Hello community,
here is the log from the commit of package ocserv for openSUSE:Factory checked in at 2019-04-26 22:54:40
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ocserv (Old)
and /work/SRC/openSUSE:Factory/.ocserv.new.5536 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ocserv"
Fri Apr 26 22:54:40 2019 rev:10 rq:697985 version:0.12.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/ocserv/ocserv.changes 2019-01-25 22:45:38.191060617 +0100
+++ /work/SRC/openSUSE:Factory/.ocserv.new.5536/ocserv.changes 2019-04-26 22:54:41.921305525 +0200
@@ -1,0 +2,11 @@
+Tue Apr 23 09:08:03 UTC 2019 - Michael Du
+
+- Update to version 0.12.3:
+ * Fixed crash when no DTLS ciphersuite is negotiated.
+ * Fixed crash happening arbitrarily depending on handled string
+ sizes (#197).
+ * Fixed compatibility issue with GnuTLS 3.3.x (#201).
+ * occtl: print the TLS session information, even if the DTLS
+ channel is not established.
+
+-------------------------------------------------------------------
Old:
----
ocserv-0.12.2.tar.xz
New:
----
ocserv-0.12.3.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ocserv.spec ++++++
--- /var/tmp/diff_new_pack.ZgqHTY/_old 2019-04-26 22:54:42.469305173 +0200
+++ /var/tmp/diff_new_pack.ZgqHTY/_new 2019-04-26 22:54:42.473305170 +0200
@@ -17,7 +17,7 @@
Name: ocserv
-Version: 0.12.2
+Version: 0.12.3
Release: 0
Summary: OpenConnect VPN Server
License: GPL-2.0-only
++++++ ocserv-0.12.2.tar.xz -> ocserv-0.12.3.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/ChangeLog new/ocserv-0.12.3/ChangeLog
--- old/ocserv-0.12.2/ChangeLog 2019-01-10 20:02:17.000000000 +0100
+++ new/ocserv-0.12.3/ChangeLog 2019-03-12 21:16:19.000000000 +0100
@@ -1,3 +1,129 @@
+2019-03-12 Nikos Mavrogiannopoulos
+
+ * NEWS: NEWS: doc update Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-03-12 Nikos Mavrogiannopoulos
+
+ * NEWS, configure.ac: released 0.12.3 Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-03-12 Nikos Mavrogiannopoulos
+
+ * : commit 6cac2252033081de8ab3a8e078d0bc115e740080 Author: Nikos
+ Mavrogiannopoulos Date: Tue Mar 12 15:32:21 2019
+ +0100
+
+2019-03-12 Nikos Mavrogiannopoulos
+
+ * src/worker-http.c: worker: workarounds string is made applicable
+ for gnutls 3.3 The %NO_SESSION_HASH priority string does not work with gnutls 3.3.
+ This fix does not include it into the priority string. Resolves: #201 Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-02-22 Nikos Mavrogiannopoulos
+
+ * NEWS: doc update Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-02-22 Nikos Mavrogiannopoulos
+
+ * NEWS: doc update Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-02-22 Nikos Mavrogiannopoulos
+
+ * : commit d3cb2e8f53eb36ae007c6dd5cfa6a8455d741b5e Author: Frank
+ Huang Date: Sun Feb 17 08:12:42 2019 +0000
+
+2019-01-31 Nikos Mavrogiannopoulos
+
+ * src/main.c: main: removed unused code Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-01-30 Nikos Mavrogiannopoulos
+
+ * : commit 383c25e239a482b212699b9ccab72f94c9f84d5b Author: Nikos
+ Mavrogiannopoulos Date: Wed Jan 30 19:23:05 2019
+ +0100
+
+2019-01-30 Nikos Mavrogiannopoulos
+
+ * README.md: README.md: updated URIs for new gitlab group Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-01-30 Nikos Mavrogiannopoulos
+
+ * : commit 385af4e8312118fef44299c6846a1b305e370fe6 Author: Nikos
+ Mavrogiannopoulos Date: Sun Jan 20 06:44:29 2019
+ +0100
+
+2019-01-20 Nikos Mavrogiannopoulos
+
+ * .gitlab-ci.yml, tests/common.sh,
+ tests/data/multiple-routes.config, tests/data/test-ban.config,
+ tests/data/test-cert-opt-pass.config,
+ tests/data/test-ciphers.config,
+ tests/data/test-compression-lz4.config,
+ tests/data/test-compression-lzs.config,
+ tests/data/test-cookie-invalidation.config,
+ tests/data/test-cookie-timeout-2.config,
+ tests/data/test-cookie-timeout.config,
+ tests/data/test-ed25519.config, tests/data/test-enc-key.config,
+ tests/data/test-enc-key2.config,
+ tests/data/test-explicit-ip.config,
+ tests/data/test-group-cert.config,
+ tests/data/test-group-pass.config,
+ tests/data/test-gssapi-local-map.config,
+ tests/data/test-gssapi-opt-cert.config,
+ tests/data/test-gssapi-opt-pass.config,
+ tests/data/test-gssapi.config, tests/data/test-haproxy-auth.config,
+ tests/data/test-haproxy-connect.config,
+ tests/data/test-iroute.config, tests/data/test-multi-cookie.config,
+ tests/data/test-otp-cert.config, tests/data/test-otp.config,
+ tests/data/test-pam-noauth.config, tests/data/test-pam.config,
+ tests/data/test-pass-opt-cert.config,
+ tests/data/test-pass-script.config, tests/data/test-rsa-pss.config,
+ tests/data/test-san-cert.config,
+ tests/data/test-sighup-key-change.config,
+ tests/data/test-sighup.config, tests/data/test-stress.config,
+ tests/data/test-traffic.config, tests/data/test-user-cert.config,
+ tests/data/test-user-config.config,
+ tests/data/test-user-group-cert-no-pass.config,
+ tests/data/test-user-group-cert.config,
+ tests/data/test-vhost-pass-cert.config, tests/data/test1.config,
+ tests/data/test3.config, tests/test-pass-cert: tests: consistently
+ disable isolate-workers in tests That is to prevent coverage reporting in tests. Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-01-19 Nikos Mavrogiannopoulos
+
+ * : commit 8ba3987f4ca01d2590181fb33c161a0cc04b9d54 Author: Nikos
+ Mavrogiannopoulos Date: Sat Jan 19 20:09:50 2019
+ +0100
+
+2019-01-19 Nikos Mavrogiannopoulos
+
+ * : commit e0f847b98478299da140b41fd2309afea387d240 Author: Nikos
+ Mavrogiannopoulos Date: Sat Jan 19 17:03:52 2019
+ +0100
+
+2019-01-19 Nikos Mavrogiannopoulos
+
+ * src/worker-http.c: worker: allow negotiating AC-DTLS12 with
+ openconnect This doesn't have the anyconnect client bug with parsing the server
+ hello. Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-01-19 Nikos Mavrogiannopoulos
+
+ * tests/Makefile.am, tests/ac-aes128-gcm-cipher,
+ tests/ac-aes256-gcm-cipher, tests/cipher-common.sh,
+ tests/{aes128-gcm-cipher => oc-aes128-gcm-cipher},
+ tests/{aes256-gcm-cipher => oc-aes256-gcm-cipher}: tests: added
+ tests for anyconnect's DTLS1.2 support Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-01-19 Nikos Mavrogiannopoulos
+
+ * tests/test-cookie-timeout: test-cookie-timeout: updated for new
+ openconnect kill semantics Signed-off-by: Nikos Mavrogiannopoulos
+
+2019-01-19 Nikos Mavrogiannopoulos
+
+ * tests/test-cookie-timeout: test-cookie-timeout: updated for new
+ openconnect kill semantics Signed-off-by: Nikos Mavrogiannopoulos
+
2019-01-10 Nikos Mavrogiannopoulos
* NEWS: corrected typo Signed-off-by: Nikos Mavrogiannopoulos
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/NEWS new/ocserv-0.12.3/NEWS
--- old/ocserv-0.12.2/NEWS 2019-01-10 20:01:52.000000000 +0100
+++ new/ocserv-0.12.3/NEWS 2019-03-12 21:15:44.000000000 +0100
@@ -1,3 +1,12 @@
+* Version 0.12.3 (released 2019-03-12)
+- Fixed crash when no DTLS ciphersuite is negotiated.
+- Fixed crash happening arbitrarily depending on handled string
+ sizes (#197).
+- Fixed compatibility issue with GnuTLS 3.3.x (#201).
+- occtl: print the TLS session information, even if the DTLS channel
+ is not established.
+
+
* Version 0.12.2 (released 2019-01-10)
- Added support for AES256-SHA legacy cipher. This allows the anyconnect
clients to use AES256.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/README.md new/ocserv-0.12.3/README.md
--- old/ocserv-0.12.2/README.md 2019-01-06 20:10:58.000000000 +0100
+++ new/ocserv-0.12.3/README.md 2019-01-31 07:57:22.000000000 +0100
@@ -1,5 +1,5 @@
-[![Build status](https://gitlab.com/ocserv/ocserv/badges/master/build.svg)](https://gitlab.com/ocserv/ocserv/commits/master)
-[![coverage report](https://gitlab.com/ocserv/ocserv/badges/master/coverage.svg)](https://ocserv.gitlab.io/ocserv/coverage/)
+[![Build status](https://gitlab.com/openconnect/ocserv/badges/master/build.svg)](https://gitlab.com/openconnect/ocserv/commits/master)
+[![coverage report](https://gitlab.com/openconnect/ocserv/badges/master/coverage.svg)](https://openconnect.gitlab.io/ocserv/coverage/)
# About
@@ -130,7 +130,7 @@
We utilize the gitlab-ci continuous integration system. It is used to test
most of the Linux systems (see .gitlab-ci.yml),and is split in two phases,
build image creation and compilation/test. The build image creation is done
-at the ocserv/build-images subproject and uploads the image at the gitlab.com
+at the openconnect/build-images subproject and uploads the image at the gitlab.com
container registry. The compilation/test phase is on every commit to project.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/configure new/ocserv-0.12.3/configure
--- old/ocserv-0.12.2/configure 2019-01-06 19:05:17.000000000 +0100
+++ new/ocserv-0.12.3/configure 2019-03-12 21:14:37.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for ocserv 0.12.2.
+# Generated by GNU Autoconf 2.69 for ocserv 0.12.3.
#
# Report bugs to .
#
@@ -580,8 +580,8 @@
# Identity of this package.
PACKAGE_NAME='ocserv'
PACKAGE_TARNAME='ocserv'
-PACKAGE_VERSION='0.12.2'
-PACKAGE_STRING='ocserv 0.12.2'
+PACKAGE_VERSION='0.12.3'
+PACKAGE_STRING='ocserv 0.12.3'
PACKAGE_BUGREPORT='openconnect-devel@lists.infradead.org'
PACKAGE_URL=''
@@ -2023,7 +2023,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures ocserv 0.12.2 to adapt to many kinds of systems.
+\`configure' configures ocserv 0.12.3 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -2094,7 +2094,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of ocserv 0.12.2:";;
+ short | recursive ) echo "Configuration of ocserv 0.12.3:";;
esac
cat <<\_ACEOF
@@ -2303,7 +2303,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-ocserv configure 0.12.2
+ocserv configure 0.12.3
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -3012,7 +3012,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by ocserv $as_me 0.12.2, which was
+It was created by ocserv $as_me 0.12.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -4015,7 +4015,7 @@
# Define the identity of the package.
PACKAGE='ocserv'
- VERSION='0.12.2'
+ VERSION='0.12.3'
cat >>confdefs.h <<_ACEOF
@@ -23619,7 +23619,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ocserv $as_me 0.12.2, which was
+This file was extended by ocserv $as_me 0.12.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -23685,7 +23685,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ocserv config.status 0.12.2
+ocserv config.status 0.12.3
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/configure.ac new/ocserv-0.12.3/configure.ac
--- old/ocserv-0.12.2/configure.ac 2018-11-18 19:39:43.000000000 +0100
+++ new/ocserv-0.12.3/configure.ac 2019-03-12 21:14:21.000000000 +0100
@@ -1,5 +1,5 @@
AC_PREREQ(2.61)
-AC_INIT([ocserv], [0.12.2], [openconnect-devel@lists.infradead.org])
+AC_INIT([ocserv], [0.12.3], [openconnect-devel@lists.infradead.org])
PKG_PROG_PKG_CONFIG
AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_MACRO_DIR([m4])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/src/main.c new/ocserv-0.12.3/src/main.c
--- old/ocserv-0.12.2/src/main.c 2018-11-18 19:39:43.000000000 +0100
+++ new/ocserv-0.12.3/src/main.c 2019-01-31 07:57:37.000000000 +0100
@@ -566,29 +566,6 @@
mslog(s, NULL, LOG_ERR, "cannot enforce NPROC limit: %s\n",
strerror(e));
}
-
-#if 0
- rl.rlim_cur = 0;
- rl.rlim_max = 0;
- ret = setrlimit(RLIMIT_FSIZE, &rl);
- if (ret < 0) {
- e = errno;
- mslog(s, NULL, LOG_ERR, "cannot enforce FSIZE limit: %s\n",
- strerror(e));
- }
-
-#define MAX_WORKER_MEM (16*1024*1024)
- if (GETPCONFIG(s)->debug == 0) {
- rl.rlim_cur = MAX_WORKER_MEM;
- rl.rlim_max = MAX_WORKER_MEM;
- ret = setrlimit(RLIMIT_AS, &rl);
- if (ret < 0) {
- e = errno;
- mslog(s, NULL, LOG_ERR, "cannot enforce AS limit: %s\n",
- strerror(e));
- }
- }
-#endif
}
/* clears the server listen_list and proc_list. To be used after fork().
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/src/str.c new/ocserv-0.12.3/src/str.c
--- old/ocserv-0.12.2/src/str.c 2018-04-14 21:30:37.000000000 +0200
+++ new/ocserv-0.12.3/src/str.c 2019-03-12 21:13:35.000000000 +0100
@@ -103,9 +103,9 @@
*/
int str_append_data(str_st * dest, const void *data, size_t data_size)
{
-int ret;
+ int ret;
- ret = str_append_size(dest, data_size);
+ ret = str_append_size(dest, data_size+1);
if (ret < 0)
return ret;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/src/version.inc new/ocserv-0.12.3/src/version.inc
--- old/ocserv-0.12.2/src/version.inc 2019-01-10 19:54:30.000000000 +0100
+++ new/ocserv-0.12.3/src/version.inc 2019-03-12 21:14:48.000000000 +0100
@@ -1 +1 @@
-version = "0.12.2";
+version = "0.12.3";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/src/worker-http.c new/ocserv-0.12.3/src/worker-http.c
--- old/ocserv-0.12.2/src/worker-http.c 2019-01-10 19:47:15.000000000 +0100
+++ new/ocserv-0.12.3/src/worker-http.c 2019-03-12 21:13:35.000000000 +0100
@@ -84,7 +84,11 @@
* extension to avoid interop issues. Furthermore gnutls does seem to
* be sending the renegotiation extension which openssl doesn't like (see #193) */
-#define WORKAROUND_STR "%NO_SESSION_HASH:%DISABLE_SAFE_RENEGOTIATION"
+#if GNUTLS_VERSION_NUMBER >= 0x030400
+# define WORKAROUND_STR "%NO_SESSION_HASH:%DISABLE_SAFE_RENEGOTIATION"
+#else
+# define WORKAROUND_STR "%DISABLE_SAFE_RENEGOTIATION"
+#endif
/* Consider switching to gperf when this table grows significantly.
* These tables are used for the custom DTLS cipher negotiation via
@@ -432,7 +436,6 @@
req->selected_ciphersuite = cand;
break;
-
case HEADER_DTLS12_CIPHERSUITE:
if (req->use_psk || !WSCONFIG(ws)->dtls_legacy)
break;
@@ -441,8 +444,9 @@
* anyconnect's openssl fail: https://gitlab.com/gnutls/gnutls/merge_requests/868
*/
#ifdef gnutls_check_version_numeric
- if (!gnutls_check_version_numeric(3,6,6) &&
- (!gnutls_check_version_numeric(3,3,0) || gnutls_check_version_numeric(3,6,0))) {
+ if (req->user_agent_type != AGENT_OPENCONNECT &&
+ (!gnutls_check_version_numeric(3,6,6) &&
+ (!gnutls_check_version_numeric(3,3,0) || gnutls_check_version_numeric(3,6,0)))) {
break;
}
#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/src/worker-vpn.c new/ocserv-0.12.3/src/worker-vpn.c
--- old/ocserv-0.12.2/src/worker-vpn.c 2019-01-10 19:08:32.000000000 +0100
+++ new/ocserv-0.12.3/src/worker-vpn.c 2019-01-20 06:01:59.000000000 +0100
@@ -226,18 +226,18 @@
gnutls_psk_set_server_credentials_function(WSCREDS(ws)->pskcred, get_psk_key);
- if (ws->session && WSCONFIG(ws)->match_dtls_and_tls) {
+ if (!ws->session) {
+ oclog(ws, LOG_ERR, "cannot setup PSK keys without an encrypted CSTP channel");
+ return -1;
+ }
+
+ if (WSCONFIG(ws)->match_dtls_and_tls) {
cipher = gnutls_cipher_get(ws->session);
mac = gnutls_mac_get(ws->session);
snprintf(prio_string, sizeof(prio_string), "%s:"VERS_STRING":-CIPHER-ALL:-MAC-ALL:-KX-ALL:+PSK:+VERS-DTLS-ALL:+%s:+%s",
WSCONFIG(ws)->priorities, gnutls_mac_get_name(mac), gnutls_cipher_get_name(cipher));
} else {
- if (WSCONFIG(ws)->match_dtls_and_tls) {
- oclog(ws, LOG_ERR, "cannot determine ciphersuite from CSTP channel (unset match-tls-dtls-ciphers)");
- return -1;
- }
-
/* if we haven't an associated session, enable all ciphers we would have enabled
* otherwise for TLS. */
snprintf(prio_string, sizeof(prio_string), "%s:"VERS_STRING":-KX-ALL:+PSK:+VERS-DTLS-ALL",
@@ -801,6 +801,8 @@
oclog(ws, LOG_DEBUG, "Accepted unix connection");
}
+ ws->session = session;
+
session_info_send(ws);
memset(&settings, 0, sizeof(settings));
@@ -823,7 +825,6 @@
oclog(ws, LOG_DEBUG, "proxy-hdr: peer is %s\n", ws->remote_ip_str);
}
- ws->session = session;
ws->parser = &parser;
restart:
@@ -1751,7 +1752,7 @@
gnutls_cipher_get(ws->session),
gnutls_mac_get(ws->session));
}
- } else {
+ } else if (ws->req.selected_ciphersuite) {
ws->dtls_crypto_overhead =
tls_get_overhead(ws->req.
selected_ciphersuite->gnutls_version,
@@ -2199,7 +2200,7 @@
oclog(ws, LOG_INFO, "DTLS ciphersuite: "DTLS_PROTO_INDICATOR);
ret =
cstp_printf(ws, "X-DTLS-CipherSuite: "DTLS_PROTO_INDICATOR"\r\n");
- } else {
+ } else if (ws->req.selected_ciphersuite) {
ret =
cstp_printf(ws, "X-DTLS-Session-ID: %s\r\n",
ws->buffer);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/Makefile.am new/ocserv-0.12.3/tests/Makefile.am
--- old/ocserv-0.12.2/tests/Makefile.am 2019-01-06 20:07:53.000000000 +0100
+++ new/ocserv-0.12.3/tests/Makefile.am 2019-01-20 06:42:02.000000000 +0100
@@ -58,8 +58,9 @@
#other tests requiring nuttcp for traffic
if ENABLE_NUTTCP_TESTS
dist_check_SCRIPTS += traffic lz4-compression lzs-compression \
- aes256-cipher aes128-cipher aes256-gcm-cipher aes128-gcm-cipher \
- test-config-per-group
+ aes256-cipher aes128-cipher oc-aes256-gcm-cipher oc-aes128-gcm-cipher \
+ test-config-per-group ac-aes128-gcm-cipher ac-aes256-gcm-cipher \
+ no-dtls-cipher
endif
endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/Makefile.in new/ocserv-0.12.3/tests/Makefile.in
--- old/ocserv-0.12.2/tests/Makefile.in 2019-01-10 19:47:40.000000000 +0100
+++ new/ocserv-0.12.3/tests/Makefile.in 2019-03-12 21:14:38.000000000 +0100
@@ -107,8 +107,9 @@
#other tests requiring nuttcp for traffic
@ENABLE_NUTTCP_TESTS_TRUE@@ENABLE_ROOT_TESTS_TRUE@am__append_7 = traffic lz4-compression lzs-compression \
-@ENABLE_NUTTCP_TESTS_TRUE@@ENABLE_ROOT_TESTS_TRUE@ aes256-cipher aes128-cipher aes256-gcm-cipher aes128-gcm-cipher \
-@ENABLE_NUTTCP_TESTS_TRUE@@ENABLE_ROOT_TESTS_TRUE@ test-config-per-group
+@ENABLE_NUTTCP_TESTS_TRUE@@ENABLE_ROOT_TESTS_TRUE@ aes256-cipher aes128-cipher oc-aes256-gcm-cipher oc-aes128-gcm-cipher \
+@ENABLE_NUTTCP_TESTS_TRUE@@ENABLE_ROOT_TESTS_TRUE@ test-config-per-group ac-aes128-gcm-cipher ac-aes256-gcm-cipher \
+@ENABLE_NUTTCP_TESTS_TRUE@@ENABLE_ROOT_TESTS_TRUE@ no-dtls-cipher
@HAVE_CWRAP_ALL_TRUE@@HAVE_CWRAP_TRUE@am__append_8 = test-vhost
@HAVE_CWRAP_TRUE@am__append_9 = test-pass test-pass-cert test-cert test-group-pass \
@@ -233,14 +234,15 @@
test-cookie-invalidation test-user-config test-append-routes \
test-ban multiple-routes haproxy-connect traffic \
lz4-compression lzs-compression aes256-cipher aes128-cipher \
- aes256-gcm-cipher aes128-gcm-cipher test-config-per-group \
- test-vhost test-pass test-pass-cert test-cert test-group-pass \
- test-pass-group-cert test-pass-group-cert-no-pass test-sighup \
- test-enc-key test-sighup-key-change test-get-cert \
- test-san-cert test-gssapi test-pass-opt-cert \
- test-cert-opt-pass test-gssapi-opt-pass test-gssapi-opt-cert \
- haproxy-auth test-maintenance test-pam test-pam-noauth \
- test-otp-cert test-otp
+ oc-aes256-gcm-cipher oc-aes128-gcm-cipher \
+ test-config-per-group ac-aes128-gcm-cipher \
+ ac-aes256-gcm-cipher no-dtls-cipher test-vhost test-pass \
+ test-pass-cert test-cert test-group-pass test-pass-group-cert \
+ test-pass-group-cert-no-pass test-sighup test-enc-key \
+ test-sighup-key-change test-get-cert test-san-cert test-gssapi \
+ test-pass-opt-cert test-cert-opt-pass test-gssapi-opt-pass \
+ test-gssapi-opt-cert haproxy-auth test-maintenance test-pam \
+ test-pam-noauth test-otp-cert test-otp
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
am__v_P_0 = false
@@ -1981,16 +1983,16 @@
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
-aes256-gcm-cipher.log: aes256-gcm-cipher
- @p='aes256-gcm-cipher'; \
- b='aes256-gcm-cipher'; \
+oc-aes256-gcm-cipher.log: oc-aes256-gcm-cipher
+ @p='oc-aes256-gcm-cipher'; \
+ b='oc-aes256-gcm-cipher'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
-aes128-gcm-cipher.log: aes128-gcm-cipher
- @p='aes128-gcm-cipher'; \
- b='aes128-gcm-cipher'; \
+oc-aes128-gcm-cipher.log: oc-aes128-gcm-cipher
+ @p='oc-aes128-gcm-cipher'; \
+ b='oc-aes128-gcm-cipher'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
@@ -2001,6 +2003,27 @@
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
+ "$$tst" $(AM_TESTS_FD_REDIRECT)
+ac-aes128-gcm-cipher.log: ac-aes128-gcm-cipher
+ @p='ac-aes128-gcm-cipher'; \
+ b='ac-aes128-gcm-cipher'; \
+ $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
+ --log-file $$b.log --trs-file $$b.trs \
+ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
+ "$$tst" $(AM_TESTS_FD_REDIRECT)
+ac-aes256-gcm-cipher.log: ac-aes256-gcm-cipher
+ @p='ac-aes256-gcm-cipher'; \
+ b='ac-aes256-gcm-cipher'; \
+ $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
+ --log-file $$b.log --trs-file $$b.trs \
+ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
+ "$$tst" $(AM_TESTS_FD_REDIRECT)
+no-dtls-cipher.log: no-dtls-cipher
+ @p='no-dtls-cipher'; \
+ b='no-dtls-cipher'; \
+ $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
+ --log-file $$b.log --trs-file $$b.trs \
+ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test-vhost.log: test-vhost
@p='test-vhost'; \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/ac-aes128-gcm-cipher new/ocserv-0.12.3/tests/ac-aes128-gcm-cipher
--- old/ocserv-0.12.2/tests/ac-aes128-gcm-cipher 1970-01-01 01:00:00.000000000 +0100
+++ new/ocserv-0.12.3/tests/ac-aes128-gcm-cipher 2019-01-19 19:47:50.000000000 +0100
@@ -0,0 +1,31 @@
+#!/bin/bash
+#
+# Copyright (C) 2019 Nikos Mavrogiannopoulos
+#
+# This file is part of ocserv.
+#
+# ocserv is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# ocserv is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http://www.gnu.org/licenses/.
+#
+
+# This tests support for anyconnect's DTLS1.2 support
+
+PKG_CONFIG="${PKG_CONFIG:-/usr/bin/pkg-config}"
+CIPHER12_NAME="AES128-GCM-SHA256"
+GNUTLS_NAME="(DTLS1.2)-(RSA)-(AES-128-GCM)"
+
+${PKG_CONFIG} --atleast-version=8.02 openconnect
+test $? != 0 && exit 77
+
+. cipher-common.sh
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/ac-aes256-gcm-cipher new/ocserv-0.12.3/tests/ac-aes256-gcm-cipher
--- old/ocserv-0.12.2/tests/ac-aes256-gcm-cipher 1970-01-01 01:00:00.000000000 +0100
+++ new/ocserv-0.12.3/tests/ac-aes256-gcm-cipher 2019-01-19 19:47:50.000000000 +0100
@@ -0,0 +1,33 @@
+#!/bin/bash
+#
+# Copyright (C) 2019 Nikos Mavrogiannopoulos
+#
+# This file is part of ocserv.
+#
+# ocserv is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# ocserv is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http://www.gnu.org/licenses/.
+#
+
+# This tests support for anyconnect's DTLS1.2 support
+
+PKG_CONFIG="${PKG_CONFIG:-/usr/bin/pkg-config}"
+CIPHER12_NAME="AES256-GCM-SHA384"
+GNUTLS_NAME="(DTLS1.2)-(RSA)-(AES-256-GCM)"
+
+# There is a bug preventing AES256-GCM-SHA384 to work in openconnect
+# 8.02.
+${PKG_CONFIG} --atleast-version=8.03 openconnect
+test $? != 0 && exit 77
+
+. cipher-common.sh
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/aes128-gcm-cipher new/ocserv-0.12.3/tests/aes128-gcm-cipher
--- old/ocserv-0.12.2/tests/aes128-gcm-cipher 2018-11-18 19:39:43.000000000 +0100
+++ new/ocserv-0.12.3/tests/aes128-gcm-cipher 1970-01-01 01:00:00.000000000 +0100
@@ -1,27 +0,0 @@
-#!/bin/bash
-#
-# Copyright (C) 2018 Nikos Mavrogiannopoulos
-#
-# This file is part of ocserv.
-#
-# ocserv is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at
-# your option) any later version.
-#
-# ocserv is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see http://www.gnu.org/licenses/.
-#
-
-# This tests operation/traffic under compression (lzs or lz4).
-
-CIPHER_NAME="OC-DTLS1_2-AES128-GCM"
-GNUTLS_NAME="(DTLS1.2)-(RSA)-(AES-128-GCM)"
-
-. cipher-common.sh
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/aes256-gcm-cipher new/ocserv-0.12.3/tests/aes256-gcm-cipher
--- old/ocserv-0.12.2/tests/aes256-gcm-cipher 2018-11-18 19:39:43.000000000 +0100
+++ new/ocserv-0.12.3/tests/aes256-gcm-cipher 1970-01-01 01:00:00.000000000 +0100
@@ -1,27 +0,0 @@
-#!/bin/bash
-#
-# Copyright (C) 2018 Nikos Mavrogiannopoulos
-#
-# This file is part of ocserv.
-#
-# ocserv is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at
-# your option) any later version.
-#
-# ocserv is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see http://www.gnu.org/licenses/.
-#
-
-# This tests operation/traffic under compression (lzs or lz4).
-
-CIPHER_NAME="OC-DTLS1_2-AES256-GCM"
-GNUTLS_NAME="(DTLS1.2)-(RSA)-(AES-256-GCM)"
-
-. cipher-common.sh
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/cipher-common.sh new/ocserv-0.12.3/tests/cipher-common.sh
--- old/ocserv-0.12.2/tests/cipher-common.sh 2018-11-18 19:39:43.000000000 +0100
+++ new/ocserv-0.12.3/tests/cipher-common.sh 2019-03-12 21:13:35.000000000 +0100
@@ -78,16 +78,22 @@
sleep 4
+if test -n "${CIPHER12_NAME}";then
+ CSTR="--dtls12-ciphers ${CIPHER12_NAME} --dtls-ciphers UNKNOWN"
+else
+ CSTR="--dtls-ciphers ${CIPHER_NAME}"
+fi
+
# Run clients
echo " * Getting cookie from ${ADDRESS}:${PORT}..."
-( echo "test" | ${CMDNS1} ${OPENCONNECT} ${ADDRESS}:${PORT} -u ${USERNAME} --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --dtls-ciphers=${CIPHER_NAME} --cookieonly )
+( echo "test" | ${CMDNS1} ${OPENCONNECT} ${ADDRESS}:${PORT} -u ${USERNAME} --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 ${CSTR} --cookieonly )
if test $? != 0;then
echo "Could not get cookie from server"
exit 1
fi
echo " * Connecting to ${ADDRESS}:${PORT}..."
-( echo "test" | ${CMDNS1} ${OPENCONNECT} ${ADDRESS}:${PORT} -u ${USERNAME} --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --dtls-ciphers=${CIPHER_NAME} -s ${srcdir}/scripts/vpnc-script --pid-file=${CLIPID} --passwd-on-stdin -b )
+( echo "test" | ${CMDNS1} ${OPENCONNECT} ${ADDRESS}:${PORT} -u ${USERNAME} --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 ${CSTR} -s ${srcdir}/scripts/vpnc-script --pid-file=${CLIPID} --passwd-on-stdin -b )
if test $? != 0;then
echo "Could not connect to server"
exit 1
@@ -110,7 +116,7 @@
${CMDNS2} nuttcp -1
-${CMDNS1} ping -c 3 ${VPNADDR6}
+${CMDNS1} ping -6 -c 3 ${VPNADDR6}
echo " * Receiving with nuttcp"
@@ -131,21 +137,37 @@
exit 1
fi
-grep "Username: ${USERNAME}" ${OUTFILE}
+grep "Username: ${USERNAME}" ${OUTFILE} >/dev/null
if test $? != 0;then
${OCCTL} -s ${OCCTL_SOCKET} show user ${USERNAME}
echo "occtl show user didn't find connected user!"
exit 1
fi
-grep "DTLS cipher: ${GNUTLS_NAME}" ${OUTFILE}
+if test -z "${GNUTLS_NAME}";then
+ grep "DTLS cipher:" ${OUTFILE} >/dev/null
+ if test $? = 0;then
+ ${OCCTL} -s ${OCCTL_SOCKET} show user ${USERNAME}
+ echo "occtl show user did show a cipher!"
+ exit 1
+ fi
+else
+ grep "DTLS cipher: ${GNUTLS_NAME}" ${OUTFILE} >/dev/null
+ if test $? != 0;then
+ ${OCCTL} -s ${OCCTL_SOCKET} show user ${USERNAME}
+ echo "occtl show user didn't show cipher!"
+ exit 1
+ fi
+fi
+
+grep -E '[[:space:]]+TLS ciphersuite:' ${OUTFILE} >/dev/null
if test $? != 0;then
${OCCTL} -s ${OCCTL_SOCKET} show user ${USERNAME}
- echo "occtl show user didn't show cipher!"
+ echo "occtl show user did not show a TLS cipher!"
exit 1
fi
-grep ${CLI_ADDRESS} ${OUTFILE}
+grep ${CLI_ADDRESS} ${OUTFILE} >/dev/null
if test $? != 0;then
${OCCTL} -s ${OCCTL_SOCKET} show user ${USERNAME}
echo "occtl show user didn't find client address!"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/common.sh new/ocserv-0.12.3/tests/common.sh
--- old/ocserv-0.12.2/tests/common.sh 2019-01-06 18:53:51.000000000 +0100
+++ new/ocserv-0.12.3/tests/common.sh 2019-01-30 19:01:35.000000000 +0100
@@ -49,10 +49,20 @@
file=$1
username=$(whoami)
group=$(groups|cut -f 1 -d ' ')
+
+ if test -z "${ISOLATE_WORKERS}";then
+ if test "${COVERAGE}" = "1";then
+ ISOLATE_WORKERS=false
+ else
+ ISOLATE_WORKERS=true
+ fi
+ fi
+
cp "${srcdir}/data/${file}" "$file.$$.tmp"
sed -i -e 's|@USERNAME@|'${username}'|g' "$file.$$.tmp" \
-e 's|@GROUP@|'${group}'|g' "$file.$$.tmp" \
-e 's|@SRCDIR@|'${srcdir}'|g' "$file.$$.tmp" \
+ -e 's|@ISOLATE_WORKERS@|'${ISOLATE_WORKERS}'|g' "$file.$$.tmp" \
-e 's|@OTP_FILE@|'${OTP_FILE}'|g' "$file.$$.tmp" \
-e 's|@CRLNAME@|'${CRLNAME}'|g' "$file.$$.tmp" \
-e 's|@PORT@|'${PORT}'|g' "$file.$$.tmp" \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/multiple-routes.config new/ocserv-0.12.3/tests/data/multiple-routes.config
--- old/ocserv-0.12.2/tests/data/multiple-routes.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/multiple-routes.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-ban.config new/ocserv-0.12.3/tests/data/test-ban.config
--- old/ocserv-0.12.2/tests/data/test-ban.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-ban.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-cert-opt-pass.config new/ocserv-0.12.3/tests/data/test-cert-opt-pass.config
--- old/ocserv-0.12.2/tests/data/test-cert-opt-pass.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-cert-opt-pass.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
enable-auth = "plain[passwd=@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-ciphers.config new/ocserv-0.12.3/tests/data/test-ciphers.config
--- old/ocserv-0.12.2/tests/data/test-ciphers.config 2018-11-18 19:39:43.000000000 +0100
+++ new/ocserv-0.12.3/tests/data/test-ciphers.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,7 +5,7 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
-isolate-workers = false
+isolate-workers = @ISOLATE_WORKERS@
max-ban-score = 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-compression-lz4.config new/ocserv-0.12.3/tests/data/test-compression-lz4.config
--- old/ocserv-0.12.2/tests/data/test-compression-lz4.config 2018-04-15 21:13:39.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-compression-lz4.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,7 +5,7 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
-isolate-workers = false
+isolate-workers = @ISOLATE_WORKERS@
max-ban-score = 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-compression-lzs.config new/ocserv-0.12.3/tests/data/test-compression-lzs.config
--- old/ocserv-0.12.2/tests/data/test-compression-lzs.config 2018-04-15 21:13:39.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-compression-lzs.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,7 +5,7 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
-isolate-workers = false
+isolate-workers = @ISOLATE_WORKERS@
max-ban-score = 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-cookie-invalidation.config new/ocserv-0.12.3/tests/data/test-cookie-invalidation.config
--- old/ocserv-0.12.2/tests/data/test-cookie-invalidation.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-cookie-invalidation.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-cookie-timeout-2.config new/ocserv-0.12.3/tests/data/test-cookie-timeout-2.config
--- old/ocserv-0.12.2/tests/data/test-cookie-timeout-2.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-cookie-timeout-2.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-cookie-timeout.config new/ocserv-0.12.3/tests/data/test-cookie-timeout.config
--- old/ocserv-0.12.2/tests/data/test-cookie-timeout.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-cookie-timeout.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-ed25519.config new/ocserv-0.12.3/tests/data/test-ed25519.config
--- old/ocserv-0.12.2/tests/data/test-ed25519.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-ed25519.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
max-ban-score = 0
# A banner to be displayed on clients
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-enc-key.config new/ocserv-0.12.3/tests/data/test-enc-key.config
--- old/ocserv-0.12.2/tests/data/test-enc-key.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-enc-key.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-enc-key2.config new/ocserv-0.12.3/tests/data/test-enc-key2.config
--- old/ocserv-0.12.2/tests/data/test-enc-key2.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-enc-key2.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-explicit-ip.config new/ocserv-0.12.3/tests/data/test-explicit-ip.config
--- old/ocserv-0.12.2/tests/data/test-explicit-ip.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-explicit-ip.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-group-pass.config new/ocserv-0.12.3/tests/data/test-group-pass.config
--- old/ocserv-0.12.2/tests/data/test-group-pass.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-group-pass.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test-group.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-gssapi-local-map.config new/ocserv-0.12.3/tests/data/test-gssapi-local-map.config
--- old/ocserv-0.12.2/tests/data/test-gssapi-local-map.config 2017-09-09 11:26:28.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-gssapi-local-map.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[./data/test1.passwd]"
auth = "gssapi"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-gssapi-opt-cert.config new/ocserv-0.12.3/tests/data/test-gssapi-opt-cert.config
--- old/ocserv-0.12.2/tests/data/test-gssapi-opt-cert.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-gssapi-opt-cert.config 2019-01-30 19:01:35.000000000 +0100
@@ -6,6 +6,8 @@
auth = "gssapi[require-local-user-map=false]"
enable-auth = certificate
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-gssapi-opt-pass.config new/ocserv-0.12.3/tests/data/test-gssapi-opt-pass.config
--- old/ocserv-0.12.2/tests/data/test-gssapi-opt-pass.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-gssapi-opt-pass.config 2019-01-30 19:01:35.000000000 +0100
@@ -6,6 +6,8 @@
auth = "gssapi[require-local-user-map=false]"
enable-auth = "plain[passwd=@SRCDIR@/data/test1.passwd]"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-gssapi.config new/ocserv-0.12.3/tests/data/test-gssapi.config
--- old/ocserv-0.12.2/tests/data/test-gssapi.config 2018-04-14 21:29:16.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-gssapi.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[./data/test1.passwd]"
auth = "gssapi[require-local-user-map=false]"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-haproxy-auth.config new/ocserv-0.12.3/tests/data/test-haproxy-auth.config
--- old/ocserv-0.12.2/tests/data/test-haproxy-auth.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-haproxy-auth.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
max-ban-score = 0
# A banner to be displayed on clients
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-haproxy-connect.config new/ocserv-0.12.3/tests/data/test-haproxy-connect.config
--- old/ocserv-0.12.2/tests/data/test-haproxy-connect.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-haproxy-connect.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,7 +5,7 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
-isolate-workers = false
+isolate-workers = @ISOLATE_WORKERS@
max-ban-score = 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-iroute.config new/ocserv-0.12.3/tests/data/test-iroute.config
--- old/ocserv-0.12.2/tests/data/test-iroute.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-iroute.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-multi-cookie.config new/ocserv-0.12.3/tests/data/test-multi-cookie.config
--- old/ocserv-0.12.2/tests/data/test-multi-cookie.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-multi-cookie.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-otp-cert.config new/ocserv-0.12.3/tests/data/test-otp-cert.config
--- old/ocserv-0.12.2/tests/data/test-otp-cert.config 2018-03-03 15:03:55.000000000 +0100
+++ new/ocserv-0.12.3/tests/data/test-otp-cert.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[passwd=@SRCDIR@/data/test-otp.passwd,otp=@OTP_FILE@]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-otp.config new/ocserv-0.12.3/tests/data/test-otp.config
--- old/ocserv-0.12.2/tests/data/test-otp.config 2018-03-03 15:04:03.000000000 +0100
+++ new/ocserv-0.12.3/tests/data/test-otp.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[passwd=@SRCDIR@/data/test-otp.passwd,otp=@OTP_FILE@]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-pam-noauth.config new/ocserv-0.12.3/tests/data/test-pam-noauth.config
--- old/ocserv-0.12.2/tests/data/test-pam-noauth.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-pam-noauth.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test-pam.passwd]"
acct = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-pam.config new/ocserv-0.12.3/tests/data/test-pam.config
--- old/ocserv-0.12.2/tests/data/test-pam.config 2018-09-22 21:11:07.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-pam.config 2019-01-30 19:01:35.000000000 +0100
@@ -4,6 +4,8 @@
#auth = "certificate"
auth = "pam[gid-min=1000]"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-pass-opt-cert.config new/ocserv-0.12.3/tests/data/test-pass-opt-cert.config
--- old/ocserv-0.12.2/tests/data/test-pass-opt-cert.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-pass-opt-cert.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
enable-auth = "certificate"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-pass-script.config new/ocserv-0.12.3/tests/data/test-pass-script.config
--- old/ocserv-0.12.2/tests/data/test-pass-script.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-pass-script.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-rsa-pss.config new/ocserv-0.12.3/tests/data/test-rsa-pss.config
--- old/ocserv-0.12.2/tests/data/test-rsa-pss.config 2018-04-13 22:49:23.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-rsa-pss.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
max-ban-score = 0
# A banner to be displayed on clients
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-san-cert.config new/ocserv-0.12.3/tests/data/test-san-cert.config
--- old/ocserv-0.12.2/tests/data/test-san-cert.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-san-cert.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-sighup-key-change.config new/ocserv-0.12.3/tests/data/test-sighup-key-change.config
--- old/ocserv-0.12.2/tests/data/test-sighup-key-change.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-sighup-key-change.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-sighup.config new/ocserv-0.12.3/tests/data/test-sighup.config
--- old/ocserv-0.12.2/tests/data/test-sighup.config 2018-04-15 17:25:24.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-sighup.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-stress.config new/ocserv-0.12.3/tests/data/test-stress.config
--- old/ocserv-0.12.2/tests/data/test-stress.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-stress.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-traffic.config new/ocserv-0.12.3/tests/data/test-traffic.config
--- old/ocserv-0.12.2/tests/data/test-traffic.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-traffic.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,7 +5,7 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
-isolate-workers = false
+isolate-workers = @ISOLATE_WORKERS@
max-ban-score = 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-user-cert.config new/ocserv-0.12.3/tests/data/test-user-cert.config
--- old/ocserv-0.12.2/tests/data/test-user-cert.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-user-cert.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-user-config.config new/ocserv-0.12.3/tests/data/test-user-config.config
--- old/ocserv-0.12.2/tests/data/test-user-config.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-user-config.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[./data/test1.passwd]"
#auth = "pam"
+isolate-workers = false
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-user-group-cert-no-pass.config new/ocserv-0.12.3/tests/data/test-user-group-cert-no-pass.config
--- old/ocserv-0.12.2/tests/data/test-user-group-cert-no-pass.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-user-group-cert-no-pass.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[@SRCDIR@/data/test-group.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
select-group = group1
select-group = group2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-user-group-cert.config new/ocserv-0.12.3/tests/data/test-user-group-cert.config
--- old/ocserv-0.12.2/tests/data/test-user-group-cert.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-user-group-cert.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test-group.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
select-group = group1
select-group = group2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test-vhost-pass-cert.config new/ocserv-0.12.3/tests/data/test-vhost-pass-cert.config
--- old/ocserv-0.12.2/tests/data/test-vhost-pass-cert.config 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test-vhost-pass-cert.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[passwd=@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test1.config new/ocserv-0.12.3/tests/data/test1.config
--- old/ocserv-0.12.2/tests/data/test1.config 2018-11-18 19:39:43.000000000 +0100
+++ new/ocserv-0.12.3/tests/data/test1.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
max-ban-score = 0
# A banner to be displayed on clients
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/data/test3.config new/ocserv-0.12.3/tests/data/test3.config
--- old/ocserv-0.12.2/tests/data/test3.config 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/data/test3.config 2019-01-30 19:01:35.000000000 +0100
@@ -5,6 +5,8 @@
#auth = "plain[@SRCDIR@/data/test1.passwd]"
#auth = "pam"
+isolate-workers = @ISOLATE_WORKERS@
+
# A banner to be displayed on clients
#banner = "Welcome"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/lz4-compression new/ocserv-0.12.3/tests/lz4-compression
--- old/ocserv-0.12.2/tests/lz4-compression 2018-04-15 21:13:39.000000000 +0200
+++ new/ocserv-0.12.3/tests/lz4-compression 2019-03-12 21:13:35.000000000 +0100
@@ -110,7 +110,7 @@
${CMDNS2} nuttcp -1
-${CMDNS1} ping -c 3 ${VPNADDR6}
+${CMDNS1} ping -6 -c 3 ${VPNADDR6}
echo " * Receiving with nuttcp"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/lzs-compression new/ocserv-0.12.3/tests/lzs-compression
--- old/ocserv-0.12.2/tests/lzs-compression 2018-04-15 21:13:39.000000000 +0200
+++ new/ocserv-0.12.3/tests/lzs-compression 2019-03-12 21:13:35.000000000 +0100
@@ -110,7 +110,7 @@
${CMDNS2} nuttcp -1
-${CMDNS1} ping -c 3 ${VPNADDR6}
+${CMDNS1} ping -6 -c 3 ${VPNADDR6}
echo " * Receiving with nuttcp"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/no-dtls-cipher new/ocserv-0.12.3/tests/no-dtls-cipher
--- old/ocserv-0.12.2/tests/no-dtls-cipher 1970-01-01 01:00:00.000000000 +0100
+++ new/ocserv-0.12.3/tests/no-dtls-cipher 2019-01-19 19:47:50.000000000 +0100
@@ -0,0 +1,28 @@
+#!/bin/bash
+#
+# Copyright (C) 2019 Nikos Mavrogiannopoulos
+#
+# This file is part of ocserv.
+#
+# ocserv is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# ocserv is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http://www.gnu.org/licenses/.
+#
+
+# This tests support for anyconnect's DTLS1.2 support
+
+PKG_CONFIG="${PKG_CONFIG:-/usr/bin/pkg-config}"
+CIPHER_NAME="UNKNOWN"
+GNUTLS_NAME=""
+
+. cipher-common.sh
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/oc-aes128-gcm-cipher new/ocserv-0.12.3/tests/oc-aes128-gcm-cipher
--- old/ocserv-0.12.2/tests/oc-aes128-gcm-cipher 1970-01-01 01:00:00.000000000 +0100
+++ new/ocserv-0.12.3/tests/oc-aes128-gcm-cipher 2019-01-19 19:47:50.000000000 +0100
@@ -0,0 +1,27 @@
+#!/bin/bash
+#
+# Copyright (C) 2018 Nikos Mavrogiannopoulos
+#
+# This file is part of ocserv.
+#
+# ocserv is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# ocserv is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http://www.gnu.org/licenses/.
+#
+
+# This tests operation/traffic under compression (lzs or lz4).
+
+CIPHER_NAME="OC-DTLS1_2-AES128-GCM"
+GNUTLS_NAME="(DTLS1.2)-(RSA)-(AES-128-GCM)"
+
+. cipher-common.sh
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/oc-aes256-gcm-cipher new/ocserv-0.12.3/tests/oc-aes256-gcm-cipher
--- old/ocserv-0.12.2/tests/oc-aes256-gcm-cipher 1970-01-01 01:00:00.000000000 +0100
+++ new/ocserv-0.12.3/tests/oc-aes256-gcm-cipher 2019-01-19 19:47:50.000000000 +0100
@@ -0,0 +1,27 @@
+#!/bin/bash
+#
+# Copyright (C) 2018 Nikos Mavrogiannopoulos
+#
+# This file is part of ocserv.
+#
+# ocserv is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# ocserv is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http://www.gnu.org/licenses/.
+#
+
+# This tests operation/traffic under compression (lzs or lz4).
+
+CIPHER_NAME="OC-DTLS1_2-AES256-GCM"
+GNUTLS_NAME="(DTLS1.2)-(RSA)-(AES-256-GCM)"
+
+. cipher-common.sh
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/test-config-per-group new/ocserv-0.12.3/tests/test-config-per-group
--- old/ocserv-0.12.2/tests/test-config-per-group 2019-01-06 18:53:51.000000000 +0100
+++ new/ocserv-0.12.3/tests/test-config-per-group 2019-03-12 21:13:35.000000000 +0100
@@ -89,7 +89,7 @@
set -e
${CMDNS1} ping -c 3 ${VPNADDR} >/dev/null 2>&1
-${CMDNS1} ping -c 3 ${VPNADDR6} >/dev/null 2>&1
+${CMDNS1} ping -6 -c 3 ${VPNADDR6} >/dev/null 2>&1
set +e
${OCCTL} -s ${OCCTL_SOCKET} show users|grep ${USERNAME}
@@ -137,7 +137,7 @@
set -e
${CMDNS1} ping -c 3 ${VPNADDR} >/dev/null 2>&1
-${CMDNS1} ping -c 3 ${VPNADDR6} >/dev/null 2>&1
+${CMDNS1} ping -6 -c 3 ${VPNADDR6} >/dev/null 2>&1
set +e
${OCCTL} -s ${OCCTL_SOCKET} show users|grep ${USERNAME}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/test-cookie-timeout new/ocserv-0.12.3/tests/test-cookie-timeout
--- old/ocserv-0.12.2/tests/test-cookie-timeout 2018-01-06 08:54:46.000000000 +0100
+++ new/ocserv-0.12.3/tests/test-cookie-timeout 2019-01-19 13:42:35.000000000 +0100
@@ -51,7 +51,7 @@
fi
CPID=`cat "${PIDFILE}"`
-kill $CPID
+kill -9 $CPID
rm -f "${PIDFILE}"
sleep 16
@@ -81,7 +81,7 @@
fi
CPID=`cat "${PIDFILE}"`
-kill $CPID
+kill -9 $CPID
rm -f "${PIDFILE}"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/test-pass-cert new/ocserv-0.12.3/tests/test-pass-cert
--- old/ocserv-0.12.2/tests/test-pass-cert 2017-09-09 10:34:02.000000000 +0200
+++ new/ocserv-0.12.3/tests/test-pass-cert 2019-01-30 19:01:35.000000000 +0100
@@ -22,6 +22,7 @@
srcdir=${srcdir:-.}
NO_NEED_ROOT=1
PORT=4445
+ISOLATE_WORKERS=false
. `dirname $0`/common.sh
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ocserv-0.12.2/tests/traffic new/ocserv-0.12.3/tests/traffic
--- old/ocserv-0.12.2/tests/traffic 2018-04-14 09:52:35.000000000 +0200
+++ new/ocserv-0.12.3/tests/traffic 2019-03-12 21:13:35.000000000 +0100
@@ -108,7 +108,7 @@
${CMDNS2} nuttcp -1
-${CMDNS1} ping -c 3 ${VPNADDR6}
+${CMDNS1} ping -6 -c 3 ${VPNADDR6}
echo " * Receiving with nuttcp"