Commit 5a23a263 authored by Peder Bergebakken Sundt's avatar Peder Bergebakken Sundt
Browse files

Add test_single.sh

WIP
parent ebed366c
#!/usr/bin/env bash
cd rad_eap_test
# certs
echo 'MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7cJpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYPmDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRCdWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTffwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cmNW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPxH2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==' |
base64 -d > test_ca_cert1.crt ; echo Created test_ca_cert1.crt
echo 'MIIE+zCCA+OgAwIBAgIQCHC8xa8/25Wakctq7u/kZTANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMTQxMTE4MTIwMDAwWhcNMjQxMTE4MTIwMDAwWjBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMV2Dw/ZQyk7bG3RR63eEL8jwnioSnc18SNb4EweQefCMQC9iDdFdd25AhCAHo/tZCMERaegOTuBTc9jP8JJ/yKeiLDSlrlcinQfkioq8hLIt2hUtVhBgUBoBhpPhSn7tU08D08/QJYbzqjMXjX/ZJj1dd10VAWgNhEEEiRVY++Udy538RV27tOkWUUhn6i+0SftCuirOMo/h9Ha8Y+5Cx9E5+Ct85XCFk3shKM6ktTPxn3mvcsaQE+zVLHzj28NHuO+SaNW5Ae8jafOHbBbV1bRxBz8mGXRzUYvkZS/RYVJ+G1ShxwCVgEnFqtyLvRx5GG1IKD6JmlqCvGrn223zyUCAwEAAaOCAaYwggGiMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHkGCCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBRn/YggFCeYxwnSJRm76VERY3VQYjAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkqhkiG9w0BAQsFAAOCAQEAqSg1esR71tonHqyYzyc2TxEydHTmQN0dzfJodzWvs4xdxgS/FfQjZ4u5b5cE60adws3J0aSugS7JurHogNAcyTnBVnZZbJx946nw09E02DxJWYsamM6/xvLYMDX/6W9doK867mZTrqqMaci+mqege9iCSzMTyAfzd9fzZM2eY/lCJ1OuEDOJcjcV8b73HjWizsMt8tey5gvHacDlH198aZt+ziYaM0TDuncFO7pdP0GJ+hY77gRuW6xWS++McPJKe1e9GW6LNgdUJi2GCZQfXzer8CM/jyxflp5HcahE3qm5hS+1NGClXwmgmkMd1L8tRNaN2v11y18WoA5hwnA9Ng==' |
base64 -d > test_ca_cert2.crt ; echo Created test_ca_cert2.crt
echo
# -H <address> - Address of radius server (DNS name or IP address). When using
# DNS name IPv4 address will be used unless -6 option is present.
# Both IPv4 or IPv6 addresses may be used.
# -P <port> - Port of radius server
# -S <secret> - Secret for radius server communication
# -u <username> - Username (user@realm.tld)
# -A <anonymous_id> - Anonymous identity (anonymous_user@realm.tld)
# -p <password> - Password
# -t <timeout> - Timeout (default is 5 seconds)
# -m <method> - Method (WPA-EAP | IEEE8021X)
# -v - Verbose (prints decoded last Access-accept packet)
# -c - Prints all packets decoded
# -s <ssid> - SSID
# -e <method> - EAP method (PEAP | TLS | TTLS | LEAP)
# -M <mac_addr> - MAC address in xx:xx:xx:xx:xx:xx format
# -i <connect_info> - Connection info (in radius log: connect from <connect_info>)
# -d <domain_name> - Constraint for server domain name. FQDN is used as a full match
# requirement for the server certificate. Multiple values may be specified.
# Multiple values must be separated by semicollon.
# -k <user_key_file> - user certificate key file
# -l <user_key_file_password> - password for user certificate key file
# -j <user_cert_file> - user certificate file
# -a <ca_cert_file> - certificate of CA
# -2 <phase2 method> - Phase2 type (PAP,CHAP,MSCHAPV2)
# -x <subject_match> - Substring to be matched against the subject of the authentication server certificate.
# -N - Identify and do not delete temporary files
# -O <domain.edu.cctld> - Operator-Name value in domain name format
# -I <ip address> - explicitly specify NAS-IP-Address
# -C - request Chargeable-User-Identity
# -T - send Called-Station-Id in MAC:SSID format
# -f - send big access-request to cause fragmentation
# -b - print details about certificate of RADIUS server (whole certificate chain
# may be retrieved by eapol_test, there is a certain logic that tries to
# determine the end server cert and print it)
# -B <file> - save certificate of RADIUS server to specified file
# -n <directory> - store temporary files in specified directory
# -g - print the entire unmodified output of eapol_test
# -V - Show received Chargeable-User-Identity and/or Operator-Name
# -X <warn_days> - check certificate expiry (whole certificate chain may be retrieved by
# eapol_test, there is a certain logic that tries to determine the end
# server cert which is checked for expiry)
# -6 - force use of IPv6 when using DNS name as RADIUS server address
# -4 - use IPv4 when using DNS name as RADIUS server address (this is the
# default, but the option exists for compatibility)
# -h - show this message
./rad_eap_test \
-H 'ntlr1.eduroam.no' \
-P 1812 \
-S Hunter2 \
-u test_inner@edu.nl \
-A test_outer@edu.nl \
-p dvhvw \
-s eduroam \
-d guest.surfnet.nl \
-a test_ca_cert1.crt \
-a test_ca_cert2.crt \
-m WPA-EAP -e PEAP
echo
rm -v test_ca_cert1.crt
rm -v test_ca_cert2.crt
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment