networkd/wireguard: support network.wireguard.* credentials

Closes #26702
author: Mike Yuan <me@yhndnzj.com> 2023-12-27 14:38:32 +0100
committer: Mike Yuan <me@yhndnzj.com> 2024-01-09 08:25:30 +0100
commit: fa724cd52c1335d6b3225b74c1a9c801389997ba (patch)
tree: 4895528a23101873258669f20e4a1b77425cf6a1 /test/test-network
parent: cocci: merge mfree.cocci and mfree_return.cocci (#30838) (diff)
download: systemd-fa724cd52c1335d6b3225b74c1a9c801389997ba.tar.xz
systemd-fa724cd52c1335d6b3225b74c1a9c801389997ba.zip
7 files changed, 17 insertions, 4 deletions
diff --git a/test/test-network/conf/25-wireguard-endpoint-peer0-cred.txt b/test/test-network/conf/25-wireguard-endpoint-peer0-cred.txt
new file mode 100644
index 0000000000..b4251c3dfd
--- /dev/null
+++ b/test/test-network/conf/25-wireguard-endpoint-peer0-cred.txt
@@ -0,0 +1 @@
+192.168.27.3:51820
diff --git a/test/test-network/conf/25-wireguard-no-peer-private-key-cred.txt b/test/test-network/conf/25-wireguard-no-peer-private-key-cred.txt
new file mode 100644
index 0000000000..8011c64115
--- /dev/null
+++ b/test/test-network/conf/25-wireguard-no-peer-private-key-cred.txt
@@ -0,0 +1 @@
+EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=
diff --git a/test/test-network/conf/25-wireguard-no-peer.netdev b/test/test-network/conf/25-wireguard-no-peer.netdev
index ce3b31a5ce..8c90735bc7 100644
--- a/test/test-network/conf/25-wireguard-no-peer.netdev
+++ b/test/test-network/conf/25-wireguard-no-peer.netdev
@@ -4,6 +4,6 @@ Name=wg97
 Kind=wireguard
 
 [WireGuard]
-PrivateKey=EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=
+#PrivateKey=EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=
 ListenPort=51821
 FwMark=1235
diff --git a/test/test-network/conf/25-wireguard-preshared-key-peer2-cred.txt b/test/test-network/conf/25-wireguard-preshared-key-peer2-cred.txt
new file mode 100644
index 0000000000..5e79c1914c
--- /dev/null
+++ b/test/test-network/conf/25-wireguard-preshared-key-peer2-cred.txt
@@ -0,0 +1 @@
+6Fsg8XN0DE6aPQgAX4r2oazEYJOGqyHUz3QRH/jCB+I=
diff --git a/test/test-network/conf/25-wireguard.netdev b/test/test-network/conf/25-wireguard.netdev
index 4fed38e57a..6a2bb88c2e 100644
--- a/test/test-network/conf/25-wireguard.netdev
+++ b/test/test-network/conf/25-wireguard.netdev
@@ -13,8 +13,8 @@ RouteMetric=456
 [WireGuardPeer]
 PublicKey=RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=
 AllowedIPs=fd31:bf08:57cb::/48,192.168.26.3/24
-#Endpoint=wireguard.example.com:51820
-Endpoint=192.168.27.3:51820
+#Endpoint=192.168.27.3:51820
+Endpoint=@network.wireguard.peer0.endpoint
 PresharedKey=IIWIV17wutHv7t4cR6pOT91z6NSz/T8Arh0yaywhw3M=
 PersistentKeepalive=20
 RouteTable=1234
diff --git a/test/test-network/conf/25-wireguard.netdev.d/peer2.conf b/test/test-network/conf/25-wireguard.netdev.d/peer2.conf
index bf99a5ab0f..f3440df28f 100644
--- a/test/test-network/conf/25-wireguard.netdev.d/peer2.conf
+++ b/test/test-network/conf/25-wireguard.netdev.d/peer2.conf
@@ -1,5 +1,5 @@
 [WireGuardPeer]
 PublicKey=9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=
-PresharedKey=6Fsg8XN0DE6aPQgAX4r2oazEYJOGqyHUz3QRH/jCB+I=
+PresharedKey=@network.wireguard.peer2.psk
 
 AllowedIPs=192.168.124.3
diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py
index 491dcca9fa..b122e0a491 100755
--- a/test/test-network/systemd-networkd-tests.py
+++ b/test/test-network/systemd-networkd-tests.py
@@ -27,6 +27,7 @@ network_unit_dir = '/run/systemd/network'
 networkd_conf_dropin_dir = '/run/systemd/networkd.conf.d'
 networkd_ci_temp_dir = '/run/networkd-ci'
 udev_rules_dir = '/run/udev/rules.d'
+credstore_dir = '/run/credstore'
 
 dnsmasq_pid_file = '/run/networkd-ci/test-dnsmasq.pid'
 dnsmasq_log_file = '/run/networkd-ci/test-dnsmasq.log'
@@ -298,6 +299,11 @@ def copy_network_unit(*units, copy_dropins=True):
     if has_link:
         udev_reload()
 
+def copy_credential(src, target):
+        mkdir_p(credstore_dir)
+        cp(os.path.join(networkd_ci_temp_dir, src),
+           os.path.join(credstore_dir, target))
+
 def remove_network_unit(*units):
     """
     Remove previously copied unit files from the testbed.
@@ -1784,6 +1790,10 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
 
     @expectedFailureIfModuleIsNotAvailable('wireguard')
     def test_wireguard(self):
+        copy_credential('25-wireguard-endpoint-peer0-cred.txt', 'network.wireguard.peer0.endpoint')
+        copy_credential('25-wireguard-preshared-key-peer2-cred.txt', 'network.wireguard.peer2.psk')
+        copy_credential('25-wireguard-no-peer-private-key-cred.txt', 'network.wireguard.private.25-wireguard-no-peer')
+
         copy_network_unit('25-wireguard.netdev', '25-wireguard.network',
                           '25-wireguard-23-peers.netdev', '25-wireguard-23-peers.network',
                           '25-wireguard-preshared-key.txt', '25-wireguard-private-key.txt',
author	Mike Yuan <me@yhndnzj.com>	2023-12-27 14:38:32 +0100
committer	Mike Yuan <me@yhndnzj.com>	2024-01-09 08:25:30 +0100
commit	fa724cd52c1335d6b3225b74c1a9c801389997ba (patch)
tree	4895528a23101873258669f20e4a1b77425cf6a1 /test/test-network
parent	cocci: merge mfree.cocci and mfree_return.cocci (#30838) (diff)
download	systemd-fa724cd52c1335d6b3225b74c1a9c801389997ba.tar.xz systemd-fa724cd52c1335d6b3225b74c1a9c801389997ba.zip