1486
	atf_add_test_case "4in4"
1487
	atf_add_test_case "bz283426"
1488
	atf_add_test_case "4mapped"
1489
	atf_add_test_case "6in4"
1490
	atf_add_test_case "6in6"
1491
	atf_add_test_case "4in6"
1492
	atf_add_test_case "linklocal"
1493
	atf_add_test_case "timeout_client"
1494
	atf_add_test_case "explicit_exit"
1495
	atf_add_test_case "multi_client"
1496
	atf_add_test_case "route_to"
1497
	atf_add_test_case "ra"
1498
	atf_add_test_case "chacha"
1499
	atf_add_test_case "gcm_128"
1500
	atf_add_test_case "destroy_unused"
1501
	atf_add_test_case "multihome4"
1502
	atf_add_test_case "multihome6"
1503
	atf_add_test_case "float"
1504
}
1505

1506
Product

Resources

Company
