1#
2#   Copyright 2016 - The Android Open Source Project
3#
4#   Licensed under the Apache License, Version 2.0 (the "License");
5#   you may not use this file except in compliance with the License.
6#   You may obtain a copy of the License at
7#
8#       http://www.apache.org/licenses/LICENSE-2.0
9#
10#   Unless required by applicable law or agreed to in writing, software
11#   distributed under the License is distributed on an "AS IS" BASIS,
12#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13#   See the License for the specific language governing permissions and
14#   limitations under the License.
15
16import time
17
18from acts.controllers.openwrt_ap import MOBLY_CONTROLLER_CONFIG_NAME as OPENWRT
19from acts.test_decorators import test_tracker_info
20from acts_contrib.test_utils.net import connectivity_const
21from acts_contrib.test_utils.net import net_test_utils as nutils
22from acts_contrib.test_utils.wifi import wifi_test_utils as wutils
23from acts_contrib.test_utils.wifi.WifiBaseTest import WifiBaseTest
24
25
26VPN_CONST = connectivity_const.VpnProfile
27VPN_TYPE = connectivity_const.VpnProfileType
28VPN_PARAMS = connectivity_const.VpnReqParams
29
30
31class LegacyVpnTest(WifiBaseTest):
32    """Tests for Legacy VPN in Android.
33
34        Testbed requirement:
35            1. One Android device
36            2. A Wi-Fi network that can reach the VPN servers
37    """
38
39    def setup_class(self):
40        """Setup wi-fi connection and unpack params."""
41        self.dut = self.android_devices[0]
42        req_params = dir(VPN_PARAMS)
43        req_params = [
44            x for x in req_params if not x.startswith("__")
45        ]
46        opt_params = ["wifi_network", "vpn_cert_country",
47                      "vpn_cert_org", "configure_OpenWrt"]
48        self.unpack_userparams(req_param_names=req_params,
49                               opt_param_names=opt_params)
50
51        wutils.wifi_test_device_init(self.dut)
52        wutils.wifi_toggle_state(self.dut, True)
53        if OPENWRT in self.user_params:
54            self.openwrt = self.access_points[0]
55            if hasattr(self, "configure_OpenWrt") and self.configure_OpenWrt == "skip":
56                self.dut.log.info("Skip configure Wifi interface due to config setup.")
57            else:
58                self.configure_openwrt_ap_and_start(wpa_network=True)
59                self.wifi_network = self.openwrt.get_wifi_network()
60
61            # Wait for OpenWrt statement update
62            time.sleep(10)
63            self.openwrt.network_setting.setup_vpn_pptp_server(
64                self.vpn_verify_addresses["PPTP"][0],
65                self.vpn_username,
66                self.vpn_password
67            )
68            self.openwrt.network_setting.setup_vpn_l2tp_server(
69                self.vpn_server_hostname,
70                self.vpn_verify_addresses["L2TP_IPSEC_RSA"][0],
71                self.vpn_username,
72                self.vpn_password,
73                self.vpn_identity,
74                "l2tp-server",
75                self.vpn_cert_country,
76                self.vpn_cert_org
77            )
78        wutils.start_wifi_connection_scan_and_ensure_network_found(
79            self.dut, self.wifi_network["SSID"])
80        wutils.wifi_connect(self.dut, self.wifi_network)
81        time.sleep(3)
82
83        self.vpn_params = {"vpn_username": self.vpn_username,
84                           "vpn_password": self.vpn_password,
85                           "psk_secret": self.psk_secret,
86                           "client_pkcs_file_name": self.client_pkcs_file_name,
87                           "cert_path_vpnserver": self.cert_path_vpnserver,
88                           "cert_password": self.cert_password}
89
90    def teardown_class(self):
91        """Reset wifi to make sure VPN tears down cleanly."""
92        wutils.reset_wifi(self.dut)
93
94    def on_fail(self, test_name, begin_time):
95        self.dut.take_bug_report(test_name, begin_time)
96
97    @test_tracker_info(uuid="d2ac5a65-41fb-48de-a0a9-37e589b5456b")
98    def test_legacy_vpn_pptp(self):
99        """Verify PPTP VPN connection."""
100        vpn = VPN_TYPE.PPTP
101        vpn_profile = nutils.generate_legacy_vpn_profile(
102            self.dut, self.vpn_params,
103            vpn, self.vpn_server_addresses[vpn.name][0],
104            self.ipsec_server_type[2],
105            self.log_path)
106        vpn_addr = self.vpn_verify_addresses[vpn.name][0]
107        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
108
109    @test_tracker_info(uuid="99af78dd-40b8-483a-8344-cd8f67594971")
110    def legacy_vpn_l2tp_ipsec_psk_libreswan(self):
111        """Verify L2TP IPSec PSK VPN connection to libreSwan server."""
112        vpn = VPN_TYPE.L2TP_IPSEC_PSK
113        vpn_profile = nutils.generate_legacy_vpn_profile(
114            self.dut, self.vpn_params,
115            vpn, self.vpn_server_addresses[vpn.name][2],
116            self.ipsec_server_type[2],
117            self.log_path)
118        vpn_addr = self.vpn_verify_addresses[vpn.name][2]
119        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
120
121    @test_tracker_info(uuid="e67d8c38-92c3-4167-8b6c-a49ef939adce")
122    def legacy_vpn_l2tp_ipsec_rsa_libreswan(self):
123        """Verify L2TP IPSec RSA VPN connection to libreSwan server."""
124        vpn = VPN_TYPE.L2TP_IPSEC_RSA
125        vpn_profile = nutils.generate_legacy_vpn_profile(
126            self.dut, self.vpn_params,
127            vpn, self.vpn_server_addresses[vpn.name][2],
128            self.ipsec_server_type[2],
129            self.log_path)
130        vpn_addr = self.vpn_verify_addresses[vpn.name][2]
131        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
132
133    @test_tracker_info(uuid="8b3517dc-6a3b-44c2-a85d-bd7b969df3cf")
134    def legacy_vpn_ipsec_xauth_psk_libreswan(self):
135        """Verify IPSec XAUTH PSK VPN connection to libreSwan server."""
136        vpn = VPN_TYPE.IPSEC_XAUTH_PSK
137        vpn_profile = nutils.generate_legacy_vpn_profile(
138            self.dut, self.vpn_params,
139            vpn, self.vpn_server_addresses[vpn.name][2],
140            self.ipsec_server_type[2],
141            self.log_path)
142        vpn_addr = self.vpn_verify_addresses[vpn.name][2]
143        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
144
145    @test_tracker_info(uuid="abac663d-1d91-4b87-8e94-11c6e44fb07b")
146    def legacy_vpn_ipsec_xauth_rsa_libreswan(self):
147        """Verify IPSec XAUTH RSA VPN connection to libreSwan server."""
148        vpn = VPN_TYPE.IPSEC_XAUTH_RSA
149        vpn_profile = nutils.generate_legacy_vpn_profile(
150            self.dut, self.vpn_params,
151            vpn, self.vpn_server_addresses[vpn.name][2],
152            self.ipsec_server_type[2],
153            self.log_path)
154        vpn_addr = self.vpn_verify_addresses[vpn.name][2]
155        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
156
157    @test_tracker_info(uuid="84140d24-53c0-4f6c-866f-9d66e04442cc")
158    def test_legacy_vpn_l2tp_ipsec_psk_openswan(self):
159        """Verify L2TP IPSec PSK VPN connection to openSwan server."""
160        vpn = VPN_TYPE.L2TP_IPSEC_PSK
161        vpn_profile = nutils.generate_legacy_vpn_profile(
162            self.dut, self.vpn_params,
163            vpn, self.vpn_server_addresses[vpn.name][1],
164            self.ipsec_server_type[1],
165            self.log_path)
166        vpn_addr = self.vpn_verify_addresses[vpn.name][1]
167        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
168
169    @test_tracker_info(uuid="f7087592-7eed-465d-bfe3-ed7b6d9d5f9a")
170    def test_legacy_vpn_l2tp_ipsec_rsa_openswan(self):
171        """Verify L2TP IPSec RSA VPN connection to openSwan server."""
172        vpn = VPN_TYPE.L2TP_IPSEC_RSA
173        vpn_profile = nutils.generate_legacy_vpn_profile(
174            self.dut, self.vpn_params,
175            vpn, self.vpn_server_addresses[vpn.name][1],
176            self.ipsec_server_type[1],
177            self.log_path)
178        vpn_addr = self.vpn_verify_addresses[vpn.name][1]
179        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
180
181    @test_tracker_info(uuid="ed78973b-13ee-4dd4-b998-693ab741c6f8")
182    def test_legacy_vpn_ipsec_xauth_psk_openswan(self):
183        """Verify IPSec XAUTH PSK VPN connection to openSwan server."""
184        vpn = VPN_TYPE.IPSEC_XAUTH_PSK
185        vpn_profile = nutils.generate_legacy_vpn_profile(
186            self.dut, self.vpn_params,
187            vpn, self.vpn_server_addresses[vpn.name][1],
188            self.ipsec_server_type[1],
189            self.log_path)
190        vpn_addr = self.vpn_verify_addresses[vpn.name][1]
191        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
192
193    @test_tracker_info(uuid="cfd125c4-b64c-4c49-b8e4-fbf05a9be8ec")
194    def test_legacy_vpn_ipsec_xauth_rsa_openswan(self):
195        """Verify IPSec XAUTH RSA VPN connection to openSwan server."""
196        vpn = VPN_TYPE.IPSEC_XAUTH_RSA
197        vpn_profile = nutils.generate_legacy_vpn_profile(
198            self.dut, self.vpn_params,
199            vpn, self.vpn_server_addresses[vpn.name][1],
200            self.ipsec_server_type[1],
201            self.log_path)
202        vpn_addr = self.vpn_verify_addresses[vpn.name][1]
203        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
204
205    @test_tracker_info(uuid="419370de-0aa1-4a56-8c22-21567fa1cbb7")
206    def test_legacy_vpn_l2tp_ipsec_psk_strongswan(self):
207        """Verify L2TP IPSec PSk VPN connection to strongSwan server."""
208        vpn = VPN_TYPE.L2TP_IPSEC_PSK
209        vpn_profile = nutils.generate_legacy_vpn_profile(
210            self.dut, self.vpn_params,
211            vpn, self.vpn_server_addresses[vpn.name][0],
212            self.ipsec_server_type[0],
213            self.log_path)
214        vpn_addr = self.vpn_verify_addresses[vpn.name][0]
215        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
216
217    @test_tracker_info(uuid="f7694081-8bd6-4e31-86ec-d538c4ff1f2e")
218    def test_legacy_vpn_l2tp_ipsec_rsa_strongswan(self):
219        """Verify L2TP IPSec RSA VPN connection to strongSwan server."""
220        vpn = VPN_TYPE.L2TP_IPSEC_RSA
221        vpn_profile = nutils.generate_legacy_vpn_profile(
222            self.dut, self.vpn_params,
223            vpn, self.vpn_server_addresses[vpn.name][0],
224            self.ipsec_server_type[0],
225            self.log_path)
226        vpn_addr = self.vpn_verify_addresses[vpn.name][0]
227        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
228
229    @test_tracker_info(uuid="2f86eb98-1e05-42cb-b6a6-fd90789b6cde")
230    def test_legacy_vpn_ipsec_xauth_psk_strongswan(self):
231        """Verify IPSec XAUTH PSK connection to strongSwan server."""
232        vpn = VPN_TYPE.IPSEC_XAUTH_PSK
233        vpn_profile = nutils.generate_legacy_vpn_profile(
234            self.dut, self.vpn_params,
235            vpn, self.vpn_server_addresses[vpn.name][0],
236            self.ipsec_server_type[0],
237            self.log_path)
238        vpn_addr = self.vpn_verify_addresses[vpn.name][0]
239        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
240
241    @test_tracker_info(uuid="af0cd7b1-e86c-4327-91b4-e9062758f2cf")
242    def test_legacy_vpn_ipsec_xauth_rsa_strongswan(self):
243        """Verify IPSec XAUTH RSA connection to strongswan server."""
244        vpn = VPN_TYPE.IPSEC_XAUTH_RSA
245        vpn_profile = nutils.generate_legacy_vpn_profile(
246            self.dut, self.vpn_params,
247            vpn, self.vpn_server_addresses[vpn.name][0],
248            self.ipsec_server_type[0],
249            self.log_path)
250        vpn_addr = self.vpn_verify_addresses[vpn.name][0]
251        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
252
253    @test_tracker_info(uuid="7b970d0a-1c7d-4a5a-b406-4815e190ef26")
254    def test_legacy_vpn_ipsec_hybrid_rsa_strongswan(self):
255        """Verify IPSec Hybrid RSA connection to strongswan server."""
256        vpn = VPN_TYPE.IPSEC_HYBRID_RSA
257        vpn_profile = nutils.generate_legacy_vpn_profile(
258            self.dut, self.vpn_params,
259            vpn, self.vpn_server_addresses[vpn.name][0],
260            self.ipsec_server_type[0],
261            self.log_path)
262        vpn_addr = self.vpn_verify_addresses[vpn.name][0]
263        nutils.legacy_vpn_connection_test_logic(self.dut, vpn_profile, vpn_addr)
264