diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2015-08-21 14:33:26 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2015-08-21 18:27:06 +0200 |
| commit | 9086f060d35a71cd7d6a53006b57fe6c77a70156 (patch) | |
| tree | 1c4ed457d5ff5bbf940feb2c28822e604a0750dc | |
| parent | c91682d1b82959d6d18972d0a73736c8469c8e0f (diff) | |
| download | strongswan-9086f060d35a.tar.bz2 strongswan-9086f060d35a.tar.xz | |
testing: Let test scenarios fail if IPsec SAs or policies are not removed
The IKE daemon should delete all installed SAs and policies when
everything works properly, so we fail the test if that's not the case.
| -rwxr-xr-x | testing/do-tests | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/testing/do-tests b/testing/do-tests index 5191d9007..c01152c7b 100755 --- a/testing/do-tests +++ b/testing/do-tests @@ -726,6 +726,24 @@ do } }' $TESTDIR/posttest.dat` >> $CONSOLE_LOG 2>&1 + ########################################################################## + # check that IPsec state was cleaned up properly + # + + for host in $IPSECHOSTS + do + eval HOSTLOGIN=root@\$ipv4_${host} + IPSECSTATE=`ssh $SSHCONF $HOSTLOGIN 'ip xfrm state'` + IPSECPOLICY=`ssh $SSHCONF $HOSTLOGIN 'ip xfrm policy'` + if [ -n "$IPSECSTATE" -o -n "$IPSECPOLICY" ] + then + echo -e "\n$host# ip xfrm state [NO]" >> $CONSOLE_LOG + echo "$IPSECSTATE" >> $CONSOLE_LOG + echo -e "\n$host# ip xfrm policy [NO]" >> $CONSOLE_LOG + echo "$IPSECPOLICY" >> $CONSOLE_LOG + STATUS="failed" + fi + done ########################################################################## # get a copy of /var/log/auth.log |