Commit graph

786 commits

Author SHA1 Message Date
Jouni Malinen
8f614cd7a7 tests: Initial mechanism for RADIUS protocol testing
This brings in a minimal pyrad-based RADIUS server to allow various
protocol tests to be run. For now, the server is not adding
Message-Authenticator, so that error case is checked. Additional tests
can be added in the future.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 00:52:03 +03:00
Jouni Malinen
8b5f1095ce tests: RADIUS interim accounting with unreachable server
This adds coverage for radius_client_list_del() loop that deletes
pending messages related to the specific STA.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 00:02:15 +03:00
Jouni Malinen
de93da914f tests: Verify double DISABLE on hostapd with multi-BSS configuration
This used to result in a segmentation fault due to use of freed memory
(mismatch in pointer lifetime between hostapd.c and driver_nl80211.c).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-31 17:16:33 +03:00
Jouni Malinen
bedb6ea54f tests: Verify auto_interworking=1 with partiall matching network
This is a regression test for an issue where scanning sequence could be
terminated if interworking_find_network_match() finds a matching
network, but wpa_s->auto_select is not set. This could stop connection
attempts when auto_interworking=1 is used and the scan results have a
partially matching network and no cred match.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-31 13:25:12 +03:00
Jouni Malinen
0aee8330bd tests: RADIUS server failover
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-31 12:43:37 +03:00
Jouni Malinen
6a188ba3fc tests: RADIUS server unreachable with error handling
radius_{auth,acct}_unreachable tested some parts of RADIUS client code
error handling. However, they did not test everything since the send()
calls for unreachable port on localhost did not return an error (that
error was reported on receive side). Extend this with similar test cases
using unreachable IP address to get send() error returns covered as
well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-30 18:34:39 +03:00
Jouni Malinen
e707f9aac7 tests: P2P Client inviting a device to join a group
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 16:59:51 +03:00
Jouni Malinen
95cf24abcd tests: More protocol testing coverage for P2P invitation messages
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 16:46:59 +03:00
Jouni Malinen
9e669cb5ff tests: Hide stdout from Popen() to avoid undesired stdout prints
ap_cipher_tkip_countermeasures_{ap,sta} printed out the MAC addresses in
stdout which resulted in the debug log not starting the PASS/FAIL
information at the beginning of the line. Hide these unnecessary prints
to avoid that.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:18 +03:00
Jouni Malinen
c50f0eac11 tests: P2P Invitation Response protocol tests
This verifies most of the error cases in Invitation Response processing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:17 +03:00
Jouni Malinen
2f3b5fff15 tests: Invitation request with mismatching channel requirements
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:17 +03:00
Jouni Malinen
b1809dab7e tests: P2P invitation rejected from unknown peer
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:17 +03:00
Jouni Malinen
cdad30be2a tests: P2P invitation with Wi-Fi Display enabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-29 15:37:17 +03:00
Jouni Malinen
350a7ba90f tests: HS 2.0 remediation required from SQL user DB
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-28 00:56:13 +03:00
Jouni Malinen
5e5818458f tests: Persistent group invitation while GO already running
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-27 13:53:01 +03:00
Jouni Malinen
84d746c8dd tests: P2P persistent group during concurrent operation
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-27 13:53:00 +03:00
Jouni Malinen
2d68cfaaec tests: Persistent P2P group re-invocation without persistent reconnect
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-27 13:53:00 +03:00
Jouni Malinen
8b0980af50 tests: Move bitfield unit tests into wpa_supplicant module test
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:44 +03:00
Jouni Malinen
8860e0f47c tests: Add printf encoding/decoding module tests
This replaces tests/test-printf.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:44 +03:00
Jouni Malinen
aa9735e772 tests: P2P and driver event to avoid frequencies
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:44 +03:00
Jouni Malinen
de8c4144fa tests: No pending query for GAS comeback
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
1d1de2306d tests: Limit on number of GAS pending dialog contexts
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
745f87715e tests: Verify SQLite DB as hostapd EAP user database
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
e044016422 tests: gitignore TNC library files
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-21 18:47:57 +03:00
Jouni Malinen
3ba5cb29af tests: Add -rdynamic to fix TNC IMV/IMC loading on some platforms
The example IMV and IMC used for TNC testing has references to
wpa_printf and other functions from hostapd/wpa_supplicant. Link the
binaries in a way that allows these symbols to be resolved while loading
the libraries at run time.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-21 14:56:34 +03:00
Jouni Malinen
46fcf474ff tests: Add CAVP test vectors for RSA/PKCS #1 v1.5 signature validation
This allow the PKCS #1 and RSA implementation to be validated against
the test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-2rsatestvectors.zip
and
http://csrc.nist.gov/groups/STM/cavp/documents/dss/SigVer15EMTest.txt.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-20 19:52:57 +03:00
Jouni Malinen
e90d955f7c tests: Add CAVP test vectors for byte-oriented SHA-1 and SHA-256
This allows the SHA-1 implementation to be validated against the
SHA1ShortMsg.rsp and SHA1LongMsg.rsp test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/shs/shabytetestvectors.zip.
Similarly, the SHA-256 can be validated against the SHA256ShortMsg.rsp
and SHA256LongMsg.rsp.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 19:52:03 +03:00
Jouni Malinen
c4d370117b tests: EAP-PEAP parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:44:39 +03:00
Jouni Malinen
ea6464b07f tests: EAP-PEAP crypto_binding=0/1
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:33:59 +03:00
Jouni Malinen
873e7c297c tests: EAP-FAST using PAC file
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:28:31 +03:00
Jouni Malinen
8583d66478 tests: EAP-AKA' and EAP-AKA both enabled (bidding mechanism)
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:04:18 +03:00
Jouni Malinen
95fb531ccc tests: EAP-TTLS/EAP-AKA, EAP-PEAP/EAP-AKA, EAP-FAST/EAP-AKA
These add some more EAP-TTLS/PEAP/FAST coverage to test pending Phase 2
response re-processing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:43:50 +03:00
Jouni Malinen
82a8f5b533 tests: Incorrect/missing password with TTLS non-EAP methods
Incorrect password was already tested with TTLS/MSCHAPv2, but the other
non-EAP inner methods in TTLS use their own implementation of password
validation, so check each and also verify the case of no matching EAP
user entry for the specific method.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:19:28 +03:00
Jouni Malinen
dbd1e184e3 tests: TNC testing
This implements minimal IMC and IMV to allow TNC testing with PEAP (SoH)
and TTLS/FAST with EAP-TNC.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 20:05:55 +03:00
Jouni Malinen
ae14a2e29f tests: FT negative test with mismatching R0KH-ID
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 20:05:55 +03:00
Jouni Malinen
d314bedf2d tests: EAP-AKA using external USIM processing for UMTS auth
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 20:37:39 +03:00
Jouni Malinen
4e0a94b7dc tests: Add more details to help with initial setup configuration
This documents some more steps needed during initial test setup
configuration to make it easier to get this running even without
thorough knowledge of the network setup used by the operating system.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-16 19:24:47 +03:00
Jouni Malinen
d00184df7c tests: Verify HT40 coex scan with 20 MHz legacy BSS
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-16 01:23:29 +03:00
Jouni Malinen
d352c407e3 tests: Verify that WPS operation report failure if WPS is disabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 00:58:48 +03:00
Jouni Malinen
4ef7053119 tests: Make GAS test cases more robust
Scan explicitly for the specific AP to work around issues where under
heavy CPU load, the single active scan round may miss the delayed Probe
Response from the AP. In addition, verify that ANQP_GET commands succeed
to make error cases clearer in the log.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 00:30:40 +03:00
Jouni Malinen
3051c9866b tests: Verify P2P GO Negotiation wait-for-ready timeout
This verifies that the wait for peer to be ready for GO Negotiation is
timed out properly at no less than 120 seconds. Since this is a long
test case, it is disabled by default without the --long option.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 23:58:10 +03:00
Jouni Malinen
33714def3a tests: Verify P2P_FIND operation when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:35:09 +03:00
Jouni Malinen
23a6d4d8df tests: Verify scan behavior when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:10:52 +03:00
Jouni Malinen
76f999b01d tests: Show number of remaining parallel VMs
Make the parallel-vm.sh output a bit more helpful by showing a count of
running VMs.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
7e49399b6f tests: Make ap_acl_accept and ap_acl_deny more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
487a31f355 tests: Make wpas_ctrl_bssid_filter more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
54c20c9b43 tests: Make discovery_group_client more robust
Allow three P2P_FIND attempts for discovering the GO on a non-social
channels since the single Probe Response frame can be missed easily
under heavy CPU load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
84a4084177 tests: Make WPS test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
cbb85a0380 tests: Make ap_wpa2_eap_ttls_server_cert_hash_invalid more robust
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
655bc8bfd6 tests: Make FT test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP. In addition, check for ROAM/FT_DS failures to be
able to report errors more clearly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00