Merge pull request #11861 from yuwata/network-verify-2

network: config parser updates and wireguard refactoring
author: Lennart Poettering <lennart@poettering.net> 2019-03-13 10:15:27 +0100
committer: GitHub <noreply@github.com> 2019-03-13 10:15:27 +0100
commit: 96c45cc6972bdb30306c09a69ef28da6edc85041 (patch)
tree: 277f49d02033cb18cd2516f3e24553ec3e57be27 /test
parent: 3cca6cfd41b9d29ce9135c931ec52e969d0dab41 (diff)
parent: 39bcff3bca345fa9665db9b2cd94009370c9394c (diff)
download: systemd-96c45cc6972bdb30306c09a69ef28da6edc85041.tar.gz
6 files changed, 38 insertions, 2 deletions
diff --git a/test/fuzz/fuzz-netdev-parser/directives.netdev b/test/fuzz/fuzz-netdev-parser/directives.netdev
index cd7c3aaded..419ccda7dc 100644
--- a/test/fuzz/fuzz-netdev-parser/directives.netdev
+++ b/test/fuzz/fuzz-netdev-parser/directives.netdev
@@ -9,6 +9,7 @@ Mode=
 [WireGuard]
 ListenPort=
 PrivateKey=
+PrivateKeyFile=
 FwMark=
 [MACVTAP]
 Mode=
diff --git a/test/test-network/conf/25-address-section-miscellaneous.network b/test/test-network/conf/25-address-section-miscellaneous.network
index 3a37d036ce..bfb278f31f 100644
--- a/test/test-network/conf/25-address-section-miscellaneous.network
+++ b/test/test-network/conf/25-address-section-miscellaneous.network
@@ -1,6 +1,11 @@
 [Match]
 Name=dummy98
 
+[Network]
+# these lines are ignored
+Address=hogehoge
+Address=foofoo
+
 [Address]
 Address=10.2.3.4/16
 PreferredLifetime=0
@@ -8,3 +13,15 @@ Scope=link
 
 [Address]
 Address=2001:0db8:0:f101::1/64
+
+[Address]
+# this section must be ignored
+Peer=hoge
+Address=10.10.0.1/16
+Label=30
+
+[Address]
+# this section must be ignored
+Label=30
+Peer=hoge
+Address=10.10.0.2/16
diff --git a/test/test-network/conf/25-wireguard-23-peers.netdev b/test/test-network/conf/25-wireguard-23-peers.netdev
index 7f77dc1743..61a75e592f 100644
--- a/test/test-network/conf/25-wireguard-23-peers.netdev
+++ b/test/test-network/conf/25-wireguard-23-peers.netdev
@@ -7,7 +7,9 @@ Description=For issue #11404
 [WireGuard]
 # 51820 is common port for Wireguard, 4500 is IPSec/UDP
 ListenPort=4500
-PrivateKey=CJQUtcS9emY2fLYqDlpSZiE/QJyHkPWr+WHtZLZ90FU=
+# The key below should be overridden by PrivateKeyFile=
+PrivateKey=EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=
+PrivateKeyFile=/run/systemd/network/25-wireguard-private-key.txt
 
 # peer 1
 [WireGuardPeer]
diff --git a/test/test-network/conf/25-wireguard-private-key.txt b/test/test-network/conf/25-wireguard-private-key.txt
new file mode 100644
index 0000000000..469acd0950
--- /dev/null
+++ b/test/test-network/conf/25-wireguard-private-key.txt
@@ -0,0 +1,6 @@
+CJQUtcS9emY2fLY
+   qDlpSZiE/QJyHkP
+          Wr+WHtZ
+
+
+LZ90FU=
diff --git a/test/test-network/conf/25-wireguard.netdev b/test/test-network/conf/25-wireguard.netdev
index 4866c31cca..61afd1f5e7 100644
--- a/test/test-network/conf/25-wireguard.netdev
+++ b/test/test-network/conf/25-wireguard.netdev
@@ -4,6 +4,7 @@ Kind=wireguard
 
 [WireGuard]
 PrivateKey=EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=
+PrivateKeyFile=/run/systemd/network/not-exist
 ListenPort=51820
 FwMark=1234
 
diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py
index 1614af29b0..f43acb1f3c 100755
--- a/test/test-network/systemd-networkd-tests.py
+++ b/test/test-network/systemd-networkd-tests.py
@@ -242,6 +242,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
         '25-vxlan.netdev',
         '25-wireguard-23-peers.netdev',
         '25-wireguard-23-peers.network',
+        '25-wireguard-private-key.txt',
         '25-wireguard.netdev',
         '6rd.network',
         'gre.network',
@@ -454,16 +455,21 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
             self.assertTrue(output, 'RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t20')
             output = subprocess.check_output(['wg', 'show', 'wg99', 'endpoints']).rstrip().decode('utf-8')
             self.assertTrue(output, 'RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.27.3:51820')
+            output = subprocess.check_output(['wg', 'show', 'wg99', 'private-key']).rstrip().decode('utf-8')
+            self.assertTrue(output, 'EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=')
 
         self.assertTrue(self.link_exits('wg99'))
 
     @expectedFailureIfModuleIsNotAvailable('wireguard')
     def test_wireguard_23_peers(self):
-        self.copy_unit_to_networkd_unit_path('25-wireguard-23-peers.netdev', '25-wireguard-23-peers.network')
+        self.copy_unit_to_networkd_unit_path('25-wireguard-23-peers.netdev', '25-wireguard-23-peers.network',
+                                             '25-wireguard-private-key.txt')
         self.start_networkd()
 
         if shutil.which('wg'):
             subprocess.call('wg')
+            output = subprocess.check_output(['wg', 'show', 'wg98', 'private-key']).rstrip().decode('utf-8')
+            self.assertTrue(output, 'CJQUtcS9emY2fLYqDlpSZiE/QJyHkPWr+WHtZLZ90FU=')
 
         self.assertTrue(self.link_exits('wg98'))
 
@@ -813,6 +819,9 @@ class NetworkdNetWorkTests(unittest.TestCase, Utilities):
         print(output)
         self.assertRegex(output, 'inet 10.2.3.4/16 brd 10.2.255.255 scope link deprecated dummy98')
         self.assertRegex(output, 'inet6 2001:db8:0:f101::1/64 scope global')
+        # also tests invalid [Address] section
+        self.assertNotRegex(output, '10.10.0.1/16')
+        self.assertNotRegex(output, '10.10.0.2/16')
 
     def test_ip_route(self):
         self.copy_unit_to_networkd_unit_path('25-route-section.network', '12-dummy.netdev')
author	Lennart Poettering <lennart@poettering.net>	2019-03-13 10:15:27 +0100
committer	GitHub <noreply@github.com>	2019-03-13 10:15:27 +0100
commit	96c45cc6972bdb30306c09a69ef28da6edc85041 (patch)
tree	277f49d02033cb18cd2516f3e24553ec3e57be27 /test
parent	3cca6cfd41b9d29ce9135c931ec52e969d0dab41 (diff)
parent	39bcff3bca345fa9665db9b2cd94009370c9394c (diff)
download	systemd-96c45cc6972bdb30306c09a69ef28da6edc85041.tar.gz