From 4b219bbf1b3529ef285bb5b7bd3ff1292bfc9541 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 21 Nov 2020 22:06:44 +0100 Subject: smoketest: openvpn: T3060: verify authentication username and password --- smoketest/scripts/cli/test_interfaces_openvpn.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'smoketest/scripts') diff --git a/smoketest/scripts/cli/test_interfaces_openvpn.py b/smoketest/scripts/cli/test_interfaces_openvpn.py index 41e48c2f8..3ca603877 100755 --- a/smoketest/scripts/cli/test_interfaces_openvpn.py +++ b/smoketest/scripts/cli/test_interfaces_openvpn.py @@ -131,6 +131,12 @@ class TestInterfacesOpenVPN(unittest.TestCase): self.session.set(path + ['tls', 'cert-file', ssl_cert]) self.session.set(path + ['tls', 'key-file', ssl_key]) + # check validate() - can not have auth username without a password + self.session.set(path + ['authentication', 'username', 'vyos']) + with self.assertRaises(ConfigSessionError): + self.session.commit() + self.session.set(path + ['authentication', 'password', 'vyos']) + # client commit must pass self.session.commit() @@ -162,6 +168,8 @@ class TestInterfacesOpenVPN(unittest.TestCase): self.session.set(path + ['tls', 'cert-file', ssl_cert]) self.session.set(path + ['tls', 'key-file', ssl_key]) self.session.set(path + ['vrf', vrf_name]) + self.session.set(path + ['authentication', 'username', interface+'user']) + self.session.set(path + ['authentication', 'password', interface+'secretpw']) self.session.commit() @@ -169,6 +177,7 @@ class TestInterfacesOpenVPN(unittest.TestCase): interface = f'vtun{ii}' remote_host = f'192.0.2.{ii}' config_file = f'/run/openvpn/{interface}.conf' + pw_file = f'/run/openvpn/{interface}.pw' config = read_file(config_file) self.assertIn(f'dev {interface}', config) @@ -189,6 +198,10 @@ class TestInterfacesOpenVPN(unittest.TestCase): self.assertEqual(get_vrf(interface), vrf_name) self.assertIn(interface, interfaces()) + pw = cmd(f'sudo cat {pw_file}') + self.assertIn(f'{interface}user', pw) + self.assertIn(f'{interface}secretpw', pw) + # check that no interface remained after deleting them self.session.delete(base_path) self.session.commit() -- cgit v1.2.3