Commit graph

966 commits

Author SHA1 Message Date
Jouni Malinen
eefec1e40b AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and
allows AES to be initialized with 192 and 256 bit KEK in addition to
the previously supported 128 bit KEK.

The test vectors in test-aes.c are extended to cover all the test
vectors from RFC 3394.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:06 +03:00
Jouni Malinen
b9dee18ffe tests: VENDOR_ELEM_REMOVE of the second IE
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 00:43:50 +03:00
Jouni Malinen
5b7aeddcd7 tests: OKC with multiple stations
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
35a7646bb1 tests: PMKSA cache with multiple stations
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
2cde175a93 tests: PMKSA cache entry timeout based on Session-Timeout
This verifies that hostapd uses Session-Timeout value from Access-Accept
as the lifetime for the PMKSA cache entries and expires entries both
while the station is disconnected and during an association.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
8e1fc78e1f tests: PMKSA caching disabled on AP
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
393869c551 tests: External MAC address change
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 16:41:33 +03:00
Jouni Malinen
c4a8c173b8 Revert "tests: Skip ap_wpa2_tdls_concurrent_init on failure"
This reverts commit bf700cc3d2. The
concurrent initialization test case is now expected to work again with
the STA entry added early enough to avoid the recently added mac80211
validation step failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-03 11:53:38 +03:00
Arik Nemtsov
77835ae9dd tests: Verify TDLS responder teardown in encrypted network
Older mac80211 implementations did not set the link identifier
appropriately, resulting in an incorrect teardown packet being sent the
peer. wpa_supplicant adds the FTE containing the MIC field calculated
using the correct link-identifier. This causes a MIC failure on the
other side and the teardown is discarded. Verify this case is fixed by
newer kernel and wpa_supplicant code.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:53:31 +03:00
Jouni Malinen
b5db69197a tests: Random MAC addresses while maintaining OUI
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
c1d1b6998d tests: Update server and user certificates
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
d1fc5736cc tests: FDB entry addition/removal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-29 14:03:15 +03:00
Jouni Malinen
7c33a65671 tests: P2P_PROV_DISC auto
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:56:06 +03:00
Jouni Malinen
746327ca86 tests: P2P service discovery no protocol/match cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:44:24 +03:00
Jouni Malinen
06f94fd0e1 tests: Increase P2P persistent group with per-STA PSK coverage
Remove and re-start the persistent group manually to increase test
coverage to include the case of re-configuring the PSK list entries from
a stored persistent group.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:09:53 +03:00
Jouni Malinen
4a7d73d161 tests: Make ap_hs20_random_mac_addr more robust
If the previuous test case used a non-RSN AP and that was left in
cfg80211 scan results, it was possible for ap_hs20_random_mac_addr to
pick that old AP from the previous test and reject to connect through
Hotspot 2.0 mechanisms. Work around this test issue by requesting new
set of scan result at the beginning of the test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 17:51:09 +03:00
Jouni Malinen
e5a79e3f93 tests: WPS while connected
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 11:03:48 +03:00
Jouni Malinen
816e3df972 tests: Random MAC address use
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 20:07:55 +03:00
Jouni Malinen
321c7f6034 tests: Make ap_wps_er_add_enrollee more robust under load
The scan for WPS-AUTH validation may miss a Probe Response frame if the
hostapd process gets blocked under load, e.g., when testing with
parallel-vm.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:17:17 +03:00
Jouni Malinen
377babb205 tests: Fix autogo_bridge to clear autoscan setting
Previously, periodic autoscan could have been left running and that
could result in the following test cases failing in some cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Jouni Malinen
852cb016d2 tests: Make ap_hs20 test cases more robust
Some of the test cases where using INTERWORKING_SELECT internally
without using scan_for_bss like the helper functions did. Add explicit
scan_for_bss calls to make the test cases less likely to fail due to
missing BSSes in scan results. This could cause false failure reports
when runnign under heavy load with parallel-vm.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Jouni Malinen
bbf20ca265 tests: Use TYPE=ONLY scan for scan_for_bss
This avoids unexpected connection attempts in cases a matching network
is enabled and there is no existing connection (e.g., when testing with
ENABLE_NETWORK no-connect option).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Jouni Malinen
bf700cc3d2 tests: Skip ap_wpa2_tdls_concurrent_init on failure
A mac80211 TDLS validation change ended up breaking test functionality
that was needed for this test case. Instead of reporting this known
issue as a FAIL every time, mark the test as SKIP since the issues is
known and there are no plans of "fixing" it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 11:30:56 +03:00
Jouni Malinen
36e7fbce34 tests: PMKSA_FLUSH
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 10:50:19 +03:00
Jouni Malinen
a567aae4a1 tests: Roaming policy change with the bssid parameter
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-11 15:59:42 +03:00
Jouni Malinen
d885a0ba7c tests: P2P GO netdev in a bridge
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-01 16:27:27 +03:00
Jouni Malinen
a0fd2ae643 tests: WPS mixed-WPA/WPA2 credential merging
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-29 20:25:18 +03:00
Jouni Malinen
d6df0d7e62 tests: Verify that sec_dev_type gets reported for P2P peer
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-27 16:22:53 +03:00
Jouni Malinen
4b15c3f256 tests: P2P GO channel preference and regulatory rule mismatch
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-26 17:57:26 +03:00
Jouni Malinen
9a5cfd7007 tests: No EAP fast session resumption between network blocks
Verify that EAP fast session resumption is skipped if the connection
uses a different network configuration than the last EAP connection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-26 20:23:08 +03:00
Jouni Malinen
1f41a20c92 tests: P2P vendor specific extensions
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-07-08 15:57:30 +03:00
Jouni Malinen
f1a36a53a5 tests: update_identifier in network block
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-07-02 15:51:20 +03:00
Jouni Malinen
8094a0077a tests: Fix wpas_ctrl_country to match the fixed event data
This test case for enforcing the incorrect init=DRIVER instead of
init=CORE for the event due to bug in the event message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-07-02 13:34:34 +03:00
Jouni Malinen
e8e571d7ce tests: SCAN scan_id
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-07-02 12:52:08 +03:00
Jouni Malinen
31424fa732 tests: P2P passphrase length configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-22 00:17:18 +03:00
Jouni Malinen
6c080dfab2 tests: EAP-SIM/AKA/AKA' protocol tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 20:34:25 +03:00
Jouni Malinen
72cbc6847b tests: EAP-SIM external_sim error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 19:43:11 +03:00
Jouni Malinen
d8e02214ea tests: EAP-AKA external_sim error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 11:30:57 +03:00
Jouni Malinen
32747a3eee tests: EAP-SIM/AKA invalid Milenage key configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-20 10:59:08 +03:00
Jouni Malinen
e4719179cb tests: SA Query rate limiting on burst of unprotected Deauth
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-19 20:59:46 +03:00
Jouni Malinen
e0534ecf90 tests: EAP-PSK protocol test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-18 00:13:56 +03:00
Jouni Malinen
7eb33a8f99 tests: Make concurrent_grpform_while_connecting2 more robust
It was possible for this test case to fail due to PBC overlap that was
detected based on previous test case having used PBC. Make that false
positive less likely to happen by explicitly clearing the scan cache on
dev[1].

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-16 17:07:25 +03:00
Jouni Malinen
2eae05f780 tests: EAP protocol test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-15 19:01:59 +03:00
Jouni Malinen
0954431621 tests: EAP-PAX protocol test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-15 17:36:53 +03:00
Avraham Stern
62fbc0a784 tests: GO configured preferred channels are disallowed
Verify that when all configured preferred channels are disallowed,
the GO is instantiated on a random channel.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-15 00:46:15 +03:00
Avraham Stern
eb383fc48e tests: Autonomous GO random channel selection
Verify that a standalone GO selects a random channel from the social
channels in case no other preference is set.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:33 +03:00
Avraham Stern
8d74469e61 tests: P2P GO negotiation when two peers force different freq
Verify that when trying to form a P2P group but each peer forces a
different frequency, the group formation fails.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:33 +03:00
Avraham Stern
744a214bdb tests: Frequency set as no GO
Verify that when setting frequency as no_go_freq and setting up
autonomous GO, the GO is instantiated on a different frequency, but
when forming a P2P group and becoming a client this frequency can be
used.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:33 +03:00
Avraham Stern
87e5dd0af1 tests: GO with preferred channel and station on a disallowed channel
Verify that when setting up autonomous GO with configured preferred
channel and a station interface is connected on a channel that is
disallowed for P2P, the GO is instantiated on the preferred channel.

Requires MCC.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:33 +03:00
Avraham Stern
b1f0cd8b4c tests: Autonomous GO with preferred channel and station on another channel
Verify that when setting up an autonomous GO with configured preferred
channel and a station interface is on another channel, the GO is
instantiated on the same channel as the station interface and not on the
configured preferred channel.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:32 +03:00
Avraham Stern
72f659238c tests: GO negotiation with forced freq different than station interface
Verify that when a station interface is on one frequency, and GO
negotiation is started in which both sides force a different frequency,
the P2P group is formed on the forced frequency (both as GO and client).

Requires MCC.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:09 +03:00
Haim Dreyfuss
031220832b tests: Autonomous GO force different channel than station interface
After station interface is connected on a specific channel, create
autonomous GO with forced different channel.

Requires MCC.

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
2014-06-14 23:08:54 +03:00
Avraham Stern
23aec8ffd6 tests: GO negotiation with station interface on a P2P-disallowed channel
Verify that when P2P group is formed and a station interface is
connected on a channel that is disallowed for P2P, the group is formed
on a different channel than the BSS (both as GO and client).

Requires MCC.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:08:53 +03:00
Avraham Stern
4b47d977c5 tests: GO with station interface on a P2P-disallowed channel
Verify that when setting up an autonomous GO and station interface is
connected on a channel that is disallowed for P2P uses, the GO is
instantiated on a different channel than the station mode connection.

Requires MCC.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:05:17 +03:00
Avraham Stern
9c69efc144 tests: GO negotiation with station interface is connected
Verify that when station interface is connected and GO negotiation is
initiated, the P2P group is formed on the same channel as the station
connection.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:04:41 +03:00
Haim Dreyfuss
ef59926999 tests: Autonomous GO channel selection following BSS
This test verifies that if a GO is instantiated after a connection of a
station interface, the chosen operating channel is that of the station
interface.

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
2014-06-14 23:04:08 +03:00
Haim Dreyfuss
5fe7a42601 tests: Add wpasupplicant get_mcc helper function
The function returns the number of concurrent channels supported by the
driver.

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
2014-06-14 19:49:17 +03:00
Haim Dreyfuss
57d909eeff tests: Add channels argument to run-all.sh and start.sh
Add an option to run-all.sh and start.sh to get as an argument the
number of concurrent channels that mac80211_hwsim will be loaded with.
To start mac80211_hwsim with more than one channel, the following
parameter should be added to command line: channels=<num_channels>
The default is one channel (no concurrent channels).
The driver should be loaded with multi channel support in order to run
some tests.

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
2014-06-14 19:47:51 +03:00
Jouni Malinen
30d62b7a88 tests: EAP-EKE protocol test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-14 17:27:12 +03:00
Jouni Malinen
e862968d18 tests: Validate parsing and rejection of invalid WFD subelement
This is a regression test for wifi_display_subelem_hex() bounds checking
issue.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-13 15:29:48 +03:00
Jouni Malinen
6ec64f3ec8 tests: Truncated GAS query request
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-13 00:27:15 +03:00
Jouni Malinen
2e9f8ee723 tests: EAP-GPSK protocol tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-12 01:00:56 +03:00
Jouni Malinen
d5c14b25fd tests: EAP-OTP protocol tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-11 21:23:54 +03:00
Jouni Malinen
43c5bc94f5 tests: cfg80211 offchannel TX vs. operating channel
This test case shows an example case where an uncancelled offchannel TX
frame command seems to end up getting following CMD_FRAME TX operations
transmitting on incorrect channel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-11 11:48:02 +03:00
Jouni Malinen
8604a68eec tests: EAP-MD5 protocol tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-11 00:54:45 +03:00
Jouni Malinen
18fc8f40fd tests: EAP-LEAP protocol tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-11 00:46:38 +03:00
Jouni Malinen
d81731e681 tests: Framework for EAP peer protocol tests
This introduces a minimal RADIUS authentication server using pyrad to
allow simple EAP handler functions to be used for writing protocol tests
for EAP peer methods. This initial commit includes test cases for
EAP-SAKE.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-09 00:30:44 +03:00
Jouni Malinen
a47f815ff3 tests: Extend RADIUS protocol testing coverage
Test RADIUS client behavior with various invalid Access-Accept messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-08 18:17:08 +03:00
Jouni Malinen
9a921f9a84 tests: Verify behavior on unexpected association event
This verifies association event processing in case the association was
not requested by wpa_supplicant.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-07 13:35:03 +03:00
Jouni Malinen
b246e2af79 tests: Non-ASCII EAP user identity
This is a regression test for printf_encode() bounds checking issues
that can now be caught under valgrind.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-02 17:36:51 +03:00
Jouni Malinen
a7fb2f2f4f tests: Run hostapd-AS under valgrind if requested
Previously, only hostapd-AP and wpa_supplicant processed were run under
valgrind when valgrind testing was enabled. Extend this to include
hostapd as authentication server.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-02 16:20:08 +03:00
Jouni Malinen
cf2f369818 tests: cfg80211 scan-for-auth workaround
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-02 00:26:23 +03:00
Jouni Malinen
5186e0c450 tests: nl80211 connect command and AP disconnecting the STA
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 23:20:36 +03:00
Jouni Malinen
40bda3805d tests: nl80211 connect command and association reject event
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 23:03:14 +03:00
Jouni Malinen
e6485ba764 tests: Remove CONFIG_DRIVER_TEST=y from example config
This was still present in hostapd example configuration even though the
test driver wrapper is not used anywhere in the hwsim testing and there
are no plans of using it either.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 22:47:44 +03:00
Jouni Malinen
2d6ce4327a tests: rfkill test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 16:17:33 +03:00
Jouni Malinen
40602101de tests: FT roams multiple times
This extends testing coverage by running FT-over-air and FT-over-DS
tests for hundred roams.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 15:48:48 +03:00
Jouni Malinen
c6b6e10578 tests: FT and GTK rekeying
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 13:22:24 +03:00
Jouni Malinen
3b25ad4cd6 tests: GTK rekeying
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 11:59:23 +03:00
Jouni Malinen
6c87b4b84e tests: PTK rekey enforced by AP
These are similar to the existing test cases where PTK rekey was
triggered by the station, but here a timer on the AP is used as the
trigger.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 11:47:37 +03:00
Jouni Malinen
8f614cd7a7 tests: Initial mechanism for RADIUS protocol testing
This brings in a minimal pyrad-based RADIUS server to allow various
protocol tests to be run. For now, the server is not adding
Message-Authenticator, so that error case is checked. Additional tests
can be added in the future.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 00:52:03 +03:00
Jouni Malinen
8b5f1095ce tests: RADIUS interim accounting with unreachable server
This adds coverage for radius_client_list_del() loop that deletes
pending messages related to the specific STA.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 00:02:15 +03:00
Jouni Malinen
de93da914f tests: Verify double DISABLE on hostapd with multi-BSS configuration
This used to result in a segmentation fault due to use of freed memory
(mismatch in pointer lifetime between hostapd.c and driver_nl80211.c).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-31 17:16:33 +03:00
Jouni Malinen
bedb6ea54f tests: Verify auto_interworking=1 with partiall matching network
This is a regression test for an issue where scanning sequence could be
terminated if interworking_find_network_match() finds a matching
network, but wpa_s->auto_select is not set. This could stop connection
attempts when auto_interworking=1 is used and the scan results have a
partially matching network and no cred match.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-31 13:25:12 +03:00
Jouni Malinen
0aee8330bd tests: RADIUS server failover
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-31 12:43:37 +03:00
Jouni Malinen
6a188ba3fc tests: RADIUS server unreachable with error handling
radius_{auth,acct}_unreachable tested some parts of RADIUS client code
error handling. However, they did not test everything since the send()
calls for unreachable port on localhost did not return an error (that
error was reported on receive side). Extend this with similar test cases
using unreachable IP address to get send() error returns covered as
well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-30 18:34:39 +03:00
Jouni Malinen
e707f9aac7 tests: P2P Client inviting a device to join a group
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 16:59:51 +03:00
Jouni Malinen
95cf24abcd tests: More protocol testing coverage for P2P invitation messages
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 16:46:59 +03:00
Jouni Malinen
9e669cb5ff tests: Hide stdout from Popen() to avoid undesired stdout prints
ap_cipher_tkip_countermeasures_{ap,sta} printed out the MAC addresses in
stdout which resulted in the debug log not starting the PASS/FAIL
information at the beginning of the line. Hide these unnecessary prints
to avoid that.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:18 +03:00
Jouni Malinen
c50f0eac11 tests: P2P Invitation Response protocol tests
This verifies most of the error cases in Invitation Response processing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:17 +03:00
Jouni Malinen
2f3b5fff15 tests: Invitation request with mismatching channel requirements
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:17 +03:00
Jouni Malinen
b1809dab7e tests: P2P invitation rejected from unknown peer
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:17 +03:00
Jouni Malinen
cdad30be2a tests: P2P invitation with Wi-Fi Display enabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:17 +03:00
Jouni Malinen
350a7ba90f tests: HS 2.0 remediation required from SQL user DB
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-28 00:56:13 +03:00
Jouni Malinen
5e5818458f tests: Persistent group invitation while GO already running
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-27 13:53:01 +03:00
Jouni Malinen
84d746c8dd tests: P2P persistent group during concurrent operation
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-27 13:53:00 +03:00
Jouni Malinen
2d68cfaaec tests: Persistent P2P group re-invocation without persistent reconnect
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-27 13:53:00 +03:00
Jouni Malinen
8b0980af50 tests: Move bitfield unit tests into wpa_supplicant module test
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:44 +03:00
Jouni Malinen
8860e0f47c tests: Add printf encoding/decoding module tests
This replaces tests/test-printf.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:44 +03:00
Jouni Malinen
aa9735e772 tests: P2P and driver event to avoid frequencies
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:44 +03:00
Jouni Malinen
de8c4144fa tests: No pending query for GAS comeback
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
1d1de2306d tests: Limit on number of GAS pending dialog contexts
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
745f87715e tests: Verify SQLite DB as hostapd EAP user database
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
e044016422 tests: gitignore TNC library files
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-21 18:47:57 +03:00
Jouni Malinen
3ba5cb29af tests: Add -rdynamic to fix TNC IMV/IMC loading on some platforms
The example IMV and IMC used for TNC testing has references to
wpa_printf and other functions from hostapd/wpa_supplicant. Link the
binaries in a way that allows these symbols to be resolved while loading
the libraries at run time.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-21 14:56:34 +03:00
Jouni Malinen
46fcf474ff tests: Add CAVP test vectors for RSA/PKCS #1 v1.5 signature validation
This allow the PKCS #1 and RSA implementation to be validated against
the test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-2rsatestvectors.zip
and
http://csrc.nist.gov/groups/STM/cavp/documents/dss/SigVer15EMTest.txt.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-20 19:52:57 +03:00
Jouni Malinen
e90d955f7c tests: Add CAVP test vectors for byte-oriented SHA-1 and SHA-256
This allows the SHA-1 implementation to be validated against the
SHA1ShortMsg.rsp and SHA1LongMsg.rsp test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/shs/shabytetestvectors.zip.
Similarly, the SHA-256 can be validated against the SHA256ShortMsg.rsp
and SHA256LongMsg.rsp.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 19:52:03 +03:00
Jouni Malinen
c4d370117b tests: EAP-PEAP parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:44:39 +03:00
Jouni Malinen
ea6464b07f tests: EAP-PEAP crypto_binding=0/1
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:33:59 +03:00
Jouni Malinen
873e7c297c tests: EAP-FAST using PAC file
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:28:31 +03:00
Jouni Malinen
8583d66478 tests: EAP-AKA' and EAP-AKA both enabled (bidding mechanism)
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:04:18 +03:00
Jouni Malinen
95fb531ccc tests: EAP-TTLS/EAP-AKA, EAP-PEAP/EAP-AKA, EAP-FAST/EAP-AKA
These add some more EAP-TTLS/PEAP/FAST coverage to test pending Phase 2
response re-processing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:43:50 +03:00
Jouni Malinen
82a8f5b533 tests: Incorrect/missing password with TTLS non-EAP methods
Incorrect password was already tested with TTLS/MSCHAPv2, but the other
non-EAP inner methods in TTLS use their own implementation of password
validation, so check each and also verify the case of no matching EAP
user entry for the specific method.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:19:28 +03:00
Jouni Malinen
dbd1e184e3 tests: TNC testing
This implements minimal IMC and IMV to allow TNC testing with PEAP (SoH)
and TTLS/FAST with EAP-TNC.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 20:05:55 +03:00
Jouni Malinen
ae14a2e29f tests: FT negative test with mismatching R0KH-ID
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 20:05:55 +03:00
Jouni Malinen
d314bedf2d tests: EAP-AKA using external USIM processing for UMTS auth
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 20:37:39 +03:00
Jouni Malinen
4e0a94b7dc tests: Add more details to help with initial setup configuration
This documents some more steps needed during initial test setup
configuration to make it easier to get this running even without
thorough knowledge of the network setup used by the operating system.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-16 19:24:47 +03:00
Jouni Malinen
d00184df7c tests: Verify HT40 coex scan with 20 MHz legacy BSS
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-16 01:23:29 +03:00
Jouni Malinen
d352c407e3 tests: Verify that WPS operation report failure if WPS is disabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 00:58:48 +03:00
Jouni Malinen
4ef7053119 tests: Make GAS test cases more robust
Scan explicitly for the specific AP to work around issues where under
heavy CPU load, the single active scan round may miss the delayed Probe
Response from the AP. In addition, verify that ANQP_GET commands succeed
to make error cases clearer in the log.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 00:30:40 +03:00
Jouni Malinen
3051c9866b tests: Verify P2P GO Negotiation wait-for-ready timeout
This verifies that the wait for peer to be ready for GO Negotiation is
timed out properly at no less than 120 seconds. Since this is a long
test case, it is disabled by default without the --long option.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 23:58:10 +03:00
Jouni Malinen
33714def3a tests: Verify P2P_FIND operation when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:35:09 +03:00
Jouni Malinen
23a6d4d8df tests: Verify scan behavior when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:10:52 +03:00
Jouni Malinen
76f999b01d tests: Show number of remaining parallel VMs
Make the parallel-vm.sh output a bit more helpful by showing a count of
running VMs.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
7e49399b6f tests: Make ap_acl_accept and ap_acl_deny more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
487a31f355 tests: Make wpas_ctrl_bssid_filter more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
54c20c9b43 tests: Make discovery_group_client more robust
Allow three P2P_FIND attempts for discovering the GO on a non-social
channels since the single Probe Response frame can be missed easily
under heavy CPU load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
84a4084177 tests: Make WPS test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
cbb85a0380 tests: Make ap_wpa2_eap_ttls_server_cert_hash_invalid more robust
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
655bc8bfd6 tests: Make FT test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP. In addition, check for ROAM/FT_DS failures to be
able to report errors more clearly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
841bed04de tests: Make HS 2.0 test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
814f7ac85c tests: Make scan and scan_only more robust
These can fail during heavy CPU load due to active scan dwell time not
being long enough to catch the delayed Probe Response frame from the AP.
Work around this by allowing multiple scan attempts to see the response.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
4221679233 tests: Verify P2P GO start when scan_req = MANUAL_SCAN_REQ
There was a bug in this code path that resulted in the
skip-scan-to-start-GO case to not actually skip the scan. It looks like
this could be hit at least when autoscan was enabled, but it is possible
that some other sequences could hit this as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
16dffef1e6 tests: Work around grpform_pbc_overlap robustness issues
Since P2P Client scan case is now optimzied to use a specific SSID, the
WPS AP will not reply to that and the scan after GO Negotiation can
quite likely miss the AP due to dwell time being short enoguh to miss
the Beaco frame. This has made the test case somewhat pointless, but
keep it here for now with an additional scan to confirm that PBC
detection works if there is a BSS entry for a overlapping AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
c126cb4d1c tests: Make pmksa_cache_on_roam_back more robust
The single channel scan while associated to another AP and immediately
after starting the second AP can miss the Probe Response frame
especially under heavy CPU load. Avoid false error reports by allowing
multiple scan rounds to be performed. wpas_ctrl_bssid_filter is also
modified to take into account different get_bss() behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:45 +03:00
Jouni Malinen
4162db59ae tests: DUP_NETWORK
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-12 19:43:59 +03:00
Jouni Malinen
0878241778 tests: Clear cfg80211 scan results before HT coex tests
This is needed to avoid incorrect failures based on neighboring BSSes
from earlier test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 23:01:10 +03:00
Jouni Malinen
5a0c15174b tests: UNAUTH-TLS
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
8ba89e0a32 tests: EAP-pwd with server fragmenting messages
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
47a74ad81a tests: EAP-IKEv2 fragmentation
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
46e094bd6f tests: EAP-FAST and missing PAC configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
c6ab1cdbc5 tests: EAP-FAST using binary PAC file format
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
4b2d209824 tests: EAP-pwd with invalid group
This could result in wpa_supplicant segmentation fault prior to the
EAP-pwd fix for error case handling.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
cb4ac38b15 tests: Fix scan_bss_operations
The BSS id numbers were assumed to start from 0 at the beginning of this
test case, but that is only the case if this is run as the first test
after starting wpa_supplicant. Fix the test case to figure out the id
values dynamically to avoid false errors.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
e2a90a4c79 tests: EAP-SIM/AKA configuration parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
5b1aaf6cfb tests: EAP-SIM/AKA/AKA' with SQLite
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 17:57:28 +03:00
Jouni Malinen
32dca985c7 tests: EAP with expanded Nak
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:33:49 +03:00
Jouni Malinen
633e364b60 tests: EAP roundtrip limit
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:20:54 +03:00
Jouni Malinen
37ffe7c568 tests: HS 2.0 with FT
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 16:17:41 +03:00
Jouni Malinen
2e3f286253 tests: Fix couple of compiler warnings
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 13:13:39 +03:00