summaryrefslogtreecommitdiff
path: root/smoketest/scripts
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-10-29 21:07:02 +0200
committerGitHub <noreply@github.com>2022-10-29 21:07:02 +0200
commit4d924de02cedd3a2a85cb6346c30f902bc2fa57c (patch)
treef7b50f5f0cb6b7ffe74b2a759235fa52a3d4c0e0 /smoketest/scripts
parent509ddb0a1d3f53131bc4eb7a405a8208d8f12c61 (diff)
parentc2ff9aa158b81fa66ce9c810e891ad25d4a7f14b (diff)
downloadvyos-1x-4d924de02cedd3a2a85cb6346c30f902bc2fa57c.tar.gz
vyos-1x-4d924de02cedd3a2a85cb6346c30f902bc2fa57c.zip
Merge pull request #1621 from sarthurdev/T4774
wireguard: T4774: Prevent duplicate peer public keys
Diffstat (limited to 'smoketest/scripts')
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_wireguard.py10
1 files changed, 8 insertions, 2 deletions
diff --git a/smoketest/scripts/cli/test_interfaces_wireguard.py b/smoketest/scripts/cli/test_interfaces_wireguard.py
index f3e9670f7..14fc8d109 100755
--- a/smoketest/scripts/cli/test_interfaces_wireguard.py
+++ b/smoketest/scripts/cli/test_interfaces_wireguard.py
@@ -62,10 +62,10 @@ class WireGuardInterfaceTest(VyOSUnitTestSHIM.TestCase):
self.assertTrue(os.path.isdir(f'/sys/class/net/{intf}'))
-
def test_wireguard_add_remove_peer(self):
# T2939: Create WireGuard interfaces with associated peers.
# Remove one of the configured peers.
+ # T4774: Test prevention of duplicate peer public keys
interface = 'wg0'
port = '12345'
privkey = '6ISOkASm6VhHOOSz/5iIxw+Q9adq9zA17iMM4X40dlc='
@@ -80,11 +80,17 @@ class WireGuardInterfaceTest(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + [interface, 'peer', 'PEER01', 'allowed-ips', '10.205.212.10/32'])
self.cli_set(base_path + [interface, 'peer', 'PEER01', 'address', '192.0.2.1'])
- self.cli_set(base_path + [interface, 'peer', 'PEER02', 'public-key', pubkey_2])
+ self.cli_set(base_path + [interface, 'peer', 'PEER02', 'public-key', pubkey_1])
self.cli_set(base_path + [interface, 'peer', 'PEER02', 'port', port])
self.cli_set(base_path + [interface, 'peer', 'PEER02', 'allowed-ips', '10.205.212.11/32'])
self.cli_set(base_path + [interface, 'peer', 'PEER02', 'address', '192.0.2.2'])
+ # Duplicate pubkey_1
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ self.cli_set(base_path + [interface, 'peer', 'PEER02', 'public-key', pubkey_2])
+
# Commit peers
self.cli_commit()