server/site_tests/network_VPN/000VPNGenesis - Issue 6609034: VPN: Test to set up & validate a Client connection to the Server

Side by Side Diff: server/site_tests/network_VPN/000VPNGenesis

Issue 6609034: VPN: Test to set up & validate a Client connection to the Server (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/autotest.git@master

Patch Set: Filled in missing block comments about the nature of this test. Created 9 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 # Copyright (c) 2011 The Chromium OS Authors. All rights reserved.

	2 # Use of this source code is governed by a BSD-style license that can be

	3 # found in the LICENSE file.

	4 #

	5 # An example of how to set up a VPN from the Client (DUT), through the

	6 # Router to to the Server.

	7 #

	8

	9 { "name":"VPNGenesis",

	10 "steps":[

	11 ### Create WiFi connection from Client to Router.

	12 [ "create", { "type":"hostap" } ],

	13 [ "install_files", { "system" : "router",

	14 "files" :

	15 { "/tmp/hostapd_ca_cert" :

	16 site_eap_certs.ca_cert_1,

	17 "/tmp/hostapd_server_cert" :

	18 site_eap_certs.server_cert_1,

	19 "/tmp/hostapd_private_key" :

	20 site_eap_certs.server_private_key_1,

	21 "/tmp/hostapd_eap_user_file" :

	22 "* TLS"} } ],

	23 [ "config", { "channel":"2412", "mode":"11g",

	24 "wpa":"1", "wpa_key_mgmt":"WPA-EAP",

	25 "wpa_pairwise":"CCMP", "ieee8021x":"1",

	26 "eap_server" : "1",

	27 "ca_cert" : "/tmp/hostapd_ca_cert",

	28 "server_cert" : "/tmp/hostapd_server_cert",

	29 "private_key" : "/tmp/hostapd_private_key",

	30 "eap_user_file" : "/tmp/hostapd_eap_user_file"} ],

	31 [ "install_files", { "system" : "client",

	32 "files" :

	33 { "/tmp/pkg-client-cert.pem" :

	34 site_eap_certs.client_cert_1,

	35 "/tmp/pkg-client-key.pem" :

	36 site_eap_certs.client_private_key_1,

	37 "/tmp/pkg-client-cert-other.pem" :

	38 site_eap_certs.client_cert_2,

	39 "/tmp/pkg-client-key-other.pem" :

	40 site_eap_certs.client_private_key_2,

	41 "/tmp/ca-cert.pem" :

	42 site_eap_certs.ca_cert_1,

	43 "/tmp/ca-cert-other.pem" :

	44 site_eap_certs.ca_cert_2} } ],

	45 [ "connect", { "security":"802_1x",
	Paul Stewart 2011/03/03 23:18:42 It's fine to do this, but your life might be made It's fine to do this, but your life might be made easier if you didn't go the full 9 yards with EAP-TLS certificates for your WiFi setup. It would make the file more readable.
	46 "psk" : "EAP.Identity:chromeos"

	47 ":EAP.ClientCert:/tmp/pkg-client-cert.pem"

	48 ":EAP.PrivateKey:/tmp/pkg-client-key.pem"

	49 ":EAP.CACert:/tmp/ca-cert.pem"} ],

	50

	51 ### Create Client & Server VPN configurations.

	52 ###

	53 ### o Install certficiates files on Server, and Client.

	54 ### o Create VPN configuration on the Server.

	55

	56 [ "install_files", { "system" : "server",

	57 "files" :

	58 { "/tmp/vpn-ca.crt":

	59 site_eap_certs.ca_cert_1,

	60 "/tmp/vpn-server.crt":

	61 site_eap_certs.server_cert_1,

	62 "/tmp/vpn-server.key":

	63 site_eap_certs.server_private_key_1,

	64 "/tmp/vpn-dh1024.pem":

	65 site_eap_certs.dh1024_pem_key_1

	66 }}],

	67 [ "install_files", { "system" : "client",

	68 "files" :

	69 { "/tmp/ca.crt":

	70 site_eap_certs.ca_cert_1,

	71 "/tmp/client.crt":

	72 site_eap_certs.client_cert_1,

	73 "/tmp/client.key":

	74 site_eap_certs.client_private_key_1

	75 }}],

	76 [ "vpn_create_server_config", { "port":"1194",

	77 "proto":"tcp",

	78 "proto":"udp",

	79 "dev":"tap",

	80 "dev":"tun",

	81 "ca":"/tmp/vpn-ca.crt",

	82 "cert":"/tmp/vpn-server.crt",

	83 "key":"/tmp/vpn-server.key",

	84 "dh":"/tmp/vpn-dh1024.pem",

	85 "server":"10.8.0.0 255.255.255.0",

	86 "ifconfig-pool-persist":"ipp.txt",

	87 "keepalive":"10 120",

	88 "comp-lzo":"",

	89 "persist-key":"",

	90 "persist-tun":"",

	91 "status":"openvpn-status.log",

	92 "verb":"5"

	93 }],

	94

	95 ### Launch the VPN Server & Client.

	96 [ "vpn_launch_server" ],

	97 [ "vpn_launch_client" ],

	98

	99 ### Verify the client is connected to the server

	100 [ "client_ping", { "ping_ip":"10.8.0.1",

	101 "count":"10" } ],

	102

	103 [ "vpn_kill_server" ], # Shut down the VPN Server.

	104 [ "vpn_kill_client" ], # Shut down the VPN Client.

	105 [ "disconnect" ], # Disconnect WiFi setup

	106 ],

	107 }

OLD	NEW

« server/site_linux_server.py ('K') | « server/site_linux_server.py ('k') | server/site_tests/network_VPN/control » ('j') | server/site_wifitest.py » ('J')