From a8a019c4f318ba6ad2f83b9b4f605de3830c7b28 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sat, 12 Dec 2020 14:03:54 +0100
Subject: webproxy: T563: migrate from old Perl code to XML and
 get_config_dict()

Basic proxy functionality is working but the squidguard smoketest still fails
as this is yet not implemented.
---
 smoketest/scripts/cli/test_service_webproxy.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'smoketest/scripts')

diff --git a/smoketest/scripts/cli/test_service_webproxy.py b/smoketest/scripts/cli/test_service_webproxy.py
index dac5aa0dd..6f88a351d 100755
--- a/smoketest/scripts/cli/test_service_webproxy.py
+++ b/smoketest/scripts/cli/test_service_webproxy.py
@@ -127,7 +127,7 @@ class TestServiceWebProxy(unittest.TestCase):
         realm = 'VyOS Webproxy'
         ldap_base_dn = 'DC=vyos,DC=net'
         ldap_server = 'ldap.vyos.net'
-        ldap_bind_dn = 'CN=proxyuser,CN=Users,DC=example,DC=local'
+        ldap_bind_dn = f'CN=proxyuser,CN=Users,{ldap_base_dn}'
         ldap_password = 'VyOS12345'
         ldap_attr = 'cn'
         ldap_filter = '(cn=%s)'
@@ -156,6 +156,7 @@ class TestServiceWebProxy(unittest.TestCase):
 
         self.session.set(base_path + ['authentication', 'ldap', 'username-attribute', ldap_attr])
         self.session.set(base_path + ['authentication', 'ldap', 'filter-expression', ldap_filter])
+        self.session.set(base_path + ['authentication', 'ldap', 'use-ssl'])
 
         # commit changes
         self.session.commit()
@@ -166,8 +167,8 @@ class TestServiceWebProxy(unittest.TestCase):
         # Now verify LDAP settings
         self.assertIn(f'auth_param basic children {auth_children}', config)
         self.assertIn(f'auth_param basic credentialsttl {cred_ttl} minute', config)
-        self.assertIn(f'auth_param basic realm {realm}', config)
-        self.assertIn(f'auth_param basic program /usr/lib/squid/basic_ldap_auth -v 3 -b "{ldap_base_dn}" -D "{ldap_bind_dn}" -w {ldap_password} -f {ldap_filter} -u {ldap_attr} -p 389 -R -h {ldap_server}', config)
+        self.assertIn(f'auth_param basic realm "{realm}"', config)
+        self.assertIn(f'auth_param basic program /usr/lib/squid/basic_ldap_auth -v 3 -b "{ldap_base_dn}" -D "{ldap_bind_dn}" -w "{ldap_password}" -f "{ldap_filter}" -u "{ldap_attr}" -p 389 -ZZ -R -h "{ldap_server}"', config)
         self.assertIn(f'acl auth proxy_auth REQUIRED', config)
 
         # Check for running process
-- 
cgit v1.2.3