Commit graph

335 commits

Author SHA1 Message Date
Jouni Malinen
9e59cb8392 tests: Update server and user certificates (2024)
At least some of the previous versions have expired, so need to re-sign
these to avoid EAP test case failures. This contains updates from
running tests/hwsim/auth_server/update.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-04-17 21:25:56 +03:00
Benjamin Berg
71bcb97b8c tests: Use pgrep instead of ps
The ps command as shipped by busybox does not support the "command"
column. Change the code to use pgrep instead which will work fine in all
environments.

In addition, raise an exception if PID was not found since the test
would just hang with pid = 0.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2024-01-20 09:35:39 +02:00
Jouni Malinen
b283de094b tests: Wait hostapd processing to complete in ap_wpa2_eap_in_bridge
This avoids race conditions with REAUTHENTICATE commands and hostapd
completing previous 4-way handshake.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-12-14 19:53:18 +02:00
Jouni Malinen
9579d4eff9 tests: Wait for AP/GO event in addition to STA
Wait for AP/GO to complete processing before taking the next step in a
test instead of waiting just for STA. This avoids race conditions with
UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-10 19:40:49 +02:00
Jouni Malinen
b0fc0154f5 tests: Wait for hostapd event in addition to wpa_supplicant
Wait for hostapd to complete processing before taking the next step in a
test instead of waiting just for wpa_supplicant. This avoids race
conditions with UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 19:02:38 +02:00
Jouni Malinen
a7fdd58039 tests: Update capability checks to include OpenSSL 3.1 and 3.2
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-02 11:22:24 +02:00
Benjamin Berg
6f2289b6b4 tests: Avoid exception string matching for failures
Future commits change the related code and exception string. Avoiding
using the context is easy here and actually avoids two layers of
nesting.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 11:24:00 +02:00
Ilan Peer
f321705e31 tests: Add basic test for 802.1X-SHA384 with EAP-PSK
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-03 17:08:36 +02:00
Jouni Malinen
ed4e845576 tests: Work around race condition for TRANSITION-DISABLE processing
This event may be sent before CTRL-EVENT-CONNECTED, so modify the test
cases to wait directly for TRANSITION-DISABLE by skipping the separate
wait for CTRL-EVENT-CONNECTED.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-02 15:57:39 +02:00
Jouni Malinen
71b26a7675 tests: Adding EAP-SIM/AKA coverage for ID selection
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-09-21 11:55:49 +03:00
Jouni Malinen
b2a1e7fe7a tests: PEAP and TTLS phase2_auth behavior
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-07-17 21:25:06 +03:00
Jouni Malinen
9bad3c975d tests: Update server and user certificates (2023)
At least some of the previous versions have expired, so need to re-sign
these to avoid EAP test case failures. This contains updates from
running tests/hwsim/auth_server/update.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-04-18 11:40:10 +03:00
Glenn Strauss
8e364713ef tests: Check IMSI privacy support using a helper function
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-11-20 17:23:10 +02:00
Jouni Malinen
b092d8ee63 tests: imsi_privacy_attr
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-05-25 20:19:52 +03:00
Jouni Malinen
99165cc4b0 Rename wpa_supplicant imsi_privacy_key configuration parameter
Use imsi_privacy_cert as the name of the configuration parameter for the
X.509v3 certificate that contains the RSA public key needed for IMSI
privacy. The only allowed format for this information is a PEM-encoded
X.509 certificate, so the previous name was somewhat confusing.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-05-24 00:44:03 +03:00
Jouni Malinen
426932f061 tests: EAP-AKA and expired imsi_privacy_key
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-05-24 00:34:08 +03:00
Juliusz Sosinowicz
3890fa5031 tests: Enable additional TLS test cases with wolfSSL
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2022-05-01 17:27:11 +03:00
Jouni Malinen
924fa4c5d9 tests: IMSI privacy with imsi_privacy_key on peer
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-05-01 16:25:16 +03:00
Jouni Malinen
9dd2ea5368 tests: IMSI privacy with imsi_identity
Add RSA public key (in an X.509v3 certificate) and private key for IMSI
privacy. These were generated with
openssl req -new -x509 -sha256 -newkey rsa:2048 -nodes -days 7500 \
	-keyout imsi-privacy-key.pem -out imsi-privacy-cert.pem

Test the case where wpa_supplicant side RSA-OAEP operation for IMSI
privacy is done in an external component while the hostapd (EAP server)
processing of the encrypted identity is internal.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-05-01 16:25:16 +03:00
Juliusz Sosinowicz
af052e6e11 tests: Include additional tests for wolfSSL builds
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2022-04-17 22:02:55 +03:00
Jouni Malinen
698c05da2b tests: Update server and user certificates (2022)
The previous versions are going to be expiring soon, so need to re-sign
these to avoid EAP test case failures. This contains updates from
running tests/hwsim/auth_server/update.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-16 13:22:16 +03:00
Jouni Malinen
b08d100de6 tests: Remove test cases for wpa_supplicant dh_file parameter
This parameter has no impact to TLS client functionality, so these is
not really any point to maintain these test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-15 23:42:15 +03:00
Jouni Malinen
6c9e76e58a tests: Fix ap_wpa2_eap_fast_eap_vendor to check EAP-FAST support in build
Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-15 13:49:19 +03:00
Jouni Malinen
7310995d87 tests: EAP-TLSv1.3 with OCSP stapling
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-07 00:47:31 +03:00
Jouni Malinen
1ba0043034 tests: EAP-TLSv1.3 and fragmentation
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-07 00:47:31 +03:00
Jouni Malinen
202842b8b3 tests: EAP-TLSv1.3 and missing protected success indication
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-07 00:45:40 +03:00
Jouni Malinen
f5fcac731f tests: Update capability checks to include OpenSSL 3.0
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 17:42:55 +02:00
Jouni Malinen
2bbc5a2b09 tests: wpa_supplicant config blobs and PEM encoding
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-08-19 17:41:13 +03:00
Jouni Malinen
6162890798 tests: Update server and user certificates (2020)
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases. This contains updates from running
tests/hwsim/auth_server/update.sh.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-05-03 20:03:28 +03:00
Jouni Malinen
aa6a50849c tests: EAP-SIM with decorated anonymous identity
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-19 21:12:43 +02:00
Jouni Malinen
cf47a43335 tests: EAP-SIM DB error cases (SQLite)
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 17:58:14 +02:00
Jouni Malinen
b54410127d tests: hapd->tmp_eap_user clearing on interface deinit/reinit
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 11:45:48 +02:00
Jouni Malinen
8d80aa3fca tests: Fix openssl_systemwide_policy cleanup
Need to close the WpaSupplicant instance on the extra radio before
returning from this test case since that interface is going to be
removed and WpaSupplicant.__del__() can time out on trying to detach the
monitor connection after that.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-01 12:34:05 +02:00
Jouni Malinen
fcdf5d93ea tests: EAP-TTLS and PEAP with TLS 1.3
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-20 18:00:54 +02:00
Jouni Malinen
0f84a56219 tests: More explicit TLS version enabling in version tests
This is needed to allow the test cases to work on systems using
secpolicy=2 default (e.g., Ubuntu 20.04).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-09-08 19:32:36 +03:00
Jouni Malinen
f636bc3abc tests: Skip TOD-TOFU/STRICT tests if build does not support this
This functionality is currently available only with OpenSSL and internal
TLS implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-16 21:58:10 +03:00
Jouni Malinen
82f2e3ddce tests: Move from 1024 bit private keys to 2048 bit keys
Crypto libraries are starting to refuse to accept the old shorter keys,
so move all test certificates and DH to use 2048 bit (or longer) keys.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 18:21:13 +03:00
Jouni Malinen
7e88ed8e2d tests: Use function decorator to clean up --long processing
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
48ac765919 tests: ap_wpa2_eap_assoc_rsn to allow TKIP-disabled hostapd build
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
21cf2c5baf tests: Skip more tests based on missing TKIP support
This makes it more convenient to run tests with builds that disable
TKIP/WPA(v1) support completely.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
431e5d5819 tests: Add forgotten step to ap_wpa3_eap_transition_disable
This was supposed to be included, but was forgotten in an editor window
with pending changes..

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 00:57:40 +02:00
Jouni Malinen
5cf5680e5c tests: Transition disable
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 00:22:57 +02:00
Alexander Wetzel
5742d12d4a tests: Allow PTK0 rekey for tests
Verify PTK0 rekey blocking is working as intended.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-02-23 13:11:02 +02:00
Jouni Malinen
e0d9f5fc15 tests: Replace tabs with spaces in python indentation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-03 02:03:32 +02:00
Jouni Malinen
362889638b tests: Check for TLS EC support in build
These test cases need to be skipped with CONFIG_TLS=internal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:54:07 +02:00
Jouni Malinen
09f96acb9d tests: PSK/EAP without nl80211 control port
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-05 21:31:33 +02:00
Jouni Malinen
d07ca835cb tests: Move ocsp-resp-*-signed*.der generation into test case
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
b6bb4cd8c5 tests: Move ocsp-server-cache-{revoked,unknown}.der generation into test case
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
662c2fa01a tests: Use the run_openssl() helper for running openssl
This avoids unnecessary duplication of the same functionality to run
openssl and check result.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
47ccb9ce24 tests: Move ocsp-server-cache-key-id.der generation into test case
There is no need to generate this OCSP response for every single test
session. Generate this more dynamically if the test case that uses the
particular file is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00