summaryrefslogtreecommitdiffstats
path: root/chromeos/test/data/network
diff options
context:
space:
mode:
authorpneubeck@chromium.org <pneubeck@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-12-16 13:08:13 +0000
committerpneubeck@chromium.org <pneubeck@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-12-16 13:08:13 +0000
commit7f123d2a3dc472dd796c13e2d7d599446fe9831d (patch)
tree6f3ead0503ad43e7d88db6d130ae4b65f89bf5a4 /chromeos/test/data/network
parentff39e9b81c8619d19a318a8d97d0bac552d455b4 (diff)
downloadchromium_src-7f123d2a3dc472dd796c13e2d7d599446fe9831d.zip
chromium_src-7f123d2a3dc472dd796c13e2d7d599446fe9831d.tar.gz
chromium_src-7f123d2a3dc472dd796c13e2d7d599446fe9831d.tar.bz2
ONC: Allow multiple CA certificates.
So far only a single CA certificate was supported for EAP/IPsec/OpenVPN. Instead, we now support multiple CA certs. These are provided as a list of GUID references to CA certificates in the toplevel "Certificates" section. BUG=276291 R=armansito@chromium.org, davidroche@chromium.org Review URL: https://codereview.chromium.org/68343010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240874 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chromeos/test/data/network')
-rw-r--r--chromeos/test/data/network/augmented_merge.json4
-rw-r--r--chromeos/test/data/network/invalid_settings_with_repairs.json27
-rw-r--r--chromeos/test/data/network/managed_toplevel_l2tpipsec.onc8
-rw-r--r--chromeos/test/data/network/managed_vpn.onc3
-rw-r--r--chromeos/test/data/network/managed_vpn_without_recommended.onc3
-rw-r--r--chromeos/test/data/network/network_configs_with_resolved_certs.json93
6 files changed, 128 insertions, 10 deletions
diff --git a/chromeos/test/data/network/augmented_merge.json b/chromeos/test/data/network/augmented_merge.json
index fbd90ba..d7987ae 100644
--- a/chromeos/test/data/network/augmented_merge.json
+++ b/chromeos/test/data/network/augmented_merge.json
@@ -101,6 +101,10 @@
"Effective": "DevicePolicy",
"UserEditable": true,
"UserPolicy": "policy user"
+ },
+ "ServerCARefs": {
+ "UserPolicy": ["ref1", "ref2"],
+ "Effective": "UserPolicy"
}
},
"Type": {
diff --git a/chromeos/test/data/network/invalid_settings_with_repairs.json b/chromeos/test/data/network/invalid_settings_with_repairs.json
index 0815629..fbe6ada 100644
--- a/chromeos/test/data/network/invalid_settings_with_repairs.json
+++ b/chromeos/test/data/network/invalid_settings_with_repairs.json
@@ -199,6 +199,33 @@
"ClientCertType": "Ref",
"ClientCertRef": "a cert ref"
},
+ "ipsec-with-empty-cacertrefs": {
+ "AuthenticationType": "Cert",
+ "IKEVersion": 1,
+ "ClientCertType": "Ref",
+ "ClientCertRef": "a cert ref",
+ "ServerCARefs": []
+ },
+ "ipsec-with-servercaref-and-servercarefs": {
+ "AuthenticationType": "Cert",
+ "ClientCertType": "Ref",
+ "ClientCertRef": "a cert ref",
+ "IKEVersion": 1,
+ "ServerCARef": "a cert ref",
+ "ServerCARefs": ["ref1", "ref2"]
+ },
+ "openvpn-with-servercaref-and-servercarefs": {
+ "ClientCertType": "None",
+ "ServerCARef": "a cert ref",
+ "ServerCARefs": ["ref1", "ref2"]
+ },
+ "eap-with-servercaref-and-servercarefs": {
+ "ClientCertType": "Ref",
+ "ClientCertRef": "a cert ref",
+ "Outer": "LEAP",
+ "ServerCARef": "a cert ref",
+ "ServerCARefs": ["ref1", "ref2"]
+ },
"openvpn-missing-verify-x509-name": {
"GUID": "guid",
"Type": "VPN",
diff --git a/chromeos/test/data/network/managed_toplevel_l2tpipsec.onc b/chromeos/test/data/network/managed_toplevel_l2tpipsec.onc
index f20cd63..e08d4e9 100644
--- a/chromeos/test/data/network/managed_toplevel_l2tpipsec.onc
+++ b/chromeos/test/data/network/managed_toplevel_l2tpipsec.onc
@@ -8,10 +8,12 @@
"VPN": {
"Host": "l2tp.acme.org",
"IPsec": {
- "AuthenticationType": "PSK",
+ "AuthenticationType": "Cert",
"IKEVersion": 1,
+ "ClientCertType": "Ref",
+ "ClientCertRef": "a cert ref",
"SaveCredentials": false,
- "PSK": "passphrase"
+ "ServerCARefs": ["ref1", "ref2"]
},
"L2TP": {
"Recommended": [
@@ -24,4 +26,4 @@
}
],
"Type": "UnencryptedConfiguration"
-} \ No newline at end of file
+}
diff --git a/chromeos/test/data/network/managed_vpn.onc b/chromeos/test/data/network/managed_vpn.onc
index 4c52e97..c12bfc9 100644
--- a/chromeos/test/data/network/managed_vpn.onc
+++ b/chromeos/test/data/network/managed_vpn.onc
@@ -18,7 +18,8 @@
"ClientCertPattern": {
"IssuerCARef": [ "openvpn-test-ca" ],
"Recommended": [ "EnrollmentURI", "IssuerCARef" ]
- }
+ },
+ "ServerCARefs": ["ref1", "ref2"]
},
"IPsec": {
"AuthenticationType": "PSK",
diff --git a/chromeos/test/data/network/managed_vpn_without_recommended.onc b/chromeos/test/data/network/managed_vpn_without_recommended.onc
index 037bf53..471ff23 100644
--- a/chromeos/test/data/network/managed_vpn_without_recommended.onc
+++ b/chromeos/test/data/network/managed_vpn_without_recommended.onc
@@ -15,7 +15,8 @@
"ClientCertType": "Pattern",
"ClientCertPattern": {
"IssuerCARef": [ "openvpn-test-ca" ],
- }
+ },
+ "ServerCARefs": ["ref1", "ref2"]
},
"IPsec": {
"AuthenticationType": "PSK",
diff --git a/chromeos/test/data/network/network_configs_with_resolved_certs.json b/chromeos/test/data/network/network_configs_with_resolved_certs.json
index 021099d..7e7a367 100644
--- a/chromeos/test/data/network/network_configs_with_resolved_certs.json
+++ b/chromeos/test/data/network/network_configs_with_resolved_certs.json
@@ -1,5 +1,88 @@
{
- "OpenVPN and IssuerCARef": {
+ "OpenVPN with CARefs": {
+ "WithCertRefs": [ {
+ "Type": "VPN",
+ "VPN": {
+ "Type": "OpenVPN",
+ "OpenVPN": {
+ "PushPeerInfo": true,
+ "ServerCARefs": [ "cert_google", "cert_webkit" ]
+ }
+ },
+ } ],
+ "WithResolvedRefs": [ {
+ "Type": "VPN",
+ "VPN": {
+ "Type": "OpenVPN",
+ "OpenVPN": {
+ "PushPeerInfo": true,
+ "ServerCAPEMs": [ "pem_google", "pem_webkit" ]
+ }
+ },
+ } ]
+ },
+ "OpenVPN with CARefs and CARef": {
+ "WithCertRefs": [ {
+ "Type": "VPN",
+ "VPN": {
+ "Type": "OpenVPN",
+ "OpenVPN": {
+ "PushPeerInfo": true,
+ "ServerCARef": "cert_google",
+ "ServerCARefs": [ "cert_google", "cert_webkit" ]
+ }
+ },
+ } ],
+ "WithResolvedRefs": [ {
+ "Type": "VPN",
+ "VPN": {
+ "Type": "OpenVPN",
+ "OpenVPN": {
+ "PushPeerInfo": true,
+ "ServerCAPEMs": [ "pem_google", "pem_webkit" ]
+ }
+ },
+ } ]
+ },
+ "EAP with CARefs": {
+ "WithCertRefs":
+ [ { "WiFi": {
+ "EAP": {
+ "ServerCARefs": [ "cert_google", "cert_webkit" ]
+ }
+ }
+ }
+ ],
+ "WithResolvedRefs":
+ [ { "WiFi": {
+ "EAP": {
+ "ServerCAPEMs": [ "pem_google", "pem_webkit" ]
+ }
+ }
+ }
+ ]
+ },
+ "L2TP with CARefs": {
+ "WithCertRefs":
+ [ { "VPN": {
+ "IPsec": {
+ "SaveCredentials": true,
+ "ServerCARefs": [ "cert_google", "cert_webkit" ]
+ }
+ }
+ }
+ ],
+ "WithResolvedRefs":
+ [ { "VPN": {
+ "IPsec": {
+ "SaveCredentials": true,
+ "ServerCAPEMs": [ "pem_google", "pem_webkit" ]
+ }
+ }
+ }
+ ]
+ },
+ "OpenVPN with ServerCARef and IssuerCARef": {
"WithCertRefs": [
{
"GUID": "{a3860e83-f03d-4cb1-bafa-789oij}",
@@ -51,7 +134,7 @@
}
} ]
},
- "EAP and L2TP without ref": {
+ "EAP with and L2TP without ref": {
"WithCertRefs":
[ { "WiFi": {
"EAP": {
@@ -68,7 +151,7 @@
},
{ "VPN": {
"IPsec": {
- "SaveCredentials": true,
+ "SaveCredentials": true
}
}
}
@@ -91,7 +174,7 @@
},
{ "VPN": {
"IPsec": {
- "SaveCredentials": true,
+ "SaveCredentials": true
}
}
}
@@ -126,7 +209,7 @@
"SaveCredentials": true,
"ServerCAPEMs": [
"pem_google"
- ],
+ ]
}
}
}
generated by cgit v1.1 at 2025-02-12 12:12:44 +0000