| OLD | NEW |
|---|
| 1 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 # Use of this source code is governed by a BSD-style license that can be | 2 # Use of this source code is governed by a BSD-style license that can be |
| 3 # found in the LICENSE file. | 3 # found in the LICENSE file. |
| 4 | 4 |
| 5 # Try 802.1x authentication. The supplicant must be restarted between | 5 # Try 802.1x authentication. The supplicant must be restarted between |
| 6 # trials because it is "sticky" with regards to various parameters | 6 # trials because it is "sticky" with regards to various parameters |
| 7 # related to certificate authentication. A thread is currently afoot | 7 # related to certificate authentication. A thread is currently afoot |
| 8 # in the hostap mailing list about this, but for the time being we will | 8 # in the hostap mailing list about this, but for the time being we will |
| 9 # do supplicant restarts to test. | 9 # do supplicant restarts to test. |
| 10 | 10 |
| 11 { "name":"Check1x_AES", | 11 { "name":"Check1x_AES", |
| 12 "steps":[ # Channel [any] | 12 "steps":[ # Channel [any] |
| 13 [ "create", { "type":"hostap" } ], | 13 [ "create", { "type":"hostap" } ], |
| 14 [ "config", { "channel":"2412", "mode":"11g", | 14 [ "config", { "channel":"2412", "mode":"11g", |
| 15 "wpa":"1", "wpa_key_mgmt":"WPA-EAP", | 15 "wpa":"1", "wpa_key_mgmt":"WPA-EAP", |
| 16 "wpa_pairwise":"CCMP", "ieee8021x":"1", | 16 "wpa_pairwise":"CCMP", "ieee8021x":"1", |
| 17 "eap-tls":"cert1" } ], | 17 "eap":"tls1" } ], |
| 18 [ "connect", { "security":"802_1x", "eap-tls":"cert1" } ], | 18 [ "connect", { "security":"802_1x", "eap":"tls1" } ], |
| 19 [ "client_ping", { "count":"10" } ], | 19 [ "client_ping", { "count":"10" } ], |
| 20 [ "disconnect" ], | 20 [ "disconnect" ], |
| 21 | 21 |
| 22 [ "restart_supplicant" ], | 22 [ "restart_supplicant" ], |
| 23 [ "config", { "ssid_suffix":"t1" } ], | 23 [ "config", { "ssid_suffix":"t1" } ], |
| 24 [ "connect", { "security":"802_1x", "eap-tls":"cert1", | 24 [ "connect", { "security":"802_1x", "eap":"tls1", |
| 25 "server-auth":"cert1" } ], | 25 "server-auth":"tls1" } ], |
| 26 [ "client_ping", { "count":"10" } ], | 26 [ "client_ping", { "count":"10" } ], |
| 27 [ "disconnect" ], | 27 [ "disconnect" ], |
| 28 | 28 |
| 29 # Ensure authentication fails if server's cert doesn't match our CA cert | 29 # Ensure authentication fails if server's cert doesn't match our CA cert |
| 30 [ "restart_supplicant" ], | 30 [ "restart_supplicant" ], |
| 31 [ "config", { "ssid_suffix":"t2" } ], | 31 [ "config", { "ssid_suffix":"t2" } ], |
| 32 [ "!connect", { "security":"802_1x", "eap-tls":"cert1", | 32 [ "!connect", { "security":"802_1x", "eap":"tls1", |
| 33 "server-auth":"cert2" }, | 33 "server-auth":"tls2" }, |
| 34 "TLS: Certificate verification failed"], | 34 "TLS: Certificate verification failed"], |
| 35 | 35 |
| 36 # Try authenticating using the wrong client certiificate | 36 # Try authenticating using the wrong client certiificate |
| 37 [ "restart_supplicant" ], | 37 [ "restart_supplicant" ], |
| 38 [ "config", { "ssid_suffix":"t3" } ], | 38 [ "config", { "ssid_suffix":"t3" } ], |
| 39 [ "!connect", { "security":"802_1x", "eap-tls":"cert2", | 39 [ "!connect", { "security":"802_1x", "eap":"tls2", |
| 40 "server-auth":"cert1" }, | 40 "server-auth":"tls1" }, |
| 41 "SSL: SSL3 alert: read " | 41 "SSL: SSL3 alert: read " |
| 42 "\(remote end reported an error\):fatal:unknown CA" ], | 42 "\(remote end reported an error\):fatal:unknown CA" ], |
| 43 [ "disconnect" ], | 43 [ "disconnect" ], |
| 44 | 44 |
| 45 [ "destroy" ], | 45 [ "destroy" ], |
| 46 ], | 46 ], |
| 47 } | 47 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6030011:
Rearrange EAP setup so that it is more parameterizable for other EAP types (Closed)
Base URL: ssh://git@gitrw.chromium.org:9222/autotest.git@master