summaryrefslogtreecommitdiff
path: root/smoketest/scripts
diff options
context:
space:
mode:
authorsarthurdev <965089+sarthurdev@users.noreply.github.com>2022-10-27 22:37:42 +0200
committersarthurdev <965089+sarthurdev@users.noreply.github.com>2022-10-28 00:48:32 +0200
commitc2ff9aa158b81fa66ce9c810e891ad25d4a7f14b (patch)
treec961287bca034d543c01271c692b0dc74e9608ff /smoketest/scripts
parenta61e1a78fe116bb44fe55be3493de7c4dbe8db97 (diff)
downloadvyos-1x-c2ff9aa158b81fa66ce9c810e891ad25d4a7f14b.tar.gz
vyos-1x-c2ff9aa158b81fa66ce9c810e891ad25d4a7f14b.zip
wireguard: T4774: Prevent duplicate peer public keys
Diffstat (limited to 'smoketest/scripts')
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_wireguard.py10
1 files changed, 8 insertions, 2 deletions
diff --git a/smoketest/scripts/cli/test_interfaces_wireguard.py b/smoketest/scripts/cli/test_interfaces_wireguard.py
index f3e9670f7..14fc8d109 100755
--- a/smoketest/scripts/cli/test_interfaces_wireguard.py
+++ b/smoketest/scripts/cli/test_interfaces_wireguard.py
@@ -62,10 +62,10 @@ class WireGuardInterfaceTest(VyOSUnitTestSHIM.TestCase):
self.assertTrue(os.path.isdir(f'/sys/class/net/{intf}'))
-
def test_wireguard_add_remove_peer(self):
# T2939: Create WireGuard interfaces with associated peers.
# Remove one of the configured peers.
+ # T4774: Test prevention of duplicate peer public keys
interface = 'wg0'
port = '12345'
privkey = '6ISOkASm6VhHOOSz/5iIxw+Q9adq9zA17iMM4X40dlc='
@@ -80,11 +80,17 @@ class WireGuardInterfaceTest(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + [interface, 'peer', 'PEER01', 'allowed-ips', '10.205.212.10/32'])
self.cli_set(base_path + [interface, 'peer', 'PEER01', 'address', '192.0.2.1'])
- self.cli_set(base_path + [interface, 'peer', 'PEER02', 'public-key', pubkey_2])
+ self.cli_set(base_path + [interface, 'peer', 'PEER02', 'public-key', pubkey_1])
self.cli_set(base_path + [interface, 'peer', 'PEER02', 'port', port])
self.cli_set(base_path + [interface, 'peer', 'PEER02', 'allowed-ips', '10.205.212.11/32'])
self.cli_set(base_path + [interface, 'peer', 'PEER02', 'address', '192.0.2.2'])
+ # Duplicate pubkey_1
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ self.cli_set(base_path + [interface, 'peer', 'PEER02', 'public-key', pubkey_2])
+
# Commit peers
self.cli_commit()