diff options
Diffstat (limited to 'smoketest/scripts/cli')
| -rwxr-xr-x | smoketest/scripts/cli/test_protocols_rpki.py | 25 | ||||
| -rwxr-xr-x | smoketest/scripts/cli/test_vpn_l2tp.py | 2 | ||||
| -rwxr-xr-x | smoketest/scripts/cli/test_vpn_pptp.py | 160 |
3 files changed, 15 insertions, 172 deletions
diff --git a/smoketest/scripts/cli/test_protocols_rpki.py b/smoketest/scripts/cli/test_protocols_rpki.py index b43c626c4..c52c0dd76 100755 --- a/smoketest/scripts/cli/test_protocols_rpki.py +++ b/smoketest/scripts/cli/test_protocols_rpki.py @@ -52,27 +52,28 @@ class TestProtocolsRPKI(VyOSUnitTestSHIM.TestCase): self.assertEqual(self.daemon_pid, process_named_running(PROCESS_NAME)) def test_rpki(self): - polling = '7200' + expire_interval = '3600' + polling_period = '600' + retry_interval = '300' cache = { '192.0.2.1' : { 'port' : '8080', - 'preference' : '1' - }, - '192.0.2.2' : { - 'port' : '9090', - 'preference' : '2' + 'preference' : '10' }, '2001:db8::1' : { 'port' : '1234', - 'preference' : '3' + 'preference' : '30' }, - '2001:db8::2' : { + 'rpki.vyos.net' : { 'port' : '5678', - 'preference' : '4' + 'preference' : '40' }, } - self.cli_set(base_path + ['polling-period', polling]) + self.cli_set(base_path + ['expire-interval', expire_interval]) + self.cli_set(base_path + ['polling-period', polling_period]) + self.cli_set(base_path + ['retry-interval', retry_interval]) + for peer, peer_config in cache.items(): self.cli_set(base_path + ['cache', peer, 'port', peer_config['port']]) self.cli_set(base_path + ['cache', peer, 'preference', peer_config['preference']]) @@ -82,7 +83,9 @@ class TestProtocolsRPKI(VyOSUnitTestSHIM.TestCase): # Verify FRR configuration frrconfig = self.getFRRconfig('rpki') - self.assertIn(f'rpki polling_period {polling}', frrconfig) + self.assertIn(f'rpki expire_interval {expire_interval}', frrconfig) + self.assertIn(f'rpki polling_period {polling_period}', frrconfig) + self.assertIn(f'rpki retry_interval {retry_interval}', frrconfig) for peer, peer_config in cache.items(): port = peer_config['port'] diff --git a/smoketest/scripts/cli/test_vpn_l2tp.py b/smoketest/scripts/cli/test_vpn_l2tp.py index e253f0e49..c3b5b500d 100755 --- a/smoketest/scripts/cli/test_vpn_l2tp.py +++ b/smoketest/scripts/cli/test_vpn_l2tp.py @@ -39,7 +39,7 @@ class TestVPNL2TPServer(BasicAccelPPPTest.TestCase): pass def test_l2tp_server_authentication_protocols(self): - # Test configuration of local authentication for PPPoE server + # Test configuration of local authentication protocols self.basic_config() # explicitly test mschap-v2 - no special reason diff --git a/smoketest/scripts/cli/test_vpn_pptp.py b/smoketest/scripts/cli/test_vpn_pptp.py index 40dcb7f80..ac46d210d 100755 --- a/smoketest/scripts/cli/test_vpn_pptp.py +++ b/smoketest/scripts/cli/test_vpn_pptp.py @@ -40,165 +40,5 @@ class TestVPNPPTPServer(BasicAccelPPPTest.TestCase): def basic_protocol_specific_config(self): pass - def test_accel_local_authentication(self): - # Test configuration of local authentication - self.basic_config() - - # upload / download limit - user = "test" - password = "test2" - static_ip = "100.100.100.101" - upload = "5000" - download = "10000" - - self.set( - [ - "authentication", - "local-users", - "username", - user, - "password", - password, - ] - ) - self.set( - [ - "authentication", - "local-users", - "username", - user, - "static-ip", - static_ip, - ] - ) - - # commit changes - self.cli_commit() - - # Validate configuration values - conf = ConfigParser(allow_no_value=True, delimiters="=", strict=False) - conf.read(self._config_file) - - # check proper path to chap-secrets file - self.assertEqual(conf["chap-secrets"]["chap-secrets"], self._chap_secrets) - - # basic verification - self.verify(conf) - - # check local users - tmp = cmd(f"sudo cat {self._chap_secrets}") - regex = f"{user}\s+\*\s+{password}\s+{static_ip}\s" - tmp = re.findall(regex, tmp) - self.assertTrue(tmp) - - # Check local-users default value(s) - self.delete(["authentication", "local-users", "username", user, "static-ip"]) - # commit changes - self.cli_commit() - - # check local users - tmp = cmd(f"sudo cat {self._chap_secrets}") - regex = f"{user}\s+\*\s+{password}\s+\*\s" - tmp = re.findall(regex, tmp) - self.assertTrue(tmp) - - def test_accel_radius_authentication(self): - # Test configuration of RADIUS authentication for PPPoE server - self.basic_config() - - radius_server = "192.0.2.22" - radius_key = "secretVyOS" - radius_port = "2000" - radius_port_acc = "3000" - - self.set(["authentication", "mode", "radius"]) - self.set( - ["authentication", "radius", "server", radius_server, "key", radius_key] - ) - self.set( - [ - "authentication", - "radius", - "server", - radius_server, - "port", - radius_port, - ] - ) - self.set( - [ - "authentication", - "radius", - "server", - radius_server, - "acct-port", - radius_port_acc, - ] - ) - - nas_id = "VyOS-PPPoE" - nas_ip = "7.7.7.7" - self.set(["authentication", "radius", "nas-identifier", nas_id]) - self.set(["authentication", "radius", "nas-ip-address", nas_ip]) - - source_address = "1.2.3.4" - self.set(["authentication", "radius", "source-address", source_address]) - - # commit changes - self.cli_commit() - - # Validate configuration values - conf = ConfigParser(allow_no_value=True, delimiters="=", strict=False) - conf.read(self._config_file) - - # basic verification - self.verify(conf) - - # check auth - self.assertTrue(conf["radius"].getboolean("verbose")) - self.assertEqual(conf["radius"]["acct-timeout"], "30") - self.assertEqual(conf["radius"]["timeout"], "30") - self.assertEqual(conf["radius"]["max-try"], "3") - - self.assertEqual(conf["radius"]["nas-identifier"], nas_id) - self.assertEqual(conf["radius"]["nas-ip-address"], nas_ip) - self.assertEqual(conf["radius"]["bind"], source_address) - - server = conf["radius"]["server"].split(",") - self.assertEqual(radius_server, server[0]) - self.assertEqual(radius_key, server[1]) - self.assertEqual(f"auth-port={radius_port}", server[2]) - self.assertEqual(f"acct-port={radius_port_acc}", server[3]) - self.assertEqual(f"req-limit=0", server[4]) - self.assertEqual(f"fail-time=0", server[5]) - - # - # Disable Radius Accounting - # - self.delete(["authentication", "radius", "server", radius_server, "acct-port"]) - self.set( - [ - "authentication", - "radius", - "server", - radius_server, - "disable-accounting", - ] - ) - - # commit changes - self.cli_commit() - - conf.read(self._config_file) - - server = conf["radius"]["server"].split(",") - self.assertEqual(radius_server, server[0]) - self.assertEqual(radius_key, server[1]) - self.assertEqual(f"auth-port={radius_port}", server[2]) - self.assertEqual(f"acct-port=0", server[3]) - self.assertEqual(f"req-limit=0", server[4]) - self.assertEqual(f"fail-time=0", server[5]) - - if __name__ == '__main__': unittest.main(verbosity=2) |