tests: Verify that EAP-FAST PAC and TLS session ticket was used
This provides a regression test that would have caught the recent issue with tls_openssl.c change breaking EAP-FAST. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
b90d064f1a
commit
2fc4749c91
1 changed files with 12 additions and 5 deletions
|
@ -95,11 +95,12 @@ def eap_check_auth(dev, method, initial, rsn=True, sha256=False,
|
||||||
e = "WPA/IEEE 802.1X/EAP"
|
e = "WPA/IEEE 802.1X/EAP"
|
||||||
if status["key_mgmt"] != e:
|
if status["key_mgmt"] != e:
|
||||||
raise Exception("Unexpected key_mgmt status: " + status["key_mgmt"])
|
raise Exception("Unexpected key_mgmt status: " + status["key_mgmt"])
|
||||||
|
return status
|
||||||
|
|
||||||
def eap_reauth(dev, method, rsn=True, sha256=False, expect_failure=False):
|
def eap_reauth(dev, method, rsn=True, sha256=False, expect_failure=False):
|
||||||
dev.request("REAUTHENTICATE")
|
dev.request("REAUTHENTICATE")
|
||||||
eap_check_auth(dev, method, False, rsn=rsn, sha256=sha256,
|
return eap_check_auth(dev, method, False, rsn=rsn, sha256=sha256,
|
||||||
expect_failure=expect_failure)
|
expect_failure=expect_failure)
|
||||||
|
|
||||||
def test_ap_wpa2_eap_sim(dev, apdev):
|
def test_ap_wpa2_eap_sim(dev, apdev):
|
||||||
"""WPA2-Enterprise connection using EAP-SIM"""
|
"""WPA2-Enterprise connection using EAP-SIM"""
|
||||||
|
@ -1780,7 +1781,9 @@ def test_ap_wpa2_eap_fast_mschapv2_unauth_prov(dev, apdev):
|
||||||
ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
|
ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
|
||||||
phase1="fast_provisioning=1", pac_file="blob://fast_pac")
|
phase1="fast_provisioning=1", pac_file="blob://fast_pac")
|
||||||
hwsim_utils.test_connectivity(dev[0], hapd)
|
hwsim_utils.test_connectivity(dev[0], hapd)
|
||||||
eap_reauth(dev[0], "FAST")
|
res = eap_reauth(dev[0], "FAST")
|
||||||
|
if res['tls_session_reused'] != '1':
|
||||||
|
raise Exception("EAP-FAST could not use PAC session ticket")
|
||||||
|
|
||||||
def test_ap_wpa2_eap_fast_pac_file(dev, apdev, params):
|
def test_ap_wpa2_eap_fast_pac_file(dev, apdev, params):
|
||||||
"""WPA2-Enterprise connection using EAP-FAST/MSCHAPv2 and PAC file"""
|
"""WPA2-Enterprise connection using EAP-FAST/MSCHAPv2 and PAC file"""
|
||||||
|
@ -1830,7 +1833,9 @@ def test_ap_wpa2_eap_fast_binary_pac(dev, apdev):
|
||||||
ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
|
ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
|
||||||
phase1="fast_provisioning=1 fast_max_pac_list_len=1 fast_pac_format=binary",
|
phase1="fast_provisioning=1 fast_max_pac_list_len=1 fast_pac_format=binary",
|
||||||
pac_file="blob://fast_pac_bin")
|
pac_file="blob://fast_pac_bin")
|
||||||
eap_reauth(dev[0], "FAST")
|
res = eap_reauth(dev[0], "FAST")
|
||||||
|
if res['tls_session_reused'] != '1':
|
||||||
|
raise Exception("EAP-FAST could not use PAC session ticket")
|
||||||
|
|
||||||
def test_ap_wpa2_eap_fast_missing_pac_config(dev, apdev):
|
def test_ap_wpa2_eap_fast_missing_pac_config(dev, apdev):
|
||||||
"""WPA2-Enterprise connection using EAP-FAST and missing PAC config"""
|
"""WPA2-Enterprise connection using EAP-FAST and missing PAC config"""
|
||||||
|
@ -1866,7 +1871,9 @@ def test_ap_wpa2_eap_fast_gtc_auth_prov(dev, apdev):
|
||||||
ca_cert="auth_serv/ca.pem", phase2="auth=GTC",
|
ca_cert="auth_serv/ca.pem", phase2="auth=GTC",
|
||||||
phase1="fast_provisioning=2", pac_file="blob://fast_pac_auth")
|
phase1="fast_provisioning=2", pac_file="blob://fast_pac_auth")
|
||||||
hwsim_utils.test_connectivity(dev[0], hapd)
|
hwsim_utils.test_connectivity(dev[0], hapd)
|
||||||
eap_reauth(dev[0], "FAST")
|
res = eap_reauth(dev[0], "FAST")
|
||||||
|
if res['tls_session_reused'] != '1':
|
||||||
|
raise Exception("EAP-FAST could not use PAC session ticket")
|
||||||
|
|
||||||
def test_ap_wpa2_eap_tls_ocsp(dev, apdev):
|
def test_ap_wpa2_eap_tls_ocsp(dev, apdev):
|
||||||
"""WPA2-Enterprise connection using EAP-TLS and verifying OCSP"""
|
"""WPA2-Enterprise connection using EAP-TLS and verifying OCSP"""
|
||||||
|
|
Loading…
Reference in a new issue