diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-01-30 15:58:17 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-01-30 16:00:08 +0100 |
| commit | 08d6937f9cbca47b0506086002401baebd021e16 (patch) | |
| tree | 65d65b2bed8d2800f381a012e5e27efc86d58591 | |
| parent | 1bc9b8dda5254eeace6d1c82cf464e98ca362faa (diff) | |
| download | vyos-build-08d6937f9cbca47b0506086002401baebd021e16.tar.gz vyos-build-08d6937f9cbca47b0506086002401baebd021e16.zip | |
Testsuite: generate required OpenVPN key(s)
Now all the loaded configs will support OpenVPN based interfaces, too.
All required keys are now generated so the loaded configurations can use:
- /config/auth/ovpn_test_ca.pem
- /config/auth/ovpn_test_server.pem
- /config/auth/ovpn_test_server.key
- /config/auth/ovpn_test_dh.pem
- /config/auth/ovpn_test_site2site.key
- /config/auth/ovpn_test_tls_auth.key
| -rwxr-xr-x | scripts/check-qemu-install | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/scripts/check-qemu-install b/scripts/check-qemu-install index aa65740f..b28c000f 100755 --- a/scripts/check-qemu-install +++ b/scripts/check-qemu-install @@ -354,6 +354,32 @@ try: c.sendline('generate wireguard default-keypair') c.expect(r'vyos@vyos:~\$') + log.info('Generating some OpenVPN keys') + subject = '/C=DE/ST=BY/O=VyOS/localityName=Cloud/commonName=vyos/' \ + 'organizationalUnitName=VyOS/emailAddress=maintainers@vyos.io/' + ca_cert = '/config/auth/ovpn_test_ca.pem' + ssl_cert = '/config/auth/ovpn_test_server.pem' + ssl_key = '/config/auth/ovpn_test_server.key' + dh_pem = '/config/auth/ovpn_test_dh.pem' + s2s_key = '/config/auth/ovpn_test_site2site.key' + auth_key = '/config/auth/ovpn_test_tls_auth.key' + + c.sendline(f'openssl req -newkey rsa:4096 -new -nodes -x509 -days 3650 '\ + f'-keyout {ssl_key} -out {ssl_cert} -subj {subject}') + c.expect(r'vyos@vyos:~\$', timeout=600) + c.sendline(f'openssl req -new -x509 -key {ssl_key} -out {ca_cert} -subj {subject}') + c.expect(r'vyos@vyos:~\$', timeout=600) + c.sendline(f'openssl dhparam -out {dh_pem} 2048') + c.expect(r'vyos@vyos:~\$', timeout=600) + c.sendline(f'openvpn --genkey --secret {s2s_key}') + c.expect(r'vyos@vyos:~\$', timeout=600) + c.sendline(f'openvpn --genkey --secret {auth_key}') + c.expect(r'vyos@vyos:~\$', timeout=600) + + for file in [ca_cert, ssl_cert, ssl_key, dh_pem, s2s_key, auth_key]: + c.sendline(f'sudo chown openvpn:openvpn {file}') + c.expect(r'vyos@vyos:~\$') + log.info('Executing load config tests') c.sendline('/usr/bin/vyos-configtest') i = c.expect(['\n +Invalid command:', 'No such file or directory', |