Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(143)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES

Issue 6030011: Rearrange EAP setup so that it is more parameterizable for other EAP types (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/autotest.git@master
Patch Set: No more site_eap Created 9 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « server/site_linux_router.py ('k') | server/site_wifitest.py » ('j') | server/site_wifitest.py » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be 2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file. 3 # found in the LICENSE file.
4 4
5 # Try 802.1x authentication. The supplicant must be restarted between 5 # Try 802.1x authentication. The supplicant must be restarted between
6 # trials because it is "sticky" with regards to various parameters 6 # trials because it is "sticky" with regards to various parameters
7 # related to certificate authentication. A thread is currently afoot 7 # related to certificate authentication. A thread is currently afoot
8 # in the hostap mailing list about this, but for the time being we will 8 # in the hostap mailing list about this, but for the time being we will
9 # do supplicant restarts to test. 9 # do supplicant restarts to test.
10 10
11 { "name":"Check1x_AES", 11 { "name":"Check1x_AES",
12 "steps":[ # Channel [any] 12 "steps":[ # Channel [any]
13 [ "create", { "type":"hostap" } ], 13 [ "create", { "type":"hostap" } ],
14 [ "config", { "channel":"2412", "mode":"11g", 14 [ "config", { "channel":"2412", "mode":"11g",
15 "wpa":"1", "wpa_key_mgmt":"WPA-EAP", 15 "wpa":"1", "wpa_key_mgmt":"WPA-EAP",
16 "wpa_pairwise":"CCMP", "ieee8021x":"1", 16 "wpa_pairwise":"CCMP", "ieee8021x":"1",
17 "eap-tls":"cert1" } ], 17 "eap_server" : "1",
18 [ "connect", { "security":"802_1x", "eap-tls":"cert1" } ], 18 "ca_cert" : ca_cert_1,
Paul Stewart 2011/01/13 01:56:06 If you're using a "files" parameter below in the c
19 "server_cert" : server_cert_1,
20 "private_key" : server_private_key_1,
21 "eap_user_file" : "* TLS"} ],
22 [ "connect",» { "security":"802_1x",
23 "files" : {"/tmp/pkg-client.pem" : client_cert_1 +
24 "\n" + client_private_key_1},
25 "psk" : "EAP-TLS:chromeos:/tmp/pkg-client.pem"} ],
26
19 [ "client_ping", { "count":"10" } ], 27 [ "client_ping", { "count":"10" } ],
20 [ "disconnect" ], 28 [ "disconnect" ],
21 29
22 [ "restart_supplicant" ], 30 [ "restart_supplicant" ],
23 [ "config", { "ssid_suffix":"t1" } ], 31 [ "config", { "ssid_suffix":"t1" } ],
24 [ "connect", { "security":"802_1x", "eap-tls":"cert1", 32 [ "connect", { "security":"802_1x",
25 "server-auth":"cert1" } ], 33 "files" : {"/tmp/pkg-client.pem" : client_cert_1 +
34 "\n" + client_private_key_1,
35 "/tmp/ca-cert.pem" : ca_cert_1},
36 "psk" : "EAP-TLS:chromeos:/tmp/pkg-client.pem:/tmp/ca- cert.pem"} ],
Paul Stewart 2011/01/13 01:56:06 80 cols here and below.
26 [ "client_ping", { "count":"10" } ], 37 [ "client_ping", { "count":"10" } ],
27 [ "disconnect" ], 38 [ "disconnect" ],
28 39
29 # Ensure authentication fails if server's cert doesn't match our CA cert 40 # Ensure authentication fails if server's cert doesn't match our CA cert
30 [ "restart_supplicant" ], 41 [ "restart_supplicant" ],
31 [ "config", { "ssid_suffix":"t2" } ], 42 [ "config", { "ssid_suffix":"t2" } ],
32 [ "!connect", { "security":"802_1x", "eap-tls":"cert1", 43 [ "!connect", { "security":"802_1x",
33 "server-auth":"cert2" }, 44 "files" : {"/tmp/pkg-client.pem" : client_cert_1 +
45 "\n" + client_private_key_1,
46 "/tmp/ca-cert.pem" : ca_cert_2},
47 "psk" : "EAP-TLS:chromeos:/tmp/pkg-client.pem:/tmp/ca- cert.pem"},
34 "TLS: Certificate verification failed"], 48 "TLS: Certificate verification failed"],
35 49
36 # Try authenticating using the wrong client certiificate 50 # Try authenticating using the wrong client certiificate
37 [ "restart_supplicant" ], 51 [ "restart_supplicant" ],
38 [ "config", { "ssid_suffix":"t3" } ], 52 [ "config", { "ssid_suffix":"t3" } ],
39 [ "!connect", { "security":"802_1x", "eap-tls":"cert2", 53 [ "!connect", { "security":"802_1x",
40 "server-auth":"cert1" }, 54 "files" : {"/tmp/pkg-client.pem" : client_cert_2 +
55 "\n" + client_private_key_2,
56 "/tmp/ca-cert.pem" : ca_cert_1},
57 "psk" : "EAP-TLS:chromeos:/tmp/pkg-client.pem:/tmp/ca- cert.pem"},
41 "SSL: SSL3 alert: read " 58 "SSL: SSL3 alert: read "
42 "\(remote end reported an error\):fatal:unknown CA" ], 59 "\(remote end reported an error\):fatal:unknown CA" ],
43 [ "disconnect" ], 60 [ "disconnect" ],
44 61
45 [ "destroy" ], 62 [ "destroy" ],
46 ], 63 ],
47 } 64 }
OLDNEW
« no previous file with comments | « server/site_linux_router.py ('k') | server/site_wifitest.py » ('j') | server/site_wifitest.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698