summaryrefslogtreecommitdiff
path: root/smoketest/scripts/cli/test_interfaces_openvpn.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-04-29 21:36:37 +0200
committerGitHub <noreply@github.com>2022-04-29 21:36:37 +0200
commitc9e362224a7209e78dcff989861f5c2b2be7bdad (patch)
treec842092b83cec1be8d0a602441c6eedb0d69e28a /smoketest/scripts/cli/test_interfaces_openvpn.py
parent2a2bb78fb1dc01a1adc454b637f92cd99f698db7 (diff)
parentdde78e8024dea260a506f31226d57a75d9516df4 (diff)
downloadvyos-1x-c9e362224a7209e78dcff989861f5c2b2be7bdad.tar.gz
vyos-1x-c9e362224a7209e78dcff989861f5c2b2be7bdad.zip
Merge pull request #1308 from c-po/t4369-openvpn-equuleus
openvpn: T4369: enforce daemon-restart on openvpn-option CLI change (equuleus)
Diffstat (limited to 'smoketest/scripts/cli/test_interfaces_openvpn.py')
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_openvpn.py38
1 files changed, 38 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_interfaces_openvpn.py b/smoketest/scripts/cli/test_interfaces_openvpn.py
index 24df0af4d..55218ecac 100755
--- a/smoketest/scripts/cli/test_interfaces_openvpn.py
+++ b/smoketest/scripts/cli/test_interfaces_openvpn.py
@@ -607,6 +607,44 @@ class TestInterfacesOpenVPN(VyOSUnitTestSHIM.TestCase):
interface = f'vtun{ii}'
self.assertNotIn(interface, interfaces())
+ def test_openvpn_options(self):
+ # Ensure OpenVPN process restart on openvpn-option CLI node change
+
+ interface = 'vtun5001'
+ path = base_path + [interface]
+
+ self.cli_set(path + ['mode', 'site-to-site'])
+ self.cli_set(path + ['local-address', '10.0.0.2'])
+ self.cli_set(path + ['remote-address', '192.168.0.3'])
+ self.cli_set(path + ['shared-secret-key-file', s2s_key])
+
+ self.cli_commit()
+
+ # Now verify the OpenVPN "raw" option passing. Once an openvpn-option is
+ # added, modified or deleted from the CLI, OpenVPN daemon must be restarted
+ cur_pid = process_named_running('openvpn')
+ self.cli_set(path + ['openvpn-option', '--persist-tun'])
+ self.cli_commit()
+
+ # PID must be different as OpenVPN Must be restarted
+ new_pid = process_named_running('openvpn')
+ self.assertNotEqual(cur_pid, new_pid)
+ cur_pid = new_pid
+
+ self.cli_set(path + ['openvpn-option', '--persist-key'])
+ self.cli_commit()
+
+ # PID must be different as OpenVPN Must be restarted
+ new_pid = process_named_running('openvpn')
+ self.assertNotEqual(cur_pid, new_pid)
+ cur_pid = new_pid
+
+ self.cli_delete(path + ['openvpn-option'])
+ self.cli_commit()
+
+ # PID must be different as OpenVPN Must be restarted
+ new_pid = process_named_running('openvpn')
+ self.assertNotEqual(cur_pid, new_pid)
if __name__ == '__main__':
# Our SSL certificates need a subject ...