| # Copyright (c) 2013 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| AUTHOR = 'wiley, pstew, quiche' |
| NAME = 'network_WiFi_SimpleConnect.wifi_check1x_WPA' |
| TIME = 'SHORT' |
| TEST_TYPE = 'Server' |
| ATTRIBUTES = ('suite:wifi_matfunc, suite:wifi_matfunc_bcm4371, ' |
| 'suite:wifi_release, subsystem:wifi') |
| DEPENDENCIES = 'wificell' |
| |
| DOC = """ |
| This test attempts to verify that we can connect to a router while using |
| vanilla 802.1x authentication to set up a WPA pipe. |
| """ |
| |
| |
| from autotest_lib.client.common_lib.cros import site_eap_certs |
| from autotest_lib.client.common_lib.cros.network import xmlrpc_datatypes |
| from autotest_lib.client.common_lib.cros.network import xmlrpc_security_types |
| from autotest_lib.server.cros.network import hostap_config |
| |
| |
| def get_configurations(): |
| configurations = [] |
| # Make sure we can connect when everything is set up correctly. |
| eap_config = xmlrpc_security_types.WPAEAPConfig( |
| server_ca_cert=site_eap_certs.ca_cert_1, |
| server_cert=site_eap_certs.server_cert_1, |
| server_key=site_eap_certs.server_private_key_1, |
| client_ca_cert=site_eap_certs.ca_cert_1, |
| client_cert=site_eap_certs.client_cert_1, |
| client_key=site_eap_certs.client_private_key_1) |
| ap_config = hostap_config.HostapConfig( |
| frequency=2412, |
| mode=hostap_config.HostapConfig.MODE_11G, |
| security_config=eap_config) |
| assoc_params = xmlrpc_datatypes.AssociationParameters( |
| security_config=eap_config) |
| configurations.append((ap_config, assoc_params)) |
| # But if we have no CA cert to check the router against, we fail to connect. |
| eap_config = xmlrpc_security_types.WPAEAPConfig( |
| server_ca_cert=site_eap_certs.ca_cert_1, |
| server_cert=site_eap_certs.server_cert_1, |
| server_key=site_eap_certs.server_private_key_1, |
| client_ca_cert=None, |
| client_cert=site_eap_certs.client_cert_1, |
| client_key=site_eap_certs.client_private_key_1) |
| ap_config = hostap_config.HostapConfig( |
| frequency=2412, |
| mode=hostap_config.HostapConfig.MODE_11G, |
| security_config=eap_config) |
| assoc_params = xmlrpc_datatypes.AssociationParameters( |
| security_config=eap_config, |
| expect_failure=True) |
| configurations.append((ap_config, assoc_params)) |
| # And if we have a CA cert, but it doesn't match, that should fail. |
| eap_config = xmlrpc_security_types.WPAEAPConfig( |
| server_ca_cert=site_eap_certs.ca_cert_1, |
| server_cert=site_eap_certs.server_cert_1, |
| server_key=site_eap_certs.server_private_key_1, |
| client_ca_cert=site_eap_certs.ca_cert_2, |
| client_cert=site_eap_certs.client_cert_1, |
| client_key=site_eap_certs.client_private_key_1) |
| ap_config = hostap_config.HostapConfig( |
| frequency=2412, |
| mode=hostap_config.HostapConfig.MODE_11G, |
| security_config=eap_config) |
| assoc_params = xmlrpc_datatypes.AssociationParameters( |
| security_config=eap_config, |
| expect_failure=True) |
| configurations.append((ap_config, assoc_params)) |
| # But if we specify that we have no CA certs, then again, we connect. |
| eap_config = xmlrpc_security_types.WPAEAPConfig( |
| server_ca_cert=site_eap_certs.ca_cert_1, |
| server_cert=site_eap_certs.server_cert_1, |
| server_key=site_eap_certs.server_private_key_1, |
| client_ca_cert=None, |
| client_cert=site_eap_certs.client_cert_1, |
| client_key=site_eap_certs.client_private_key_1, |
| use_system_cas=False) |
| ap_config = hostap_config.HostapConfig( |
| frequency=2412, |
| mode=hostap_config.HostapConfig.MODE_11G, |
| security_config=eap_config) |
| assoc_params = xmlrpc_datatypes.AssociationParameters( |
| security_config=eap_config) |
| configurations.append((ap_config, assoc_params)) |
| # The server will reject us if we use the wrong certificate chain. |
| eap_config = xmlrpc_security_types.WPAEAPConfig( |
| server_ca_cert=site_eap_certs.ca_cert_1, |
| server_cert=site_eap_certs.server_cert_1, |
| server_key=site_eap_certs.server_private_key_1, |
| client_ca_cert=site_eap_certs.ca_cert_1, |
| client_cert=site_eap_certs.client_cert_2, |
| client_key=site_eap_certs.client_private_key_2) |
| ap_config = hostap_config.HostapConfig( |
| frequency=2412, |
| mode=hostap_config.HostapConfig.MODE_11G, |
| security_config=eap_config) |
| assoc_params = xmlrpc_datatypes.AssociationParameters( |
| security_config=eap_config, |
| expect_failure=True) |
| configurations.append((ap_config, assoc_params)) |
| # We will reject the server if its certificate is expired. |
| eap_config = xmlrpc_security_types.WPAEAPConfig( |
| server_ca_cert=site_eap_certs.ca_cert_1, |
| server_cert=site_eap_certs.server_expired_cert, |
| server_key=site_eap_certs.server_expired_key, |
| client_ca_cert=site_eap_certs.ca_cert_1, |
| client_cert=site_eap_certs.client_cert_1, |
| client_key=site_eap_certs.client_private_key_1) |
| ap_config = hostap_config.HostapConfig( |
| frequency=2412, |
| mode=hostap_config.HostapConfig.MODE_11G, |
| security_config=eap_config) |
| assoc_params = xmlrpc_datatypes.AssociationParameters( |
| security_config=eap_config, |
| expect_failure=True) |
| configurations.append((ap_config, assoc_params)) |
| return configurations |
| |
| |
| def run(machine): |
| host = hosts.create_host(machine) |
| job.run_test('network_WiFi_SimpleConnect', |
| tag=NAME.split('.')[1], |
| host=host, |
| raw_cmdline_args=args, |
| additional_params=get_configurations()) |
| |
| |
| parallel_simple(run, machines) |