[network-manager-openvpn] ui: import/export fixes and testcases for HTTP and SOCKS proxies
- From: Dan Williams <dcbw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-openvpn] ui: import/export fixes and testcases for HTTP and SOCKS proxies
- Date: Thu, 19 Aug 2010 17:11:14 +0000 (UTC)
commit ca540dd909c045ad42a8e61f998a53c3825885d9
Author: Dan Williams <dcbw redhat com>
Date: Thu Aug 19 12:10:04 2010 -0500
ui: import/export fixes and testcases for HTTP and SOCKS proxies
properties/import-export.c | 66 ++++++++++--
properties/tests/conf/Makefile.am | 5 +-
properties/tests/conf/httpauthfile | 2 +
properties/tests/conf/proxy-http.ovpn | 32 ++++++
properties/tests/conf/proxy-socks.ovpn | 32 ++++++
properties/tests/test-import-export.c | 177 ++++++++++++++++++++++++++++++++
6 files changed, 301 insertions(+), 13 deletions(-)
---
diff --git a/properties/import-export.c b/properties/import-export.c
index 9e8d323..27ca007 100644
--- a/properties/import-export.c
+++ b/properties/import-export.c
@@ -202,24 +202,35 @@ parse_port (const char *str, const char *line)
}
static gboolean
-parse_http_proxy_auth (const char *str, char **out_user, char **out_pass)
+parse_http_proxy_auth (const char *path,
+ const char *file,
+ char **out_user,
+ char **out_pass)
{
- char *contents = NULL;
+ char *contents = NULL, *abspath = NULL, *tmp;
GError *error = NULL;
char **lines, **iter;
g_return_val_if_fail (out_user != NULL, FALSE);
g_return_val_if_fail (out_pass != NULL, FALSE);
- if (!str || !strcmp (str, "stdin") || !strcmp (str, "auto"))
+ if (!file || !strcmp (file, "stdin") || !strcmp (file, "auto") || !strcmp (file, "'auto'"))
return TRUE;
+ if (!g_path_is_absolute (file)) {
+ tmp = g_path_get_dirname (path);
+ abspath = g_build_path ("/", tmp, file, NULL);
+ g_free (tmp);
+ } else
+ abspath = g_strdup (file);
+
/* Grab user/pass from authfile */
- if (!g_file_get_contents (str, &contents, NULL, &error)) {
+ if (!g_file_get_contents (abspath, &contents, NULL, &error)) {
g_warning ("%s: unable to read HTTP proxy authfile '%s': (%d) %s",
- __func__, str, error ? error->code : -1,
+ __func__, abspath, error ? error->code : -1,
error && error->message ? error->message : "(unknown)");
g_clear_error (&error);
+ g_free (abspath);
return FALSE;
}
@@ -237,6 +248,7 @@ parse_http_proxy_auth (const char *str, char **out_user, char **out_pass)
if (lines)
g_strfreev (lines);
g_free (contents);
+ g_free (abspath);
return *out_user && *out_pass;
}
@@ -404,11 +416,15 @@ do_import (const char *path, char **lines, GError **error)
socks_proxy = g_str_has_prefix (*line, SOCKS_PROXY_TAG);
if ((http_proxy || socks_proxy) && !proxy_set) {
gboolean success = FALSE;
+ const char *proxy_type = NULL;
- if (http_proxy)
+ if (http_proxy) {
items = get_args (*line + strlen (HTTP_PROXY_TAG));
- else if (socks_proxy)
+ proxy_type = "http";
+ } else if (socks_proxy) {
items = get_args (*line + strlen (SOCKS_PROXY_TAG));
+ proxy_type = "socks";
+ }
if (!items)
continue;
@@ -417,10 +433,9 @@ do_import (const char *path, char **lines, GError **error)
char *s_port = NULL;
char *user = NULL, *pass = NULL;
+ success = TRUE;
if (http_proxy && g_strv_length (items) >= 3)
- success = parse_http_proxy_auth (items[2], &user, &pass);
- else if (socks_proxy)
- success = TRUE;
+ success = parse_http_proxy_auth (path, items[2], &user, &pass);
if (success) {
success = FALSE;
@@ -432,7 +447,9 @@ do_import (const char *path, char **lines, GError **error)
}
}
- if (success) {
+ if (success && proxy_type) {
+ nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_TYPE, proxy_type);
+
nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_SERVER, items[0]);
nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_PORT, s_port);
if (user)
@@ -447,7 +464,7 @@ do_import (const char *path, char **lines, GError **error)
}
if (!success)
- g_warning ("%s: invalid http proxy port in option '%s'", __func__, *line);
+ g_warning ("%s: invalid proxy option '%s'", __func__, *line);
g_strfreev (items);
continue;
@@ -666,6 +683,10 @@ do_export (const char *path, NMConnection *connection, GError **error)
gboolean use_lzo = FALSE;
gboolean reneg_exists = FALSE;
guint32 reneg = 0;
+ const char *proxy_type = NULL;
+ const char *proxy_server = NULL;
+ const char *proxy_port = NULL;
+ const char *proxy_retry = NULL;
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
g_assert (s_con);
@@ -845,6 +866,27 @@ do_export (const char *path, NMConnection *connection, GError **error)
}
}
+ /* Proxy stuff */
+ proxy_type = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_TYPE);
+ if (proxy_type && strlen (proxy_type)) {
+ proxy_server = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_SERVER);
+ proxy_port = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_PORT);
+ proxy_retry = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_RETRY);
+ if (!strcmp (proxy_type, "http") && proxy_server && proxy_port) {
+ if (!proxy_port)
+ proxy_port = "8080";
+ fprintf (f, "http-proxy %s %s\n", proxy_server, proxy_port);
+ if (proxy_retry && !strcmp (proxy_retry, "yes"))
+ fprintf (f, "http-proxy-retry\n");
+ } else if (!strcmp (proxy_type, "socks") && proxy_server && proxy_port) {
+ if (!proxy_port)
+ proxy_port = "1080";
+ fprintf (f, "socks-proxy %s %s\n", proxy_server, proxy_port);
+ if (proxy_retry && !strcmp (proxy_retry, "yes"))
+ fprintf (f, "socks-proxy-retry\n");
+ }
+ }
+
/* Add hard-coded stuff */
fprintf (f,
"nobind\n"
diff --git a/properties/tests/conf/Makefile.am b/properties/tests/conf/Makefile.am
index aa4e425..8762194 100644
--- a/properties/tests/conf/Makefile.am
+++ b/properties/tests/conf/Makefile.am
@@ -7,6 +7,9 @@ EXTRA_DIST = \
static.key \
static.ovpn \
tls.ovpn \
- tun-opts.conf
+ tun-opts.conf \
+ proxy-http.ovpn \
+ httpauthfile \
+ proxy-socks.ovpn
diff --git a/properties/tests/conf/httpauthfile b/properties/tests/conf/httpauthfile
new file mode 100644
index 0000000..452c914
--- /dev/null
+++ b/properties/tests/conf/httpauthfile
@@ -0,0 +1,2 @@
+myusername
+mypassword
diff --git a/properties/tests/conf/proxy-http.ovpn b/properties/tests/conf/proxy-http.ovpn
new file mode 100644
index 0000000..b96c88f
--- /dev/null
+++ b/properties/tests/conf/proxy-http.ovpn
@@ -0,0 +1,32 @@
+client
+dev tun
+
+proto tcp
+topology subnet
+
+rport 2352
+remote test.server.com 443
+nobind
+persist-key
+persist-tun
+user openvpn
+group openvpn
+
+http-proxy 10.1.1.1 8080 httpauthfile
+http-proxy-retry
+
+ca cacert.pem
+cipher AES-256-CBC
+reneg-sec 0
+
+auth-user-pass
+auth-nocache
+
+ping 30
+ping-exit 120
+
+# random comment
+
+script-security 2
+
+
diff --git a/properties/tests/conf/proxy-socks.ovpn b/properties/tests/conf/proxy-socks.ovpn
new file mode 100644
index 0000000..8f49bb2
--- /dev/null
+++ b/properties/tests/conf/proxy-socks.ovpn
@@ -0,0 +1,32 @@
+client
+dev tun
+
+proto tcp
+topology subnet
+
+rport 2352
+remote test.server.com 443
+nobind
+persist-key
+persist-tun
+user openvpn
+group openvpn
+
+socks-proxy 10.1.1.1 1080
+socks-proxy-retry
+
+ca cacert.pem
+cipher AES-256-CBC
+reneg-sec 0
+
+auth-user-pass
+auth-nocache
+
+ping 30
+ping-exit 120
+
+# random comment
+
+script-security 2
+
+
diff --git a/properties/tests/test-import-export.c b/properties/tests/test-import-export.c
index b36f556..bb861cf 100644
--- a/properties/tests/test-import-export.c
+++ b/properties/tests/test-import-export.c
@@ -747,6 +747,177 @@ test_tun_opts_export (NMVpnPluginUiInterface *plugin, const char *dir)
g_free (path);
}
+static void
+test_proxy_http_import (NMVpnPluginUiInterface *plugin, const char *dir)
+{
+ NMConnection *connection;
+ NMSettingVPN *s_vpn;
+
+ connection = get_basic_connection ("proxy-http-import", plugin, dir, "proxy-http.ovpn");
+ ASSERT (connection != NULL, "proxy-http-import", "failed to import connection");
+
+ /* VPN setting */
+ s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+ ASSERT (s_vpn != NULL,
+ "proxy-http-import", "missing 'vpn' setting");
+
+ /* Data items */
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_CONNECTION_TYPE, NM_OPENVPN_CONTYPE_PASSWORD);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_TAP_DEV, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PROTO_TCP, "yes");
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_COMP_LZO, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_RENEG_SECONDS, "0");
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE, "test.server.com");
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PORT, "443");
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_CERT, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_KEY, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY_DIRECTION, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_TA, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_TA_DIR, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_CIPHER, "AES-256-CBC");
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_LOCAL_IP, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE_IP, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_TYPE, "http");
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_SERVER, "10.1.1.1");
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_PORT, "8080");
+ test_item ("proxy-http-import-data", s_vpn, NM_OPENVPN_KEY_HTTP_PROXY_USERNAME, "myusername");
+ test_secret ("proxy-http-import-secrets", s_vpn, NM_OPENVPN_KEY_HTTP_PROXY_PASSWORD, "mypassword");
+
+ g_object_unref (connection);
+}
+
+#define PROXY_HTTP_EXPORTED_NAME "proxy-http.ovpntest"
+static void
+test_proxy_http_export (NMVpnPluginUiInterface *plugin, const char *dir)
+{
+ NMConnection *connection;
+ NMConnection *reimported;
+ char *path;
+ gboolean success;
+ GError *error = NULL;
+ int ret;
+ NMSettingVPN *s_vpn;
+
+ connection = get_basic_connection ("proxy-http-export", plugin, dir, "proxy-http.ovpn");
+ ASSERT (connection != NULL, "proxy-http-export", "failed to import connection");
+
+ path = g_build_path ("/", dir, PROXY_HTTP_EXPORTED_NAME, NULL);
+ success = nm_vpn_plugin_ui_interface_export (plugin, path, connection, &error);
+ if (!success) {
+ if (!error)
+ FAIL ("proxy-http-export", "export failed with missing error");
+ else
+ FAIL ("proxy-http-export", "export failed: %s", error->message);
+ }
+
+ /* Now re-import it and compare the connections to ensure they are the same */
+ reimported = get_basic_connection ("proxy-http-export", plugin, dir, PROXY_HTTP_EXPORTED_NAME);
+ ret = unlink (path);
+ ASSERT (reimported != NULL, "proxy-http-export", "failed to re-import connection");
+
+ /* Clear secrets first, since they don't get exported, and thus would
+ * make the connection comparison below fail.
+ */
+ remove_secrets (connection);
+
+ /* Also clear the HTTP Proxy username. We don't export that either since it
+ * goes into a separate authfile.
+ */
+ s_vpn = NM_SETTING_VPN (nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN));
+ nm_setting_vpn_remove_data_item (s_vpn, NM_OPENVPN_KEY_HTTP_PROXY_USERNAME);
+
+ ASSERT (nm_connection_compare (connection, reimported, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
+ "proxy-http-export", "original and reimported connection differ");
+
+ g_object_unref (reimported);
+ g_object_unref (connection);
+ g_free (path);
+}
+
+static void
+test_proxy_socks_import (NMVpnPluginUiInterface *plugin, const char *dir)
+{
+ NMConnection *connection;
+ NMSettingVPN *s_vpn;
+
+ connection = get_basic_connection ("proxy-socks-import", plugin, dir, "proxy-socks.ovpn");
+ ASSERT (connection != NULL, "proxy-socks-import", "failed to import connection");
+
+ /* VPN setting */
+ s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+ ASSERT (s_vpn != NULL,
+ "proxy-socks-import", "missing 'vpn' setting");
+
+ /* Data items */
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_CONNECTION_TYPE, NM_OPENVPN_CONTYPE_PASSWORD);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_TAP_DEV, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PROTO_TCP, "yes");
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_COMP_LZO, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_RENEG_SECONDS, "0");
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE, "test.server.com");
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PORT, "443");
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_CERT, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_KEY, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY_DIRECTION, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_TA, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_TA_DIR, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_CIPHER, "AES-256-CBC");
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_LOCAL_IP, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE_IP, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_TYPE, "socks");
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_SERVER, "10.1.1.1");
+ test_item ("proxy-socks-import-data", s_vpn, NM_OPENVPN_KEY_PROXY_PORT, "1080");
+
+ g_object_unref (connection);
+}
+
+#define PROXY_SOCKS_EXPORTED_NAME "proxy-socks.ovpntest"
+static void
+test_proxy_socks_export (NMVpnPluginUiInterface *plugin, const char *dir)
+{
+ NMConnection *connection;
+ NMConnection *reimported;
+ char *path;
+ gboolean success;
+ GError *error = NULL;
+ int ret;
+
+ connection = get_basic_connection ("proxy-socks-export", plugin, dir, "proxy-socks.ovpn");
+ ASSERT (connection != NULL, "proxy-socks-export", "failed to import connection");
+
+ path = g_build_path ("/", dir, PROXY_SOCKS_EXPORTED_NAME, NULL);
+ success = nm_vpn_plugin_ui_interface_export (plugin, path, connection, &error);
+ if (!success) {
+ if (!error)
+ FAIL ("proxy-socks-export", "export failed with missing error");
+ else
+ FAIL ("proxy-socks-export", "export failed: %s", error->message);
+ }
+
+ /* Now re-import it and compare the connections to ensure they are the same */
+ reimported = get_basic_connection ("proxy-socks-export", plugin, dir, PROXY_SOCKS_EXPORTED_NAME);
+ ret = unlink (path);
+ ASSERT (reimported != NULL, "proxy-socks-export", "failed to re-import connection");
+
+ /* Clear secrets first, since they don't get exported, and thus would
+ * make the connection comparison below fail.
+ */
+ remove_secrets (connection);
+
+ ASSERT (nm_connection_compare (connection, reimported, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
+ "proxy-socks-export", "original and reimported connection differ");
+
+ g_object_unref (reimported);
+ g_object_unref (connection);
+ g_free (path);
+}
+
int main (int argc, char **argv)
{
GError *error = NULL;
@@ -807,6 +978,12 @@ int main (int argc, char **argv)
test_tun_opts_import (plugin, test_dir);
test_tun_opts_export (plugin, test_dir);
+ test_proxy_http_import (plugin, test_dir);
+ test_proxy_http_export (plugin, test_dir);
+
+ test_proxy_socks_import (plugin, test_dir);
+ test_proxy_socks_export (plugin, test_dir);
+
g_object_unref (plugin);
basename = g_path_get_basename (argv[0]);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
