aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Brunner <tobias@strongswan.org>2016-09-13 11:50:09 +0200
committerTobias Brunner <tobias@strongswan.org>2016-09-20 15:36:14 +0200
commitd8b2980aa5a9fcc87ec43089e0fc1e91907e4501 (patch)
treedb92ad93c68151a45abc27fb15ed0c0b0b5b358d
parent4f1c6bc5a6195c0189858b920ab5c2bcf645a169 (diff)
downloadstrongswan-d8b2980aa5a9fcc87ec43089e0fc1e91907e4501.tar.bz2
strongswan-d8b2980aa5a9fcc87ec43089e0fc1e91907e4501.tar.xz
testing: Log leaks and fail tests if any are detected
-rwxr-xr-xtesting/do-tests31
-rw-r--r--testing/hosts/default/etc/ssh/sshd_config1
-rw-r--r--testing/ssh_config1
3 files changed, 32 insertions, 1 deletions
diff --git a/testing/do-tests b/testing/do-tests
index 8fcd7c82e..e24cbe5f4 100755
--- a/testing/do-tests
+++ b/testing/do-tests
@@ -357,7 +357,7 @@ do
##########################################################################
- # copy test specific configurations to uml hosts and clear auth.log files
+ # copy test specific configurations to hosts and clear log files
#
DBDIR=/etc/db.d
@@ -410,6 +410,16 @@ do
done
##########################################################################
+ # remove leak detective log on all hosts
+ #
+
+ export LEAK_DETECTIVE_LOG=/var/log/leak-detective.log
+ for host in $STRONGSWANHOSTS
+ do
+ ssh $SSHCONF root@`eval echo \\\$ipv4_$host` 'rm -f $LEAK_DETECTIVE_LOG' >/dev/null 2>&1
+ done
+
+ ##########################################################################
# flush IPsec state on all hosts
#
@@ -802,6 +812,25 @@ do
fi
done
+
+ ##########################################################################
+ # make sure there were no leaks
+ #
+
+ for host in $STRONGSWANHOSTS
+ do
+ eval HOSTLOGIN=root@\$ipv4_${host}
+ LEAKS=`ssh $SSHCONF $HOSTLOGIN 'cat $LEAK_DETECTIVE_LOG 2>/dev/null | grep -v "No leaks detected.*"'`
+ if [ -n "$LEAKS" ]
+ then
+ echo -e "\n$host# cat $LEAK_DETECTIVE_LOG [NO]" >> $CONSOLE_LOG
+ echo "$LEAKS" >> $CONSOLE_LOG
+ echo "<<< $host $LEAK_DETECTIVE_LOG >>>" >> $CONSOLE_LOG
+ STATUS="failed"
+ fi
+ done
+
+
##########################################################################
# get a copy of /var/log/auth.log
#
diff --git a/testing/hosts/default/etc/ssh/sshd_config b/testing/hosts/default/etc/ssh/sshd_config
index ae2e4cc84..ecd7f4fd1 100644
--- a/testing/hosts/default/etc/ssh/sshd_config
+++ b/testing/hosts/default/etc/ssh/sshd_config
@@ -12,3 +12,4 @@ PermitEmptyPasswords yes
PrintMotd no
PrintLastLog no
UsePAM no
+AcceptEnv LEAK_DETECTIVE_LOG
diff --git a/testing/ssh_config b/testing/ssh_config
index 831b9dc1a..367683018 100644
--- a/testing/ssh_config
+++ b/testing/ssh_config
@@ -1,6 +1,7 @@
Host *
# debian default
SendEnv LANG LC_*
+ SendEnv LEAK_DETECTIVE_LOG
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
GSSAPIAuthentication yes