Commit graph

764 commits

Author SHA1 Message Date
Jouni Malinen
745f87715e tests: Verify SQLite DB as hostapd EAP user database
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
e044016422 tests: gitignore TNC library files
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-21 18:47:57 +03:00
Jouni Malinen
3ba5cb29af tests: Add -rdynamic to fix TNC IMV/IMC loading on some platforms
The example IMV and IMC used for TNC testing has references to
wpa_printf and other functions from hostapd/wpa_supplicant. Link the
binaries in a way that allows these symbols to be resolved while loading
the libraries at run time.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-21 14:56:34 +03:00
Jouni Malinen
46fcf474ff tests: Add CAVP test vectors for RSA/PKCS #1 v1.5 signature validation
This allow the PKCS #1 and RSA implementation to be validated against
the test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-2rsatestvectors.zip
and
http://csrc.nist.gov/groups/STM/cavp/documents/dss/SigVer15EMTest.txt.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-20 19:52:57 +03:00
Jouni Malinen
e90d955f7c tests: Add CAVP test vectors for byte-oriented SHA-1 and SHA-256
This allows the SHA-1 implementation to be validated against the
SHA1ShortMsg.rsp and SHA1LongMsg.rsp test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/shs/shabytetestvectors.zip.
Similarly, the SHA-256 can be validated against the SHA256ShortMsg.rsp
and SHA256LongMsg.rsp.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 19:52:03 +03:00
Jouni Malinen
c4d370117b tests: EAP-PEAP parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:44:39 +03:00
Jouni Malinen
ea6464b07f tests: EAP-PEAP crypto_binding=0/1
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:33:59 +03:00
Jouni Malinen
873e7c297c tests: EAP-FAST using PAC file
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:28:31 +03:00
Jouni Malinen
8583d66478 tests: EAP-AKA' and EAP-AKA both enabled (bidding mechanism)
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:04:18 +03:00
Jouni Malinen
95fb531ccc tests: EAP-TTLS/EAP-AKA, EAP-PEAP/EAP-AKA, EAP-FAST/EAP-AKA
These add some more EAP-TTLS/PEAP/FAST coverage to test pending Phase 2
response re-processing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:43:50 +03:00
Jouni Malinen
82a8f5b533 tests: Incorrect/missing password with TTLS non-EAP methods
Incorrect password was already tested with TTLS/MSCHAPv2, but the other
non-EAP inner methods in TTLS use their own implementation of password
validation, so check each and also verify the case of no matching EAP
user entry for the specific method.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:19:28 +03:00
Jouni Malinen
dbd1e184e3 tests: TNC testing
This implements minimal IMC and IMV to allow TNC testing with PEAP (SoH)
and TTLS/FAST with EAP-TNC.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 20:05:55 +03:00
Jouni Malinen
ae14a2e29f tests: FT negative test with mismatching R0KH-ID
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 20:05:55 +03:00
Jouni Malinen
d314bedf2d tests: EAP-AKA using external USIM processing for UMTS auth
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 20:37:39 +03:00
Jouni Malinen
4e0a94b7dc tests: Add more details to help with initial setup configuration
This documents some more steps needed during initial test setup
configuration to make it easier to get this running even without
thorough knowledge of the network setup used by the operating system.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-16 19:24:47 +03:00
Jouni Malinen
d00184df7c tests: Verify HT40 coex scan with 20 MHz legacy BSS
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-16 01:23:29 +03:00
Jouni Malinen
d352c407e3 tests: Verify that WPS operation report failure if WPS is disabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 00:58:48 +03:00
Jouni Malinen
4ef7053119 tests: Make GAS test cases more robust
Scan explicitly for the specific AP to work around issues where under
heavy CPU load, the single active scan round may miss the delayed Probe
Response from the AP. In addition, verify that ANQP_GET commands succeed
to make error cases clearer in the log.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 00:30:40 +03:00
Jouni Malinen
3051c9866b tests: Verify P2P GO Negotiation wait-for-ready timeout
This verifies that the wait for peer to be ready for GO Negotiation is
timed out properly at no less than 120 seconds. Since this is a long
test case, it is disabled by default without the --long option.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 23:58:10 +03:00
Jouni Malinen
33714def3a tests: Verify P2P_FIND operation when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:35:09 +03:00
Jouni Malinen
23a6d4d8df tests: Verify scan behavior when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:10:52 +03:00
Jouni Malinen
76f999b01d tests: Show number of remaining parallel VMs
Make the parallel-vm.sh output a bit more helpful by showing a count of
running VMs.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
7e49399b6f tests: Make ap_acl_accept and ap_acl_deny more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
487a31f355 tests: Make wpas_ctrl_bssid_filter more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
54c20c9b43 tests: Make discovery_group_client more robust
Allow three P2P_FIND attempts for discovering the GO on a non-social
channels since the single Probe Response frame can be missed easily
under heavy CPU load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
84a4084177 tests: Make WPS test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
cbb85a0380 tests: Make ap_wpa2_eap_ttls_server_cert_hash_invalid more robust
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
655bc8bfd6 tests: Make FT test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP. In addition, check for ROAM/FT_DS failures to be
able to report errors more clearly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
841bed04de tests: Make HS 2.0 test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
814f7ac85c tests: Make scan and scan_only more robust
These can fail during heavy CPU load due to active scan dwell time not
being long enough to catch the delayed Probe Response frame from the AP.
Work around this by allowing multiple scan attempts to see the response.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
4221679233 tests: Verify P2P GO start when scan_req = MANUAL_SCAN_REQ
There was a bug in this code path that resulted in the
skip-scan-to-start-GO case to not actually skip the scan. It looks like
this could be hit at least when autoscan was enabled, but it is possible
that some other sequences could hit this as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
16dffef1e6 tests: Work around grpform_pbc_overlap robustness issues
Since P2P Client scan case is now optimzied to use a specific SSID, the
WPS AP will not reply to that and the scan after GO Negotiation can
quite likely miss the AP due to dwell time being short enoguh to miss
the Beaco frame. This has made the test case somewhat pointless, but
keep it here for now with an additional scan to confirm that PBC
detection works if there is a BSS entry for a overlapping AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
c126cb4d1c tests: Make pmksa_cache_on_roam_back more robust
The single channel scan while associated to another AP and immediately
after starting the second AP can miss the Probe Response frame
especially under heavy CPU load. Avoid false error reports by allowing
multiple scan rounds to be performed. wpas_ctrl_bssid_filter is also
modified to take into account different get_bss() behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:45 +03:00
Jouni Malinen
4162db59ae tests: DUP_NETWORK
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-12 19:43:59 +03:00
Jouni Malinen
0878241778 tests: Clear cfg80211 scan results before HT coex tests
This is needed to avoid incorrect failures based on neighboring BSSes
from earlier test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 23:01:10 +03:00
Jouni Malinen
5a0c15174b tests: UNAUTH-TLS
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
8ba89e0a32 tests: EAP-pwd with server fragmenting messages
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
47a74ad81a tests: EAP-IKEv2 fragmentation
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
46e094bd6f tests: EAP-FAST and missing PAC configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
c6ab1cdbc5 tests: EAP-FAST using binary PAC file format
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
4b2d209824 tests: EAP-pwd with invalid group
This could result in wpa_supplicant segmentation fault prior to the
EAP-pwd fix for error case handling.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
cb4ac38b15 tests: Fix scan_bss_operations
The BSS id numbers were assumed to start from 0 at the beginning of this
test case, but that is only the case if this is run as the first test
after starting wpa_supplicant. Fix the test case to figure out the id
values dynamically to avoid false errors.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
e2a90a4c79 tests: EAP-SIM/AKA configuration parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
5b1aaf6cfb tests: EAP-SIM/AKA/AKA' with SQLite
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 17:57:28 +03:00
Jouni Malinen
32dca985c7 tests: EAP with expanded Nak
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:33:49 +03:00
Jouni Malinen
633e364b60 tests: EAP roundtrip limit
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:20:54 +03:00
Jouni Malinen
37ffe7c568 tests: HS 2.0 with FT
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 16:17:41 +03:00
Jouni Malinen
2e3f286253 tests: Fix couple of compiler warnings
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 13:13:39 +03:00
Jouni Malinen
f1aac5c488 tests: Add 4.16.1 and 4.16.2 from NIST PKITS
This adds two more X.509 path validation test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 13:13:20 +03:00
Jouni Malinen
fa653bf4ad tests: Add more cred parameters into config file test
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-29 17:25:19 +03:00