Commit graph

112 commits

Author SHA1 Message Date
Jouni Malinen
07c9f183ea tests: Avoid control interface throttling in various test cases
These can cause unexpected test failures, so dump the pending monitor
socket events more frequently in some cases where event throttling is
seen.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2024-03-27 23:48:39 +02:00
Benjamin Berg
7a47756373 tests: Explicitly set address to bind to
pyrad internally uses socket.getaddrinfo. While it is documented that
one can pass an empty string to bind to all interfaces. The underlying
function expects None instead though, breaking the call.

Either way, it does not hurt to set the bind address to 127.0.0.1
explicitly, so do so to avoid issues.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2024-01-13 19:48:09 +02:00
Jouni Malinen
406bc79763 tests: Make EAP-IKEv2 protocol tests more robust
Wait a bit more between removal of the network and the next attempt to
avoid race conditions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-16 22:37:36 +02:00
Jouni Malinen
b0fc0154f5 tests: Wait for hostapd event in addition to wpa_supplicant
Wait for hostapd to complete processing before taking the next step in a
test instead of waiting just for wpa_supplicant. This avoids race
conditions with UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 19:02:38 +02:00
Jouni Malinen
7e9efc3cdf tests: Handle race condition in eap_proto_md5_server
UML time travel allows the deauthentication event to be processed more
quickly than the delivery of EAP-Success to the client through the test
script, so accept either sequence here.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 09:53:58 +02:00
Jouni Malinen
e8706c109e tests: Work around pyrad issues with octet strings that start with "0x"
pyrad's tools.py EncodeOctets() uses a design that tries to
automatically determine when the octetstring is a hex string based on
the binary data starting with "0x". That is not really nice since it
will result in failing one out of 65536 possible random inputs with
"binascii.Error: Non-hexadecimal digit found" when trying to decode an
actual (non-hex) binary string as a hexstring.

Work around this by convering the special cases where the
Message-Authenticator binary value happens to start with b"0x" to a
hexstring.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-01-25 23:47:33 +02:00
Jouni Malinen
0b48cfe178 tests: Update eap_proto_pwd_errors to match implementation
A negative test was failing with the PWE derivation change in the
implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 20:15:36 +02:00
Jouni Malinen
3cefdf0d4a tests: Fix eap_proto_sake_server with Session ID = 255
Need to wrap back to 0 when changing value 255 to avoid generating a too
large value to fit an octet field. This was resulting in errors due to a
python exception (likely for about every 256th run).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-05-06 23:49:12 +03:00
Jouni Malinen
daa0a22e45 tests: Fix eap_proto_eke_errors with gcc-10
gcc-10 seems to be inlining eap_eke_prf() and eap_eke_prfplus() which
breaks this test case due to a different backtrace being generated for
triggering the local failures. Point to the functions called by those
instead of these two functions to get this working with both gcc-9 and
gcc-10.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-17 23:38:26 +02:00
Jouni Malinen
ecc46f2900 tests: Move ERP/FILS capability checks to utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-28 23:50:50 +02:00
Jouni Malinen
bd8b170302 EAP-AKA: Check that ID message storing succeeds
This could fail in theory if running out of memory, so better check for
this explicitly instead of allowing the exchange to continue and fail
later due to checkcode mismatch.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-07 23:40:20 +02:00
Jouni Malinen
674758ed59 tests: Provide digestmod to hmac.new() for Python 3.8
Python 3.8 removed the previously used default of MD5 algorithm, so
provide the explicit digestmod=hashlib.md5 parameter to the couple of
places that were missing it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 11:58:54 +03:00
Jouni Malinen
f5b7b24912 tests: Fix eap_proto_ttls_errors with CONFIG_TLS=internal
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 17:09:50 +02:00
Jouni Malinen
d371f0cbbf tests: Fix eap_proto_otp to use list of events with wait_event()
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 12:57:22 +03:00
Jouni Malinen
9b2b99c550 tests: Additional EAP-SAKE local error case coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 00:10:26 +03:00
Jouni Malinen
83d5e334b1 tests: Additional EAP-EKE local error case coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-06 23:59:06 +03:00
Jouni Malinen
752e7a33e8 tests: Close pyrad server sockets explicitly
This helps in avoiding issues with another test case trying to bind to
the same UDP port and failing due to the previous use by pyrad still
being open. This showed up with failures in radius_ipv6 when it followed
a test case like eap_proto_tls with suitable set of test cases between
them.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-05 00:10:32 +03:00
Jouni Malinen
fe40c679d2 tests: Fix EAP-FAST protocol testing with older OpenSSL library versions
Looks like the previous fix for a newer OpenSSL versions broke
functionality with older versions that did not seem to like @SECLEVEL=0
in the cipher list. Make that addition conditional on OpenSSL version to
work with both versions.

Fixes: e87e6f609b ("tests: Fix EAP-FAST protocol testing with newer OpenSSL and pyOpenSSL")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-03 20:27:43 +03:00
Jouni Malinen
e87e6f609b tests: Fix EAP-FAST protocol testing with newer OpenSSL and pyOpenSSL
Need to drop OpenSSL security level to 0 for ADH-AES128-SHA to work with
the latest library version.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-28 00:01:01 +03:00
Jouni Malinen
378bf90848 tests: EAP-IKEV2 server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-20 23:56:23 +03:00
Jouni Malinen
c862496d0d tests: EAP-MD5 server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-20 11:55:31 +03:00
Jouni Malinen
349ddab020 tests: EAP-PAX server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-20 11:55:31 +03:00
Jouni Malinen
431802df00 tests: EAP-PSK server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-20 00:27:15 +03:00
Jouni Malinen
9ddc773d1a tests: EAP-GPSK server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-19 18:59:39 +03:00
Jouni Malinen
94758682b7 tests: Additional EAP-SAKE peer error path coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-19 16:57:50 +03:00
Jouni Malinen
92d2a99163 tests: EAP-SAKE server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-19 16:53:42 +03:00
Jouni Malinen
9f721917e7 tests: EAP-pwd protocol testing for the server
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-17 14:15:42 +03:00
Jouni Malinen
778ce8ae0b tests: EAP-pwd protocol tests - unexpected more-fragment frame
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-17 13:24:37 +03:00
Jouni Malinen
a143bdc0d1 tests: EAP-pwd local error cases on server
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-17 13:24:37 +03:00
Jouni Malinen
50b915f055 tests: Additional coverage for EAP-MSCHAPv2 local error cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-16 21:25:27 +03:00
Jouni Malinen
d804155783 tests: Milenage local error cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-16 21:09:50 +03:00
Jouni Malinen
63215b32a8 tests: AES-EAX error cases that were previously missed in EAP-PSK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-16 20:39:45 +03:00
Jouni Malinen
d7c98f9558 tests: eap_pwd_perform_confirm_exchange() local failure
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:35:47 +03:00
Jouni Malinen
b95d79e7bc tests: eap_pwd_perform_commit_exchange() local failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:34:38 +03:00
Jouni Malinen
c9065bd265 tests: EAP-pwd commit request error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:28:05 +03:00
Jouni Malinen
6fe3ee722d tests: EAP-pwd local failure in crypto_bignum_rand()
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:28:05 +03:00
Jouni Malinen
8ff2401d54 tests: EAP-pwd eap_pwd_get_element() local failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:28:03 +03:00
Jouni Malinen
4f183becf0 tests: EAP-pwd compute_password_element() local failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 16:58:38 +03:00
Jouni Malinen
52b1cb5d73 tests: crypto_hash_finish() failure in eap_pwd_kdf()
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 12:53:42 +03:00
Jouni Malinen
2e3849bcf5 tests: EAP-pwd protocol tests for invalid EAP-pwd-Commit
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-09 17:11:15 +03:00
Jouni Malinen
fab49f6145 tests: Python coding style cleanup (pylint3 bad-whitespace)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-16 18:52:09 +02:00
Jouni Malinen
9efd3447c7 tests: Make AP discovery more robust in eap_proto test cases
Number of these test cases start connection attempt in wpa_supplicant
and then expected a specific failure to happen relatively quickly. This
could result in timeouts if the first scanning round missed to find the
AP (e.g., due to CPU load pushing out the Probe Response frame long
enough for the station having left the channel) and wpa_supplicant then
waiting five seconds before starting a new scan.

Make this more robust by scanning explicitly for the specific BSSID
before starting the connection attempt.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 16:24:15 +02:00
Jouni Malinen
43e3114c5f tests: Fix EAP-FAST protocol testing with python3
This was hit on Ubuntu 18.04 (newer python3 and OpenSSL library versions
compared to earlier tests).

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-05 15:50:45 +02:00
Jouni Malinen
55845e190b tests: Clean up pyrad test cases for python3 compatibility
All other test cases seem to work, but radius_das_disconnect_time_window
is still failing due to incorrect authenticator or Message-Authenticator
in Disconnect-Request.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 20:03:29 +02:00
Masashi Honma
15dfcb69df tests: Use 'b' prefix to mark Bytes literals explicitly for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:33 +02:00
Masashi Honma
f94df3c0b0 tests: Explicitly encode str to bytes when needed for python3
Avoid implicit conversion errors when constructing bytes objects or
passing a str object to a function that needs a bytes object.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:33 +02:00
Masashi Honma
7ab74770e7 tests: Convert binascii.hexlify() output to a string object for python3
This is needed in cases the hexlify() output is used to concatenate with
a string or used in string comparisons.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:33 +02:00
Jouni Malinen
182a0b4dae tests: EAP-pwd local error case in eap_pwd_perform_confirm_exchange()
This is a regression test case for a memory leak on these error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-16 12:22:58 +03:00
Jouni Malinen
0a3742950e tests: Extend eap_proto_aka_prime to cover additional AT_KDF cases
Verify that EAP-AKA' client rejects Challenge with an appended AT_KDF
and a modified AT_KDF value during KDF negotiation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-02 15:36:24 +03:00
Jouni Malinen
b30639b77e tests: Adjust eap_proto_pwd_errors to match implementation changes
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-28 22:09:20 +03:00