[WireGuard] continuous integration/testing across multiple kernels
Jason A. Donenfeld
Jason at zx2c4.com
Sun Jul 3 21:25:19 CEST 2016
As unit tests are a development building block, insecure hacks like
client.sh should not be used. You could easily repurpose client.sh to
invoke openssl-s_client or some similarly disgusting TLS hack, I
guess. In any case, though, it's not even needed. Check out what I did
with contrib/external-tests and src/debug.mk. There are just hard
coded public/private keys in there, which are more than sufficient for
unit testing. If you'd like, you can experiment with using those same
public/private keys and test.wireguard.io (NOT demo.wireguard.io), for
constructing an automated testing framework.
However, perhaps a better and more robust way of doing this would be
to use network namespaces. See src/netns.sh for an example of how this
works. This way there can be several wireguard instances and different
networking configurations all within the same machine, enabling
offline reliable unit tests.
More information about the WireGuard
mailing list