Chromium Code Reviews Chromium Code Reviews
Issue 6609034:
VPN: Test to set up & validate a Client connection to the Server (Closed)
Base URL: ssh://git@gitrw.chromium.org:9222/autotest.git@master| Index: server/site_tests/network_VPN/000VPNGenesis |
| diff --git a/server/site_tests/network_VPN/000VPNGenesis b/server/site_tests/network_VPN/000VPNGenesis |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..85a48119b7003543aa2987110444c16a60ccdf39 |
| --- /dev/null |
| +++ b/server/site_tests/network_VPN/000VPNGenesis |
| @@ -0,0 +1,107 @@ |
| +# Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
| +# Use of this source code is governed by a BSD-style license that can be |
| +# found in the LICENSE file. |
| +# |
| +# An example of how to set up a VPN from the Client (DUT), through the |
| +# Router to to the Server. |
| +# |
| + |
| +{ "name":"VPNGenesis", |
| + "steps":[ |
| + ### Create WiFi connection from Client to Router. |
| + [ "create", { "type":"hostap" } ], |
| + [ "install_files", { "system" : "router", |
| + "files" : |
| + { "/tmp/hostapd_ca_cert" : |
| + site_eap_certs.ca_cert_1, |
| + "/tmp/hostapd_server_cert" : |
| + site_eap_certs.server_cert_1, |
| + "/tmp/hostapd_private_key" : |
| + site_eap_certs.server_private_key_1, |
| + "/tmp/hostapd_eap_user_file" : |
| + "* TLS"} } ], |
| + [ "config", { "channel":"2412", "mode":"11g", |
| + "wpa":"1", "wpa_key_mgmt":"WPA-EAP", |
| + "wpa_pairwise":"CCMP", "ieee8021x":"1", |
| + "eap_server" : "1", |
| + "ca_cert" : "/tmp/hostapd_ca_cert", |
| + "server_cert" : "/tmp/hostapd_server_cert", |
| + "private_key" : "/tmp/hostapd_private_key", |
| + "eap_user_file" : "/tmp/hostapd_eap_user_file"} ], |
| + [ "install_files", { "system" : "client", |
| + "files" : |
| + { "/tmp/pkg-client-cert.pem" : |
| + site_eap_certs.client_cert_1, |
| + "/tmp/pkg-client-key.pem" : |
| + site_eap_certs.client_private_key_1, |
| + "/tmp/pkg-client-cert-other.pem" : |
| + site_eap_certs.client_cert_2, |
| + "/tmp/pkg-client-key-other.pem" : |
| + site_eap_certs.client_private_key_2, |
| + "/tmp/ca-cert.pem" : |
| + site_eap_certs.ca_cert_1, |
| + "/tmp/ca-cert-other.pem" : |
| + site_eap_certs.ca_cert_2} } ], |
| + [ "connect", { "security":"802_1x", |
|
Paul Stewart
2011/03/03 23:18:42
It's fine to do this, but your life might be made
|
| + "psk" : "EAP.Identity:chromeos" |
| + ":EAP.ClientCert:/tmp/pkg-client-cert.pem" |
| + ":EAP.PrivateKey:/tmp/pkg-client-key.pem" |
| + ":EAP.CACert:/tmp/ca-cert.pem"} ], |
| + |
| + ### Create Client & Server VPN configurations. |
| + ### |
| + ### o Install certficiates files on Server, and Client. |
| + ### o Create VPN configuration on the Server. |
| + |
| + [ "install_files", { "system" : "server", |
| + "files" : |
| + { "/tmp/vpn-ca.crt": |
| + site_eap_certs.ca_cert_1, |
| + "/tmp/vpn-server.crt": |
| + site_eap_certs.server_cert_1, |
| + "/tmp/vpn-server.key": |
| + site_eap_certs.server_private_key_1, |
| + "/tmp/vpn-dh1024.pem": |
| + site_eap_certs.dh1024_pem_key_1 |
| + }}], |
| + [ "install_files", { "system" : "client", |
| + "files" : |
| + { "/tmp/ca.crt": |
| + site_eap_certs.ca_cert_1, |
| + "/tmp/client.crt": |
| + site_eap_certs.client_cert_1, |
| + "/tmp/client.key": |
| + site_eap_certs.client_private_key_1 |
| + }}], |
| + [ "vpn_create_server_config", { "port":"1194", |
| + "proto":"tcp", |
| + "proto":"udp", |
| + "dev":"tap", |
| + "dev":"tun", |
| + "ca":"/tmp/vpn-ca.crt", |
| + "cert":"/tmp/vpn-server.crt", |
| + "key":"/tmp/vpn-server.key", |
| + "dh":"/tmp/vpn-dh1024.pem", |
| + "server":"10.8.0.0 255.255.255.0", |
| + "ifconfig-pool-persist":"ipp.txt", |
| + "keepalive":"10 120", |
| + "comp-lzo":"", |
| + "persist-key":"", |
| + "persist-tun":"", |
| + "status":"openvpn-status.log", |
| + "verb":"5" |
| + }], |
| + |
| + ### Launch the VPN Server & Client. |
| + [ "vpn_launch_server" ], |
| + [ "vpn_launch_client" ], |
| + |
| + ### Verify the client is connected to the server |
| + [ "client_ping", { "ping_ip":"10.8.0.1", |
| + "count":"10" } ], |
| + |
| + [ "vpn_kill_server" ], # Shut down the VPN Server. |
| + [ "vpn_kill_client" ], # Shut down the VPN Client. |
| + [ "disconnect" ], # Disconnect WiFi setup |
| + ], |
| +} |
