github.com/mysteriumnetwork/node@v0.0.0-20240516044423-365054f76801/services/openvpn/config_validator_test.go

github.com/mysteriumnetwork/node@v0.0.0-20240516044423-365054f76801/services/openvpn/config_validator_test.go (about)

     1  /*
     2   * Copyright (C) 2017 The "MysteriumNetwork/node" Authors.
     3   *
     4   * This program is free software: you can redistribute it and/or modify
     5   * it under the terms of the GNU General Public License as published by
     6   * the Free Software Foundation, either version 3 of the License, or
     7   * (at your option) any later version.
     8   *
     9   * This program is distributed in the hope that it will be useful,
    10   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    11   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12   * GNU General Public License for more details.
    13   *
    14   * You should have received a copy of the GNU General Public License
    15   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    16   */
    17  
    18  package openvpn
    19  
    20  import (
    21  	"testing"
    22  
    23  	"github.com/stretchr/testify/assert"
    24  )
    25  
    26  const tlsTestKey = `
    27  -----BEGIN OpenVPN Static key V1-----
    28  7573bf79ebecb38d2a009d28830ecf5b0b11e27362513fe4b09b55f07054c4c7c3cebeb00bf8bb2d05cfa0f79308e762e684b931db2179e7a21618ea
    29  869cbb5b1b9753ca05d3b87708389ccc154c9278a92964002ea888c1011fb06444088162ff6a4c1d5a8ee0ab30fd1b4dc9aaaa8c8901b426d25063cc
    30  660d47103ff14e2cae99ca9ce28d70f927d090c144c49b3d86832c1e1c67562a6d248dff8a2583948a065015ec84d8d7bfe63385e257a6338471e2c6
    31  7075416f4771beb0c872cc09c9ce4318fd8c9446987664f04ceeeb4e3c49f7101aa4953795014696a2f4e1cb129127fe5830627563efb127589b3693
    32  addc15c1393f4db6c7f8d55ba598fbe5
    33  -----END OpenVPN Static key V1-----
    34  `
    35  
    36  const tlsTestKeyPreformatted = `-----BEGIN OpenVPN Static key V1-----
    37  7573bf79ebecb38d2a009d28830ecf5b0b11e27362513fe4b09b55f07054c4c7
    38  c3cebeb00bf8bb2d05cfa0f79308e762e684b931db2179e7a21618ea869cbb5b
    39  1b9753ca05d3b87708389ccc154c9278a92964002ea888c1011fb06444088162
    40  ff6a4c1d5a8ee0ab30fd1b4dc9aaaa8c8901b426d25063cc660d47103ff14e2c
    41  ae99ca9ce28d70f927d090c144c49b3d86832c1e1c67562a6d248dff8a258394
    42  8a065015ec84d8d7bfe63385e257a6338471e2c67075416f4771beb0c872cc09
    43  c9ce4318fd8c9446987664f04ceeeb4e3c49f7101aa4953795014696a2f4e1cb
    44  129127fe5830627563efb127589b3693addc15c1393f4db6c7f8d55ba598fbe5
    45  -----END OpenVPN Static key V1-----
    46  `
    47  
    48  const caCertificate = `
    49  -----BEGIN CERTIFICATE-----
    50  MIIByDCCAW6gAwIBAgICBFcwCgYIKoZIzj0EAwIwQzELMAkGA1UEBhMCR0IxGzAZ
    51  BgNVBAoTEk15c3Rlcm1pdW0ubmV0d29yazEXMBUGA1UECxMOTXlzdGVyaXVtIFRl
    52  YW0wHhcNMTgwNTA4MTIwMDU5WhcNMjgwNTA4MTIwMDU5WjBDMQswCQYDVQQGEwJH
    53  QjEbMBkGA1UEChMSTXlzdGVybWl1bS5uZXR3b3JrMRcwFQYDVQQLEw5NeXN0ZXJp
    54  dW0gVGVhbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKvoBgL5PCWlUr4PSl2j
    55  jSXtW8ohVESWVL6l0de+Sj6dWsjELxmLAKdnwep9CcYvGE0i3Q0M24C/ZSoCREpl
    56  8UOjUjBQMA4GA1UdDwEB/wQEAwIChDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
    57  BQUHAwEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ4EBwQFAQIDBAUwCgYIKoZIzj0E
    58  AwIDSAAwRQIhAKLOIPprhU7CCyFG52J8FmyzwBJjcwHu+ZzGFrdfwEKKAiB7xkYM
    59  YFcPCscvdnZ1U8hTUaREZmDB2w9eaGyCM4YXAg==
    60  -----END CERTIFICATE-----
    61  `
    62  
    63  func TestValidatorReturnsNilErrorOnValidVPNConfig(t *testing.T) {
    64  	vpnConfig := VPNConfig{
    65  		DNSIPs:          "",
    66  		RemoteIP:        "1.2.3.4",
    67  		RemotePort:      10999,
    68  		LocalPort:       1194,
    69  		RemoteProtocol:  "tcp",
    70  		TLSPresharedKey: tlsTestKey,
    71  		CACertificate:   caCertificate,
    72  	}
    73  	assert.NoError(t, NewDefaultValidator().IsValid(vpnConfig))
    74  }
    75  
    76  func TestIPv6AreNotAllowed(t *testing.T) {
    77  	vpnConfig := VPNConfig{RemoteIP: "2001:db8:85a3::8a2e:370:7334"}
    78  	assert.Error(t, validIPFormat(vpnConfig))
    79  }
    80  
    81  func TestUnknownProtocolIsNotAllowed(t *testing.T) {
    82  	vpnConfig := VPNConfig{RemoteProtocol: "fake_protocol"}
    83  	assert.Error(t, validProtocol(vpnConfig))
    84  }
    85  
    86  func TestTLSPresharedKeyIsValid(t *testing.T) {
    87  	vpnConfig := VPNConfig{TLSPresharedKey: tlsTestKey}
    88  	assert.NoError(t, validTLSPresharedKey(vpnConfig))
    89  	newVPNConfig, err := FormatTLSPresharedKey(vpnConfig)
    90  	assert.NoError(t, err)
    91  	assert.Equal(t, tlsTestKeyPreformatted, newVPNConfig.TLSPresharedKey)
    92  }
    93  
    94  func TestCACertificateIsValid(t *testing.T) {
    95  	vpnConfig := VPNConfig{CACertificate: caCertificate}
    96  	assert.NoError(t, validCACertificate(vpnConfig))
    97  }