summaryrefslogtreecommitdiff
path: root/smoketest
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-11-21 22:06:44 +0100
committerChristian Poessinger <christian@poessinger.com>2020-11-21 22:06:44 +0100
commit4b219bbf1b3529ef285bb5b7bd3ff1292bfc9541 (patch)
tree77c46ca9258c7d9d3fd9818a52578bf33b7766bb /smoketest
parented38b0dfc901ebafd597cc0f09400038f17cf058 (diff)
downloadvyos-1x-4b219bbf1b3529ef285bb5b7bd3ff1292bfc9541.tar.gz
vyos-1x-4b219bbf1b3529ef285bb5b7bd3ff1292bfc9541.zip
smoketest: openvpn: T3060: verify authentication username and password
Diffstat (limited to 'smoketest')
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_openvpn.py13
1 files changed, 13 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_interfaces_openvpn.py b/smoketest/scripts/cli/test_interfaces_openvpn.py
index 41e48c2f8..3ca603877 100755
--- a/smoketest/scripts/cli/test_interfaces_openvpn.py
+++ b/smoketest/scripts/cli/test_interfaces_openvpn.py
@@ -131,6 +131,12 @@ class TestInterfacesOpenVPN(unittest.TestCase):
self.session.set(path + ['tls', 'cert-file', ssl_cert])
self.session.set(path + ['tls', 'key-file', ssl_key])
+ # check validate() - can not have auth username without a password
+ self.session.set(path + ['authentication', 'username', 'vyos'])
+ with self.assertRaises(ConfigSessionError):
+ self.session.commit()
+ self.session.set(path + ['authentication', 'password', 'vyos'])
+
# client commit must pass
self.session.commit()
@@ -162,6 +168,8 @@ class TestInterfacesOpenVPN(unittest.TestCase):
self.session.set(path + ['tls', 'cert-file', ssl_cert])
self.session.set(path + ['tls', 'key-file', ssl_key])
self.session.set(path + ['vrf', vrf_name])
+ self.session.set(path + ['authentication', 'username', interface+'user'])
+ self.session.set(path + ['authentication', 'password', interface+'secretpw'])
self.session.commit()
@@ -169,6 +177,7 @@ class TestInterfacesOpenVPN(unittest.TestCase):
interface = f'vtun{ii}'
remote_host = f'192.0.2.{ii}'
config_file = f'/run/openvpn/{interface}.conf'
+ pw_file = f'/run/openvpn/{interface}.pw'
config = read_file(config_file)
self.assertIn(f'dev {interface}', config)
@@ -189,6 +198,10 @@ class TestInterfacesOpenVPN(unittest.TestCase):
self.assertEqual(get_vrf(interface), vrf_name)
self.assertIn(interface, interfaces())
+ pw = cmd(f'sudo cat {pw_file}')
+ self.assertIn(f'{interface}user', pw)
+ self.assertIn(f'{interface}secretpw', pw)
+
# check that no interface remained after deleting them
self.session.delete(base_path)
self.session.commit()