blob: 4dd2466819b74c8a40115b092500f6750c376c0d [file] [log] [blame] [edit]
# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
AUTHOR = 'wiley, pstew, quiche'
NAME = 'network_WiFi_SimpleConnect.wifi_check1x_WPA'
TIME = 'SHORT'
TEST_TYPE = 'Server'
ATTRIBUTES = ('suite:wifi_matfunc, suite:wifi_matfunc_bcm4371, '
'suite:wifi_release, subsystem:wifi')
DEPENDENCIES = 'wificell'
DOC = """
This test attempts to verify that we can connect to a router while using
vanilla 802.1x authentication to set up a WPA pipe.
"""
from autotest_lib.client.common_lib.cros import site_eap_certs
from autotest_lib.client.common_lib.cros.network import xmlrpc_datatypes
from autotest_lib.client.common_lib.cros.network import xmlrpc_security_types
from autotest_lib.server.cros.network import hostap_config
def get_configurations():
configurations = []
# Make sure we can connect when everything is set up correctly.
eap_config = xmlrpc_security_types.WPAEAPConfig(
server_ca_cert=site_eap_certs.ca_cert_1,
server_cert=site_eap_certs.server_cert_1,
server_key=site_eap_certs.server_private_key_1,
client_ca_cert=site_eap_certs.ca_cert_1,
client_cert=site_eap_certs.client_cert_1,
client_key=site_eap_certs.client_private_key_1)
ap_config = hostap_config.HostapConfig(
frequency=2412,
mode=hostap_config.HostapConfig.MODE_11G,
security_config=eap_config)
assoc_params = xmlrpc_datatypes.AssociationParameters(
security_config=eap_config)
configurations.append((ap_config, assoc_params))
# But if we have no CA cert to check the router against, we fail to connect.
eap_config = xmlrpc_security_types.WPAEAPConfig(
server_ca_cert=site_eap_certs.ca_cert_1,
server_cert=site_eap_certs.server_cert_1,
server_key=site_eap_certs.server_private_key_1,
client_ca_cert=None,
client_cert=site_eap_certs.client_cert_1,
client_key=site_eap_certs.client_private_key_1)
ap_config = hostap_config.HostapConfig(
frequency=2412,
mode=hostap_config.HostapConfig.MODE_11G,
security_config=eap_config)
assoc_params = xmlrpc_datatypes.AssociationParameters(
security_config=eap_config,
expect_failure=True)
configurations.append((ap_config, assoc_params))
# And if we have a CA cert, but it doesn't match, that should fail.
eap_config = xmlrpc_security_types.WPAEAPConfig(
server_ca_cert=site_eap_certs.ca_cert_1,
server_cert=site_eap_certs.server_cert_1,
server_key=site_eap_certs.server_private_key_1,
client_ca_cert=site_eap_certs.ca_cert_2,
client_cert=site_eap_certs.client_cert_1,
client_key=site_eap_certs.client_private_key_1)
ap_config = hostap_config.HostapConfig(
frequency=2412,
mode=hostap_config.HostapConfig.MODE_11G,
security_config=eap_config)
assoc_params = xmlrpc_datatypes.AssociationParameters(
security_config=eap_config,
expect_failure=True)
configurations.append((ap_config, assoc_params))
# But if we specify that we have no CA certs, then again, we connect.
eap_config = xmlrpc_security_types.WPAEAPConfig(
server_ca_cert=site_eap_certs.ca_cert_1,
server_cert=site_eap_certs.server_cert_1,
server_key=site_eap_certs.server_private_key_1,
client_ca_cert=None,
client_cert=site_eap_certs.client_cert_1,
client_key=site_eap_certs.client_private_key_1,
use_system_cas=False)
ap_config = hostap_config.HostapConfig(
frequency=2412,
mode=hostap_config.HostapConfig.MODE_11G,
security_config=eap_config)
assoc_params = xmlrpc_datatypes.AssociationParameters(
security_config=eap_config)
configurations.append((ap_config, assoc_params))
# The server will reject us if we use the wrong certificate chain.
eap_config = xmlrpc_security_types.WPAEAPConfig(
server_ca_cert=site_eap_certs.ca_cert_1,
server_cert=site_eap_certs.server_cert_1,
server_key=site_eap_certs.server_private_key_1,
client_ca_cert=site_eap_certs.ca_cert_1,
client_cert=site_eap_certs.client_cert_2,
client_key=site_eap_certs.client_private_key_2)
ap_config = hostap_config.HostapConfig(
frequency=2412,
mode=hostap_config.HostapConfig.MODE_11G,
security_config=eap_config)
assoc_params = xmlrpc_datatypes.AssociationParameters(
security_config=eap_config,
expect_failure=True)
configurations.append((ap_config, assoc_params))
# We will reject the server if its certificate is expired.
eap_config = xmlrpc_security_types.WPAEAPConfig(
server_ca_cert=site_eap_certs.ca_cert_1,
server_cert=site_eap_certs.server_expired_cert,
server_key=site_eap_certs.server_expired_key,
client_ca_cert=site_eap_certs.ca_cert_1,
client_cert=site_eap_certs.client_cert_1,
client_key=site_eap_certs.client_private_key_1)
ap_config = hostap_config.HostapConfig(
frequency=2412,
mode=hostap_config.HostapConfig.MODE_11G,
security_config=eap_config)
assoc_params = xmlrpc_datatypes.AssociationParameters(
security_config=eap_config,
expect_failure=True)
configurations.append((ap_config, assoc_params))
return configurations
def run(machine):
host = hosts.create_host(machine)
job.run_test('network_WiFi_SimpleConnect',
tag=NAME.split('.')[1],
host=host,
raw_cmdline_args=args,
additional_params=get_configurations())
parallel_simple(run, machines)