tests: Verify that EAP-FAST PAC and TLS session ticket was used

This provides a regression test that would have caught the recent issue with tls_openssl.c change breaking EAP-FAST. Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 23:47:47 +02:00 · 2014-12-09 23:47:47 +02:00 · 2fc4749c91
parent b90d064f1a
commit 2fc4749c91
1 changed files with 12 additions and 5 deletions
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@ -95,11 +95,12 @@ def eap_check_auth(dev, method, initial, rsn=True, sha256=False,
        e = "WPA/IEEE 802.1X/EAP"
    if status["key_mgmt"] != e:
        raise Exception("Unexpected key_mgmt status: " + status["key_mgmt"])
+    return status

 def eap_reauth(dev, method, rsn=True, sha256=False, expect_failure=False):
    dev.request("REAUTHENTICATE")
-    eap_check_auth(dev, method, False, rsn=rsn, sha256=sha256,
-                   expect_failure=expect_failure)
+    return eap_check_auth(dev, method, False, rsn=rsn, sha256=sha256,
+                          expect_failure=expect_failure)

 def test_ap_wpa2_eap_sim(dev, apdev):
    """WPA2-Enterprise connection using EAP-SIM"""
@ -1780,7 +1781,9 @@ def test_ap_wpa2_eap_fast_mschapv2_unauth_prov(dev, apdev):
                ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
                phase1="fast_provisioning=1", pac_file="blob://fast_pac")
    hwsim_utils.test_connectivity(dev[0], hapd)
-    eap_reauth(dev[0], "FAST")
+    res = eap_reauth(dev[0], "FAST")
+    if res['tls_session_reused'] != '1':
+        raise Exception("EAP-FAST could not use PAC session ticket")

 def test_ap_wpa2_eap_fast_pac_file(dev, apdev, params):
    """WPA2-Enterprise connection using EAP-FAST/MSCHAPv2 and PAC file"""
@ -1830,7 +1833,9 @@ def test_ap_wpa2_eap_fast_binary_pac(dev, apdev):
                ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
                phase1="fast_provisioning=1 fast_max_pac_list_len=1 fast_pac_format=binary",
                pac_file="blob://fast_pac_bin")
-    eap_reauth(dev[0], "FAST")
+    res = eap_reauth(dev[0], "FAST")
+    if res['tls_session_reused'] != '1':
+        raise Exception("EAP-FAST could not use PAC session ticket")

 def test_ap_wpa2_eap_fast_missing_pac_config(dev, apdev):
    """WPA2-Enterprise connection using EAP-FAST and missing PAC config"""
@ -1866,7 +1871,9 @@ def test_ap_wpa2_eap_fast_gtc_auth_prov(dev, apdev):
                ca_cert="auth_serv/ca.pem", phase2="auth=GTC",
                phase1="fast_provisioning=2", pac_file="blob://fast_pac_auth")
    hwsim_utils.test_connectivity(dev[0], hapd)
-    eap_reauth(dev[0], "FAST")
+    res = eap_reauth(dev[0], "FAST")
+    if res['tls_session_reused'] != '1':
+        raise Exception("EAP-FAST could not use PAC session ticket")

 def test_ap_wpa2_eap_tls_ocsp(dev, apdev):
    """WPA2-Enterprise connection using EAP-TLS and verifying OCSP"""