diff --git a/tests/auth-tests/Makefile b/tests/auth-tests/Makefile new file mode 100644 index 0000000..afb1a73 --- /dev/null +++ b/tests/auth-tests/Makefile @@ -0,0 +1,36 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/freeradius +# Description: Test if freeradius authentication workd ok +# Author: Susant Sahani +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +export TEST=/CoreOS/freeradius +export TESTVERSION=1.0 +BUILT_FILES= +FILES=$(METADATA) runtest.sh Makefile PURPOSE +.PHONY: all install download clean +run: $(FILES) build + ./runtest.sh +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh +clean: + rm -f *~ $(BUILT_FILES) +include /usr/share/rhts/lib/rhts-make.include +$(METADATA): Makefile + @echo "Owner: Susant Sahani" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Test if the ABI hasn't changed" >> $(METADATA) + @echo "Type: Sanity" >> $(METADATA) + @echo "TestTime: 5m" >> $(METADATA) + @echo "RunFor: freeradius" >> $(METADATA) + @echo "Requires: freeradius" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + @echo "Releases: -Fedora 28" >> $(METADATA) + rhts-lint $(METADATA) diff --git a/tests/auth-tests/PURPOSE b/tests/auth-tests/PURPOSE new file mode 100644 index 0000000..d4569c9 --- /dev/null +++ b/tests/auth-tests/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/freeradius +Description: tests for freeradius +Author: Susant Sahani diff --git a/tests/auth-tests/authorize b/tests/auth-tests/authorize new file mode 100644 index 0000000..e3600f6 --- /dev/null +++ b/tests/auth-tests/authorize @@ -0,0 +1,2 @@ +fedora-ci Cleartext-Password := "password" + Reply-Message = "Hello, %{User-Name}" diff --git a/tests/auth-tests/clients.conf b/tests/auth-tests/clients.conf new file mode 100644 index 0000000..00efb82 --- /dev/null +++ b/tests/auth-tests/clients.conf @@ -0,0 +1,6 @@ +client localhost { + ipaddr = 127.0.0.1 + secret = testing123 + require_message_authenticator = no + nastype = other +} diff --git a/tests/auth-tests/freeradius-tests.py b/tests/auth-tests/freeradius-tests.py new file mode 100755 index 0000000..da5afe1 --- /dev/null +++ b/tests/auth-tests/freeradius-tests.py @@ -0,0 +1,68 @@ +#!/usr/bin/env python3 +# SPDX-License-Identifier: LGPL-2.1+ +# ~~~ +# Description: Tests for freeradius +# +# Author: Susant Sahani +# Copyright (c) 2018 Red Hat, Inc. +# ~~~ + +import errno +import os +import sys +import time +import unittest +import subprocess +import signal +import shutil +import psutil +import socket + +RADIUSD_PID_FILE='/var/run/radiusd/radiusd.pid' + +def setUpModule(): + """Initialize the environment, and perform sanity checks on it.""" + + if shutil.which('radiusd') is None: + raise OSError(errno.ENOENT, 'radiusd not found') + + if shutil.which('radtest') is None: + raise OSError(errno.ENOENT, 'radtest not found') + + if subprocess.call(['systemctl', 'is-active', '--quiet', + 'radiusd.service']) == 0: + raise unittest.SkipTest('radiusd.service is already active') + +def tearDownModule(): + pass + +class GenericUtilities(): + """Provide a set of utility functions start stop daemons. write config files etc """ + + def StartRadiusServer(self): + """Start radiusd""" + subprocess.check_output(['systemctl', 'start', 'radiusd']) + + def StopRadiusServer(self): + """stop radiusd""" + subprocess.check_output(['systemctl', 'stop', 'radiusd']) + +class RadiousTests(unittest.TestCase, GenericUtilities): + + def setUp(self): + self.StartRadiusServer() + + def tearDown(self): + self.StopRadiusServer() + + def test_radius_plaintext_auth(self): + time.sleep(1) + output=subprocess.check_output(['radtest', 'fedora-ci', 'password', '127.0.0.1', '100', 'testing123']).rstrip().decode('utf-8') + print(output) + + self.assertRegex(output, "Received Access-Accept") + self.assertRegex(output, "Reply-Message = \"Hello, fedora-ci\"") + +if __name__ == '__main__': + unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout, + verbosity=3)) diff --git a/tests/auth-tests/runtest.sh b/tests/auth-tests/runtest.sh new file mode 100755 index 0000000..7be8432 --- /dev/null +++ b/tests/auth-tests/runtest.sh @@ -0,0 +1,49 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1+ +# ~~~ +# runtest.sh of freeradius +# Description: RADIUS server +# +# Author: Susant Sahani +# Copyright (c) 2018 Red Hat, Inc. +# ~~~ + +# Include Beaker environment +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="freeradius" + +RADIUS_CLIENT_CONF="/etc/raddb/clients.conf" +RADIUD_PALIN_TEXT_AUTH_FILE="/etc/raddb/mods-config/files/authorize" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "systemctl stop firewalld" 0,5 + rlRun "systemctl stop radiusd.service" + rlRun "setenforce 0" + rlFileBackup "$RADIUS_CLIENT_CONF" + rlFileBackup "$RADIUD_PALIN_TEXT_AUTH_FILE" + + rlRun "cp freeradius-tests.py /usr/bin/" + rlRun "cp clients.conf $RADIUS_CLIENT_CONF" + rlRun "cp authorize $RADIUD_PALIN_TEXT_AUTH_FILE" + rlRun "systemctl daemon-reload" + rlPhaseEnd + + rlPhaseStartTest + rlLog "Starting radius auth tests ..." + rlRun "/usr/bin/python3 /usr/bin/freeradius-tests.py" + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "rm /usr/bin/freeradius-tests.py" + rlRun "systemctl start firewalld" 0,5 + rlRun "setenforce 1" + rlFileRestore + rlLog "freeradius tests done" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd + +rlGetTestState diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..f070a4d --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,12 @@ +- hosts: localhost + roles: + - role: standard-test-beakerlib + tags: + - classic + tests: + - auth-tests + required_packages: + - python3 + - systemd + - freeradius + - freeradius-utils