cisco_node_utils 1.0.1 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +4 -0
- data/.rubocop.yml +81 -1
- data/.travis.yml +9 -0
- data/CHANGELOG.md +72 -6
- data/CONTRIBUTING.md +32 -7
- data/README.md +70 -7
- data/Rakefile +17 -0
- data/bin/check_metric_limits.rb +109 -0
- data/bin/git/hooks/commit-msg/enforce_style +81 -0
- data/bin/git/hooks/hook_lib +108 -0
- data/bin/git/hooks/hooks-wrapper +38 -0
- data/bin/git/hooks/post-flow-hotfix-start/update-version +24 -0
- data/bin/git/hooks/post-flow-release-finish/update-version +29 -0
- data/bin/git/hooks/post-flow-release-start/update-version +19 -0
- data/bin/git/hooks/post-merge/update-hooks +6 -0
- data/bin/git/hooks/post-rewrite/update-hooks +6 -0
- data/bin/git/hooks/pre-commit/rubocop +20 -0
- data/bin/git/hooks/pre-commit/validate-diffs +31 -0
- data/bin/git/hooks/pre-push/check-changelog +24 -0
- data/bin/git/hooks/pre-push/rubocop +7 -0
- data/bin/git/update-hooks +65 -0
- data/cisco_node_utils.gemspec +9 -3
- data/docs/README-develop-best-practices.md +404 -0
- data/docs/README-develop-node-utils-APIs.md +215 -365
- data/docs/README-maintainers.md +33 -3
- data/docs/template-router.rb +89 -91
- data/docs/template-test_router.rb +52 -55
- data/lib/.rubocop.yml +18 -0
- data/lib/cisco_node_utils.rb +2 -19
- data/lib/cisco_node_utils/README_YAML.md +1 -9
- data/lib/cisco_node_utils/bgp.rb +664 -0
- data/lib/cisco_node_utils/bgp_af.rb +530 -0
- data/lib/cisco_node_utils/bgp_neighbor.rb +425 -0
- data/lib/cisco_node_utils/bgp_neighbor_af.rb +709 -0
- data/lib/cisco_node_utils/cisco_cmn_utils.rb +59 -25
- data/lib/cisco_node_utils/command_reference.rb +72 -74
- data/lib/cisco_node_utils/command_reference_common.yaml +174 -9
- data/lib/cisco_node_utils/command_reference_common_bgp.yaml +535 -0
- data/lib/cisco_node_utils/command_reference_n7k.yaml +4 -0
- data/lib/cisco_node_utils/command_reference_n9k.yaml +0 -9
- data/lib/cisco_node_utils/configparser_lib.rb +152 -147
- data/lib/cisco_node_utils/dns_domain.rb +79 -0
- data/lib/cisco_node_utils/domain_name.rb +71 -0
- data/lib/cisco_node_utils/interface.rb +167 -161
- data/lib/cisco_node_utils/interface_ospf.rb +78 -81
- data/lib/cisco_node_utils/name_server.rb +64 -0
- data/lib/cisco_node_utils/node.rb +154 -198
- data/lib/cisco_node_utils/node_util.rb +61 -0
- data/lib/cisco_node_utils/ntp_config.rb +65 -0
- data/lib/cisco_node_utils/ntp_server.rb +76 -0
- data/lib/cisco_node_utils/platform.rb +174 -165
- data/lib/cisco_node_utils/radius_global.rb +146 -0
- data/lib/cisco_node_utils/radius_server.rb +295 -0
- data/lib/cisco_node_utils/router_ospf.rb +59 -63
- data/lib/cisco_node_utils/router_ospf_vrf.rb +226 -210
- data/lib/cisco_node_utils/snmpcommunity.rb +52 -58
- data/lib/cisco_node_utils/snmpgroup.rb +22 -23
- data/lib/cisco_node_utils/snmpserver.rb +99 -103
- data/lib/cisco_node_utils/snmpuser.rb +294 -274
- data/lib/cisco_node_utils/syslog_server.rb +92 -0
- data/lib/cisco_node_utils/syslog_settings.rb +69 -0
- data/lib/cisco_node_utils/tacacs_server.rb +137 -133
- data/lib/cisco_node_utils/tacacs_server_host.rb +84 -87
- data/lib/cisco_node_utils/version.rb +2 -1
- data/lib/cisco_node_utils/vlan.rb +28 -31
- data/lib/cisco_node_utils/vrf.rb +80 -0
- data/lib/cisco_node_utils/vtp.rb +100 -97
- data/lib/cisco_node_utils/yum.rb +15 -17
- data/tests/.rubocop.yml +15 -0
- data/tests/basetest.rb +81 -36
- data/tests/ciscotest.rb +38 -78
- data/{lib/cisco_node_utils → tests}/platform_info.rb +12 -8
- data/{lib/cisco_node_utils → tests}/platform_info.yaml +1 -1
- data/tests/test_bgp_af.rb +920 -0
- data/tests/test_bgp_neighbor.rb +403 -0
- data/tests/test_bgp_neighbor_af.rb +589 -0
- data/tests/test_command_config.rb +65 -62
- data/tests/test_command_reference.rb +31 -45
- data/tests/test_dns_domain.rb +113 -0
- data/tests/test_domain_name.rb +86 -0
- data/tests/test_interface.rb +424 -548
- data/tests/test_interface_ospf.rb +248 -432
- data/tests/test_interface_svi.rb +56 -79
- data/tests/test_interface_switchport.rb +196 -272
- data/tests/test_name_server.rb +85 -0
- data/tests/test_node.rb +7 -6
- data/tests/test_node_ext.rb +133 -186
- data/tests/test_ntp_config.rb +49 -0
- data/tests/test_ntp_server.rb +74 -0
- data/tests/test_platform.rb +58 -37
- data/tests/test_radius_global.rb +78 -0
- data/tests/test_radius_server.rb +185 -0
- data/tests/test_router_bgp.rb +838 -0
- data/tests/test_router_ospf.rb +49 -80
- data/tests/test_router_ospf_vrf.rb +274 -392
- data/tests/test_snmpcommunity.rb +128 -172
- data/tests/test_snmpgroup.rb +12 -14
- data/tests/test_snmpserver.rb +160 -189
- data/tests/test_snmpuser.rb +568 -717
- data/tests/test_syslog_server.rb +88 -0
- data/tests/test_syslog_settings.rb +54 -0
- data/tests/test_tacacs_server.rb +113 -148
- data/tests/test_tacacs_server_host.rb +108 -161
- data/tests/test_vlan.rb +63 -79
- data/tests/test_vrf.rb +92 -0
- data/tests/test_vtp.rb +108 -126
- data/tests/test_yum.rb +47 -41
- metadata +92 -56
- data/.rubocop_todo.yml +0 -293
- data/docs/.rubocop.yml +0 -13
- data/docs/template-feature.rb +0 -45
- data/docs/template-test_feature.rb +0 -51
- data/tests/test_all_cisco.rb +0 -46
data/tests/test_snmpuser.rb
CHANGED
|
@@ -12,792 +12,643 @@
|
|
|
12
12
|
# See the License for the specific language governing permissions and
|
|
13
13
|
# limitations under the License.
|
|
14
14
|
|
|
15
|
-
|
|
16
|
-
|
|
15
|
+
require_relative 'ciscotest'
|
|
16
|
+
require_relative '../lib/cisco_node_utils/snmpuser'
|
|
17
17
|
|
|
18
|
-
DEFAULT_SNMP_USER_AUTH_PASSWORD =
|
|
19
|
-
DEFAULT_SNMP_USER_PRIV_PASSWORD =
|
|
20
|
-
DEFAULT_SNMP_USER_GROUP_NAME =
|
|
18
|
+
DEFAULT_SNMP_USER_AUTH_PASSWORD = ''
|
|
19
|
+
DEFAULT_SNMP_USER_PRIV_PASSWORD = ''
|
|
20
|
+
DEFAULT_SNMP_USER_GROUP_NAME = 'network-operator'
|
|
21
21
|
|
|
22
|
+
# TestSnmpUser - Minitest for SnmpUser node utility class
|
|
22
23
|
class TestSnmpUser < CiscoTestCase
|
|
24
|
+
@@existing_users = nil # rubocop:disable Style/ClassVars
|
|
25
|
+
|
|
26
|
+
def setup
|
|
27
|
+
super
|
|
28
|
+
@test_users = []
|
|
29
|
+
# Get the list of users that exist on the node when we first begin
|
|
30
|
+
@@existing_users ||= SnmpUser.users.keys # rubocop:disable Style/ClassVars
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def create_user(name, opts='')
|
|
34
|
+
config("snmp-server user #{name} #{opts}")
|
|
35
|
+
@test_users.push(name)
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def destroy_user(user)
|
|
39
|
+
@test_users.delete(user.name)
|
|
40
|
+
user.destroy
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def teardown
|
|
44
|
+
unless @test_users.empty?
|
|
45
|
+
cfg = @test_users.collect { |name| "no snmp-server user #{name}" }
|
|
46
|
+
config(*cfg)
|
|
47
|
+
end
|
|
48
|
+
super
|
|
49
|
+
delta = SnmpUser.users.keys - @@existing_users
|
|
50
|
+
# User deletion can take some time, for some reason
|
|
51
|
+
unless delta.empty?
|
|
52
|
+
sleep(5)
|
|
53
|
+
node.cache_flush
|
|
54
|
+
delta = SnmpUser.users.keys - @@existing_users
|
|
55
|
+
end
|
|
56
|
+
@@existing_users = SnmpUser.users.keys # rubocop:disable Style/ClassVars
|
|
57
|
+
assert_empty(delta, 'Users not deleted after test!')
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def user_pat(name, group='network-admin')
|
|
61
|
+
group ? /snmp-server user #{name} #{group}/ : /snmp-server user #{name}/
|
|
62
|
+
end
|
|
63
|
+
|
|
23
64
|
## test cases starts here
|
|
24
65
|
|
|
25
66
|
def test_snmpuser_collection_not_empty
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
# flush cache
|
|
30
|
-
node.cache_flush
|
|
31
|
-
snmpusers = SnmpUser.users()
|
|
32
|
-
assert_equal(false, snmpusers.empty?(),
|
|
33
|
-
"SnmpUser collection is empty")
|
|
34
|
-
s = @device.cmd("conf t")
|
|
35
|
-
s = @device.cmd("no snmp-server user tester")
|
|
36
|
-
s = @device.cmd("end")
|
|
37
|
-
node.cache_flush
|
|
67
|
+
create_user('tester')
|
|
68
|
+
refute_empty(SnmpUser.users,
|
|
69
|
+
'SnmpUser collection is empty')
|
|
38
70
|
end
|
|
39
71
|
|
|
40
|
-
def
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
}
|
|
58
|
-
end
|
|
59
|
-
|
|
60
|
-
def test_snmpuser_create_name_empty
|
|
61
|
-
name = ""
|
|
62
|
-
groups = []
|
|
63
|
-
groups << "network-admin"
|
|
64
|
-
assert_raises(ArgumentError) do
|
|
65
|
-
snmpuser = SnmpUser.new(name,
|
|
66
|
-
groups,
|
|
67
|
-
:none, "",
|
|
68
|
-
:none, "",
|
|
69
|
-
false,
|
|
70
|
-
"")
|
|
72
|
+
def test_snmpuser_create_invalid_args
|
|
73
|
+
args_list = [
|
|
74
|
+
['Empty name',
|
|
75
|
+
['', ['network-admin'],
|
|
76
|
+
:none, '', :none, '', false, ''],
|
|
77
|
+
],
|
|
78
|
+
['Auth password but no authproto',
|
|
79
|
+
['userv3testUnknownAuth', ['network-admin'],
|
|
80
|
+
:none, 'test12345', :none, '', false, ''],
|
|
81
|
+
],
|
|
82
|
+
['Priv password but no privproto',
|
|
83
|
+
['userv3testUnknownPriv', ['network-admin'],
|
|
84
|
+
:sha, 'test12345', :none, 'test12345', false, ''],
|
|
85
|
+
],
|
|
86
|
+
]
|
|
87
|
+
args_list.each do |msg, args|
|
|
88
|
+
assert_raises(ArgumentError, msg) { SnmpUser.new(*args) }
|
|
71
89
|
end
|
|
72
90
|
end
|
|
73
91
|
|
|
74
|
-
def
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
92
|
+
def test_snmpuser_create_invalid_cli
|
|
93
|
+
args_list = [
|
|
94
|
+
['Cleartext password with localized key',
|
|
95
|
+
['userv3testauthsha1', ['network-admin'],
|
|
96
|
+
:sha, 'test123456', :none, '', true, # localized key
|
|
97
|
+
''],
|
|
98
|
+
],
|
|
99
|
+
['NX-OS Password must be at least 8 characters',
|
|
100
|
+
['userv3testauthsha2', ['network-admin'],
|
|
101
|
+
:sha, 'test', :none, '', false, ''],
|
|
102
|
+
],
|
|
103
|
+
['Invalid group name',
|
|
104
|
+
['userv3test', ['network-admin123'],
|
|
105
|
+
:none, '', :none, '', false, ''],
|
|
106
|
+
],
|
|
107
|
+
]
|
|
108
|
+
args_list.each do |msg, args|
|
|
109
|
+
assert_raises(CliError, msg) { SnmpUser.new(*args) }
|
|
110
|
+
end
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
def test_engine_id_valid_and_none
|
|
114
|
+
create_user('tester', 'auth sha password engineID 22:22:22:22:23:22')
|
|
115
|
+
create_user('tester2')
|
|
116
|
+
|
|
117
|
+
snmpusers = SnmpUser.users
|
|
118
|
+
|
|
119
|
+
found_tester = false
|
|
120
|
+
found_tester2 = false
|
|
121
|
+
snmpusers.each_value do |snmpuser|
|
|
122
|
+
if snmpuser.name == 'tester'
|
|
123
|
+
assert_equal('22:22:22:22:23:22', snmpuser.engine_id)
|
|
124
|
+
destroy_user(snmpuser)
|
|
125
|
+
found_tester = true
|
|
126
|
+
elsif snmpuser.name == 'tester2'
|
|
127
|
+
assert_equal('', snmpuser.engine_id)
|
|
128
|
+
destroy_user(snmpuser)
|
|
129
|
+
found_tester2 = true
|
|
130
|
+
end
|
|
85
131
|
end
|
|
132
|
+
assert(found_tester)
|
|
133
|
+
assert(found_tester2)
|
|
86
134
|
end
|
|
87
135
|
|
|
88
136
|
def test_snmpuser_create_with_single_group_noauth_nopriv
|
|
89
|
-
name =
|
|
90
|
-
groups = []
|
|
91
|
-
groups << "network-admin"
|
|
137
|
+
name = 'userv3test2'
|
|
138
|
+
groups = ['network-admin']
|
|
92
139
|
snmpuser = SnmpUser.new(name,
|
|
93
140
|
groups,
|
|
94
|
-
:none,
|
|
95
|
-
:none,
|
|
141
|
+
:none, '',
|
|
142
|
+
:none, '',
|
|
96
143
|
false,
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
# puts "line: #{line}"
|
|
101
|
-
refute(line.nil?)
|
|
144
|
+
'')
|
|
145
|
+
assert_show_match(pattern: user_pat(name),
|
|
146
|
+
command: 'show run snmp all | no-more')
|
|
102
147
|
snmpuser.destroy
|
|
103
148
|
end
|
|
104
149
|
|
|
105
150
|
def test_snmpuser_create_with_multi_group_noauth_nopriv
|
|
106
|
-
name =
|
|
107
|
-
groups = []
|
|
108
|
-
groups << "network-admin"
|
|
109
|
-
groups << "vdc-admin"
|
|
151
|
+
name = 'userv3test3'
|
|
152
|
+
groups = ['network-admin', 'vdc-admin']
|
|
110
153
|
snmpuser = SnmpUser.new(name,
|
|
111
154
|
groups,
|
|
112
|
-
:none,
|
|
113
|
-
:none,
|
|
155
|
+
:none, '',
|
|
156
|
+
:none, '',
|
|
114
157
|
false,
|
|
115
|
-
|
|
116
|
-
s = @device.cmd(
|
|
117
|
-
groups.each do |
|
|
118
|
-
|
|
119
|
-
# puts "line: #{line}"
|
|
120
|
-
refute(line.nil?)
|
|
158
|
+
'')
|
|
159
|
+
s = @device.cmd('show run snmp all | no-more')
|
|
160
|
+
groups.each do |group|
|
|
161
|
+
assert_match(user_pat(name, group), s)
|
|
121
162
|
end
|
|
122
163
|
snmpuser.destroy
|
|
123
164
|
end
|
|
124
165
|
|
|
125
166
|
def test_snmpuser_destroy
|
|
126
|
-
name =
|
|
127
|
-
group =
|
|
128
|
-
|
|
129
|
-
s = @device.cmd("snmp-server user #{name} #{group}")
|
|
130
|
-
s = @device.cmd("end")
|
|
131
|
-
node.cache_flush
|
|
132
|
-
|
|
133
|
-
node.cache_flush
|
|
167
|
+
name = 'userv3testdestroy'
|
|
168
|
+
group = 'network-operator'
|
|
169
|
+
create_user(name, group)
|
|
134
170
|
|
|
135
171
|
# get user
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
assert(snmpuser.engine_id.empty?)
|
|
142
|
-
# destroy the user
|
|
143
|
-
snmpuser.destroy
|
|
144
|
-
break
|
|
145
|
-
end
|
|
146
|
-
end
|
|
172
|
+
snmpuser = SnmpUser.users[name]
|
|
173
|
+
assert_equal(snmpuser.name, name)
|
|
174
|
+
assert_empty(snmpuser.engine_id)
|
|
175
|
+
# destroy the user
|
|
176
|
+
destroy_user(snmpuser)
|
|
147
177
|
# check user got removed.
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
assert(SnmpUser.users[name].nil?)
|
|
178
|
+
refute_show_match(command: 'show run snmp all | no-more',
|
|
179
|
+
pattern: user_pat(name, group))
|
|
180
|
+
assert_nil(SnmpUser.users[name])
|
|
152
181
|
end
|
|
153
182
|
|
|
154
183
|
def test_snmpuser_auth_password_equal_invalid_param
|
|
155
|
-
name =
|
|
156
|
-
auth_pw =
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
s = @device.cmd("end")
|
|
160
|
-
|
|
161
|
-
# flush cache
|
|
162
|
-
node.cache_flush
|
|
184
|
+
name = 'testV3PwEqualInvalid'
|
|
185
|
+
auth_pw = 'test1234567'
|
|
186
|
+
create_user(name, "network-admin auth md5 #{auth_pw}")
|
|
187
|
+
|
|
163
188
|
# get users
|
|
164
|
-
|
|
165
|
-
s = @device.cmd("show snmp user | no-more")
|
|
166
|
-
snmpusers.each do |key, snmpuser|
|
|
167
|
-
refute(snmpuser.auth_password_equal?("", false)) if key == name
|
|
168
|
-
end
|
|
169
|
-
# unconfigure
|
|
170
|
-
s = @device.cmd("configure terminal")
|
|
171
|
-
s = @device.cmd("no snmp-server user #{name}")
|
|
172
|
-
s = @device.cmd("end")
|
|
173
|
-
node.cache_flush
|
|
189
|
+
refute(SnmpUser.users[name].auth_password_equal?('', false))
|
|
174
190
|
end
|
|
175
191
|
|
|
176
192
|
def test_snmpuser_auth_priv_password_equal_invalid_param
|
|
177
|
-
name =
|
|
178
|
-
auth_pw =
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
s = @device.cmd("end")
|
|
182
|
-
|
|
183
|
-
# flush cache
|
|
184
|
-
node.cache_flush
|
|
193
|
+
name = 'testV3PwEqualInvalid'
|
|
194
|
+
auth_pw = 'test1234567'
|
|
195
|
+
create_user(name, "network-admin auth md5 #{auth_pw} priv #{auth_pw}")
|
|
196
|
+
|
|
185
197
|
# get users
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
refute(snmpuser.auth_password_equal?("", false))
|
|
190
|
-
refute(snmpuser.priv_password_equal?("", false))
|
|
191
|
-
end
|
|
192
|
-
end
|
|
193
|
-
# unconfigure
|
|
194
|
-
s = @device.cmd("configure terminal")
|
|
195
|
-
s = @device.cmd("no snmp-server user #{name}")
|
|
196
|
-
s = @device.cmd("end")
|
|
197
|
-
node.cache_flush
|
|
198
|
+
snmpuser = SnmpUser.users[name]
|
|
199
|
+
refute(snmpuser.auth_password_equal?('', false))
|
|
200
|
+
refute(snmpuser.priv_password_equal?('', false))
|
|
198
201
|
end
|
|
199
202
|
|
|
200
203
|
def test_snmpuser_auth_password_equal_priv_invalid_param
|
|
201
|
-
name =
|
|
202
|
-
auth_pw =
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
s = @device.cmd("end")
|
|
206
|
-
|
|
207
|
-
# flush cache
|
|
208
|
-
node.cache_flush
|
|
204
|
+
name = 'testV3PwEqualInvalid'
|
|
205
|
+
auth_pw = 'test1234567'
|
|
206
|
+
create_user(name, "network-operator auth md5 #{auth_pw} priv #{auth_pw}")
|
|
207
|
+
|
|
209
208
|
# get users
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
assert(snmpuser.auth_password_equal?(auth_pw, false))
|
|
214
|
-
refute(snmpuser.priv_password_equal?("", false))
|
|
215
|
-
end
|
|
216
|
-
end
|
|
217
|
-
# unconfigure
|
|
218
|
-
s = @device.cmd("configure terminal")
|
|
219
|
-
s = @device.cmd("no snmp-server user #{name}")
|
|
220
|
-
s = @device.cmd("end")
|
|
221
|
-
node.cache_flush
|
|
209
|
+
snmpuser = SnmpUser.users[name]
|
|
210
|
+
assert(snmpuser.auth_password_equal?(auth_pw, false))
|
|
211
|
+
refute(snmpuser.priv_password_equal?('', false))
|
|
222
212
|
end
|
|
223
213
|
|
|
224
214
|
def test_snmpuser_auth_password_not_equal
|
|
225
|
-
name =
|
|
226
|
-
auth_pw =
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
s = @device.cmd("end")
|
|
230
|
-
|
|
231
|
-
# flush cache
|
|
232
|
-
node.cache_flush
|
|
215
|
+
name = 'testV3PwEqual'
|
|
216
|
+
auth_pw = 'test1234567'
|
|
217
|
+
create_user(name, "network-admin auth md5 #{auth_pw}")
|
|
218
|
+
|
|
233
219
|
# get users
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
refute(snmpuser.auth_password_equal?("test12345", false)) if key == name
|
|
237
|
-
end
|
|
238
|
-
s = @device.cmd("configure terminal")
|
|
239
|
-
s = @device.cmd("no snmp-server user #{name}")
|
|
240
|
-
s = @device.cmd("end")
|
|
241
|
-
node.cache_flush
|
|
220
|
+
snmpuser = SnmpUser.users[name]
|
|
221
|
+
refute(snmpuser.auth_password_equal?('test12345', false))
|
|
242
222
|
end
|
|
243
223
|
|
|
244
224
|
def test_snmpuser_auth_password_equal
|
|
245
|
-
name =
|
|
246
|
-
auth_pw =
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
s = @device.cmd("end")
|
|
250
|
-
|
|
251
|
-
# flush cache
|
|
252
|
-
node.cache_flush
|
|
225
|
+
name = 'testV3PwEqual'
|
|
226
|
+
auth_pw = 'test1234567'
|
|
227
|
+
create_user(name, "network-admin auth md5 #{auth_pw}")
|
|
228
|
+
|
|
253
229
|
# get users
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
name = "testV3ClearPwLocalFalse"
|
|
266
|
-
auth_pw = "test123456"
|
|
267
|
-
groups = []
|
|
268
|
-
groups << "network-admin"
|
|
269
|
-
assert_raises(CliError) do
|
|
270
|
-
snmpuser = SnmpUser.new(name,
|
|
271
|
-
groups,
|
|
272
|
-
:sha, auth_pw,
|
|
273
|
-
:none, "",
|
|
274
|
-
true,
|
|
275
|
-
"")
|
|
276
|
-
end
|
|
230
|
+
assert(SnmpUser.users[name].auth_password_equal?(auth_pw, false))
|
|
231
|
+
end
|
|
232
|
+
|
|
233
|
+
def test_snmpuser_auth_priv_password_equal_empty
|
|
234
|
+
name = 'testV3PwEmpty'
|
|
235
|
+
create_user(name, 'network-admin')
|
|
236
|
+
# nil and "" are treated interchangeably
|
|
237
|
+
assert(SnmpUser.users[name].auth_password_equal?('', false))
|
|
238
|
+
assert(SnmpUser.users[name].priv_password_equal?('', false))
|
|
239
|
+
assert(SnmpUser.users[name].auth_password_equal?(nil, false))
|
|
240
|
+
assert(SnmpUser.users[name].priv_password_equal?(nil, false))
|
|
277
241
|
end
|
|
278
242
|
|
|
279
243
|
def test_snmpuser_auth_password_equal_localizedkey
|
|
280
|
-
name =
|
|
281
|
-
auth_pw =
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
s = @device.cmd("end")
|
|
285
|
-
|
|
286
|
-
# flush cache
|
|
287
|
-
node.cache_flush
|
|
244
|
+
name = 'testV3PwEqual'
|
|
245
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
246
|
+
create_user(name, "network-admin auth md5 #{auth_pw} localizedkey")
|
|
247
|
+
|
|
288
248
|
# get users
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
# we should verify that if we give a wrong password, the api will return false
|
|
294
|
-
refute(snmpuser.auth_password_equal?("0xfe6c", true))
|
|
295
|
-
end
|
|
296
|
-
end
|
|
297
|
-
s = @device.cmd("configure terminal")
|
|
298
|
-
s = @device.cmd("no snmp-server user #{name}")
|
|
299
|
-
s = @device.cmd("end")
|
|
300
|
-
node.cache_flush
|
|
249
|
+
snmpuser = SnmpUser.users[name]
|
|
250
|
+
assert(snmpuser.auth_password_equal?(auth_pw, true))
|
|
251
|
+
# verify that if we give a wrong password, the api will return false
|
|
252
|
+
refute(snmpuser.auth_password_equal?('0xfe6c', true))
|
|
301
253
|
end
|
|
302
254
|
|
|
303
255
|
def test_snmpuser_auth_priv_password_equal_localizedkey
|
|
304
|
-
name =
|
|
305
|
-
auth_pw =
|
|
306
|
-
priv_pw =
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
|
|
310
|
-
|
|
311
|
-
# flush cache
|
|
312
|
-
node.cache_flush
|
|
256
|
+
name = 'testV3PwEqual'
|
|
257
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
258
|
+
priv_pw = '0x29916eac22d90362598abef1b9045018'
|
|
259
|
+
create_user(name, "network-admin auth md5 #{auth_pw} " \
|
|
260
|
+
"priv aes-128 #{priv_pw} localizedkey")
|
|
261
|
+
|
|
313
262
|
# get users
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
assert(snmpuser.priv_password_equal?(priv_pw, true))
|
|
319
|
-
refute(snmpuser.priv_password_equal?("0x2291", true))
|
|
320
|
-
end
|
|
321
|
-
end
|
|
322
|
-
s = @device.cmd("configure terminal")
|
|
323
|
-
s = @device.cmd("no snmp-server user #{name}")
|
|
324
|
-
s = @device.cmd("end")
|
|
325
|
-
node.cache_flush
|
|
263
|
+
snmpuser = SnmpUser.users[name]
|
|
264
|
+
assert(snmpuser.auth_password_equal?(auth_pw, true))
|
|
265
|
+
assert(snmpuser.priv_password_equal?(priv_pw, true))
|
|
266
|
+
refute(snmpuser.priv_password_equal?('0x2291', true))
|
|
326
267
|
end
|
|
327
268
|
|
|
328
269
|
def test_snmpuser_auth_priv_des_password_equal
|
|
329
|
-
name =
|
|
330
|
-
auth_pw =
|
|
331
|
-
priv_pw =
|
|
332
|
-
|
|
333
|
-
s = @device.cmd("snmp-server user #{name} network-operator auth md5 #{auth_pw} priv #{priv_pw}")
|
|
334
|
-
s = @device.cmd("end")
|
|
335
|
-
|
|
336
|
-
# flush cache
|
|
337
|
-
node.cache_flush
|
|
338
|
-
# get users
|
|
339
|
-
snmpusers = SnmpUser.users()
|
|
340
|
-
s = @device.cmd("show snmp user | no-more")
|
|
341
|
-
snmpusers.each do |key, snmpuser|
|
|
342
|
-
if key == name
|
|
343
|
-
assert(snmpuser.auth_password_equal?(auth_pw, false))
|
|
344
|
-
assert(snmpuser.priv_password_equal?(priv_pw, false))
|
|
345
|
-
end
|
|
346
|
-
end
|
|
347
|
-
s = @device.cmd("configure terminal")
|
|
348
|
-
s = @device.cmd("no snmp-server user #{name}")
|
|
349
|
-
s = @device.cmd("end")
|
|
350
|
-
node.cache_flush
|
|
351
|
-
end
|
|
352
|
-
|
|
353
|
-
def test_snmpuser_create_with_single_group_unknown_auth_nopriv
|
|
354
|
-
name = "userv3testUnknownAuth"
|
|
355
|
-
groups = []
|
|
356
|
-
groups << "network-admin"
|
|
357
|
-
assert_raises(ArgumentError) do
|
|
358
|
-
snmpuser = SnmpUser.new(name,
|
|
359
|
-
groups,
|
|
360
|
-
:none, "test12345",
|
|
361
|
-
:none, "",
|
|
362
|
-
false,
|
|
363
|
-
"")
|
|
364
|
-
end
|
|
365
|
-
end
|
|
270
|
+
name = 'testV3PwEqual'
|
|
271
|
+
auth_pw = 'test1234567'
|
|
272
|
+
priv_pw = 'testdes1234'
|
|
273
|
+
create_user(name, "network-operator auth md5 #{auth_pw} priv #{priv_pw}")
|
|
366
274
|
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
assert_raises(ArgumentError) do
|
|
372
|
-
snmpuser = SnmpUser.new(name,
|
|
373
|
-
groups,
|
|
374
|
-
:sha, "test12345",
|
|
375
|
-
:none, "test12345",
|
|
376
|
-
false,
|
|
377
|
-
"")
|
|
378
|
-
end
|
|
275
|
+
# get users
|
|
276
|
+
snmpuser = SnmpUser.users[name]
|
|
277
|
+
assert(snmpuser.auth_password_equal?(auth_pw, false))
|
|
278
|
+
assert(snmpuser.priv_password_equal?(priv_pw, false))
|
|
379
279
|
end
|
|
380
280
|
|
|
381
281
|
def test_snmpuser_create_with_single_group_auth_md5_nopriv
|
|
382
|
-
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
refute(line.nil?)
|
|
396
|
-
snmpuser.destroy
|
|
282
|
+
name = 'userv3test5'
|
|
283
|
+
groups = ['network-admin']
|
|
284
|
+
auth_pw = 'test1234567'
|
|
285
|
+
snmpuser = SnmpUser.new(name,
|
|
286
|
+
groups,
|
|
287
|
+
:md5, auth_pw,
|
|
288
|
+
:none, '',
|
|
289
|
+
false, # clear text
|
|
290
|
+
'')
|
|
291
|
+
assert_show_match(
|
|
292
|
+
pattern: /#{user_pat(name)} auth md5 \S+ localizedkey/,
|
|
293
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
294
|
+
snmpuser.destroy
|
|
397
295
|
end
|
|
398
296
|
|
|
399
297
|
def test_snmpuser_create_with_single_group_auth_md5_nopriv_pw_localized
|
|
400
|
-
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
418
|
-
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
|
|
429
|
-
|
|
430
|
-
|
|
431
|
-
|
|
432
|
-
|
|
433
|
-
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
438
|
-
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
|
|
443
|
-
|
|
444
|
-
|
|
445
|
-
|
|
446
|
-
|
|
447
|
-
|
|
448
|
-
|
|
449
|
-
|
|
450
|
-
|
|
451
|
-
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
|
|
458
|
-
|
|
459
|
-
|
|
460
|
-
|
|
461
|
-
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
475
|
-
|
|
476
|
-
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
|
|
480
|
-
|
|
481
|
-
|
|
482
|
-
|
|
483
|
-
|
|
484
|
-
|
|
485
|
-
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
490
|
-
|
|
491
|
-
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
|
|
495
|
-
|
|
496
|
-
|
|
497
|
-
|
|
498
|
-
|
|
499
|
-
|
|
500
|
-
|
|
501
|
-
|
|
502
|
-
|
|
503
|
-
|
|
504
|
-
|
|
505
|
-
|
|
506
|
-
|
|
507
|
-
|
|
508
|
-
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
512
|
-
|
|
513
|
-
|
|
514
|
-
|
|
515
|
-
|
|
516
|
-
|
|
517
|
-
|
|
518
|
-
|
|
519
|
-
|
|
520
|
-
|
|
521
|
-
|
|
522
|
-
|
|
523
|
-
|
|
524
|
-
|
|
525
|
-
|
|
526
|
-
|
|
527
|
-
|
|
528
|
-
|
|
529
|
-
|
|
530
|
-
|
|
531
|
-
|
|
532
|
-
|
|
533
|
-
|
|
534
|
-
|
|
535
|
-
|
|
536
|
-
|
|
537
|
-
|
|
538
|
-
|
|
539
|
-
|
|
540
|
-
|
|
541
|
-
|
|
542
|
-
|
|
543
|
-
|
|
544
|
-
|
|
545
|
-
|
|
546
|
-
|
|
547
|
-
|
|
548
|
-
|
|
549
|
-
|
|
550
|
-
|
|
551
|
-
|
|
552
|
-
|
|
553
|
-
|
|
554
|
-
|
|
555
|
-
|
|
556
|
-
|
|
557
|
-
|
|
558
|
-
|
|
559
|
-
|
|
560
|
-
|
|
561
|
-
|
|
562
|
-
|
|
563
|
-
|
|
564
|
-
|
|
565
|
-
|
|
566
|
-
|
|
567
|
-
|
|
568
|
-
|
|
569
|
-
|
|
570
|
-
|
|
571
|
-
|
|
572
|
-
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
576
|
-
|
|
577
|
-
|
|
578
|
-
|
|
579
|
-
|
|
580
|
-
|
|
581
|
-
|
|
582
|
-
|
|
583
|
-
|
|
584
|
-
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
|
|
597
|
-
|
|
598
|
-
|
|
599
|
-
|
|
600
|
-
|
|
601
|
-
|
|
602
|
-
|
|
603
|
-
|
|
604
|
-
|
|
605
|
-
|
|
606
|
-
|
|
607
|
-
|
|
608
|
-
|
|
609
|
-
|
|
610
|
-
|
|
611
|
-
|
|
612
|
-
|
|
613
|
-
|
|
614
|
-
|
|
615
|
-
|
|
616
|
-
|
|
617
|
-
|
|
618
|
-
|
|
619
|
-
|
|
620
|
-
|
|
621
|
-
|
|
622
|
-
|
|
623
|
-
|
|
624
|
-
|
|
625
|
-
|
|
626
|
-
|
|
627
|
-
|
|
628
|
-
|
|
629
|
-
|
|
630
|
-
|
|
631
|
-
|
|
632
|
-
|
|
633
|
-
|
|
634
|
-
|
|
635
|
-
|
|
636
|
-
|
|
637
|
-
|
|
638
|
-
|
|
639
|
-
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
|
|
643
|
-
|
|
644
|
-
|
|
645
|
-
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
|
|
654
|
-
|
|
655
|
-
|
|
656
|
-
|
|
657
|
-
|
|
658
|
-
|
|
659
|
-
|
|
660
|
-
|
|
661
|
-
|
|
662
|
-
|
|
663
|
-
|
|
664
|
-
|
|
665
|
-
|
|
666
|
-
|
|
667
|
-
|
|
668
|
-
|
|
669
|
-
|
|
670
|
-
|
|
671
|
-
|
|
672
|
-
|
|
673
|
-
|
|
674
|
-
|
|
675
|
-
|
|
676
|
-
|
|
677
|
-
|
|
678
|
-
|
|
679
|
-
|
|
680
|
-
|
|
681
|
-
|
|
682
|
-
|
|
683
|
-
|
|
684
|
-
|
|
685
|
-
|
|
686
|
-
|
|
687
|
-
|
|
688
|
-
|
|
689
|
-
|
|
690
|
-
|
|
691
|
-
|
|
692
|
-
|
|
693
|
-
|
|
694
|
-
|
|
695
|
-
|
|
696
|
-
|
|
697
|
-
|
|
698
|
-
|
|
699
|
-
|
|
700
|
-
|
|
701
|
-
|
|
702
|
-
|
|
703
|
-
|
|
704
|
-
|
|
705
|
-
|
|
706
|
-
|
|
707
|
-
|
|
708
|
-
|
|
709
|
-
|
|
710
|
-
|
|
711
|
-
|
|
712
|
-
|
|
713
|
-
|
|
714
|
-
|
|
715
|
-
|
|
716
|
-
|
|
717
|
-
|
|
718
|
-
|
|
719
|
-
|
|
720
|
-
|
|
721
|
-
|
|
722
|
-
|
|
723
|
-
|
|
724
|
-
|
|
725
|
-
|
|
726
|
-
|
|
727
|
-
|
|
728
|
-
|
|
729
|
-
|
|
730
|
-
|
|
731
|
-
|
|
732
|
-
|
|
733
|
-
|
|
734
|
-
|
|
735
|
-
|
|
736
|
-
|
|
737
|
-
|
|
738
|
-
|
|
739
|
-
|
|
740
|
-
|
|
741
|
-
|
|
742
|
-
|
|
743
|
-
|
|
744
|
-
|
|
745
|
-
|
|
746
|
-
|
|
747
|
-
|
|
748
|
-
|
|
749
|
-
|
|
750
|
-
|
|
751
|
-
|
|
752
|
-
|
|
753
|
-
|
|
754
|
-
|
|
755
|
-
|
|
756
|
-
def test_snmpuser_priv_password_equal_with_engineid
|
|
757
|
-
name = "test_privpass_equal"
|
|
758
|
-
priv_pass = "testpassword"
|
|
759
|
-
engine_id = "128:12:12:12:12"
|
|
760
|
-
|
|
761
|
-
snmpuser = SnmpUser.new(name, [""], :md5, priv_pass, :des, priv_pass, false,
|
|
762
|
-
engine_id)
|
|
763
|
-
assert(snmpuser.priv_password_equal?(priv_pass, false))
|
|
764
|
-
refute(snmpuser.priv_password_equal?("test2468", false))
|
|
765
|
-
snmpuser.destroy
|
|
766
|
-
|
|
767
|
-
snmpuser = SnmpUser.new(name, [""], :md5, priv_pass, :aes128, priv_pass, false,
|
|
768
|
-
engine_id)
|
|
769
|
-
assert(snmpuser.priv_password_equal?(priv_pass, false))
|
|
770
|
-
refute(false, snmpuser.priv_password_equal?("test2468", false))
|
|
771
|
-
snmpuser.destroy
|
|
772
|
-
end
|
|
773
|
-
|
|
774
|
-
def test_snmpuser_default_groups
|
|
775
|
-
groups = [DEFAULT_SNMP_USER_GROUP_NAME]
|
|
776
|
-
assert_equal(groups, SnmpUser.default_groups(),
|
|
777
|
-
"Error: Wrong default groups")
|
|
778
|
-
end
|
|
779
|
-
|
|
780
|
-
def test_snmpuser_default_auth_protocol
|
|
781
|
-
assert_equal(:md5,
|
|
782
|
-
SnmpUser.default_auth_protocol(),
|
|
783
|
-
"Error: Wrong default auth protocol")
|
|
784
|
-
end
|
|
785
|
-
|
|
786
|
-
def test_snmpuser_default_auth_password
|
|
787
|
-
assert_equal(DEFAULT_SNMP_USER_AUTH_PASSWORD,
|
|
788
|
-
SnmpUser.default_auth_password(),
|
|
789
|
-
"Error: Wrong default auth password")
|
|
790
|
-
end
|
|
791
|
-
|
|
792
|
-
def test_snmpuser_default_priv_protocol
|
|
793
|
-
assert_equal(:des,
|
|
794
|
-
SnmpUser.default_priv_protocol(),
|
|
795
|
-
"Error: Wrong default priv protocol")
|
|
796
|
-
end
|
|
797
|
-
|
|
798
|
-
def test_snmpuser_default_priv_password
|
|
799
|
-
assert_equal(DEFAULT_SNMP_USER_PRIV_PASSWORD,
|
|
800
|
-
SnmpUser.default_priv_password(),
|
|
801
|
-
"Error: Wrong default priv password")
|
|
802
|
-
end
|
|
298
|
+
name = 'userv3testauth'
|
|
299
|
+
groups = ['network-admin']
|
|
300
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
301
|
+
snmpuser = SnmpUser.new(name,
|
|
302
|
+
groups,
|
|
303
|
+
:md5, auth_pw,
|
|
304
|
+
:none, '',
|
|
305
|
+
true, # localized
|
|
306
|
+
'')
|
|
307
|
+
assert_equal(snmpuser.name, name)
|
|
308
|
+
assert_empty(snmpuser.engine_id)
|
|
309
|
+
assert_show_match(
|
|
310
|
+
pattern: /#{user_pat(name)} auth md5 #{auth_pw} localizedkey/,
|
|
311
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
312
|
+
snmpuser.destroy
|
|
313
|
+
end
|
|
314
|
+
|
|
315
|
+
def test_snmpuser_create_with_single_group_auth_sha_nopriv
|
|
316
|
+
name = 'userv3testsha'
|
|
317
|
+
groups = ['network-admin']
|
|
318
|
+
auth_pw = 'test1234567'
|
|
319
|
+
snmpuser = SnmpUser.new(name,
|
|
320
|
+
groups,
|
|
321
|
+
:sha, auth_pw,
|
|
322
|
+
:none, '',
|
|
323
|
+
false, # clear text
|
|
324
|
+
'')
|
|
325
|
+
assert_show_match(
|
|
326
|
+
pattern: /#{user_pat(name)} auth sha \S+ localizedkey/,
|
|
327
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
328
|
+
snmpuser.destroy
|
|
329
|
+
end
|
|
330
|
+
|
|
331
|
+
# If the auth pw is in hex and localized key param in constructor is false,
|
|
332
|
+
# then the pw got localized by the device again.
|
|
333
|
+
def test_create_1_group_auth_sha_nopriv_pw_localized_localizedkey_false
|
|
334
|
+
name = 'userv3testauthsha3'
|
|
335
|
+
groups = ['network-admin']
|
|
336
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
337
|
+
|
|
338
|
+
snmpuser = SnmpUser.new(name,
|
|
339
|
+
groups,
|
|
340
|
+
:sha, auth_pw,
|
|
341
|
+
:none, '',
|
|
342
|
+
false, # localized key
|
|
343
|
+
'')
|
|
344
|
+
assert_show_match(
|
|
345
|
+
pattern: /#{user_pat(name)} auth sha \S+ localizedkey/,
|
|
346
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
347
|
+
snmpuser.destroy
|
|
348
|
+
end
|
|
349
|
+
|
|
350
|
+
def test_snmpuser_create_with_single_group_auth_sha_nopriv_pw_localized
|
|
351
|
+
name = 'userv3testauthsha4'
|
|
352
|
+
groups = ['network-admin']
|
|
353
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
354
|
+
snmpuser = SnmpUser.new(name,
|
|
355
|
+
groups,
|
|
356
|
+
:sha, auth_pw,
|
|
357
|
+
:none, '',
|
|
358
|
+
true, # localized
|
|
359
|
+
'')
|
|
360
|
+
assert_show_match(
|
|
361
|
+
pattern: /#{user_pat(name)} auth sha #{auth_pw} localizedkey/,
|
|
362
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
363
|
+
snmpuser.destroy
|
|
364
|
+
end
|
|
365
|
+
|
|
366
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_des
|
|
367
|
+
name = 'userv3test6'
|
|
368
|
+
groups = ['network-admin']
|
|
369
|
+
auth_pw = 'test1234567'
|
|
370
|
+
priv_pw = 'priv1234567des'
|
|
371
|
+
snmpuser = SnmpUser.new(name,
|
|
372
|
+
groups,
|
|
373
|
+
:md5, auth_pw,
|
|
374
|
+
:des, priv_pw,
|
|
375
|
+
false, # clear text
|
|
376
|
+
'')
|
|
377
|
+
assert_show_match(
|
|
378
|
+
pattern: /#{user_pat(name)} auth md5 \S+ priv \S+ localizedkey/,
|
|
379
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
380
|
+
snmpuser.destroy
|
|
381
|
+
end
|
|
382
|
+
|
|
383
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_des_pw_localized
|
|
384
|
+
name = 'userv3testauth'
|
|
385
|
+
groups = ['network-admin']
|
|
386
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
387
|
+
priv_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
388
|
+
snmpuser = SnmpUser.new(name,
|
|
389
|
+
groups,
|
|
390
|
+
:md5, auth_pw,
|
|
391
|
+
:des, priv_pw,
|
|
392
|
+
true, # localized
|
|
393
|
+
'')
|
|
394
|
+
# rubocop:disable Metrics/LineLength
|
|
395
|
+
assert_show_match(
|
|
396
|
+
pattern: /#{user_pat(name)} auth md5 #{auth_pw} priv #{priv_pw} localizedkey/,
|
|
397
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
398
|
+
# rubocop:enable Metrics/LineLength
|
|
399
|
+
snmpuser.destroy
|
|
400
|
+
end
|
|
401
|
+
|
|
402
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_aes128
|
|
403
|
+
name = 'userv3test7'
|
|
404
|
+
groups = ['network-admin']
|
|
405
|
+
auth_pw = 'test1234567'
|
|
406
|
+
priv_pw = 'priv1234567aes'
|
|
407
|
+
snmpuser = SnmpUser.new(name,
|
|
408
|
+
groups,
|
|
409
|
+
:md5, auth_pw,
|
|
410
|
+
:aes128, priv_pw,
|
|
411
|
+
false, # clear text
|
|
412
|
+
'')
|
|
413
|
+
assert_show_match(
|
|
414
|
+
pattern: /#{user_pat(name)} auth md5 \S+ priv aes-128 \S+ localizedkey/,
|
|
415
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
416
|
+
snmpuser.destroy
|
|
417
|
+
end
|
|
418
|
+
|
|
419
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_aes128_pw_localized
|
|
420
|
+
name = 'userv3testauth'
|
|
421
|
+
groups = ['network-admin']
|
|
422
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
423
|
+
priv_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
424
|
+
snmpuser = SnmpUser.new(name,
|
|
425
|
+
groups,
|
|
426
|
+
:md5, auth_pw,
|
|
427
|
+
:aes128, priv_pw,
|
|
428
|
+
true, # localized
|
|
429
|
+
'')
|
|
430
|
+
# rubocop:disable Metrics/LineLength
|
|
431
|
+
assert_show_match(
|
|
432
|
+
pattern: /#{user_pat(name)} auth md5 #{auth_pw} priv aes-128 #{priv_pw} localizedkey/,
|
|
433
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
434
|
+
# rubocop:enable Metrics/LineLength
|
|
435
|
+
snmpuser.destroy
|
|
436
|
+
end
|
|
437
|
+
|
|
438
|
+
def test_snmpuser_create_with_single_group_auth_sha_priv_des
|
|
439
|
+
name = 'userv3test8'
|
|
440
|
+
groups = ['network-admin']
|
|
441
|
+
auth_pw = 'test1234567'
|
|
442
|
+
priv_pw = 'priv1234567des'
|
|
443
|
+
snmpuser = SnmpUser.new(name,
|
|
444
|
+
groups,
|
|
445
|
+
:sha, auth_pw,
|
|
446
|
+
:des, priv_pw,
|
|
447
|
+
false, # clear text
|
|
448
|
+
'')
|
|
449
|
+
assert_show_match(
|
|
450
|
+
pattern: /#{user_pat(name)} auth sha \S+ priv \S+ localizedkey/,
|
|
451
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
452
|
+
snmpuser.destroy
|
|
453
|
+
end
|
|
454
|
+
|
|
455
|
+
def test_snmpuser_create_with_single_group_auth_md5_priv_sha_pw_localized
|
|
456
|
+
name = 'userv3testauth'
|
|
457
|
+
groups = ['network-admin']
|
|
458
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
459
|
+
priv_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
460
|
+
snmpuser = SnmpUser.new(name,
|
|
461
|
+
groups,
|
|
462
|
+
:sha, auth_pw,
|
|
463
|
+
:des, priv_pw,
|
|
464
|
+
true, # localized
|
|
465
|
+
'')
|
|
466
|
+
# rubocop:disable Metrics/LineLength
|
|
467
|
+
assert_show_match(
|
|
468
|
+
pattern: /#{user_pat(name)} auth sha #{auth_pw} priv #{priv_pw} localizedkey/,
|
|
469
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
470
|
+
# rubocop:enable Metrics/LineLength
|
|
471
|
+
snmpuser.destroy
|
|
472
|
+
end
|
|
473
|
+
|
|
474
|
+
def test_snmpuser_create_with_single_group_auth_sha_priv_aes128
|
|
475
|
+
name = 'userv3test9'
|
|
476
|
+
groups = ['network-admin']
|
|
477
|
+
auth_pw = 'test1234567'
|
|
478
|
+
priv_pw = 'priv1234567aes'
|
|
479
|
+
snmpuser = SnmpUser.new(name,
|
|
480
|
+
groups,
|
|
481
|
+
:sha, auth_pw,
|
|
482
|
+
:aes128, priv_pw,
|
|
483
|
+
false, # clear text
|
|
484
|
+
'')
|
|
485
|
+
assert_show_match(
|
|
486
|
+
pattern: /#{user_pat(name)} auth sha \S+ priv aes-128 \S+ localizedkey/,
|
|
487
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
488
|
+
snmpuser.destroy
|
|
489
|
+
end
|
|
490
|
+
|
|
491
|
+
def test_snmpuser_create_with_single_group_auth_sha_priv_aes128_pw_localized
|
|
492
|
+
name = 'userv3testauth'
|
|
493
|
+
groups = ['network-admin']
|
|
494
|
+
auth_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
495
|
+
priv_pw = '0xfe6cf9aea159c2c38e0a79ec23ed3cbb'
|
|
496
|
+
snmpuser = SnmpUser.new(name,
|
|
497
|
+
groups,
|
|
498
|
+
:sha, auth_pw,
|
|
499
|
+
:aes128, priv_pw,
|
|
500
|
+
true, # localized
|
|
501
|
+
'')
|
|
502
|
+
# rubocop:disable Metrics/LineLength
|
|
503
|
+
assert_show_match(
|
|
504
|
+
pattern: /#{user_pat(name)} auth sha #{auth_pw} priv aes-128 #{priv_pw} localizedkey/,
|
|
505
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
506
|
+
# rubocop:enable Metrics/LineLength
|
|
507
|
+
snmpuser.destroy
|
|
508
|
+
end
|
|
509
|
+
|
|
510
|
+
def test_snmpuser_create_destroy_with_engine_id
|
|
511
|
+
name = 'test_with_engine_id'
|
|
512
|
+
auth_pw = 'testpassword'
|
|
513
|
+
priv_pw = 'testpassword'
|
|
514
|
+
engine_id = '128:12:12:12:12'
|
|
515
|
+
snmpuser = SnmpUser.new(name, [''], :md5, auth_pw, :des, priv_pw,
|
|
516
|
+
false, engine_id)
|
|
517
|
+
# rubocop:disable Metrics/LineLength
|
|
518
|
+
assert_show_match(
|
|
519
|
+
pattern: /snmp-server user #{name} auth \S+ \S+ priv .*\S+ localizedkey engineID #{engine_id}/,
|
|
520
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
521
|
+
# rubocop:enable Metrics/LineLength
|
|
522
|
+
user = SnmpUser.users["#{name} #{engine_id}"]
|
|
523
|
+
refute_nil(user)
|
|
524
|
+
assert_equal(snmpuser.name, user.name)
|
|
525
|
+
assert_equal(snmpuser.name, name)
|
|
526
|
+
assert_equal(snmpuser.engine_id, engine_id)
|
|
527
|
+
assert_equal(snmpuser.engine_id, user.engine_id)
|
|
528
|
+
snmpuser.destroy
|
|
529
|
+
# rubocop:disable Metrics/LineLength
|
|
530
|
+
refute_show_match(
|
|
531
|
+
pattern: /snmp-server user #{name} auth \S+ \S+ priv .*\S+ localizedkey engineID #{engine_id}/,
|
|
532
|
+
command: "show run snmp all | in #{name} | no-more")
|
|
533
|
+
# rubocop:enable Metrics/LineLength
|
|
534
|
+
assert_nil(SnmpUser.users["#{name} #{engine_id}"])
|
|
535
|
+
end
|
|
536
|
+
|
|
537
|
+
def test_snmpuser_authpassword
|
|
538
|
+
name = 'test_authpassword'
|
|
539
|
+
auth_pw = '0x123456'
|
|
540
|
+
snmpuser = SnmpUser.new(name, [''], :md5, auth_pw, :none, '', true, '')
|
|
541
|
+
|
|
542
|
+
pw = snmpuser.auth_password
|
|
543
|
+
assert_equal(auth_pw, pw)
|
|
544
|
+
snmpuser.destroy
|
|
545
|
+
end
|
|
546
|
+
|
|
547
|
+
def test_snmpuser_authpassword_with_engineid
|
|
548
|
+
name = 'test_authpassword'
|
|
549
|
+
auth_pw = '0x123456'
|
|
550
|
+
engine_id = '128:12:12:12:12'
|
|
551
|
+
snmpuser = SnmpUser.new(name, [''], :md5, auth_pw,
|
|
552
|
+
:none, '', true, engine_id)
|
|
553
|
+
|
|
554
|
+
pw = snmpuser.auth_password
|
|
555
|
+
assert_equal(auth_pw, pw)
|
|
556
|
+
snmpuser.destroy
|
|
557
|
+
end
|
|
558
|
+
|
|
559
|
+
def test_snmpuser_privpassword
|
|
560
|
+
name = 'test_privpassword'
|
|
561
|
+
priv_password = '0x123456'
|
|
562
|
+
snmpuser = SnmpUser.new(name, [''], :md5, priv_password,
|
|
563
|
+
:des, priv_password, true, '')
|
|
564
|
+
|
|
565
|
+
pw = snmpuser.priv_password
|
|
566
|
+
assert_equal(priv_password, pw)
|
|
567
|
+
snmpuser.destroy
|
|
568
|
+
|
|
569
|
+
snmpuser = SnmpUser.new(name, [''], :md5, priv_password,
|
|
570
|
+
:aes128, priv_password, true, '')
|
|
571
|
+
pw = snmpuser.priv_password
|
|
572
|
+
assert_equal(priv_password, pw)
|
|
573
|
+
snmpuser.destroy
|
|
574
|
+
end
|
|
575
|
+
|
|
576
|
+
def test_snmpuser_privpassword_with_engineid
|
|
577
|
+
name = 'test_privpassword2'
|
|
578
|
+
priv_password = '0x123456'
|
|
579
|
+
engine_id = '128:12:12:12:12'
|
|
580
|
+
snmpuser = SnmpUser.new(name, [''], :md5, priv_password,
|
|
581
|
+
:des, priv_password, true, engine_id)
|
|
582
|
+
pw = snmpuser.priv_password
|
|
583
|
+
assert_equal(priv_password, pw)
|
|
584
|
+
snmpuser.destroy
|
|
585
|
+
|
|
586
|
+
snmpuser = SnmpUser.new(name, [''], :md5, priv_password,
|
|
587
|
+
:aes128, priv_password, true, '')
|
|
588
|
+
pw = snmpuser.priv_password
|
|
589
|
+
assert_equal(priv_password, pw)
|
|
590
|
+
snmpuser.destroy
|
|
591
|
+
end
|
|
592
|
+
|
|
593
|
+
def test_snmpuser_auth_password_equal_with_engineid
|
|
594
|
+
name = 'test_authpass_equal'
|
|
595
|
+
auth_pass = 'testpassword'
|
|
596
|
+
engine_id = '128:12:12:12:12'
|
|
597
|
+
|
|
598
|
+
snmpuser = SnmpUser.new(name, [''], :md5, auth_pass, :none, '', false,
|
|
599
|
+
engine_id)
|
|
600
|
+
|
|
601
|
+
assert(snmpuser.auth_password_equal?(auth_pass, false))
|
|
602
|
+
# our api should be able to detect wrong password
|
|
603
|
+
refute(snmpuser.auth_password_equal?('test2468', false))
|
|
604
|
+
snmpuser.destroy
|
|
605
|
+
end
|
|
606
|
+
|
|
607
|
+
def test_snmpuser_priv_password_equal_with_engineid
|
|
608
|
+
name = 'test_privpass_equal'
|
|
609
|
+
priv_pass = 'testpassword'
|
|
610
|
+
engine_id = '128:12:12:12:12'
|
|
611
|
+
|
|
612
|
+
snmpuser = SnmpUser.new(name, [''], :md5, priv_pass, :des, priv_pass, false,
|
|
613
|
+
engine_id)
|
|
614
|
+
assert(snmpuser.priv_password_equal?(priv_pass, false))
|
|
615
|
+
refute(snmpuser.priv_password_equal?('test2468', false))
|
|
616
|
+
snmpuser.destroy
|
|
617
|
+
|
|
618
|
+
snmpuser = SnmpUser.new(name, [''], :md5, priv_pass,
|
|
619
|
+
:aes128, priv_pass, false, engine_id)
|
|
620
|
+
assert(snmpuser.priv_password_equal?(priv_pass, false))
|
|
621
|
+
refute(snmpuser.priv_password_equal?('test2468', false))
|
|
622
|
+
snmpuser.destroy
|
|
623
|
+
end
|
|
624
|
+
|
|
625
|
+
def test_snmpuser_default_groups
|
|
626
|
+
groups = [DEFAULT_SNMP_USER_GROUP_NAME]
|
|
627
|
+
assert_equal(groups, SnmpUser.default_groups,
|
|
628
|
+
'Error: Wrong default groups')
|
|
629
|
+
end
|
|
630
|
+
|
|
631
|
+
def test_snmpuser_default_auth_protocol
|
|
632
|
+
assert_equal(:md5,
|
|
633
|
+
SnmpUser.default_auth_protocol,
|
|
634
|
+
'Error: Wrong default auth protocol')
|
|
635
|
+
end
|
|
636
|
+
|
|
637
|
+
def test_snmpuser_default_auth_password
|
|
638
|
+
assert_equal(DEFAULT_SNMP_USER_AUTH_PASSWORD,
|
|
639
|
+
SnmpUser.default_auth_password,
|
|
640
|
+
'Error: Wrong default auth password')
|
|
641
|
+
end
|
|
642
|
+
|
|
643
|
+
def test_snmpuser_default_priv_protocol
|
|
644
|
+
assert_equal(:des,
|
|
645
|
+
SnmpUser.default_priv_protocol,
|
|
646
|
+
'Error: Wrong default priv protocol')
|
|
647
|
+
end
|
|
648
|
+
|
|
649
|
+
def test_snmpuser_default_priv_password
|
|
650
|
+
assert_equal(DEFAULT_SNMP_USER_PRIV_PASSWORD,
|
|
651
|
+
SnmpUser.default_priv_password,
|
|
652
|
+
'Error: Wrong default priv password')
|
|
653
|
+
end
|
|
803
654
|
end
|