VPN: Test to set up & validate a Client connection to the Server
Details
This changeset creates an autotest suite 'network_VPN' and a single
test which sets up and validates that a VPN connection can be
created from the Client (DUT) to the Server (rspro).
The steps of the test are described in '000VPNGenesis'.
The steps to manage the WiFi connection are copied from another
test.
Testing
I'm using 'cell 1' in the chromelab. The rspro router is running a
firmware with openvpn compiled in.
You must have the following 53d0a92e9b0b37daebc795cc1ea4684d1c0dffd8
from chromeos/master to have the necessary configuration changes to
the openwrt repository. You must then build the 'rspro' variant and
upgrade your router with the new firmware to be able to run this
test.
Executed the test with the following command in my chroot:
./bin/cros_run_wifi_tests.sh --cell 1 --lab chromelab VPN
This ultimately produces:
network_VPN PASS
network_VPN/network_VPN.000VPNGenesis PASS
client_ping_avg 2.580
client_ping_frequency 2412
client_ping_loss 0
client_ping_max 4.216
client_ping_min 2.167
client_ping_phymode 802.11g
client_ping_recv 10
client_ping_security 802_1x
client_ping_xmit 10
connect_acquire_s 4.527
connect_assoc_s 0.311
connect_config_s 0.395
connect_frequency 2412
connect_select_s 0.010
-------------------------------------------
Total PASS: 2/2 (100%)
Change-Id: I69e2e9a5680a8ae2db7e27e61ed96592ad460a55
VPN connectivity through the DUT to the server works
Change-Id: Ifaeff9a39668805a19778c6be3e22d96fdf995e8
This change adds 'Diffie-Hellman 1024' to the set of available certificates. This is part of the OpenVPN-on-rspro effort.
Change-Id: Ief3b7872ffd3f6ea554875864f681b22e5437554
BUG=12882
TEST=
Review URL: http://codereview.chromium.org/6609034
diff --git a/server/site_linux_server.py b/server/site_linux_server.py
new file mode 100644
index 0000000..7e4c1bc
--- /dev/null
+++ b/server/site_linux_server.py
@@ -0,0 +1,79 @@
+# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+import logging, re, time
+from autotest_lib.client.common_lib import error
+
+class LinuxServer(object):
+ """
+ Linux Server: A machine which hosts network services.
+
+ """
+
+ def __init__(self, server, params):
+ self.server = server # Server host.
+ self.vpn_kind = None
+ self.conf = {}
+
+ def vpn_server_config(self, params):
+ """ Configure & launch the server side of the VPN.
+
+ Parameters, in 'params':
+
+ kind : required
+
+ The kind of VPN which should be configured and
+ launched.
+
+ Valid values:
+
+ openvpn
+
+ config: required
+
+ The configuration information associated with
+ the VPN server.
+
+ This is a dict which contains key/value pairs
+ representing the VPN's configuration.
+
+ The values stored in the 'config' param must all be
+ supported by the specified VPN kind.
+ """
+ self.vpn_server_kill({}) # Must be first. Relies on self.vpn_kind.
+
+ self.vpn_kind = params.get('kind', None)
+
+ # Read configuration information & create server configuration file.
+ #
+ # As VPN kinds other than 'openvpn' are supported, and
+ # since 'self.conf' is cummulative, perhaps there should be
+ # a method which will clear 'self.conf'; different types of
+ # VPN will likely not have the same configuration
+ # parameters. This is only really needed if a test is
+ # written to switch between two differents kinds of VPN.
+ for k, v in params.get('config', {}).iteritems():
+ self.conf[k] = v
+ self.server.run("cat <<EOF >%s\n%s\nEOF\n" %
+ ('/tmp/vpn-server.conf', '\n'.join(
+ "%s %s" % kv for kv in self.conf.iteritems())))
+
+ # Launch specified VPN server.
+ if self.vpn_kind is None:
+ raise error.TestFail('No VPN kind specified for this test.');
+ elif self.vpn_kind == 'openvpn':
+ self.server.run("/usr/sbin/openvpn --config /tmp/vpn-server.conf &")
+ else:
+ raise error.TestFail('(internal error): No config case '
+ 'for VPN kind (%s)' % self.vpn_kind)
+
+ def vpn_server_kill(self, params):
+ """ Kill the VPN server. """
+ if self.vpn_kind is not None:
+ if self.vpn_kind == 'openvpn':
+ self.server.run("pkill /usr/sbin/openvpn")
+ else:
+ raise error.TestFail('(internal error): No kill case '
+ 'for VPN kind (%s)' % self.vpn_kind)
+ self.vpn_kind = None;