mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-06-10 11:00:22 +00:00
ad1b420397
This MR enables FreedomBox to connect as a "client" to a WireGuard "server" using IPv6. - Validate IPv4/6 with ip_interface - Created helper functions to build NM settings for IPv4/6 - Modify get_settings to include settings for either IP version 4 or 6 - Created helper function to get NM address info - Modify get_nm_info to work with IPv4 and IPv6 - Modified tests to use validate_ip_address_with_network - Added IPv6 valid and invalid patterns to tests Tested: - IPv4 works unchanged - IPv6 parsing + NM settings generation works - IPv6 display in Show Server UI Not tested: - Needs IPv6 WireGuard server for full connectivity test Closes: #1762 Signed-off-by: Frederico Gomes <fredericojfgomes@gmail.com> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
106 lines
2.7 KiB
Python
106 lines
2.7 KiB
Python
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
"""
|
|
Tests for wireguard module forms.
|
|
"""
|
|
|
|
import pytest
|
|
from django.core.exceptions import ValidationError
|
|
|
|
from plinth.modules.wireguard.forms import (validate_endpoint,
|
|
validate_ip_address_with_network,
|
|
validate_key)
|
|
|
|
|
|
@pytest.mark.parametrize('key', [
|
|
'gKQhVGla4UtdqeY1dQ21G5lqrnX5NFcSEAqzM5iSdl0=',
|
|
'uHWSYIjPnS9fYFhZ0mf22IkOMyrWXDlfpXs6ve4QGHk=',
|
|
])
|
|
def test_validate_key_valid_patterns(key):
|
|
"""Test that valid wireguard key patterns as accepted."""
|
|
validate_key(key)
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
'key',
|
|
[
|
|
# Invalid padding
|
|
'gKQhVGla4UtdqeY1dQ21G5lqrnX5NFcSEAqzM5iSdl0',
|
|
'invalid-base64',
|
|
'',
|
|
'aW52YWxpZC1sZW5ndGg=', # Incorrect length
|
|
])
|
|
def test_validate_key_invalid_patterns(key):
|
|
"""Test that invalid wireguard key patterns are rejected."""
|
|
with pytest.raises(ValidationError):
|
|
validate_key(key)
|
|
|
|
|
|
@pytest.mark.parametrize('endpoint', [
|
|
'[1::2]:1234',
|
|
'1.2.3.4:1234',
|
|
'example.com:1234',
|
|
])
|
|
def test_validate_endpoint_valid_patterns(endpoint):
|
|
"""Test that valid wireguard endpoint patterns are accepted."""
|
|
validate_endpoint(endpoint)
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
'endpoint',
|
|
[
|
|
'',
|
|
# Invalid port
|
|
'1.2.3.4',
|
|
'1.2.3.4:',
|
|
'1.2.3.4:0',
|
|
'1.2.3.4:65536',
|
|
'1.2.3.4:1234invalid',
|
|
'1.2.3.4:invalid',
|
|
# Invalid IPv6
|
|
'[]:1234',
|
|
'[:1234',
|
|
])
|
|
def test_validate_endpoint_invalid_patterns(endpoint):
|
|
"""Test that invalid wireguard endpoint patterns are rejected."""
|
|
with pytest.raises(ValidationError):
|
|
validate_endpoint(endpoint)
|
|
|
|
|
|
@pytest.mark.parametrize('value', [
|
|
'1.2.3.4',
|
|
'1.2.3.4/0',
|
|
'1.2.3.4/32',
|
|
'1.2.3.4/24',
|
|
'1.2.3.4/255.255.255.0',
|
|
'1.2.3.4/0.0.0.255',
|
|
'::1',
|
|
'2001:db8::1',
|
|
'2001:db8::1/64',
|
|
'fe80::1/64',
|
|
'::/0',
|
|
])
|
|
def test_validate_ip_address_with_network_valid_patterns(value):
|
|
"""Test validating IPv4 address with network works for valid values."""
|
|
validate_ip_address_with_network(value)
|
|
|
|
|
|
@pytest.mark.parametrize('value', [
|
|
'1.2.3.4/',
|
|
'invalid-ip/24',
|
|
'1.2.3.4/x',
|
|
'1.2.3.4/-1',
|
|
'1.2.3.4/33',
|
|
'1.2.3.4/9.8.7.6',
|
|
'2001:db8::1/',
|
|
'2001:db8::1/129',
|
|
'2001:db8::1/x',
|
|
'2001:db8::1/-1',
|
|
'2001:db8::1/255.255.255.0',
|
|
'2001:db8::1::1',
|
|
'12345::1',
|
|
])
|
|
def test_validate_ip_address_with_network_invalid_patterns(value):
|
|
"""Test validating IPv4 address with network works for invalid values."""
|
|
with pytest.raises(ValidationError):
|
|
validate_ip_address_with_network(value)
|