Jouni Malinen
5b3c40a65b
tests: Verify that wpa_supplicant clears keys from memory
...
Check that PMK and PTK and not left in memory (heap or stack)
unnecessarily after they are not needed anymore.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-30 10:37:02 +02:00
Jouni Malinen
5f35a5e27f
tests: Add wait_connected() and wait_disconnected() helpers
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 13:10:09 +02:00
Jouni Malinen
2fc4749c91
tests: Verify that EAP-FAST PAC and TLS session ticket was used
...
This provides a regression test that would have caught the recent
issue with tls_openssl.c change breaking EAP-FAST.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 23:47:47 +02:00
Jouni Malinen
d463c5566f
tests: Additional coverage for SCAN_RESULTS and BSS entry flags
...
This increases wpa_supplicant_ie_txt(), print_bss_info(), and
wpa_supplicant_ctrl_iface_scan_result() testing coverage to include the
previously missing key management options.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:06 +02:00
Jouni Malinen
47dcb1186f
tests: Move external_sim reset to test cases that change this
...
This removes unnecessary reset() step from between every test case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
a8375c94c0
tests: Pass wpas/hapd instance to test_connectivity()
...
This makes it easier to replace data connectivity testing to use
something else than local hwsim_test binary on the controller device.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-19 17:54:49 +03:00
Jouni Malinen
89f20842f6
tests: OpenSSL cipherlist configuration
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 11:59:04 +03:00
Jouni Malinen
c1d1b6998d
tests: Update server and user certificates
...
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
9a5cfd7007
tests: No EAP fast session resumption between network blocks
...
Verify that EAP fast session resumption is skipped if the connection
uses a different network configuration than the last EAP connection.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-26 20:23:08 +03:00
Jouni Malinen
72cbc6847b
tests: EAP-SIM external_sim error cases
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 19:43:11 +03:00
Jouni Malinen
d8e02214ea
tests: EAP-AKA external_sim error cases
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 11:30:57 +03:00
Jouni Malinen
32747a3eee
tests: EAP-SIM/AKA invalid Milenage key configuration
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-20 10:59:08 +03:00
Jouni Malinen
b246e2af79
tests: Non-ASCII EAP user identity
...
This is a regression test for printf_encode() bounds checking issues
that can now be caught under valgrind.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-02 17:36:51 +03:00
Jouni Malinen
745f87715e
tests: Verify SQLite DB as hostapd EAP user database
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
c4d370117b
tests: EAP-PEAP parameters
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:44:39 +03:00
Jouni Malinen
ea6464b07f
tests: EAP-PEAP crypto_binding=0/1
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:33:59 +03:00
Jouni Malinen
873e7c297c
tests: EAP-FAST using PAC file
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:28:31 +03:00
Jouni Malinen
8583d66478
tests: EAP-AKA' and EAP-AKA both enabled (bidding mechanism)
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:04:18 +03:00
Jouni Malinen
95fb531ccc
tests: EAP-TTLS/EAP-AKA, EAP-PEAP/EAP-AKA, EAP-FAST/EAP-AKA
...
These add some more EAP-TTLS/PEAP/FAST coverage to test pending Phase 2
response re-processing.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:43:50 +03:00
Jouni Malinen
82a8f5b533
tests: Incorrect/missing password with TTLS non-EAP methods
...
Incorrect password was already tested with TTLS/MSCHAPv2, but the other
non-EAP inner methods in TTLS use their own implementation of password
validation, so check each and also verify the case of no matching EAP
user entry for the specific method.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:19:28 +03:00
Jouni Malinen
d314bedf2d
tests: EAP-AKA using external USIM processing for UMTS auth
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 20:37:39 +03:00
Jouni Malinen
cbb85a0380
tests: Make ap_wpa2_eap_ttls_server_cert_hash_invalid more robust
...
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
5a0c15174b
tests: UNAUTH-TLS
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
8ba89e0a32
tests: EAP-pwd with server fragmenting messages
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
47a74ad81a
tests: EAP-IKEv2 fragmentation
...
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
46e094bd6f
tests: EAP-FAST and missing PAC configuration
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
c6ab1cdbc5
tests: EAP-FAST using binary PAC file format
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
4b2d209824
tests: EAP-pwd with invalid group
...
This could result in wpa_supplicant segmentation fault prior to the
EAP-pwd fix for error case handling.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
e2a90a4c79
tests: EAP-SIM/AKA configuration parameters
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
5b1aaf6cfb
tests: EAP-SIM/AKA/AKA' with SQLite
...
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 17:57:28 +03:00
Jouni Malinen
32dca985c7
tests: EAP with expanded Nak
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:33:49 +03:00
Jouni Malinen
633e364b60
tests: EAP roundtrip limit
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:20:54 +03:00
Jouni Malinen
0403fa0a93
tests: Increas EAP-pwd fragmentation coverage
...
Verify fragmentation of additional message types.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-06 00:52:13 +03:00
Jouni Malinen
eaf3f9b10d
tests: wpa_supplicant MIB command output for WPA/WPA2 information
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-05 23:56:03 +03:00
Jouni Malinen
a0f350fd79
tests: EAP-SIM server using GSM triplets
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-30 16:28:48 +03:00
Jouni Malinen
650383134d
tests: hostapd GET_CONFIG key_mgmt values
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-22 19:01:34 +02:00
Jouni Malinen
910f16ca0e
tests: EAP-SIM/AKA with protected result indication
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-21 12:56:48 +02:00
Jouni Malinen
c37b02fcc4
tests: Authentication server using PKCS#12 file
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-20 00:16:00 +02:00
Jouni Malinen
2a6a2192b7
tests: Invalid ca_cert hash:// value
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-20 00:02:00 +02:00
Jouni Malinen
c61dca40a4
tests: TLS domain_suffix_match rejection due to incomplete label match
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-19 23:50:57 +02:00
Jouni Malinen
5c65e277a0
tests: Increase altsubject_match coverage
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-19 23:46:53 +02:00
Jouni Malinen
6ea231e6d4
tests: EAP TLS parameters using configuration blobs
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-15 23:52:43 +02:00
Jouni Malinen
8b56743ef7
tests: Displayable message in EAP Request-Identity
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-10 00:27:15 +02:00
Jouni Malinen
7c50093f37
tests: Authenticator-initiated EAP reauthentication
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-10 00:18:49 +02:00
Jouni Malinen
14bef66d66
tests: Server certificate with both client and server EKU
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 10:35:33 +02:00
Jouni Malinen
5be9dcbb86
tests: Remove unnecessary interpreter line from most python files
...
Only run-tests.py is actually executed, so there is no need to specify
the interpreter in all the helper files and test script files.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-21 20:21:53 +02:00
Jouni Malinen
6f939e591e
tests: Convert connect() to use kwargs
...
This makes it more convenient to add new network block parameters.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 21:58:09 +02:00
Jouni Malinen
eac674402f
tests: Verify NtPasswordHash with different UTF-8 cases
...
This adds a password that uses one, two, and three octet encoding
for UTF-8 characters. The value is tested against a pre-configured
hash to verify that utf8_to_ucs2() function works correctly.
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 12:08:50 +02:00
Jouni Malinen
242219c563
tests: Set dh_file on EAP client
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:42:56 +02:00
Jouni Malinen
6ab4a7aa5a
tests: EAP-TTLS and server certificate with client EKU
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:33:55 +02:00
Jouni Malinen
6a4d0dbe1c
tests: Expired server certificate
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:28:22 +02:00
Jouni Malinen
64e05f9644
tests: Domain name suffix match against CN
...
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:19:16 +02:00
Jouni Malinen
d4c7a2b9e6
tests: EAP-TLS with OCSP
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:45:56 +02:00
Jouni Malinen
2d10eb0efd
tests: PKCS#12 use for EAP-TLS
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:18:22 +02:00
Jouni Malinen
9f8994c623
tests: CA certificate in DER format
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:06:36 +02:00
Jouni Malinen
57be05e158
tests: Server certificate trust based on hash value
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:04:45 +02:00
Jouni Malinen
3b74982f93
tests: subject_match and altsubject_match
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:04:35 +02:00
Jouni Malinen
53a6f06a0b
tests: EAP-FAST
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 16:42:15 +02:00
Jouni Malinen
c075f040a1
tests: Verify all implemented EAP-pwd groups
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 09:08:54 +02:00
Jouni Malinen
fa0ddb1484
tests: MSCHAPv2 password as hash value
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
e745c811ef
tests: Verify EAP vendor test
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
d0ce105068
tests: Verify EAP-PEAP/EAP-TLS
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
f10ba3b2fc
tests: Negative test cases with incorrect EAP password
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
6daf5b9c1c
tests: Add more EAP fragmentation tests
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
40759604f6
tests: Interactive identity/password query for EAP
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
cb33ee143b
tests: Make WPA2-Enterprise reauth test cases more robust
...
With the extra latencies removed from run-tests.py operations, it was
possible to hit race conditions in pairwise cipher configuration at the
end of the 4-way handshake. In some cases, the EAPOL-Start frame from
the station was not received by the AP and that could result in these
test cases failing. Since there are not really trying to test the race
condition, wait for the AP side to complete key configuration prior to
initiating the reauthentication sequence.
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
369f9c20ee
tests: Validate EAP-GPSK cipher suite negotiation
...
This covers all currently supported algorithms and the case of no match.
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
bce774ad63
tests: Use ctrl_iface event for EAP reauth instead of STATUS poll
...
This speeds up the EAP test cases a bit by avoiding polling for
wpa_supplicant status.
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
5dec879d5b
tests: Verify STA command output and EAPOL state
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 18:10:30 +02:00
Jouni Malinen
2bb9e28336
tests: Validate EAP-EKE proposal negotiation
...
This covers all currently supported algorithms and the case of no match.
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 17:18:17 +02:00
Jouni Malinen
2b00519431
tests: WPA2-Enterprise with PMF required
...
Increase test coverage with PMF required configuration and SHA256-based
AKM in one of the EAP test cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 10:00:31 +02:00
Jouni Malinen
71390dc87e
tests: Verify WPA-Enterprise functionality
...
All the previous EAP test cases were using WPA2-Enterprise.
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 10:00:31 +02:00
Jouni Malinen
75b2b9cfb0
tests: Verify EAP fast reauthentication
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-28 16:32:54 +02:00
Jouni Malinen
698f8324c6
tests: Verify PEAPv0 Crypto-Binding
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-28 16:32:54 +02:00
Jouni Malinen
e114c49cfc
tests: Add an EAP-TLS test case
...
This fixes the user.key file (incorrect key was copied previously) and
adds a test case for EAP-TLS with WPA2-Enterprise.
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
22b99086ce
tests: Add more EAP test cases
...
This increases EAP method coverage for WPA2-Enterprise to include
EAP-pwd, EAP-GPSK, EAP-SAKE, EAP-EKE, EAP-IKEv2, EAP-PAX, and EAP-PSK.
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
c65f23ab64
tests: Use single channel scans to speed up test cases
...
A full scan in these specific test cases does not add anything to the
coverage, so use a single channel scan for the station connection to
remove undesired extra time needed for a full scan.
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-02 11:22:16 +02:00
Jouni Malinen
c9aa430896
tests: Split run-tests.py logger info into per test case files
...
The run-tests.py -l argument does not take an argument value anymore.
Instead, debug output is directed to a separate file <test>.log for each
test case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 12:51:08 +02:00
Jouni Malinen
72c052d525
tests: Add domain_suffix_match validation
...
This verifies that domain_suffix_match works correctly both for the
matching and mismatching cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 21:38:02 +03:00
Jouni Malinen
c7afc0789c
tests: Add negative TLS test case to verify trust root validation
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 21:38:02 +03:00
Jouni Malinen
0d4c5494bc
tests: Skip EAP-SIM/AKA/AKA' if hlr_auc_gw not available
...
Do not fail the EAP-SIM/AKA/AKA' test cases if hlr_auc_gw is not
available since hlr_auc_gw is not considered required part for the test
setup.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-17 21:04:55 +03:00
Jouni Malinen
9626962d2f
tests: Add test cases for WPA2-Enterprise
...
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-29 20:35:26 +03:00