From 1535031f975f60c5181db04d080988d1c8abb7d2 Mon Sep 17 00:00:00 2001 From: Dan Williams Date: Tue, 10 Mar 2009 18:24:32 -0400 Subject: [PATCH] ifcfg-rh: add testcases for wired PEAP/MSCHAPV2 connections --- .../tests/network-scripts/Makefile.am | 6 +- .../ifcfg-test-wired-8021x-peap-mschapv2 | 15 ++ .../keys-test-wired-8021x-peap-mschapv2 | 2 + .../network-scripts/test1_key_and_cert.pem | 118 +++++++++++ .../tests/network-scripts/test_ca_cert.pem | 27 +++ .../plugins/ifcfg-rh/tests/test-ifcfg-rh.c | 191 +++++++++++++++++- 6 files changed, 357 insertions(+), 2 deletions(-) create mode 100644 system-settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-wired-8021x-peap-mschapv2 create mode 100644 system-settings/plugins/ifcfg-rh/tests/network-scripts/keys-test-wired-8021x-peap-mschapv2 create mode 100644 system-settings/plugins/ifcfg-rh/tests/network-scripts/test1_key_and_cert.pem create mode 100644 system-settings/plugins/ifcfg-rh/tests/network-scripts/test_ca_cert.pem diff --git a/system-settings/plugins/ifcfg-rh/tests/network-scripts/Makefile.am b/system-settings/plugins/ifcfg-rh/tests/network-scripts/Makefile.am index d1d8f56859..d1e4531d1a 100644 --- a/system-settings/plugins/ifcfg-rh/tests/network-scripts/Makefile.am +++ b/system-settings/plugins/ifcfg-rh/tests/network-scripts/Makefile.am @@ -7,6 +7,8 @@ EXTRA_DIST = \ network-test-wired-global-gateway \ ifcfg-test-wired-never-default \ network-test-wired-never-default \ + ifcfg-test-wired-8021x-peap-mschapv2 \ + keys-test-wired-8021x-peap-mschapv2 \ ifcfg-test-onboot-no \ ifcfg-test-wifi-open \ ifcfg-test-wifi-wep \ @@ -18,7 +20,9 @@ EXTRA_DIST = \ ifcfg-test-wifi-wpa-psk-adhoc \ keys-test-wifi-wpa-psk-adhoc \ ifcfg-test-wifi-wpa-psk-hex \ - keys-test-wifi-wpa-psk-hex + keys-test-wifi-wpa-psk-hex \ + test_ca_cert.pem \ + test1_key_and_cert.pem check-local: @for f in $(EXTRA_DIST); do \ diff --git a/system-settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-wired-8021x-peap-mschapv2 b/system-settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-wired-8021x-peap-mschapv2 new file mode 100644 index 0000000000..6d68eca13d --- /dev/null +++ b/system-settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-wired-8021x-peap-mschapv2 @@ -0,0 +1,15 @@ +# Intel Corporation 82540EP Gigabit Ethernet Controller (Mobile) +TYPE=Ethernet +DEVICE=eth0 +HWADDR=00:11:22:33:44:ee +BOOTPROTO=dhcp +ONBOOT=yes +NM_CONTROLLED=yes +KEY_MGMT=IEEE8021X +IEEE_8021X_EAP_METHODS=PEAP +IEEE_8021X_IDENTITY="David Smith" +IEEE_8021X_CA_CERT=test_ca_cert.pem +IEEE_8021X_PEAP_VERSION=1 +IEEE_8021X_PEAP_FORCE_NEW_LABEL=yes +IEEE_8021X_INNER_AUTH_METHODS=MSCHAPV2 + diff --git a/system-settings/plugins/ifcfg-rh/tests/network-scripts/keys-test-wired-8021x-peap-mschapv2 b/system-settings/plugins/ifcfg-rh/tests/network-scripts/keys-test-wired-8021x-peap-mschapv2 new file mode 100644 index 0000000000..6936f2e063 --- /dev/null +++ b/system-settings/plugins/ifcfg-rh/tests/network-scripts/keys-test-wired-8021x-peap-mschapv2 @@ -0,0 +1,2 @@ +IEEE_8021X_PASSWORD="foobar baz" + diff --git a/system-settings/plugins/ifcfg-rh/tests/network-scripts/test1_key_and_cert.pem b/system-settings/plugins/ifcfg-rh/tests/network-scripts/test1_key_and_cert.pem new file mode 100644 index 0000000000..dec9aa1b8f --- /dev/null +++ b/system-settings/plugins/ifcfg-rh/tests/network-scripts/test1_key_and_cert.pem @@ -0,0 +1,118 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,4DE0615F23D82107 + +QPNCO5Dobvz9dDhN32KkZRoEifW+HDm2PCbRQhKDiscGwB6LgypvVjHNsZiFKwzz +L4R51UqgQeJx7GSGJqE626e9z9J+UNBhop02aOO2X0eSPdvBzr/uJ6Umiyr1xqD7 +zWf7u9l5kXElDJRhK+87GMBewp4Ie9NeXDjhF8hzC5Kiulen4AH3AYnfH3S7DimU +h8GFMg8inrudrTbcjBhCdPeHG2jCygOxw3InRFz7uaN6LIhOaPQvmvpP4Cc1WRnW +ZPq9o+eU3fPWPD5t+Op/VzYLvKwgBy/yK1rQXUm6ZMO7MhhRJ94ZCsJv+nVWpJlv +QyBlxDKxwfkfYbDELdnnDQdHdMbKatLqa0KhSkgpp8LywBtanPz731tyT0r7b3na +eLdra59lRU7ZQLPEdS3lPZd2O/KQvWf8wbg7MjXS9LxQ7R5HOPu6DNJlwXVZBmmo +cAfu2q8ubU2IePvWLD1GOrBi6hE9TiGvFJkw+wBK+t72sz3njv9Xm/zlxruaEk5m +RW/kybU3FP4PtjriBbskz3/VZaaxuRN7OoOYTkmyHmG1ADgcRUV6fea19qqsBlN8 +xb+SRtoH28oT/JVWU5neE2dbNzk5LeVO+w70NNdR5s5xqkBhbGGaJxvXwNP4ltFr +T06SMh8znOLKwWB00aRtwfU7jOwR3mOleQO4ugIHmau3zp1TqzAHW8XtpuV7qVeI +ESZOZuf0vW43BtNzgLXt1+r+bmsMsRwhnyomL9M0TUyyBdVYY9GkzTG9pOESheRo +RSvAZ8qKGUliTpgBcbt2v1+NqkszcHa6FxuvS8YU4uo5/GqsgTxHTNIB232hIrrZ +EIm6QL9TC5oFXMjy6UNqoCm5Nb8DBJ6aErt7pt7aoktqUW3O3QIzQT3IbZ4nAcTt +lVF4d7j29I9t7bcC8GOVU1neilguZUss4ghJg9x4zI5UZdR7hZ8fbFT47TyxB+j5 +r0YdmjbjVTaSyaN2JGh1wvb4TzawGNVx/U2EJE16HigOtPfsfQRJ3x+FROKBdVa4 +aIFYXkRBeIPxX6n9pcw0lBCsnXo6/5iTjQSk2VqO3rHO/wyWiEjNczhL33dY2A8W +GG5ECMO5SqXZHQQzpABqK94dxe3UC8aEESO5NhEqDuV7qQGol0qPKrUA3wb0jb2e +DrejJ9HS2m1SUDmjpvvmEGy6GN7CRibbKt5rNZdJNNvWArOF5d0F6wkixQLl73oE +lq5gLQQk9n7ClleKLhlQpBCorxilBbzmSUekkJLi0eaZiBBFWBX9udqnUZloXTgO +8qwuO8K/GPR9Jy1/UH2Vh1H+wivaqKTVgEb0NotzgzECgTEFKJafl7rUNs1OZRZ3 +VBjevi6+iDpxVFgF71kXfdUC4ph0E1XDl0ja2rrKQGivMkUhWJ57+4EV5+hBkAnt +G0RV45NwHXLrK2bd8F9PlRk2XHW6mIcFRXsW1DjeBhk/sQjvlO9R01GRSgcXtekJ +tmX17FWrMrzXHpvy1IC3fk4RVnSjpzQ8O+17YE8/la9wVaeZZzHyYFmMT7VXjIhW +QozJQ0vJ2jxJRh5GYn3tpJzdaeRfvTBik0pChNdUTnWP+BJ35xoCTs8iwJbmgVZ1 +-----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: md5WithRSAEncryption + Issuer: C=US, ST=Berkshire, L=Newbury, O=My Company Ltd, OU=Testing, CN=test/emailAddress=test@test.com + Validity + Not Before: Mar 10 15:13:16 2009 GMT + Not After : Mar 8 15:13:16 2019 GMT + Subject: C=US, ST=Berkshire, O=My Company Ltd, OU=Testing, CN=test1/emailAddress=test@test.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:cd:34:b1:2e:b0:04:c6:f4:2b:a2:c0:a0:39:7a: + 82:ed:96:c4:f7:19:83:91:5c:b4:e7:9c:de:ec:48: + ec:2d:e4:51:08:26:42:ac:d3:98:26:7a:72:f7:49: + c2:9e:66:05:c6:47:29:fe:3b:ac:6b:af:6f:5e:a8: + 03:5a:73:33:ba:19:03:00:35:f5:00:bc:a8:be:14: + ce:46:69:e3:6d:ed:34:37:85:55:87:62:b3:b7:c9: + c0:cc:9a:aa:61:05:5b:cd:a2:17:42:d3:e5:6f:1c: + 60:8d:c2:15:41:46:f8:12:54:d0:38:57:e1:fd:8d: + 44:c8:fb:56:b3:b9:6c:e9:f8:9e:21:11:57:1b:8b: + f9:cf:e3:17:e7:d8:fd:ac:d1:01:c6:92:30:f3:2d: + c9:d6:c1:f0:3d:fd:ca:30:dd:75:74:e7:d1:6b:75: + d8:c5:4d:43:61:fe:f6:ad:7e:4c:63:7c:03:17:a2: + 06:8f:d0:8b:69:d3:7a:07:0f:0b:a2:cf:0c:70:38: + ba:cc:55:35:60:84:58:d8:d2:be:1f:ef:76:a9:ba: + ae:6a:dc:08:97:80:de:42:00:b7:d4:ce:9a:b0:36: + 2a:c7:6f:45:04:7c:ea:41:19:d8:b9:19:04:1f:11: + a9:22:80:bd:69:08:15:0d:3c:de:cd:7e:88:6c:0f: + a3:43 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + CE:03:7E:EF:E7:DE:C9:87:BF:DE:56:F4:C8:A3:40:F6:C8:6F:05:8C + X509v3 Authority Key Identifier: + keyid:B8:35:37:32:BE:CF:4F:79:F5:7B:74:B2:F2:10:5A:BA:80:C5:6A:10 + DirName:/C=US/ST=Berkshire/L=Newbury/O=My Company Ltd/OU=Testing/CN=test/emailAddress=test@test.com + serial:EB:E7:64:FB:79:F7:22:19 + + Signature Algorithm: md5WithRSAEncryption + 7a:20:93:63:40:73:7d:33:01:2e:c0:13:52:a4:a7:e1:4d:82: + f4:fb:b2:7b:d0:2b:5a:3f:0e:3c:28:61:71:ab:01:4d:fe:89: + b5:cd:2f:97:59:93:53:9d:51:86:48:dd:b9:e4:73:5e:22:0b: + 12:0d:25:39:76:16:44:06:0c:40:45:21:6b:a6:b1:e0:bf:76: + 1b:36:f3:1e:41:82:57:d9:59:b7:60:40:43:1c:1d:79:f6:48: + 32:5c:4e:e2:06:89:96:41:d2:54:1f:4a:6f:f6:78:a5:3c:02: + 85:21:e2:65:e1:8a:6d:24:19:95:f8:c0:35:ab:bd:ff:3d:f1: + fb:50:2d:30:1e:67:a6:7c:50:f9:d5:77:66:77:5a:14:0f:5c: + cd:21:09:9b:a3:92:57:19:dd:01:a4:18:c5:f9:70:e4:17:43: + 8d:b1:e6:61:e9:50:89:83:4f:ce:a4:57:68:58:40:70:ae:71: + 1c:47:66:d2:30:54:50:ea:3a:87:32:64:3b:18:42:fe:5a:19: + 07:64:f7:f1:b1:10:07:fd:a7:d2:a7:a8:05:79:5b:25:ba:69: + 7b:1a:3e:b1:3e:e4:17:17:01:ba:eb:54:ae:83:00:ed:66:62: + 8d:c0:3e:8a:b4:27:5f:e9:01:ce:20:c3:34:a9:28:c0:6f:c7: + 3b:65:fe:f9 +-----BEGIN CERTIFICATE----- +MIIEojCCA4qgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBizELMAkGA1UEBhMCVVMx +EjAQBgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMO +TXkgQ29tcGFueSBMdGQxEDAOBgNVBAsTB1Rlc3RpbmcxDTALBgNVBAMTBHRlc3Qx +HDAaBgkqhkiG9w0BCQEWDXRlc3RAdGVzdC5jb20wHhcNMDkwMzEwMTUxMzE2WhcN +MTkwMzA4MTUxMzE2WjB6MQswCQYDVQQGEwJVUzESMBAGA1UECBMJQmVya3NoaXJl +MRcwFQYDVQQKEw5NeSBDb21wYW55IEx0ZDEQMA4GA1UECxMHVGVzdGluZzEOMAwG +A1UEAxMFdGVzdDExHDAaBgkqhkiG9w0BCQEWDXRlc3RAdGVzdC5jb20wggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNNLEusATG9CuiwKA5eoLtlsT3GYOR +XLTnnN7sSOwt5FEIJkKs05gmenL3ScKeZgXGRyn+O6xrr29eqANaczO6GQMANfUA +vKi+FM5GaeNt7TQ3hVWHYrO3ycDMmqphBVvNohdC0+VvHGCNwhVBRvgSVNA4V+H9 +jUTI+1azuWzp+J4hEVcbi/nP4xfn2P2s0QHGkjDzLcnWwfA9/cow3XV059FrddjF +TUNh/vatfkxjfAMXogaP0Itp03oHDwuizwxwOLrMVTVghFjY0r4f73apuq5q3AiX +gN5CALfUzpqwNirHb0UEfOpBGdi5GQQfEakigL1pCBUNPN7NfohsD6NDAgMBAAGj +ggEfMIIBGzAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy +YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUzgN+7+feyYe/3lb0yKNA9shvBYww +gcAGA1UdIwSBuDCBtYAUuDU3Mr7PT3n1e3Sy8hBauoDFahChgZGkgY4wgYsxCzAJ +BgNVBAYTAlVTMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkx +FzAVBgNVBAoTDk15IENvbXBhbnkgTHRkMRAwDgYDVQQLEwdUZXN0aW5nMQ0wCwYD +VQQDEwR0ZXN0MRwwGgYJKoZIhvcNAQkBFg10ZXN0QHRlc3QuY29tggkA6+dk+3n3 +IhkwDQYJKoZIhvcNAQEEBQADggEBAHogk2NAc30zAS7AE1Kkp+FNgvT7snvQK1o/ +DjwoYXGrAU3+ibXNL5dZk1OdUYZI3bnkc14iCxINJTl2FkQGDEBFIWumseC/dhs2 +8x5BglfZWbdgQEMcHXn2SDJcTuIGiZZB0lQfSm/2eKU8AoUh4mXhim0kGZX4wDWr +vf898ftQLTAeZ6Z8UPnVd2Z3WhQPXM0hCZujklcZ3QGkGMX5cOQXQ42x5mHpUImD +T86kV2hYQHCucRxHZtIwVFDqOocyZDsYQv5aGQdk9/GxEAf9p9KnqAV5WyW6aXsa +PrE+5BcXAbrrVK6DAO1mYo3APoq0J1/pAc4gwzSpKMBvxztl/vk= +-----END CERTIFICATE----- diff --git a/system-settings/plugins/ifcfg-rh/tests/network-scripts/test_ca_cert.pem b/system-settings/plugins/ifcfg-rh/tests/network-scripts/test_ca_cert.pem new file mode 100644 index 0000000000..ef1be20d2b --- /dev/null +++ b/system-settings/plugins/ifcfg-rh/tests/network-scripts/test_ca_cert.pem @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEjzCCA3egAwIBAgIJAOvnZPt59yIZMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD +VQQGEwJVUzESMBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcw +FQYDVQQKEw5NeSBDb21wYW55IEx0ZDEQMA4GA1UECxMHVGVzdGluZzENMAsGA1UE +AxMEdGVzdDEcMBoGCSqGSIb3DQEJARYNdGVzdEB0ZXN0LmNvbTAeFw0wOTAzMTAx +NTEyMTRaFw0xOTAzMDgxNTEyMTRaMIGLMQswCQYDVQQGEwJVUzESMBAGA1UECBMJ +QmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5NeSBDb21wYW55 +IEx0ZDEQMA4GA1UECxMHVGVzdGluZzENMAsGA1UEAxMEdGVzdDEcMBoGCSqGSIb3 +DQEJARYNdGVzdEB0ZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAKot9j+/+CX1/gZLgJHIXCRgCItKLGnf7qGbgqB9T2ACBqR0jllKWwDKrcWU +xjXNIc+GF9Wnv+lX6G0Okn4Zt3/uRNobL+2b/yOF7M3Td3/9W873zdkQQX930YZc +Rr8uxdRPP5bxiCgtcw632y21sSEbG9mjccAUnV/0jdvfmMNj0i8gN6E0fMBiJ9S3 +FkxX/KFvt9JWE9CtoyL7ki7UIDq+6vj7Gd5N0B3dOa1y+rRHZzKlJPcSXQSEYUS4 +HmKDwiKSVahft8c4tDn7KPi0vex91hlgZVd3usL2E/Vq7o5D9FAZ5kZY0AdFXwdm +J4lO4Mj7ac7GE4vNERNcXVIX59sCAwEAAaOB8zCB8DAdBgNVHQ4EFgQUuDU3Mr7P +T3n1e3Sy8hBauoDFahAwgcAGA1UdIwSBuDCBtYAUuDU3Mr7PT3n1e3Sy8hBauoDF +ahChgZGkgY4wgYsxCzAJBgNVBAYTAlVTMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAO +BgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15IENvbXBhbnkgTHRkMRAwDgYDVQQL +EwdUZXN0aW5nMQ0wCwYDVQQDEwR0ZXN0MRwwGgYJKoZIhvcNAQkBFg10ZXN0QHRl +c3QuY29tggkA6+dk+3n3IhkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC +AQEAVRG4aALIvCXCiKfe7K+iJxjBVRDFPEf7JWA9LGgbFOn6pNvbxonrR+0BETdc +JV1ET4ct2xsE7QNFIkp9GKRC+6J32zCo8qtLCD5+v436r8TUG2/t2JRMkb9I2XVT +p7RJoot6M0Ltf8KNQUPYh756xmKZ4USfQUwc58MOSDGY8VWEXJOYij9Pf0e0c52t +qiCEjXH7uXiS8Pgq9TYm7AkWSOrglYhSa83x0f8mtT8Q15nBESIHZ6o8FAS2bBgn +B0BkrKRjtBUkuJG3vTox+bYINh2Gxi1JZHWSV1tN5z3hd4VFcKqanW5OgQwToBqp +3nniskIjbH0xjgZf/nVMyLnjxg== +-----END CERTIFICATE----- diff --git a/system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c b/system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c index 277ea6a707..04906e5224 100644 --- a/system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c +++ b/system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c @@ -35,6 +35,7 @@ #include #include #include +#include #include "nm-test-helpers.h" @@ -877,7 +878,7 @@ test_read_onboot_no (void) "onboot-no-verify", "failed to verify %s: %s", TEST_IFCFG_ONBOOT_NO, error->message); ASSERT (unmanaged == FALSE, - "onboot-no-verify", "failed to verify %s: unexpected unmanaged value", TEST_IFCFG_WIRED_DHCP); + "onboot-no-verify", "failed to verify %s: unexpected unmanaged value", TEST_IFCFG_ONBOOT_NO); /* ===== CONNECTION SETTING ===== */ @@ -897,6 +898,193 @@ test_read_onboot_no (void) g_object_unref (connection); } +#define TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2 TEST_DIR"/network-scripts/ifcfg-test-wired-8021x-peap-mschapv2" +#define TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2_CA_CERT TEST_DIR"/network-scripts/test_ca_cert.pem" + +static void +test_read_wired_8021x_peap_mschapv2 (void) +{ + NMConnection *connection; + NMSettingWired *s_wired; + NMSettingIP4Config *s_ip4; + NMSetting8021x *s_8021x; + NMSetting8021x *tmp_8021x; + gboolean unmanaged = FALSE; + char *keyfile = NULL; + gboolean ignore_error = FALSE; + GError *error = NULL; + const char *tmp; + const char *expected_identity = "David Smith"; + const char *expected_password = "foobar baz"; + gboolean success = FALSE; + const GByteArray *expected_ca_cert; + const GByteArray *read_ca_cert; + + connection = connection_from_file (TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NULL, + TYPE_ETHERNET, + &unmanaged, + &keyfile, + &error, + &ignore_error); + ASSERT (connection != NULL, + "wired-8021x-peap-mschapv2-read", "failed to read %s: %s", TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, error->message); + + ASSERT (nm_connection_verify (connection, &error), + "wired-8021x-peap-mschapv2-verify", "failed to verify %s: %s", TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, error->message); + + ASSERT (unmanaged == FALSE, + "wired-8021x-peap-mschapv2-verify", "failed to verify %s: unexpected unmanaged value", TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2); + + /* ===== WIRED SETTING ===== */ + + s_wired = NM_SETTING_WIRED (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRED)); + ASSERT (s_wired != NULL, + "wired-8021x-peap-mschapv2-verify-wired", "failed to verify %s: missing %s setting", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_WIRED_SETTING_NAME); + + /* ===== IPv4 SETTING ===== */ + + s_ip4 = NM_SETTING_IP4_CONFIG (nm_connection_get_setting (connection, NM_TYPE_SETTING_IP4_CONFIG)); + ASSERT (s_ip4 != NULL, + "wired-8021x-peap-mschapv2-verify-ip4", "failed to verify %s: missing %s setting", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_IP4_CONFIG_SETTING_NAME); + + /* Method */ + tmp = nm_setting_ip4_config_get_method (s_ip4); + ASSERT (strcmp (tmp, NM_SETTING_IP4_CONFIG_METHOD_AUTO) == 0, + "wired-8021x-peap-mschapv2-verify-ip4", "failed to verify %s: unexpected %s / %s key value", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_IP4_CONFIG_SETTING_NAME, + NM_SETTING_IP4_CONFIG_METHOD); + + /* ===== 802.1x SETTING ===== */ + s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X)); + ASSERT (s_8021x != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: missing %s setting", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME); + + /* EAP methods */ + ASSERT (nm_setting_802_1x_get_num_eap_methods (s_8021x) == 1, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: unexpected %s / %s key value", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_EAP); + tmp = nm_setting_802_1x_get_eap_method (s_8021x, 0); + ASSERT (tmp != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: missing %s / %s eap method", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_EAP); + ASSERT (strcmp (tmp, "peap") == 0, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: unexpected %s / %s key value", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_EAP); + + /* Identity */ + tmp = nm_setting_802_1x_get_identity (s_8021x); + ASSERT (tmp != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: missing %s / %s key", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_IDENTITY); + ASSERT (strcmp (tmp, expected_identity) == 0, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: unexpected %s / %s key value", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_IDENTITY); + + /* Password */ + tmp = nm_setting_802_1x_get_password (s_8021x); + ASSERT (tmp != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: missing %s / %s key", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_PASSWORD); + ASSERT (strcmp (tmp, expected_password) == 0, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: unexpected %s / %s key value", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_PASSWORD); + + /* PEAP version */ + tmp = nm_setting_802_1x_get_phase1_peapver (s_8021x); + ASSERT (tmp != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: missing %s / %s key", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_PHASE1_PEAPVER); + ASSERT (strcmp (tmp, "1") == 0, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: unexpected %s / %s key value", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_PHASE1_PEAPVER); + + /* PEAP Label */ + tmp = nm_setting_802_1x_get_phase1_peaplabel (s_8021x); + ASSERT (tmp != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: missing %s / %s key", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_PHASE1_PEAPLABEL); + ASSERT (strcmp (tmp, "1") == 0, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: unexpected %s / %s key value", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_PHASE1_PEAPLABEL); + + /* CA Cert */ + tmp_8021x = (NMSetting8021x *) nm_setting_802_1x_new (); + ASSERT (tmp_8021x != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: could not create temp 802.1x setting", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_CA_CERT); + + success = nm_setting_802_1x_set_ca_cert_from_file (tmp_8021x, + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2_CA_CERT, + NULL, + &error); + ASSERT (success == TRUE, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: could not load CA certificate", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_CA_CERT); + expected_ca_cert = nm_setting_802_1x_get_ca_cert (tmp_8021x); + ASSERT (expected_ca_cert != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: failed to get CA certificate", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_CA_CERT); + + read_ca_cert = nm_setting_802_1x_get_ca_cert (s_8021x); + ASSERT (read_ca_cert != NULL, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: missing %s / %s key", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_CA_CERT); + + ASSERT (read_ca_cert->len == expected_ca_cert->len, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: unexpected %s / %s certificate length", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_CA_CERT); + + ASSERT (memcmp (read_ca_cert->data, expected_ca_cert->data, read_ca_cert->len) == 0, + "wired-8021x-peap-mschapv2-verify-8021x", "failed to verify %s: %s / %s key certificate mismatch", + TEST_IFCFG_WIRED_8021x_PEAP_MSCHAPV2, + NM_SETTING_802_1X_SETTING_NAME, + NM_SETTING_802_1X_CA_CERT); + + g_object_unref (tmp_8021x); + + g_object_unref (connection); +} + #define TEST_IFCFG_WIFI_OPEN TEST_DIR"/network-scripts/ifcfg-test-wifi-open" static void @@ -2249,6 +2437,7 @@ int main (int argc, char **argv) test_read_wired_global_gateway (); test_read_wired_never_default (); test_read_onboot_no (); + test_read_wired_8021x_peap_mschapv2 (); test_read_wifi_unencrypted (); test_read_wifi_wep (); test_read_wifi_wep_adhoc ();