cisco_node_utils 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +2 -0
- data/.rubocop.yml +3 -0
- data/.rubocop_todo.yml +293 -0
- data/CHANGELOG.md +5 -0
- data/CONTRIBUTING.md +31 -0
- data/Gemfile +4 -0
- data/LICENSE +201 -0
- data/README.md +113 -0
- data/Rakefile +4 -0
- data/cisco_node_utils.gemspec +30 -0
- data/lib/cisco_node_utils.rb +33 -0
- data/lib/cisco_node_utils/README_YAML.md +333 -0
- data/lib/cisco_node_utils/cisco_cmn_utils.rb +92 -0
- data/lib/cisco_node_utils/command_reference.rb +415 -0
- data/lib/cisco_node_utils/command_reference_common.yaml +845 -0
- data/lib/cisco_node_utils/command_reference_n3064.yaml +13 -0
- data/lib/cisco_node_utils/command_reference_n7k.yaml +48 -0
- data/lib/cisco_node_utils/command_reference_n9k.yaml +35 -0
- data/lib/cisco_node_utils/configparser_lib.rb +196 -0
- data/lib/cisco_node_utils/interface.rb +501 -0
- data/lib/cisco_node_utils/interface_ospf.rb +241 -0
- data/lib/cisco_node_utils/node.rb +673 -0
- data/lib/cisco_node_utils/platform.rb +184 -0
- data/lib/cisco_node_utils/platform_info.rb +58 -0
- data/lib/cisco_node_utils/platform_info.yaml +10 -0
- data/lib/cisco_node_utils/router_ospf.rb +96 -0
- data/lib/cisco_node_utils/router_ospf_vrf.rb +258 -0
- data/lib/cisco_node_utils/snmpcommunity.rb +91 -0
- data/lib/cisco_node_utils/snmpgroup.rb +55 -0
- data/lib/cisco_node_utils/snmpserver.rb +150 -0
- data/lib/cisco_node_utils/snmpuser.rb +342 -0
- data/lib/cisco_node_utils/tacacs_server.rb +175 -0
- data/lib/cisco_node_utils/tacacs_server_host.rb +128 -0
- data/lib/cisco_node_utils/version.rb +17 -0
- data/lib/cisco_node_utils/vlan.rb +153 -0
- data/lib/cisco_node_utils/vtp.rb +127 -0
- data/lib/cisco_node_utils/yum.rb +84 -0
- data/tests/basetest.rb +93 -0
- data/tests/ciscotest.rb +136 -0
- data/tests/cmd_config.yaml +51 -0
- data/tests/cmd_config_invalid.yaml +16 -0
- data/tests/test_all_cisco.rb +46 -0
- data/tests/test_command_config.rb +192 -0
- data/tests/test_command_reference.rb +222 -0
- data/tests/test_interface.rb +1017 -0
- data/tests/test_interface_ospf.rb +763 -0
- data/tests/test_interface_svi.rb +267 -0
- data/tests/test_interface_switchport.rb +722 -0
- data/tests/test_node.rb +108 -0
- data/tests/test_node_ext.rb +450 -0
- data/tests/test_platform.rb +188 -0
- data/tests/test_router_ospf.rb +164 -0
- data/tests/test_router_ospf_vrf.rb +753 -0
- data/tests/test_snmpcommunity.rb +344 -0
- data/tests/test_snmpgroup.rb +71 -0
- data/tests/test_snmpserver.rb +443 -0
- data/tests/test_snmpuser.rb +803 -0
- data/tests/test_tacacs_server.rb +388 -0
- data/tests/test_tacacs_server_host.rb +391 -0
- data/tests/test_vlan.rb +264 -0
- data/tests/test_vtp.rb +319 -0
- data/tests/test_yum.rb +106 -0
- metadata +188 -0
|
@@ -0,0 +1,803 @@
|
|
|
1
|
+
# Copyright (c) 2013-2015 Cisco and/or its affiliates.
|
|
2
|
+
#
|
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
# you may not use this file except in compliance with the License.
|
|
5
|
+
# You may obtain a copy of the License at
|
|
6
|
+
#
|
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
#
|
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
# See the License for the specific language governing permissions and
|
|
13
|
+
# limitations under the License.
|
|
14
|
+
|
|
15
|
+
require File.expand_path("../ciscotest", __FILE__)
|
|
16
|
+
require File.expand_path("../../lib/cisco_node_utils/snmpuser", __FILE__)
|
|
17
|
+
|
|
18
|
+
DEFAULT_SNMP_USER_AUTH_PASSWORD = ""
|
|
19
|
+
DEFAULT_SNMP_USER_PRIV_PASSWORD = ""
|
|
20
|
+
DEFAULT_SNMP_USER_GROUP_NAME = "network-operator"
|
|
21
|
+
|
|
22
|
+
class TestSnmpUser < CiscoTestCase
|
|
23
|
+
## test cases starts here
|
|
24
|
+
|
|
25
|
+
def test_snmpuser_collection_not_empty
|
|
26
|
+
s = @device.cmd("conf t")
|
|
27
|
+
s = @device.cmd("snmp-server user tester")
|
|
28
|
+
s = @device.cmd("end")
|
|
29
|
+
# flush cache
|
|
30
|
+
node.cache_flush
|
|
31
|
+
snmpusers = SnmpUser.users()
|
|
32
|
+
assert_equal(false, snmpusers.empty?(),
|
|
33
|
+
"SnmpUser collection is empty")
|
|
34
|
+
s = @device.cmd("conf t")
|
|
35
|
+
s = @device.cmd("no snmp-server user tester")
|
|
36
|
+
s = @device.cmd("end")
|
|
37
|
+
node.cache_flush
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def test_engine_id_valid_and_none
|
|
41
|
+
s = @device.cmd("conf t")
|
|
42
|
+
s = @device.cmd("snmp-server user tester auth sha password engineID 22:22:22:22:23:22")
|
|
43
|
+
s = @device.cmd("snmp-server user tester2")
|
|
44
|
+
s = @device.cmd("end")
|
|
45
|
+
|
|
46
|
+
node.cache_flush
|
|
47
|
+
snmpusers = SnmpUser.users()
|
|
48
|
+
|
|
49
|
+
snmpusers.each { |name, snmpuser|
|
|
50
|
+
if snmpuser.name == "tester"
|
|
51
|
+
assert_equal("22:22:22:22:23:22", snmpuser.engine_id)
|
|
52
|
+
snmpuser.destroy
|
|
53
|
+
elsif snmpuser.name == "tester2"
|
|
54
|
+
assert_equal("", snmpuser.engine_id)
|
|
55
|
+
snmpuser.destroy
|
|
56
|
+
end
|
|
57
|
+
}
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def test_snmpuser_create_name_empty
|
|
61
|
+
name = ""
|
|
62
|
+
groups = []
|
|
63
|
+
groups << "network-admin"
|
|
64
|
+
assert_raises(ArgumentError) do
|
|
65
|
+
snmpuser = SnmpUser.new(name,
|
|
66
|
+
groups,
|
|
67
|
+
:none, "",
|
|
68
|
+
:none, "",
|
|
69
|
+
false,
|
|
70
|
+
"")
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def test_snmpuser_create_with_single_invalid_group_noauth_nopriv
|
|
75
|
+
name = "userv3test"
|
|
76
|
+
groups = []
|
|
77
|
+
groups << "network-admin123"
|
|
78
|
+
assert_raises(CliError) do
|
|
79
|
+
snmpuser = SnmpUser.new(name,
|
|
80
|
+
groups,
|
|
81
|
+
:none, "",
|
|
82
|
+
:none, "",
|
|
83
|
+
false,
|
|
84
|
+
"")
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
def test_snmpuser_create_with_single_group_noauth_nopriv
|
|
89
|
+
name = "userv3test2"
|
|
90
|
+
groups = []
|
|
91
|
+
groups << "network-admin"
|
|
92
|
+
snmpuser = SnmpUser.new(name,
|
|
93
|
+
groups,
|
|
94
|
+
:none, "",
|
|
95
|
+
:none, "",
|
|
96
|
+
false,
|
|
97
|
+
"")
|
|
98
|
+
s = @device.cmd("show run snmp all | no-more")
|
|
99
|
+
line = /snmp-server user #{name} network-admin/.match(s)
|
|
100
|
+
# puts "line: #{line}"
|
|
101
|
+
refute(line.nil?)
|
|
102
|
+
snmpuser.destroy
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
def test_snmpuser_create_with_multi_group_noauth_nopriv
|
|
106
|
+
name = "userv3test3"
|
|
107
|
+
groups = []
|
|
108
|
+
groups << "network-admin"
|
|
109
|
+
groups << "vdc-admin"
|
|
110
|
+
snmpuser = SnmpUser.new(name,
|
|
111
|
+
groups,
|
|
112
|
+
:none, "",
|
|
113
|
+
:none, "",
|
|
114
|
+
false,
|
|
115
|
+
"")
|
|
116
|
+
s = @device.cmd("show run snmp all | no-more")
|
|
117
|
+
groups.each do | group |
|
|
118
|
+
line = /snmp-server user #{name} #{group}/.match(s)
|
|
119
|
+
# puts "line: #{line}"
|
|
120
|
+
refute(line.nil?)
|
|
121
|
+
end
|
|
122
|
+
snmpuser.destroy
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
def test_snmpuser_destroy
|
|
126
|
+
name = "userv3testdestroy"
|
|
127
|
+
group = "network-operator"
|
|
128
|
+
s = @device.cmd("configure terminal")
|
|
129
|
+
s = @device.cmd("snmp-server user #{name} #{group}")
|
|
130
|
+
s = @device.cmd("end")
|
|
131
|
+
node.cache_flush
|
|
132
|
+
|
|
133
|
+
node.cache_flush
|
|
134
|
+
|
|
135
|
+
# get user
|
|
136
|
+
snmpusers = SnmpUser.users()
|
|
137
|
+
snmpusers.each do |key, snmpuser|
|
|
138
|
+
# puts "name: #{snmpuser.name}"
|
|
139
|
+
if key == name
|
|
140
|
+
assert_equal(snmpuser.name, name)
|
|
141
|
+
assert(snmpuser.engine_id.empty?)
|
|
142
|
+
# destroy the user
|
|
143
|
+
snmpuser.destroy
|
|
144
|
+
break
|
|
145
|
+
end
|
|
146
|
+
end
|
|
147
|
+
# check user got removed.
|
|
148
|
+
s = @device.cmd("show run snmp all | no-more")
|
|
149
|
+
line = /snmp-server user #{name} #{group}/.match(s)
|
|
150
|
+
assert(line.nil?)
|
|
151
|
+
assert(SnmpUser.users[name].nil?)
|
|
152
|
+
end
|
|
153
|
+
|
|
154
|
+
def test_snmpuser_auth_password_equal_invalid_param
|
|
155
|
+
name = "testV3PwEqualInvalid"
|
|
156
|
+
auth_pw = "test1234567"
|
|
157
|
+
s = @device.cmd("configure terminal")
|
|
158
|
+
s = @device.cmd("snmp-server user #{name} network-admin auth md5 #{auth_pw}")
|
|
159
|
+
s = @device.cmd("end")
|
|
160
|
+
|
|
161
|
+
# flush cache
|
|
162
|
+
node.cache_flush
|
|
163
|
+
# get users
|
|
164
|
+
snmpusers = SnmpUser.users()
|
|
165
|
+
s = @device.cmd("show snmp user | no-more")
|
|
166
|
+
snmpusers.each do |key, snmpuser|
|
|
167
|
+
refute(snmpuser.auth_password_equal?("", false)) if key == name
|
|
168
|
+
end
|
|
169
|
+
# unconfigure
|
|
170
|
+
s = @device.cmd("configure terminal")
|
|
171
|
+
s = @device.cmd("no snmp-server user #{name}")
|
|
172
|
+
s = @device.cmd("end")
|
|
173
|
+
node.cache_flush
|
|
174
|
+
end
|
|
175
|
+
|
|
176
|
+
def test_snmpuser_auth_priv_password_equal_invalid_param
|
|
177
|
+
name = "testV3PwEqualInvalid"
|
|
178
|
+
auth_pw = "test1234567"
|
|
179
|
+
s = @device.cmd("configure terminal")
|
|
180
|
+
s = @device.cmd("snmp-server user #{name} network-admin auth md5 #{auth_pw} priv #{auth_pw}")
|
|
181
|
+
s = @device.cmd("end")
|
|
182
|
+
|
|
183
|
+
# flush cache
|
|
184
|
+
node.cache_flush
|
|
185
|
+
# get users
|
|
186
|
+
snmpusers = SnmpUser.users()
|
|
187
|
+
snmpusers.each do |key, snmpuser|
|
|
188
|
+
if key == name
|
|
189
|
+
refute(snmpuser.auth_password_equal?("", false))
|
|
190
|
+
refute(snmpuser.priv_password_equal?("", false))
|
|
191
|
+
end
|
|
192
|
+
end
|
|
193
|
+
# unconfigure
|
|
194
|
+
s = @device.cmd("configure terminal")
|
|
195
|
+
s = @device.cmd("no snmp-server user #{name}")
|
|
196
|
+
s = @device.cmd("end")
|
|
197
|
+
node.cache_flush
|
|
198
|
+
end
|
|
199
|
+
|
|
200
|
+
def test_snmpuser_auth_password_equal_priv_invalid_param
|
|
201
|
+
name = "testV3PwEqualInvalid"
|
|
202
|
+
auth_pw = "test1234567"
|
|
203
|
+
s = @device.cmd("configure terminal")
|
|
204
|
+
s = @device.cmd("snmp-server user #{name} network-operator auth md5 #{auth_pw} priv #{auth_pw}")
|
|
205
|
+
s = @device.cmd("end")
|
|
206
|
+
|
|
207
|
+
# flush cache
|
|
208
|
+
node.cache_flush
|
|
209
|
+
# get users
|
|
210
|
+
snmpusers = SnmpUser.users()
|
|
211
|
+
snmpusers.each do |key, snmpuser|
|
|
212
|
+
if key == name
|
|
213
|
+
assert(snmpuser.auth_password_equal?(auth_pw, false))
|
|
214
|
+
refute(snmpuser.priv_password_equal?("", false))
|
|
215
|
+
end
|
|
216
|
+
end
|
|
217
|
+
# unconfigure
|
|
218
|
+
s = @device.cmd("configure terminal")
|
|
219
|
+
s = @device.cmd("no snmp-server user #{name}")
|
|
220
|
+
s = @device.cmd("end")
|
|
221
|
+
node.cache_flush
|
|
222
|
+
end
|
|
223
|
+
|
|
224
|
+
def test_snmpuser_auth_password_not_equal
|
|
225
|
+
name = "testV3PwEqual"
|
|
226
|
+
auth_pw = "test1234567"
|
|
227
|
+
s = @device.cmd("configure terminal")
|
|
228
|
+
s = @device.cmd("snmp-server user #{name} network-admin auth md5 #{auth_pw}")
|
|
229
|
+
s = @device.cmd("end")
|
|
230
|
+
|
|
231
|
+
# flush cache
|
|
232
|
+
node.cache_flush
|
|
233
|
+
# get users
|
|
234
|
+
snmpusers = SnmpUser.users()
|
|
235
|
+
snmpusers.each do |key, snmpuser|
|
|
236
|
+
refute(snmpuser.auth_password_equal?("test12345", false)) if key == name
|
|
237
|
+
end
|
|
238
|
+
s = @device.cmd("configure terminal")
|
|
239
|
+
s = @device.cmd("no snmp-server user #{name}")
|
|
240
|
+
s = @device.cmd("end")
|
|
241
|
+
node.cache_flush
|
|
242
|
+
end
|
|
243
|
+
|
|
244
|
+
def test_snmpuser_auth_password_equal
|
|
245
|
+
name = "testV3PwEqual"
|
|
246
|
+
auth_pw = "test1234567"
|
|
247
|
+
s = @device.cmd("configure terminal")
|
|
248
|
+
s = @device.cmd("snmp-server user #{name} network-admin auth md5 #{auth_pw}")
|
|
249
|
+
s = @device.cmd("end")
|
|
250
|
+
|
|
251
|
+
# flush cache
|
|
252
|
+
node.cache_flush
|
|
253
|
+
# get users
|
|
254
|
+
snmpusers = SnmpUser.users()
|
|
255
|
+
snmpusers.each do |key, snmpuser|
|
|
256
|
+
assert(snmpuser.auth_password_equal?(auth_pw, false)) if key == name
|
|
257
|
+
end
|
|
258
|
+
s = @device.cmd("configure terminal")
|
|
259
|
+
s = @device.cmd("no snmp-server user #{name}")
|
|
260
|
+
s = @device.cmd("end")
|
|
261
|
+
node.cache_flush
|
|
262
|
+
end
|
|
263
|
+
|
|
264
|
+
def test_snmpuser_auth_clear_password_localizedkey_false
|
|
265
|
+
name = "testV3ClearPwLocalFalse"
|
|
266
|
+
auth_pw = "test123456"
|
|
267
|
+
groups = []
|
|
268
|
+
groups << "network-admin"
|
|
269
|
+
assert_raises(CliError) do
|
|
270
|
+
snmpuser = SnmpUser.new(name,
|
|
271
|
+
groups,
|
|
272
|
+
:sha, auth_pw,
|
|
273
|
+
:none, "",
|
|
274
|
+
true,
|
|
275
|
+
"")
|
|
276
|
+
end
|
|
277
|
+
end
|
|
278
|
+
|
|
279
|
+
def test_snmpuser_auth_password_equal_localizedkey
|
|
280
|
+
name = "testV3PwEqual"
|
|
281
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
282
|
+
s = @device.cmd("configure terminal")
|
|
283
|
+
s = @device.cmd("snmp-server user #{name} network-admin auth md5 #{auth_pw} localizedkey")
|
|
284
|
+
s = @device.cmd("end")
|
|
285
|
+
|
|
286
|
+
# flush cache
|
|
287
|
+
node.cache_flush
|
|
288
|
+
# get users
|
|
289
|
+
snmpusers = SnmpUser.users()
|
|
290
|
+
snmpusers.each do |key, snmpuser|
|
|
291
|
+
if key == name
|
|
292
|
+
assert(snmpuser.auth_password_equal?(auth_pw, true))
|
|
293
|
+
# we should verify that if we give a wrong password, the api will return false
|
|
294
|
+
refute(snmpuser.auth_password_equal?("0xfe6c", true))
|
|
295
|
+
end
|
|
296
|
+
end
|
|
297
|
+
s = @device.cmd("configure terminal")
|
|
298
|
+
s = @device.cmd("no snmp-server user #{name}")
|
|
299
|
+
s = @device.cmd("end")
|
|
300
|
+
node.cache_flush
|
|
301
|
+
end
|
|
302
|
+
|
|
303
|
+
def test_snmpuser_auth_priv_password_equal_localizedkey
|
|
304
|
+
name = "testV3PwEqual"
|
|
305
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
306
|
+
priv_pw = "0x29916eac22d90362598abef1b9045018"
|
|
307
|
+
s = @device.cmd("configure terminal")
|
|
308
|
+
s = @device.cmd("snmp-server user #{name} network-admin auth md5 #{auth_pw} priv aes-128 #{priv_pw} localizedkey")
|
|
309
|
+
s = @device.cmd("end")
|
|
310
|
+
|
|
311
|
+
# flush cache
|
|
312
|
+
node.cache_flush
|
|
313
|
+
# get users
|
|
314
|
+
snmpusers = SnmpUser.users()
|
|
315
|
+
snmpusers.each do |key, snmpuser|
|
|
316
|
+
if key == name
|
|
317
|
+
assert(snmpuser.auth_password_equal?(auth_pw, true))
|
|
318
|
+
assert(snmpuser.priv_password_equal?(priv_pw, true))
|
|
319
|
+
refute(snmpuser.priv_password_equal?("0x2291", true))
|
|
320
|
+
end
|
|
321
|
+
end
|
|
322
|
+
s = @device.cmd("configure terminal")
|
|
323
|
+
s = @device.cmd("no snmp-server user #{name}")
|
|
324
|
+
s = @device.cmd("end")
|
|
325
|
+
node.cache_flush
|
|
326
|
+
end
|
|
327
|
+
|
|
328
|
+
def test_snmpuser_auth_priv_des_password_equal
|
|
329
|
+
name = "testV3PwEqual"
|
|
330
|
+
auth_pw = "test1234567"
|
|
331
|
+
priv_pw = "testdes1234"
|
|
332
|
+
s = @device.cmd("configure terminal")
|
|
333
|
+
s = @device.cmd("snmp-server user #{name} network-operator auth md5 #{auth_pw} priv #{priv_pw}")
|
|
334
|
+
s = @device.cmd("end")
|
|
335
|
+
|
|
336
|
+
# flush cache
|
|
337
|
+
node.cache_flush
|
|
338
|
+
# get users
|
|
339
|
+
snmpusers = SnmpUser.users()
|
|
340
|
+
s = @device.cmd("show snmp user | no-more")
|
|
341
|
+
snmpusers.each do |key, snmpuser|
|
|
342
|
+
if key == name
|
|
343
|
+
assert(snmpuser.auth_password_equal?(auth_pw, false))
|
|
344
|
+
assert(snmpuser.priv_password_equal?(priv_pw, false))
|
|
345
|
+
end
|
|
346
|
+
end
|
|
347
|
+
s = @device.cmd("configure terminal")
|
|
348
|
+
s = @device.cmd("no snmp-server user #{name}")
|
|
349
|
+
s = @device.cmd("end")
|
|
350
|
+
node.cache_flush
|
|
351
|
+
end
|
|
352
|
+
|
|
353
|
+
def test_snmpuser_create_with_single_group_unknown_auth_nopriv
|
|
354
|
+
name = "userv3testUnknownAuth"
|
|
355
|
+
groups = []
|
|
356
|
+
groups << "network-admin"
|
|
357
|
+
assert_raises(ArgumentError) do
|
|
358
|
+
snmpuser = SnmpUser.new(name,
|
|
359
|
+
groups,
|
|
360
|
+
:none, "test12345",
|
|
361
|
+
:none, "",
|
|
362
|
+
false,
|
|
363
|
+
"")
|
|
364
|
+
end
|
|
365
|
+
end
|
|
366
|
+
|
|
367
|
+
def test_snmpuser_create_with_single_group_auth_unknown_priv
|
|
368
|
+
name = "userv3testUnknownPriv"
|
|
369
|
+
groups = []
|
|
370
|
+
groups << "network-admin"
|
|
371
|
+
assert_raises(ArgumentError) do
|
|
372
|
+
snmpuser = SnmpUser.new(name,
|
|
373
|
+
groups,
|
|
374
|
+
:sha, "test12345",
|
|
375
|
+
:none, "test12345",
|
|
376
|
+
false,
|
|
377
|
+
"")
|
|
378
|
+
end
|
|
379
|
+
end
|
|
380
|
+
|
|
381
|
+
def test_snmpuser_create_with_single_group_auth_md5_nopriv
|
|
382
|
+
name = "userv3test5"
|
|
383
|
+
groups = []
|
|
384
|
+
groups << "network-admin"
|
|
385
|
+
auth_pw = "test1234567"
|
|
386
|
+
snmpuser = SnmpUser.new(name,
|
|
387
|
+
groups,
|
|
388
|
+
:md5, auth_pw,
|
|
389
|
+
:none, "",
|
|
390
|
+
false, # clear text
|
|
391
|
+
"")
|
|
392
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
393
|
+
line = /snmp-server user #{name} network-admin auth md5 \S+ localizedkey/.match(s)
|
|
394
|
+
# puts "line: #{line}"
|
|
395
|
+
refute(line.nil?)
|
|
396
|
+
snmpuser.destroy
|
|
397
|
+
end
|
|
398
|
+
|
|
399
|
+
def test_snmpuser_create_with_single_group_auth_md5_nopriv_pw_localized
|
|
400
|
+
name = "userv3testauth"
|
|
401
|
+
groups = []
|
|
402
|
+
groups << "network-admin"
|
|
403
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
404
|
+
snmpuser = SnmpUser.new(name,
|
|
405
|
+
groups,
|
|
406
|
+
:md5, auth_pw,
|
|
407
|
+
:none, "",
|
|
408
|
+
true, # localized
|
|
409
|
+
"")
|
|
410
|
+
assert_equal(snmpuser.name, name)
|
|
411
|
+
assert(snmpuser.engine_id.empty?)
|
|
412
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
413
|
+
# puts "cmd #{s}"
|
|
414
|
+
line = /snmp-server user #{name} network-admin auth md5 #{auth_pw} localizedkey/.match(s)
|
|
415
|
+
# puts "line: #{line}"
|
|
416
|
+
refute(line.nil?)
|
|
417
|
+
snmpuser.destroy
|
|
418
|
+
end
|
|
419
|
+
|
|
420
|
+
def test_snmpuser_create_with_single_group_auth_sha_nopriv
|
|
421
|
+
name = "userv3testsha"
|
|
422
|
+
groups = []
|
|
423
|
+
groups << "network-admin"
|
|
424
|
+
auth_pw = "test1234567"
|
|
425
|
+
snmpuser = SnmpUser.new(name,
|
|
426
|
+
groups,
|
|
427
|
+
:sha, auth_pw,
|
|
428
|
+
:none, "",
|
|
429
|
+
false, # clear text
|
|
430
|
+
"")
|
|
431
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
432
|
+
line = /snmp-server user #{name} network-admin auth sha \S+ localizedkey/.match(s)
|
|
433
|
+
# puts "line: #{line}"
|
|
434
|
+
refute(line.nil?)
|
|
435
|
+
snmpuser.destroy
|
|
436
|
+
end
|
|
437
|
+
|
|
438
|
+
def test_snmpuser_create_with_single_group_auth_sha_clear_pw_nopriv_pw_localized_true
|
|
439
|
+
name = "userv3testauthsha1"
|
|
440
|
+
groups = []
|
|
441
|
+
groups << "network-admin"
|
|
442
|
+
auth_pw = "test123456"
|
|
443
|
+
assert_raises(CliError) do
|
|
444
|
+
snmpuser = SnmpUser.new(name,
|
|
445
|
+
groups,
|
|
446
|
+
:sha, auth_pw,
|
|
447
|
+
:none, "",
|
|
448
|
+
true, # localized key
|
|
449
|
+
"")
|
|
450
|
+
end
|
|
451
|
+
end
|
|
452
|
+
|
|
453
|
+
def test_snmpuser_create_with_single_group_auth_sha_short_length_pw_nopriv
|
|
454
|
+
name = "userv3testauthsha2"
|
|
455
|
+
groups = []
|
|
456
|
+
groups << "network-admin"
|
|
457
|
+
auth_pw = "test" # NXOS Password must be atleast 8 characters
|
|
458
|
+
assert_raises(CliError) do
|
|
459
|
+
snmpuser = SnmpUser.new(name,
|
|
460
|
+
groups,
|
|
461
|
+
:sha, auth_pw,
|
|
462
|
+
:none, "",
|
|
463
|
+
false, # localized key
|
|
464
|
+
"")
|
|
465
|
+
end
|
|
466
|
+
end
|
|
467
|
+
|
|
468
|
+
# If the auth pw is in hex and localized key param in constructor is false,
|
|
469
|
+
# then the pw got localized by the device again.
|
|
470
|
+
def test_snmpuser_create_with_single_group_auth_sha_nopriv_pw_localized_localizedkey_false
|
|
471
|
+
name = "userv3testauthsha3"
|
|
472
|
+
groups = []
|
|
473
|
+
groups << "network-admin"
|
|
474
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
475
|
+
|
|
476
|
+
snmpuser = SnmpUser.new(name,
|
|
477
|
+
groups,
|
|
478
|
+
:sha, auth_pw,
|
|
479
|
+
:none, "",
|
|
480
|
+
false, # localized key
|
|
481
|
+
"")
|
|
482
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
483
|
+
# puts "cmd #{s}"
|
|
484
|
+
line = /snmp-server user #{name} network-admin auth sha \S+ localizedkey/.match(s)
|
|
485
|
+
# puts "line: #{line}"
|
|
486
|
+
refute(line.nil?)
|
|
487
|
+
snmpuser.destroy
|
|
488
|
+
end
|
|
489
|
+
|
|
490
|
+
def test_snmpuser_create_with_single_group_auth_sha_nopriv_pw_localized
|
|
491
|
+
name = "userv3testauthsha4"
|
|
492
|
+
groups = []
|
|
493
|
+
groups << "network-admin"
|
|
494
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
495
|
+
snmpuser = SnmpUser.new(name,
|
|
496
|
+
groups,
|
|
497
|
+
:sha, auth_pw,
|
|
498
|
+
:none, "",
|
|
499
|
+
true, # localized
|
|
500
|
+
"")
|
|
501
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
502
|
+
# puts "cmd #{s}"
|
|
503
|
+
line = /snmp-server user #{name} network-admin auth sha #{auth_pw} localizedkey/.match(s)
|
|
504
|
+
# puts "line: #{line}"
|
|
505
|
+
refute(line.nil?)
|
|
506
|
+
snmpuser.destroy
|
|
507
|
+
end
|
|
508
|
+
|
|
509
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_des
|
|
510
|
+
name = "userv3test6"
|
|
511
|
+
groups = []
|
|
512
|
+
groups << "network-admin"
|
|
513
|
+
auth_pw = "test1234567"
|
|
514
|
+
priv_pw = "priv1234567des"
|
|
515
|
+
snmpuser = SnmpUser.new(name,
|
|
516
|
+
groups,
|
|
517
|
+
:md5, auth_pw,
|
|
518
|
+
:des, priv_pw,
|
|
519
|
+
false, # clear text
|
|
520
|
+
"")
|
|
521
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
522
|
+
line = /snmp-server user #{name} network-admin auth md5 \S+ priv \S+ localizedkey/.match(s)
|
|
523
|
+
# puts "line: #{line}"
|
|
524
|
+
refute(line.nil?)
|
|
525
|
+
snmpuser.destroy
|
|
526
|
+
end
|
|
527
|
+
|
|
528
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_des_pw_localized
|
|
529
|
+
name = "userv3testauth"
|
|
530
|
+
groups = []
|
|
531
|
+
groups << "network-admin"
|
|
532
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
533
|
+
priv_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
534
|
+
snmpuser = SnmpUser.new(name,
|
|
535
|
+
groups,
|
|
536
|
+
:md5, auth_pw,
|
|
537
|
+
:des, priv_pw,
|
|
538
|
+
true, # localized
|
|
539
|
+
"")
|
|
540
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
541
|
+
# puts "cmd #{s}"
|
|
542
|
+
line = /snmp-server user #{name} network-admin auth md5 #{auth_pw} priv #{priv_pw} localizedkey/.match(s)
|
|
543
|
+
# puts "line: #{line}"
|
|
544
|
+
refute(line.nil?)
|
|
545
|
+
snmpuser.destroy
|
|
546
|
+
end
|
|
547
|
+
|
|
548
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_aes128
|
|
549
|
+
name = "userv3test7"
|
|
550
|
+
groups = []
|
|
551
|
+
groups << "network-admin"
|
|
552
|
+
auth_pw = "test1234567"
|
|
553
|
+
priv_pw = "priv1234567aes"
|
|
554
|
+
snmpuser = SnmpUser.new(name,
|
|
555
|
+
groups,
|
|
556
|
+
:md5, auth_pw,
|
|
557
|
+
:aes128, priv_pw,
|
|
558
|
+
false, # clear text
|
|
559
|
+
"")
|
|
560
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
561
|
+
line = /snmp-server user #{name} network-admin auth md5 \S+ priv aes-128 \S+ localizedkey/.match(s)
|
|
562
|
+
# puts "line: #{line}"
|
|
563
|
+
refute(line.nil?)
|
|
564
|
+
snmpuser.destroy
|
|
565
|
+
end
|
|
566
|
+
|
|
567
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_aes128_pw_localized
|
|
568
|
+
name = "userv3testauth"
|
|
569
|
+
groups = []
|
|
570
|
+
groups << "network-admin"
|
|
571
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
572
|
+
priv_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
573
|
+
snmpuser = SnmpUser.new(name,
|
|
574
|
+
groups,
|
|
575
|
+
:md5, auth_pw,
|
|
576
|
+
:aes128, priv_pw,
|
|
577
|
+
true, # localized
|
|
578
|
+
"")
|
|
579
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
580
|
+
# puts "cmd #{s}"
|
|
581
|
+
line = /snmp-server user #{name} network-admin auth md5 #{auth_pw} priv aes-128 #{priv_pw} localizedkey/.match(s)
|
|
582
|
+
# puts "line: #{line}"
|
|
583
|
+
refute(line.nil?)
|
|
584
|
+
snmpuser.destroy
|
|
585
|
+
end
|
|
586
|
+
|
|
587
|
+
def test_snmpuser_create_with_single_group_auth_sha_priv_des
|
|
588
|
+
name = "userv3test8"
|
|
589
|
+
groups = []
|
|
590
|
+
groups << "network-admin"
|
|
591
|
+
auth_pw = "test1234567"
|
|
592
|
+
priv_pw = "priv1234567des"
|
|
593
|
+
snmpuser = SnmpUser.new(name,
|
|
594
|
+
groups,
|
|
595
|
+
:sha, auth_pw,
|
|
596
|
+
:des, priv_pw,
|
|
597
|
+
false, # clear text
|
|
598
|
+
"")
|
|
599
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
600
|
+
line = /snmp-server user #{name} network-admin auth sha \S+ priv \S+ localizedkey/.match(s)
|
|
601
|
+
# puts "line: #{line}"
|
|
602
|
+
refute(line.nil?)
|
|
603
|
+
snmpuser.destroy
|
|
604
|
+
end
|
|
605
|
+
|
|
606
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_sha_pw_localized
|
|
607
|
+
name = "userv3testauth"
|
|
608
|
+
groups = []
|
|
609
|
+
groups << "network-admin"
|
|
610
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
611
|
+
priv_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
612
|
+
snmpuser = SnmpUser.new(name,
|
|
613
|
+
groups,
|
|
614
|
+
:sha, auth_pw,
|
|
615
|
+
:des, priv_pw,
|
|
616
|
+
true, # localized
|
|
617
|
+
"")
|
|
618
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
619
|
+
# puts "cmd #{s}"
|
|
620
|
+
line = /snmp-server user #{name} network-admin auth sha #{auth_pw} priv #{priv_pw} localizedkey/.match(s)
|
|
621
|
+
# puts "line: #{line}"
|
|
622
|
+
refute(line.nil?)
|
|
623
|
+
snmpuser.destroy
|
|
624
|
+
end
|
|
625
|
+
|
|
626
|
+
def test_snmpuser_create_with_single_group_auth_sha_priv_aes128
|
|
627
|
+
name = "userv3test9"
|
|
628
|
+
groups = []
|
|
629
|
+
groups << "network-admin"
|
|
630
|
+
auth_pw = "test1234567"
|
|
631
|
+
priv_pw = "priv1234567aes"
|
|
632
|
+
snmpuser = SnmpUser.new(name,
|
|
633
|
+
groups,
|
|
634
|
+
:sha, auth_pw,
|
|
635
|
+
:aes128, priv_pw,
|
|
636
|
+
false, # clear text
|
|
637
|
+
"")
|
|
638
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
639
|
+
line = /snmp-server user #{name} network-admin auth sha \S+ priv aes-128 \S+ localizedkey/.match(s)
|
|
640
|
+
# puts "line: #{line}"
|
|
641
|
+
refute(line.nil?)
|
|
642
|
+
snmpuser.destroy
|
|
643
|
+
end
|
|
644
|
+
|
|
645
|
+
def test_snmpuser_create_with_single_group_auth_sha_priv_aes128_pw_localized
|
|
646
|
+
name = "userv3testauth"
|
|
647
|
+
groups = []
|
|
648
|
+
groups << "network-admin"
|
|
649
|
+
auth_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
650
|
+
priv_pw = "0xfe6cf9aea159c2c38e0a79ec23ed3cbb"
|
|
651
|
+
snmpuser = SnmpUser.new(name,
|
|
652
|
+
groups,
|
|
653
|
+
:sha, auth_pw,
|
|
654
|
+
:aes128, priv_pw,
|
|
655
|
+
true, # localized
|
|
656
|
+
"")
|
|
657
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
658
|
+
line = /snmp-server user #{name} network-admin auth sha #{auth_pw} priv aes-128 #{priv_pw} localizedkey/.match(s)
|
|
659
|
+
# puts "line: #{line}"
|
|
660
|
+
refute(line.nil?)
|
|
661
|
+
snmpuser.destroy
|
|
662
|
+
end
|
|
663
|
+
|
|
664
|
+
def test_snmpuser_create_destroy_with_engine_id
|
|
665
|
+
name = "test_with_engine_id"
|
|
666
|
+
auth_pw = "testpassword"
|
|
667
|
+
priv_pw = "testpassword"
|
|
668
|
+
engine_id = "128:12:12:12:12"
|
|
669
|
+
snmpuser = SnmpUser.new(name, [""], :md5, auth_pw, :des, priv_pw,
|
|
670
|
+
false, engine_id)
|
|
671
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
672
|
+
line = /snmp-server user #{name} auth \S+ \S+ priv .*\S+ localizedkey engineID #{engine_id}/.match(s)
|
|
673
|
+
refute(line.nil?)
|
|
674
|
+
user = SnmpUser.users["#{name} #{engine_id}"]
|
|
675
|
+
refute(user.nil?)
|
|
676
|
+
assert_equal(snmpuser.name, user.name)
|
|
677
|
+
assert_equal(snmpuser.name, name)
|
|
678
|
+
assert_equal(snmpuser.engine_id, engine_id)
|
|
679
|
+
assert_equal(snmpuser.engine_id, user.engine_id)
|
|
680
|
+
snmpuser.destroy
|
|
681
|
+
s = @device.cmd("show run snmp all | in #{name} | no-more")
|
|
682
|
+
line = /snmp-server user #{name} auth \S+ \S+ priv .*\S+ localizedkey engineID #{engine_id}/.match(s)
|
|
683
|
+
assert(line.nil?)
|
|
684
|
+
assert(SnmpUser.users["#{name} #{engine_id}"].nil?)
|
|
685
|
+
end
|
|
686
|
+
|
|
687
|
+
def test_snmpuser_authpassword
|
|
688
|
+
name = "test_authpassword"
|
|
689
|
+
auth_pw = "0x123456"
|
|
690
|
+
snmpuser = SnmpUser.new(name, [""], :md5, auth_pw, :none, "", true, "")
|
|
691
|
+
|
|
692
|
+
pw = snmpuser.auth_password
|
|
693
|
+
assert_equal(auth_pw, pw)
|
|
694
|
+
snmpuser.destroy
|
|
695
|
+
end
|
|
696
|
+
|
|
697
|
+
def test_snmpuser_authpassword_with_engineid
|
|
698
|
+
name = "test_authpassword"
|
|
699
|
+
auth_pw = "0x123456"
|
|
700
|
+
engine_id = "128:12:12:12:12"
|
|
701
|
+
snmpuser = SnmpUser.new(name, [""], :md5, auth_pw, :none, "", true, engine_id)
|
|
702
|
+
|
|
703
|
+
pw = snmpuser.auth_password
|
|
704
|
+
assert_equal(auth_pw, pw)
|
|
705
|
+
snmpuser.destroy
|
|
706
|
+
end
|
|
707
|
+
|
|
708
|
+
def test_snmpuser_privpassword
|
|
709
|
+
name = "test_privpassword"
|
|
710
|
+
priv_password = "0x123456"
|
|
711
|
+
snmpuser = SnmpUser.new(name, [""], :md5, priv_password, :des, priv_password,
|
|
712
|
+
true, "")
|
|
713
|
+
|
|
714
|
+
pw = snmpuser.priv_password
|
|
715
|
+
assert_equal(priv_password, pw)
|
|
716
|
+
snmpuser.destroy
|
|
717
|
+
|
|
718
|
+
snmpuser = SnmpUser.new(name, [""], :md5, priv_password, :aes128, priv_password,
|
|
719
|
+
true, "")
|
|
720
|
+
pw = snmpuser.priv_password
|
|
721
|
+
assert_equal(priv_password, pw)
|
|
722
|
+
snmpuser.destroy
|
|
723
|
+
end
|
|
724
|
+
|
|
725
|
+
def test_snmpuser_privpassword_with_engineid
|
|
726
|
+
name = "test_privpassword"
|
|
727
|
+
priv_password = "0x123456"
|
|
728
|
+
engine_id = "128:12:12:12:12"
|
|
729
|
+
snmpuser = SnmpUser.new(name, [""], :md5, priv_password, :des, priv_password,
|
|
730
|
+
true, engine_id)
|
|
731
|
+
pw = snmpuser.priv_password
|
|
732
|
+
assert_equal(priv_password, pw)
|
|
733
|
+
snmpuser.destroy
|
|
734
|
+
|
|
735
|
+
snmpuser = SnmpUser.new(name, [""], :md5, priv_password, :aes128, priv_password,
|
|
736
|
+
true, "")
|
|
737
|
+
pw = snmpuser.priv_password
|
|
738
|
+
assert_equal(priv_password, pw)
|
|
739
|
+
snmpuser.destroy
|
|
740
|
+
end
|
|
741
|
+
|
|
742
|
+
def test_snmpuser_auth_password_equal_with_engineid
|
|
743
|
+
name = "test_authpass_equal"
|
|
744
|
+
auth_pass = "testpassword"
|
|
745
|
+
engine_id = "128:12:12:12:12"
|
|
746
|
+
|
|
747
|
+
snmpuser = SnmpUser.new(name, [""], :md5, auth_pass, :none, "", false,
|
|
748
|
+
engine_id)
|
|
749
|
+
|
|
750
|
+
assert(snmpuser.auth_password_equal?(auth_pass, false))
|
|
751
|
+
# our api should be able to detect wrong password
|
|
752
|
+
refute(snmpuser.auth_password_equal?("test2468", false))
|
|
753
|
+
snmpuser.destroy
|
|
754
|
+
end
|
|
755
|
+
|
|
756
|
+
def test_snmpuser_priv_password_equal_with_engineid
|
|
757
|
+
name = "test_privpass_equal"
|
|
758
|
+
priv_pass = "testpassword"
|
|
759
|
+
engine_id = "128:12:12:12:12"
|
|
760
|
+
|
|
761
|
+
snmpuser = SnmpUser.new(name, [""], :md5, priv_pass, :des, priv_pass, false,
|
|
762
|
+
engine_id)
|
|
763
|
+
assert(snmpuser.priv_password_equal?(priv_pass, false))
|
|
764
|
+
refute(snmpuser.priv_password_equal?("test2468", false))
|
|
765
|
+
snmpuser.destroy
|
|
766
|
+
|
|
767
|
+
snmpuser = SnmpUser.new(name, [""], :md5, priv_pass, :aes128, priv_pass, false,
|
|
768
|
+
engine_id)
|
|
769
|
+
assert(snmpuser.priv_password_equal?(priv_pass, false))
|
|
770
|
+
refute(false, snmpuser.priv_password_equal?("test2468", false))
|
|
771
|
+
snmpuser.destroy
|
|
772
|
+
end
|
|
773
|
+
|
|
774
|
+
def test_snmpuser_default_groups
|
|
775
|
+
groups = [DEFAULT_SNMP_USER_GROUP_NAME]
|
|
776
|
+
assert_equal(groups, SnmpUser.default_groups(),
|
|
777
|
+
"Error: Wrong default groups")
|
|
778
|
+
end
|
|
779
|
+
|
|
780
|
+
def test_snmpuser_default_auth_protocol
|
|
781
|
+
assert_equal(:md5,
|
|
782
|
+
SnmpUser.default_auth_protocol(),
|
|
783
|
+
"Error: Wrong default auth protocol")
|
|
784
|
+
end
|
|
785
|
+
|
|
786
|
+
def test_snmpuser_default_auth_password
|
|
787
|
+
assert_equal(DEFAULT_SNMP_USER_AUTH_PASSWORD,
|
|
788
|
+
SnmpUser.default_auth_password(),
|
|
789
|
+
"Error: Wrong default auth password")
|
|
790
|
+
end
|
|
791
|
+
|
|
792
|
+
def test_snmpuser_default_priv_protocol
|
|
793
|
+
assert_equal(:des,
|
|
794
|
+
SnmpUser.default_priv_protocol(),
|
|
795
|
+
"Error: Wrong default priv protocol")
|
|
796
|
+
end
|
|
797
|
+
|
|
798
|
+
def test_snmpuser_default_priv_password
|
|
799
|
+
assert_equal(DEFAULT_SNMP_USER_PRIV_PASSWORD,
|
|
800
|
+
SnmpUser.default_priv_password(),
|
|
801
|
+
"Error: Wrong default priv password")
|
|
802
|
+
end
|
|
803
|
+
end
|