| Index: server/site_tests/network_WiFiSecMat/072CheckWPA_1x_PEAP
|
| diff --git a/server/site_tests/network_WiFiSecMat/072CheckWPA_1x_PEAP b/server/site_tests/network_WiFiSecMat/072CheckWPA_1x_PEAP
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..e82cc8f039e984c606784e7691bfcaf6e7bc5d56
|
| --- /dev/null
|
| +++ b/server/site_tests/network_WiFiSecMat/072CheckWPA_1x_PEAP
|
| @@ -0,0 +1,82 @@
|
| +# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
|
| +# Use of this source code is governed by a BSD-style license that can be
|
| +# found in the LICENSE file.
|
| +
|
| +# Try 802.1x authentication. The supplicant must be restarted between
|
| +# trials because it is "sticky" with regards to various parameters
|
| +# related to certificate authentication. A thread is currently afoot
|
| +# in the hostap mailing list about this, but for the time being we will
|
| +# do supplicant restarts to test.
|
| +
|
| +{ "name":"Check1x_PEAP",
|
| + "steps":[ # Channel [any]
|
| + [ "create", { "type":"hostap" } ],
|
| + [ "install_files", { "system" : "router",
|
| + "files" :
|
| + { "/tmp/hostapd_ca_cert" :
|
| + site_eap_certs.ca_cert_1,
|
| + "/tmp/hostapd_server_cert" :
|
| + site_eap_certs.server_cert_1,
|
| + "/tmp/hostapd_private_key" :
|
| + site_eap_certs.server_private_key_1,
|
| + "/tmp/hostapd_eap_user_file" :
|
| + """* PEAP
|
| +"testuser-chapv2" MSCHAPV2 "password" [2]
|
| +"testuser-md5" MD5 "password" [2]""" } } ],
|
| + [ "config", { "channel":"2412", "mode":"11g",
|
| + "wpa":"1", "wpa_key_mgmt":"WPA-EAP",
|
| + "eap_server" : "1",
|
| + "wpa_pairwise":"CCMP", "ieee8021x":"1",
|
| + "ca_cert" : "/tmp/hostapd_ca_cert",
|
| + "server_cert" : "/tmp/hostapd_server_cert",
|
| + "private_key" : "/tmp/hostapd_private_key",
|
| + "eap_user_file" : "/tmp/hostapd_eap_user_file"} ],
|
| + [ "install_files", { "system" : "client",
|
| + "files" :
|
| + { "/tmp/ca-cert.pem" :
|
| + site_eap_certs.ca_cert_1,
|
| + "/tmp/ca-cert-other.pem" :
|
| + site_eap_certs.ca_cert_2} } ],
|
| + [ "connect", { "security":"802_1x",
|
| + "psk" : "EAP-PEAP:testuser-chapv2:password"} ],
|
| + [ "client_ping", { "count":"10" } ],
|
| +
|
| + [ "disconnect" ],
|
| +
|
| + # Try with (correct) CA for server
|
| + [ "restart_supplicant" ],
|
| + [ "config", { "ssid_suffix":"t1" } ],
|
| + [ "connect", { "security":"802_1x",
|
| + "psk" : "EAP-PEAP:testuser-chapv2:password:"
|
| + "/tmp/ca-cert.pem"} ],
|
| + [ "client_ping", { "count":"10" } ],
|
| +
|
| + [ "disconnect" ],
|
| +
|
| + # Try MD5 inner auth
|
| + [ "restart_supplicant" ],
|
| + [ "config", { "ssid_suffix":"t2" } ],
|
| + [ "connect", { "security":"802_1x",
|
| + "psk" : "EAP-PEAP:testuser-md5:password"} ],
|
| + [ "client_ping", { "count":"10" } ],
|
| +
|
| + [ "disconnect" ],
|
| +
|
| + #
|
| + # Try authenticating using the wrong client password
|
| + [ "restart_supplicant" ],
|
| + [ "config", { "ssid_suffix":"t3" } ],
|
| + [ "!connect", { "security":"802_1x",
|
| + "psk" : "EAP-PEAP:testuser-chapv2:wrongpassword"} ],
|
| + #
|
| + # Try authenticating with the right client password but wrong CA
|
| + [ "restart_supplicant" ],
|
| + [ "config", { "ssid_suffix":"t4" } ],
|
| + [ "!connect", { "security":"802_1x",
|
| + "psk" : "EAP-PEAP:testuser-chapv2:password:"
|
| + "/tmp/ca-cert-other.pem"} ],
|
| +
|
| +
|
| + [ "destroy" ],
|
| + ],
|
| +}
|
|
|
Chromium Code Reviews
Issue 6030011:
Rearrange EAP setup so that it is more parameterizable for other EAP types (Closed)
Base URL: ssh://git@gitrw.chromium.org:9222/autotest.git@master