aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorflu0r1ne <flu0r1ne@flu0r1ne.net>2024-06-05 13:35:20 -0700
committerflu0r1ne <flu0r1ne@flu0r1ne.net>2024-06-05 13:35:20 -0700
commit23a37100f121edd0c1291c4a78901662eae5d58b (patch)
tree1b16a2f5b53746b0bef8f5f7f92729f128d2baaa
parent24ac246d85115396489f970d2396acdbad93431b (diff)
downloadwg2nd-0.2.1.tar.xz
wg2nd-0.2.1.zip
Integration tests and "\r\n" DOS-style line feedsHEADv0.2.1main
- Parse \r\n line feeds - Add simple integration tests to ensure regressions do not occur - Add test "wg1" for \r\n parsing
-rw-r--r--src/wg2nd.cpp2
-rw-r--r--test/example_config/wg0/nftables.conf33
-rw-r--r--test/example_config/wg0/wg0.conf9
-rw-r--r--test/example_config/wg0/wg0.netdev16
-rw-r--r--test/example_config/wg0/wg0.network33
-rw-r--r--test/example_config/wg1/nftables.conf33
-rw-r--r--test/example_config/wg1/wg1.conf9
-rw-r--r--test/example_config/wg1/wg1.netdev16
-rw-r--r--test/example_config/wg1/wg1.network33
-rw-r--r--test/integration_test.py61
10 files changed, 244 insertions, 1 deletions
diff --git a/src/wg2nd.cpp b/src/wg2nd.cpp
index afe3132..d26d4c6 100644
--- a/src/wg2nd.cpp
+++ b/src/wg2nd.cpp
@@ -128,7 +128,7 @@ namespace wg2nd {
{
size_t i = 0, j = 0;
for(; i < line.size(); i++) {
- if(line[i] != ' ' and line[i] != '\t') {
+ if(line[i] != ' ' and line[i] != '\t' and line[i] != '\r') {
line[j] = line[i];
j++;
}
diff --git a/test/example_config/wg0/nftables.conf b/test/example_config/wg0/nftables.conf
new file mode 100644
index 0000000..2b9762d
--- /dev/null
+++ b/test/example_config/wg0/nftables.conf
@@ -0,0 +1,33 @@
+table ip wg0 {
+ chain preraw {
+ type filter hook prerouting priority raw; policy accept;
+ iifname != "wg0" ip daddr 10.55.127.342 fib saddr type != local drop;
+ }
+
+ chain premangle {
+ type filter hook prerouting priority mangle; policy accept;
+ meta l4proto udp meta mark set ct mark;
+ }
+
+ chain postmangle {
+ type filter hook postrouting priority mangle; policy accept;
+ meta l4proto udp meta mark 0xa22a61a9 ct mark set meta mark;
+ }
+}
+
+table ip6 wg0 {
+ chain preraw {
+ type filter hook prerouting priority raw; policy accept;
+ iifname != "wg0" ip6 daddr ab00:aaaa:aaa:aa02::5:abcd fib saddr type != local drop;
+ }
+
+ chain premangle {
+ type filter hook prerouting priority mangle; policy accept;
+ meta l4proto udp meta mark set ct mark;
+ }
+
+ chain postmangle {
+ type filter hook postrouting priority mangle; policy accept;
+ meta l4proto udp meta mark 0xa22a61a9 ct mark set meta mark;
+ }
+}
diff --git a/test/example_config/wg0/wg0.conf b/test/example_config/wg0/wg0.conf
new file mode 100644
index 0000000..18460ee
--- /dev/null
+++ b/test/example_config/wg0/wg0.conf
@@ -0,0 +1,9 @@
+[Interface]
+PrivateKey = 0OCS+dV5wsDje6qUAEDQzPmTNWOLE9HE8kfGU1wJUE0=
+Address = 10.55.127.342/32, ab00:aaaa:aaa:aa02::5:abcd/128
+DNS = 10.64.0.1
+
+[Peer]
+PublicKey = WBSnuq6Vswxz5G5zz9pUt60ZSA+JfZ1iTXdg0RJGjks=
+AllowedIPs = 0.0.0.0/0,::0/0
+Endpoint = 128.45.210.64:51821
diff --git a/test/example_config/wg0/wg0.netdev b/test/example_config/wg0/wg0.netdev
new file mode 100644
index 0000000..4bfea5d
--- /dev/null
+++ b/test/example_config/wg0/wg0.netdev
@@ -0,0 +1,16 @@
+# Autogenerated by wg2nd
+[NetDev]
+Name = wg0
+Kind = wireguard
+Description = wg0 - wireguard tunnel
+
+[WireGuard]
+PrivateKeyFile = /etc/systemd/network/7MQMU4C7JODRWLDIICKQPWRARIMU5IFM54B2BGXAF42WYVL2RYQA====.privkey
+FirewallMark = 0xa22a61a9
+
+[WireGuardPeer]
+PublicKey = WBSnuq6Vswxz5G5zz9pUt60ZSA+JfZ1iTXdg0RJGjks=
+Endpoint = 128.45.210.64:51821
+AllowedIPs = 0.0.0.0/0
+AllowedIPs = ::0/0
+
diff --git a/test/example_config/wg0/wg0.network b/test/example_config/wg0/wg0.network
new file mode 100644
index 0000000..3cbb147
--- /dev/null
+++ b/test/example_config/wg0/wg0.network
@@ -0,0 +1,33 @@
+# Autogenerated by wg2nd
+[Match]
+Name = wg0
+
+[Link]
+ActivationPolicy = manual
+
+[Network]
+Address = 10.55.127.342/32
+Address = ab00:aaaa:aaa:aa02::5:abcd/128
+DNS = 10.64.0.1
+Domains = ~.
+
+[Route]
+Destination = 0.0.0.0/0
+Table = 2720686505
+
+[Route]
+Destination = ::0/0
+Table = 2720686505
+
+[RoutingPolicyRule]
+SuppressPrefixLength = 0
+Family = both
+Priority = 32764
+
+[RoutingPolicyRule]
+FirewallMark = 0xa22a61a9
+InvertRule = true
+Table = 2720686505
+Family = both
+Priority = 32765
+
diff --git a/test/example_config/wg1/nftables.conf b/test/example_config/wg1/nftables.conf
new file mode 100644
index 0000000..048178a
--- /dev/null
+++ b/test/example_config/wg1/nftables.conf
@@ -0,0 +1,33 @@
+table ip wg1 {
+ chain preraw {
+ type filter hook prerouting priority raw; policy accept;
+ iifname != "wg1" ip daddr 10.55.127.342 fib saddr type != local drop;
+ }
+
+ chain premangle {
+ type filter hook prerouting priority mangle; policy accept;
+ meta l4proto udp meta mark set ct mark;
+ }
+
+ chain postmangle {
+ type filter hook postrouting priority mangle; policy accept;
+ meta l4proto udp meta mark 0x25db0647 ct mark set meta mark;
+ }
+}
+
+table ip6 wg1 {
+ chain preraw {
+ type filter hook prerouting priority raw; policy accept;
+ iifname != "wg1" ip6 daddr ab00:aaaa:aaa:aa02::5:abcd fib saddr type != local drop;
+ }
+
+ chain premangle {
+ type filter hook prerouting priority mangle; policy accept;
+ meta l4proto udp meta mark set ct mark;
+ }
+
+ chain postmangle {
+ type filter hook postrouting priority mangle; policy accept;
+ meta l4proto udp meta mark 0x25db0647 ct mark set meta mark;
+ }
+}
diff --git a/test/example_config/wg1/wg1.conf b/test/example_config/wg1/wg1.conf
new file mode 100644
index 0000000..209bc1f
--- /dev/null
+++ b/test/example_config/wg1/wg1.conf
@@ -0,0 +1,9 @@
+[Interface]
+PrivateKey = 0OCS+dV5wsDje6qUAEDQzPmTNWOLE9HE8kfGU1wJUE0=
+Address = 10.55.127.342/32, ab00:aaaa:aaa:aa02::5:abcd/128
+DNS = 10.64.0.1
+
+[Peer]
+PublicKey = WBSnuq6Vswxz5G5zz9pUt60ZSA+JfZ1iTXdg0RJGjks=
+AllowedIPs = 0.0.0.0/0,::0/0
+Endpoint = 128.45.210.64:51821
diff --git a/test/example_config/wg1/wg1.netdev b/test/example_config/wg1/wg1.netdev
new file mode 100644
index 0000000..c8cf14b
--- /dev/null
+++ b/test/example_config/wg1/wg1.netdev
@@ -0,0 +1,16 @@
+# Autogenerated by wg2nd
+[NetDev]
+Name = wg1
+Kind = wireguard
+Description = wg1 - wireguard tunnel
+
+[WireGuard]
+PrivateKeyFile = /etc/systemd/network/7MQMU4C7JODRWLDIICKQPWRARIMU5IFM54B2BGXAF42WYVL2RYQA====.privkey
+FirewallMark = 0x25db0647
+
+[WireGuardPeer]
+PublicKey = WBSnuq6Vswxz5G5zz9pUt60ZSA+JfZ1iTXdg0RJGjks=
+Endpoint = 128.45.210.64:51821
+AllowedIPs = 0.0.0.0/0
+AllowedIPs = ::0/0
+
diff --git a/test/example_config/wg1/wg1.network b/test/example_config/wg1/wg1.network
new file mode 100644
index 0000000..3a50f29
--- /dev/null
+++ b/test/example_config/wg1/wg1.network
@@ -0,0 +1,33 @@
+# Autogenerated by wg2nd
+[Match]
+Name = wg1
+
+[Link]
+ActivationPolicy = manual
+
+[Network]
+Address = 10.55.127.342/32
+Address = ab00:aaaa:aaa:aa02::5:abcd/128
+DNS = 10.64.0.1
+Domains = ~.
+
+[Route]
+Destination = 0.0.0.0/0
+Table = 635110983
+
+[Route]
+Destination = ::0/0
+Table = 635110983
+
+[RoutingPolicyRule]
+SuppressPrefixLength = 0
+Family = both
+Priority = 32764
+
+[RoutingPolicyRule]
+FirewallMark = 0x25db0647
+InvertRule = true
+Table = 635110983
+Family = both
+Priority = 32765
+
diff --git a/test/integration_test.py b/test/integration_test.py
new file mode 100644
index 0000000..2616986
--- /dev/null
+++ b/test/integration_test.py
@@ -0,0 +1,61 @@
+from pathlib import Path
+from enum import Enum
+import subprocess
+import sys
+
+WG2ND_EXECUTABLE = "./wg2nd"
+TEST_DIRECTORY = './test/example_config'
+TESTS = [
+ 'wg0',
+ 'wg1', # same as wg0 except with \r\n
+]
+
+def die(*args, code: int = 1, **kwargs):
+ print(*args, **kwargs, file=sys.stderr)
+ sys.exit(code)
+
+class Wg2ndFileType( Enum ):
+ NETWORK = 'network'
+ NETDEV = 'netdev'
+ KEYFILE = 'keyfile'
+ NFT = 'nft'
+
+def wg2nd_generate(filetype: Wg2ndFileType, path: Path):
+
+ try:
+ result = subprocess.run([
+ WG2ND_EXECUTABLE, 'generate', '-t', filetype.value, str(path)
+ ], capture_output=True, check=True)
+ except FileNotFoundError:
+ die(f'Failed to find executable "{WG2ND_EXECUTABLE}"')
+ except subprocess.CalledProcessError as e:
+ die(f'Failed to generate config with wg2nd: {e}')
+
+ return str(result.stdout, encoding='utf-8')
+
+def read_config(path: str) -> str:
+
+ with open(path, 'r') as f:
+ return f.read()
+
+for test in TESTS:
+
+ test_directory = Path(TEST_DIRECTORY) / test
+
+ wg_config = test_directory / f'{test}.conf'
+
+ expected_netdev = read_config(test_directory / f'{test}.netdev')
+ expected_network = read_config(test_directory / f'{test}.network')
+ expected_nftables = read_config(test_directory / 'nftables.conf')
+
+ network = wg2nd_generate(Wg2ndFileType.NETWORK, wg_config)
+ netdev = wg2nd_generate(Wg2ndFileType.NETDEV, wg_config)
+ nftables = wg2nd_generate(Wg2ndFileType.NFT, wg_config)
+
+ print(f'testing {test}')
+
+ assert network == expected_network
+ assert netdev == expected_netdev
+ assert nftables == expected_nftables
+
+ print('pass')