[network-manager-openvpn] ui: import/export fixes and testcases for HTTP and SOCKS proxies



commit ca540dd909c045ad42a8e61f998a53c3825885d9
Author: Dan Williams <dcbw redhat com>
Date:   Thu Aug 19 12:10:04 2010 -0500

    ui: import/export fixes and testcases for HTTP and SOCKS proxies

 properties/import-export.c             |   66 ++++++++++--
 properties/tests/conf/Makefile.am      |    5 +-
 properties/tests/conf/httpauthfile     |    2 +
 properties/tests/conf/proxy-http.ovpn  |   32 ++++++
 properties/tests/conf/proxy-socks.ovpn |   32 ++++++
 properties/tests/test-import-export.c  |  177 ++++++++++++++++++++++++++++++++
 6 files changed, 301 insertions(+), 13 deletions(-)
---
diff --git a/properties/import-export.c b/properties/import-export.c
index 9e8d323..27ca007 100644
--- a/properties/import-export.c
+++ b/properties/import-export.c
@@ -202,24 +202,35 @@ parse_port (const char *str, const char *line)
 }
 
 static gboolean
-parse_http_proxy_auth (const char *str, char **out_user, char **out_pass)
+parse_http_proxy_auth (const char *path,
+                       const char *file,
+                       char **out_user,
+                       char **out_pass)
 {
-	char *contents = NULL;
+	char *contents = NULL, *abspath = NULL, *tmp;
 	GError *error = NULL;
 	char **lines, **iter;
 
 	g_return_val_if_fail (out_user != NULL, FALSE);
 	g_return_val_if_fail (out_pass != NULL, FALSE);
 
-	if (!str || !strcmp (str, "stdin") || !strcmp (str, "auto"))
+	if (!file || !strcmp (file, "stdin") || !strcmp (file, "auto") || !strcmp (file, "'auto'"))
 		return TRUE;
 
+	if (!g_path_is_absolute (file)) {
+		tmp = g_path_get_dirname (path);
+		abspath = g_build_path ("/", tmp, file, NULL);
+		g_free (tmp);
+	} else
+		abspath = g_strdup (file);
+
 	/* Grab user/pass from authfile */
-	if (!g_file_get_contents (str, &contents, NULL, &error)) {
+	if (!g_file_get_contents (abspath, &contents, NULL, &error)) {
 		g_warning ("%s: unable to read HTTP proxy authfile '%s': (%d) %s",
-		           __func__, str, error ? error->code : -1,
+		           __func__, abspath, error ? error->code : -1,
 		           error && error->message ? error->message : "(unknown)");
 		g_clear_error (&error);
+		g_free (abspath);
 		return FALSE;
 	}
 
@@ -237,6 +248,7 @@ parse_http_proxy_auth (const char *str, char **out_user, char **out_pass)
 	if (lines)
 		g_strfreev (lines);
 	g_free (contents);
+	g_free (abspath);
 
 	return *out_user && *out_pass;
 }
@@ -404,11 +416,15 @@ do_import (const char *path, char **lines, GError **error)
 		socks_proxy = g_str_has_prefix (*line, SOCKS_PROXY_TAG);
 		if ((http_proxy || socks_proxy) && !proxy_set) {
 			gboolean success = FALSE;
+			const char *proxy_type = NULL;
 
-			if (http_proxy)
+			if (http_proxy) {
 				items = get_args (*line + strlen (HTTP_PROXY_TAG));
-			else if (socks_proxy)
+				proxy_type = "http";
+			} else if (socks_proxy) {
 				items = get_args (*line + strlen (SOCKS_PROXY_TAG));
+				proxy_type = "socks";
+			}
 			if (!items)
 				continue;
 
@@ -417,10 +433,9 @@ do_import (const char *path, char **lines, GError **error)
 				char *s_port = NULL;
 				char *user = NULL, *pass = NULL;
 
+				success = TRUE;
 				if (http_proxy && g_strv_length (items) >= 3)
-					success = parse_http_proxy_auth (items[2], &user, &pass);
-				else if (socks_proxy)
-					success = TRUE;
+					success = parse_http_proxy_auth (path, items[2], &user, &pass);
 
 				if (success) {
 					success = FALSE;
@@ -432,7 +447,9 @@ do_import (const char *path, char **lines, GError **error)
 					}
 				}
 
-				if (success) {
+				if (success && proxy_type) {
+					nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_TYPE, proxy_type);
+
 					nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_SERVER, items[0]);
 					nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_PORT, s_port);
 					if (user)
@@ -447,7 +464,7 @@ do_import (const char *path, char **lines, GError **error)
 			}
 
 			if (!success)
-				g_warning ("%s: invalid http proxy port in option '%s'", __func__, *line);
+				g_warning ("%s: invalid proxy option '%s'", __func__, *line);
 
 			g_strfreev (items);
 			continue;
@@ -666,6 +683,10 @@ do_export (const char *path, NMConnection *connection, GError **error)
 	gboolean use_lzo = FALSE;
 	gboolean reneg_exists = FALSE;
 	guint32 reneg = 0;
+	const char *proxy_type = NULL;
+	const char *proxy_server = NULL;
+	const char *proxy_port = NULL;
+	const char *proxy_retry = NULL;
 
 	s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
 	g_assert (s_con);
@@ -845,6 +866,27 @@ do_export (const char *path, NMConnection *connection, GError **error)
 		}
 	}
 
+	/* Proxy stuff */
+	proxy_type = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_TYPE);
+	if (proxy_type && strlen (proxy_type)) {
+		proxy_server = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_SERVER);
+		proxy_port = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_PORT);
+		proxy_retry = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_RETRY);
+		if (!strcmp (proxy_type, "http") && proxy_server && proxy_port) {
+			if (!proxy_port)
+				proxy_port = "8080";
+			fprintf (f, "http-proxy %s %s\n", proxy_server, proxy_port);
+			if (proxy_retry && !strcmp (proxy_retry, "yes"))
+				fprintf (f, "http-proxy-retry\n");
+		} else if (!strcmp (proxy_type, "socks") && proxy_server && proxy_port) {
+			if (!proxy_port)
+				proxy_port = "1080";
+			fprintf (f, "socks-proxy %s %s\n", proxy_server, proxy_port);
+			if (proxy_retry && !strcmp (proxy_retry, "yes"))
+				fprintf (f, "socks-proxy-retry\n");
+		}
+	}
+
 	/* Add hard-coded stuff */
 	fprintf (f,
 	         "nobind\n"
diff --git a/properties/tests/conf/Makefile.am b/properties/tests/conf/Makefile.am
index aa4e425..8762194 100644
--- a/properties/tests/conf/Makefile.am
+++ b/properties/tests/conf/Makefile.am
@@ -7,6 +7,9 @@ EXTRA_DIST = \
 	static.key \
 	static.ovpn \
 	tls.ovpn \
-	tun-opts.conf
+	tun-opts.conf \
+	proxy-http.ovpn \
+	httpauthfile \
+	proxy-socks.ovpn
 
 
diff --git a/properties/tests/conf/httpauthfile b/properties/tests/conf/httpauthfile
new file mode 100644
index 0000000..452c914
--- /dev/null
+++ b/properties/tests/conf/httpauthfile
@@ -0,0 +1,2 @@
+myusername
+mypassword
diff --git a/properties/tests/conf/proxy-http.ovpn b/properties/tests/conf/proxy-http.ovpn
new file mode 100644
index 0000000..b96c88f
--- /dev/null
+++ b/properties/tests/conf/proxy-http.ovpn
@@ -0,0 +1,32 @@
+client
+dev tun
+
+proto tcp
+topology subnet
+
+rport 2352
+remote test.server.com 443
+nobind
+persist-key
+persist-tun
+user openvpn
+group openvpn
+
+http-proxy 10.1.1.1 8080 httpauthfile
+http-proxy-retry
+
+ca cacert.pem
+cipher AES-256-CBC
+reneg-sec 0
+
+auth-user-pass
+auth-nocache
+
+ping 30
+ping-exit 120
+
+# random comment
+
+script-security 2
+
+
diff --git a/properties/tests/conf/proxy-socks.ovpn b/properties/tests/conf/proxy-socks.ovpn
new file mode 100644
index 0000000..8f49bb2
--- /dev/null
+++ b/properties/tests/conf/proxy-socks.ovpn
@@ -0,0 +1,32 @@
+client
+dev tun
+
+proto tcp
+topology subnet
+
+rport 2352
+remote test.server.com 443
+nobind
+persist-key
+persist-tun
+user openvpn
+group openvpn
+
+socks-proxy 10.1.1.1 1080
+socks-proxy-retry
+
+ca cacert.pem
+cipher AES-256-CBC
+reneg-sec 0
+
+auth-user-pass
+auth-nocache
+
+ping 30
+ping-exit 120
+
+# random comment
+
+script-security 2
+
+
diff --git a/properties/tests/test-import-export.c b/properties/tests/test-import-export.c
index b36f556..bb861cf 100644
--- a/properties/tests/test-import-export.c
+++ b/properties/tests/test-import-export.c
@@ -747,6 +747,177 @@ test_tun_opts_export (NMVpnPluginUiInterface *plugin, const char *dir)
 	g_free (path);
 }
 
+static void
+test_proxy_http_import (NMVpnPluginUiInterface *plugin, const char *dir)
+{
+	NMConnection *connection;
+	NMSettingVPN *s_vpn;
+
+	connection = get_basic_connection ("proxy-http-import", plugin, dir, "proxy-http.ovpn");
+	ASSERT (connection != NULL, "proxy-http-import", "failed to import connection");
+
+	/* VPN setting */
+	s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+	ASSERT (s_vpn != NULL,
+	        "proxy-http-import", "missing 'vpn' setting");
+
+	/* Data items */
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_CONNECTION_TYPE, NM_OPENVPN_CONTYPE_PASSWORD);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_TAP_DEV, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PROTO_TCP, "yes");
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_COMP_LZO, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_RENEG_SECONDS, "0");
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE, "test.server.com");
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PORT, "443");
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_CERT, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_KEY, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY_DIRECTION, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_TA, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_TA_DIR, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_CIPHER, "AES-256-CBC");
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_LOCAL_IP, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE_IP, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_TYPE, "http");
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_SERVER, "10.1.1.1");
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_PORT, "8080");
+	test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_HTTP_PROXY_USERNAME, "myusername");
+	test_secret ("proxy-http-import-secrets", s_vpn, NM_OPENVPN_KEY_HTTP_PROXY_PASSWORD, "mypassword");
+
+	g_object_unref (connection);
+}
+
+#define PROXY_HTTP_EXPORTED_NAME "proxy-http.ovpntest"
+static void
+test_proxy_http_export (NMVpnPluginUiInterface *plugin, const char *dir)
+{
+	NMConnection *connection;
+	NMConnection *reimported;
+	char *path;
+	gboolean success;
+	GError *error = NULL;
+	int ret;
+	NMSettingVPN *s_vpn;
+
+	connection = get_basic_connection ("proxy-http-export", plugin, dir, "proxy-http.ovpn");
+	ASSERT (connection != NULL, "proxy-http-export", "failed to import connection");
+
+	path = g_build_path ("/", dir, PROXY_HTTP_EXPORTED_NAME, NULL);
+	success = nm_vpn_plugin_ui_interface_export (plugin, path, connection, &error);
+	if (!success) {
+		if (!error)
+			FAIL ("proxy-http-export", "export failed with missing error");
+		else
+			FAIL ("proxy-http-export", "export failed: %s", error->message);
+	}
+
+	/* Now re-import it and compare the connections to ensure they are the same */
+	reimported = get_basic_connection ("proxy-http-export", plugin, dir, PROXY_HTTP_EXPORTED_NAME);
+	ret = unlink (path);
+	ASSERT (reimported != NULL, "proxy-http-export", "failed to re-import connection");
+
+	/* Clear secrets first, since they don't get exported, and thus would
+	 * make the connection comparison below fail.
+	 */
+	remove_secrets (connection);
+
+	/* Also clear the HTTP Proxy username.  We don't export that either since it
+	 * goes into a separate authfile.
+	 */
+	s_vpn = NM_SETTING_VPN (nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN));
+	nm_setting_vpn_remove_data_item (s_vpn, NM_OPENVPN_KEY_HTTP_PROXY_USERNAME);
+
+	ASSERT (nm_connection_compare (connection, reimported, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
+	        "proxy-http-export", "original and reimported connection differ");
+
+	g_object_unref (reimported);
+	g_object_unref (connection);
+	g_free (path);
+}
+
+static void
+test_proxy_socks_import (NMVpnPluginUiInterface *plugin, const char *dir)
+{
+	NMConnection *connection;
+	NMSettingVPN *s_vpn;
+
+	connection = get_basic_connection ("proxy-socks-import", plugin, dir, "proxy-socks.ovpn");
+	ASSERT (connection != NULL, "proxy-socks-import", "failed to import connection");
+
+	/* VPN setting */
+	s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+	ASSERT (s_vpn != NULL,
+	        "proxy-socks-import", "missing 'vpn' setting");
+
+	/* Data items */
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_CONNECTION_TYPE, NM_OPENVPN_CONTYPE_PASSWORD);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_TAP_DEV, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PROTO_TCP, "yes");
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_COMP_LZO, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_RENEG_SECONDS, "0");
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE, "test.server.com");
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PORT, "443");
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_CERT, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_KEY, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY_DIRECTION, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_TA, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_TA_DIR, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_CIPHER, "AES-256-CBC");
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_LOCAL_IP, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE_IP, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_TYPE, "socks");
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_SERVER, "10.1.1.1");
+	test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_PORT, "1080");
+
+	g_object_unref (connection);
+}
+
+#define PROXY_SOCKS_EXPORTED_NAME "proxy-socks.ovpntest"
+static void
+test_proxy_socks_export (NMVpnPluginUiInterface *plugin, const char *dir)
+{
+	NMConnection *connection;
+	NMConnection *reimported;
+	char *path;
+	gboolean success;
+	GError *error = NULL;
+	int ret;
+
+	connection = get_basic_connection ("proxy-socks-export", plugin, dir, "proxy-socks.ovpn");
+	ASSERT (connection != NULL, "proxy-socks-export", "failed to import connection");
+
+	path = g_build_path ("/", dir, PROXY_SOCKS_EXPORTED_NAME, NULL);
+	success = nm_vpn_plugin_ui_interface_export (plugin, path, connection, &error);
+	if (!success) {
+		if (!error)
+			FAIL ("proxy-socks-export", "export failed with missing error");
+		else
+			FAIL ("proxy-socks-export", "export failed: %s", error->message);
+	}
+
+	/* Now re-import it and compare the connections to ensure they are the same */
+	reimported = get_basic_connection ("proxy-socks-export", plugin, dir, PROXY_SOCKS_EXPORTED_NAME);
+	ret = unlink (path);
+	ASSERT (reimported != NULL, "proxy-socks-export", "failed to re-import connection");
+
+	/* Clear secrets first, since they don't get exported, and thus would
+	 * make the connection comparison below fail.
+	 */
+	remove_secrets (connection);
+
+	ASSERT (nm_connection_compare (connection, reimported, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
+	        "proxy-socks-export", "original and reimported connection differ");
+
+	g_object_unref (reimported);
+	g_object_unref (connection);
+	g_free (path);
+}
+
 int main (int argc, char **argv)
 {
 	GError *error = NULL;
@@ -807,6 +978,12 @@ int main (int argc, char **argv)
 	test_tun_opts_import (plugin, test_dir);
 	test_tun_opts_export (plugin, test_dir);
 
+	test_proxy_http_import (plugin, test_dir);
+	test_proxy_http_export (plugin, test_dir);
+
+	test_proxy_socks_import (plugin, test_dir);
+	test_proxy_socks_export (plugin, test_dir);
+
 	g_object_unref (plugin);
 
 	basename = g_path_get_basename (argv[0]);



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]