a61939c005
This is a significant commit that alters how the test suite interacts with the fwknop client and server by looking for indications that SPA packets are actually received. This is done by first waiting for 'main event loop' in fwknopd log output to ensure that fwknopd is ready to receive packets, sending the SPA packet(s), and then watching for for 'SPA Packet from IP' in fwknopd output. This is an improvement over the previous strategy that was only based on timeout values since it works identically regardless of whether fwknop is being run under valgrind or when the test suite is run on an embedded system with very limited resources. Another check is run for fwknopd receiving the SIGTERM signal to shutdown via 'fwknopd -K', and that failing, the test suite manually kills the process (though this should be rarely needed). The above strategy is the result of discussions with George Herlin who proposed the verification-based approach to test suite operations. Other things this commit changes is the ability to detect whether OpenSSL supports the 'hexkey:<key>' style specification for HMAC keys (an older version of FreeBSD doesn't support this) and falls back to the '-hmac <key>' method if not.
This directory contains the fwknop test suite. After compiling the fwknop sources in the parent directory of test/ the test suite can be executed. One of the most comprehensive ways of executing the test suite is as follows: # ./run-test-suite.sh --enable-all This mode enables IP resolution tests, so you will need Internet access in this case. If this is not possible or desirable, then another comprehensive testing mode can be achieved with: # ./run-test-suite.sh --enable-recompile --enable-perl-module-checks --enable-distcheck Additional detail on the test suite (including --diff and --enable-valgrind modes) may be found in the fwknop tutorial available here: http://www.cipherdyne.org/fwknop/docs/fwknop-tutorial.html#3.5