test environment: test --persist-tun with ping-timeout · OpenVPN/openvpn#948

(1 comment) (1 reaction) (6 assignees)C (13,839 stars) (3,314 forks)batch import

DCOenhancementfeaturehelp wanted

Description

So what we lack testing for is ping-timeout reconnects with DCO involved

--client side
connect
ping-timeout (30s) (triggerable via kill $CN on the server's management interface, or possibly via firewall rule in between - though timing is complicated if you want reconnect to succeed)
reconnect
ping-timeout again (30s)
eventually tls-renegotiate (300s)

and verify that pings through the tunnel are working all the time as one would expect this - fail while the server's instance is dead, but do not fail longer than 30-ish seconds.

Maybe also check the server's idea of "when did the client reconnect?" - which gives a good indication of "did ping-timeout actually work?".

The issue at hand is on FreeBSD, but I guess that having test coverage on Linux and Windows won't hurt either...

Contributor guide

Tech stack: cshell
Domain: testingsecuritybackend
Issue type: test
Difficulty: 4
Estimated time: 3-5 days
Activity status: blocked
Clarity: clear
Prerequisites: OpenVPN build systemDCO understandingnetwork mockingtest infrastructure
Newbie friendliness: 15
Research direction: The issue requests adding a test scenario for persist tun with ping timeout and DCO. It describes client side steps: connect, trigger ping timeout via server disconnect, verify reconnect and tunnel continuity. The test should also check server side reconnection timestamps. Implementation likely involves modifying existing test scripts in the 'tests' directory, possibly adding a new test suite in 'tests/unit tests' or 'tests/t client.sh'. Review linked PRs and comments for any existing work; as of now, no PRs are linked. Focus on understanding OpenVPN's DCO behavior and the test framework (likely cmocka or similar) before writing the test.