phpDocumentor Developer
[ class tree: Developer ] [ index: Developer ] [ all elements ]

Procedural File: RADIUSTests.php

Source Location: /core/RADIUSTests.php

Page Details

This file contains code for testing EAP servers

Author:  Stefan Winter <stefan.winter@restena.lu>
Author:  Tomasz Wolniewicz <twoln@umk.pl>
Author:  Maja Gorecka-Wolniewicz <mgw@umk.pl>
Classes
Class Description
RADIUSTests Test suite to verify that an EAP setup is actually working as advertised in the real world. Can only be used if Config::$RADIUSTESTS is configured.
Includes
require_once ("X509.php") [line 22]
[ Top ]

require_once ("EAP.php") [line 21]
[ Top ]

require_once ("Helper.php") [line 23]
[ Top ]

require_once (dirname(dirname(__FILE__))."/config/_config.php") [line 20]

This file contains code for testing EAP servers

Information Tags:
Author:  Stefan Winter <stefan.winter@restena.lu>
Author:  Tomasz Wolniewicz <twoln@umk.pl>
Author:  Maja Gorecka-Wolniewicz <mgw@umk.pl>
[ Top ]


Constants
CERTPROB_DH_GROUP_TOO_SMALL  [line 192]

CERTPROB_DH_GROUP_TOO_SMALL = -225

Diffie-Hellman groups need to be 1024 bit at least, starting with OS X 10.11


[ Top ]

CERTPROB_LOW_KEY_LENGTH  [line 108]

CERTPROB_LOW_KEY_LENGTH = -220

one of the keys in the cert chain was smaller than 1024 bits


[ Top ]

CERTPROB_MD5_SIGNATURE  [line 104]

CERTPROB_MD5_SIGNATURE = -204

The/a server certificate was signed with an MD5 signature.


[ Top ]

CERTPROB_NOT_ACCEPTED  [line 180]

CERTPROB_NOT_ACCEPTED = -215

The server does accept this client certificate


[ Top ]

CERTPROB_NOT_A_HOSTNAME  [line 156]

CERTPROB_NOT_A_HOSTNAME = -218

One of the names in the cert was not a hostname.


[ Top ]

CERTPROB_NO_BASICCONSTRAINTS  [line 164]

CERTPROB_NO_BASICCONSTRAINTS = -211

The certificate does not set any BasicConstraints; particularly no CA = TRUE|FALSE


[ Top ]

CERTPROB_NO_CDP  [line 116]

CERTPROB_NO_CDP = -206

The server certificate did not include a CRL Distribution Point, creating compat problems with Windows Phone 8.


[ Top ]

CERTPROB_NO_CDP_HTTP  [line 120]

CERTPROB_NO_CDP_HTTP = -207

The server certificate did a CRL Distribution Point, but not to a HTTP/HTTPS URL. Possible compat problems.


[ Top ]

CERTPROB_NO_COMMON_EAP_METHOD  [line 188]

CERTPROB_NO_COMMON_EAP_METHOD = -224

no EAP method could be agreed on, certs could not be extraced


[ Top ]

CERTPROB_NO_CRL_AT_CDP_URL  [line 124]

CERTPROB_NO_CRL_AT_CDP_URL = -208

The server certificate's CRL Distribution Point URL couldn't be accessed and/or did not contain a CRL.


[ Top ]

CERTPROB_NO_SERVER_CERT  [line 100]

CERTPROB_NO_SERVER_CERT = -202

There was no server certificate in the EAP server's chain.


[ Top ]

CERTPROB_NO_TLS_WEBSERVER_OID  [line 112]

CERTPROB_NO_TLS_WEBSERVER_OID = -205

The server certificate did not contain the TLS Web Server OID, creating compat problems with many Windows versions.


[ Top ]

CERTPROB_OUTSIDE_VALIDITY_PERIOD  [line 132]

CERTPROB_OUTSIDE_VALIDITY_PERIOD = -221

The received server certificate is revoked.


[ Top ]

CERTPROB_OUTSIDE_VALIDITY_PERIOD_WARN  [line 136]

CERTPROB_OUTSIDE_VALIDITY_PERIOD_WARN = -225

At least one certificate is outside its validity period (not yet valid, or already expired)!


[ Top ]

CERTPROB_ROOT_INCLUDED  [line 92]

CERTPROB_ROOT_INCLUDED = -200

The root CA certificate was sent by the EAP server.


[ Top ]

CERTPROB_SERVER_CERT_REVOKED  [line 128]

CERTPROB_SERVER_CERT_REVOKED = -222

certificate is not currently valid (expired/not yet valid)


[ Top ]

CERTPROB_SERVER_NAME_MISMATCH  [line 148]

CERTPROB_SERVER_NAME_MISMATCH = -210

The received server certificate's name did not match the configured name in the profile properties.


[ Top ]

CERTPROB_SERVER_NAME_PARTIAL_MATCH  [line 152]

CERTPROB_SERVER_NAME_PARTIAL_MATCH = -217

The received server certificate's name did not match the configured name in the profile properties.


[ Top ]

CERTPROB_TOO_MANY_SERVER_CERTS  [line 96]

CERTPROB_TOO_MANY_SERVER_CERTS = -201

There was more than one server certificate in the EAP server's chain.


[ Top ]

CERTPROB_TRUST_ROOT_NOT_REACHED  [line 140]

CERTPROB_TRUST_ROOT_NOT_REACHED = -209

At least one certificate is outside its validity period, but this certificate does not take part in servder validation


[ Top ]

CERTPROB_TRUST_ROOT_REACHED_ONLY_WITH_OOB_INTERMEDIATES  [line 144]

CERTPROB_TRUST_ROOT_REACHED_ONLY_WITH_OOB_INTERMEDIATES = -216

The received certificate chain did not carry the necessary intermediate CAs in the EAP conversation. Only the CAT Intermediate CA installation can complete the chain.


[ Top ]

CERTPROB_UNABLE_TO_GET_CRL  [line 184]

CERTPROB_UNABLE_TO_GET_CRL = 223

the CRL of a certificate could not be found


[ Top ]

CERTPROB_UNKNOWN_CA  [line 168]

CERTPROB_UNKNOWN_CA = -212

The server presented a certificate which is from an unknown authority


[ Top ]

CERTPROB_WILDCARD_IN_NAME  [line 160]

CERTPROB_WILDCARD_IN_NAME = -219

One of the names contained a wildcard character.


[ Top ]

CERTPROB_WRONGLY_ACCEPTED  [line 172]

CERTPROB_WRONGLY_ACCEPTED = -213

The server accepted this client certificate, but should not have


[ Top ]

CERTPROB_WRONGLY_NOT_ACCEPTED  [line 176]

CERTPROB_WRONGLY_NOT_ACCEPTED = -214

The server does not accept this client certificate, but should have


[ Top ]

RETVAL_CONNECTION_REFUSED  [line 76]

RETVAL_CONNECTION_REFUSED = -110

a RADIUS server refuses connection


[ Top ]

RETVAL_CONVERSATION_REJECT  [line 72]

RETVAL_CONVERSATION_REJECT = -109

a RADIUS server talked EAP with us, but didn't like us in the end


[ Top ]

RETVAL_IMMEDIATE_REJECT  [line 68]

RETVAL_IMMEDIATE_REJECT = -108

a RADIUS server did not want to talk EAP with us, but at least replied with a Reject


[ Top ]

RETVAL_INCOMPLETE_DATA  [line 80]

RETVAL_INCOMPLETE_DATA = -111

not enough data provided to perform an authentication


[ Top ]

RETVAL_INVALID  [line 44]

RETVAL_INVALID = -103

test executed, and there were errors


[ Top ]

RETVAL_NONAPTR  [line 50]

RETVAL_NONAPTR = -104

no NAPTRs for domain; this is not an error, simply means that realm is not doing dynamic discovery for any service


[ Top ]

RETVAL_NOTCONFIGURED  [line 35]

RETVAL_NOTCONFIGURED = -100

Test could not be run because CAT software isn't configured for it


[ Top ]

RETVAL_NOT_CONFIGURED  [line 36]

RETVAL_NOT_CONFIGURED = -100

[ Top ]

RETVAL_NO_RESPONSE  [line 60]

RETVAL_NO_RESPONSE = -106

no reply at all from remote RADIUS server


[ Top ]

RETVAL_OK  [line 31]

RETVAL_OK = 0

Test was executed and the result was as expected.


[ Top ]

RETVAL_ONLYUNRELATEDNAPTR  [line 54]

RETVAL_ONLYUNRELATEDNAPTR = -105

no eduroam NAPTR for domain; this is not an error, simply means that realm is not doing dynamic discovery for eduroam


[ Top ]

RETVAL_SERVER_UNFINISHED_COMM  [line 64]

RETVAL_SERVER_UNFINISHED_COMM = -107

auth flow stopped somewhere in the middle of a conversation


[ Top ]

RETVAL_SKIPPED  [line 40]

RETVAL_SKIPPED = -101

Test skipped because there was nothing to be done


[ Top ]

RETVAL_WRONG_PKCS12_PASSWORD  [line 86]

RETVAL_WRONG_PKCS12_PASSWORD = -112

PKCS12 password does not match the certificate file


[ Top ]



Documentation generated on Tue, 06 Oct 2015 06:11:17 +0000 by phpDocumentor 1.4.4