diff options
| author | James O'Doherty <james@theodohertyfamily.com> | 2026-05-29 18:29:12 -0400 |
|---|---|---|
| committer | James O'Doherty <james@theodohertyfamily.com> | 2026-05-29 18:29:12 -0400 |
| commit | ee2f5d545825752af63da36e2b9ec7a92985a875 (patch) | |
| tree | 7328f73ac157dd19fa60e887fd243f0855935cce /internal/cli/cli_test.go | |
| parent | 135f6edbd9389bc4783f13c26aed0a74d3c8aca0 (diff) | |
feat: implement userspace wireguard data-path and unprivileged host fd-passing
- Implement complete rootless network namespace bootstrap via C launcher using unshare(CLONE_NEWUSER | CLONE_NEWNS | CLONE_NEWNET).
- Resolve unprivileged network isolation blackhole via host-socket preservation (FD passing): open client UDP sockets on the host pre-isolation, clear O_CLOEXEC, and ingest them via custom `FDBind` inside the sandbox.
- Implement isolated routing table automation over `tun0` (addresses, MTU, default routes).
- Implement persistent, multi-process namespace sharing and joining using reference-counted PID files and the setns system call.
- Write robust, self-contained E2E data plane test suites in `tests/e2e/e2e_test.go` using a mock UDP listener.
- Update project documentation (`README.md` and `AGENTS.md`) to reflect completed milestones.
- Ensure 100% test passing rate and zero lint/staticcheck warnings.
Diffstat (limited to 'internal/cli/cli_test.go')
| -rw-r--r-- | internal/cli/cli_test.go | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/internal/cli/cli_test.go b/internal/cli/cli_test.go index a0d6263..fcf489a 100644 --- a/internal/cli/cli_test.go +++ b/internal/cli/cli_test.go @@ -1,6 +1,8 @@ package cli import ( + "os" + "path/filepath" "strings" "testing" ) @@ -10,6 +12,21 @@ func TestAppRun_ProfileDirInjection(t *testing.T) { // Set up a temporary directory to simulate XDG_CONFIG_HOME/wg-wrap/profiles tmpDir := t.TempDir() + // Write a valid test-vpn.conf profile file to the temporary directory + confContent := `[Interface] +PrivateKey = YXNkZmFzZGZhc2RmYXNkZmFzZGZhc2RmYXNkZmFzZGY= +Address = 10.0.0.2/24 + +[Peer] +PublicKey = YXNkZmFzZGZhc2RmYXNkZmFzZGZhc2RmYXNkZmFzZGY= +Endpoint = 127.0.0.1:51820 +AllowedIPs = 10.0.0.0/24 +` + importPath := filepath.Join(tmpDir, "test-vpn.conf") + if err := os.WriteFile(importPath, []byte(confContent), 0644); err != nil { + t.Fatalf("failed to write test profile: %v", err) + } + tests := []struct { name string args []string @@ -17,7 +34,7 @@ func TestAppRun_ProfileDirInjection(t *testing.T) { }{ { name: "valid profile with injected dir", - args: []string{"wg-wrap", "--profile", "test-vpn", "curl", "google.com"}, + args: []string{"wg-wrap", "--profile", "test-vpn", "true"}, wantErr: false, }, } |