Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(486)

Unified Diff: ipsec_manager_test.cc

Issue 6508016: vpn-manager: Add l2tp/ipsec vpn manager (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vpn-manager.git@master
Patch Set: tweak Created 9 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: ipsec_manager_test.cc
diff --git a/ipsec_manager_test.cc b/ipsec_manager_test.cc
new file mode 100644
index 0000000000000000000000000000000000000000..2c08c35cfd63d92127d18aa0be108a94b146d55a
--- /dev/null
+++ b/ipsec_manager_test.cc
@@ -0,0 +1,189 @@
+// Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/command_line.h"
+#include "base/file_util.h"
+#include "chromeos/process_mock.h"
+#include "chromeos/syslog_logging.h"
+#include "chromeos/test_helpers.h"
+#include "gflags/gflags.h"
+#include "gtest/gtest.h"
+#include "vpn-manager/ipsec_manager.h"
+
+using ::chromeos::FindLog;
+using ::chromeos::ProcessMock;
+using ::testing::_;
+using ::testing::InSequence;
+using ::testing::Return;
+
+DECLARE_string(local);
+
+class IpsecManagerTest : public ::testing::Test {
+ public:
+ void SetUp() {
+ file_util::GetCurrentDirectory(&test_path_);
+ test_path_ = test_path_.Append("test");
+ file_util::Delete(test_path_, true);
+ file_util::CreateDirectory(test_path_);
+ remote_ = "1.2.3.4";
+ psk_file_ = test_path_.Append("psk").value();;
+ server_ca_file_ = test_path_.Append("server.ca").value();
+ client_key_file_ = test_path_.Append("client.key").value();
+ client_cert_file_ = test_path_.Append("client.cert").value();
+ WriteFile(psk_file_, "secret");
+ WriteFile(server_ca_file_, "");
+ WriteFile(client_key_file_, "");
+ WriteFile(client_cert_file_, "");
+ chromeos::ClearLog();
+ starter_ = new ProcessMock;
+ ipsec_.starter_.reset(starter_);
+ ipsec_.ipsec_group_ = getgid();
+ }
+
+ bool MockStarterStart();
+
+ protected:
+ void WriteFile(const std::string& file_path, const char* contents) {
+ file_util::WriteFile(FilePath(file_path), contents, strlen(contents));
+ }
+
+ void DoInitialize(bool use_psk);
+
+ void CheckStarter(const std::string& actual);
+
+ IpsecManager ipsec_;
+ FilePath test_path_;
+ std::string remote_;
+ std::string psk_file_;
+ std::string server_ca_file_;
+ std::string client_key_file_;
+ std::string client_cert_file_;
+ ProcessMock* starter_;
+};
+
+void IpsecManagerTest::DoInitialize(bool use_psk) {
+ if (use_psk) {
+ ASSERT_TRUE(ipsec_.Initialize(1, remote_, psk_file_, "", "", ""));
+ } else {
+ ASSERT_TRUE(ipsec_.Initialize(1, remote_, "", server_ca_file_,
+ client_key_file_, client_cert_file_));
+ }
+}
+
+TEST_F(IpsecManagerTest, InitializeBadRemote) {
+ EXPECT_FALSE(ipsec_.Initialize(1, "", psk_file_, "", "", ""));
+ EXPECT_TRUE(FindLog("Missing remote"));
+}
+
+TEST_F(IpsecManagerTest, InitializeNoAuth) {
+ EXPECT_FALSE(ipsec_.Initialize(1, remote_, "", "", "", ""));
+ EXPECT_TRUE(FindLog("Must specify either PSK or certificates"));
+}
+
+TEST_F(IpsecManagerTest, InitializePSK) {
+ DoInitialize(true);
+}
+
+TEST_F(IpsecManagerTest, InitializeCerts) {
+ DoInitialize(false);
+}
+
+TEST_F(IpsecManagerTest, InitializeNotBoth) {
+ EXPECT_FALSE(ipsec_.Initialize(1, remote_,
+ psk_file_,
+ server_ca_file_,
+ client_key_file_,
+ client_cert_file_));
+ EXPECT_TRUE(FindLog("Specified both PSK and certificates"));
+}
+
+TEST_F(IpsecManagerTest, InitializeUnsupportedVersion) {
+ EXPECT_FALSE(ipsec_.Initialize(3, remote_, psk_file_, "", "", ""));
+ EXPECT_TRUE(FindLog("Unsupported IKE version"));
+}
+
+TEST_F(IpsecManagerTest, FormatPsk) {
+ const char kLocal[] = "5.6.7.8";
+ FilePath input(test_path_.Append("psk"));
+ const char psk[] = "pAssword\n";
+ file_util::WriteFile(input, psk, strlen(psk));
+ ServiceManager::temp_path_ = test_path_;
+ FilePath output;
+ DoInitialize(true);
+ FLAGS_local = std::string(kLocal);
+ std::string formatted;
+ EXPECT_TRUE(ipsec_.FormatPsk(input, &formatted));
+ EXPECT_EQ("5.6.7.8 1.2.3.4 : PSK \"pAssword\"\n", formatted);
+}
+
+bool IpsecManagerTest::MockStarterStart() {
+ EXPECT_TRUE(NULL != getenv("IPSEC_MANAGER_PID"));
+ return true;
+}
+
+TEST_F(IpsecManagerTest, StartStarter) {
+ InSequence unused;
+ const int kMockFd = 123;
+ DoInitialize(true);
+ ipsec_.starter_pid_file_ = test_path_.Append("starter_pid").value();
+ // File must exist.
+ file_util::WriteFile(FilePath(ipsec_.starter_pid_file_), "", 0);
+
+ // Test that it attempts to kill any running starter.
+ EXPECT_CALL(*starter_, ResetPidByFile(ipsec_.starter_pid_file_)).
+ WillOnce(Return(true));
+ EXPECT_CALL(*starter_, pid()).WillOnce(Return(1));
+ EXPECT_CALL(*starter_, Reset(0));
+
+ EXPECT_CALL(*starter_, AddArg(IPSEC_STARTER));
+ EXPECT_CALL(*starter_, AddArg("--nofork"));
+ EXPECT_CALL(*starter_, RedirectUsingPipe(STDERR_FILENO, false));
+ EXPECT_CALL(*starter_, Start()).WillOnce(Invoke(
+ this, &IpsecManagerTest::MockStarterStart));
+ EXPECT_CALL(*starter_, GetPipe(STDERR_FILENO)).WillOnce(Return(kMockFd));
+ EXPECT_CALL(*starter_, pid());
+ EXPECT_TRUE(ipsec_.StartStarter());
+ EXPECT_EQ(kMockFd, ipsec_.output_fd());
+}
+
+void IpsecManagerTest::CheckStarter(const std::string& actual) {
+ const char kExpected[] =
+ "config setup\n"
+ "\tcharonstart=no\n"
+ "conn managed\n"
+ "\tkeyexchange=ikev1\n"
+ "\tauthby=psk\n"
+ "\tpfs=no\n"
+ "\trekey=no\n"
+ "\tleft=%defaultroute\n"
+ "\tleftprotoport=17/1701\n"
+ "\tleftupdown=/usr/libexec/l2tpipsec_vpn/pluto_updown\n"
+ "\tright=1.2.3.4\n"
+ "\trightprotoport=17/1701\n"
+ "\tauto=start\n";
+ EXPECT_EQ(kExpected, actual);
+}
+
+TEST_F(IpsecManagerTest, FormatStarterConfigFile) {
+ DoInitialize(true);
+ CheckStarter(ipsec_.FormatStarterConfigFile());
+}
+
+TEST_F(IpsecManagerTest, WriteConfigFiles) {
+ DoInitialize(true);
+ FilePath container = test_path_.Append("etc");
+ ASSERT_TRUE(file_util::CreateDirectory(container));
+ ipsec_.stateful_container_ = container.value();
+ EXPECT_TRUE(ipsec_.WriteConfigFiles());
+ std::string conf_contents;
+ ASSERT_TRUE(file_util::ReadFileToString(
+ container.Append("ipsec.conf"), &conf_contents));
+ CheckStarter(conf_contents);
+ ASSERT_TRUE(file_util::PathExists(container.Append("ipsec.secrets")));
+}
+
+int main(int argc, char** argv) {
+ SetUpTests(&argc, argv, true);
+ return RUN_ALL_TESTS();
+}

Powered by Google App Engine
This is Rietveld 408576698