Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(242)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: server/site_wifitest.py

Issue 6765030: Add automated StrongSwan test (Closed) Base URL: ssh://gitrw.chromium.org:9222/autotest.git@master
Patch Set: Remove 'aka strongswan' comments. Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« server/site_tests/network_VPN/050StrongSwanGenesis ('K') | « server/site_tests/network_VPN/055StrongSwanBadPSK ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: server/site_wifitest.py
diff --git a/server/site_wifitest.py b/server/site_wifitest.py
index f8e0a2d8dfb3a3233602b30479147d000ff703cc..87ea76f142438bbdf766de578155a84d58e60577 100644
--- a/server/site_wifitest.py
+++ b/server/site_wifitest.py
@@ -143,8 +143,8 @@ class WiFiTest(object):
# NB: wifi address must be set if not reachable from control
self.server_wifi_ip = server['wifi_addr']
- # hosting_server is a machine which hosts network services,
- # such as VPN.
+ # The 'hosting_server' is a machine which hosts network
+ # services, such as OpenVPN or StrongSwan.
self.hosting_server = site_linux_server.LinuxServer(self.server, server)
# potential bg thread for ping untilstop
@@ -1238,27 +1238,25 @@ class WiFiTest(object):
"""
self.vpn_client_kill({}) # Must be first. Relies on self.vpn_kind.
self.vpn_kind = params.get('kind', None)
- vpn_host_ip = params.get('vpn-host-ip', self.server_wifi_ip)
-
- # Must get 'ca_certificate', 'client-certificate' and 'client-key'.
- cert_pathnames = params.get('files', {})
# Starting up the VPN client may cause the DUT's routing table (esp.
# the default route) to change. Set up a host route backwards so
# we don't lose our control connection in that event.
- __add_host_route(self.client)
+ self.__add_host_route(self.client)
if self.vpn_kind is None:
raise error.TestFail('No VPN kind specified for this test.')
elif self.vpn_kind == 'openvpn':
+ # 'ca_certificate', 'client-certificate' and 'client-key'.
+ vpn_host_ip = params.get('vpn-host-ip',
+ self.server_wifi_ip)
+ cert_pathnames = params.get('files', {})
remote_cert_tls_option = ""
remote_cert_tls = params.get('remote-cert-tls', None)
if remote_cert_tls is not None:
remote_cert_tls_option = "--remote-cert-tls " + remote_cert_tls
- # connect-vpn openvpn [options] <name> <host-ip> <domain> \
- # <cafile> <certfile> <key-file>
result = self.client.run('%s/test/connect-vpn '
'--verbose '
'%s '
@@ -1272,6 +1270,39 @@ class WiFiTest(object):
cert_pathnames['ca-certificate'],
cert_pathnames['client-certificate'],
cert_pathnames['client-key']))
+ elif self.vpn_kind == 'l2tpipsec-psk':
+ # vpn_host_ip is self.server.ip because that is the
+ # adapter that ipsec listens on.
+ vpn_host_ip = params.get('vpn-host-ip', self.server.ip)
+ password = params.get('password' , None)
+ chapuser = params.get('chapuser' , None)
+ chapsecret = params.get('chapsecret', None)
+ result = self.client.run('%s/test/connect-vpn '
+ '--verbose '
+ 'l2tpipsec-psk vpn-name %s vpn-domain '
+ '%s ' # password
+ '%s ' # chapuser
+ '%s' % # chapsecret
+ (self.client_cmd_flimflam_lib,
+ vpn_host_ip,
+ password, chapuser, chapsecret))
+ elif self.vpn_kind == 'l2tpipsec-cert':
+ # 'ca_certificate', 'client-certificate' and 'client-key'.
+ cert_pathnames = params.get('files', {})
+ # vpn_host_ip is self.server.ip because that is the
+ # adapter that ipsec listens on.
+ vpn_host_ip = params.get('vpn-host-ip', self.server.ip)
+ result = self.client.run('%s/test/connect-vpn '
+ '--verbose '
+ 'l2tpipsec-cert vpn-name %s vpn-domain '
+ '%s ' # ca certificate
+ '%s ' # client certificate
+ '%s' % # client key
+ (self.client_cmd_flimflam_lib,
+ vpn_host_ip,
+ cert_pathnames['ca-certificate'],
+ cert_pathnames['client-certificate'],
+ cert_pathnames['client-key']))
else:
raise error.TestFail('(internal error): No launch case '
'for VPN kind (%s)' % self.vpn_kind)
@@ -1281,12 +1312,15 @@ class WiFiTest(object):
if self.vpn_kind is not None:
if self.vpn_kind == 'openvpn':
self.client.run("pkill openvpn")
+ elif (self.vpn_kind == 'l2tpipsec-psk' or
+ self.vpn_kind == 'l2tpipsec-cert'):
+ self.client.run("/usr/sbin/ipsec stop")
else:
raise error.TestFail('(internal error): No kill case '
'for VPN kind (%s)' % self.vpn_kind)
self.vpn_kind = None
- __del_host_route(self.client)
+ self.__del_host_route(self.client)
def __add_host_route(self, host):
# What is the local address we use to get to the test host?
@@ -1302,10 +1336,8 @@ class WiFiTest(object):
host.run("ip route add %s" % self.host_route_args[host.ip])
def __del_host_route(self, host):
- if host.ip not in self.host_route_args:
- return
-
- host.run("ip route del %s" % self.host_route_args.pop(host.ip))
+ if host.ip in self.host_route_args:
+ host.run("ip route del %s" % self.host_route_args.pop(host.ip))
def host_route_cleanup(self, params):
for host in (self.client, self.server, self.router):
« server/site_tests/network_VPN/050StrongSwanGenesis ('K') | « server/site_tests/network_VPN/055StrongSwanBadPSK ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698