diff --git a/etc/mtree/BSD.tests.dist b/etc/mtree/BSD.tests.dist index d62f0ea49eb7..e2dbc478ca64 100644 --- a/etc/mtree/BSD.tests.dist +++ b/etc/mtree/BSD.tests.dist @@ -1,1146 +1,1148 @@ # $FreeBSD$ # # Please see the file src/etc/mtree/README before making changes to this file. # /set type=dir uname=root gname=wheel mode=0755 tags=package=tests . bin cat .. chflags .. chmod .. cp .. date .. dd .. echo .. expr .. ln .. ls .. mkdir .. mv .. pax .. pkill .. pwait .. rm .. rmdir .. sh builtins .. errors .. execution .. expansion .. invocation .. parameters .. parser .. set-e .. .. sleep .. test .. .. cddl lib .. sbin .. usr.bin ctfconvert .. ztest .. .. usr.sbin dtrace common aggs .. arithmetic .. arrays .. assocs .. begin .. bitfields .. buffering .. builtinvar .. cg .. clauses .. cpc .. decls .. drops .. dtraceUtil .. end .. env .. enum .. error .. exit .. fbtprovider .. funcs .. grammar .. include .. inline .. io .. ip .. java_api .. json .. lexer .. llquantize .. mdb .. mib .. misc .. multiaggs .. offsetof .. operators .. pid .. plockstat .. pointers .. pragma .. predicates .. preprocessor .. print .. printa .. printf .. privs .. probes .. proc .. profile-n .. providers .. raise .. rates .. safety .. scalars .. sched .. scripting .. sdt .. sizeof .. speculation .. stability .. stack .. stackdepth .. stop .. strlen .. strtoll .. struct .. sugar .. syscall .. sysevent .. tick-n .. trace .. tracemem .. translators .. typedef .. types .. uctf .. union .. usdt .. ustack .. vars .. version .. .. i386 arrays .. funcs .. pid .. ustack .. .. amd64 arrays .. .. .. zfsd .. .. .. etc rc.d .. .. games .. gnu lib .. usr.bin diff .. .. .. lib atf libatf-c detail .. .. libatf-c++ detail .. .. test-programs .. .. csu dynamic .. dynamiclib .. static .. .. googletest gmock .. gmock_main .. gtest .. gtest_main .. .. libarchive .. libbe .. libc c063 .. db .. gen execve .. posix_spawn .. .. hash data .. .. iconv .. inet .. locale .. net getaddrinfo data .. .. .. nss .. regex data .. .. resolv .. rpc .. ssp .. setjmp .. stdio .. stdlib .. string .. sys .. time .. tls dso .. .. termios .. ttyio .. .. libcam .. libcasper services cap_dns .. cap_grp .. cap_pwd .. cap_sysctl .. .. .. libcrypt .. libdevdctl .. libexecinfo .. libkvm .. libmp .. libnv .. libproc .. libregex data .. .. librt .. libsbuf .. libsysdecode .. libthr dlopen .. .. libutil .. libxo .. msun .. .. libexec atf atf-check .. atf-pytest-wrapper .. atf-sh .. .. rtld-elf .. tftpd .. .. sbin bectl .. dhclient .. devd .. growfs .. ifconfig .. md5 .. mdconfig .. newfs_msdos .. nvmecontrol .. pfctl files .. .. ping .. route .. .. secure lib .. libexec .. usr.bin .. usr.sbin .. .. share examples tests atf .. googletest .. plain .. tap .. .. .. zoneinfo .. .. sys acl .. aio .. audit .. auditpipe .. capsicum .. cddl zfs bin .. include .. tests acl cifs .. nontrivial .. trivial .. .. atime .. bootfs .. cache .. cachefile .. clean_mirror .. cli_root zfs_upgrade .. zfs_promote .. zfs_clone .. zfs_property .. zfs_destroy .. zpool_create .. zpool_history .. zpool_expand .. zpool_remove .. zfs_mount .. zfs_unshare .. zdb .. zpool_online .. zpool_get .. zpool_export .. zfs_copies .. zfs_get .. zfs .. zpool_clear .. zpool_import blockfiles .. .. zpool .. zpool_offline .. zpool_replace .. zfs_rollback .. zpool_set .. zfs_send .. zfs_set .. zpool_detach .. zfs_diff .. zpool_scrub .. zfs_inherit .. zfs_snapshot .. zfs_share .. zpool_destroy .. zpool_status .. zfs_unmount .. zfs_receive .. zfs_create .. zpool_upgrade blockfiles .. .. zpool_add .. zfs_rename .. zpool_attach .. zfs_reservation .. .. cli_user misc .. zfs_list .. zpool_iostat .. zpool_list .. .. compression .. ctime .. delegate .. devices .. exec .. grow_pool .. grow_replicas .. history .. hotplug .. hotspare .. inheritance .. interop .. inuse .. iscsi .. large_files .. largest_pool .. link_count .. migration .. mmap .. mount .. mv_files .. nestedfs .. no_space .. online_offline .. pool_names .. poolversion .. quota .. redundancy .. refquota .. refreserv .. rename_dirs .. replacement .. reservation .. rootpool .. rsend .. scrub_mirror .. slog .. snapshot .. snapused .. sparse .. threadsappend .. truncate .. txg_integrity .. userquota .. utils_test .. write_dirs .. xattr .. zfsd .. zil .. zinject .. zones .. zvol zvol_ENOSPC .. zvol_cli .. zvol_misc .. zvol_swap .. .. zvol_thrash .. .. .. .. devrandom .. dtrace .. fifo .. file .. fs fusefs .. tmpfs .. .. geom class concat .. eli .. gate .. gpt .. mirror .. multipath .. nop .. part .. raid3 .. shsec .. stripe .. uzip etalon .. .. .. .. kern acct .. execve .. pipe .. .. kqueue libkqueue .. .. mac bsdextended .. portacl .. .. mqueue .. net + if_ovpn + .. routing .. .. netgraph .. netinet .. netinet6 frag6 .. .. netipsec tunnel .. .. netmap .. netpfil common .. pf ioctl .. .. .. opencrypto .. pjdfstest chflags .. chmod .. chown .. ftruncate .. granular .. link .. mkdir .. mkfifo .. mknod .. open .. rename .. rmdir .. symlink .. truncate .. unlink .. utimensat .. .. posixshm .. sys .. vfs .. vm .. vmm .. .. usr.bin apply .. awk bugs-fixed .. netbsd .. .. basename .. bintrans .. bmake archives fmt_44bsd .. fmt_44bsd_mod .. fmt_oldbsd .. .. basic t0 .. t1 .. t2 .. t3 .. .. execution ellipsis .. empty .. joberr .. plus .. .. shell builtin .. meta .. path .. path_select .. replace .. select .. .. suffixes basic .. src_wild1 .. src_wild2 .. .. syntax directive-t0 .. enl .. funny-targets .. semi .. .. sysmk t0 2 1 .. .. mk .. .. t1 2 1 .. .. mk .. .. t2 2 1 .. .. mk .. .. .. variables modifier_M .. modifier_t .. opt_V .. t0 .. .. .. bsdcat .. calendar .. cmp .. compress .. cpio .. col .. comm .. csplit .. cut .. dc .. diff .. diff3 .. dirname .. du .. file2c .. file .. find .. fold .. getconf .. gh-bc .. grep .. gzip .. head .. hexdump .. ident .. indent .. join .. jot .. lastcomm .. limits .. locale .. m4 .. mkimg .. ncal .. opensm .. patch .. pr .. printf .. procstat .. rs .. sdiff .. sed regress.multitest.out .. .. seq .. soelim .. sort .. stat .. tail .. tar .. timeout .. tr .. truncate .. units .. unifdef .. uniq .. vmstat .. xargs .. xinstall .. xo .. yacc yacc .. .. .. usr.sbin chown .. daemon .. etcupdate .. extattr .. fstyp .. jail .. makefs .. mixer .. newsyslog .. nmtree .. praudit .. pw .. rpcbind .. sa .. .. .. # vim: set expandtab ts=4 sw=4: diff --git a/tests/sys/net/Makefile b/tests/sys/net/Makefile index 0eed6cf734fa..73ac97d3b9e4 100644 --- a/tests/sys/net/Makefile +++ b/tests/sys/net/Makefile @@ -1,38 +1,39 @@ # $FreeBSD$ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/net BINDIR= ${TESTSDIR} ATF_TESTS_C+= if_epair ATF_TESTS_SH+= if_bridge_test TEST_METADATA.if_bridge_test+= required_programs="python" ATF_TESTS_SH+= if_clone_test ATF_TESTS_SH+= if_gif ATF_TESTS_SH+= if_lagg_test ATF_TESTS_SH+= if_stf ATF_TESTS_SH+= if_tun_test ATF_TESTS_SH+= if_vlan +TESTS_SUBDIRS+= if_ovpn TESTS_SUBDIRS+= routing # The tests are written to be run in parallel, but doing so leads to random # panics. I think it's because the kernel's list of interfaces isn't properly # locked. TEST_METADATA+= is_exclusive=true ${PACKAGE}FILES+= \ dhclient_pcp.conf \ pcp.py \ stp.py ${PACKAGE}FILESMODE_pcp.py= 0555 ${PACKAGE}FILESMODE_stp.py= 0555 MAN= PROGS+= randsleep CFLAGS+= -I${.CURDIR:H:H} .include diff --git a/tests/sys/net/if_ovpn/Makefile b/tests/sys/net/if_ovpn/Makefile new file mode 100644 index 000000000000..fa226d56d191 --- /dev/null +++ b/tests/sys/net/if_ovpn/Makefile @@ -0,0 +1,17 @@ +PACKAGE= tests + +TESTSDIR= ${TESTSBASE}/sys/net/if_ovpn + +ATF_TESTS_SH+= if_ovpn + +${PACKAGE}FILES+= \ + ca.crt \ + client.crt \ + client.key \ + dh.pem \ + server.crt \ + server.key \ + user.pass \ + utils.subr + +.include diff --git a/tests/sys/net/if_ovpn/ca.crt b/tests/sys/net/if_ovpn/ca.crt new file mode 100644 index 000000000000..4bdde726d12b --- /dev/null +++ b/tests/sys/net/if_ovpn/ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFrzCCA5egAwIBAgIUFByUexsc+WCQtaEQZCg+nrJaFDowDQYJKoZIhvcNAQEL +BQAwZjELMAkGA1UEBhMCS0cxCzAJBgNVBAgMAk5BMRAwDgYDVQQHDAdCSVNIS0VL +MRUwEwYDVQQKDAxPcGVuVlBOLVRFU1QxITAfBgkqhkiG9w0BCQEWEm1lQG15aG9z +dC5teWRvbWFpbjAgFw0yMjA0MjcxNDM1NTZaGA8yMTIyMDQwMzE0MzU1NlowZjEL +MAkGA1UEBhMCS0cxCzAJBgNVBAgMAk5BMRAwDgYDVQQHDAdCSVNIS0VLMRUwEwYD +VQQKDAxPcGVuVlBOLVRFU1QxITAfBgkqhkiG9w0BCQEWEm1lQG15aG9zdC5teWRv +bWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJnak7swgeJta01H +4pNQte3S0bdEGRvyhkzY8HIxe/pdz371fSL40iBQ29PVZseMVOsQIrIolhma4qTy +tMyU9VEfJRlBj8hdlbIpb8FDsvMOFyC+7+GxHdkAQlFV5fUj7JydnxiY+L87W7WE +VaTy9ZRtuIXhvkVZYTHzvVwXwL5e5EdcJKHsdam49ty4rs6CE7J06GYnwmLk/nDw +vZZhHTB5V+vNeurRoxKyYvUXePTCqh6cGh2as061JxU1j1vj3cTNVlPymO85Etl1 +t4uEHjXyLVK2+OCcauQGn6QT02xqFLRsbk42gWOksFj50NDQVtp71JIMAmwzz2yi ++cqz1qqdyOlfLeP2oow1jYa3Hhht5Es90m6YkeF/073eLW/nuVsoD57PZ1rnClX+ +9Zs24LAN/vnXR1gK/nAZsv9CNtRdWt9yTSmq/oGZj4kWU154XxRLfcDa9gj5X+g9 +Z4w6YaJtsa8XaOelPWnBg/JXLrdE731DwyDRqlSPYgwzU6g3CgjRV3/cJs/RaxWB +Au1Tdpd2T5KbeLivYJnhNApE0J4CxXrudfglAaZV8tG0SK8F07Sd0uS4Sa83I1Bh +IjAFcjBcMxv1gWNZN903V0etmCkIwONlqTSWKNYGV+9EQ1moHDDXRUK14He95AQ7 +ZNadjsqZuDGl925HW4wjk2HLa42FAgMBAAGjUzBRMB0GA1UdDgQWBBSIBxjB/i4J +Ln3guRuDqVTeCbEWfjAfBgNVHSMEGDAWgBSIBxjB/i4JLn3guRuDqVTeCbEWfjAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQAMrtwU2YfLGp2QWH33 +qH4dZh92iaSApEDwIggBj+wrc/6LbbS+Mm6UTOj9SYNcDZpj/ia4m1OXV7dC1adZ +wGk94qBknwgxPkxS0f3HLlvYDnSWCOTP5CJPfdQWPRX0WQO8l5s+tIigLaioS76N +C/g+I7ytPYbCN7sZRgQJr+vGxOxaBD8GrSq6/brTSUMCHUjE/ylFZ9ykBtmXTVIb +u9WsnWTyA7h5Nzhkh0VvN0o/EhlgRpUdT1661QlIvWsyfd6sxrtLum4h88DUkjw9 +qlMDTnkhWUfyPg8kS99dLodnxp1QeW0ISeWpAucJuOvu3ode/N3lOrxq88OrZQNJ +upQsdUxLEU6DzQlvBd2s4d8Ghvk3l65u688cE6dXIcNPEp78wy/IXkVvTRTstpuA +Ep9ZNwrEvaPQDxBJ6a2sPKwXst1NZZgmPQG2ZbpQfCQtJ0zYZWpI/LytiC/05joi +/aGh01GN7nODt9U7rtZtCQjjmIlK7fuBJLL9yQXcpzT5sItdQSkn9QuCBlnlxMqx +felbaNPxTLJVqCilqlx/xaybDljduKLvJouR+l/UjrXz+n02lzxPQ3FIr8/vJlVf +EFbSmkzS3C/O5gXUxHTq44z6LbnosjyiPEB2J7n5kvsA8HTynZU4GCrHa5LLG1eg +1odsgCIYiAwNBCbPtWWykUHXhA== +-----END CERTIFICATE----- diff --git a/tests/sys/net/if_ovpn/ca.key b/tests/sys/net/if_ovpn/ca.key new file mode 100644 index 000000000000..79537a84c6a0 --- /dev/null +++ b/tests/sys/net/if_ovpn/ca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAmdqTuzCB4m1rTUfik1C17dLRt0QZG/KGTNjwcjF7+l3PfvV9 +IvjSIFDb09Vmx4xU6xAisiiWGZripPK0zJT1UR8lGUGPyF2VsilvwUOy8w4XIL7v +4bEd2QBCUVXl9SPsnJ2fGJj4vztbtYRVpPL1lG24heG+RVlhMfO9XBfAvl7kR1wk +oex1qbj23LiuzoITsnToZifCYuT+cPC9lmEdMHlX68166tGjErJi9Rd49MKqHpwa +HZqzTrUnFTWPW+PdxM1WU/KY7zkS2XW3i4QeNfItUrb44Jxq5AafpBPTbGoUtGxu +TjaBY6SwWPnQ0NBW2nvUkgwCbDPPbKL5yrPWqp3I6V8t4/aijDWNhrceGG3kSz3S +bpiR4X/Tvd4tb+e5WygPns9nWucKVf71mzbgsA3++ddHWAr+cBmy/0I21F1a33JN +Kar+gZmPiRZTXnhfFEt9wNr2CPlf6D1njDphom2xrxdo56U9acGD8lcut0TvfUPD +INGqVI9iDDNTqDcKCNFXf9wmz9FrFYEC7VN2l3ZPkpt4uK9gmeE0CkTQngLFeu51 ++CUBplXy0bRIrwXTtJ3S5LhJrzcjUGEiMAVyMFwzG/WBY1k33TdXR62YKQjA42Wp +NJYo1gZX70RDWagcMNdFQrXgd73kBDtk1p2Oypm4MaX3bkdbjCOTYctrjYUCAwEA +AQKCAgBCSLw6+nQK5E9FVUIVa8Flu90kUs9qjfs0YoZ8/DrIq9/4d7U4+vA0ggGj +ax5DvH7dYu8/yGKal3Mr03D3bvmdwIhQMEHM9hzHTDjcj9kqBBkMv5ZDqvYMBqOL +vTE8gwSumO3xP/5zDRS+yEvJq+8Hypmj/JTn9dD9H2Cmq4kbu3AoGleh92jd/VVF +1L9jMwFfciSp1llWGAhTCjTz89UKjEzHx5g8UKMsK/ScWUeAU9nNJD3QIVU9BKjY +52FjGnHyFvEpa6xd7D3luGSiVAJcBYFnUHM6+cjHgt8GZpBA9hcDgG+pfKwUDOD5 +BG/ldszkhlMXtNraWRv1VuW9YeuKnTwagxNLuqYOe2PyFq9sYcpHP8pSspKlun6M +JnTZUrb8E6DdteW9ITEmtTH2jYIR0COgRYg0xFVbPjS1D2JH94H1pXeDGw8UgdGX +H1QhrQqtBafqweWdPEoGLG7dhZqSCptuYzA/o+53oFo/B0EPmG0G5oAx1d0VJrVR +6+bEfX5+3eWnAnTw138WAczXlVIvQoD+r7TJY+smD2RCYAJChI/3ZPiQkhj/WOMV +ueELkapracgnsGxcT+UyqV1351sNkje7+DwKUsnP/vJZxfV0LGPIMx9ykYEwKpKh +EvDjusV7Y1FOYqJDkl0veIG532L4ndwu5SZCBdcTzmSUlQLgoQKCAQEAxx29a5SU +YupoLbEPw3gWoGFCbcDQ9EJ3N/s3g4T34QeBWzpwDhx2NZsNbLAn9LXYUTRAd8gr ++3Isu5WY71Kctk8Q134eBB0Gsnu51j1LUeorgUlKgQ3nCbADti0sKRv8jSaGyTXi +r42qUOo9n+gQUdNVdKPNvy8gkcp2A1RfqxedZVZ5UcC0xVdoF661sFkLBGZXx6HP +y8HK3qk0W3KkVMpbj3TH/URaA7bEYuY9J2StV4ywP8oM+MdRvR5067niI11kuQ6B +JO+vQcbyWgnP5o0gWuh6WlwwXkXxazPRMwq3XuBbBxjs6VirSdrWHWW+oLacpFcD +Y/eyRW5caN+fSQKCAQEAxc6ZCoxwFPV3lf82lMKaXgMMM/9Z1R0L6+yqUmqZafbC +kxib68Z7a2jY1FgAy5903M/MOv+sL/OON7xWbc6+fsyn2XoOvQwdrdst2olEmUi1 +UuxVHTg1gNNP9MW0YAHJVernCYyQc0BI+aVKL55IpFBudiiPe8Y4qXBy5cwynJ7w +TQACy4jv/DOdcib9JWEzE6RB2Q7ClbIaVztnYFOI4bPSabsiJnAQPKI18ka7k0CR +0mVYUxIOJ2N84+XV1wZ2MeVfUzlwzHmx7+vPdkCiwdKrbtpjoyv4DGCxvIAudGLm +0TcFVOK9oCil7qLLzbgFPyYBZX7gxfxSJvcgFMkwXQKCAQEAwLucuiFbcFOM+41D +wOTgoeUCs9HLcGNVmq5kEb4HYZ4uK+vowv/xu/mViPsJ8eiCtjdpn4f2arEdc4Ve +P2krn5vwpWXCECE4dlMkkqdJ3MRZ0A7tOvYGCG6DaTdYY4JfdxEvrlumTF9H2IKj +m8C46zswoHJdmQ047WWXzalB4Q4+n/SQAf4R/GKaszG9VDEcZOnbVbTeuk+e2t/V +eh8BycEF11omqpQavTWP6lsKHrNoxjG7+ELPQ49LI0/zxKhsp+aitC3B+8q1TWoQ +8+5Detpn0xbsN8K8XsQ85pOFj250CDYKZlhOGaBmTFqynkn5tv6LqNdAxObhfCtS +74BlYQKCAQByzuS44KY1I/vSzZxKX2Dla/NrQqxLK16+AlEhIMoGXLi2U7Q79qmv +v90J8kIT7WsQtnMdU0QHWN+UrfWkKjkas4JAkb14ME4RmINWshFkvnSvuof0O6mi +KgPgV9fHWYIYIg0S18kHe6pfa3ZRiRc0d5KFdilBd91vStsFUa2WhhGHP5hftg1E +Xljl5odLaM0Se2XUq+J4rDTpqIrpt9Jc3dgkkf7SPHzQFH4nLrK0VufMLBJFtNcO +OYpFZCLneNKlRzI6xb4YkBGc5Us2oXFV+gaSgqMOE/kWhhDjDaro1naNu9eWWzwg +dzdH+Kk9r68r5c0tsaSYhUjRYOH37oXpAoIBAQDAqjYwd64AKFnppbt5eAJtdJtd +BatS6DfNxYl6jmF0E9+ZUIALdmyxB/Y8Grng5kpd8VQHW5LDzX+ABrrD99+hSPDe +quq6S6JSvXfrGa5EGMkC6zkPFvppjYj4u+VVqn0sRKPLAa3tmXLECJ+lORX4LVhe +rG2/AmvG5YVqYBTgbBi+cYXToHXUp1D/qQLXN+8PvCvvWVCzfVYr25TsD+5UEbvc +TQA9WtwHy/xjzLx11IrI9xlDBPzfGQVStnroP6MkMe3ACc0pg/17ktY5MiFnzLpK +o58qMXWZMrYyDvlo9PBOYLFXL41yJMhZeJjP80Kk/L1EnDiTDHuU8qFltbD3 +-----END RSA PRIVATE KEY----- diff --git a/tests/sys/net/if_ovpn/client.crt b/tests/sys/net/if_ovpn/client.crt new file mode 100644 index 000000000000..92ba8ad1ba4b --- /dev/null +++ b/tests/sys/net/if_ovpn/client.crt @@ -0,0 +1,123 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1048686 (0x10006e) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST/emailAddress=me@myhost.mydomain + Validity + Not Before: Apr 27 15:00:37 2022 GMT + Not After : Apr 3 15:00:37 2122 GMT + Subject: C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client/emailAddress=me@myhost.mydomain + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (4096 bit) + Modulus: + 00:f0:86:38:95:a6:e0:76:52:eb:25:57:8b:47:2a: + e1:17:db:9b:84:64:33:0c:70:91:74:ae:f5:39:cc: + a7:9e:37:3c:d2:32:df:cd:57:8e:21:00:c9:43:b6: + b3:d3:a8:fc:15:84:c4:15:86:d8:d6:69:5b:d4:9b: + 19:c9:8e:71:9f:1d:12:72:89:e3:7b:db:80:6e:dc: + 69:fd:98:eb:22:33:ac:59:4a:57:bd:6d:48:60:fd: + 89:8c:94:fd:64:24:cf:98:ea:31:c0:20:50:38:2e: + c6:f3:67:54:c1:ea:70:13:a4:34:fd:38:59:9c:64: + bf:11:f1:ed:01:46:08:31:c8:de:32:13:47:38:81: + 84:4d:f6:00:d3:8c:ee:6f:71:a1:5a:b1:34:60:95: + 25:67:7f:4c:d5:86:09:0b:dc:75:a1:e5:aa:05:74: + 0f:e8:f1:b1:2a:63:be:53:cb:d8:a3:9f:f1:1a:c6: + fb:c8:c5:ec:6c:34:86:13:c7:e4:83:d2:11:66:2f: + ee:8e:19:8e:e5:da:0c:59:09:b3:c6:35:aa:7e:88: + 15:eb:53:29:cd:f6:a5:c4:d2:af:72:28:b0:a8:f5: + a4:38:5b:ab:9f:e0:db:f1:b9:e4:ca:d0:e8:c7:dd: + 95:81:c9:75:e2:23:74:30:59:b0:ca:74:b1:fe:86: + 0d:7c:5a:f3:5d:bb:42:75:7d:48:51:d7:6a:ee:93: + d2:e4:30:2a:5c:65:56:f4:5e:74:97:e1:7e:ae:2c: + f7:da:95:12:e0:1a:dd:f5:07:c0:4b:85:90:45:d1: + b0:61:ec:90:ab:20:c3:55:78:6c:da:bb:48:4f:33: + 61:04:4f:8d:1a:e4:57:8a:cb:e1:ea:db:8f:f3:9f: + d4:98:5f:27:dd:20:9e:76:35:54:75:ab:ef:74:6b: + 77:93:02:e9:79:a4:0b:83:a4:ff:fd:3d:bd:a5:e3: + 96:b8:78:13:5a:91:7d:bd:a2:90:54:9d:07:87:fd: + 62:e2:d9:01:9c:50:8b:d4:7c:a4:28:f6:31:2b:9a: + f1:6f:6f:85:71:7e:71:b2:bc:6d:97:e7:fc:8c:5e: + 97:85:c1:6a:61:10:c1:e5:b4:db:52:db:20:e3:42: + 8f:fa:48:4c:27:87:0f:05:0d:6d:93:4e:2f:a1:36: + 58:16:73:9f:61:68:d5:cb:67:1b:5d:41:c2:e6:6f: + e6:ca:e1:f3:b6:92:c1:48:72:3f:a9:84:3b:1f:9b: + 3d:73:85:46:f2:f7:dc:5e:de:e9:18:47:24:f4:7d: + 46:e1:0e:2e:5a:4a:9a:4e:f1:e5:7c:71:d0:7b:9e: + 62:3d:43:a3:62:9e:55:0a:77:a6:98:31:b7:a1:11: + b3:58:35 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + FC:B5:C3:D3:A0:B5:6C:8F:3D:52:4F:07:03:08:0A:BD:9D:A8:94:3A + X509v3 Authority Key Identifier: + keyid:88:07:18:C1:FE:2E:09:2E:7D:E0:B9:1B:83:A9:54:DE:09:B1:16:7E + + Signature Algorithm: sha256WithRSAEncryption + 5d:26:45:db:9f:d6:c7:86:a0:22:85:f2:fd:4a:41:3b:3a:2f: + 81:1b:93:38:e7:0e:81:bf:bc:5f:47:95:94:92:a6:12:47:78: + 74:68:65:fd:e0:99:b2:08:d5:2b:fa:aa:05:13:88:7f:00:e8: + cb:17:b0:04:4d:d1:6e:80:4b:11:1b:71:45:b9:61:c2:66:14: + e6:86:d9:13:a0:7d:63:14:fe:41:7c:86:42:c8:53:0e:04:da: + 1b:28:cc:a4:e8:ff:f4:b0:73:4b:c0:a3:d7:be:7c:2c:2a:e5: + aa:3e:8b:ce:07:8b:b2:62:a4:7d:f0:b3:75:39:02:10:f0:a8: + b9:d8:1f:70:4d:d1:b0:68:46:43:02:bc:8b:15:e6:df:5d:c3: + ae:e3:89:80:48:64:35:9b:0b:2b:d6:75:38:96:0d:6c:f1:cb: + 03:91:ec:75:58:3b:fb:f7:78:cf:38:58:9b:a6:04:48:fc:aa: + c0:fa:a3:9c:da:c3:26:e0:82:9a:0e:0e:2b:2f:50:00:56:7f: + d5:ab:87:61:dd:bb:34:23:af:38:5f:ea:40:72:cf:46:38:31: + 8c:a3:68:1c:a1:84:62:03:05:7e:92:46:1b:0f:e2:a3:47:d3: + a2:c5:f9:e8:7b:d1:0a:20:63:d6:ca:01:05:7f:3f:4c:4f:d5: + 6c:51:e8:ee:82:35:37:9b:1e:e8:76:6d:05:50:88:43:cc:8c: + 20:81:09:a9:76:57:97:7b:bc:38:14:d5:3e:38:b1:a5:7e:51: + b2:67:9b:50:05:00:1b:24:90:cc:57:e1:b1:27:3e:50:09:0b: + bc:9c:0e:b3:d1:08:80:30:d6:28:85:6c:4d:9f:d2:ea:96:de: + 6f:0d:25:0c:03:94:65:4e:88:aa:d8:81:78:49:44:09:4d:85: + c8:db:8c:57:be:6d:49:97:2b:a5:28:97:e3:99:ea:f1:b7:46: + 2e:a6:dc:85:1c:d6:66:6e:dd:a9:db:d6:d3:34:71:95:0a:6d: + bb:47:b5:18:b5:7e:95:92:9b:53:f9:9b:a3:6c:09:2c:e2:d0: + d3:9a:4e:31:21:0b:18:b6:b4:fc:65:8a:a2:e5:b9:c8:f5:4a: + 92:3f:4e:de:db:e5:3a:bf:22:4e:39:b6:ae:09:d1:1b:84:f5: + e6:53:6d:c2:8e:24:26:58:58:80:aa:8d:dd:54:21:9e:7b:c1: + 01:f8:94:cc:a6:c0:32:9a:4a:0c:b4:f5:b8:e7:b0:5c:c2:18: + 57:1e:49:93:72:c9:01:91:b7:ea:a1:0b:fa:f0:33:0d:ff:55: + b6:fb:07:30:85:47:ab:cd:05:4e:cc:a2:49:91:0b:7d:b7:a4: + bb:43:ea:bb:f9:95:bb:e9 +-----BEGIN CERTIFICATE----- +MIIFyjCCA7KgAwIBAgIDEABuMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAktH +MQswCQYDVQQIDAJOQTEQMA4GA1UEBwwHQklTSEtFSzEVMBMGA1UECgwMT3BlblZQ +Ti1URVNUMSEwHwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW4wIBcNMjIw +NDI3MTUwMDM3WhgPMjEyMjA0MDMxNTAwMzdaMGoxCzAJBgNVBAYTAktHMQswCQYD +VQQIDAJOQTEVMBMGA1UECgwMT3BlblZQTi1URVNUMRQwEgYDVQQDDAtUZXN0LUNs +aWVudDEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0Lm15ZG9tYWluMIICIjANBgkq +hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA8IY4labgdlLrJVeLRyrhF9ubhGQzDHCR +dK71Ocynnjc80jLfzVeOIQDJQ7az06j8FYTEFYbY1mlb1JsZyY5xnx0Sconje9uA +btxp/ZjrIjOsWUpXvW1IYP2JjJT9ZCTPmOoxwCBQOC7G82dUwepwE6Q0/ThZnGS/ +EfHtAUYIMcjeMhNHOIGETfYA04zub3GhWrE0YJUlZ39M1YYJC9x1oeWqBXQP6PGx +KmO+U8vYo5/xGsb7yMXsbDSGE8fkg9IRZi/ujhmO5doMWQmzxjWqfogV61Mpzfal +xNKvciiwqPWkOFurn+Db8bnkytDox92Vgcl14iN0MFmwynSx/oYNfFrzXbtCdX1I +Uddq7pPS5DAqXGVW9F50l+F+riz32pUS4Brd9QfAS4WQRdGwYeyQqyDDVXhs2rtI +TzNhBE+NGuRXisvh6tuP85/UmF8n3SCedjVUdavvdGt3kwLpeaQLg6T//T29peOW +uHgTWpF9vaKQVJ0Hh/1i4tkBnFCL1HykKPYxK5rxb2+FcX5xsrxtl+f8jF6XhcFq +YRDB5bTbUtsg40KP+khMJ4cPBQ1tk04voTZYFnOfYWjVy2cbXUHC5m/myuHztpLB +SHI/qYQ7H5s9c4VG8vfcXt7pGEck9H1G4Q4uWkqaTvHlfHHQe55iPUOjYp5VCnem +mDG3oRGzWDUCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl +blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFPy1w9OgtWyPPVJP +BwMICr2dqJQ6MB8GA1UdIwQYMBaAFIgHGMH+LgkufeC5G4OpVN4JsRZ+MA0GCSqG +SIb3DQEBCwUAA4ICAQBdJkXbn9bHhqAihfL9SkE7Oi+BG5M45w6Bv7xfR5WUkqYS +R3h0aGX94JmyCNUr+qoFE4h/AOjLF7AETdFugEsRG3FFuWHCZhTmhtkToH1jFP5B +fIZCyFMOBNobKMyk6P/0sHNLwKPXvnwsKuWqPovOB4uyYqR98LN1OQIQ8Ki52B9w +TdGwaEZDAryLFebfXcOu44mASGQ1mwsr1nU4lg1s8csDkex1WDv793jPOFibpgRI +/KrA+qOc2sMm4IKaDg4rL1AAVn/Vq4dh3bs0I684X+pAcs9GODGMo2gcoYRiAwV+ +kkYbD+KjR9Oixfnoe9EKIGPWygEFfz9MT9VsUejugjU3mx7odm0FUIhDzIwggQmp +dleXe7w4FNU+OLGlflGyZ5tQBQAbJJDMV+GxJz5QCQu8nA6z0QiAMNYohWxNn9Lq +lt5vDSUMA5RlToiq2IF4SUQJTYXI24xXvm1JlyulKJfjmerxt0YuptyFHNZmbt2p +29bTNHGVCm27R7UYtX6VkptT+ZujbAks4tDTmk4xIQsYtrT8ZYqi5bnI9UqSP07e +2+U6vyJOObauCdEbhPXmU23CjiQmWFiAqo3dVCGee8EB+JTMpsAymkoMtPW457Bc +whhXHkmTcskBkbfqoQv68DMN/1W2+wcwhUerzQVOzKJJkQt9t6S7Q+q7+ZW76Q== +-----END CERTIFICATE----- diff --git a/tests/sys/net/if_ovpn/client.key b/tests/sys/net/if_ovpn/client.key new file mode 100644 index 000000000000..7ad255b52556 --- /dev/null +++ b/tests/sys/net/if_ovpn/client.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEA8IY4labgdlLrJVeLRyrhF9ubhGQzDHCRdK71Ocynnjc80jLf +zVeOIQDJQ7az06j8FYTEFYbY1mlb1JsZyY5xnx0Sconje9uAbtxp/ZjrIjOsWUpX +vW1IYP2JjJT9ZCTPmOoxwCBQOC7G82dUwepwE6Q0/ThZnGS/EfHtAUYIMcjeMhNH +OIGETfYA04zub3GhWrE0YJUlZ39M1YYJC9x1oeWqBXQP6PGxKmO+U8vYo5/xGsb7 +yMXsbDSGE8fkg9IRZi/ujhmO5doMWQmzxjWqfogV61MpzfalxNKvciiwqPWkOFur +n+Db8bnkytDox92Vgcl14iN0MFmwynSx/oYNfFrzXbtCdX1IUddq7pPS5DAqXGVW +9F50l+F+riz32pUS4Brd9QfAS4WQRdGwYeyQqyDDVXhs2rtITzNhBE+NGuRXisvh +6tuP85/UmF8n3SCedjVUdavvdGt3kwLpeaQLg6T//T29peOWuHgTWpF9vaKQVJ0H +h/1i4tkBnFCL1HykKPYxK5rxb2+FcX5xsrxtl+f8jF6XhcFqYRDB5bTbUtsg40KP ++khMJ4cPBQ1tk04voTZYFnOfYWjVy2cbXUHC5m/myuHztpLBSHI/qYQ7H5s9c4VG +8vfcXt7pGEck9H1G4Q4uWkqaTvHlfHHQe55iPUOjYp5VCnemmDG3oRGzWDUCAwEA +AQKCAgEArHhyhs0c03vt5d76nlOfCM6Om8aF3HuzsanrakDYSNlvIYMdfE82OXAo +4gdWt4XLDVsgiBcj0cvG75MwUJl13BSqr7s0hhIF7Hjc/93xbZsEERsAA3MjnXjw +cwA7Gt5ShmIYvp3tJ/xS6SLFYi/LoinzXUhU6ZJMeH+z5V/kbF6PBfVQ8rHcv1KR +kSDTsNIYU8IRvtfz9F0SKWJthjXVm/vliPeKmQ0Gb1EKn2fitqHv77WTwoo6V/Tp +17FUqTmvBEmGlBq7nxJWHFqasJy23viSTyZZKbmdcJ9q8z8+Pkm2Mjt5u7Evxgv4 +hX58DSVVGbXuc/PcUvddkC9RmyNg8tEd/HN8e3E0rtHnyCRU7E06zHJ06mxoKgst +e1L4RXdAJFL0QzT4fpNfbTt4obAhOuq0GxpUoFdXSWOrCYvL9CRXTEtohs5aS6l2 +zG9/lQ0JpT8S6ASLP8v3v83Mw37ffjBLMzGsKUbZcCQCoUiezGuR5nyeWvYoaBGf +9f68zYICzgJTZDDYV5VE170TjCq1eEIEi/X/HZr2l99BckOwhZp1jGrGCZcH/nqJ +jERAGFDtXjcWVWNUGlqhIb4RZ1VoyHqGcu5RfprlQhOJn5IJUQE7bFWq6/Z9sJa5 +0pD7kMZwrOPAPskWs/zTjIJ1FFKAwW68tPxbCr2Rh/dIIhktd9kCggEBAPio1deG +WlgZoV1tbpjSNKPZHArRG03j1aXHOKoMjC1P2jiUW9/gJ1OMV19HCJtrkdDbRlFl +qkjoRNW/+B0cuHwiemVogVdObmt2QU2+xsccCM8iu1UDTN3Q6WhtV6ejFLa4/p9K +3ZxLnj1zgTEw/ZZDXI9vaxINtDEa3cakrqtStIJSXyWaViB/+rBCYi+7H+9fMVsk +N956SQR4mocdOP7LpHMKjYLb2SlUrajXV+5fg43nEucIQGRRJ/zddI3RtlcLYr4Y +areyRZ9GwH4qrS2QJJMy8UQAcrr6JPT6w5vRob45B23uMNgrp8XOmdH+nXuHth0W +M7z/zECRHe1J9BcCggEBAPef6A1C8AZFxpcWZ9jwZ7dsRdOzWf/65TtLWFqZVHGa +JbD+ytHDVmOviRBhBM+nGnIRUdPYns1wCpFKeCPlmqgIhZVJH9Qyj7g03QVAZwCD +6FLa0sewlvK5+wkC++6C7JhO4qhYNEk9W8P2ck12PlzeFEpGWSTiNLwwDEgahvmS +0yghqJRugojnebySTMdNqaqDzo1U7l6YWhVdlTF0GFdG4Yab/Ikz1KIgaY5VpKtA +b+mtguGH1Yh1n3x8Fw6FyRasSfIhJmsXZRe+RGx7vwoEnMjVbYBAVfjijkmDcbS5 +4O0zI5eZzBXfIMM6EwClig9OZEEYcx+llDWoX41PqZMCggEAb2PCl4+5/OlOXfnd +p1vS9OsXIslVf+jmFiNOgO6qBMpWqS3ckkdploWxxh6d/nGLmpH/yArQ42QZId+j +F/d7tTAEwFS2TBP4Zu9MhbVGen9WeuPGI2kdD+i8Bmmk8JWfe9MXTOhOqes98a1C +XHTjxGJcnmx8/FNjOvQcERZIoLql3hNkSAYBOwHZnQe/0D31KlfsVjW9SU5iUzxr +jMdMdudmvZomlk5B07/5Iz+ERmZHGlQ/JXuOzOGGFkJmKfmdwxR4oUty0uNrSNR6 ++onHljeSCtaxOZMx0gyobY2//pdD62DEsTwYaV31BCluwqFajrHWpOUDPFEigHIB +hACy9QKCAQB2JYiNU0O8amxPSDRyMHn77R//2xH07ZuTx+Y3C/NbZIXZRig1HzNH +ysfl1bR68yrOA+972V4jfPK90b8yuWkqBS7fRI14LEugQzC1Qb4jY8xkQ93PwzSy +SQQ6j37ulO8X2IOSeMsxqqHvBNYSmXk1zAv4SEpeK8OninFBsc52o5Q2EKEjePq1 +IWRXEaKqcSajodHaYwx8e8p3aTg26UJ32eze0ewS9nTcigRzEe/Iea0r3EqXGr1K +J3zZ40cI+dIxDDEX4rM242mrg2+YJw7GU98Of66IQ6oBXu8uqhWFei6UXhL8UTgr +s1MpcrsAUvtlRCzXVjgPgGwPke9NOBYbAoIBAALzEo+wH3NNIiqD1DfNTAGHuEC3 +SRkXVe2sQEGfXN8l5N5ujvhCUqhkVzni4t/7FqHDuGQW/FMoO9xpAfRzi2+09Ymg +JLbMDIuhoOqnFD8Kn7yW4TKnAtaPIjxYARf6ODAJkFQL0t6r3psgZH4oMYAeBNCz +DJES+ED5tj6q3nBPYR+4H9CAxBJd4Bmvpv5N9Sg1W7VByqSlM9HMxtbkWEV0WshL +Zvm2PXBsCEPDp1SQcF9Vxuf9YMx3etVfTZ82gZXOwUF+MCBA0EjqtqMznT4gd7tH +RQZRjuIyd4gRq6PcvW7hPvfE7FL9wC3CHCsD1JZ++TRChYe4HRbEY/Oz62k= +-----END RSA PRIVATE KEY----- diff --git a/tests/sys/net/if_ovpn/dh.pem b/tests/sys/net/if_ovpn/dh.pem new file mode 100644 index 000000000000..8eda59aa139e --- /dev/null +++ b/tests/sys/net/if_ovpn/dh.pem @@ -0,0 +1,8 @@ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEArdnA32xujHPlPI+jPffHSoMUZ+b5gRz1H1Lw9//Gugm5TAsRiYrB +t2BDSsMKvAjyqN+i5SJv4TOk98kRRKB27iPvyXmiL945VaDQl/UehCySjYlGFUjW +9nuo+JwQxeSbw0TLiSYoYJZQ8X1CxPl9mgJl277O4cW1Gc8I/bWa+ipU/4K5wv3h +GI8nt+6A0jN3M/KebotMP101G4k0l0qsY4oRMTmP+z3oAP0qU9NZ1jiuMFVzRlNp +5FdYF7ctrH+tBF+QmyT4SRKSED4wE4oX6gp420NaBhIEQifIj75wlMDtxQlpkN+x +QkjsEbPlaPKHGQ4uupssChVUi8IM2yq5EwIBAg== +-----END DH PARAMETERS----- diff --git a/tests/sys/net/if_ovpn/if_ovpn.sh b/tests/sys/net/if_ovpn/if_ovpn.sh new file mode 100644 index 000000000000..338605de98d4 --- /dev/null +++ b/tests/sys/net/if_ovpn/if_ovpn.sh @@ -0,0 +1,104 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2022 Rubicon Communications, LLC ("Netgate") +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +. $(atf_get_srcdir)/utils.subr + +atf_test_case "4in4" "cleanup" +4in4_head() +{ + atf_set descr 'IPv4 in IPv4 tunnel' + atf_set require.user root + atf_set require.progs openvpn +} + +4in4_body() +{ + ovpn_init + + l=$(vnet_mkepair) + + vnet_mkjail a ${l}a + jexec a ifconfig ${l}a 192.0.2.1/24 up + vnet_mkjail b ${l}b + jexec b ifconfig ${l}b 192.0.2.2/24 up + + # Sanity check + atf_check -s exit:0 -o ignore jexec a ping -c 1 192.0.2.2 + + ovpn_start a " + dev ovpn0 + dev-type tun + proto udp4 + + cipher AES-256-GCM + auth SHA256 + + local 192.0.2.1 + server 198.51.100.0 255.255.255.0 + ca $(atf_get_srcdir)/ca.crt + cert $(atf_get_srcdir)/server.crt + key $(atf_get_srcdir)/server.key + dh $(atf_get_srcdir)/dh.pem + + mode server + script-security 2 + auth-user-pass-verify /usr/bin/true via-env + topology subnet + + keepalive 100 600 + " + ovpn_start b " + dev tun0 + dev-type tun + + client + + remote 192.0.2.1 + auth-user-pass $(atf_get_srcdir)/user.pass + + ca $(atf_get_srcdir)/ca.crt + cert $(atf_get_srcdir)/client.crt + key $(atf_get_srcdir)/client.key + dh $(atf_get_srcdir)/dh.pem + + keepalive 100 600 + " + + # Give the tunnel time to come up + sleep 10 + + atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1 +} + +4in4_cleanup() +{ + ovpn_cleanup +} + +atf_init_test_cases() +{ + atf_add_test_case "4in4" +} diff --git a/tests/sys/net/if_ovpn/server.crt b/tests/sys/net/if_ovpn/server.crt new file mode 100644 index 000000000000..e4166fa2e0ae --- /dev/null +++ b/tests/sys/net/if_ovpn/server.crt @@ -0,0 +1,123 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1048687 (0x10006f) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST/emailAddress=me@myhost.mydomain + Validity + Not Before: Apr 27 15:01:41 2022 GMT + Not After : Apr 3 15:01:41 2122 GMT + Subject: C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server/emailAddress=me@myhost.mydomain + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (4096 bit) + Modulus: + 00:b1:4c:f3:d9:6e:39:ac:d7:8f:78:e9:37:dd:ae: + 73:f4:d6:77:84:42:3e:2a:76:76:6f:71:6a:b4:45: + a9:e3:84:0e:ee:3d:18:20:47:9d:fb:d1:ca:bb:d7: + cd:d5:e3:b8:3d:1b:9e:c1:f5:26:72:4a:bb:fe:4e: + ec:49:06:c0:ff:21:f4:b5:5c:72:fc:c7:3e:27:86: + 03:65:e2:d8:f7:5c:c7:23:16:82:ab:ee:81:7d:44: + 41:a0:34:06:14:19:08:7a:47:69:5e:b6:aa:6f:74: + 08:4f:13:ca:1d:b1:d8:2e:3a:a7:41:ec:e0:3e:b4: + 54:b2:7c:2e:dd:ee:f5:07:92:ed:f2:64:62:2f:7a: + c2:8e:f0:50:2d:f6:2b:1c:9d:1d:db:25:04:1e:b5: + 0d:18:c8:a4:b6:1e:cc:05:a1:10:74:e2:4c:98:32: + 44:6c:95:94:18:a0:64:0d:32:6b:84:f9:25:4d:04: + 0d:39:73:23:cf:b0:5a:ab:c0:ff:ec:c1:6b:ed:fa: + 9b:26:d0:45:d5:0e:75:72:d6:2f:36:26:fe:2d:bc: + 50:e0:a0:14:d4:34:e0:10:cf:aa:6a:46:79:7d:dc: + 30:e7:6c:c0:44:3e:fc:20:dd:e1:05:b2:a2:2f:aa: + 06:76:dd:33:44:19:8e:5c:54:50:d0:2b:a8:03:06: + ec:31:1c:48:1b:39:51:52:0f:44:b0:90:d5:29:c0: + b9:ae:e2:74:af:e2:08:c7:b2:e5:4e:71:f0:88:33: + 97:16:92:69:0b:48:8c:25:7c:8e:20:7c:8a:0f:32: + e6:15:90:02:33:d6:00:4f:1d:c9:7e:ef:5c:af:5f: + b4:f9:c5:8b:7b:c8:47:34:4d:85:80:f2:a9:3c:e0: + 53:d0:b7:15:59:67:0e:1b:17:6d:9b:ed:a8:14:e3: + 90:9d:6e:3a:83:ae:6f:0c:c6:58:2f:e6:41:f2:67: + b5:7c:86:97:98:55:59:14:a0:0a:f4:5f:2e:8d:ae: + e2:d9:68:a9:34:b1:c3:0f:44:04:9e:81:a5:45:8b: + 2c:82:a9:6c:ea:e7:a8:dd:27:8b:0e:0c:8c:14:35: + c8:86:01:1e:69:43:93:cb:57:c8:9d:43:d9:8e:22: + de:f8:27:e4:44:1c:3b:58:47:10:13:5f:ca:85:8b: + a6:ee:5a:27:17:13:9e:72:c5:a6:d1:60:e3:ec:69: + f0:2f:d0:d8:25:a1:80:c3:03:6b:5d:32:21:26:31: + 48:b7:ce:d2:32:2c:e9:1e:34:eb:21:e7:8e:a9:26: + 86:e6:a1:ba:0f:4a:8a:05:eb:4b:02:7a:65:e4:d3: + 39:da:10:3a:e6:0e:6f:22:ca:a0:2f:b7:7b:1e:65: + 05:73:d7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + 4E:69:D9:D4:F1:8C:C7:F0:7D:02:79:DD:00:AB:5C:0B:61:42:F5:E2 + X509v3 Authority Key Identifier: + keyid:88:07:18:C1:FE:2E:09:2E:7D:E0:B9:1B:83:A9:54:DE:09:B1:16:7E + + Signature Algorithm: sha256WithRSAEncryption + 10:40:c5:a6:b4:4f:10:e1:ff:d4:fd:68:6d:b1:f4:02:7e:18: + 03:99:d2:fa:ce:24:b9:10:c3:d7:18:48:e6:9c:4c:b2:45:39: + a8:bc:7b:1f:66:bf:1a:bc:d5:22:f6:bc:61:e3:87:4d:d4:c8: + dc:ea:ee:5f:ad:95:94:e0:17:ff:7f:d5:b6:bd:a7:5f:2b:9d: + a4:5b:65:58:9f:83:c6:91:6f:d9:d9:1b:2e:e8:19:d8:d7:35: + ef:07:5d:1b:cd:89:2b:b3:d1:0c:bd:41:99:fc:54:fe:44:03: + a6:25:06:3a:e3:f5:3e:a1:9e:de:6b:7c:8e:dc:71:32:a9:2b: + 48:06:b7:72:f3:e4:38:fd:88:c0:62:48:d3:48:81:30:9e:ac: + 3f:d9:c6:40:92:98:39:7f:ec:bb:b8:8d:25:a0:c0:ed:c3:be: + 3c:df:54:42:3c:5d:2d:48:f5:35:b1:e9:b5:2f:0b:53:f1:fa: + 30:56:da:7d:2e:46:7d:7e:27:59:e5:ab:19:7b:be:9c:77:df: + 5d:6d:94:d7:3d:3b:45:09:0d:4e:a6:3e:2d:6d:95:76:78:af: + 03:d9:62:5d:64:14:f6:9b:36:a1:e4:6c:07:07:7f:ae:31:e6: + 69:6b:56:e6:42:6b:f6:de:24:ae:12:6a:58:13:31:9c:1a:87: + 01:a5:57:57:1f:0a:9e:16:85:30:c9:95:46:d1:05:70:df:39: + 80:fb:75:b1:44:43:e3:ba:8e:ef:c0:4d:db:9d:53:6c:32:e0: + 69:c8:74:b3:24:51:db:f9:7b:fb:0e:bc:61:0e:f3:56:31:2e: + 29:51:ed:dc:93:14:13:d0:6b:ab:88:d4:ae:e7:41:c2:da:7b: + 73:ec:d1:b9:49:07:85:73:e3:75:ed:ea:e8:48:09:01:45:52: + 58:05:37:bf:f8:5e:74:61:5f:1e:b2:db:1f:49:62:d1:ab:8f: + e6:d4:3e:69:1d:da:0b:93:88:3e:1c:2e:f4:03:32:9e:75:df: + af:65:0d:1c:cf:fd:35:36:f7:a5:93:01:11:69:2a:7b:76:8a: + 52:bb:e3:e9:b0:dc:e8:5b:78:65:3d:e9:36:84:8f:03:b3:ed: + 43:88:1f:97:71:ce:c6:c1:9e:e2:5d:51:b5:1a:bd:c6:fe:f1: + e2:c3:6c:95:6d:08:06:5b:b1:13:4b:57:36:07:c4:81:ea:d8: + f7:e4:2a:27:ce:75:1d:fd:ca:e4:82:a3:d1:0b:75:a3:77:8e: + c0:2b:34:87:2b:84:17:8c:23:e0:6d:fb:18:01:06:56:4b:f5: + 39:bc:3e:59:3d:ed:68:17:c0:12:66:56:0e:34:64:95:b2:84: + 99:de:71:94:2a:ca:a6:70 +-----BEGIN CERTIFICATE----- +MIIFyjCCA7KgAwIBAgIDEABvMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAktH +MQswCQYDVQQIDAJOQTEQMA4GA1UEBwwHQklTSEtFSzEVMBMGA1UECgwMT3BlblZQ +Ti1URVNUMSEwHwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW4wIBcNMjIw +NDI3MTUwMTQxWhgPMjEyMjA0MDMxNTAxNDFaMGoxCzAJBgNVBAYTAktHMQswCQYD +VQQIDAJOQTEVMBMGA1UECgwMT3BlblZQTi1URVNUMRQwEgYDVQQDDAtUZXN0LVNl +cnZlcjEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0Lm15ZG9tYWluMIICIjANBgkq +hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsUzz2W45rNePeOk33a5z9NZ3hEI+KnZ2 +b3FqtEWp44QO7j0YIEed+9HKu9fN1eO4PRuewfUmckq7/k7sSQbA/yH0tVxy/Mc+ +J4YDZeLY91zHIxaCq+6BfURBoDQGFBkIekdpXraqb3QITxPKHbHYLjqnQezgPrRU +snwu3e71B5Lt8mRiL3rCjvBQLfYrHJ0d2yUEHrUNGMikth7MBaEQdOJMmDJEbJWU +GKBkDTJrhPklTQQNOXMjz7Baq8D/7MFr7fqbJtBF1Q51ctYvNib+LbxQ4KAU1DTg +EM+qakZ5fdww52zARD78IN3hBbKiL6oGdt0zRBmOXFRQ0CuoAwbsMRxIGzlRUg9E +sJDVKcC5ruJ0r+IIx7LlTnHwiDOXFpJpC0iMJXyOIHyKDzLmFZACM9YATx3Jfu9c +r1+0+cWLe8hHNE2FgPKpPOBT0LcVWWcOGxdtm+2oFOOQnW46g65vDMZYL+ZB8me1 +fIaXmFVZFKAK9F8uja7i2WipNLHDD0QEnoGlRYssgqls6ueo3SeLDgyMFDXIhgEe +aUOTy1fInUPZjiLe+CfkRBw7WEcQE1/KhYum7lonFxOecsWm0WDj7GnwL9DYJaGA +wwNrXTIhJjFIt87SMizpHjTrIeeOqSaG5qG6D0qKBetLAnpl5NM52hA65g5vIsqg +L7d7HmUFc9cCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl +blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFE5p2dTxjMfwfQJ5 +3QCrXAthQvXiMB8GA1UdIwQYMBaAFIgHGMH+LgkufeC5G4OpVN4JsRZ+MA0GCSqG +SIb3DQEBCwUAA4ICAQAQQMWmtE8Q4f/U/WhtsfQCfhgDmdL6ziS5EMPXGEjmnEyy +RTmovHsfZr8avNUi9rxh44dN1Mjc6u5frZWU4Bf/f9W2vadfK52kW2VYn4PGkW/Z +2Rsu6BnY1zXvB10bzYkrs9EMvUGZ/FT+RAOmJQY64/U+oZ7ea3yO3HEyqStIBrdy +8+Q4/YjAYkjTSIEwnqw/2cZAkpg5f+y7uI0loMDtw74831RCPF0tSPU1sem1LwtT +8fowVtp9LkZ9fidZ5asZe76cd99dbZTXPTtFCQ1Opj4tbZV2eK8D2WJdZBT2mzah +5GwHB3+uMeZpa1bmQmv23iSuEmpYEzGcGocBpVdXHwqeFoUwyZVG0QVw3zmA+3Wx +REPjuo7vwE3bnVNsMuBpyHSzJFHb+Xv7DrxhDvNWMS4pUe3ckxQT0GuriNSu50HC +2ntz7NG5SQeFc+N17eroSAkBRVJYBTe/+F50YV8estsfSWLRq4/m1D5pHdoLk4g+ +HC70AzKedd+vZQ0cz/01NvelkwERaSp7dopSu+PpsNzoW3hlPek2hI8Ds+1DiB+X +cc7GwZ7iXVG1Gr3G/vHiw2yVbQgGW7ETS1c2B8SB6tj35ConznUd/crkgqPRC3Wj +d47AKzSHK4QXjCPgbfsYAQZWS/U5vD5ZPe1oF8ASZlYONGSVsoSZ3nGUKsqmcA== +-----END CERTIFICATE----- diff --git a/tests/sys/net/if_ovpn/server.key b/tests/sys/net/if_ovpn/server.key new file mode 100644 index 000000000000..f35d6fcd4563 --- /dev/null +++ b/tests/sys/net/if_ovpn/server.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAsUzz2W45rNePeOk33a5z9NZ3hEI+KnZ2b3FqtEWp44QO7j0Y +IEed+9HKu9fN1eO4PRuewfUmckq7/k7sSQbA/yH0tVxy/Mc+J4YDZeLY91zHIxaC +q+6BfURBoDQGFBkIekdpXraqb3QITxPKHbHYLjqnQezgPrRUsnwu3e71B5Lt8mRi +L3rCjvBQLfYrHJ0d2yUEHrUNGMikth7MBaEQdOJMmDJEbJWUGKBkDTJrhPklTQQN +OXMjz7Baq8D/7MFr7fqbJtBF1Q51ctYvNib+LbxQ4KAU1DTgEM+qakZ5fdww52zA +RD78IN3hBbKiL6oGdt0zRBmOXFRQ0CuoAwbsMRxIGzlRUg9EsJDVKcC5ruJ0r+II +x7LlTnHwiDOXFpJpC0iMJXyOIHyKDzLmFZACM9YATx3Jfu9cr1+0+cWLe8hHNE2F +gPKpPOBT0LcVWWcOGxdtm+2oFOOQnW46g65vDMZYL+ZB8me1fIaXmFVZFKAK9F8u +ja7i2WipNLHDD0QEnoGlRYssgqls6ueo3SeLDgyMFDXIhgEeaUOTy1fInUPZjiLe ++CfkRBw7WEcQE1/KhYum7lonFxOecsWm0WDj7GnwL9DYJaGAwwNrXTIhJjFIt87S +MizpHjTrIeeOqSaG5qG6D0qKBetLAnpl5NM52hA65g5vIsqgL7d7HmUFc9cCAwEA +AQKCAgB3Me/B3juB+o0m0UtQikbEdCZ3UP1wGKH4u/vrY+YZ4Z8UBRiiIuOP9vNf +o25q/CPRWS863+/P6HRIPJDXa2X2X8Ke5p8bV2tusMa6CW6ppcLu0ORaaAa/y1J/ +PFpVypqLclThatZcBVrMptY7bmOSeLYXOQNsxFkogRoU89/hDqNPULM9jj8cT2zn +6VYEb5Ax0snZRwid/83T7hJlOmnQ2o55x1l+0nR0tedtg9cK12B/TVkCpWiO6NWc +IC0t4r8Hh3Ik/uHjoUvOPzYQJti8sJyC1rwKCd4VDzdXKTfmKFDsVI1RlDJ2ehQc +e4JTnu+nm4AqqS+u3LRTrvXNyyqfnkIeW4M4OQLkWf9t2JMI8S4wzeqRuwPR2l64 +8iwILZk1ppdXnwfMco8/OPjNOWX446863mXI1vdtWlXPGximQ47BKcJCdvNvZwEl +BWKK0arr/xDMykwPImxCW6hxCo9Ba7KhzKuoQM3byF+EhmlG3wx+8xKAZAmOfVo/ +YOTexuotj+JRU3LAZsOBU2L/mvFYFPPwG7JldVn7tyt+Lh1wRqsr0t+oEomImfDz +c7csQWV+HJXUpsFhwxUU2foUJlVx5n/60tZs/TLQojXepK8w+vLwmzzMW/Q5MWcI +DWk8VkOOCgAP/ID17/eVIfoaGbMGRtsSKFJUgiSu55u8ptloSQKCAQEA5gYOK43j +nHAz/GHDr5rHp6Rn3fPuLR6WpKDNO0suQa/y3hUzGJH4LfywhXApCkGW973NnCgn +HZI/Sh0kxZ2MtxaEW0We9woypTFDBvH+0ItVFJK/ZzYRD/lT+X5Wrx5nJAq95KCP +hRjdbk/BACczA64vvmUCNzpFhupAWvomQcS8vLuV2VrJnriX/zYXgXcHL8yB8RfC +d+2rSjZxOJ2PwUKBwsePNqgaSrS7zgcI3dfQkE77MSR3eN8NmOaJY7nCmhvBldAH +cflzP0+DDOrpZmGjot/y9fso3IDuiVtB92BdBHJuFwwhQNIZXaPSv6UAoITvKF6Q +nsUrqxxL6am2cwKCAQEAxVKuvF+4ipOQpk0zvLyy5m2zytFgLMrv5PfPvh99pntt +odltCLx2DzWJEaSsVXv9iaRyy+9/SnoSjNDIbTT1Pg1Wp7Aq0J5/Xyl6s9GQzDNK +DuOxrcVeSSOBKp/r7T+xQUq8HD7C2k1jN6kqcHDgO1mW/W5sblVIW+BEWOX5xeQ2 +5BwJteXN7VtNZn8/PMDqMqqc6MXiONd9AFvxosIgYDaR23F4pwninvjjQEgW+q2G +hvwpZxClkDDpx3n1En87XYdLt8p89I9fH22DIC/Un4LYqR3+5ppx3T0zzRofntmh +JKrIudcFpWcSdi27G5NolPQQ2fb0No0lCbwMZAAQDQKCAQEAleFWNF0E9XdK+GV/ +i5nQBFUk9MOv6yhmQikg8UTAhD6wgrLPk2/xhY2EO75kj3FDfHPpWJn1OtiDcrhg +sH9DJD2AyrQnq5Kyg18A7LKcNajELF6eZxMctQriA8ylkP+/dwWkzCcuvSwBhJJl +EMN6AyjppSbN9cx7ZziV7HHYobweut+D+Zeljk17hOjrEgnL3gJknQK9TUXI+ddV +mO1ZsTSztoYvtA5+6zSutsVwqpSoKo+8Lz4ytsioZHu7BAcTXTU+w25Em6hNxu/5 +VV5v7K0sYcGI32zjKCK+yzNyXU0l7vLc9xmJRWJg8tn/Ra6vJOjZqLVNiJazKJCM +illyLwKCAQBn4wgsFRlLnDVj2PGMRKzLtKYb+e/wpUd3/SBasKmupP0rYRWOq+pc +R4tKxrAUsZrihLoLtKQHyg1KJgHfvSoA6XTeBFoGS+wzZds8IPFjEP3EqQw6uNbT +GuY+UsQbvJTOE1LGbCSaWnQKMf4uBL+Jf7mG5EQiMrRN6t0REMNX9LcRkdFq+vpY +JOGzPPtGOSsUUc8anlRkKM+fCMlHL31sKk7QggVLrGCr4c2DYnD2ubVCDDCgGpuQ +NrBeXU8x1dqjez/aG7l96J3kJfwLTiNbd8AqCajSMC4SlM5ZBY/wShQVAfV8IkDO +vF1z6s+/zPQauATHPMWGkvkVDvRXEdFhAoIBAFcbdqOHQq7OTEfgOQZsu5j2GPh2 +xmxHwggE5UZtaRRixOI1ThopGCBlXJoj6NvyXcG9ALdU48hWK7iGLLjL7KDV7l4Y +OOC/bEUsOOiQt0zkL9KFEICJJN6cB9DWWXbpN9VKUO9qoZ6ms/NPM+Re60LDD+Pe +eW7G68LBS24+z532LgpzJ/y5vldVSM0YjSEioD8o3Ns4T8sB42J2r3AtKjMhz0NA +fwBFnVTZLXQgO9S6aHQepwAfkTNe7YY4lSJsY7b1urWRww16PQLbhwgO7tS566fM +iHlPeEBnR8FiXjcFrIQCb6/h2DCJdjVZwNT0g6ng23JIPnLAT1KMnpOBv0E= +-----END RSA PRIVATE KEY----- diff --git a/tests/sys/net/if_ovpn/user.pass b/tests/sys/net/if_ovpn/user.pass new file mode 100644 index 000000000000..59d468ee39af --- /dev/null +++ b/tests/sys/net/if_ovpn/user.pass @@ -0,0 +1,2 @@ +username +password diff --git a/tests/sys/net/if_ovpn/utils.subr b/tests/sys/net/if_ovpn/utils.subr new file mode 100644 index 000000000000..15c8aae5b0c2 --- /dev/null +++ b/tests/sys/net/if_ovpn/utils.subr @@ -0,0 +1,73 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2022 Rubicon Communications, LLC ("Netgate") +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +. $(atf_get_srcdir)/../../common/vnet.subr + +ovpn_init() +{ + vnet_init + + if ! kldstat -q -m if_ovpn; then + atf_skip "This test requires if_ovpn" + fi + + has_dco=$(openvpn --version 2>&1 | grep '\[DCO\]') + if [ -z "$has_dco" ]; then + atf_skip "openvpn binary does not support DCO" + fi +} + +ovpn_cleanup() +{ + for jail in `cat ovpn_jails.lst | sort -u` + do + cat ovpn_${jail}.log| sed s/^/\[${jail}\]\ / + done + + vnet_cleanup +} + +ovpn_start() +{ + jail=$1 + cfg=$2 + + echo ${jail} >> ovpn_jails.lst + + dir=$(pwd) + + echo "Start" >> ovpn_${jail}.log + echo "=====" >> ovpn_${jail}.log + + echo "$cfg" > ovpn_${jail}.ovpn + + echo "Jail $jail:" + echo "===========" + cat ovpn_${jail}.ovpn + + jexec $jail sh -c "cd ${dir} && + openvpn --config ovpn_${jail}.ovpn >> ovpn_${jail}.log &" +}