From 945dacc0d136bf4e2dfe593d8d9809262d0cfeaa Mon Sep 17 00:00:00 2001
From: Giga Murphy <giga1699@gmail.com>
Date: Tue, 21 Nov 2023 13:59:20 -0500
Subject: macsec: T5770: enable iproute2 "encrypt on" stanza
(cherry picked from commit a7a90e81ad03ec33acb32beeab71dbd5f27a2044)
---
smoketest/scripts/cli/test_interfaces_macsec.py | 26 +++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
(limited to 'smoketest')
diff --git a/smoketest/scripts/cli/test_interfaces_macsec.py b/smoketest/scripts/cli/test_interfaces_macsec.py
index ea0f00071..6e57fdfd4 100755
--- a/smoketest/scripts/cli/test_interfaces_macsec.py
+++ b/smoketest/scripts/cli/test_interfaces_macsec.py
@@ -14,7 +14,6 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-import os
import re
import unittest
@@ -26,6 +25,7 @@ from vyos.ifconfig import Section
from vyos.utils.process import cmd
from vyos.utils.file import read_file
from vyos.utils.network import get_interface_config
+from vyos.utils.network import interface_exists
from vyos.utils.process import process_named_running
PROCESS_NAME = 'wpa_supplicant'
@@ -35,10 +35,6 @@ def get_config_value(interface, key):
tmp = re.findall(r'\n?{}=(.*)'.format(key), tmp)
return tmp[0]
-def get_cipher(interface):
- tmp = get_interface_config(interface)
- return tmp['linkinfo']['info_data']['cipher_suite'].lower()
-
class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
@classmethod
def setUpClass(cls):
@@ -117,6 +113,10 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
tmp = read_file(f'/sys/class/net/{interface}/mtu')
self.assertEqual(tmp, '1460')
+ # Encryption enabled?
+ tmp = get_interface_config(interface)
+ self.assertTrue(tmp['linkinfo']['info_data']['encrypt'])
+
# Check for running process
self.assertTrue(process_named_running(PROCESS_NAME))
@@ -141,7 +141,8 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
self.assertIn(interface, interfaces())
# Verify proper cipher suite (T4537)
- self.assertEqual(cipher, get_cipher(interface))
+ tmp = get_interface_config(interface)
+ self.assertEqual(cipher, tmp['linkinfo']['info_data']['cipher_suite'].lower())
def test_macsec_gcm_aes_256(self):
src_interface = 'eth0'
@@ -164,7 +165,8 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
self.assertIn(interface, interfaces())
# Verify proper cipher suite (T4537)
- self.assertEqual(cipher, get_cipher(interface))
+ tmp = get_interface_config(interface)
+ self.assertEqual(cipher, tmp['linkinfo']['info_data']['cipher_suite'].lower())
def test_macsec_source_interface(self):
# Ensure source-interface can bot be part of any other bond or bridge
@@ -205,7 +207,7 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
peer_mac = '00:11:22:33:44:55'
self.cli_set(self._base_path + [interface])
- # Encrypt link
+ # Encrypt link
self.cli_set(self._base_path + [interface, 'security', 'encrypt'])
# check validate() - source interface is mandatory
@@ -262,8 +264,12 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
# final commit and verify
self.cli_commit()
self.assertIn(interface, interfaces())
- self.assertEqual(cipher2, get_cipher(interface))
- self.assertTrue(os.path.isdir(f'/sys/class/net/{interface}'))
+ self.assertTrue(interface_exists(interface))
+
+ tmp = get_interface_config(interface)
+ self.assertEqual(cipher, tmp['linkinfo']['info_data']['cipher_suite'].lower())
+ # Encryption enabled?
+ self.assertTrue(tmp['linkinfo']['info_data']['encrypt'])
if __name__ == '__main__':
unittest.main(verbosity=2)
--
cgit v1.2.3
From 1f7968d032df2a86069b739416d1ca50501aa491 Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Tue, 21 Nov 2023 21:18:17 +0100
Subject: smoketest: macsec: T5770: fix NameError: name 'cipher' is not defined
(cherry picked from commit 02a3e26e88f0ac3c7368e288769bfed38b41df46)
---
smoketest/scripts/cli/test_interfaces_macsec.py | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
(limited to 'smoketest')
diff --git a/smoketest/scripts/cli/test_interfaces_macsec.py b/smoketest/scripts/cli/test_interfaces_macsec.py
index 6e57fdfd4..d8d564792 100755
--- a/smoketest/scripts/cli/test_interfaces_macsec.py
+++ b/smoketest/scripts/cli/test_interfaces_macsec.py
@@ -22,10 +22,10 @@ from netifaces import interfaces
from vyos.configsession import ConfigSessionError
from vyos.ifconfig import Section
-from vyos.utils.process import cmd
from vyos.utils.file import read_file
from vyos.utils.network import get_interface_config
from vyos.utils.network import interface_exists
+from vyos.utils.process import cmd
from vyos.utils.process import process_named_running
PROCESS_NAME = 'wpa_supplicant'
@@ -138,7 +138,7 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
# final commit and verify
self.cli_commit()
- self.assertIn(interface, interfaces())
+ self.assertTrue(interface_exists(interface))
# Verify proper cipher suite (T4537)
tmp = get_interface_config(interface)
@@ -162,7 +162,7 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
# final commit and verify
self.cli_commit()
- self.assertIn(interface, interfaces())
+ self.assertTrue(interface_exists(interface))
# Verify proper cipher suite (T4537)
tmp = get_interface_config(interface)
@@ -193,7 +193,7 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
# final commit and verify
self.cli_commit()
- self.assertIn(interface, interfaces())
+ self.assertTrue(interface_exists(interface))
def test_macsec_static_keys(self):
src_interface = 'eth0'
@@ -263,11 +263,10 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
# final commit and verify
self.cli_commit()
- self.assertIn(interface, interfaces())
- self.assertTrue(interface_exists(interface))
+ self.assertTrue(interface_exists(interface))
tmp = get_interface_config(interface)
- self.assertEqual(cipher, tmp['linkinfo']['info_data']['cipher_suite'].lower())
+ self.assertEqual(cipher2, tmp['linkinfo']['info_data']['cipher_suite'].lower())
# Encryption enabled?
self.assertTrue(tmp['linkinfo']['info_data']['encrypt'])
--
cgit v1.2.3