server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES - Issue 6030011: Rearrange EAP setup so that it is more parameterizable for other EAP types

Unified Diff: server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES

Issue 6030011: Rearrange EAP setup so that it is more parameterizable for other EAP types (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/autotest.git@master

Patch Set: Update PEAP and TTLS tests. Created 9 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES

diff --git a/server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES b/server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES

index 3bb13ae69a61b76b222470e63c63bf71aeb1f5ae..42aabab280a022d6c867c47dc28a5b93336b34a6 100644

--- a/server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES

+++ b/server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES

@@ -11,33 +11,64 @@

{ "name":"Check1x_AES",

"steps":[ # Channel [any]

[ "create", { "type":"hostap" } ],

+ [ "install_files", { "system" : "router",

+ "files" :

+ { "/tmp/hostapd_ca_cert" :

+ site_eap_certs.ca_cert_1,

+ "/tmp/hostapd_server_cert" :

+ site_eap_certs.server_cert_1,

+ "/tmp/hostapd_private_key" :

+ site_eap_certs.server_private_key_1,

+ "/tmp/hostapd_eap_user_file" :

+ "* TLS"} } ],

[ "config", { "channel":"2412", "mode":"11g",

"wpa":"1", "wpa_key_mgmt":"WPA-EAP",

"wpa_pairwise":"CCMP", "ieee8021x":"1",

- "eap-tls":"cert1" } ],

- [ "connect", { "security":"802_1x", "eap-tls":"cert1" } ],

+ "eap_server" : "1",

+ "ca_cert" : "/tmp/hostapd_ca_cert",

+ "server_cert" : "/tmp/hostapd_server_cert",

+ "private_key" : "/tmp/hostapd_private_key",

+ "eap_user_file" : "/tmp/hostapd_eap_user_file"} ],

+ [ "install_files", { "system" : "client",

+ "files" :

+ { "/tmp/pkg-client.pem" :

+ site_eap_certs.client_cert_1 + "\n" +

+ site_eap_certs.client_private_key_1,

+ "/tmp/pkg-client-other.pem" :

+ site_eap_certs.client_cert_2 + "\n" +

+ site_eap_certs.client_private_key_2,

+ "/tmp/ca-cert.pem" :

+ site_eap_certs.ca_cert_1,

+ "/tmp/ca-cert-other.pem" :

+ site_eap_certs.ca_cert_2} } ],

+ [ "connect", { "security":"802_1x",

+ "psk" : "EAP-TLS:chromeos:/tmp/pkg-client.pem"} ],

[ "client_ping", { "count":"10" } ],

[ "disconnect" ],

[ "restart_supplicant" ],

[ "config", { "ssid_suffix":"t1" } ],

- [ "connect", { "security":"802_1x", "eap-tls":"cert1",

- "server-auth":"cert1" } ],

+ [ "connect", { "security":"802_1x",

+ "psk" : "EAP-TLS:chromeos:"

+ "/tmp/pkg-client.pem:/tmp/ca-cert.pem"} ],

[ "client_ping", { "count":"10" } ],

[ "disconnect" ],

# Ensure authentication fails if server's cert doesn't match our CA cert

[ "restart_supplicant" ],

[ "config", { "ssid_suffix":"t2" } ],

- [ "!connect", { "security":"802_1x", "eap-tls":"cert1",

- "server-auth":"cert2" },

+ [ "!connect", { "security":"802_1x",

+ "psk" : "EAP-TLS:chromeos:"

+ "/tmp/pkg-client.pem:/tmp/ca-cert-other.pem"},

"TLS: Certificate verification failed"],

# Try authenticating using the wrong client certiificate

[ "restart_supplicant" ],

[ "config", { "ssid_suffix":"t3" } ],

- [ "!connect", { "security":"802_1x", "eap-tls":"cert2",

- "server-auth":"cert1" },

+ [ "!connect", { "security":"802_1x",

+ "psk" : "EAP-TLS:chromeos:"

+ "/tmp/pkg-client-other.pem:/tmp/ca-cert.pem"},

"SSL: SSL3 alert: read "

"\(remote end reported an error\):fatal:unknown CA" ],

[ "disconnect" ],

« no previous file with comments | « server/site_linux_router.py ('k') | server/site_tests/network_WiFiSecMat/072CheckWPA_1x_PEAP » ('j') | no next file with comments »