Index: ipsec_manager_test.cc |
diff --git a/ipsec_manager_test.cc b/ipsec_manager_test.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..2c08c35cfd63d92127d18aa0be108a94b146d55a |
--- /dev/null |
+++ b/ipsec_manager_test.cc |
@@ -0,0 +1,189 @@ |
+// Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "base/command_line.h" |
+#include "base/file_util.h" |
+#include "chromeos/process_mock.h" |
+#include "chromeos/syslog_logging.h" |
+#include "chromeos/test_helpers.h" |
+#include "gflags/gflags.h" |
+#include "gtest/gtest.h" |
+#include "vpn-manager/ipsec_manager.h" |
+ |
+using ::chromeos::FindLog; |
+using ::chromeos::ProcessMock; |
+using ::testing::_; |
+using ::testing::InSequence; |
+using ::testing::Return; |
+ |
+DECLARE_string(local); |
+ |
+class IpsecManagerTest : public ::testing::Test { |
+ public: |
+ void SetUp() { |
+ file_util::GetCurrentDirectory(&test_path_); |
+ test_path_ = test_path_.Append("test"); |
+ file_util::Delete(test_path_, true); |
+ file_util::CreateDirectory(test_path_); |
+ remote_ = "1.2.3.4"; |
+ psk_file_ = test_path_.Append("psk").value();; |
+ server_ca_file_ = test_path_.Append("server.ca").value(); |
+ client_key_file_ = test_path_.Append("client.key").value(); |
+ client_cert_file_ = test_path_.Append("client.cert").value(); |
+ WriteFile(psk_file_, "secret"); |
+ WriteFile(server_ca_file_, ""); |
+ WriteFile(client_key_file_, ""); |
+ WriteFile(client_cert_file_, ""); |
+ chromeos::ClearLog(); |
+ starter_ = new ProcessMock; |
+ ipsec_.starter_.reset(starter_); |
+ ipsec_.ipsec_group_ = getgid(); |
+ } |
+ |
+ bool MockStarterStart(); |
+ |
+ protected: |
+ void WriteFile(const std::string& file_path, const char* contents) { |
+ file_util::WriteFile(FilePath(file_path), contents, strlen(contents)); |
+ } |
+ |
+ void DoInitialize(bool use_psk); |
+ |
+ void CheckStarter(const std::string& actual); |
+ |
+ IpsecManager ipsec_; |
+ FilePath test_path_; |
+ std::string remote_; |
+ std::string psk_file_; |
+ std::string server_ca_file_; |
+ std::string client_key_file_; |
+ std::string client_cert_file_; |
+ ProcessMock* starter_; |
+}; |
+ |
+void IpsecManagerTest::DoInitialize(bool use_psk) { |
+ if (use_psk) { |
+ ASSERT_TRUE(ipsec_.Initialize(1, remote_, psk_file_, "", "", "")); |
+ } else { |
+ ASSERT_TRUE(ipsec_.Initialize(1, remote_, "", server_ca_file_, |
+ client_key_file_, client_cert_file_)); |
+ } |
+} |
+ |
+TEST_F(IpsecManagerTest, InitializeBadRemote) { |
+ EXPECT_FALSE(ipsec_.Initialize(1, "", psk_file_, "", "", "")); |
+ EXPECT_TRUE(FindLog("Missing remote")); |
+} |
+ |
+TEST_F(IpsecManagerTest, InitializeNoAuth) { |
+ EXPECT_FALSE(ipsec_.Initialize(1, remote_, "", "", "", "")); |
+ EXPECT_TRUE(FindLog("Must specify either PSK or certificates")); |
+} |
+ |
+TEST_F(IpsecManagerTest, InitializePSK) { |
+ DoInitialize(true); |
+} |
+ |
+TEST_F(IpsecManagerTest, InitializeCerts) { |
+ DoInitialize(false); |
+} |
+ |
+TEST_F(IpsecManagerTest, InitializeNotBoth) { |
+ EXPECT_FALSE(ipsec_.Initialize(1, remote_, |
+ psk_file_, |
+ server_ca_file_, |
+ client_key_file_, |
+ client_cert_file_)); |
+ EXPECT_TRUE(FindLog("Specified both PSK and certificates")); |
+} |
+ |
+TEST_F(IpsecManagerTest, InitializeUnsupportedVersion) { |
+ EXPECT_FALSE(ipsec_.Initialize(3, remote_, psk_file_, "", "", "")); |
+ EXPECT_TRUE(FindLog("Unsupported IKE version")); |
+} |
+ |
+TEST_F(IpsecManagerTest, FormatPsk) { |
+ const char kLocal[] = "5.6.7.8"; |
+ FilePath input(test_path_.Append("psk")); |
+ const char psk[] = "pAssword\n"; |
+ file_util::WriteFile(input, psk, strlen(psk)); |
+ ServiceManager::temp_path_ = test_path_; |
+ FilePath output; |
+ DoInitialize(true); |
+ FLAGS_local = std::string(kLocal); |
+ std::string formatted; |
+ EXPECT_TRUE(ipsec_.FormatPsk(input, &formatted)); |
+ EXPECT_EQ("5.6.7.8 1.2.3.4 : PSK \"pAssword\"\n", formatted); |
+} |
+ |
+bool IpsecManagerTest::MockStarterStart() { |
+ EXPECT_TRUE(NULL != getenv("IPSEC_MANAGER_PID")); |
+ return true; |
+} |
+ |
+TEST_F(IpsecManagerTest, StartStarter) { |
+ InSequence unused; |
+ const int kMockFd = 123; |
+ DoInitialize(true); |
+ ipsec_.starter_pid_file_ = test_path_.Append("starter_pid").value(); |
+ // File must exist. |
+ file_util::WriteFile(FilePath(ipsec_.starter_pid_file_), "", 0); |
+ |
+ // Test that it attempts to kill any running starter. |
+ EXPECT_CALL(*starter_, ResetPidByFile(ipsec_.starter_pid_file_)). |
+ WillOnce(Return(true)); |
+ EXPECT_CALL(*starter_, pid()).WillOnce(Return(1)); |
+ EXPECT_CALL(*starter_, Reset(0)); |
+ |
+ EXPECT_CALL(*starter_, AddArg(IPSEC_STARTER)); |
+ EXPECT_CALL(*starter_, AddArg("--nofork")); |
+ EXPECT_CALL(*starter_, RedirectUsingPipe(STDERR_FILENO, false)); |
+ EXPECT_CALL(*starter_, Start()).WillOnce(Invoke( |
+ this, &IpsecManagerTest::MockStarterStart)); |
+ EXPECT_CALL(*starter_, GetPipe(STDERR_FILENO)).WillOnce(Return(kMockFd)); |
+ EXPECT_CALL(*starter_, pid()); |
+ EXPECT_TRUE(ipsec_.StartStarter()); |
+ EXPECT_EQ(kMockFd, ipsec_.output_fd()); |
+} |
+ |
+void IpsecManagerTest::CheckStarter(const std::string& actual) { |
+ const char kExpected[] = |
+ "config setup\n" |
+ "\tcharonstart=no\n" |
+ "conn managed\n" |
+ "\tkeyexchange=ikev1\n" |
+ "\tauthby=psk\n" |
+ "\tpfs=no\n" |
+ "\trekey=no\n" |
+ "\tleft=%defaultroute\n" |
+ "\tleftprotoport=17/1701\n" |
+ "\tleftupdown=/usr/libexec/l2tpipsec_vpn/pluto_updown\n" |
+ "\tright=1.2.3.4\n" |
+ "\trightprotoport=17/1701\n" |
+ "\tauto=start\n"; |
+ EXPECT_EQ(kExpected, actual); |
+} |
+ |
+TEST_F(IpsecManagerTest, FormatStarterConfigFile) { |
+ DoInitialize(true); |
+ CheckStarter(ipsec_.FormatStarterConfigFile()); |
+} |
+ |
+TEST_F(IpsecManagerTest, WriteConfigFiles) { |
+ DoInitialize(true); |
+ FilePath container = test_path_.Append("etc"); |
+ ASSERT_TRUE(file_util::CreateDirectory(container)); |
+ ipsec_.stateful_container_ = container.value(); |
+ EXPECT_TRUE(ipsec_.WriteConfigFiles()); |
+ std::string conf_contents; |
+ ASSERT_TRUE(file_util::ReadFileToString( |
+ container.Append("ipsec.conf"), &conf_contents)); |
+ CheckStarter(conf_contents); |
+ ASSERT_TRUE(file_util::PathExists(container.Append("ipsec.secrets"))); |
+} |
+ |
+int main(int argc, char** argv) { |
+ SetUpTests(&argc, argv, true); |
+ return RUN_ALL_TESTS(); |
+} |