-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathimport_vpn_test.go
218 lines (204 loc) · 4.67 KB
/
import_vpn_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
package ezovpn
import (
"bytes"
"io"
"os"
"strings"
"testing"
"github.com/stretchr/testify/mock"
"github.com/stretchr/testify/require"
)
func TestRegexResolver(t *testing.T) {
testData := []struct {
line string
match bool
key string
value string
}{
{"remote my-server-1 1194", false, "", ""},
{"cert client.crt ", true, "cert", "client.crt"},
{" ca ca.crt ", true, "ca", "ca.crt"},
{"# cert client.crt ", false, "", ""},
{"cert client.crt ", true, "cert", "client.crt"},
{"tls-auth ta.key 1", true, "tls-auth", "ta.key"},
{"#tls-auth ta.key 1", false, "tls-auth", "ta.key"},
{" pkcs12 /etc/openvpn/client.p12", true, "pkcs12", "/etc/openvpn/client.p12"},
}
for _, test := range testData {
arr := filesMatcher.FindStringSubmatch(test.line)
if test.match {
require.NotNil(t, arr, test)
require.Equal(t, arr[1], test.key, test)
require.Equal(t, arr[fileIdx], test.value, test)
} else {
require.Nil(t, arr, test)
}
}
}
func TestEmbed(t *testing.T) {
const (
sourceFile = `# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
;dev tap
dev tun
;dev-node MyTap
proto udp
remote my-server-1 1194
;remote-random
resolv-retry infinite
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1
cipher AES-256-CBC
comp-lzo
# Silence repeating messages
;mute 20`
targetFile = `# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
;dev tap
dev tun
;dev-node MyTap
proto udp
remote my-server-1 1194
;remote-random
resolv-retry infinite
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
<ca>
CA cert here
1234
</ca>
<cert>
0000000
1111111
</cert>
<key>
2222222222222222222
2222233322222222222
</key>
key-direction 1
<tls-auth>
AUTH PACKET
DATA
</tls-auth>
cipher AES-256-CBC
comp-lzo
# Silence repeating messages
;mute 20
`
sourceFilePkcs12 = `# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
;dev tap
dev tun
;dev-node MyTap
proto udp
remote my-server-1 1194
;remote-random
resolv-retry infinite
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
pkcs12 pkcs12.p12
tls-auth ta.key 1
cipher AES-256-CBC
comp-lzo
# Silence repeating messages
;mute 20`
targetFilePkcs12 = `# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
;dev tap
dev tun
;dev-node MyTap
proto udp
remote my-server-1 1194
;remote-random
resolv-retry infinite
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
<pkcs12>
/deSj5Uh3JfIX2bhP0f+TNTIw1OZJgwK4aXTjOmuIjcz9YVmiRR1ZwWI59VWaGKxci/4er8ZN3YS
OIce8ddQqQ8Ub/CPeBCXrt04DhjTzB3x+4MZ+ZBGHHevySGWe9oHKcavfBZM1+kpg+qz8BbZDbYY
SRs=
</pkcs12>
key-direction 1
<tls-auth>
AUTH PACKET
DATA
</tls-auth>
cipher AES-256-CBC
comp-lzo
# Silence repeating messages
;mute 20
`
)
pkcsFileData, err := os.Open("./testdir/pkcs12.p12")
require.Nil(t, err)
defer pkcsFileData.Close()
var (
ca = stringCloser{strings.NewReader("CA cert here\n1234\n")}
cert = stringCloser{strings.NewReader("0000000\n1111111\n")}
key = stringCloser{strings.NewReader("2222222222222222222\n2222233322222222222\n")}
ta stringCloser
pkcs12 = pkcsFileData
m mck
w bytes.Buffer
)
m.On("Fetch", "/tmp/ca.crt").Once().Return(&ca, nil)
m.On("Fetch", "/tmp/client.crt").Once().Return(&cert, nil)
m.On("Fetch", "/tmp/client.key").Once().Return(&key, nil)
m.On("Fetch", "/tmp/ta.key").Twice().Return(&ta, nil).Run(func(args mock.Arguments) {
ta = stringCloser{strings.NewReader("AUTH PACKET\nDATA\n")}
})
m.On("Fetch", "/tmp/pkcs12.p12").Once().Return(pkcs12, nil)
for _, td := range []struct {
expected string
src string
}{
{expected: targetFile, src: sourceFile},
{expected: targetFilePkcs12, src: sourceFilePkcs12},
} {
w.Reset()
ImportVPNConfig("/tmp", strings.NewReader(td.src), &w, m.Fetch)
require.Equal(t, td.expected, w.String())
}
m.AssertExpectations(t)
}
type stringCloser struct {
io.Reader
}
func (s *stringCloser) Close() error {
return nil
}
type mck struct {
mock.Mock
}
func (x *mck) Fetch(s string) (io.ReadCloser, error) {
arrs := x.Called(s)
return arrs[0].(io.ReadCloser), nil
}