Merge branch 'master' of github.com:vyos/vyos-smoketest into vyos-smoketest-integration (T2832)

* 'master' of github.com:vyos/vyos-smoketest: (153 commits)
  pppoe-server: test some more values
  lcd: adjust to cli changes
  lcd: adapt test to new CLI design
  pppoe-server: initial smoketest with local and radius auth
  pppoe: validate dhcpv6 client will be started
  wireless: validate hostapd/wpa_supplicant is running
  pppoe: sync to new dhcpv6-pd cli
  anyconnect: T2812: add basic testing
  ethernet: check interface disable state
  router-advert: check 'infinity' option in script logic
  ssh: config file is now volatile (moved to /run)
  ipv6: link-local: test address assignment on interfaces
  router-advert: add initial test
  mdns-repeater: add basic test
  pseudo-ethernet: extend smoketests with VIFs
  l2tpv3: add initial interface test
  wireless: use library function for loading kernel modules
  ethernet: test "ip" subtree of interface for e.g. ARP settings
  pppoe: use assertEqual()
  service: bcast-relay: add initial tests
  ...

1 files changed, 167 insertions, 0 deletions

diff --git a/smoketest/scripts/cli/test_service_pppoe-server.py b/smoketest/scripts/cli/test_service_pppoe-server.py
new file mode 100755
index 000000000..901ca792d
--- /dev/null
+++ b/smoketest/scripts/cli/test_service_pppoe-server.py
@@ -0,0 +1,167 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 020 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import re
+import os
+import unittest
+
+from configparser import ConfigParser
+from psutil import process_iter
+from vyos.configsession import ConfigSession
+from vyos.configsession import ConfigSessionError
+
+base_path = ['service', 'pppoe-server']
+local_if = ['interfaces', 'dummy', 'dum667']
+pppoe_conf = '/run/accel-pppd/pppoe.conf'
+
+ac_name = 'ACN'
+subnet = '172.18.0.0/24'
+gateway = '192.0.2.1'
+nameserver = '9.9.9.9'
+mtu = '1492'
+interface = 'eth0'
+
+class TestServicePPPoEServer(unittest.TestCase):
+    def setUp(self):
+        self.session = ConfigSession(os.getpid())
+        # ensure we can also run this test on a live system - so lets clean
+        # out the current configuration :)
+        self.session.delete(base_path)
+
+    def tearDown(self):
+        self.session.delete(base_path)
+        self.session.delete(local_if)
+        self.session.commit()
+        del self.session
+
+    def verify(self, conf):
+        # validate some common values in the configuration
+        for tmp in ['log_syslog', 'pppoe', 'chap-secrets', 'ippool', 'ipv6pool',
+                    'ipv6_nd', 'ipv6_dhcp', 'auth_mschap_v2', 'auth_mschap_v1',
+                    'auth_chap_md5', 'auth_pap', 'shaper']:
+            # Settings without values provide None
+            self.assertEqual(conf['modules'][tmp], None)
+
+        # check Access Concentrator setting
+        self.assertTrue(conf['pppoe']['ac-name'] == ac_name)
+        self.assertTrue(conf['pppoe'].getboolean('verbose'))
+        self.assertTrue(conf['pppoe']['interface'], interface)
+
+        # check configured subnet
+        self.assertEqual(conf['ip-pool'][subnet], None)
+        self.assertEqual(conf['ip-pool']['gw-ip-address'], gateway)
+
+        # check ppp
+        self.assertTrue(conf['ppp'].getboolean('verbose'))
+        self.assertTrue(conf['ppp'].getboolean('check-ip'))
+        self.assertEqual(conf['ppp']['min-mtu'], mtu)
+        self.assertEqual(conf['ppp']['mtu'], mtu)
+        self.assertEqual(conf['ppp']['lcp-echo-interval'], '30')
+        self.assertEqual(conf['ppp']['lcp-echo-timeout'], '0')
+        self.assertEqual(conf['ppp']['lcp-echo-failure'], '3')
+
+    def basic_config(self):
+        self.session.set(local_if + ['address', '192.0.2.1/32'])
+
+        self.session.set(base_path + ['access-concentrator', ac_name])
+        self.session.set(base_path + ['authentication', 'mode', 'local'])
+        self.session.set(base_path + ['client-ip-pool', 'subnet', subnet])
+        self.session.set(base_path + ['name-server', nameserver])
+        self.session.set(base_path + ['interface', interface])
+        self.session.set(base_path + ['local-ip', gateway])
+
+    def test_local_auth(self):
+        """ Test configuration of local authentication for PPPoE server """
+        self.basic_config()
+        # authentication
+        self.session.set(base_path + ['authentication', 'local-users', 'username', 'vyos', 'password', 'vyos'])
+        self.session.set(base_path + ['authentication', 'mode', 'local'])
+        # other settings
+        self.session.set(base_path + ['ppp-options', 'ccp'])
+        self.session.set(base_path + ['ppp-options', 'mppe', 'require'])
+        self.session.set(base_path + ['limits', 'connection-limit', '20/min'])
+
+        # commit changes
+        self.session.commit()
+
+        # Validate configuration values
+        conf = ConfigParser(allow_no_value=True)
+        conf.read(pppoe_conf)
+
+        # basic verification
+        self.verify(conf)
+
+        # check auth
+        self.assertEqual(conf['chap-secrets']['chap-secrets'], '/run/accel-pppd/pppoe.chap-secrets')
+        self.assertEqual(conf['chap-secrets']['gw-ip-address'], gateway)
+
+        # check pado
+        self.assertEqual(conf['ppp']['mppe'], 'require')
+        self.assertTrue(conf['ppp'].getboolean('ccp'))
+
+        # check other settings
+        self.assertEqual(conf['connlimit']['limit'], '20/min')
+
+        # Check for running process
+        self.assertTrue('accel-pppd' in (p.name() for p in process_iter()))
+
+    def test_radius_auth(self):
+        """ Test configuration of RADIUS authentication for PPPoE server """
+        radius_server = '192.0.2.22'
+        radius_key = 'secretVyOS'
+        radius_port = '2000'
+        radius_port_acc = '3000'
+
+        self.basic_config()
+        self.session.set(base_path + ['authentication', 'radius', 'server', radius_server, 'key', radius_key])
+        self.session.set(base_path + ['authentication', 'radius', 'server', radius_server, 'port', radius_port])
+        self.session.set(base_path + ['authentication', 'radius', 'server', radius_server, 'acct-port', radius_port_acc])
+        self.session.set(base_path + ['authentication', 'mode', 'radius'])
+
+        # commit changes
+        self.session.commit()
+
+        # Validate configuration values
+        conf = ConfigParser(allow_no_value=True)
+        conf.read(pppoe_conf)
+
+        # basic verification
+        self.verify(conf)
+
+        # check auth
+        self.assertTrue(conf['radius'].getboolean('verbose'))
+        self.assertTrue(conf['radius']['acct-timeout'], '3')
+        self.assertTrue(conf['radius']['timeout'], '3')
+        self.assertTrue(conf['radius']['max-try'], '3')
+        self.assertTrue(conf['radius']['gw-ip-address'], gateway)
+
+        server = conf['radius']['server'].split(',')
+        self.assertEqual(radius_server, server[0])
+        self.assertEqual(radius_key, server[1])
+        self.assertEqual(f'auth-port={radius_port}', server[2])
+        self.assertEqual(f'acct-port={radius_port_acc}', server[3])
+        self.assertEqual(f'req-limit=0', server[4])
+        self.assertEqual(f'fail-time=0', server[5])
+
+        # check defaults
+        self.assertEqual(conf['ppp']['mppe'], 'prefer')
+        self.assertFalse(conf['ppp'].getboolean('ccp'))
+
+        # Check for running process
+        self.assertTrue('accel-pppd' in (p.name() for p in process_iter()))
+
+if __name__ == '__main__':
+    unittest.main()