constellation/cli/vpn/vpn_test.go

package vpn

import (
	"errors"
	"testing"

	wgquick "github.com/nmiculinic/wg-quick-go"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)

func TestCreate(t *testing.T) {
	require := require.New(t)

	testKey, err := wgtypes.GeneratePrivateKey()
	require.NoError(err)

	testCases := map[string]struct {
		coordinatorPubKey string
		coordinatorPubIP  string
		clientPrivKey     string
		clientVPNIP       string
		wantErr           bool
	}{
		"valid config": {
			clientPrivKey:     testKey.String(),
			clientVPNIP:       "192.0.2.1",
			coordinatorPubKey: testKey.PublicKey().String(),
			coordinatorPubIP:  "192.0.2.1",
		},
		"valid missing endpoint": {
			clientPrivKey:     testKey.String(),
			clientVPNIP:       "192.0.2.1",
			coordinatorPubKey: testKey.PublicKey().String(),
		},
		"invalid coordinator pub key": {
			clientPrivKey:    testKey.String(),
			clientVPNIP:      "192.0.2.1",
			coordinatorPubIP: "192.0.2.1",
			wantErr:          true,
		},
		"invalid client priv key": {
			clientVPNIP:       "192.0.2.1",
			coordinatorPubKey: testKey.PublicKey().String(),
			coordinatorPubIP:  "192.0.2.1",
			wantErr:           true,
		},
		"invalid client ip": {
			clientPrivKey:     testKey.String(),
			coordinatorPubKey: testKey.PublicKey().String(),
			coordinatorPubIP:  "192.0.2.1",
			wantErr:           true,
		},
	}

	for name, tc := range testCases {
		t.Run(name, func(t *testing.T) {
			assert := assert.New(t)

			handler := &ConfigHandler{}
			const mtu = 2

			quickConfig, err := handler.Create(tc.coordinatorPubKey, tc.coordinatorPubIP, tc.clientPrivKey, tc.clientVPNIP, mtu)

			if tc.wantErr {
				assert.Error(err)
			} else {
				assert.NoError(err)
				assert.Equal(tc.clientPrivKey, quickConfig.PrivateKey.String())
				assert.Equal(tc.clientVPNIP, quickConfig.Address[0].IP.String())

				if tc.coordinatorPubIP != "" {
					assert.Equal(tc.coordinatorPubIP, quickConfig.Peers[0].Endpoint.IP.String())
				}
				assert.Equal(mtu, quickConfig.MTU)
			}
		})
	}
}

func TestApply(t *testing.T) {
	testKey, err := wgtypes.GeneratePrivateKey()
	require.NoError(t, err)

	testCases := map[string]struct {
		quickConfig *wgquick.Config
		upErr       error
		wantErr     bool
	}{
		"valid": {
			quickConfig: &wgquick.Config{Config: wgtypes.Config{PrivateKey: &testKey}},
		},
		"invalid apply": {
			quickConfig: &wgquick.Config{Config: wgtypes.Config{PrivateKey: &testKey}},
			upErr:       errors.New("some err"),
			wantErr:     true,
		},
	}

	for name, tc := range testCases {
		t.Run(name, func(t *testing.T) {
			assert := assert.New(t)

			var ifaceSpy string
			var cfgSpy *wgquick.Config
			upSpy := func(cfg *wgquick.Config, iface string) error {
				ifaceSpy = iface
				cfgSpy = cfg
				return tc.upErr
			}

			handler := &ConfigHandler{up: upSpy}

			err := handler.Apply(tc.quickConfig)

			if tc.wantErr {
				assert.Error(err)
			} else {
				assert.NoError(err)
				assert.Equal(interfaceName, ifaceSpy)
				assert.Equal(tc.quickConfig, cfgSpy)
			}
		})
	}
}

func TestMarshal(t *testing.T) {
	require := require.New(t)

	testKey, err := wgtypes.GeneratePrivateKey()
	require.NoError(err)

	testCases := map[string]struct {
		quickConfig *wgquick.Config
		wantErr     bool
	}{
		"valid": {
			quickConfig: &wgquick.Config{Config: wgtypes.Config{PrivateKey: &testKey}},
		},
		"invalid config": {
			quickConfig: &wgquick.Config{Config: wgtypes.Config{}},
			wantErr:     true,
		},
	}
	for name, tc := range testCases {
		t.Run(name, func(t *testing.T) {
			assert := assert.New(t)
			handler := &ConfigHandler{}

			data, err := handler.Marshal(tc.quickConfig)
			if tc.wantErr {
				assert.Error(err)
			} else {
				assert.NoError(err)
				assert.Greater(len(data), 0)
			}
		})
	}
}
monorepo Co-authored-by: Malte Poll <mp@edgeless.systems> Co-authored-by: katexochen <katexochen@users.noreply.github.com> Co-authored-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Thomas Tendyck <tt@edgeless.systems> Co-authored-by: Benedict Schlueter <bs@edgeless.systems> Co-authored-by: leongross <leon.gross@rub.de> Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com> 2022-03-22 15:03:15 +00:00			`package vpn`

			`import (`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`"errors"`
monorepo Co-authored-by: Malte Poll <mp@edgeless.systems> Co-authored-by: katexochen <katexochen@users.noreply.github.com> Co-authored-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Thomas Tendyck <tt@edgeless.systems> Co-authored-by: Benedict Schlueter <bs@edgeless.systems> Co-authored-by: leongross <leon.gross@rub.de> Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com> 2022-03-22 15:03:15 +00:00			`"testing"`

Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`wgquick "github.com/nmiculinic/wg-quick-go"`
monorepo Co-authored-by: Malte Poll <mp@edgeless.systems> Co-authored-by: katexochen <katexochen@users.noreply.github.com> Co-authored-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Thomas Tendyck <tt@edgeless.systems> Co-authored-by: Benedict Schlueter <bs@edgeless.systems> Co-authored-by: leongross <leon.gross@rub.de> Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com> 2022-03-22 15:03:15 +00:00			`"github.com/stretchr/testify/assert"`
			`"github.com/stretchr/testify/require"`
			`"golang.zx2c4.com/wireguard/wgctrl/wgtypes"`
			`)`

refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`func TestCreate(t *testing.T) {`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`require := require.New(t)`

			`testKey, err := wgtypes.GeneratePrivateKey()`
			`require.NoError(err)`

			`testCases := map[string]struct {`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`coordinatorPubKey string`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`coordinatorPubIP string`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`clientPrivKey string`
			`clientVPNIP string`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`wantErr bool`
			`}{`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`"valid config": {`
			`clientPrivKey: testKey.String(),`
			`clientVPNIP: "192.0.2.1",`
			`coordinatorPubKey: testKey.PublicKey().String(),`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`coordinatorPubIP: "192.0.2.1",`
			`},`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`"valid missing endpoint": {`
			`clientPrivKey: testKey.String(),`
			`clientVPNIP: "192.0.2.1",`
			`coordinatorPubKey: testKey.PublicKey().String(),`
			`},`
			`"invalid coordinator pub key": {`
			`clientPrivKey: testKey.String(),`
			`clientVPNIP: "192.0.2.1",`
			`coordinatorPubIP: "192.0.2.1",`
			`wantErr: true,`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`},`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`"invalid client priv key": {`
			`clientVPNIP: "192.0.2.1",`
			`coordinatorPubKey: testKey.PublicKey().String(),`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`coordinatorPubIP: "192.0.2.1",`
			`wantErr: true,`
			`},`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`"invalid client ip": {`
			`clientPrivKey: testKey.String(),`
			`coordinatorPubKey: testKey.PublicKey().String(),`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`coordinatorPubIP: "192.0.2.1",`
			`wantErr: true,`
			`},`
			`}`

			`for name, tc := range testCases {`
			`t.Run(name, func(t *testing.T) {`
			`assert := assert.New(t)`

refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`handler := &ConfigHandler{}`
			`const mtu = 2`

			`quickConfig, err := handler.Create(tc.coordinatorPubKey, tc.coordinatorPubIP, tc.clientPrivKey, tc.clientVPNIP, mtu)`

			`if tc.wantErr {`
			`assert.Error(err)`
			`} else {`
			`assert.NoError(err)`
			`assert.Equal(tc.clientPrivKey, quickConfig.PrivateKey.String())`
			`assert.Equal(tc.clientVPNIP, quickConfig.Address[0].IP.String())`

			`if tc.coordinatorPubIP != "" {`
			`assert.Equal(tc.coordinatorPubIP, quickConfig.Peers[0].Endpoint.IP.String())`
			`}`
			`assert.Equal(mtu, quickConfig.MTU)`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`}`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`})`
			`}`
			`}`

			`func TestApply(t *testing.T) {`
			`testKey, err := wgtypes.GeneratePrivateKey()`
			`require.NoError(t, err)`

			`testCases := map[string]struct {`
			`quickConfig *wgquick.Config`
			`upErr error`
			`wantErr bool`
			`}{`
			`"valid": {`
			`quickConfig: &wgquick.Config{Config: wgtypes.Config{PrivateKey: &testKey}},`
			`},`
			`"invalid apply": {`
			`quickConfig: &wgquick.Config{Config: wgtypes.Config{PrivateKey: &testKey}},`
			`upErr: errors.New("some err"),`
			`wantErr: true,`
			`},`
			`}`

			`for name, tc := range testCases {`
			`t.Run(name, func(t *testing.T) {`
			`assert := assert.New(t)`

			`var ifaceSpy string`
			`var cfgSpy *wgquick.Config`
			`upSpy := func(cfg *wgquick.Config, iface string) error {`
			`ifaceSpy = iface`
			`cfgSpy = cfg`
			`return tc.upErr`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`}`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00
			`handler := &ConfigHandler{up: upSpy}`

			`err := handler.Apply(tc.quickConfig)`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00
			`if tc.wantErr {`
			`assert.Error(err)`
			`} else {`
			`assert.NoError(err)`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`assert.Equal(interfaceName, ifaceSpy)`
			`assert.Equal(tc.quickConfig, cfgSpy)`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`}`
			`})`
			`}`
			`}`

refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`func TestMarshal(t *testing.T) {`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`require := require.New(t)`

			`testKey, err := wgtypes.GeneratePrivateKey()`
			`require.NoError(err)`

			`testCases := map[string]struct {`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`quickConfig *wgquick.Config`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`wantErr bool`
			`}{`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`"valid": {`
			`quickConfig: &wgquick.Config{Config: wgtypes.Config{PrivateKey: &testKey}},`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`},`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`"invalid config": {`
			`quickConfig: &wgquick.Config{Config: wgtypes.Config{}},`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`wantErr: true,`
			`},`
			`}`
			`for name, tc := range testCases {`
			`t.Run(name, func(t *testing.T) {`
			`assert := assert.New(t)`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`handler := &ConfigHandler{}`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`data, err := handler.Marshal(tc.quickConfig)`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`if tc.wantErr {`
			`assert.Error(err)`
			`} else {`
			`assert.NoError(err)`
refactor cli vpn config (#46) * refactor cli vpn config Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com> 2022-04-12 12:20:46 +00:00			`assert.Greater(len(data), 0)`
Write WireGuard config file on init 2022-03-29 09:38:14 +00:00			`}`
			`})`
			`}`
			`}`