tests: Use a domain name in the identity for get_emsk OOM tests

These test cases depend on ERP processing to reach the get_emsk handler function. Since ERP really needs the realm to derive a proper keyName-NAI, modify these test cases to pass the realm part in the identity to allow error checking to be introduced for rejecting ERP cases where the realm is not available. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-22 13:47:37 +03:00 · 2017-05-22 13:47:37 +03:00 · 0a0c4dc1d7
commit 0a0c4dc1d7
parent 34ee12c559
3 changed files with 17 additions and 10 deletions
--- a/tests/hwsim/auth_serv/eap_user.conf
+++ b/tests/hwsim/auth_serv/eap_user.conf
@ -1,10 +1,15 @@
 "pwd user"	PWD	"secret password"
+"pwd user@domain"	PWD	"secret password"
 "pwd-hash"	PWD	hash:e3718ece8ab74792cbbfffd316d2d19a
 "pwd.user@test123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890.example.com"	PWD	"secret password"
 "gpsk user"	GPSK	"abcdefghijklmnop0123456789abcdef"
+"gpsk user@domain"	GPSK	"abcdefghijklmnop0123456789abcdef"
 "sake user"	SAKE	0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
+"sake user@domain"	SAKE	0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
 "eke user"	EKE	"hello"
+"eke user@domain"	EKE	"hello"
 "ikev2 user"	IKEV2	"ike password"
+"ikev2 user@domain"	IKEV2	"ike password"
 "pax.user@example.com"	PAX	0123456789abcdef0123456789abcdef
 "psk.user@example.com"	PSK	0123456789abcdef0123456789abcdef
 "vendor-test"	VENDOR-TEST	"foo"
@ -111,6 +116,7 @@ radius_accept_attr=56:x:32000011
 "chap user"	TTLS-CHAP	"password"	[2]
 "mschap user"	TTLS-MSCHAP	"password"	[2]
 "DOMAIN\mschapv2 user"	TTLS-MSCHAPV2	hash:8846f7eaee8fb117ad06bdd830b7586c	[2]
+"mschapv2 user@domain"	TTLS-MSCHAPV2	hash:8846f7eaee8fb117ad06bdd830b7586c	[2]
 "hs20-test"	TTLS-MSCHAPV2	"password"	[2]
 "hs20-test-with-domain@example.com"	TTLS-MSCHAPV2	"password"	[2]
 "utf8-user"	TTLS-MSCHAPV2	"secret-åäö-€-password"	[2]
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@ -5773,7 +5773,7 @@ def test_eap_gpsk_errors(dev, apdev):
        with alloc_fail(dev[0], count, func):
            dev[0].request("ERP_FLUSH")
            dev[0].connect("test-wpa-eap", key_mgmt="WPA-EAP", eap="GPSK",
-                           identity="gpsk user", erp="1",
+                           identity="gpsk user@domain", erp="1",
                           password="abcdefghijklmnop0123456789abcdef",
                           wait_connect=False, scan_freq="2412")
            wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
@ -6151,7 +6151,8 @@ def test_eap_tls_errors(dev, apdev):
    for func in tests:
        with alloc_fail(dev[0], 1, func):
            dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS",
-                           identity="tls user", ca_cert="auth_serv/ca.pem",
+                           identity="tls user@domain",
+                           ca_cert="auth_serv/ca.pem",
                           client_cert="auth_serv/user.pem",
                           private_key="auth_serv/user.key",
                           erp="1",
--- a/tests/hwsim/test_eap_proto.py
+++ b/tests/hwsim/test_eap_proto.py
@ -803,7 +803,7 @@ def test_eap_proto_sake_errors(dev, apdev):
    for count, func in tests:
        with alloc_fail(dev[0], count, func):
            dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="SAKE", identity="sake user",
+                           eap="SAKE", identity="sake user@domain",
                           password_hex="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
                           erp="1",
                           wait_connect=False)
@ -2261,7 +2261,7 @@ def test_eap_proto_eke(dev, apdev):

 def eap_eke_test_fail(dev, phase1=None, success=False):
    dev.connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                eap="EKE", identity="eke user", password="hello",
+                eap="EKE", identity="eke user@domain", password="hello",
                phase1=phase1, erp="1", wait_connect=False)
    ev = dev.wait_event([ "CTRL-EVENT-EAP-FAILURE",
                          "CTRL-EVENT-EAP-SUCCESS" ], timeout=5)
@ -4531,7 +4531,7 @@ def test_eap_proto_sim_errors(dev, apdev):
    for count, func in tests:
        with alloc_fail(dev[0], count, func):
            dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="SIM", identity="1232010000000000",
+                           eap="SIM", identity="1232010000000000@domain",
                           password="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581",
                           erp="1", wait_connect=False)
            wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
@ -4630,7 +4630,7 @@ def test_eap_proto_aka_errors(dev, apdev):
    for count, func in tests:
        with alloc_fail(dev[0], count, func):
            dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="AKA", identity="0232010000000000",
+                           eap="AKA", identity="0232010000000000@domain",
                           password="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123",
                           erp="1", wait_connect=False)
            wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
@ -5311,7 +5311,7 @@ def test_eap_proto_ikev2_errors(dev, apdev):
    for count, func in tests:
        with alloc_fail(dev[0], count, func):
            dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="IKEV2", identity="ikev2 user",
+                           eap="IKEV2", identity="ikev2 user@domain",
                           password="ike password", erp="1", wait_connect=False)
            ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
                                   timeout=15)
@ -6278,7 +6278,7 @@ def test_eap_proto_pwd_errors(dev, apdev):
    for func in funcs:
        with alloc_fail(dev[0], 1, func):
            dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="PWD", identity="pwd user",
+                           eap="PWD", identity="pwd user@domain",
                           password="secret password", erp="1",
                           wait_connect=False)
            wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
@ -6604,7 +6604,7 @@ def test_eap_proto_fast_errors(dev, apdev):
        with alloc_fail(dev[0], count, func):
            dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
                           eap="FAST", anonymous_identity="FAST",
-                           identity="user", password="password",
+                           identity="user@example.com", password="password",
                           ca_cert="auth_serv/ca.pem", phase2="auth=GTC",
                           phase1="fast_provisioning=2",
                           pac_file="blob://fast_pac_auth_errors",
@ -6867,7 +6867,7 @@ def test_eap_proto_ttls_errors(dev, apdev):
              (1, "eap_ttls_get_session_id",
               "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
              (1, "eap_ttls_get_emsk",
-               "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
+               "mschapv2 user@domain", "auth=MSCHAPV2"),
              (1, "wpabuf_alloc;eap_ttls_phase2_request_mschap",
               "mschap user", "auth=MSCHAP"),
              (1, "eap_peer_tls_derive_key;eap_ttls_phase2_request_mschap",