3 """Test that tincd works through proxies."""
8 from testlib import check, cmd, path, util
9 from testlib.proc import Tinc, Script
10 from testlib.test import Test
11 from testlib.log import log
12 from testlib.feature import HAVE_SANDBOX
15 def init(ctx: Test, level: str) -> Tinc:
16 """Create a new tinc node."""
32 def test_scripts_work(ctx: Test, level: str) -> None:
33 """Test that scripts work under the sandbox level."""
34 foo = init(ctx, level)
35 foo.cmd("set", "Subnet", "1.2.3.4")
38 foo.add_script(script)
41 foo[Script.TINC_UP].wait()
42 foo[Script.SUBNET_UP].wait()
45 foo.cmd("set", "ScriptsInterpreter", path.PYTHON_PATH)
48 foo[Script.SUBNET_DOWN].wait()
49 foo[Script.TINC_DOWN].wait()
52 def test_high_scripts(ctx: Test) -> None:
53 """Test that only tinc-up/subnet-up work on highest isolation level."""
54 foo = init(ctx, "high")
55 foo.cmd("set", "Subnet", "1.2.3.4")
58 foo.add_script(script)
61 for script in Script.TINC_UP, Script.SUBNET_UP:
69 foo.cmd("pid", code=1)
74 log.info("check that no other scripts were called")
75 for script in Script.SUBNET_DOWN, Script.TINC_DOWN:
76 check.false(foo[script].wait(0.01))
79 def create_exec_proxy() -> str:
80 """Create a fake exec proxy that stops the test with an error."""
85 os.kill({os.getpid()}, signal.SIGTERM)
87 return util.temp_file(code)
90 def test_exec_proxy_does_not_start_on_high(ctx: Test) -> None:
91 """Check that tincd does not start if both exec proxy and high level are set."""
92 foo = init(ctx, "high")
93 foo.cmd("set", "Proxy", "exec", path.PYTHON_INTERPRETER)
94 foo.cmd("start", code=1)
97 def test_bad_sandbox_level(ctx: Test, level: str) -> None:
98 """Check that tincd does not start if a bad sandbox level is used."""
99 foo = init(ctx, level)
100 foo.cmd("start", code=1)
103 def test_exec_proxy_high(ctx: Test) -> None:
104 """Test that exec proxy does not work at maximum isolation."""
105 foo, bar = init(ctx, "high"), init(ctx, "high")
107 foo.add_script(Script.TINC_UP)
110 proxy = create_exec_proxy()
111 foo.cmd("set", "Proxy", "exec", f"{path.PYTHON_INTERPRETER} {proxy}")
113 cmd.exchange(foo, bar)
114 bar.cmd("set", f"{foo}.Port", str(foo.port))
116 bar.add_script(Script.TINC_UP)
118 bar[Script.TINC_UP].wait()
126 with Test("all scripts work at level 'off'") as context:
127 test_scripts_work(context, "off")
130 with Test("all scripts work at level 'normal'") as context:
131 test_scripts_work(context, "normal")
133 with Test("only tinc-up and first subnet-up work at level 'high'") as context:
134 test_high_scripts(context)
136 with Test("tincd does not start with exec proxy and level 'high'") as context:
137 test_exec_proxy_does_not_start_on_high(context)
139 with Test("tincd does not start with bad sandbox level") as context:
140 test_bad_sandbox_level(context, "foobar")
142 with Test("exec proxy does not work at level 'high'") as context:
143 test_exec_proxy_high(context)
145 with Test("tincd does not start with bad sandbox level") as context:
146 for lvl in "normal", "high", "foobar":
147 test_bad_sandbox_level(context, lvl)