From 3b51cc6359ab994549193616b1383e7503b1c194 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 11 Jan 2015 16:01:08 +0200
Subject: [PATCH] tests: Skip EAP-pwd and EAP-FAST test cases if not supported

Check wpa_supplicant EAP capability and skip EAP-pwd and EAP-FAST test
cases if the build did not include support for these. This is cleaner
than reporting failures for such test cases when the selected TLS
library does not support the EAP method.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 tests/hwsim/test_ap_eap.py  | 17 ++++++++++++++++-
 tests/hwsim/test_ap_hs20.py |  5 ++++-
 tests/hwsim/test_erp.py     | 16 ++++++++++------
 tests/hwsim/test_tnc.py     |  3 ++-
 4 files changed, 32 insertions(+), 9 deletions(-)

diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py
index 5c9dbcdff..7959bd1ec 100644
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -1,6 +1,6 @@
 # -*- coding: utf-8 -*-
 # WPA2-Enterprise tests
-# Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
+# Copyright (c) 2013-2015, Jouni Malinen <j@w1.fi>
 #
 # This software may be distributed under the terms of the BSD license.
 # See README for more details.
@@ -22,6 +22,11 @@ def check_hlr_auc_gw_support():
     if not os.path.exists("/tmp/hlr_auc_gw.sock"):
         raise HwsimSkip("No hlr_auc_gw available")
 
+def check_eap_capa(dev, method):
+    res = dev.get_capability("eap")
+    if method not in res:
+        raise HwsimSkip("EAP method %s not supported in the build" % method)
+
 def read_pem(fname):
     with open(fname, "r") as f:
         lines = f.readlines()
@@ -951,6 +956,7 @@ def test_ap_wpa2_eap_peap_eap_aka(dev, apdev):
 
 def test_ap_wpa2_eap_fast_eap_aka(dev, apdev):
     """WPA2-Enterprise connection using EAP-FAST/EAP-AKA"""
+    check_eap_capa(dev[0], "FAST")
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hostapd.add_ap(apdev[0]['ifname'], params)
     eap_connect(dev[0], apdev[0], "FAST", "0232010000000000",
@@ -1497,6 +1503,7 @@ def test_ap_wpa2_eap_ttls_server_cert_hash_invalid(dev, apdev):
 
 def test_ap_wpa2_eap_pwd(dev, apdev):
     """WPA2-Enterprise connection using EAP-pwd"""
+    check_eap_capa(dev[0], "PWD")
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hostapd.add_ap(apdev[0]['ifname'], params)
     eap_connect(dev[0], apdev[0], "PWD", "pwd user", password="secret password")
@@ -1519,6 +1526,7 @@ def test_ap_wpa2_eap_pwd(dev, apdev):
 
 def test_ap_wpa2_eap_pwd_groups(dev, apdev):
     """WPA2-Enterprise connection using various EAP-pwd groups"""
+    check_eap_capa(dev[0], "PWD")
     params = { "ssid": "test-wpa2-eap", "wpa": "2", "wpa_key_mgmt": "WPA-EAP",
                "rsn_pairwise": "CCMP", "ieee8021x": "1",
                "eap_server": "1", "eap_user_file": "auth_serv/eap_user.conf" }
@@ -1530,6 +1538,7 @@ def test_ap_wpa2_eap_pwd_groups(dev, apdev):
 
 def test_ap_wpa2_eap_pwd_invalid_group(dev, apdev):
     """WPA2-Enterprise connection using invalid EAP-pwd group"""
+    check_eap_capa(dev[0], "PWD")
     params = { "ssid": "test-wpa2-eap", "wpa": "2", "wpa_key_mgmt": "WPA-EAP",
                "rsn_pairwise": "CCMP", "ieee8021x": "1",
                "eap_server": "1", "eap_user_file": "auth_serv/eap_user.conf" }
@@ -1544,6 +1553,7 @@ def test_ap_wpa2_eap_pwd_invalid_group(dev, apdev):
 
 def test_ap_wpa2_eap_pwd_as_frag(dev, apdev):
     """WPA2-Enterprise connection using EAP-pwd with server fragmentation"""
+    check_eap_capa(dev[0], "PWD")
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     params = { "ssid": "test-wpa2-eap", "wpa": "2", "wpa_key_mgmt": "WPA-EAP",
                "rsn_pairwise": "CCMP", "ieee8021x": "1",
@@ -1753,6 +1763,7 @@ def test_ap_wpa2_eap_vendor_test(dev, apdev):
 
 def test_ap_wpa2_eap_fast_mschapv2_unauth_prov(dev, apdev):
     """WPA2-Enterprise connection using EAP-FAST/MSCHAPv2 and unauthenticated provisioning"""
+    check_eap_capa(dev[0], "FAST")
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hapd = hostapd.add_ap(apdev[0]['ifname'], params)
     eap_connect(dev[0], apdev[0], "FAST", "user",
@@ -1766,6 +1777,7 @@ def test_ap_wpa2_eap_fast_mschapv2_unauth_prov(dev, apdev):
 
 def test_ap_wpa2_eap_fast_pac_file(dev, apdev, params):
     """WPA2-Enterprise connection using EAP-FAST/MSCHAPv2 and PAC file"""
+    check_eap_capa(dev[0], "FAST")
     pac_file = os.path.join(params['logdir'], "fast.pac")
     pac_file2 = os.path.join(params['logdir'], "fast-bin.pac")
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
@@ -1805,6 +1817,7 @@ def test_ap_wpa2_eap_fast_pac_file(dev, apdev, params):
 
 def test_ap_wpa2_eap_fast_binary_pac(dev, apdev):
     """WPA2-Enterprise connection using EAP-FAST and binary PAC format"""
+    check_eap_capa(dev[0], "FAST")
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hostapd.add_ap(apdev[0]['ifname'], params)
     eap_connect(dev[0], apdev[0], "FAST", "user",
@@ -1818,6 +1831,7 @@ def test_ap_wpa2_eap_fast_binary_pac(dev, apdev):
 
 def test_ap_wpa2_eap_fast_missing_pac_config(dev, apdev):
     """WPA2-Enterprise connection using EAP-FAST and missing PAC config"""
+    check_eap_capa(dev[0], "FAST")
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hostapd.add_ap(apdev[0]['ifname'], params)
 
@@ -1843,6 +1857,7 @@ def test_ap_wpa2_eap_fast_missing_pac_config(dev, apdev):
 
 def test_ap_wpa2_eap_fast_gtc_auth_prov(dev, apdev):
     """WPA2-Enterprise connection using EAP-FAST/GTC and authenticated provisioning"""
+    check_eap_capa(dev[0], "FAST")
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hapd = hostapd.add_ap(apdev[0]['ifname'], params)
     eap_connect(dev[0], apdev[0], "FAST", "user",
diff --git a/tests/hwsim/test_ap_hs20.py b/tests/hwsim/test_ap_hs20.py
index 2172c3d2f..602b33023 100644
--- a/tests/hwsim/test_ap_hs20.py
+++ b/tests/hwsim/test_ap_hs20.py
@@ -1,5 +1,5 @@
 # Hotspot 2.0 tests
-# Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
+# Copyright (c) 2013-2015, Jouni Malinen <j@w1.fi>
 #
 # This software may be distributed under the terms of the BSD license.
 # See README for more details.
@@ -20,6 +20,7 @@ from utils import HwsimSkip
 import hwsim_utils
 from wlantest import Wlantest
 from wpasupplicant import WpaSupplicant
+from test_ap_eap import check_eap_capa
 
 def hs20_ap_params(ssid="test-hs20"):
     params = hostapd.wpa2_params(ssid=ssid)
@@ -662,10 +663,12 @@ def test_ap_hs20_eap_ttls_unknown(dev, apdev):
 
 def test_ap_hs20_eap_fast_mschapv2(dev, apdev):
     """Hotspot 2.0 connection with FAST/EAP-MSCHAPV2"""
+    check_eap_capa(dev[0], "FAST")
     eap_test(dev[0], apdev[0], "43[3:26]", "FAST", "user")
 
 def test_ap_hs20_eap_fast_gtc(dev, apdev):
     """Hotspot 2.0 connection with FAST/EAP-GTC"""
+    check_eap_capa(dev[0], "FAST")
     eap_test(dev[0], apdev[0], "43[3:6]", "FAST", "user")
 
 def test_ap_hs20_eap_tls(dev, apdev):
diff --git a/tests/hwsim/test_erp.py b/tests/hwsim/test_erp.py
index f14a7f155..db0a7d7ce 100644
--- a/tests/hwsim/test_erp.py
+++ b/tests/hwsim/test_erp.py
@@ -1,5 +1,5 @@
 # EAP Re-authentication Protocol (ERP) tests
-# Copyright (c) 2014, Jouni Malinen <j@w1.fi>
+# Copyright (c) 2014-2015, Jouni Malinen <j@w1.fi>
 #
 # This software may be distributed under the terms of the BSD license.
 # See README for more details.
@@ -191,9 +191,12 @@ def test_erp_radius_eap_methods(dev, apdev):
     # TODO: EKE getSession
     #erp_test(dev[0], hapd, eap="EKE", identity="erp-eke@example.com",
     #         password="hello")
-    erp_test(dev[0], hapd, eap="FAST", identity="erp-fast@example.com",
-             password="password", ca_cert="auth_serv/ca.pem", phase2="auth=GTC",
-             phase1="fast_provisioning=2", pac_file="blob://fast_pac_auth_erp")
+    if "FAST" in dev[0].get_capability("eap"):
+        erp_test(dev[0], hapd, eap="FAST", identity="erp-fast@example.com",
+                 password="password", ca_cert="auth_serv/ca.pem",
+                 phase2="auth=GTC",
+                 phase1="fast_provisioning=2",
+                 pac_file="blob://fast_pac_auth_erp")
     erp_test(dev[0], hapd, eap="GPSK", identity="erp-gpsk@example.com",
              password="abcdefghijklmnop0123456789abcdef")
     erp_test(dev[0], hapd, eap="IKEV2", identity="erp-ikev2@example.com",
@@ -206,8 +209,9 @@ def test_erp_radius_eap_methods(dev, apdev):
     #         phase2="auth=MSCHAPV2")
     erp_test(dev[0], hapd, eap="PSK", identity="erp-psk@example.com",
              password_hex="0123456789abcdef0123456789abcdef")
-    erp_test(dev[0], hapd, eap="PWD", identity="erp-pwd@example.com",
-             password="secret password")
+    if "PWD" in dev[0].get_capability("eap"):
+        erp_test(dev[0], hapd, eap="PWD", identity="erp-pwd@example.com",
+                 password="secret password")
     erp_test(dev[0], hapd, eap="SAKE", identity="erp-sake@example.com",
              password_hex="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
     erp_test(dev[0], hapd, eap="SIM", identity="1232010000000000@example.com",
diff --git a/tests/hwsim/test_tnc.py b/tests/hwsim/test_tnc.py
index 0b1b07fa1..6cf949f7d 100644
--- a/tests/hwsim/test_tnc.py
+++ b/tests/hwsim/test_tnc.py
@@ -9,7 +9,7 @@ import os.path
 
 import hostapd
 from utils import HwsimSkip
-from test_ap_eap import int_eap_server_params
+from test_ap_eap import int_eap_server_params, check_eap_capa
 
 def test_tnc_peap_soh(dev, apdev):
     """TNC PEAP-SoH"""
@@ -60,6 +60,7 @@ def test_tnc_ttls(dev, apdev):
 
 def test_tnc_fast(dev, apdev):
     """TNC FAST"""
+    check_eap_capa(dev[0], "FAST")
     params = int_eap_server_params()
     params["tnc"] = "1"
     params["pac_opaque_encr_key"] ="000102030405060708090a0b0c0d0e00"