birdcage/node_test.go at main · vhscom/birdcage · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package main

import (
	"testing"

	"birdcage/internal/wgkey"
)

func nodeTestSetup(t *testing.T) {
	t.Helper()
	initDB(":memory:")
	cfg = &Config{}
}

func TestLookupNodeForAgent_Creates(t *testing.T) {
	nodeTestSetup(t)

	// Insert an agent credential.
	_, err := store.Exec("INSERT INTO agent_credential (name, key_hash) VALUES (?, ?)", "test-agent", "fakehash")
	if err != nil {
		t.Fatalf("insert agent_credential: %v", err)
	}

	nodeID := lookupNodeForAgent(1)
	if nodeID == 0 {
		t.Fatalf("lookupNodeForAgent returned 0, expected a new node ID")
	}

	// Verify the node was created with the expected mesh IP.
	var allowedIPs string
	err = store.QueryRow("SELECT allowed_ips FROM node WHERE id = ?", nodeID).Scan(&allowedIPs)
	if err != nil {
		t.Fatalf("query node: %v", err)
	}
	if allowedIPs != "10.0.0.2/32" {
		t.Errorf("allowed_ips = %q, want %q", allowedIPs, "10.0.0.2/32")
	}
}

func TestNextMeshIP(t *testing.T) {
	nodeTestSetup(t)

	// Insert two nodes occupying .2 and .3.
	_, err := store.Exec(
		"INSERT INTO agent_credential (name, key_hash) VALUES (?, ?)", "a1", "h1",
	)
	if err != nil {
		t.Fatalf("insert agent_credential: %v", err)
	}
	_, err = store.Exec(
		"INSERT INTO agent_credential (name, key_hash) VALUES (?, ?)", "a2", "h2",
	)
	if err != nil {
		t.Fatalf("insert agent_credential: %v", err)
	}

	_, err = store.Exec(
		"INSERT INTO node (label, wg_pubkey, allowed_ips, agent_credential_id) VALUES (?, ?, ?, ?)",
		"node-a", "pending", "10.0.0.2/32", 1,
	)
	if err != nil {
		t.Fatalf("insert node 1: %v", err)
	}
	_, err = store.Exec(
		"INSERT INTO node (label, wg_pubkey, allowed_ips, agent_credential_id) VALUES (?, ?, ?, ?)",
		"node-b", "pending", "10.0.0.3/32", 2,
	)
	if err != nil {
		t.Fatalf("insert node 2: %v", err)
	}

	got, err := nextMeshIP()
	if err != nil {
		t.Fatalf("nextMeshIP() unexpected error: %v", err)
	}
	if got != "10.0.0.4/32" {
		t.Errorf("nextMeshIP() = %q, want %q", got, "10.0.0.4/32")
	}
}

func TestNextMeshIP_SkipsServer(t *testing.T) {
	nodeTestSetup(t)

	// No nodes in the database yet. First call should skip .1 (server) and return .2.
	got, err := nextMeshIP()
	if err != nil {
		t.Fatalf("nextMeshIP() unexpected error: %v", err)
	}
	if got != "10.0.0.2/32" {
		t.Errorf("nextMeshIP() = %q, want %q", got, "10.0.0.2/32")
	}
}

func TestDeriveWGPublicKey(t *testing.T) {
	privKey, pubKey, err := wgkey.GenerateKeypair()
	if err != nil {
		t.Fatalf("GenerateKeypair: %v", err)
	}

	derived := deriveWGPublicKey(privKey)
	if derived == "" {
		t.Fatalf("deriveWGPublicKey returned empty string")
	}
	if derived != pubKey {
		t.Errorf("deriveWGPublicKey = %q, want %q", derived, pubKey)
	}
}