tests: Try users2.pkcs12 twice to add coverage

This allows manual verification of extra PKCS#12 certificate processing.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-08-11 00:38:44 +03:00
parent f59b946e39
commit 6da3b745f1
2 changed files with 12 additions and 5 deletions

Binary file not shown.

View file

@ -1341,8 +1341,15 @@ def test_ap_wpa2_eap_tls_pkcs12(dev, apdev):
dev[0].request("REMOVE_NETWORK all") dev[0].request("REMOVE_NETWORK all")
dev[0].wait_disconnected() dev[0].wait_disconnected()
eap_connect(dev[0], apdev[0], "TLS", "tls user", ca_cert="auth_serv/ca.pem", # Run this twice to verify certificate chain handling with OpenSSL. Use two
private_key="auth_serv/user2.pkcs12", # different files to cover both cases of the extra certificate being the
# one that signed the client certificate and it being unrelated to the
# client certificate.
for pkcs12 in "auth_serv/user2.pkcs12", "auth_serv/user3.pkcs12":
for i in range(2):
eap_connect(dev[0], apdev[0], "TLS", "tls user",
ca_cert="auth_serv/ca.pem",
private_key=pkcs12,
private_key_passwd="whatever") private_key_passwd="whatever")
dev[0].request("REMOVE_NETWORK all") dev[0].request("REMOVE_NETWORK all")
dev[0].wait_disconnected() dev[0].wait_disconnected()