summaryrefslogtreecommitdiff
path: root/smoketest/scripts
diff options
context:
space:
mode:
authorMarcus Hoff <marcus.hoff@ring2.dk>2020-09-20 11:59:32 +0200
committerMarcus Hoff <marcus.hoff@ring2.dk>2020-09-20 11:59:32 +0200
commit45b30adfaaec7065f768d04085138a75a76ed376 (patch)
treea9cd47236468077141eee56068ba23027b0d4c7d /smoketest/scripts
parent46fb580fa0131f6815bbcfc95631654f6fe999a8 (diff)
parente0797331774a02ca23e8363fbcfe5a49fb3ca2bd (diff)
downloadvyos-1x-45b30adfaaec7065f768d04085138a75a76ed376.tar.gz
vyos-1x-45b30adfaaec7065f768d04085138a75a76ed376.zip
Merge remote-tracking branch 'upstream/current' into current
Diffstat (limited to 'smoketest/scripts')
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_bonding.py35
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_wireless.py87
-rwxr-xr-xsmoketest/scripts/cli/test_service_ssh.py2
-rwxr-xr-xsmoketest/scripts/cli/test_system_acceleration_qat.py47
-rwxr-xr-xsmoketest/scripts/cli/test_system_login.py70
-rwxr-xr-xsmoketest/scripts/cli/test_vpn_openconnect.py (renamed from smoketest/scripts/cli/test_vpn_anyconnect.py)6
6 files changed, 240 insertions, 7 deletions
diff --git a/smoketest/scripts/cli/test_interfaces_bonding.py b/smoketest/scripts/cli/test_interfaces_bonding.py
index e3d3b25ee..ac5e01e50 100755
--- a/smoketest/scripts/cli/test_interfaces_bonding.py
+++ b/smoketest/scripts/cli/test_interfaces_bonding.py
@@ -20,6 +20,7 @@ import unittest
from base_interfaces_test import BasicInterfaceTest
from vyos.ifconfig import Section
+from vyos.ifconfig.interface import Interface
from vyos.configsession import ConfigSessionError
from vyos.util import read_file
@@ -57,5 +58,39 @@ class BondingInterfaceTest(BasicInterfaceTest.BaseTest):
slaves = read_file(f'/sys/class/net/{interface}/bonding/slaves').split()
self.assertListEqual(slaves, self._members)
+ def test_8021q_vlan(self):
+ """ Testcase for 802.1q VLAN interfaces created on top of a lacp / bond
+ interface. This is the testcase for T2894 """
+ super().test_8021q_vlan()
+
+ for interface in self._interfaces:
+ slaves = read_file(f'/sys/class/net/{interface}/bonding/slaves').split()
+ self.assertListEqual(slaves, self._members)
+
+ def test_remove_member(self):
+ """ T2515: when removing a bond member the previously enslaved/member
+ interface must be in its former admin-up/down state. Here we ensure that
+ it is admin-up as it was admin-up before. """
+
+ # configure member interfaces
+ for interface in self._interfaces:
+ for option in self._options.get(interface, []):
+ self.session.set(self._base_path + [interface] + option.split())
+
+ self.session.commit()
+
+ # remove single bond member port
+ for interface in self._interfaces:
+ remove_member = self._members[0]
+ self.session.delete(self._base_path + [interface, 'member', 'interface', remove_member])
+
+ self.session.commit()
+
+ # removed member port must be admin-up
+ for interface in self._interfaces:
+ remove_member = self._members[0]
+ state = Interface(remove_member).get_admin_state()
+ self.assertEqual('up', state)
+
if __name__ == '__main__':
unittest.main()
diff --git a/smoketest/scripts/cli/test_interfaces_wireless.py b/smoketest/scripts/cli/test_interfaces_wireless.py
index fae233244..691f633b7 100755
--- a/smoketest/scripts/cli/test_interfaces_wireless.py
+++ b/smoketest/scripts/cli/test_interfaces_wireless.py
@@ -15,11 +15,19 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
+import re
import unittest
from base_interfaces_test import BasicInterfaceTest
from psutil import process_iter
+
from vyos.util import check_kmod
+from vyos.util import read_file
+
+def get_config_value(interface, key):
+ tmp = read_file(f'/run/hostapd/{interface}.conf')
+ tmp = re.findall(r'\n?{}=+(.*)'.format(key), tmp)
+ return tmp[0]
class WirelessInterfaceTest(BasicInterfaceTest.BaseTest):
def setUp(self):
@@ -53,6 +61,85 @@ class WirelessInterfaceTest(BasicInterfaceTest.BaseTest):
else:
self.assertTrue(False)
+ def test_hostapd_config(self):
+ """ Check if hostapd config is properly generated """
+
+ # Only set the hostapd (access-point) options
+ interface = 'wlan0'
+ phy = 'phy0'
+ ssid = 'ssid'
+ channel = '1'
+
+ self.session.set(self._base_path + [interface, 'physical-device', phy])
+ self.session.set(self._base_path + [interface, 'ssid', ssid])
+ self.session.set(self._base_path + [interface, 'type', 'access-point'])
+ self.session.set(self._base_path + [interface, 'channel', channel])
+ # auto-powersave is special
+ self.session.set(self._base_path + [interface, 'capabilities', 'ht', 'auto-powersave'])
+
+ ht_opt = {
+ # VyOS CLI option hostapd - ht_capab setting
+ '40mhz-incapable' : '[40-INTOLERANT]',
+ 'delayed-block-ack' : '[DELAYED-BA]',
+ 'greenfield' : '[GF]',
+ 'ldpc' : '[LDPC]',
+ 'lsig-protection' : '[LSIG-TXOP-PROT]',
+ 'channel-set-width ht40+' : '[HT40+]',
+ 'stbc tx' : '[TX-STBC]',
+ 'stbc rx 123' : '[RX-STBC-123]',
+ 'max-amsdu 7935' : '[MAX-AMSDU-7935]',
+ 'smps static' : '[SMPS-STATIC]',
+ }
+ for key in ht_opt:
+ self.session.set(self._base_path + [interface, 'capabilities', 'ht'] + key.split())
+
+ vht_opt = {
+ # VyOS CLI option hostapd - ht_capab setting
+ 'stbc tx' : '[TX-STBC-2BY1]',
+ 'stbc rx 12' : '[RX-STBC-12]',
+ 'ldpc' : '[RXLDPC]',
+ 'tx-powersave' : '[VHT-TXOP-PS]',
+ 'vht-cf' : '[HTC-VHT]',
+ 'antenna-pattern-fixed' : '[RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN]',
+ 'max-mpdu 11454' : '[MAX-MPDU-11454]',
+ 'max-mpdu-exp 2' : '[MAX-A-MPDU-LEN-EXP-2][VHT160]',
+ 'link-adaptation both' : '[VHT-LINK-ADAPT3]',
+ 'short-gi 80' : '[SHORT-GI-80]',
+ 'short-gi 160' : '[SHORT-GI-160]',
+ }
+ for key in vht_opt:
+ self.session.set(self._base_path + [interface, 'capabilities', 'vht'] + key.split())
+
+ self.session.commit()
+
+ #
+ # Validate Config
+ #
+
+ # ssid
+ tmp = get_config_value(interface, 'ssid')
+ self.assertEqual(ssid, tmp)
+
+ # channel
+ tmp = get_config_value(interface, 'channel')
+ self.assertEqual(channel, tmp)
+
+ # auto-powersave is special
+ tmp = get_config_value(interface, 'uapsd_advertisement_enabled')
+ self.assertEqual('1', tmp)
+
+ tmp = get_config_value(interface, 'ht_capab')
+ for key, value in ht_opt.items():
+ self.assertIn(value, tmp)
+
+ tmp = get_config_value(interface, 'vht_capab')
+ for key, value in vht_opt.items():
+ self.assertIn(value, tmp)
+
+ # Check for running process
+ self.assertIn('hostapd', (p.name() for p in process_iter()))
+
+
if __name__ == '__main__':
check_kmod('mac80211_hwsim')
unittest.main()
diff --git a/smoketest/scripts/cli/test_service_ssh.py b/smoketest/scripts/cli/test_service_ssh.py
index 1038b8775..79850fe44 100755
--- a/smoketest/scripts/cli/test_service_ssh.py
+++ b/smoketest/scripts/cli/test_service_ssh.py
@@ -27,7 +27,7 @@ base_path = ['service', 'ssh']
def get_config_value(key):
tmp = read_file(SSHD_CONF)
- tmp = re.findall(r'\n?{}\s+(.*)'.format(key), tmp)
+ tmp = re.findall(f'\n?{key}\s+(.*)', tmp)
return tmp
def is_service_running():
diff --git a/smoketest/scripts/cli/test_system_acceleration_qat.py b/smoketest/scripts/cli/test_system_acceleration_qat.py
new file mode 100755
index 000000000..c937c810e
--- /dev/null
+++ b/smoketest/scripts/cli/test_system_acceleration_qat.py
@@ -0,0 +1,47 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2020 Francois Mertz fireboxled@gmail.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import os
+import unittest
+
+from vyos.configsession import ConfigSession
+from vyos.configsession import ConfigSessionError
+
+base_path = ['system', 'acceleration', 'qat']
+
+class TestSystemLCD(unittest.TestCase):
+ def setUp(self):
+ self.session = ConfigSession(os.getpid())
+
+ def tearDown(self):
+ self.session.delete(base_path)
+ self.session.commit()
+ del self.session
+
+ def test_basic(self):
+ """ Check if configuration script is in place and that the config
+ script throws an error as QAT device is not present in Qemu. This *must*
+ be extended with QAT autodetection once run on a QAT enabled device """
+
+ # configure some system display
+ self.session.set(base_path)
+
+ # An error must be thrown if QAT device could not be found
+ with self.assertRaises(ConfigSessionError):
+ self.session.commit()
+
+if __name__ == '__main__':
+ unittest.main()
diff --git a/smoketest/scripts/cli/test_system_login.py b/smoketest/scripts/cli/test_system_login.py
index 3c4b1fa28..48ae78ccf 100755
--- a/smoketest/scripts/cli/test_system_login.py
+++ b/smoketest/scripts/cli/test_system_login.py
@@ -16,11 +16,15 @@
import os
import re
+import platform
import unittest
+from platform import release as kernel_version
from subprocess import Popen, PIPE
-from vyos.configsession import ConfigSession, ConfigSessionError
-import vyos.util as util
+
+from vyos.configsession import ConfigSession
+from vyos.util import cmd
+from vyos.util import read_file
base_path = ['system', 'login']
users = ['vyos1', 'vyos2']
@@ -37,7 +41,7 @@ class TestSystemLogin(unittest.TestCase):
self.session.commit()
del self.session
- def test_user(self):
+ def test_local_user(self):
""" Check if user can be created and we can SSH to localhost """
self.session.set(['service', 'ssh', 'port', '22'])
@@ -63,5 +67,65 @@ class TestSystemLogin(unittest.TestCase):
# b'Linux vyos 4.19.101-amd64-vyos #1 SMP Sun Feb 2 10:18:07 UTC 2020 x86_64 GNU/Linux\n'
self.assertTrue(len(stdout) > 40)
+ def test_radius_kernel_features(self):
+ """ T2886: RADIUS requires some Kernel options to be present """
+ kernel = platform.release()
+ kernel_config = read_file(f'/boot/config-{kernel}')
+
+ # T2886 - RADIUS authentication - check for statically compiled
+ # options (=y)
+ for option in ['CONFIG_AUDIT', 'CONFIG_HAVE_ARCH_AUDITSYSCALL',
+ 'CONFIG_AUDITSYSCALL', 'CONFIG_AUDIT_WATCH',
+ 'CONFIG_AUDIT_TREE', 'CONFIG_AUDIT_ARCH']:
+ self.assertIn(f'{option}=y', kernel_config)
+
+ def test_radius_config(self):
+ """ Verify generated RADIUS configuration files """
+
+ radius_key = 'VyOSsecretVyOS'
+ radius_server = '172.16.100.10'
+ radius_source = '127.0.0.1'
+ radius_port = '2000'
+ radius_timeout = '1'
+
+ self.session.set(base_path + ['radius', 'server', radius_server, 'key', radius_key])
+ self.session.set(base_path + ['radius', 'server', radius_server, 'port', radius_port])
+ self.session.set(base_path + ['radius', 'server', radius_server, 'timeout', radius_timeout])
+ self.session.set(base_path + ['radius', 'source-address', radius_source])
+
+ self.session.commit()
+
+ # this file must be read with higher permissions
+ pam_radius_auth_conf = cmd('sudo cat /etc/pam_radius_auth.conf')
+ tmp = re.findall(r'\n?{}:{}\s+{}\s+{}\s+{}'.format(radius_server,
+ radius_port, radius_key, radius_timeout,
+ radius_source), pam_radius_auth_conf)
+ self.assertTrue(tmp)
+
+ # required, static options
+ self.assertIn('priv-lvl 15', pam_radius_auth_conf)
+ self.assertIn('mapped_priv_user radius_priv_user', pam_radius_auth_conf)
+
+ # PAM
+ pam_common_account = read_file('/etc/pam.d/common-account')
+ self.assertIn('pam_radius_auth.so', pam_common_account)
+
+ pam_common_auth = read_file('/etc/pam.d/common-auth')
+ self.assertIn('pam_radius_auth.so', pam_common_auth)
+
+ pam_common_session = read_file('/etc/pam.d/common-session')
+ self.assertIn('pam_radius_auth.so', pam_common_session)
+
+ pam_common_session_noninteractive = read_file('/etc/pam.d/common-session-noninteractive')
+ self.assertIn('pam_radius_auth.so', pam_common_session_noninteractive)
+
+ # NSS
+ nsswitch_conf = read_file('/etc/nsswitch.conf')
+ tmp = re.findall(r'passwd:\s+mapuid\s+files\s+mapname', nsswitch_conf)
+ self.assertTrue(tmp)
+
+ tmp = re.findall(r'group:\s+mapname\s+files', nsswitch_conf)
+ self.assertTrue(tmp)
+
if __name__ == '__main__':
unittest.main()
diff --git a/smoketest/scripts/cli/test_vpn_anyconnect.py b/smoketest/scripts/cli/test_vpn_openconnect.py
index dd8ab1609..d2b82d686 100755
--- a/smoketest/scripts/cli/test_vpn_anyconnect.py
+++ b/smoketest/scripts/cli/test_vpn_openconnect.py
@@ -23,16 +23,16 @@ from vyos.configsession import ConfigSession, ConfigSessionError
from vyos.util import read_file
OCSERV_CONF = '/run/ocserv/ocserv.conf'
-base_path = ['vpn', 'anyconnect']
+base_path = ['vpn', 'openconnect']
cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
cert_key = '/etc/ssl/private/ssl-cert-snakeoil.key'
-class TestVpnAnyconnect(unittest.TestCase):
+class TestVpnOpenconnect(unittest.TestCase):
def setUp(self):
self.session = ConfigSession(os.getpid())
def tearDown(self):
- # Delete vpn anyconnect configuration
+ # Delete vpn openconnect configuration
self.session.delete(base_path)
self.session.commit()