-
Notifications
You must be signed in to change notification settings - Fork 275
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
29 changed files
with
380 additions
and
125 deletions.
There are no files selected for viewing
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/00_enable_node_cleanup_task.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../common/enable_node_cleanup_task.yml |
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/02_restart_pfcron_service.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../common/restart_pfcron_service.yml |
179 changes: 88 additions & 91 deletions
179
...ired_dot1x_eap_tls_scep/00_create_pki.yml → ...ired_dot1x_eap_tls_scep/05_create_pki.yml
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/60_enable_dot1x_dot1x_int.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../switches/common/enable_dot1x_dot1x_int.yml |
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/65_enable_dynamic_vlan.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../switches/common/enable_dynamic_vlan.yml |
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/70_commit_config.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../switches/common/commit_config.yml |
16 changes: 16 additions & 0 deletions
16
t/venom/test_suites/wired_dot1x_eap_tls_scep/75_deploy_certificates_on_node01.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
name: Deploy certificates on node01 | ||
testcases: | ||
- name: deploy_certificates | ||
steps: | ||
- type: exec | ||
script: | | ||
/usr/bin/rsync -avz -e "ssh -o StrictHostKeyChecking=no" {{.wired_dot1x_eap_tls_scep.paths.per_client_directory}} \ | ||
{{.ssh_user}}@{{.node01_mgmt_ip}}:/home/vagrant/ | ||
- name: move_certificates | ||
steps: | ||
- type: ssh | ||
host: '{{.node01_mgmt_ip}}' | ||
user: '{{.ssh_user}}' | ||
command: | | ||
sudo cp -v /home/vagrant/{{.wired_dot1x_eap_tls_scep.certs.user.cn}}/* /etc/wpa_supplicant/eap_tls/ |
10 changes: 10 additions & 0 deletions
10
t/venom/test_suites/wired_dot1x_eap_tls_scep/80_run_wpasupplicant.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
name: Run wpasupplicant on node01 | ||
testcases: | ||
- name: run_wpasupplicant | ||
steps: | ||
- type: ssh | ||
host: '{{.node01_mgmt_ip}}' | ||
user: '{{.ssh_user}}' | ||
command: | | ||
cd /usr/local/pf/t/venom ; \ | ||
sudo /usr/local/pf/t/venom/venom-wrapper.sh {{.nodes_test_suite_dir}}/wired_dot1x_eap_tls/{{.venom.testcase}}.yml |
6 changes: 6 additions & 0 deletions
6
t/venom/test_suites/wired_dot1x_eap_tls_scep/90_sleep_some_time.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
name: Sleep some time | ||
testcases: | ||
- name: sleep_some_time | ||
steps: | ||
- type: exec | ||
script: sleep 20 |
103 changes: 103 additions & 0 deletions
103
t/venom/test_suites/wired_dot1x_eap_tls_scep/91_check_radius_audit_log.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
name: Check RADIUS audit log | ||
testcases: | ||
- name: get_login_token | ||
steps: | ||
- type: get_login_token | ||
|
||
- name: get_time | ||
steps: | ||
- type: exec | ||
script: "date '+%Y-%m-%d %H:%M:%S' --date='2 minutes ago'" | ||
vars: | ||
two_minutes_ago: | ||
from: result.systemout | ||
|
||
# only latest search entry since two minutes that matches | ||
# auth_status equals Accept (to avoid Disconnect) | ||
# mac equals {{.node01_ens7_mac_address}}" | ||
# connection type of test suite connection profile | ||
- name: get_id_of_radius_audit_log_entry | ||
steps: | ||
- type: http | ||
method: POST | ||
url: '{{.pfserver_webadmin_url}}/api/v1/radius_audit_logs/search' | ||
ignore_verify_ssl: true | ||
body: >- | ||
{ | ||
"cursor": 0, | ||
"fields": [ | ||
"id" | ||
], | ||
"sort": [ | ||
"created_at DESC" | ||
], | ||
"limit": 1, | ||
"query": { | ||
"op": "and", | ||
"values": [ | ||
{ | ||
"op": "or", | ||
"values": [ | ||
{ | ||
"field": "mac", | ||
"op": "equals", | ||
"value": "{{.node01_ens7_mac_address}}" | ||
} | ||
] | ||
}, | ||
{ | ||
"op": "or", | ||
"values": [ | ||
{ | ||
"field": "auth_status", | ||
"op": "equals", | ||
"value": "Accept" | ||
} | ||
] | ||
}, | ||
{ | ||
"op": "or", | ||
"values": [ | ||
{ | ||
"field": "connection_type", | ||
"op": "equals", | ||
"value": "{{.wired_dot1x_eap_tls_scep.profiles.wired.filters.connection_type}}" | ||
} | ||
] | ||
}, | ||
{ | ||
"op": "or", | ||
"values": [ | ||
{ | ||
"field": "created_at", | ||
"op": "greater_than", | ||
"value": "{{.get_time.two_minutes_ago}}" | ||
} | ||
] | ||
} | ||
] | ||
} | ||
} | ||
headers: | ||
"Authorization": "{{.get_login_token.json.result.token}}" | ||
"Content-Type": "application/json" | ||
assertions: | ||
- result.statuscode ShouldEqual 200 | ||
- result.bodyjson.items.items0 ShouldContainKey id | ||
vars: | ||
id: | ||
from: result.bodyjson.items.items0.id | ||
|
||
- name: check_radius_reply | ||
steps: | ||
- type: http | ||
method: GET | ||
url: '{{.pfserver_webadmin_url}}/api/v1/radius_audit_log/{{.get_id_of_radius_audit_log_entry.id}}' | ||
ignore_verify_ssl: true | ||
headers: | ||
"Authorization": "{{.get_login_token.json.result.token}}" | ||
"Content-Type": "application/json" | ||
assertions: | ||
- result.statuscode ShouldEqual 200 | ||
- result.bodyjson.item.radius_reply ShouldContainSubstring 'Tunnel-Private-Group-Id = "{{.wired_dot1x_eap_tls_scep.roles.dot1x_eap_tls.vlan_id}}"' | ||
- result.bodyjson.item.profile ShouldEqual "{{.wired_dot1x_eap_tls_scep.profiles.wired.id}}" |
46 changes: 46 additions & 0 deletions
46
t/venom/test_suites/wired_dot1x_eap_tls_scep/95_check_autoregister_node.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
name: Check autoregister node | ||
testcases: | ||
- name: get_login_token | ||
steps: | ||
- type: get_login_token | ||
|
||
- name: check_autoregister_node | ||
steps: | ||
- type: http | ||
method: GET | ||
url: '{{.pfserver_webadmin_url}}/api/v1/node/{{.node01_ens7_mac_address_url_encoded}}' | ||
ignore_verify_ssl: true | ||
headers: | ||
"Authorization": "{{.get_login_token.json.result.token}}" | ||
"Content-Type": "application/json" | ||
assertions: | ||
- result.statuscode ShouldEqual 200 | ||
- result.bodyjson.item.autoreg ShouldEqual yes | ||
- result.bodyjson.item.category ShouldEqual "{{.wired_dot1x_eap_tls_scep.roles.dot1x_eap_tls.id}}" | ||
- result.bodyjson.item.pid ShouldEqual "{{.wired_dot1x_eap_tls_scep.certs.user.cn}}" | ||
- result.bodyjson.item.status ShouldEqual reg | ||
vars: | ||
regdate: | ||
from: result.bodyjson.item.regdate | ||
unregdate: | ||
from: result.bodyjson.item.unregdate | ||
|
||
# temp, need a feature in Venom assertion available in 1.0.0 (ShouldHappenBetween) | ||
# convert 5m to 5minutes | ||
# In order to calculate unregdate based on regdate + 5minutes using date command (next testcase) | ||
# - name: convert_access_duration | ||
# steps: | ||
# - type: exec | ||
# script: | | ||
# perl -I/usr/local/pf/lib -I/usr/local/pf/lib_perl/lib/perl5 -Mpf::config::util \ | ||
# -e 'my @times = get_translatable_time("{{.wired_dot1x_eap_tls_scep.sources.eaptls.access_duration}}"); print("$times[2]$times[1]");' | ||
# vars: | ||
# translatable_time: | ||
# from: result.systemout | ||
|
||
# - name: check_unregdate_match_access_duration | ||
# steps: | ||
# - type: exec | ||
# script: "date '+%Y-%m-%d %H:%M:%S' --date='{{.check_autoregister_node.regdate}} {{.convert_access_duration.translatable_time}}'" | ||
# assertions: | ||
# - result.systemout ShouldEqual "{{.check_autoregister_node.unregdate}}" |
22 changes: 22 additions & 0 deletions
22
t/venom/test_suites/wired_dot1x_eap_tls_scep/98_check_dot1x_int_status.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
name: Check dot1x interface status on switch01 | ||
testcases: | ||
- name: check_dot1x_int_status_on_switch01 | ||
steps: | ||
- type: http | ||
method: POST | ||
basic_auth_user: "{{.switch01.api.user}}" | ||
basic_auth_password: "{{.switch01.api.password}}" | ||
url: '{{.switch01.api.url}}/nclu/v1/rpc' | ||
ignore_verify_ssl: true | ||
body: >- | ||
{ | ||
"cmd": "show dot1x interface {{.switch01.dot1x_interface.id}} json" | ||
} | ||
headers: | ||
"Content-Type": "application/json" | ||
assertions: | ||
# we didn't check MAC address on port to make this testcase reusable | ||
- result.body ShouldContainSubstring "{{.wired_dot1x_eap_tls_scep.roles.dot1x_eap_tls.vlan_id}}" | ||
- result.body ShouldContainSubstring TLS | ||
- result.body ShouldContainSubstring AUTHORIZED | ||
- result.statuscode ShouldEqual 200 |
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/99_check_internet_access.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../common/check_internet_access.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/teardown/00_kill_wpasupplicant.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../common/kill_wpasupplicant.yml |
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/teardown/05_disable_dot1x_dot1x_int.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../../switches/common/disable_dot1x_dot1x_int.yml |
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/teardown/07_disable_dynamic_vlan.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../../switches/common/disable_dynamic_vlan.yml |
1 change: 1 addition & 0 deletions
1
t/venom/test_suites/wired_dot1x_eap_tls_scep/teardown/10_commit_config.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../../switches/common/commit_config.yml |
Oops, something went wrong.