1
package EBox::OpenVPN::Server::Test;
6
use base qw(EBox::Test::Class);
9
use EBox::TestStubs qw(fakeEBoxModule);
14
use Test::Differences;
15
use Perl6::Junction qw(any);
19
use EBox::CA::TestStub;
22
use English qw(-no_match_vars);
26
return '/tmp/ebox.openvpn.test';
29
sub fakeCA : Test(startup)
31
EBox::CA::TestStub::fake();
35
# XXX replace with #419 when it is done
36
sub ignoreChownRootCommand : Test(startup)
38
my $root_r = EBox::Sudo->can('root');
40
my $rootIgnoreChown_r = sub {
42
my ($cmdWithoutParams) = split '\s+', $cmd;
43
if (($cmdWithoutParams eq 'chown') or ($cmdWithoutParams eq '/bin/chown')) {
47
return $root_r->($cmd);
51
defined $root_r or die 'Can not get root sub from EBox::Sudo';
53
Test::MockObject->fake_module(
55
root => $rootIgnoreChown_r,
63
my ($externalIfaces_r, $internalIfaces_r) = @_;
65
my @externalIfaces = defined $externalIfaces_r ? @{ $externalIfaces_r } : qw(eth0 eth2);
66
my @internalIfaces = defined $internalIfaces_r ? @{ $internalIfaces_r } : ('eth1', 'eth3');
68
my $anyExternalIfaces = any(@externalIfaces);
69
my $anyInternalIfaces = any(@internalIfaces);
71
my $ifaceExistsSub_r = sub {
72
my ($self, $iface) = @_;
73
return ($iface eq $anyInternalIfaces) or ($iface eq $anyExternalIfaces);
76
my $ifaceIsExternalSub_r = sub {
77
my ($self, $iface) = @_;
78
return ($iface eq $anyExternalIfaces);
85
package => 'EBox::Network',
87
ifaceIsExternal => $ifaceIsExternalSub_r,
88
ifaceExists => $ifaceExistsSub_r,
89
ExternalIfaces => sub { return \@externalIfaces },
90
InternalIfaces => sub { return \@internalIfaces },
91
ifaceMethod => sub { return 'anythingButNonSet' }, # this if for bug #395
98
sub setUpConfiguration : Test(setup)
102
my $confDir = $self->_confDir();
104
$self->{openvpnModInstance} = EBox::OpenVPN->_create();
106
my @gids = split '\s', $GID;
108
my $macacoCertificateCN ='macacoCertificate';
111
'/ebox/modules/openvpn/user' => $UID,
112
'/ebox/modules/openvpn/group' => $gids[0],
113
'/ebox/modules/openvpn/conf_dir' => $confDir,
114
'/ebox/modules/openvpn/dh' => "$confDir/dh1024.pem",
116
'/ebox/modules/openvpn/server/macaco/port' => 1194,
117
'/ebox/modules/openvpn/server/macaco/proto' => 'tcp',
118
'/ebox/modules/openvpn/server/macaco/server_certificate' => $macacoCertificateCN,
119
'/ebox/modules/openvpn/server/macaco/vpn_net' => '10.0.8.0',
120
'/ebox/modules/openvpn/server/macaco/vpn_netmask' => '255.255.255.0',
122
'/ebox/modules/openvpn/server/gibon/port' => 1294,
123
'/ebox/modules/openvpn/server/gibon/proto' => 'udp',
127
EBox::GConfModule::TestStub::setConfig(@config);
128
EBox::Global::TestStub::setEBoxModule('openvpn' => 'EBox::OpenVPN');
129
EBox::Global::TestStub::setEBoxModule('ca' => 'EBox::CA');
131
my $ca = EBox::Global->modInstance('ca');
141
dn => "CN=$macacoCertificateCN",
142
path => 'macaco.crt',
143
keys => [qw(macaco.pub macaco.key)],
147
$ca->setInitialState(\@certificates);
152
sub clearConfiguration : Test(teardown)
154
EBox::GConfModule::TestStub::setConfig();
156
my $ca = EBox::Global->modInstance('ca');
160
sub _useOkTest : Test
162
use_ok ('EBox::OpenVPN::Server');
165
sub newServerTest : Test(6)
168
my $openVpnMod = $self->{openvpnModInstance};
170
my @existentServers = qw(macaco gibon);
171
foreach my $serverName (@existentServers) {
173
lives_ok { $serverInstance = new EBox::OpenVPN::Server($serverName, $openVpnMod) };
174
isa_ok $serverInstance, 'EBox::OpenVPN::Server';
177
my @inexistentServers = qw(bufalo gacela);
178
foreach my $serverName (@inexistentServers) {
179
dies_ok { new EBox::OpenVPN::Server($serverName, $openVpnMod) } 'Checking that we can not create OpenVPN servers objects if the server is not registered in configuration';
184
sub setCertificateTest : Test(10)
188
my $ca = EBox::Global->modInstance('ca');
195
dn => 'CN=certificate1',
196
path => '/certificate1.crt',
199
dn => 'CN=certificate2',
200
path => '/certificate2.crt',
205
path => '/certificate2.crt',
210
path => '/certificate2.crt',
213
$ca->setInitialState(\@certificates);
215
my $server = $self->_newServer('macaco');
216
my $certificateGetter_r = $server->can('certificate');
217
my $certificateSetter_r = $server->can('setCertificate');
218
my $correctCertificates = [qw(certificate1 certificate2)];
219
my $incorrectCertificates = [qw(inexistentCertificate expired revoked)];
223
getter => $certificateGetter_r,
224
setter => $certificateSetter_r,
225
straightValues => $correctCertificates,
226
deviantValues => $incorrectCertificates,
227
propierty => "Server\'s certificate",
235
sub setTlsRemoteTest : Test(12)
239
my $ca = EBox::Global->modInstance('ca');
246
dn => 'CN=certificate1',
247
path => '/certificate1.crt',
250
dn => 'CN=certificate2',
251
path => '/certificate2.crt',
256
path => '/certificate2.crt',
261
path => '/certificate2.crt',
264
$ca->setInitialState(\@certificates);
266
my $server = $self->_newServer('macaco');
267
my $certificateGetter_r = $server->can('tlsRemote');
268
my $certificateSetter_r = $server->can('setTlsRemote');
269
my $correctCertificates = [qw(certificate1 certificate2)];
270
my $incorrectCertificates = [qw(inexistentCertificate expired revoked)];
274
getter => $certificateGetter_r,
275
setter => $certificateSetter_r,
276
straightValues => $correctCertificates,
277
deviantValues => $incorrectCertificates,
278
propierty => "Server\'s tls-remote option",
282
$server->tlsRemote() or die "Must return a tlsRemote or something it is rotten";
284
lives_ok { $server->setTlsRemote(0) } 'Trying to disable tls-remote option';
285
ok !$server->tlsRemote(), "Checking wether tls-remote option was disabled";
289
sub setProtoTest : Test(6)
293
my $server = $self->_newServer('macaco');
294
my $protoGetter_r = $server->can('proto');
295
my $protoSetter_r = $server->can('setProto');
296
my $correctProtos = [qw(tcp udp)];
297
my $incorrectProtos = [qw(mkkp)];
301
getter => $protoGetter_r,
302
setter => $protoSetter_r,
303
straightValues => $correctProtos,
304
deviantValues => $incorrectProtos,
305
propierty => "Server\'s IP protocol",
310
sub setProtoTestForMultipleServers : Test(1)
314
my $samePort = 20000;
315
my $distinctPort = 30000;
316
my $sameProto = 'tcp';
317
my $distinctProto = 'udp';
319
my $server = $self->_newServer('macaco');
320
$server->setProto($distinctProto);
321
$server->setPort($samePort);
323
my $server2 = $self->_newServer('gibon');
324
$server2->setProto($sameProto);
325
$server2->setPort($samePort);
327
dies_ok { $server->setProto($sameProto) } 'Checking that setting protocol is not permitted when we have the same pair of protocol and port in another server';
330
sub setPortTestForSingleServer : Test(19)
334
my $server = $self->_newServer('macaco');
336
dies_ok {$server->setPort(100)} 'Setting port before protocol must raise a error';
338
$server->setProto('tcp');
340
my $portGetter_r = $server->can('port');
341
my $portSetter_r = $server->can('setPort');
342
my $correctPorts = [1024, 1194, 4000];
343
my $incorrectPorts = [0, -1, 'ea', 1023, 40, 0.4];
347
getter => $portGetter_r,
348
setter => $portSetter_r,
349
straightValues => $correctPorts,
350
deviantValues => $incorrectPorts,
351
propierty => "Server\'s IP port",
358
sub setPortTestForMultipleServers : Test(4)
362
my $samePort = 20000;
363
my $distinctPort = 30000;
364
my $sameProto = 'tcp';
365
my $distinctProto = 'udp';
367
my $server = $self->_newServer('macaco');
368
$server->setProto($sameProto);
369
$server->setPort($samePort);
371
my $server2 = $self->_newServer('gibon');
372
$server2->setProto($sameProto);
373
$server2->setPort($distinctPort);
375
dies_ok { $server2->setPort($samePort) } "Checking that setting a duplicate port and protocol combination raises error";
376
is $server2->port(), $distinctPort, "Checking that the port remains untouched after the failed setting operation";
378
$server2->setProto($distinctProto);
379
lives_ok { $server2->setPort($samePort) } "Checking that is correct for two servers be setted to the same port number as long they are not using the same protocol";
380
is $server2->port(), $samePort, "Checking that prevoius setPort call was successful";
384
sub setLocalTest : Test(14)
388
my $server = $self->_newServer('macaco');
389
my $localGetter_r = $server->can('local');
390
my $localSetter_r = $server->can('setLocal');
391
my $correctLocals = [qw(eth0 eth2) ];
392
my $incorrectLocals = [ qw(inx1 eth1 inx2 eth3)];
395
Test::MockObject->fake_module('EBox::NetWrappers', 'list_local_addresses' => sub { return @{ $correctLocals } } );
399
getter => $localGetter_r,
400
setter => $localSetter_r,
401
straightValues => $correctLocals,
402
deviantValues => $incorrectLocals,
403
propierty => "Server\'s IP local address",
406
lives_ok { $server->setLocal('') } 'Unsetting local (i.e: all interfaces)';
407
ok !$server->local(), 'Cechking wether local value was unsetted';
411
sub keyTest : Test(2)
415
my $server = $self->_newServer('macaco');
417
lives_ok { $server->key() } 'key' ;
419
EBox::TestStubs::setConfigKey('/ebox/modules/openvpn/server/macaco/server_certificate' => undef);
420
dies_ok { $server->key() } 'Checking that trying to get the key from a server without certificate raises error';
423
sub setterAndGetterTest
426
my $object = $params{object};
427
my $propierty = exists $params{propierty} ? $params{propierty} : 'propierty';
428
my @straightValues = @{ $params{straightValues} };
429
my @deviantValues = @{ $params{deviantValues} };
430
my $setter_r = $params{setter};
431
my $getter_r = $params{getter};
433
foreach my $value (@straightValues) {
434
lives_ok { $setter_r->($object, $value) } "Trying to set $propierty to $value";
436
my $actualValue = $getter_r->($object);
437
is $actualValue, $value, "Using getter to check that $propierty was correcty setted" ;
440
foreach my $value (@deviantValues) {
441
my $beforeValue = $getter_r->($object);
443
dies_ok { $setter_r->($object, $value) } "Checking that setting $propierty to the invalid value $value raises error";
445
my $actualValue = $getter_r->($object);
446
is $actualValue, $beforeValue, "Checking that $propierty\'s value was left untouched";
452
sub writeConfFileTest : Test(2)
456
my $stubDir = $self->testDir() . '/stubs';
457
my $confDir = $self->testDir() . "/config";
458
foreach my $testSubdir ($confDir, $stubDir, "$stubDir/openvpn") {
459
system ("rm -rf $testSubdir");
460
($? == 0) or die "Error removing temp test subdir $testSubdir: $!";
461
system ("mkdir -p $testSubdir");
462
($? == 0) or die "Error creating temp test subdir $testSubdir: $!";
466
system "cp ../../../../stubs/openvpn.conf.mas $stubDir/openvpn";
467
($? ==0 ) or die "Can not copy templates to stub mock dir";
468
EBox::Config::TestStub::setConfigKeys('stubs' => $stubDir, tmp => '/tmp');
471
my $server = $self->_newServer('macaco');
472
lives_ok { $server->writeConfFile($confDir) } 'Calling writeConfFile method in server instance';
473
file_exists_ok("$confDir/macaco.conf", "Checking if the new configuration file was written");
474
diag "TODO: try to validate automatically the generated conf file without ressorting a aspect-like thing. (You may validate manually with openvpn --config)";
477
sub setSubnetTest : Test(6)
480
my $server = $self->_newServer('macaco');
481
my $subnetGetter_r = $server->can('subnet');
482
my $subnetSetter_r = $server->can('setSubnet');
494
getter => $subnetGetter_r,
495
setter => $subnetSetter_r,
496
straightValues => $straightCases,
497
deviantValues => $deviantCases,
498
propierty => "Server\'s VPN subnet",
506
sub setSubnetAndMaskTest : Test(18)
509
my $server = $self->_newServer();
512
['192.168.4.0', '255.255.255.0'],
513
['10.0.0.0', '255.0.0.0'],
517
['192.168.257.0', '255.255.255.0'], # bad address
518
['10.0.0.0', '255.0.0.1'], # bad mask
519
['192.168.4.1', '255.255.255.0'], # host, not net
520
['10.0.1.0', '255.0.0.0'], # host, not net
524
foreach my $case_r (@goodCases) {
525
my ($addr, $mask) = @{ $case_r };
526
lives_ok { $server->setSubnetAndMask($addr, $mask) } 'Calling setSubnetAndMask with good arguments';
527
is $server->subnet(), $addr, 'Checking wether net address was correctly changed';
528
is $server->subnetNetmask(), $mask, 'Checking wether netmask was correctly changed';
531
foreach my $case_r (@badCases) {
532
my ($addr, $mask) = @{ $case_r };
533
my $oldAddr = $server->subnet();
534
my $oldMask = $server->subnetNetmask();
536
dies_ok { $server->setSubnetAndMask($addr, $mask) } 'Calling setSubnetAndMask with bad arguments';
537
is $server->subnet(), $oldAddr, 'Checking wether net address was preserved';
538
is $server->subnetNetmask(), $oldMask, 'Checking wether netmask was preserved';
543
# sub setSubnetNetmaskTest : Test(6)
546
# my $server = $self->_newServer('macaco');
547
# my $subnetNetmaskGetter_r = $server->can('subnetNetmask');
548
# my $subnetNetmaskSetter_r = $server->can('setSubnetNetmask');
549
# my $straightValues = [
552
# my $deviantValues = [
557
# setterAndGetterTest(
559
# getter => $subnetNetmaskGetter_r,
560
# setter => $subnetNetmaskSetter_r,
561
# straightValues => $straightValues,
562
# deviantValues => $deviantValues,
563
# propierty => "Server\'s VPN subnet netmask",
569
sub addAndRemoveAdvertisedNet : Test(25)
572
my $server = $self->_newServer('macaco');
575
['192.168.24.1', '255.255.255.0'],
576
['192.168.86.0', '255.255.255.0'],
577
['10.0.0.0', '255.0.0.0'],
580
# assure straights nets can be reached using fake routes
581
EBox::TestStubs::setFakeIfaces(
585
'192.168.34.21' => '255.255.255.0',
589
my @fakeRoutes = map {
590
my $addr = EBox::NetWrappers::to_network_with_mask(@{ $_ });
591
( $addr => '192.168.34.21') # (route, gateway)
594
EBox::TestStubs::setFakeRoutes(@fakeRoutes);
598
# varaibles to control the tests' results
599
my ($address, $mask);
606
foreach my $net (@straightNets) {
607
($address, $mask)= @{ $net };
608
lives_ok { $server->addAdvertisedNet($address, $mask) } 'Adding advertised net to the server';
611
@nets = $server->advertisedNets();
612
is @nets, $netCount, 'Checking if the net count is coherent';
614
$netFound = _advertisedNetFound($address, $mask, @nets);
615
ok $netFound, 'Checking wether net was correctly reported by the server as used';
619
dies_ok { $server->addAdvertisedNet($address, $mask) } 'Expecting error when adding a duplicate net';
620
dies_ok { $server->addAdvertisedNet('10.0.0.0.0', '255.255.255.0') } 'Expecting error when adding a net with a incorrect address';
621
dies_ok { $server->addAdvertisedNet('10.0.0.0', '256.255.255.0') } 'Expecting error when adding a net with a incorrect netmask';
622
dies_ok { $server->addAdvertisedNet('10.0.0.0.1111', '0.255.255.0') } 'Expecting error when adding a net with both a incorrect address and netmask';
623
dies_ok { $server->addAdvertisedNet('192.168.34.0', '255.255.255.0') } 'Expecting error when adding a private net not reacheable by eBox';
625
# remove straight cases
627
foreach my $net (@straightNets) {
628
($address, $mask)= @{ $net };
629
lives_ok { $server->removeAdvertisedNet($address, $mask) } 'Removing advertised net from the server';
633
@nets = $server->advertisedNets();
634
is @nets, $netCount, 'Checking if the net count is coherent';
636
$netFound = _advertisedNetFound($address, $mask, @nets);
637
ok !$netFound, 'Checked wether net was correctly removed from the server';
640
# remove deviant cases
641
dies_ok { $server->removeAdvertisedNet('192.168.45.0', '255.255.255.0') } 'Expecting error when removing a inexistent net';
642
throws_ok { $server->removeAdvertisedNet('10.0.0.0.0', '255.255.255.0') } 'EBox::Exceptions::InvalidData', 'Expecting error when removing a net with a incorrect address';
646
sub certificateRevokedTest : Test(4)
650
my $server = $self->_newServer('macaco');
651
my $serverCertificate = $server->certificate();
652
my $otherCertificate = 'no-' . $serverCertificate;
656
[$otherCertificate, 1],
657
[$serverCertificate, 1],
658
[$serverCertificate, 0],
662
[$otherCertificate, 0],
665
foreach my $case_r (@trueCases) {
666
ok $server->certificateRevoked(@{ $case_r }), 'Checking wether certificateRevoked returns true';
668
foreach my $case_r (@falseCases) {
669
ok !$server->certificateRevoked(@{ $case_r }), 'Checking wether certificateRevoked returs false' ;
673
sub certificateExpiredTest : Test(12)
677
my $server = $self->_newServer('macaco');
678
$server->setService(1);
679
my $serverCertificate = $server->certificate();
680
my $otherCertificate = 'no-' . $serverCertificate;
682
my @innocuousCases = (
683
[$otherCertificate, 0],
686
my @invalidateCertificateCases = (
687
[$otherCertificate, 1],
688
[$serverCertificate, 1],
689
[$serverCertificate, 0],
692
foreach my $case_r (@innocuousCases) {
693
lives_ok { $server->certificateExpired( @{ $case_r } ) } 'Notifying server of innocuous certificate expiration';
694
is $server->certificate(), $serverCertificate, 'Checking wether server certificate was left unchanged';
695
ok $server->service(), 'Checking wether service status of the server was left untouched';
698
foreach my $case_r (@invalidateCertificateCases) {
699
lives_ok { $server->certificateExpired( @{ $case_r } ) } 'Notifying server of certificate expiration';
701
ok !$server->certificate(), 'Checking wether the server certificate was invalided';
702
ok !$server->service(), 'Checking wether the server was disabled';
704
# restoring server state
705
$self->setUpConfiguration();
706
$server = $self->_newServer('macaco');
707
$server->setService(1);
712
sub freeCertificateTest : Test(6)
716
my $server = $self->_newServer('macaco');
717
$server->setService(1);
718
my $serverCertificate = $server->certificate();
719
my $otherCertificate = 'no-' . $serverCertificate;
721
lives_ok { $server->freeCertificate($otherCertificate) } 'Forcing server to free a certificate which does not uses';
722
is $server->certificate(), $serverCertificate, 'Checking wether server certificate was left unchanged';
723
ok $server->service(), 'Checking wether service status of the server was left untouched';
725
lives_ok { $server->freeCertificate($serverCertificate) } 'Forcing serve to release his certificate';
726
ok !$server->certificate(), 'Checking wether the server certificate was invalided';
727
ok !$server->service(), 'Checking wether the server was disabled';
732
sub ifaceMethodChangedTest : Test(6)
736
my $server = $self->_newServer();
738
$server->setLocal('eth0');
739
ok !$server->ifaceMethodChanged('eth0', 'whatever', 'whateverMethod'), "Checking wether changing the iface method to a non-'nonset' method is not considered disruptive even where done in the local inerface";
741
$server->setLocal('');
742
ok !$server->ifaceMethodChanged('eth0', 'whatever', 'nonset'), "Checking wether changing the iface method to 'nonset' is not considered disruptive where are ifaces left and the interface is not the local interface";
744
$server->setLocal('eth0');
745
ok !$server->ifaceMethodChanged('eth0', 'whatever', 'nonset'), "Checking wether changing the iface method to 'nonset' is considered disruptive if the interface is the local interface";
748
fakeNetworkModule(['eth0'], []);
749
$server->setLocal('');
750
ok !$server->ifaceMethodChanged('eth0', 'whatever', 'nonset'), "Checking wether changing the iface method to 'nonset' is considered disruptive where are only one interface left";
752
$server->setLocal('eth0');
753
ok !$server->ifaceMethodChanged('eth0', 'whatever', 'nonset'), "Checking wether changing the iface method to 'nonset' is considered disruptive where are only one interface lef0 and adittionally the change is in the local interface";
754
ok !$server->ifaceMethodChanged('eth0', 'whatever', 'whateverMethod'), "Checking wether changing the iface method to a non-'nonset' method is not considered disruptive even where done in the local inerface and with only one interface left";
757
sub vifaceDeleteTest : Test(4)
761
my $server = $self->_newServer();
763
ok !$server->vifaceDelete('eth0', 'eth2'), 'Checking wether deleting a virtual interface is not reported as disruptive if the interface is not the local interface and there are interfaces left';
765
$server->setLocal('eth2');
766
ok $server->vifaceDelete('eth0', 'eth2'), 'Checking wether deleting a virtual interface is reported as disruptive when the interface is the local interface';
768
fakeNetworkModule(['eth2'], []);
770
$server->setLocal('');
771
ok $server->vifaceDelete('eth0', 'eth2'), 'Checking wether deleting a virtual interface is reported as disruptive when the interface is the only interfaces left';
773
$server->setLocal('eth2');
774
ok $server->vifaceDelete('eth0', 'eth2'), 'Checking wether deleting a virtual interface is reported as disruptive when the interface is the local interface and there is no interfaces left';
778
sub freeIfaceTest : Test(4)
782
my $server = $self->_newServer();
783
$server->setService(1);
785
$server->setLocal('');
786
$server->freeIface('eth8');
787
ok $server->service(), 'Checking wether freeing a interface which is not the local interface in a system which has more interfaces available does not deactivate the server';
789
$server->setLocal('eth0');
790
$server->freeIface('eth0');
791
ok !$server->service(), 'Checking wether freeing a interface which is the local interface in a system which has more interfaces available deactivates the server';
794
fakeNetworkModule(['eth2'], []);
796
$server->setLocal('');
797
$server->setService(1);
798
$server->freeIface('eth2');
799
ok !$server->service(), 'Checking wether freeing a interface which is not the local interface in a system which has only this interface available deactivates the server';
801
$server->setLocal('eth2');
802
$server->setService(1);
803
$server->freeIface('eth2');
804
ok !$server->service(), 'Checking wether freeing a interface which is the local interface in a system which has only this interface available deactivates the server';
807
sub freeVifaceTest : Test(4)
811
my $server = $self->_newServer();
812
$server->setService(1);
814
$server->setLocal('');
815
$server->freeViface('eth0', 'eth8');
816
ok $server->service(), 'Checking wether freeing a virtual interface which is not the local virtual interface in a system which has more virtual interfaces available does not deactivate the server';
818
$server->setLocal('eth2');
819
$server->freeViface('eth8', 'eth2');
820
ok !$server->service(), 'Checking wether freeing a virtual interface which is the local virtual interface in a system which has more virtual interfaces available deactivates the server';
823
fakeNetworkModule(['eth2'], []);
825
$server->setLocal('');
826
$server->setService(1);
827
$server->freeViface('eth0', 'eth2');
828
ok !$server->service(), 'Checking wether freeing a virtual interface which is not the local virtual interface in a system which has only this virtual interface available deactivates the server';
830
$server->setLocal('eth2');
831
$server->setService(1);
832
$server->freeViface('eth0', 'eth2');
833
ok !$server->service(), 'Checking wether freeing a virtual interface which is the local virtual interface in a system which has only this virtual interface available deactivates the server';
836
sub otherNetworkObserverMethodsTest : Test(2)
839
my $server = $self->_newServer();
841
ok !$server->staticIfaceAddressChanged('eth0', '192.168.45.4', '255.255.255.0', '10.0.0.1', '255.0.0.0'), 'Checking wether server notifies that is not disrupted after staticIfaceAddressChanged invokation';
843
ok !$server->vifaceAdded('eth0', 'eth0:1', '10.0.0.1', '255.0.0.0'), 'Checking wether server notifies that is not disrupted after staticIfaceAddressChanged invokation';
847
sub setServiceTest : Test(56)
850
my $server = $self->_newServer();
851
$server->setService(0);
853
my @serviceStates = ('0', '1', '1', '0');
855
diag 'Server in correct state';
856
foreach my $newService (@serviceStates) {
857
lives_ok { $server->setService($newService) } "Setting server service to $newService";
858
is $server->service() ? 1 : 0, $newService, 'Checking wether service was correctly setted';
861
diag 'Setting local interface to listen on to a inexistent interface';
862
$server->setConfString('local', 'fw5');
863
$self->_checkSetServiceeWithBadStatus($server, 'using a inexistent interface as local interface to listen on');
865
diag 'Setting local interface to listen on to a internal interface';
866
$server->setConfString('local', 'eth1');
867
$self->_checkSetServiceeWithBadStatus($server, 'using a internal interface as local interface to listen on');
869
diag 'Setting server to listen in all interfaces but with no interfaces left';
870
$server->unsetConf('local');
871
fakeNetworkModule([], []);
872
$self->_checkSetServiceeWithBadStatus($server, 'no networks interfaces available');
875
# certificates bad states
876
my $ca = EBox::Global->modInstance('ca');
881
path => '/certificate2.crt',
886
path => '/certificate2.crt',
889
$ca->setInitialState(\@certificates);
892
diag 'Setting server to use a inexistent certificate';
893
$server->setConfString('inexistent');
894
$self->_checkSetServiceeWithBadStatus($server, 'using a inexistent certificate');
896
diag 'Setting server to use a expired certificate';
897
$server->setConfString('expired');
898
$self->_checkSetServiceeWithBadStatus($server, 'using a expired certificate');
900
diag 'Setting server to use a revoked certificate';
901
$server->setConfString('revoked');
902
$self->_checkSetServiceeWithBadStatus($server, 'using a revoked certificate');
905
sub _checkSetServiceeWithBadStatus
907
my ($self, $server, $badState) = @_;
909
my @serviceStates = ('0', '1', '1', '0');
910
foreach my $newService (@serviceStates) {
912
dies_ok { $server->setService($newService) } 'Changing wether activating service with bad state: $badState';
913
ok !$server->service, 'Checking wether the client continues inactive';
916
lives_ok { $server->setService($newService) } 'Changing service status to inactive';
917
is $server->service() ? 1 : 0, $newService, 'Checking wether the service change was done';
922
sub _advertisedNetFound
924
my ($address, $mask, @advertisedNets) = @_;
926
my $netFound = grep {
927
my ($address2, $mask2) = @{ $_ };
928
($address2 eq $address) and ($mask eq $mask2)
937
return $self->testDir() . "/config";
942
my ($self, $name) = @_;
943
defined $name or $name = 'macaco';
945
my $openVpnMod = $self->{openvpnModInstance};
946
my $server = new EBox::OpenVPN::Server($name, $openVpnMod);