server/site_tests/network_VPN/000VPNGenesis - mirrors/cros/chromiumos/third_party/autotest - Git at Google

 # Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 #
 # An example of how to set up an OpenVPN VPN from the Client (DUT),
 # through the Router to to the Server.
 #

 { "name":"VPNGenesis",
   "steps":[
     #  Create WiFi connection from Client to Router.
     [ "create",         { "type":"hostap" } ],
     [ "config",         { "channel":"2412", "mode":"11b" } ],
     [ "connect",        { "security":"none" } ],

     # Create Client & Server VPN configurations.
     #
     #   o Install certficiates files on Server, and Client.
     #   o Create VPN configuration on the Server.

     [ "install_files",     { "system" : "server",
                              "files" :
                                  { "/tmp/vpn-ca.crt":
                                        site_eap_certs.ca_cert_1,
                                    "/tmp/vpn-server.crt":
                                        site_eap_certs.server_cert_1,
                                    "/tmp/vpn-server.key":
                                        site_eap_certs.server_private_key_1,
                                    "/tmp/vpn-dh1024.pem":
                                        site_eap_certs.dh1024_pem_key_1
                                    }}],
     [ "install_files",     { "system" : "client",
                              "files" :
                                  { "/tmp/vpn-ca.crt":
                                        site_eap_certs.ca_cert_1,
                                    "/tmp/vpn-client.crt":
                                        site_eap_certs.client_cert_1,
                                    "/tmp/vpn-client.key":
                                        site_eap_certs.client_private_key_1
                                    }}],

     # Configure and launch the VPN server.  Automatically kills any
     # previously running server.
     #
     # There are two vpn_server_config() uses to ensure that the
     # internal configuration is persistent across invocations.
     #
     [ "vpn_server_config", { "kind" : "openvpn",
                              "config" :
                                  { "port":"1194",
                                    "proto":"udp",
                                    "dev":"tun",
                                    "ca":"/tmp/vpn-ca.crt",
                                    "cert":"/tmp/vpn-server.crt",
                                    "key":"/tmp/vpn-server.key",
                                    "dh":"/tmp/vpn-dh1024.pem",
                                    "server":"10.8.0.0 255.255.255.0",
                                    "ifconfig-pool-persist":"/tmp/ipp.txt",
                                    "keepalive":"10 120",
                                    "persist-key":"",
                                    "persist-tun":"",
                                    "status":"/tmp/openvpn-status.log",
                                    "verb":"0"
                                    }
                              }],
     # Having two vpn_server_config invocations back-to-back results in
     # a failure with 'pkill' right after an rspro boot.  There seems
     # to be some significant latency when starting the first time, so
     # slow the system down a tad to avoid spurious errors.
     [ "sleep", { "time": "1" } ],
     [ "vpn_server_config", { "kind" : "openvpn",
                              "config" : { "comp-lzo":"" }
                              }],
     #  Launch the VPN Client.
     [ "vpn_client_load_tunnel" ],
     [ "vpn_client_config", { "kind":"openvpn",
                              "files":{
                                  "ca-certificate":"/tmp/vpn-ca.crt",
                                  "client-certificate":"/tmp/vpn-client.crt",
                                  "client-key":"/tmp/vpn-client.key" },
                              "remote-cert-tls":"none"
                             }],
     # Verify the client is connected to the server
     [ "client_ping",       { "ping_ip":"10.8.0.1",
                              "count":"10" } ],

     # Ensure the VPN also works with the client-side default of
     # '--remote-cert-tls server'.
     [ "vpn_client_config", { "kind":"openvpn",
                              "files":{
                                 "ca-certificate":"/tmp/vpn-ca.crt",
                                 "client-certificate":"/tmp/vpn-client.crt",
                                 "client-key":"/tmp/vpn-client.key" },
                             }],
     # Verify the client is connected to the server
     [ "client_ping",       { "ping_ip":"10.8.0.1",
                              "count":"10" } ],

     [ "vpn_server_kill" ],       # Shut down the VPN Server.
     [ "vpn_client_kill" ],       # Shut down the VPN Client.
     [ "disconnect" ],            # Disconnect WiFi setup
     ],
 }
	# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.
	#
	# An example of how to set up an OpenVPN VPN from the Client (DUT),
	# through the Router to to the Server.
	#

	{ "name":"VPNGenesis",
	"steps":[
	# Create WiFi connection from Client to Router.
	[ "create", { "type":"hostap" } ],
	[ "config", { "channel":"2412", "mode":"11b" } ],
	[ "connect", { "security":"none" } ],

	# Create Client & Server VPN configurations.
	#
	# o Install certficiates files on Server, and Client.
	# o Create VPN configuration on the Server.

	[ "install_files", { "system" : "server",
	"files" :
	{ "/tmp/vpn-ca.crt":
	site_eap_certs.ca_cert_1,
	"/tmp/vpn-server.crt":
	site_eap_certs.server_cert_1,
	"/tmp/vpn-server.key":
	site_eap_certs.server_private_key_1,
	"/tmp/vpn-dh1024.pem":
	site_eap_certs.dh1024_pem_key_1
	}}],
	[ "install_files", { "system" : "client",
	"files" :
	{ "/tmp/vpn-ca.crt":
	site_eap_certs.ca_cert_1,
	"/tmp/vpn-client.crt":
	site_eap_certs.client_cert_1,
	"/tmp/vpn-client.key":
	site_eap_certs.client_private_key_1
	}}],

	# Configure and launch the VPN server. Automatically kills any
	# previously running server.
	#
	# There are two vpn_server_config() uses to ensure that the
	# internal configuration is persistent across invocations.
	#
	[ "vpn_server_config", { "kind" : "openvpn",
	"config" :
	{ "port":"1194",
	"proto":"udp",
	"dev":"tun",
	"ca":"/tmp/vpn-ca.crt",
	"cert":"/tmp/vpn-server.crt",
	"key":"/tmp/vpn-server.key",
	"dh":"/tmp/vpn-dh1024.pem",
	"server":"10.8.0.0 255.255.255.0",
	"ifconfig-pool-persist":"/tmp/ipp.txt",
	"keepalive":"10 120",
	"persist-key":"",
	"persist-tun":"",
	"status":"/tmp/openvpn-status.log",
	"verb":"0"
	}
	}],
	# Having two vpn_server_config invocations back-to-back results in
	# a failure with 'pkill' right after an rspro boot. There seems
	# to be some significant latency when starting the first time, so
	# slow the system down a tad to avoid spurious errors.
	[ "sleep", { "time": "1" } ],
	[ "vpn_server_config", { "kind" : "openvpn",
	"config" : { "comp-lzo":"" }
	}],
	# Launch the VPN Client.
	[ "vpn_client_load_tunnel" ],
	[ "vpn_client_config", { "kind":"openvpn",
	"files":{
	"ca-certificate":"/tmp/vpn-ca.crt",
	"client-certificate":"/tmp/vpn-client.crt",
	"client-key":"/tmp/vpn-client.key" },
	"remote-cert-tls":"none"
	}],
	# Verify the client is connected to the server
	[ "client_ping", { "ping_ip":"10.8.0.1",
	"count":"10" } ],

	# Ensure the VPN also works with the client-side default of
	# '--remote-cert-tls server'.
	[ "vpn_client_config", { "kind":"openvpn",
	"files":{
	"ca-certificate":"/tmp/vpn-ca.crt",
	"client-certificate":"/tmp/vpn-client.crt",
	"client-key":"/tmp/vpn-client.key" },
	}],
	# Verify the client is connected to the server
	[ "client_ping", { "ping_ip":"10.8.0.1",
	"count":"10" } ],

	[ "vpn_server_kill" ], # Shut down the VPN Server.
	[ "vpn_client_kill" ], # Shut down the VPN Client.
	[ "disconnect" ], # Disconnect WiFi setup
	],
	}