2022-02-27 03:22:11 +00:00
package wgfunc
import (
"golang.zx2c4.com/wireguard/wgctrl"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
"testing"
)
import "github.com/vishvananda/netlink"
import "github.com/stretchr/testify/assert"
func TestRemoveDeviceIfIPRangeInvalide ( t * testing . T ) {
2022-02-27 04:08:06 +00:00
serverConfig := WireGuardConfig {
2022-02-27 03:22:11 +00:00
Name : "wgUnit" ,
IPRanges : [ ] string { "10.0.0.1/24" , "abc/24" } ,
}
2022-02-27 04:08:06 +00:00
server , err := NewWireGuard ( serverConfig )
2022-02-27 03:22:11 +00:00
assert . Nil ( t , err , "shouldn't return error while creating server" )
err = server . Up ( )
if err == nil || err . Error ( ) != "invalid CIDR address: abc/24" {
t . Errorf ( "Should return invalide CIDR error" )
}
foundDevice := checkForNetworkDevice ( "wgUnit" , t )
assert . Falsef ( t , foundDevice , "should not fount device with name wgUnit" )
}
func TestRemoveDeviceIfPrivateKeyIsInvalide ( t * testing . T ) {
2022-02-27 04:08:06 +00:00
serverConfig := WireGuardConfig {
2022-02-27 03:22:11 +00:00
Name : "wgUnit" ,
IPRanges : [ ] string { "10.0.0.1/24" } ,
}
2022-02-27 04:08:06 +00:00
server , err := NewWireGuard ( serverConfig )
2022-02-27 03:22:11 +00:00
assert . Nil ( t , err , "shouldn't return error while creating server" )
err = server . Up ( )
if err == nil || err . Error ( ) != "wgtypes: incorrect key size: 0" {
t . Errorf ( "Should return invalide key size error" )
}
foundDevice := checkForNetworkDevice ( "wgUnit" , t )
assert . Falsef ( t , foundDevice , "should not fount device with name wgUnit" )
}
func TestCantRunSetupWireguardTwice ( t * testing . T ) {
2022-02-27 04:08:06 +00:00
server := WireGuard { }
2022-02-27 03:22:11 +00:00
server . name = "wgUnit"
key , err := wgtypes . GeneratePrivateKey ( )
assert . Nil ( t , err , "cant create private key" )
server . wgConfig . PrivateKey = & key
err = server . Up ( )
if err == nil || err . Error ( ) != "Wireguard already setedup" {
t . Errorf ( "Should fail setup wireguard if privatkey is already set" )
}
foundDevice := checkForNetworkDevice ( "wgUnit" , t )
assert . Falsef ( t , foundDevice , "should not fount device with name wgUnit" )
}
func TestNoWireguardDevicesExists ( t * testing . T ) {
client , err := wgctrl . New ( )
assert . Nil ( t , err , "cant create wgctrl client" )
devices , err := client . Devices ( )
assert . Nil ( t , err , "cant get devices from wgctrl client" )
assert . Equalf ( t , 0 , len ( devices ) , "there are wireguard devices" )
}
func TestCreateWireguarderver ( t * testing . T ) {
client , err := wgctrl . New ( )
assert . Nil ( t , err , "cant create wgctrl client" )
key , err := wgtypes . GeneratePrivateKey ( )
assert . Nil ( t , err , "cant create private key" )
2022-02-27 04:08:06 +00:00
serverConfig := WireGuardConfig {
2022-02-27 03:22:11 +00:00
Name : "wgUnit" ,
IPRanges : [ ] string { "10.0.0.1/24" } ,
Port : 54123 ,
PrivateKey : key . String ( ) ,
}
2022-02-27 04:08:06 +00:00
server , err := NewWireGuard ( serverConfig )
2022-02-27 03:22:11 +00:00
assert . Nil ( t , err , "cant create server" )
err = server . Up ( )
foundDevice := checkForNetworkDevice ( "wgUnit" , t )
assert . True ( t , foundDevice , "should fount device with name wgUnit" )
devices , err := client . Devices ( )
assert . Nil ( t , err , "cant get devices from wgctrl client" )
assert . Equalf ( t , 1 , len ( devices ) , "there are wireguard devices" )
helpTearDown ( server , t )
}
func TestCantAddPeerIfServerNotUp ( t * testing . T ) {
2022-02-27 04:08:06 +00:00
serverConfig := WireGuardConfig {
2022-02-27 03:22:11 +00:00
Name : "wgUnit" ,
}
2022-02-27 04:08:06 +00:00
server , err := NewWireGuard ( serverConfig )
2022-02-27 03:22:11 +00:00
assert . Nil ( t , err , "cant create server" )
peer := PeerConfig { }
err = server . AddPeer ( peer )
if err == nil || err . Error ( ) != "server not up" {
t . Errorf ( "should not be able to add peer if server is offline" )
}
}
func TestCantAddPeerIfPublicKeyIsInvalide ( t * testing . T ) {
server := helperCreateServer ( t )
defer helpTearDown ( server , t )
config := PeerConfig {
PublicKey : "abc" ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.0.3/32" } ,
Endpoint : "" ,
}
err := server . AddPeer ( config )
if err == nil || err . Error ( ) != "wgtypes: failed to parse base64-encoded key: illegal base64 data at input byte 0" {
t . Errorf ( "should not be able to add peer with wrong pub key" )
}
}
func TestCantAddPeerIfPublicKeyIsEmpty ( t * testing . T ) {
server := helperCreateServer ( t )
defer helpTearDown ( server , t )
config := PeerConfig {
PublicKey : "" ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.0.3/32" } ,
Endpoint : "" ,
}
err := server . AddPeer ( config )
if err == nil || err . Error ( ) != "wgtypes: incorrect key size: 0" {
t . Errorf ( "should not be able to add peer with wrong pub key" )
}
}
func TestAddPeerInvalideEndpointIP ( t * testing . T ) {
server := helperCreateServer ( t )
defer helpTearDown ( server , t )
key , _ := wgtypes . GeneratePrivateKey ( )
config := PeerConfig {
PublicKey : key . PublicKey ( ) . String ( ) ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.0.3/32" } ,
Endpoint : "abc:123" ,
}
err := server . AddPeer ( config )
assert . Equalf ( t , "Invalide endpoint ip" , err . Error ( ) , "shouldnt be able to add peer with invalide endpoint ip" )
}
func TestAddPeerInvalideEndpointPort ( t * testing . T ) {
server := helperCreateServer ( t )
defer helpTearDown ( server , t )
key , _ := wgtypes . GeneratePrivateKey ( )
config := PeerConfig {
PublicKey : key . PublicKey ( ) . String ( ) ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.0.3/32" } ,
Endpoint : "127.0.0.1:abv" ,
}
err := server . AddPeer ( config )
assert . Equalf ( t , "Cant convert port to int: strconv.Atoi: parsing \"abv\": invalid syntax" , err . Error ( ) , "shouldnt be able to add peer with invalide endpoint port" )
}
func TestAddPeerWithEndpoitnDomain ( t * testing . T ) {
t . Skipf ( "Not implemented now" )
server := helperCreateServer ( t )
defer helpTearDown ( server , t )
key , _ := wgtypes . GeneratePrivateKey ( )
config := PeerConfig {
PublicKey : key . PublicKey ( ) . String ( ) ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.0.3/32" } ,
Endpoint : "home.kekskurse.de:123" ,
}
err := server . AddPeer ( config )
assert . Nil ( t , err , "should be able to add peer with domain as endpoint" )
}
func TestAddPeerWithInvalideAllowedIP ( t * testing . T ) {
server := helperCreateServer ( t )
defer helpTearDown ( server , t )
key , _ := wgtypes . GeneratePrivateKey ( )
config := PeerConfig {
PublicKey : key . PublicKey ( ) . String ( ) ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.g.3/32" } ,
Endpoint : "home.kekskurse.de:123" ,
}
err := server . AddPeer ( config )
assert . Equalf ( t , "invalid CIDR address: 10.0.g.3/32" , err . Error ( ) , "should not allow peer with invalide allowed ip" )
config = PeerConfig {
PublicKey : key . PublicKey ( ) . String ( ) ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.0.3/54" } ,
Endpoint : "home.kekskurse.de:123" ,
}
err = server . AddPeer ( config )
assert . Equalf ( t , "invalid CIDR address: 10.0.0.3/54" , err . Error ( ) , "should not allow peer with invalide allowed ip" )
}
func TestAddPeer ( t * testing . T ) {
server := helperCreateServer ( t )
defer helpTearDown ( server , t )
key , _ := wgtypes . GeneratePrivateKey ( )
config := PeerConfig {
PublicKey : key . PublicKey ( ) . String ( ) ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.0.3/32" } ,
Endpoint : "" ,
}
err := server . AddPeer ( config )
assert . Nil ( t , err , "should be able to add peer" )
assert . Equalf ( t , key . PublicKey ( ) . String ( ) , server . wgConfig . Peers [ 0 ] . PublicKey . String ( ) , "public key should be in the wgConfig Object" )
assert . Equal ( t , "10.0.0.3/32" , server . wgConfig . Peers [ 0 ] . AllowedIPs [ 0 ] . String ( ) , "allowd ip should be set currect" )
}
func TestRemovePeer ( t * testing . T ) {
server := helperCreateServer ( t )
defer helpTearDown ( server , t )
key , _ := wgtypes . GeneratePrivateKey ( )
config := PeerConfig {
PublicKey : key . PublicKey ( ) . String ( ) ,
PreSharedKey : "" ,
AllowedIPs : [ ] string { "10.0.0.3/32" } ,
Endpoint : "" ,
}
err := server . AddPeer ( config )
assert . Nil ( t , err , "should be able to add peer" )
err = server . RemovePeer ( config . PublicKey )
assert . Nil ( t , err , "should be able to remove peer" )
assert . Equalf ( t , 0 , len ( server . wgConfig . Peers ) , "peer list should be empty again" )
}
2022-02-27 04:08:06 +00:00
func helperCreateServer ( t * testing . T ) WireGuard {
2022-02-27 03:22:11 +00:00
key , err := wgtypes . GeneratePrivateKey ( )
assert . Nil ( t , err , "cant create private key" )
2022-02-27 04:08:06 +00:00
serverConfig := WireGuardConfig {
2022-02-27 03:22:11 +00:00
Name : "wgUnit" ,
IPRanges : [ ] string { "10.0.0.1/24" } ,
Port : 54123 ,
PrivateKey : key . String ( ) ,
}
2022-02-27 04:08:06 +00:00
server , err := NewWireGuard ( serverConfig )
2022-02-27 03:22:11 +00:00
assert . Nil ( t , err , "cant create server" )
err = server . Up ( )
foundDevice := checkForNetworkDevice ( "wgUnit" , t )
assert . True ( t , foundDevice , "should fount device with name wgUnit" )
return server
}
2022-02-27 04:08:06 +00:00
func helpTearDown ( server WireGuard , t * testing . T ) {
2022-02-27 03:22:11 +00:00
err := server . Down ( )
assert . Nil ( t , err , "should not return error while shutting down server" )
foundDevice := checkForNetworkDevice ( server . name , t )
assert . Falsef ( t , foundDevice , "device should not exist anymore" )
}
func checkForNetworkDevice ( name string , t * testing . T ) bool {
res , err := netlink . LinkList ( )
assert . Nil ( t , err , "shouldn't return an error return devices" )
foundDevice := false
for _ , device := range res {
if device . Attrs ( ) . Name == name {
foundDevice = true
}
}
return foundDevice
}
