quick gw ciphersuite test

2 files changed, 27 insertions, 0 deletions

diff --git a/tests/ciphersuites/Makefile b/tests/ciphersuites/Makefile
new file mode 100644
index 0000000..0e1e6b4
--- /dev/null
+++ b/tests/ciphersuites/Makefile
@@ -0,0 +1,15 @@
+GW_HORNERO=212.129.4.141
+
+certs:
+	/usr/bin/curl -k https://black.riseup.net/ca.crt > /tmp/ca.crt
+	/usr/bin/curl -k https://api.black.riseup.net/3/cert > /tmp/cert.pem
+
+test-hornero:
+	GW=${GW_HORNERO} CIPHER=AES-128-CBC PORT=53 ./vpn-connect.sh
+	GW=${GW_HORNERO} CIPHER=AES-256-GCM PORT=53 ./vpn-connect.sh
+	GW=${GW_HORNERO} CIPHER=AES-128-CBC PORT=1194 ./vpn-connect.sh
+	GW=${GW_HORNERO} CIPHER=AES-256-GCM PORT=1194 ./vpn-connect.sh
+	GW=${GW_HORNERO} CIPHER=AES-256-GCM PORT=1194 TLS=DHE-RSA-AES128-SHA ./vpn-connect-tls.sh
+	GW=${GW_HORNERO} CIPHER=AES-256-GCM PORT=1194 TLS=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 ./vpn-connect-tls.sh
+
+
diff --git a/tests/ciphersuites/vpn-connect.sh b/tests/ciphersuites/vpn-connect.sh
new file mode 100755
index 0000000..f680da8
--- /dev/null
+++ b/tests/ciphersuites/vpn-connect.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -x
+sudo openvpn \
+    --verb 3 \
+    --dev tun --client --tls-client \
+    --cipher $CIPHER \
+    --remote-cert-tls server --tls-version-min 1.2 \
+    --ca /tmp/concat.crt --cert /tmp/cert.pem --key /tmp/cert.pem \
+    --pull-filter ignore ifconfig-ipv6 \
+    --pull-filter ignore route-ipv6 \
+    --pull-filter ignore route \
+    --remote $GW $PORT tcp4