| Index: ipsec_manager_test.cc
|
| diff --git a/ipsec_manager_test.cc b/ipsec_manager_test.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..2c08c35cfd63d92127d18aa0be108a94b146d55a
|
| --- /dev/null
|
| +++ b/ipsec_manager_test.cc
|
| @@ -0,0 +1,189 @@
|
| +// Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "base/command_line.h"
|
| +#include "base/file_util.h"
|
| +#include "chromeos/process_mock.h"
|
| +#include "chromeos/syslog_logging.h"
|
| +#include "chromeos/test_helpers.h"
|
| +#include "gflags/gflags.h"
|
| +#include "gtest/gtest.h"
|
| +#include "vpn-manager/ipsec_manager.h"
|
| +
|
| +using ::chromeos::FindLog;
|
| +using ::chromeos::ProcessMock;
|
| +using ::testing::_;
|
| +using ::testing::InSequence;
|
| +using ::testing::Return;
|
| +
|
| +DECLARE_string(local);
|
| +
|
| +class IpsecManagerTest : public ::testing::Test {
|
| + public:
|
| + void SetUp() {
|
| + file_util::GetCurrentDirectory(&test_path_);
|
| + test_path_ = test_path_.Append("test");
|
| + file_util::Delete(test_path_, true);
|
| + file_util::CreateDirectory(test_path_);
|
| + remote_ = "1.2.3.4";
|
| + psk_file_ = test_path_.Append("psk").value();;
|
| + server_ca_file_ = test_path_.Append("server.ca").value();
|
| + client_key_file_ = test_path_.Append("client.key").value();
|
| + client_cert_file_ = test_path_.Append("client.cert").value();
|
| + WriteFile(psk_file_, "secret");
|
| + WriteFile(server_ca_file_, "");
|
| + WriteFile(client_key_file_, "");
|
| + WriteFile(client_cert_file_, "");
|
| + chromeos::ClearLog();
|
| + starter_ = new ProcessMock;
|
| + ipsec_.starter_.reset(starter_);
|
| + ipsec_.ipsec_group_ = getgid();
|
| + }
|
| +
|
| + bool MockStarterStart();
|
| +
|
| + protected:
|
| + void WriteFile(const std::string& file_path, const char* contents) {
|
| + file_util::WriteFile(FilePath(file_path), contents, strlen(contents));
|
| + }
|
| +
|
| + void DoInitialize(bool use_psk);
|
| +
|
| + void CheckStarter(const std::string& actual);
|
| +
|
| + IpsecManager ipsec_;
|
| + FilePath test_path_;
|
| + std::string remote_;
|
| + std::string psk_file_;
|
| + std::string server_ca_file_;
|
| + std::string client_key_file_;
|
| + std::string client_cert_file_;
|
| + ProcessMock* starter_;
|
| +};
|
| +
|
| +void IpsecManagerTest::DoInitialize(bool use_psk) {
|
| + if (use_psk) {
|
| + ASSERT_TRUE(ipsec_.Initialize(1, remote_, psk_file_, "", "", ""));
|
| + } else {
|
| + ASSERT_TRUE(ipsec_.Initialize(1, remote_, "", server_ca_file_,
|
| + client_key_file_, client_cert_file_));
|
| + }
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, InitializeBadRemote) {
|
| + EXPECT_FALSE(ipsec_.Initialize(1, "", psk_file_, "", "", ""));
|
| + EXPECT_TRUE(FindLog("Missing remote"));
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, InitializeNoAuth) {
|
| + EXPECT_FALSE(ipsec_.Initialize(1, remote_, "", "", "", ""));
|
| + EXPECT_TRUE(FindLog("Must specify either PSK or certificates"));
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, InitializePSK) {
|
| + DoInitialize(true);
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, InitializeCerts) {
|
| + DoInitialize(false);
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, InitializeNotBoth) {
|
| + EXPECT_FALSE(ipsec_.Initialize(1, remote_,
|
| + psk_file_,
|
| + server_ca_file_,
|
| + client_key_file_,
|
| + client_cert_file_));
|
| + EXPECT_TRUE(FindLog("Specified both PSK and certificates"));
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, InitializeUnsupportedVersion) {
|
| + EXPECT_FALSE(ipsec_.Initialize(3, remote_, psk_file_, "", "", ""));
|
| + EXPECT_TRUE(FindLog("Unsupported IKE version"));
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, FormatPsk) {
|
| + const char kLocal[] = "5.6.7.8";
|
| + FilePath input(test_path_.Append("psk"));
|
| + const char psk[] = "pAssword\n";
|
| + file_util::WriteFile(input, psk, strlen(psk));
|
| + ServiceManager::temp_path_ = test_path_;
|
| + FilePath output;
|
| + DoInitialize(true);
|
| + FLAGS_local = std::string(kLocal);
|
| + std::string formatted;
|
| + EXPECT_TRUE(ipsec_.FormatPsk(input, &formatted));
|
| + EXPECT_EQ("5.6.7.8 1.2.3.4 : PSK \"pAssword\"\n", formatted);
|
| +}
|
| +
|
| +bool IpsecManagerTest::MockStarterStart() {
|
| + EXPECT_TRUE(NULL != getenv("IPSEC_MANAGER_PID"));
|
| + return true;
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, StartStarter) {
|
| + InSequence unused;
|
| + const int kMockFd = 123;
|
| + DoInitialize(true);
|
| + ipsec_.starter_pid_file_ = test_path_.Append("starter_pid").value();
|
| + // File must exist.
|
| + file_util::WriteFile(FilePath(ipsec_.starter_pid_file_), "", 0);
|
| +
|
| + // Test that it attempts to kill any running starter.
|
| + EXPECT_CALL(*starter_, ResetPidByFile(ipsec_.starter_pid_file_)).
|
| + WillOnce(Return(true));
|
| + EXPECT_CALL(*starter_, pid()).WillOnce(Return(1));
|
| + EXPECT_CALL(*starter_, Reset(0));
|
| +
|
| + EXPECT_CALL(*starter_, AddArg(IPSEC_STARTER));
|
| + EXPECT_CALL(*starter_, AddArg("--nofork"));
|
| + EXPECT_CALL(*starter_, RedirectUsingPipe(STDERR_FILENO, false));
|
| + EXPECT_CALL(*starter_, Start()).WillOnce(Invoke(
|
| + this, &IpsecManagerTest::MockStarterStart));
|
| + EXPECT_CALL(*starter_, GetPipe(STDERR_FILENO)).WillOnce(Return(kMockFd));
|
| + EXPECT_CALL(*starter_, pid());
|
| + EXPECT_TRUE(ipsec_.StartStarter());
|
| + EXPECT_EQ(kMockFd, ipsec_.output_fd());
|
| +}
|
| +
|
| +void IpsecManagerTest::CheckStarter(const std::string& actual) {
|
| + const char kExpected[] =
|
| + "config setup\n"
|
| + "\tcharonstart=no\n"
|
| + "conn managed\n"
|
| + "\tkeyexchange=ikev1\n"
|
| + "\tauthby=psk\n"
|
| + "\tpfs=no\n"
|
| + "\trekey=no\n"
|
| + "\tleft=%defaultroute\n"
|
| + "\tleftprotoport=17/1701\n"
|
| + "\tleftupdown=/usr/libexec/l2tpipsec_vpn/pluto_updown\n"
|
| + "\tright=1.2.3.4\n"
|
| + "\trightprotoport=17/1701\n"
|
| + "\tauto=start\n";
|
| + EXPECT_EQ(kExpected, actual);
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, FormatStarterConfigFile) {
|
| + DoInitialize(true);
|
| + CheckStarter(ipsec_.FormatStarterConfigFile());
|
| +}
|
| +
|
| +TEST_F(IpsecManagerTest, WriteConfigFiles) {
|
| + DoInitialize(true);
|
| + FilePath container = test_path_.Append("etc");
|
| + ASSERT_TRUE(file_util::CreateDirectory(container));
|
| + ipsec_.stateful_container_ = container.value();
|
| + EXPECT_TRUE(ipsec_.WriteConfigFiles());
|
| + std::string conf_contents;
|
| + ASSERT_TRUE(file_util::ReadFileToString(
|
| + container.Append("ipsec.conf"), &conf_contents));
|
| + CheckStarter(conf_contents);
|
| + ASSERT_TRUE(file_util::PathExists(container.Append("ipsec.secrets")));
|
| +}
|
| +
|
| +int main(int argc, char** argv) {
|
| + SetUpTests(&argc, argv, true);
|
| + return RUN_ALL_TESTS();
|
| +}
|
|
|
Chromium Code Reviews
Issue 6508016:
vpn-manager: Add l2tp/ipsec vpn manager (Closed)
Base URL: ssh://git@gitrw.chromium.org:9222/vpn-manager.git@master