summaryrefslogtreecommitdiff
path: root/src/leap/eip/tests
diff options
context:
space:
mode:
authorkali <kali@leap.se>2013-01-30 06:52:59 +0900
committerkali <kali@leap.se>2013-01-30 06:52:59 +0900
commit570f84756b3d1f689a172a3ff0c55abf6a60b9dd (patch)
tree0f262acacf35743664c6408edbafe6ba6f119d14 /src/leap/eip/tests
parente60abdcb796ad9e2c44e9b37d3a68e7f159c035c (diff)
parent10a2303fe2d21999bce56940daecb78576f5b741 (diff)
Merge branch 'pre-release-0.2.0' into release-0.2.0
This merge contains today's state of develop branch, minus soledad and email components.
Diffstat (limited to 'src/leap/eip/tests')
-rw-r--r--src/leap/eip/tests/data.py40
-rw-r--r--src/leap/eip/tests/test_checks.py43
-rw-r--r--src/leap/eip/tests/test_config.py188
-rw-r--r--src/leap/eip/tests/test_eipconnection.py39
-rw-r--r--src/leap/eip/tests/test_openvpnconnection.py34
5 files changed, 284 insertions, 60 deletions
diff --git a/src/leap/eip/tests/data.py b/src/leap/eip/tests/data.py
index 43df2013..a7fe1853 100644
--- a/src/leap/eip/tests/data.py
+++ b/src/leap/eip/tests/data.py
@@ -1,11 +1,12 @@
from __future__ import unicode_literals
import os
-from leap import __branding
+#from leap import __branding
# sample data used in tests
-PROVIDER = __branding.get('provider_domain')
+#PROVIDER = __branding.get('provider_domain')
+PROVIDER = "testprovider.example.org"
EIP_SAMPLE_CONFIG = {
"provider": "%s" % PROVIDER,
@@ -15,33 +16,36 @@ EIP_SAMPLE_CONFIG = {
"openvpn_ca_certificate": os.path.expanduser(
"~/.config/leap/providers/"
"%s/"
- "keys/ca/testprovider-ca-cert.pem" % PROVIDER),
+ "keys/ca/cacert.pem" % PROVIDER),
"openvpn_client_certificate": os.path.expanduser(
"~/.config/leap/providers/"
"%s/"
"keys/client/openvpn.pem" % PROVIDER),
"connect_on_login": True,
"block_cleartext_traffic": True,
- "primary_gateway": "turkey",
- "secondary_gateway": "france",
+ "primary_gateway": "location_unknown",
+ "secondary_gateway": "location_unknown2",
#"management_password": "oph7Que1othahwiech6J"
}
EIP_SAMPLE_SERVICE = {
"serial": 1,
- "version": "0.1.0",
- "capabilities": {
- "transport": ["openvpn"],
- "ports": ["80", "53"],
- "protocols": ["udp", "tcp"],
- "static_ips": True,
- "adblock": True
- },
+ "version": 1,
+ "clusters": [
+ {"label": {
+ "en": "Location Unknown"},
+ "name": "location_unknown"}
+ ],
"gateways": [
- {"country_code": "tr",
- "name": "turkey",
- "label": {"en":"Ankara, Turkey"},
- "capabilities": {},
- "hosts": ["94.103.43.4"]}
+ {"capabilities": {
+ "adblock": True,
+ "filter_dns": True,
+ "ports": ["80", "53", "443", "1194"],
+ "protocols": ["udp", "tcp"],
+ "transport": ["openvpn"],
+ "user_ips": False},
+ "cluster": "location_unknown",
+ "host": "location.example.org",
+ "ip_address": "192.0.43.10"}
]
}
diff --git a/src/leap/eip/tests/test_checks.py b/src/leap/eip/tests/test_checks.py
index 58ce473f..ab11037a 100644
--- a/src/leap/eip/tests/test_checks.py
+++ b/src/leap/eip/tests/test_checks.py
@@ -25,6 +25,7 @@ from leap.eip.tests import data as testdata
from leap.testing.basetest import BaseLeapTest
from leap.testing.https_server import BaseHTTPSServerTestCase
from leap.testing.https_server import where as where_cert
+from leap.util.fileutil import mkdir_f
class NoLogRequestHandler:
@@ -39,6 +40,8 @@ class NoLogRequestHandler:
class EIPCheckTest(BaseLeapTest):
__name__ = "eip_check_tests"
+ provider = "testprovider.example.org"
+ maxDiff = None
def setUp(self):
pass
@@ -49,7 +52,7 @@ class EIPCheckTest(BaseLeapTest):
# test methods are there, and can be called from run_all
def test_checker_should_implement_check_methods(self):
- checker = eipchecks.EIPConfigChecker()
+ checker = eipchecks.EIPConfigChecker(domain=self.provider)
self.assertTrue(hasattr(checker, "check_default_eipconfig"),
"missing meth")
@@ -62,7 +65,7 @@ class EIPCheckTest(BaseLeapTest):
"missing meth")
def test_checker_should_actually_call_all_tests(self):
- checker = eipchecks.EIPConfigChecker()
+ checker = eipchecks.EIPConfigChecker(domain=self.provider)
mc = Mock()
checker.run_all(checker=mc)
@@ -79,7 +82,7 @@ class EIPCheckTest(BaseLeapTest):
# test individual check methods
def test_check_default_eipconfig(self):
- checker = eipchecks.EIPConfigChecker()
+ checker = eipchecks.EIPConfigChecker(domain=self.provider)
# no eip config (empty home)
eipconfig_path = checker.eipconfig.filename
self.assertFalse(os.path.isfile(eipconfig_path))
@@ -93,15 +96,15 @@ class EIPCheckTest(BaseLeapTest):
# small workaround for evaluating home dirs correctly
EIP_SAMPLE_CONFIG = copy.copy(testdata.EIP_SAMPLE_CONFIG)
EIP_SAMPLE_CONFIG['openvpn_client_certificate'] = \
- eipspecs.client_cert_path()
+ eipspecs.client_cert_path(self.provider)
EIP_SAMPLE_CONFIG['openvpn_ca_certificate'] = \
- eipspecs.provider_ca_path()
+ eipspecs.provider_ca_path(self.provider)
self.assertEqual(deserialized, EIP_SAMPLE_CONFIG)
# TODO: shold ALSO run validation methods.
def test_check_is_there_default_provider(self):
- checker = eipchecks.EIPConfigChecker()
+ checker = eipchecks.EIPConfigChecker(domain=self.provider)
# we do dump a sample eip config, but lacking a
# default provider entry.
# This error will be possible catched in a different
@@ -116,6 +119,7 @@ class EIPCheckTest(BaseLeapTest):
sampleconfig = copy.copy(testdata.EIP_SAMPLE_CONFIG)
sampleconfig['provider'] = None
eipcfg_path = checker.eipconfig.filename
+ mkdir_f(eipcfg_path)
with open(eipcfg_path, 'w') as fp:
json.dump(sampleconfig, fp)
#with self.assertRaises(eipexceptions.EIPMissingDefaultProvider):
@@ -136,6 +140,8 @@ class EIPCheckTest(BaseLeapTest):
def test_fetch_definition(self):
with patch.object(requests, "get") as mocked_get:
mocked_get.return_value.status_code = 200
+ mocked_get.return_value.headers = {
+ 'last-modified': "Wed Dec 12 12:12:12 GMT 2012"}
mocked_get.return_value.json = DEFAULT_PROVIDER_DEFINITION
checker = eipchecks.EIPConfigChecker(fetcher=requests)
sampleconfig = testdata.EIP_SAMPLE_CONFIG
@@ -154,6 +160,8 @@ class EIPCheckTest(BaseLeapTest):
def test_fetch_eip_service_config(self):
with patch.object(requests, "get") as mocked_get:
mocked_get.return_value.status_code = 200
+ mocked_get.return_value.headers = {
+ 'last-modified': "Wed Dec 12 12:12:12 GMT 2012"}
mocked_get.return_value.json = testdata.EIP_SAMPLE_SERVICE
checker = eipchecks.EIPConfigChecker(fetcher=requests)
sampleconfig = testdata.EIP_SAMPLE_CONFIG
@@ -178,6 +186,7 @@ class EIPCheckTest(BaseLeapTest):
class ProviderCertCheckerTest(BaseLeapTest):
__name__ = "provider_cert_checker_tests"
+ provider = "testprovider.example.org"
def setUp(self):
pass
@@ -226,13 +235,20 @@ class ProviderCertCheckerTest(BaseLeapTest):
# test individual check methods
+ @unittest.skip
def test_is_there_provider_ca(self):
+ # XXX commenting out this test.
+ # With the generic client this does not make sense,
+ # we should dump one there.
+ # or test conductor logic.
checker = eipchecks.ProviderCertChecker()
self.assertTrue(
checker.is_there_provider_ca())
class ProviderCertCheckerHTTPSTests(BaseHTTPSServerTestCase, BaseLeapTest):
+ provider = "testprovider.example.org"
+
class request_handler(NoLogRequestHandler, BaseHTTPRequestHandler):
responses = {
'/': ['OK', ''],
@@ -292,12 +308,19 @@ class ProviderCertCheckerHTTPSTests(BaseHTTPSServerTestCase, BaseLeapTest):
# same, but get cacert from leap.custom
# XXX TODO!
+ @unittest.skip
def test_download_new_client_cert(self):
+ # FIXME
+ # Magick srp decorator broken right now...
+ # Have to mock the decorator and inject something that
+ # can bypass the authentication
+
uri = "https://%s/client.cert" % (self.get_server())
cacert = where_cert('cacert.pem')
- checker = eipchecks.ProviderCertChecker()
+ checker = eipchecks.ProviderCertChecker(domain=self.provider)
+ credentials = "testuser", "testpassword"
self.assertTrue(checker.download_new_client_cert(
- uri=uri, verify=cacert))
+ credentials=credentials, uri=uri, verify=cacert))
# now download a malformed cert
uri = "https://%s/badclient.cert" % (self.get_server())
@@ -305,7 +328,7 @@ class ProviderCertCheckerHTTPSTests(BaseHTTPSServerTestCase, BaseLeapTest):
checker = eipchecks.ProviderCertChecker()
with self.assertRaises(ValueError):
self.assertTrue(checker.download_new_client_cert(
- uri=uri, verify=cacert))
+ credentials=credentials, uri=uri, verify=cacert))
# did we write cert to its path?
clientcertfile = eipspecs.client_cert_path()
@@ -339,7 +362,7 @@ class ProviderCertCheckerHTTPSTests(BaseHTTPSServerTestCase, BaseLeapTest):
def test_check_new_cert_needed(self):
# check: missing cert
- checker = eipchecks.ProviderCertChecker()
+ checker = eipchecks.ProviderCertChecker(domain=self.provider)
self.assertTrue(checker.check_new_cert_needed(skip_download=True))
# TODO check: malformed cert
# TODO check: expired cert
diff --git a/src/leap/eip/tests/test_config.py b/src/leap/eip/tests/test_config.py
index 6759b522..72ab3c8e 100644
--- a/src/leap/eip/tests/test_config.py
+++ b/src/leap/eip/tests/test_config.py
@@ -1,3 +1,4 @@
+from collections import OrderedDict
import json
import os
import platform
@@ -10,21 +11,24 @@ except ImportError:
#from leap.base import constants
#from leap.eip import config as eip_config
-from leap import __branding as BRANDING
+#from leap import __branding as BRANDING
from leap.eip import config as eipconfig
from leap.eip.tests.data import EIP_SAMPLE_CONFIG, EIP_SAMPLE_SERVICE
from leap.testing.basetest import BaseLeapTest
-from leap.util.fileutil import mkdir_p
+from leap.util.fileutil import mkdir_p, mkdir_f
_system = platform.system()
-PROVIDER = BRANDING.get('provider_domain')
-PROVIDER_SHORTNAME = BRANDING.get('short_name')
+#PROVIDER = BRANDING.get('provider_domain')
+#PROVIDER_SHORTNAME = BRANDING.get('short_name')
class EIPConfigTest(BaseLeapTest):
__name__ = "eip_config_tests"
+ provider = "testprovider.example.org"
+
+ maxDiff = None
def setUp(self):
pass
@@ -46,11 +50,22 @@ class EIPConfigTest(BaseLeapTest):
open(tfile, 'wb').close()
os.chmod(tfile, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR)
- def write_sample_eipservice(self):
+ def write_sample_eipservice(self, vpnciphers=False, extra_vpnopts=None,
+ gateways=None):
conf = eipconfig.EIPServiceConfig()
- folder, f = os.path.split(conf.filename)
- if not os.path.isdir(folder):
- mkdir_p(folder)
+ mkdir_f(conf.filename)
+ if gateways:
+ EIP_SAMPLE_SERVICE['gateways'] = gateways
+ if vpnciphers:
+ openvpnconfig = OrderedDict({
+ "auth": "SHA1",
+ "cipher": "AES-128-CBC",
+ "tls-cipher": "DHE-RSA-AES128-SHA"})
+ if extra_vpnopts:
+ for k, v in extra_vpnopts.items():
+ openvpnconfig[k] = v
+ EIP_SAMPLE_SERVICE['openvpn_configuration'] = openvpnconfig
+
with open(conf.filename, 'w') as fd:
fd.write(json.dumps(EIP_SAMPLE_SERVICE))
@@ -62,8 +77,17 @@ class EIPConfigTest(BaseLeapTest):
with open(conf.filename, 'w') as fd:
fd.write(json.dumps(EIP_SAMPLE_CONFIG))
- def get_expected_openvpn_args(self):
+ def get_expected_openvpn_args(self, with_openvpn_ciphers=False):
+ """
+ yeah, this is almost as duplicating the
+ code for building the command
+ """
args = []
+ eipconf = eipconfig.EIPConfig(domain=self.provider)
+ eipconf.load()
+ eipsconf = eipconfig.EIPServiceConfig(domain=self.provider)
+ eipsconf.load()
+
username = self.get_username()
groupname = self.get_groupname()
@@ -74,7 +98,10 @@ class EIPConfigTest(BaseLeapTest):
args.append('--persist-tun')
args.append('--persist-key')
args.append('--remote')
- args.append('%s' % eipconfig.get_eip_gateway())
+
+ args.append('%s' % eipconfig.get_eip_gateway(
+ eipconfig=eipconf,
+ eipserviceconfig=eipsconf))
# XXX get port!?
args.append('1194')
# XXX get proto
@@ -83,6 +110,14 @@ class EIPConfigTest(BaseLeapTest):
args.append('--remote-cert-tls')
args.append('server')
+ if with_openvpn_ciphers:
+ CIPHERS = [
+ "--tls-cipher", "DHE-RSA-AES128-SHA",
+ "--cipher", "AES-128-CBC",
+ "--auth", "SHA1"]
+ for opt in CIPHERS:
+ args.append(opt)
+
args.append('--user')
args.append(username)
args.append('--group')
@@ -97,29 +132,43 @@ class EIPConfigTest(BaseLeapTest):
args.append('/tmp/test.socket')
args.append('unix')
+ args.append('--script-security')
+ args.append('2')
+
+ if _system == "Linux":
+ UPDOWN_SCRIPT = "/etc/leap/resolv-update"
+ if os.path.isfile(UPDOWN_SCRIPT):
+ args.append('--up')
+ args.append('/etc/leap/resolv-update')
+ args.append('--down')
+ args.append('/etc/leap/resolv-update')
+ args.append('--plugin')
+ args.append('/usr/lib/openvpn/openvpn-down-root.so')
+ args.append("'script_type=down /etc/leap/resolv-update'")
+
# certs
# XXX get values from specs?
args.append('--cert')
args.append(os.path.join(
self.home,
'.config', 'leap', 'providers',
- '%s' % PROVIDER,
+ '%s' % self.provider,
'keys', 'client',
'openvpn.pem'))
args.append('--key')
args.append(os.path.join(
self.home,
'.config', 'leap', 'providers',
- '%s' % PROVIDER,
+ '%s' % self.provider,
'keys', 'client',
'openvpn.pem'))
args.append('--ca')
args.append(os.path.join(
self.home,
'.config', 'leap', 'providers',
- '%s' % PROVIDER,
+ '%s' % self.provider,
'keys', 'ca',
- '%s-cacert.pem' % PROVIDER_SHORTNAME))
+ 'cacert.pem'))
return args
# build command string
@@ -128,6 +177,55 @@ class EIPConfigTest(BaseLeapTest):
# params in the function call, to disable
# some checks.
+ def test_get_eip_gateway(self):
+ self.write_sample_eipconfig()
+ eipconf = eipconfig.EIPConfig(domain=self.provider)
+
+ # default eipservice
+ self.write_sample_eipservice()
+ eipsconf = eipconfig.EIPServiceConfig(domain=self.provider)
+
+ gateway = eipconfig.get_eip_gateway(
+ eipconfig=eipconf,
+ eipserviceconfig=eipsconf)
+
+ # in spec is local gateway by default
+ self.assertEqual(gateway, '127.0.0.1')
+
+ # change eipservice
+ # right now we only check that cluster == selected primary gw in
+ # eip.json, and pick first matching ip
+ eipconf._config.config['primary_gateway'] = "foo_provider"
+ newgateways = [{"cluster": "foo_provider",
+ "ip_address": "127.0.0.99"}]
+ self.write_sample_eipservice(gateways=newgateways)
+ eipsconf = eipconfig.EIPServiceConfig(domain=self.provider)
+ # load from disk file
+ eipsconf.load()
+
+ gateway = eipconfig.get_eip_gateway(
+ eipconfig=eipconf,
+ eipserviceconfig=eipsconf)
+ self.assertEqual(gateway, '127.0.0.99')
+
+ # change eipservice, several gateways
+ # right now we only check that cluster == selected primary gw in
+ # eip.json, and pick first matching ip
+ eipconf._config.config['primary_gateway'] = "bar_provider"
+ newgateways = [{"cluster": "foo_provider",
+ "ip_address": "127.0.0.99"},
+ {'cluster': "bar_provider",
+ "ip_address": "127.0.0.88"}]
+ self.write_sample_eipservice(gateways=newgateways)
+ eipsconf = eipconfig.EIPServiceConfig(domain=self.provider)
+ # load from disk file
+ eipsconf.load()
+
+ gateway = eipconfig.get_eip_gateway(
+ eipconfig=eipconf,
+ eipserviceconfig=eipsconf)
+ self.assertEqual(gateway, '127.0.0.88')
+
def test_build_ovpn_command_empty_config(self):
self.touch_exec()
self.write_sample_eipservice()
@@ -137,13 +235,63 @@ class EIPConfigTest(BaseLeapTest):
from leap.util.fileutil import which
path = os.environ['PATH']
vpnbin = which('openvpn', path=path)
- print 'path =', path
- print 'vpnbin = ', vpnbin
- command, args = eipconfig.build_ovpn_command(
+ #print 'path =', path
+ #print 'vpnbin = ', vpnbin
+ vpncommand, vpnargs = eipconfig.build_ovpn_command(
+ do_pkexec_check=False, vpnbin=vpnbin,
+ socket_path="/tmp/test.socket",
+ provider=self.provider)
+ self.assertEqual(vpncommand, self.home + '/bin/openvpn')
+ self.assertEqual(vpnargs, self.get_expected_openvpn_args())
+
+ def test_build_ovpn_command_openvpnoptions(self):
+ self.touch_exec()
+
+ from leap.eip import config as eipconfig
+ from leap.util.fileutil import which
+ path = os.environ['PATH']
+ vpnbin = which('openvpn', path=path)
+
+ self.write_sample_eipconfig()
+
+ # regular run, everything normal
+ self.write_sample_eipservice(vpnciphers=True)
+ vpncommand, vpnargs = eipconfig.build_ovpn_command(
+ do_pkexec_check=False, vpnbin=vpnbin,
+ socket_path="/tmp/test.socket",
+ provider=self.provider)
+ self.assertEqual(vpncommand, self.home + '/bin/openvpn')
+ expected = self.get_expected_openvpn_args(
+ with_openvpn_ciphers=True)
+ self.assertEqual(vpnargs, expected)
+
+ # bad options -- illegal options
+ self.write_sample_eipservice(
+ vpnciphers=True,
+ # WE ONLY ALLOW vpn options in auth, cipher, tls-cipher
+ extra_vpnopts={"notallowedconfig": "badvalue"})
+ vpncommand, vpnargs = eipconfig.build_ovpn_command(
+ do_pkexec_check=False, vpnbin=vpnbin,
+ socket_path="/tmp/test.socket",
+ provider=self.provider)
+ self.assertEqual(vpncommand, self.home + '/bin/openvpn')
+ expected = self.get_expected_openvpn_args(
+ with_openvpn_ciphers=True)
+ self.assertEqual(vpnargs, expected)
+
+ # bad options -- illegal chars
+ self.write_sample_eipservice(
+ vpnciphers=True,
+ # WE ONLY ALLOW A-Z09\-
+ extra_vpnopts={"cipher": "AES-128-CBC;FOOTHING"})
+ vpncommand, vpnargs = eipconfig.build_ovpn_command(
do_pkexec_check=False, vpnbin=vpnbin,
- socket_path="/tmp/test.socket")
- self.assertEqual(command, self.home + '/bin/openvpn')
- self.assertEqual(args, self.get_expected_openvpn_args())
+ socket_path="/tmp/test.socket",
+ provider=self.provider)
+ self.assertEqual(vpncommand, self.home + '/bin/openvpn')
+ expected = self.get_expected_openvpn_args(
+ with_openvpn_ciphers=True)
+ self.assertEqual(vpnargs, expected)
if __name__ == "__main__":
diff --git a/src/leap/eip/tests/test_eipconnection.py b/src/leap/eip/tests/test_eipconnection.py
index bb643ae0..163f8d45 100644
--- a/src/leap/eip/tests/test_eipconnection.py
+++ b/src/leap/eip/tests/test_eipconnection.py
@@ -1,6 +1,8 @@
+import glob
import logging
import platform
-import os
+#import os
+import shutil
logging.basicConfig()
logger = logging.getLogger(name=__name__)
@@ -19,6 +21,8 @@ from leap.testing.basetest import BaseLeapTest
_system = platform.system()
+PROVIDER = "testprovider.example.org"
+
class NotImplementedError(Exception):
pass
@@ -27,6 +31,7 @@ class NotImplementedError(Exception):
@patch('OpenVPNConnection._get_or_create_config')
@patch('OpenVPNConnection._set_ovpn_command')
class MockedEIPConnection(EIPConnection):
+
def _set_ovpn_command(self):
self.command = "mock_command"
self.args = [1, 2, 3]
@@ -35,6 +40,7 @@ class MockedEIPConnection(EIPConnection):
class EIPConductorTest(BaseLeapTest):
__name__ = "eip_conductor_tests"
+ provider = PROVIDER
def setUp(self):
# XXX there's a conceptual/design
@@ -51,8 +57,8 @@ class EIPConductorTest(BaseLeapTest):
# XXX change to keys_checker invocation
# (see config_checker)
- keyfiles = (eipspecs.provider_ca_path(),
- eipspecs.client_cert_path())
+ keyfiles = (eipspecs.provider_ca_path(domain=self.provider),
+ eipspecs.client_cert_path(domain=self.provider))
for filepath in keyfiles:
self.touch(filepath)
self.chmod600(filepath)
@@ -61,11 +67,27 @@ class EIPConductorTest(BaseLeapTest):
# some methods mocked
self.manager = Mock(name="openvpnmanager_mock")
self.con = MockedEIPConnection()
+ self.con.provider = self.provider
+
+ # XXX watch out. This sometimes is throwing the following error:
+ # NoSuchProcess: process no longer exists (pid=6571)
+ # because of a bad implementation of _check_if_running_instance
+
self.con.run_openvpn_checks()
def tearDown(self):
+ pass
+
+ def doCleanups(self):
+ super(BaseLeapTest, self).doCleanups()
+ self.cleanupSocketDir()
del self.con
+ def cleanupSocketDir(self):
+ ptt = ('/tmp/leap-tmp*')
+ for tmpdir in glob.glob(ptt):
+ shutil.rmtree(tmpdir)
+
#
# tests
#
@@ -76,6 +98,7 @@ class EIPConductorTest(BaseLeapTest):
"""
con = self.con
self.assertEqual(con.autostart, True)
+ # XXX moar!
def test_ovpn_command(self):
"""
@@ -93,6 +116,7 @@ class EIPConductorTest(BaseLeapTest):
# needed to run tests. (roughly 3 secs for this only)
# We should modularize and inject Mocks on more places.
+ oldcon = self.con
del(self.con)
config_checker = Mock()
self.con = MockedEIPConnection(config_checker=config_checker)
@@ -102,6 +126,7 @@ class EIPConductorTest(BaseLeapTest):
skip_download=False)
# XXX test for cert_checker also
+ self.con = oldcon
# connect/disconnect calls
@@ -118,8 +143,14 @@ class EIPConductorTest(BaseLeapTest):
self.con.status.CONNECTED)
# disconnect
+ self.con.terminate_openvpn_connection = Mock()
self.con.disconnect()
- self.con._disconnect.assert_called_once_with()
+ self.con.terminate_openvpn_connection.assert_called_once_with(
+ shutdown=False)
+ self.con.terminate_openvpn_connection = Mock()
+ self.con.disconnect(shutdown=True)
+ self.con.terminate_openvpn_connection.assert_called_once_with(
+ shutdown=True)
# new status should be disconnected
# XXX this should evolve and check no errors
diff --git a/src/leap/eip/tests/test_openvpnconnection.py b/src/leap/eip/tests/test_openvpnconnection.py
index 61769f04..95bfb2f0 100644
--- a/src/leap/eip/tests/test_openvpnconnection.py
+++ b/src/leap/eip/tests/test_openvpnconnection.py
@@ -58,16 +58,27 @@ class OpenVPNConnectionTest(BaseLeapTest):
def setUp(self):
# XXX this will have to change for win, host=localhost
host = eipconfig.get_socket_path()
+ self.host = host
self.manager = MockedOpenVPNConnection(host=host)
def tearDown(self):
+ pass
+
+ def doCleanups(self):
+ super(BaseLeapTest, self).doCleanups()
+ self.cleanupSocketDir()
+
+ def cleanupSocketDir(self):
# remove the socket folder.
# XXX only if posix. in win, host is localhost, so nothing
# has to be done.
- if self.manager.host:
- folder, fpath = os.path.split(self.manager.host)
- assert folder.startswith('/tmp/leap-tmp') # safety check
- shutil.rmtree(folder)
+ if self.host:
+ folder, fpath = os.path.split(self.host)
+ try:
+ assert folder.startswith('/tmp/leap-tmp') # safety check
+ shutil.rmtree(folder)
+ except:
+ self.fail("could not remove temp file")
del self.manager
@@ -76,13 +87,18 @@ class OpenVPNConnectionTest(BaseLeapTest):
#
def test_detect_vpn(self):
+ # XXX review, not sure if captured all the logic
+ # while fixing. kali.
openvpn_connection = openvpnconnection.OpenVPNConnection()
- with patch.object(psutil, "get_process_list") as mocked_psutil:
+
+ with patch.object(psutil, "process_iter") as mocked_psutil:
+ mocked_process = Mock()
+ mocked_process.name = "openvpn"
+ mocked_process.cmdline = ["openvpn", "-foo", "-bar", "-gaaz"]
+ mocked_psutil.return_value = [mocked_process]
with self.assertRaises(eipexceptions.OpenVPNAlreadyRunning):
- mocked_process = Mock()
- mocked_process.name = "openvpn"
- mocked_psutil.return_value = [mocked_process]
openvpn_connection._check_if_running_instance()
+
openvpn_connection._check_if_running_instance()
@unittest.skipIf(_system == "Windows", "lin/mac only")
@@ -104,12 +120,14 @@ class OpenVPNConnectionTest(BaseLeapTest):
self.assertEqual(self.manager.port, 7777)
def test_port_types_init(self):
+ oldmanager = self.manager
self.manager = MockedOpenVPNConnection(port="42")
self.assertEqual(self.manager.port, 42)
self.manager = MockedOpenVPNConnection()
self.assertEqual(self.manager.port, "unix")
self.manager = MockedOpenVPNConnection(port="bad")
self.assertEqual(self.manager.port, None)
+ self.manager = oldmanager
def test_uds_telnet_called_on_connect(self):
self.manager.connect_to_management()
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-03 11:21:38 +0000