openvpn: T4369: enforce daemon-restart on openvpn-option CLI change

(cherry picked from commit e36efa6b5df764982678a470b7aa82a33c1c369c)
author: Christian Poessinger <christian@poessinger.com> 2022-04-29 20:40:14 +0200
committer: Christian Poessinger <christian@poessinger.com> 2022-04-29 20:40:14 +0200
commit: dde78e8024dea260a506f31226d57a75d9516df4 (patch)
tree: c842092b83cec1be8d0a602441c6eedb0d69e28a /smoketest/scripts/cli/test_interfaces_openvpn.py
parent: 598e88f6d0e6ba743b128b0b8b6eb65f804a7e4c (diff)
download: vyos-1x-dde78e8024dea260a506f31226d57a75d9516df4.tar.gz
vyos-1x-dde78e8024dea260a506f31226d57a75d9516df4.zip
1 files changed, 38 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_interfaces_openvpn.py b/smoketest/scripts/cli/test_interfaces_openvpn.py
index 24df0af4d..55218ecac 100755
--- a/smoketest/scripts/cli/test_interfaces_openvpn.py
+++ b/smoketest/scripts/cli/test_interfaces_openvpn.py
@@ -607,6 +607,44 @@ class TestInterfacesOpenVPN(VyOSUnitTestSHIM.TestCase):
             interface = f'vtun{ii}'
             self.assertNotIn(interface, interfaces())
 
+    def test_openvpn_options(self):
+        # Ensure OpenVPN process restart on openvpn-option CLI node change
+
+        interface = 'vtun5001'
+        path = base_path + [interface]
+
+        self.cli_set(path + ['mode', 'site-to-site'])
+        self.cli_set(path + ['local-address', '10.0.0.2'])
+        self.cli_set(path + ['remote-address', '192.168.0.3'])
+        self.cli_set(path + ['shared-secret-key-file', s2s_key])
+
+        self.cli_commit()
+
+        # Now verify the OpenVPN "raw" option passing. Once an openvpn-option is
+        # added, modified or deleted from the CLI, OpenVPN daemon must be restarted
+        cur_pid = process_named_running('openvpn')
+        self.cli_set(path + ['openvpn-option', '--persist-tun'])
+        self.cli_commit()
+
+        # PID must be different as OpenVPN Must be restarted
+        new_pid = process_named_running('openvpn')
+        self.assertNotEqual(cur_pid, new_pid)
+        cur_pid = new_pid
+
+        self.cli_set(path + ['openvpn-option', '--persist-key'])
+        self.cli_commit()
+
+        # PID must be different as OpenVPN Must be restarted
+        new_pid = process_named_running('openvpn')
+        self.assertNotEqual(cur_pid, new_pid)
+        cur_pid = new_pid
+
+        self.cli_delete(path + ['openvpn-option'])
+        self.cli_commit()
+
+        # PID must be different as OpenVPN Must be restarted
+        new_pid = process_named_running('openvpn')
+        self.assertNotEqual(cur_pid, new_pid)
 
 if __name__ == '__main__':
     # Our SSL certificates need a subject ...
author	Christian Poessinger <christian@poessinger.com>	2022-04-29 20:40:14 +0200
committer	Christian Poessinger <christian@poessinger.com>	2022-04-29 20:40:14 +0200
commit	dde78e8024dea260a506f31226d57a75d9516df4 (patch)
tree	c842092b83cec1be8d0a602441c6eedb0d69e28a /smoketest/scripts/cli/test_interfaces_openvpn.py
parent	598e88f6d0e6ba743b128b0b8b6eb65f804a7e4c (diff)
download	vyos-1x-dde78e8024dea260a506f31226d57a75d9516df4.tar.gz vyos-1x-dde78e8024dea260a506f31226d57a75d9516df4.zip