Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2686)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: server/site_linux_server.py

Issue 6765030: Add automated StrongSwan test (Closed) Base URL: ssh://gitrw.chromium.org:9222/autotest.git@master
Patch Set: Removed an unused config file. Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | server/site_tests/network_VPN/000VPNGenesis » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: server/site_linux_server.py
diff --git a/server/site_linux_server.py b/server/site_linux_server.py
index 7e4c1bc1888512a3a123e198f9e14d538036ae5a..592106180b9116769514a7212b957b0046dac15d 100644
--- a/server/site_linux_server.py
+++ b/server/site_linux_server.py
@@ -11,10 +11,11 @@ class LinuxServer(object):
"""
- def __init__(self, server, params):
- self.server = server # Server host.
- self.vpn_kind = None
- self.conf = {}
+ def __init__(self, server, wifi_ip):
+ self.server = server # Server host.
+ self.vpn_kind = None
+ self.wifi_ip = wifi_ip
+ self.openvpn_config = {}
def vpn_server_config(self, params):
""" Configure & launch the server side of the VPN.
@@ -29,6 +30,7 @@ class LinuxServer(object):
Valid values:
openvpn
+ l2tpipsec (StrongSwan PSK or certificates)
config: required
@@ -42,28 +44,91 @@ class LinuxServer(object):
supported by the specified VPN kind.
"""
self.vpn_server_kill({}) # Must be first. Relies on self.vpn_kind.
-
self.vpn_kind = params.get('kind', None)
- # Read configuration information & create server configuration file.
- #
- # As VPN kinds other than 'openvpn' are supported, and
- # since 'self.conf' is cummulative, perhaps there should be
- # a method which will clear 'self.conf'; different types of
- # VPN will likely not have the same configuration
- # parameters. This is only really needed if a test is
- # written to switch between two differents kinds of VPN.
- for k, v in params.get('config', {}).iteritems():
- self.conf[k] = v
- self.server.run("cat <<EOF >%s\n%s\nEOF\n" %
- ('/tmp/vpn-server.conf', '\n'.join(
- "%s %s" % kv for kv in self.conf.iteritems())))
-
# Launch specified VPN server.
if self.vpn_kind is None:
- raise error.TestFail('No VPN kind specified for this test.');
+ raise error.TestFail('No VPN kind specified for this test.')
elif self.vpn_kind == 'openvpn':
- self.server.run("/usr/sbin/openvpn --config /tmp/vpn-server.conf &")
+ # Read config information & create server configuration file.
+ for k, v in params.get('config', {}).iteritems():
+ self.openvpn_config[k] = v
+ self.server.run("cat <<EOF >/tmp/vpn-server.conf\n%s\nEOF\n" %
+ ('\n'.join( "%s %s" % kv for kv in
+ self.openvpn_config.iteritems())))
+ self.server.run("/usr/sbin/openvpn "
+ "--config /tmp/vpn-server.conf &")
+ elif self.vpn_kind == 'l2tpipsec':
+
+ configs = { "/etc/ipsec.conf" :
+ "config setup\n"
+ " charonstart=no\n"
+ " plutostart=yes\n"
+ " plutodebug=%(@plutodebug@)s\n"
+ "conn L2TP\n"
+ " keyexchange=ikev1\n"
+ " authby=psk\n"
+ " pfs=no\n"
+ " rekey=no\n"
+ " left=%(@local-listen-ip@)s\n"
+ " leftprotoport=17/1701\n"
+ " right=%%any\n"
+ " rightprotoport=17/%%any\n"
+ " auto=add\n",
+
+ "/etc/ipsec.secrets" :
+ "%(@ipsec-secrets@)s %%any : PSK \"password\"",
+
+ "/etc/xl2tpd/xl2tpd.conf" :
+ "[global]\n"
+ "\n"
+ "[lns default]\n"
+ " ip range = 192.168.1.128-192.168.1.254\n"
+ " local ip = 192.168.1.99\n"
+ " require chap = yes\n"
+ " refuse pap = yes\n"
+ " require authentication = yes\n"
+ " name = LinuxVPNserver\n"
+ " ppp debug = yes\n"
+ " pppoptfile = /etc/ppp/options.xl2tpd\n"
+ " length bit = yes\n",
+
+ "/etc/xl2tpd/l2tp-secrets" :
+ "* them l2tp-secret",
+
+ "/etc/ppp/chap-secrets" :
+ "chapuser * chapsecret *",
+
+ "/etc/ppp/options.xl2tpd" :
+ "ipcp-accept-local\n"
+ "ipcp-accept-remote\n"
+ "noccp\n"
+ "auth\n"
+ "crtscts\n"
+ "idle 1800\n"
+ "mtu 1410\n"
+ "mru 1410\n"
+ "nodefaultroute\n"
+ "debug\n"
+ "lock\n"
+ "proxyarp\n"
+ "connect-delay 5000\n"
+ }
+
+ replacements = params.get("replacements", {})
+ # These two replacements must match up to the same
+ # adapter, or a connection will not be established.
+ replacements["@local-listen-ip@"] = "%defaultroute"
+ replacements["@ipsec-secrets@"] = self.server.ip
+
+ for cfg, template in configs.iteritems():
+ contents = template % (replacements)
+ self.server.run("cat <<EOF >%s\n%s\nEOF\n" % (cfg, contents))
+
+ self.server.run("/usr/sbin/ipsec start")
+
+ # Restart xl2tpd to ensure use of newly-created config files.
+ self.server.run("sh /etc/init.d/xl2tpd restart")
else:
raise error.TestFail('(internal error): No config case '
'for VPN kind (%s)' % self.vpn_kind)
@@ -73,7 +138,9 @@ class LinuxServer(object):
if self.vpn_kind is not None:
if self.vpn_kind == 'openvpn':
self.server.run("pkill /usr/sbin/openvpn")
+ elif self.vpn_kind == 'l2tpipsec':
+ self.server.run("/usr/sbin/ipsec stop")
else:
raise error.TestFail('(internal error): No kill case '
'for VPN kind (%s)' % self.vpn_kind)
- self.vpn_kind = None;
+ self.vpn_kind = None
« no previous file with comments | « no previous file | server/site_tests/network_VPN/000VPNGenesis » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698