mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2024-09-21 10:27:19 +00:00
Expand no-ipv6-ocv3 test
As added inc1a6f2b04a
, this test verifies that ocserv will NOT send IPv6 routes to OpenConnect v3 clients, which can't handle them correctly. Additionally, we can also verify that ocserv DOES send IPv6 routes to totally unknown clients, which is the intended outcome resulting from8b8a1a7b53
. Signed-off-by: Daniel Lenski <dlenski@amazon.com>
This commit is contained in:
parent
444ae6022a
commit
aa8ab8ed30
@ -39,9 +39,6 @@ if test "$(id -u)" != "0";then
|
||||
exit 77
|
||||
fi
|
||||
|
||||
|
||||
echo "Testing that ocserv doesn't assign IPv6 address on unknown clients... "
|
||||
|
||||
function finish {
|
||||
set +e
|
||||
echo " * Cleaning up..."
|
||||
@ -67,6 +64,8 @@ fi
|
||||
${CMDNS2} ${SERV} -p ${PIDFILE} -f -c ${CONFIG} ${DEBUG} & PID=$!
|
||||
wait_server $PID
|
||||
|
||||
echo "Testing that ocserv doesn't assign IPv6 address on (ancient) OpenConnect v3 clients... "
|
||||
|
||||
echo -n "Connecting to setup interface... "
|
||||
echo "test" | ${CMDNS1} timeout 15s $OPENCONNECT -v $ADDRESS:$PORT --useragent="Open AnyConnect VPN Agent v3" --passwd-on-stdin -u test --servercert=pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8= -s /bin/true >${TMPFILE} 2>&1
|
||||
|
||||
@ -75,7 +74,19 @@ echo ok
|
||||
cat ${TMPFILE}|grep X-CSTP-Split-Include|grep 'fd63:' >/dev/null
|
||||
if test $? = 0;then
|
||||
cat ${TMPFILE}|grep X-CSTP-Split
|
||||
echo "Found route that shouldn't be there"
|
||||
echo "Found IPv6 route that shouldn't be there"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Testing that ocserv DOES assign IPv6 address on totally unknown clients... "
|
||||
|
||||
echo -n "Connecting to setup interface... "
|
||||
echo "test" | ${CMDNS1} timeout 15s $OPENCONNECT -v $ADDRESS:$PORT --useragent="/* An unknown user agent */" --passwd-on-stdin -u test --servercert=pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8= -s /bin/true >${TMPFILE} 2>&1
|
||||
|
||||
cat ${TMPFILE}|grep X-CSTP-Split-Include|grep 'fd63:' >/dev/null
|
||||
if test $? != 0;then
|
||||
cat ${TMPFILE}|grep X-CSTP-Split
|
||||
echo "Did not find IPv6 which SHOULD be there"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user