govwifi_eapoltest 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/eapoltest_client.rb +7 -0
- data/lib/govwifi_eapoltest/version.rb +5 -0
- data/lib/govwifi_eapoltest.rb +61 -0
- data/lib/matchers/eapoltest_matchers.rb +37 -0
- data/lib/services.rb +9 -0
- data/templates/eap-tls.conf.erb +8 -0
- data/templates/peap-mschapv2.conf.erb +11 -0
- metadata +96 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: ad381ae439ded57796071496a6ab798564086fee616d0be6a3b2401d73666afe
|
|
4
|
+
data.tar.gz: 79c09a1498203146e6e4d292258d22abd7bf837e3d10f7be325a036f31cf1718
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: d07945a7d60b93c569da0313bbd0e43d1a02879fa9d8d2af318bbaf4034aebf9002645917a4dfa9e2f43fcece4613193e0815ec512770369f19ca21cfb6c1d04
|
|
7
|
+
data.tar.gz: 613cfbfe187baac5a18ec17ad41a226a31f38ec54b819bdd9d71ffa5be2b262aefe1395f42a3688769a444bfd6003475202511b66dc22489cfb9d34f930113f9
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "erb"
|
|
4
|
+
require "tempfile"
|
|
5
|
+
require_relative "./govwifi_eapoltest/version"
|
|
6
|
+
require_relative "./matchers/eapoltest_matchers"
|
|
7
|
+
require_relative "./services"
|
|
8
|
+
class GovwifiEapoltest
|
|
9
|
+
PEAP_MSCHAP_TEMPLATE_PATH = "#{File.dirname(__FILE__)}/../templates/peap-mschapv2.conf.erb".freeze
|
|
10
|
+
EAP_TLS_TEMPLATE_PATH = "#{File.dirname(__FILE__)}/../templates/eap-tls.conf.erb".freeze
|
|
11
|
+
SSID = "GovWifi"
|
|
12
|
+
|
|
13
|
+
def initialize(radius_ips:, secret:)
|
|
14
|
+
@radius_ips = radius_ips
|
|
15
|
+
@secret = secret
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def run_peap_mschapv2(server_cert_path:, username:, password:, tls_version: :tls1_2)
|
|
19
|
+
raise "Unknown TLS version #{tls_version}" unless %i[tls1_0 tls1_1 tls1_2 tls1_3].include?(tls_version)
|
|
20
|
+
|
|
21
|
+
phase1_tls1_0 = "tls_disable_tlsv1_0=#{tls_version == :tls1_0 ? 0 : 1}"
|
|
22
|
+
phase1_tls1_1 = "tls_disable_tlsv1_1=#{tls_version == :tls1_1 ? 0 : 1}"
|
|
23
|
+
phase1_tls1_2 = "tls_disable_tlsv1_2=#{tls_version == :tls1_2 ? 0 : 1}"
|
|
24
|
+
phase1_tls1_3 = "tls_disable_tlsv1_3=#{tls_version == :tls1_3 ? 0 : 1}"
|
|
25
|
+
|
|
26
|
+
phase1 = [phase1_tls1_0, phase1_tls1_1, phase1_tls1_2, phase1_tls1_3].join(" ")
|
|
27
|
+
|
|
28
|
+
variables = {
|
|
29
|
+
ssid: SSID,
|
|
30
|
+
identity: username,
|
|
31
|
+
password:,
|
|
32
|
+
server_cert_path:,
|
|
33
|
+
phase1:,
|
|
34
|
+
}
|
|
35
|
+
|
|
36
|
+
run_eapol(PEAP_MSCHAP_TEMPLATE_PATH, variables:)
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def run_eap_tls(server_cert_path:, client_cert_path:, client_key_path:)
|
|
40
|
+
variables = {
|
|
41
|
+
server_cert_path:,
|
|
42
|
+
client_cert_path:,
|
|
43
|
+
client_key_path:,
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
run_eapol(EAP_TLS_TEMPLATE_PATH, variables:)
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
private
|
|
50
|
+
|
|
51
|
+
def run_eapol(config_template_path, variables: {})
|
|
52
|
+
file = Tempfile.new
|
|
53
|
+
file.write ERB.new(File.read(config_template_path)).result_with_hash(variables)
|
|
54
|
+
file.close
|
|
55
|
+
@radius_ips.map do |radius_ip|
|
|
56
|
+
Services.eapol_test.run(config_file_path: file.path, radius_ip:, secret: @secret)
|
|
57
|
+
end
|
|
58
|
+
ensure
|
|
59
|
+
file.unlink
|
|
60
|
+
end
|
|
61
|
+
end
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
RSpec::Matchers.define :use_tls_version_1_0 do
|
|
4
|
+
match do |output|
|
|
5
|
+
!output.include?("SSL: Using TLS version TLSv1.") && output.include?("SSL: Using TLS version TLSv1")
|
|
6
|
+
end
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
RSpec::Matchers.define :use_tls_version_1_1 do
|
|
10
|
+
match do |output|
|
|
11
|
+
output.include?("SSL: Using TLS version TLSv1.1")
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
RSpec::Matchers.define :use_tls_version_1_2 do
|
|
16
|
+
match do |output|
|
|
17
|
+
output.include?("SSL: Using TLS version TLSv1.2")
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
RSpec::Matchers.define :use_tls_version_1_3 do
|
|
22
|
+
match do |output|
|
|
23
|
+
output.include?("SSL: Using TLS version TLSv1.3")
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
RSpec::Matchers.define :have_been_successful do
|
|
28
|
+
match do |output|
|
|
29
|
+
output.split("\n").last == "SUCCESS"
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
RSpec::Matchers.define :have_failed do
|
|
34
|
+
match do |output|
|
|
35
|
+
output.split("\n").last == "FAILURE"
|
|
36
|
+
end
|
|
37
|
+
end
|
data/lib/services.rb
ADDED
metadata
ADDED
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: govwifi_eapoltest
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- koetsier
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2023-10-15 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: rspec
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '0'
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: rake
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - ">="
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: '0'
|
|
34
|
+
type: :development
|
|
35
|
+
prerelease: false
|
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
+
requirements:
|
|
38
|
+
- - ">="
|
|
39
|
+
- !ruby/object:Gem::Version
|
|
40
|
+
version: '0'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: rubocop-govuk
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ">="
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '0'
|
|
48
|
+
type: :development
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - ">="
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '0'
|
|
55
|
+
description: These are a set of helpers to test Freeradius.
|
|
56
|
+
email:
|
|
57
|
+
- jos.koetsier@digital.cabinet-office.gov.uk
|
|
58
|
+
executables: []
|
|
59
|
+
extensions: []
|
|
60
|
+
extra_rdoc_files: []
|
|
61
|
+
files:
|
|
62
|
+
- lib/eapoltest_client.rb
|
|
63
|
+
- lib/govwifi_eapoltest.rb
|
|
64
|
+
- lib/govwifi_eapoltest/version.rb
|
|
65
|
+
- lib/matchers/eapoltest_matchers.rb
|
|
66
|
+
- lib/services.rb
|
|
67
|
+
- templates/eap-tls.conf.erb
|
|
68
|
+
- templates/peap-mschapv2.conf.erb
|
|
69
|
+
homepage: https://github.com/alphagov/govwifi_eapoltest
|
|
70
|
+
licenses:
|
|
71
|
+
- MIT
|
|
72
|
+
metadata:
|
|
73
|
+
homepage_uri: https://github.com/alphagov/govwifi_eapoltest
|
|
74
|
+
source_code_uri: https://github.com/alphagov/govwifi_eapoltest
|
|
75
|
+
changelog_uri: https://www.wifi.service.gov.uk/
|
|
76
|
+
post_install_message:
|
|
77
|
+
rdoc_options: []
|
|
78
|
+
require_paths:
|
|
79
|
+
- lib
|
|
80
|
+
- templates
|
|
81
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
82
|
+
requirements:
|
|
83
|
+
- - ">="
|
|
84
|
+
- !ruby/object:Gem::Version
|
|
85
|
+
version: 3.2.2
|
|
86
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
87
|
+
requirements:
|
|
88
|
+
- - ">="
|
|
89
|
+
- !ruby/object:Gem::Version
|
|
90
|
+
version: '0'
|
|
91
|
+
requirements: []
|
|
92
|
+
rubygems_version: 3.4.20
|
|
93
|
+
signing_key:
|
|
94
|
+
specification_version: 4
|
|
95
|
+
summary: Test helpers for Freeradius
|
|
96
|
+
test_files: []
|