From 76b5a2fd4f513b6dd110e561e562faff36bb6ced Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2@infradead.org>
Date: Fri, 5 Apr 2024 17:23:22 +0100
Subject: [PATCH] Allow tests to run over IPv6 as well as Legacy IP

When run in an environment with no Legacy IP addresses, or no IPv6 addresses,
AI_ADDRCONFIG will cause getaddrinfo() not to return addresses of that type.

So when running in an IPv6-only environment, ocserv doesn't listen on Legacy
IP. And thus the tests fail. Fix this by using a hostname 'sockwrap' for the
test connections, and providing '--resolve' arguments for both the Legacy IP
and IPv6 addresses handled by libsocket_wrapper.

Some of the python test servers which don't use AI_ADDRCONFIG do still work
on Legacy IP, so leave those alone for now.

We recently added '-4' to the socat invocation for the nullppp tests, for
similar reasons (becaose socat started listening on IPv6 by default). We
can remove that now too.

Closes #721

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---
 tests/auth-certificate       |  2 +-
 tests/auth-hwtpm             |  2 +-
 tests/auth-multicert         |  2 +-
 tests/auth-nonascii          |  2 +-
 tests/auth-pkcs11            |  2 +-
 tests/auth-swtpm             |  2 +-
 tests/auth-username-pass     |  8 ++++----
 tests/cert-fingerprint       |  4 ++--
 tests/common.sh              |  3 ++-
 tests/id-test                | 10 +++++-----
 tests/obsolete-server-crypto |  4 ++--
 tests/pfs                    |  4 ++--
 tests/ppp-over-tls           |  8 ++++----
 13 files changed, 27 insertions(+), 26 deletions(-)

diff --git a/tests/auth-certificate b/tests/auth-certificate
index a0ebe8c1..b8a32f62 100755
--- a/tests/auth-certificate
+++ b/tests/auth-certificate
@@ -40,7 +40,7 @@ for KEY in ${key_list}; do
     else
 	CERTARGS="--sslkey ${KEY} --key-password password -c ${KEY%-key-*}-cert.pem"
     fi
-    ( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test $CERTARGS --servercert=pin-sha256:xp3scfzy3rO --cookieonly --passwd-on-stdin --allow-insecure-crypto ) ||
+    ( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test $CERTARGS --servercert=pin-sha256:xp3scfzy3rO --cookieonly --passwd-on-stdin --allow-insecure-crypto ) ||
 	fail $PID "Could not connect with key ${KEY##*/}!"
 done
 
diff --git a/tests/auth-hwtpm b/tests/auth-hwtpm
index 85f1cba5..259f3cc6 100755
--- a/tests/auth-hwtpm
+++ b/tests/auth-hwtpm
@@ -44,7 +44,7 @@ for KEY in ${hwtpm_list}; do
 	if [ ! -r "$CERT" ]; then CERT="${certdir}/$CERT"; fi
 	CERTARGS="--sslkey ${KEY} -c ${CERT}"
     fi
-    if ! echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test $CERTARGS --servercert=pin-sha256:xp3scfzy3rO --cookieonly -vvvvv --passwd-on-stdin; then
+    if ! echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test $CERTARGS --servercert=pin-sha256:xp3scfzy3rO --cookieonly -vvvvv --passwd-on-stdin; then
 	fail $PID "Could not connect with key ${KEY##*/}!"
     fi
 done
diff --git a/tests/auth-multicert b/tests/auth-multicert
index d2005559..79972ea3 100755
--- a/tests/auth-multicert
+++ b/tests/auth-multicert
@@ -43,7 +43,7 @@ echo -n "Authenticating using multiple certificate authentication... "
 ( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT --cafile $CAFILE \
 	--certificate $USERCERT --sslkey $USERKEY \
 	--mca-certificate $USERCERT --mca-key $USERKEY \
-	-q $ADDRESS:443 $FINGERPRINT --authenticate >/dev/null 2>&1) ||
+	-q $SWRESOLVE sockwrap:443 $FINGERPRINT --authenticate >/dev/null 2>&1) ||
     fail $PID "Could not receive cookie from fake Cisco server"
 
 echo ok
diff --git a/tests/auth-nonascii b/tests/auth-nonascii
index 08483395..e36a471b 100755
--- a/tests/auth-nonascii
+++ b/tests/auth-nonascii
@@ -36,7 +36,7 @@ set -x
 for CHARSET in UTF-8 ISO8859-2; do
     echo -n "Connecting to obtain cookie (with password charset ${CHARSET})... "
     CERTARGS="-c ${KEY} --key-password $(cat ${srcdir}/pass-${CHARSET})"
-    ( echo "test" | LC_ALL=cs_CZ.${CHARSET} LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test $CERTARGS --servercert=pin-sha256:xp3scfzy3rO --cookieonly --passwd-on-stdin ) ||
+    ( echo "test" | LC_ALL=cs_CZ.${CHARSET} LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test $CERTARGS --servercert=pin-sha256:xp3scfzy3rO --cookieonly --passwd-on-stdin ) ||
 	fail $PID "Could not connect with charset ${CHARSET}!"
 done
 
diff --git a/tests/auth-pkcs11 b/tests/auth-pkcs11
index 6f7e9a66..3ca7e772 100755
--- a/tests/auth-pkcs11
+++ b/tests/auth-pkcs11
@@ -39,7 +39,7 @@ for TOKEN in ${pkcs11_tokens}; do
 	echo -n "Connecting to obtain cookie (token ${TOKEN} key ${KEY})... "
 	CERTURI="pkcs11:token=${TOKEN};${KEY};pin-value=1234"
 	( echo "test" | SOFTHSM2_CONF=softhsm2.conf LD_PRELOAD=libsocket_wrapper.so \
-			    $OPENCONNECT -q $ADDRESS:443 -u test -c "${CERTURI}" --key-password 1234 --servercert=pin-sha256:xp3scfzy3rO --cookieonly --passwd-on-stdin ) ||
+			    $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test -c "${CERTURI}" --key-password 1234 --servercert=pin-sha256:xp3scfzy3rO --cookieonly --passwd-on-stdin ) ||
 	    fail $PID "Could not connect with token ${TOKEN} key ${KEY##*/}!"
     done
 done
diff --git a/tests/auth-swtpm b/tests/auth-swtpm
index 15155c2e..d0be8b2b 100755
--- a/tests/auth-swtpm
+++ b/tests/auth-swtpm
@@ -66,7 +66,7 @@ for KEY in ${swtpm_list}; do
 	if [ ! -r "$CERT" ]; then CERT="${certdir}/$CERT"; fi
 	CERTARGS="--sslkey ${KEY} -c ${CERT}"
     fi
-    if ! echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test $CERTARGS --servercert=pin-sha256:xp3scfzy3rO --cookieonly -vvvvv --passwd-on-stdin; then
+    if ! echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test $CERTARGS --servercert=pin-sha256:xp3scfzy3rO --cookieonly -vvvvv --passwd-on-stdin; then
 	LD_PRELOAD=libsocket_wrapper.so ${SWTPM_IOCTL} --tcp 127.0.0.1:2322 -s
 	fail $PID "Could not connect with key ${KEY##*/}!"
     fi
diff --git a/tests/auth-username-pass b/tests/auth-username-pass
index c93ec2f8..cb759477 100755
--- a/tests/auth-username-pass
+++ b/tests/auth-username-pass
@@ -32,13 +32,13 @@ PID=$!
 wait_server $PID
 
 echo -n "Connecting to obtain cookie... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1) ||
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1) ||
 	fail $PID "Could not receive cookie from server"
 
 echo ok
 
 echo -n "Connecting to obtain cookie with wrong password... "
-( echo "tost" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1) &&
+( echo "tost" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1) &&
 	fail $PID "Received cookie when we shouldn't"
 
 echo ok
@@ -46,13 +46,13 @@ echo ok
 #test special characters
 
 echo -n "Connecting to obtain cookie... "
-( echo "!@#$%^&*()<>" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u "sp@c/al" --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1 ) ||
+( echo "!@#$%^&*()<>" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u "sp@c/al" --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1 ) ||
 	fail $PID "Could not receive cookie from server"
 
 echo ok
 
 echo -n "Connecting to obtain cookie with empty password... "
-( echo "" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u "empty" --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1 ) ||
+( echo "" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u "empty" --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1 ) ||
 	fail $PID "Could not receive cookie from server"
 
 echo ok
diff --git a/tests/cert-fingerprint b/tests/cert-fingerprint
index cf4daf61..bc3ed37c 100755
--- a/tests/cert-fingerprint
+++ b/tests/cert-fingerprint
@@ -34,7 +34,7 @@ wait_server $PID
 expect_cert_fail() {
     SERVERCERT=$1
     echo -n "Testing with cert fingerprint $SERVERCERT..."
-    ( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert $SERVERCERT --cookieonly >/dev/null 2>&1) &&
+    ( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert $SERVERCERT --cookieonly >/dev/null 2>&1) &&
 	fail $PID "Accepted wrong fingerprint $SERVERCERT"
 
     echo "ok (rejected)"
@@ -43,7 +43,7 @@ expect_cert_fail() {
 expect_cert_success() {
     SERVERCERT=$1
     echo -n "Testing with cert fingerprint $SERVERCERT..."
-    ( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert $SERVERCERT --cookieonly >/dev/null 2>&1) ||
+    ( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert $SERVERCERT --cookieonly >/dev/null 2>&1) ||
 	fail $PID "Rejected good fingerprint $SERVERCERT"
 
     echo "ok (accepted)"
diff --git a/tests/common.sh b/tests/common.sh
index 0383267e..aecf9e27 100644
--- a/tests/common.sh
+++ b/tests/common.sh
@@ -39,6 +39,7 @@ mkdir -p $SOCKDIR
 export SOCKET_WRAPPER_DIR=$SOCKDIR
 export SOCKET_WRAPPER_DEFAULT_IFACE=2
 ADDRESS=127.0.0.$SOCKET_WRAPPER_DEFAULT_IFACE
+SWRESOLVE="--resolve sockwrap:fd00::5357:5f0$SOCKET_WRAPPER_DEFAULT_IFACE --resolve sockwrap:127.0.0.$SOCKET_WRAPPER_DEFAULT_IFACE"
 OPENCONNECT="${OPENCONNECT:-${top_builddir}/openconnect}"${EXEEXT}
 LOGFILE="$SOCKDIR/log.$$.tmp"
 OCCTL_SOCKET="${OCCTL_SOCKET:-./occtl-comp-$$.socket}"
@@ -103,7 +104,7 @@ launch_simple_pppd() {
        #    the config packets exchanged, causing retries and leading to a longer negotiation period.
        #    [use `socat -x` for a hex log of I/O to/from the connected sockets]
 
-       LD_PRELOAD=libsocket_wrapper.so socat -t 120 -T 120 -4 -d -d \
+       LD_PRELOAD=libsocket_wrapper.so socat -t 120 -T 120 -d -d \
 		 SYSTEM:"LD_PRELOAD= $SUDO $PPPD noauth local debug nodefaultroute logfile '$LOGFILE' $*",pty,raw,echo=0 \
 		 OPENSSL-LISTEN:443,verify=0,cert="$CERT",key="$KEY" 2>&1 &
        PID=$!
diff --git a/tests/id-test b/tests/id-test
index 68ba1240..3059a2f5 100755
--- a/tests/id-test
+++ b/tests/id-test
@@ -32,31 +32,31 @@ PID=$!
 wait_server $PID
 
 echo -n "Connecting with legacy hash... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert=e597837de5390ba6eaa0f9d656f035c8be6ec02b --cookieonly >/dev/null 2>&1) ||
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert=e597837de5390ba6eaa0f9d656f035c8be6ec02b --cookieonly >/dev/null 2>&1) ||
 	fail $PID "Could not receive cookie from server"
 
 echo ok
 
 echo -n "Connecting with SHA1 ID... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert=sha1:a82547f68f44d6351bef6cacd1d7b96e84f9dfa3 --cookieonly >/dev/null 2>&1) ||
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert=sha1:a82547f68f44d6351bef6cacd1d7b96e84f9dfa3 --cookieonly >/dev/null 2>&1) ||
 	fail $PID "Could not receive cookie from server"
 
 echo ok
 
 echo -n "Connecting with SHA256 ID... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert=sha256:c69dec71fcf2deb390b2ff4d70ebdeffc61556ffa91ebe2a3425c45eb365e6cf --cookieonly >/dev/null 2>&1) ||
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert=sha256:c69dec71fcf2deb390b2ff4d70ebdeffc61556ffa91ebe2a3425c45eb365e6cf --cookieonly >/dev/null 2>&1) ||
 	fail $PID "Could not receive cookie from server"
 
 echo ok
 
 echo -n "Connecting with SHA256 partial ID... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert=sha256:c69dec --cookieonly >/dev/null 2>&1) ||
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert=sha256:c69dec --cookieonly >/dev/null 2>&1) ||
 	fail $PID "Could not receive cookie from server"
 
 echo ok
 
 echo -n "Connecting with wrong SHA256 ID... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:443 -u test --servercert=sha256:c69ded --cookieonly >/dev/null 2>&1) &&
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:443 -u test --servercert=sha256:c69ded --cookieonly >/dev/null 2>&1) &&
 	fail $PID "Did connect to the server with wrong ID"
 
 echo ok
diff --git a/tests/obsolete-server-crypto b/tests/obsolete-server-crypto
index 58d10dc9..060999dc 100755
--- a/tests/obsolete-server-crypto
+++ b/tests/obsolete-server-crypto
@@ -55,13 +55,13 @@ PID=$!
 wait_server $PID
 
 echo -n "Connecting without --allow-insecure-crypto... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1) &&
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:$PORT -u test --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1) &&
 	fail $PID "Connected successfully when we shouldn't"
 
 echo ok
 
 echo -n "Connecting with --allow-insecure-crypto... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=pin-sha256:xp3scfzy3rO --allow-insecure-crypto --cookieonly >/dev/null 2>&1) ||
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:$PORT -u test --servercert=pin-sha256:xp3scfzy3rO --allow-insecure-crypto --cookieonly >/dev/null 2>&1) ||
 	fail $PID "Could not connect and obtain cookie with --allow-insecure-crypto"
 
 echo ok
diff --git a/tests/pfs b/tests/pfs
index 596912cc..451844ae 100755
--- a/tests/pfs
+++ b/tests/pfs
@@ -43,13 +43,13 @@ PID=$!
 wait_server $PID
 
 echo -n "Connecting with --pfs... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=pin-sha256:xp3scfzy3rO --pfs --cookieonly >/dev/null 2>&1) &&
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:$PORT -u test --servercert=pin-sha256:xp3scfzy3rO --pfs --cookieonly >/dev/null 2>&1) &&
 	fail $PID "Connected successfully when we shouldn't"
 
 echo ok
 
 echo -n "Connecting without --pfs... "
-( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1) ||
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $SWRESOLVE sockwrap:$PORT -u test --servercert=pin-sha256:xp3scfzy3rO --cookieonly >/dev/null 2>&1) ||
 	fail $PID "Could not connect and obtain cookie without --pfs"
 
 echo ok
diff --git a/tests/ppp-over-tls b/tests/ppp-over-tls
index 03eb1196..9dd789b9 100755
--- a/tests/ppp-over-tls
+++ b/tests/ppp-over-tls
@@ -54,7 +54,7 @@ echo "started in $(( $(date +%s) - start )) seconds"
 wait_server "$PID"
 echo -n "Connecting to it with openconnect --protocol=nullppp... "
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $SWRESOLVE sockwrap:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV4_SUCCESS_1" $LOGFILE && grep -qF "$IPV4_SUCCESS_2" $LOGFILE && grep -qF "$IPV6_SUCCESS_1" $LOGFILE && grep -qF "$IPV6_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
@@ -75,7 +75,7 @@ echo "started in $(( $(date +%s) - start )) seconds"
 wait_server "$PID"
 echo -n "Connecting to it with openconnect --protocol=nullppp... "
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $SWRESOLVE sockwrap:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV4_SUCCESS_1" $LOGFILE && grep -qF "$IPV4_SUCCESS_2" $LOGFILE && grep -qF "$IPV6_SUCCESS_1" $LOGFILE && grep -qF "$IPV6_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
@@ -96,7 +96,7 @@ echo "started in $(( $(date +%s) - start )) seconds"
 wait_server "$PID"
 echo -n "Connecting to it with openconnect --protocol=nullppp... "
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $SWRESOLVE sockwrap:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV4_SUCCESS_1" $LOGFILE && grep -qF "$IPV4_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
@@ -117,7 +117,7 @@ echo "started in $(( $(date +%s) - start )) seconds"
 wait_server "$PID"
 echo -n "Connecting to it with openconnect --protocol=nullppp... "
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc" -Ss '' >/dev/null 2>&1
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $SWRESOLVE sockwrap:443 -u test $FINGERPRINT --cookie "hdlc" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV6_SUCCESS_1" $LOGFILE && grep -qF "$IPV6_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
-- 
2.51.0