diff options
author | kali kaneko (leap communications) <kali@leap.se> | 2022-06-14 20:56:16 +0200 |
---|---|---|
committer | kali kaneko (leap communications) <kali@leap.se> | 2022-06-14 21:01:14 +0200 |
commit | 1ae22e72203994e701f71d7c7ba832d55f6283b0 (patch) | |
tree | b570c186d4c54681c5c1bf1a92116570be006d03 | |
parent | 40ced0c4b817a6fa4c94dafc4c4481fb5ac4ad97 (diff) |
quick gw ciphersuite test
-rw-r--r-- | tests/ciphersuites/Makefile | 15 | ||||
-rwxr-xr-x | tests/ciphersuites/vpn-connect.sh | 12 |
2 files changed, 27 insertions, 0 deletions
diff --git a/tests/ciphersuites/Makefile b/tests/ciphersuites/Makefile new file mode 100644 index 0000000..0e1e6b4 --- /dev/null +++ b/tests/ciphersuites/Makefile @@ -0,0 +1,15 @@ +GW_HORNERO=212.129.4.141 + +certs: + /usr/bin/curl -k https://black.riseup.net/ca.crt > /tmp/ca.crt + /usr/bin/curl -k https://api.black.riseup.net/3/cert > /tmp/cert.pem + +test-hornero: + GW=${GW_HORNERO} CIPHER=AES-128-CBC PORT=53 ./vpn-connect.sh + GW=${GW_HORNERO} CIPHER=AES-256-GCM PORT=53 ./vpn-connect.sh + GW=${GW_HORNERO} CIPHER=AES-128-CBC PORT=1194 ./vpn-connect.sh + GW=${GW_HORNERO} CIPHER=AES-256-GCM PORT=1194 ./vpn-connect.sh + GW=${GW_HORNERO} CIPHER=AES-256-GCM PORT=1194 TLS=DHE-RSA-AES128-SHA ./vpn-connect-tls.sh + GW=${GW_HORNERO} CIPHER=AES-256-GCM PORT=1194 TLS=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 ./vpn-connect-tls.sh + + diff --git a/tests/ciphersuites/vpn-connect.sh b/tests/ciphersuites/vpn-connect.sh new file mode 100755 index 0000000..f680da8 --- /dev/null +++ b/tests/ciphersuites/vpn-connect.sh @@ -0,0 +1,12 @@ +#!/bin/sh +set -x +sudo openvpn \ + --verb 3 \ + --dev tun --client --tls-client \ + --cipher $CIPHER \ + --remote-cert-tls server --tls-version-min 1.2 \ + --ca /tmp/concat.crt --cert /tmp/cert.pem --key /tmp/cert.pem \ + --pull-filter ignore ifconfig-ipv6 \ + --pull-filter ignore route-ipv6 \ + --pull-filter ignore route \ + --remote $GW $PORT tcp4 |