OLD | NEW |
(Empty) | |
| 1 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 # Use of this source code is governed by a BSD-style license that can be |
| 3 # found in the LICENSE file. |
| 4 |
| 5 # Try 802.1x authentication. The supplicant must be restarted between |
| 6 # trials because it is "sticky" with regards to various parameters |
| 7 # related to certificate authentication. A thread is currently afoot |
| 8 # in the hostap mailing list about this, but for the time being we will |
| 9 # do supplicant restarts to test. |
| 10 |
| 11 { "name":"Check1x_TTLS", |
| 12 "steps":[ # Channel [any] |
| 13 [ "create", { "type":"hostap" } ], |
| 14 [ "install_files", { "system" : "router", |
| 15 "files" : |
| 16 { "/tmp/hostapd_ca_cert" : |
| 17 site_eap_certs.ca_cert_1, |
| 18 "/tmp/hostapd_server_cert" : |
| 19 site_eap_certs.server_cert_1, |
| 20 "/tmp/hostapd_private_key" : |
| 21 site_eap_certs.server_private_key_1, |
| 22 "/tmp/hostapd_eap_user_file" : |
| 23 """* TTLS |
| 24 "testuser-chapv2" MSCHAPV2 "password" [2] |
| 25 "testuser-md5" MD5 "password" [2]""" } } ], |
| 26 [ "config", { "channel":"2412", "mode":"11g", |
| 27 "wpa":"1", "wpa_key_mgmt":"WPA-EAP", |
| 28 "eap_server" : "1", |
| 29 "wpa_pairwise":"CCMP", "ieee8021x":"1", |
| 30 "ca_cert" : "/tmp/hostapd_ca_cert", |
| 31 "server_cert" : "/tmp/hostapd_server_cert", |
| 32 "private_key" : "/tmp/hostapd_private_key", |
| 33 "eap_user_file" : "/tmp/hostapd_eap_user_file"} ], |
| 34 [ "install_files", { "system" : "client", |
| 35 "files" : |
| 36 { "/tmp/ca-cert.pem" : |
| 37 site_eap_certs.ca_cert_1, |
| 38 "/tmp/ca-cert-other.pem" : |
| 39 site_eap_certs.ca_cert_2} } ], |
| 40 [ "connect", { "security":"802_1x", |
| 41 "psk" : "EAP-TTLS:testuser-chapv2:password"} ], |
| 42 [ "client_ping", { "count":"10" } ], |
| 43 |
| 44 [ "disconnect" ], |
| 45 |
| 46 # Try with (correct) CA for server |
| 47 [ "restart_supplicant" ], |
| 48 [ "config", { "ssid_suffix":"t1" } ], |
| 49 [ "connect", { "security":"802_1x", |
| 50 "psk" : "EAP-TTLS:testuser-chapv2:password:" |
| 51 "/tmp/ca-cert.pem"} ], |
| 52 [ "client_ping", { "count":"10" } ], |
| 53 |
| 54 [ "disconnect" ], |
| 55 |
| 56 # Try MD5 inner auth |
| 57 [ "restart_supplicant" ], |
| 58 [ "config", { "ssid_suffix":"t2" } ], |
| 59 [ "connect", { "security":"802_1x", |
| 60 "psk" : "EAP-TTLS:testuser-md5:password"} ], |
| 61 [ "client_ping", { "count":"10" } ], |
| 62 |
| 63 [ "disconnect" ], |
| 64 |
| 65 # |
| 66 # Try authenticating using the wrong client password |
| 67 [ "restart_supplicant" ], |
| 68 [ "config", { "ssid_suffix":"t3" } ], |
| 69 [ "!connect", { "security":"802_1x", |
| 70 "psk" : "EAP-TTLS:testuser-chapv2:wrongpassword"} ], |
| 71 # |
| 72 # Try authenticating with the right client password but wrong CA |
| 73 [ "restart_supplicant" ], |
| 74 [ "config", { "ssid_suffix":"t4" } ], |
| 75 [ "!connect", { "security":"802_1x", |
| 76 "psk" : "EAP-TTLS:testuser-chapv2:password:" |
| 77 "/tmp/ca-cert-other.pem"} ], |
| 78 |
| 79 |
| 80 [ "destroy" ], |
| 81 ], |
| 82 } |
OLD | NEW |