Commit graph

2785 commits

Author SHA1 Message Date
Jouni Malinen
c9aba19bd3 tests: WPA2-Enterprise connection using EAP-PSK after MAC address change
This is a regression test for a sequence where wpa_supplicant interface
MAC address is changed externally and the ifdown-ifup sequence is
processed only after the interface has already been set UP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-03-30 12:16:49 +03:00
Jouni Malinen
4ae39c121f tests: sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-30 10:44:38 +03:00
Jouni Malinen
f68caa35e3 tests: GAS/ANQP and Venue URL (hostapd venue_url)
Test the hostapd venue_url configuration parameter. In addition, fix the
previous defined gas_anqp_venue_url test case to use correct encoding of
the Venue URL ANQP-element payload (URLs were missing and Venue Number
was off-by-one).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 16:11:54 +03:00
Jouni Malinen
bf001e42bf tests: FILS SK using ERP and FT initial mobility domain association
Verify use of KCK2/KEK2 and new FTE MIC calculation with FT-FILS-SHA256.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 12:31:04 +03:00
Jouni Malinen
80da433507 tests: Overlapping BSS scan report handling no overlap
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-21 22:15:29 +02:00
Jouni Malinen
0c061630ad tests: DPP Configurator reconfiguration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-16 20:56:05 +02:00
Jouni Malinen
c63e69c379 tests: DPP protocol testing - stop when transmitting Auth Conf
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-13 01:04:03 +02:00
Sean Parkinson
d8003dcba2 tests: Add support for wolfSSL cryptographic library
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Sean Parkinson
ff7affcc77 tests: Check PKCS#12 support in additional test cases
These test cases use PKCS#12, so skip them if the build does not include
support for it.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Sean Parkinson
ead550b9dd tests: Verify MSCHAPV2 support in eap_peap_session_resumption
This test case uses EAP-MSCHAPv2 within the PEAP tunnel, so verify that
the build includes support for that before running the test.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Jouni Malinen
adc5e37a02 tests: Suite B tests with BoringSSL
Enable appropriate Suite B test cases with BoringSSL. Currently, this
means enabling only the 192-bit level ECDSA and ECDHE-RSA since
BoringSSL has removed support for DHE and there is no need to support
128-bit level ECDSA anymore.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 17:38:40 +02:00
Jouni Malinen
007bf37e4b tests: Processing of truncated RSNE fields
Verify that truncated RSN Capabilities field and PMKIDCount field get
ignored.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 12:26:26 +02:00
Masashi Honma
ede4f68e0a tests: Fix Permission denied on Fedora
On Fedora 26, start.sh fails with these error messages.

Failed to connect to wpa_supplicant global interface: /tmp/wpas-wlan0  error: Permission denied
Failed to connect to wpa_supplicant global interface: /tmp/wpas-wlan0  error: Permission denied
...

This is because Fedora 26 uses "wheel" group as administrative group.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2018-02-17 18:56:38 +02:00
Vasyl Vavrychuk
2494bcef24 tests: Add option --dbus for logging D-Bus messages
Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
2018-02-17 18:21:47 +02:00
Vasyl Vavrychuk
2e4707a0a7 tests: Document building of hostapd_cli for hwsim builds
This is used in the tests, too, and was already covered by the build.sh
script, but not this README file.

Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
2018-02-17 18:15:31 +02:00
Jouni Malinen
57dc90e386 tests: wpa_supplicant AP mode - open network with client isolation
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:57:45 +02:00
Jouni Malinen
e51e49fccc tests: Fix dbus_set_global_properties failure if run twice
Clear the model_name parameter back to the default (empty string) at the
beginning and the end of dbus_set_global_properties to avoid failures if
the test case is run multiple times.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:41:57 +02:00
Jouni Malinen
50d7cdedae tests: Make dbus_p2p_discovery more robust
Ignore any unexpected deviceLost event before the peer devices has been
discovered. This works around issues where the previous test case
terminates before the D-Bus events have been fully delivered. This could
happen, e.g., when running dbus_p2p_discovery twice in a row.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:21:05 +02:00
Jouni Malinen
a8ec0b8ccc tests: sigma_dut controlled STA as DPP PKEX responder and error case
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-13 00:24:50 +02:00
Jouni Malinen
8f7a50a63e tests: MAC ACL accept/deny management
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 19:45:32 +02:00
Jouni Malinen
27a8d93b07 tests: Make dpp_qr_code_curve_select more robust
Wait for the configuration exchange to complete before issuing the
DPP_STOP_LISTEN command to avoid confusing sequence of operation between
the ongoing and immediately following DPP exchanges.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 17:09:20 +02:00
Jouni Malinen
4370ffc0c4 tests: DPP and PKEX on 5 GHz
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 16:58:52 +02:00
Jouni Malinen
fc031b7ea7 tests: Make owe_transition_mode_multi_bss more robust
Fix bssid2 value to make scanning more reliable for the second OWE BSS.
In addition, reorder the STA status checks to happen before the data
connectivity check to get more accurate failure reason into the log if
the test case fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-07 13:45:48 +02:00
Jouni Malinen
e129e6bd27 tests: sigma_dut DPP roles incompatible
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 22:08:21 +02:00
Jouni Malinen
3e3d634fa7 tests: Enable PMF in sigma_dut DPP tests
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 22:08:21 +02:00
Jouni Malinen
2fec710ac5 tests: Use PMF in DPP with legacy PSK/SAE cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 20:52:44 +02:00
Jouni Malinen
05e5c0e554 tests: Run owe test with PMF required
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 18:55:18 +02:00
Jouni Malinen
0dc3c5f2ee tests: WPA2-PSK-FT AP with PSK from a file
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-04 12:40:03 +02:00
Adiel Aloni
946ed13c98 tests: Enable device PS before sending PS-Poll
Linux kernel commit c9491367b759 ("mac80211: always update the PM state
of a peer on MGMT / DATA frames") enforces the AP to check only
mgmt/data frames PM bit, and to update station's power save accordingly.
When sending only a PS-Poll (control frame) the AP will ignore the PM
bit. As the result, the partial virtual bitmap will not be updated, and
the test ap_open_disconnect_in_ps will fail on tshark check. Since the
test needs only the TIM to be updated, setting PS enabled will send NDP
that will signal that the station is sleeping. Sending PS-Poll to enable
power save is not correct, according to the following standard
statement: "A PS-Poll frame exchange does not necessarily result in an
Ack frame from the AP, so a non-AP STA cannot change power management
mode using a PS-Poll frame."

Signed-off-by: Adiel Aloni <adiel.aloni@intel.com>
2018-02-04 12:06:11 +02:00
Jouni Malinen
3382224082 tests: SAE with connect command
This does not really work with mac80211_hwsim due to missing offload
support, but at least some minimal extra code coverage can be achieved.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-02 20:21:46 +02:00
Jouni Malinen
8f9d2b171f tests: Update DPP PKEX test vector parameters to match new tech spec
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-30 18:28:24 +02:00
Jouni Malinen
2d7aa8d575 tests: Make dpp_pkex_test_vector parameters clearer
This makes it a bit clearer to see which parameters need to be modified
if the test vector needs to be recreated based on new values.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-30 18:21:37 +02:00
Jouni Malinen
35818d3e07 tests: DPP using externally generated bootstrapping keys
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-29 13:23:19 +02:00
Jouni Malinen
af0c6e09e6 tests: OWE with PMF required and with open network selection
Verify that PMF can be marked required OWE networks and verify that a
station in transition mode can connect to an open network.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-21 11:13:01 +02:00
Jouni Malinen
b70a3fc169 tests: Add the EC root CA private keys to repository
These were forgotten from the initial commit adding the EC PKI.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 22:42:23 +02:00
Jouni Malinen
7fd583d62c tests: Suite B 192-bit RSA validation with 2048-bit client cert
Verify that unexpected 2048-bit RSA client certificate gets rejected by
the RADIUS server if the server is configured to use Suite B at 192-bit
level.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 22:40:55 +02:00
Jouni Malinen
9ec824b9c1 tests: Suite B 192-bit validation with p256 client cert
Verify that unexpected p256 client certificate gets rejected if the
server is configured to use Suite B at 192-bit level.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 20:30:07 +02:00
Jouni Malinen
80ad068001 tests: Update ap_wpa2_eap_assoc_rsn to match implementation change
This covers the new status code for group management cipher mismatch.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 02:08:39 +02:00
Jouni Malinen
6f90cfd780 tests: sigma_dut Suite B tests to not explicitly set PMF
PMF is supposed to be enabled automatically in sigma_dut, so remove
the explicit argument to do so from the commands.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
fe4af86c16 tests: WPA2-PSK AP and association request RSN IE with PMKID
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
6333cb812b tests: Use longer timeout in sigma_dut_dpp_proto_initiator
This is needed to be ready for a sigma_dut change to wait for an extra
frame RX event.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
7e526fa735 tests: sigma_dut sta_scan_bss
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
c5238c483f tests: sigma_dut with alternative OWE transition mode configuration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
23c45cd0ff tests: sigma_dut and new DPP config index values
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
c8b19de245 tests: DPP QR Code and hostapd as initiator (offchannel)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-08 05:21:49 +02:00
Jouni Malinen
7b498ecafb tests: Enable and require PMF in SAE and OWE test cases with sigma_dut
All SAE and OWE associations are expected to require PMF to be
negotiated, so enable or require PMF in AP and STA configurations
accordingly to match the new sigma_dut behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-06 19:52:12 +02:00
Jouni Malinen
b4635f0a61 tests: GnuTLS configuration of intermediate CA certificate
GnuTLS seems to require the intermediate CA certificate to be included
both in the ca_cert and client_cert file for the cases of server and
client certificates using different intermediate CA certificates. Use
the user_and_ica.pem file with GnuTLS builds and reorder the
certificates in that file to make this work with GnuTLS.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-29 12:01:22 +02:00
Jouni Malinen
9acd0bebab tests: Enable Suite B test cases with GnuTLS
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
0039b972af tests: Speed up suite_b_192_rsa_insufficient_dh in failure case
Check for unexpected connection to avoid timeout on TLS alert event if
the implementation does not check DH key size at all.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
2d9ad634c8 tests: Skip eap_tls_pkcs8_pkcs5_v15 with GnuTLS
It looks like this private key format is not supported in GnuTLS (tested
with version 3.4.10).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00