DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

tests: Remove testing of EAP-pwd groups 25, 26, and 27

Browse source 
This is in preparation of disallowing all use of these groups. Negative
test case for the groups will be added in a separate commit after the
implementation has been changed.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2019-04-13 17:17:09 +03:00
parent 6fe3ee722d
commit caf4d1c979
1 changed files with 9 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
tests/hwsim/test_ap_eap.py
View file

@ -2736,32 +2736,23 @@ def test_ap_wpa2_eap_pwd_groups(dev, apdev):
params = {"ssid": "test-wpa2-eap", "wpa": "2", "wpa_key_mgmt": "WPA-EAP", params = {"ssid": "test-wpa2-eap", "wpa": "2", "wpa_key_mgmt": "WPA-EAP",
"rsn_pairwise": "CCMP", "ieee8021x": "1", "rsn_pairwise": "CCMP", "ieee8021x": "1",
"eap_server": "1", "eap_user_file": "auth_serv/eap_user.conf"} "eap_server": "1", "eap_user_file": "auth_serv/eap_user.conf"}
groups = [19, 20, 21, 25, 26] groups = [19, 20, 21]
if tls.startswith("OpenSSL") and "build=OpenSSL 1.0.2" in tls and "run=OpenSSL 1.0.2" in tls: if tls.startswith("OpenSSL") and "build=OpenSSL 1.0.2" in tls and "run=OpenSSL 1.0.2" in tls:
logger.info("Add Brainpool EC groups since OpenSSL is new enough") logger.info("Add Brainpool EC groups since OpenSSL is new enough")
groups += [27, 28, 29, 30] groups += [28, 29, 30]
if tls.startswith("OpenSSL") and "build=OpenSSL 1.1" in tls and "run=OpenSSL 1.1" in tls: if tls.startswith("OpenSSL") and "build=OpenSSL 1.1" in tls and "run=OpenSSL 1.1" in tls:
logger.info("Add Brainpool EC groups since OpenSSL is new enough") logger.info("Add Brainpool EC groups since OpenSSL is new enough")
groups += [27, 28, 29, 30] groups += [28, 29, 30]
for i in groups: for i in groups:
logger.info("Group %d" % i) logger.info("Group %d" % i)
params['pwd_group'] = str(i) params['pwd_group'] = str(i)
hapd = hostapd.add_ap(apdev[0], params) hapd = hostapd.add_ap(apdev[0], params)
try: eap_connect(dev[0], hapd, "PWD", "pwd user",
eap_connect(dev[0], hapd, "PWD", "pwd user", password="secret password")
password="secret password") dev[0].request("REMOVE_NETWORK all")
dev[0].request("REMOVE_NETWORK all") dev[0].wait_disconnected()
dev[0].wait_disconnected() dev[0].dump_monitor()
dev[0].dump_monitor() hapd.disable()
except:
if "BoringSSL" in tls and i in [25]:
logger.info("Ignore connection failure with group %d with BoringSSL" % i)
dev[0].request("DISCONNECT")
time.sleep(0.1)
dev[0].request("REMOVE_NETWORK all")
dev[0].dump_monitor()
continue
raise
def test_ap_wpa2_eap_pwd_invalid_group(dev, apdev): def test_ap_wpa2_eap_pwd_invalid_group(dev, apdev):
"""WPA2-Enterprise connection using invalid EAP-pwd group""" """WPA2-Enterprise connection using invalid EAP-pwd group"""