tests: Verify RADIUS server MIB values
Enable hostapd control interface for the RADIUS server instance and verify that the RADIUS server MIB counters are incremented. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
4287bb76bf
commit
4fcee244b9
5 changed files with 32 additions and 8 deletions
|
@ -4,6 +4,10 @@ radius_server_acct_port=1813
|
|||
eap_server=1
|
||||
eap_user_file=auth_serv/eap_user.conf
|
||||
|
||||
interface=as
|
||||
ctrl_interface=/var/run/hostapd
|
||||
ctrl_interface_group=admin
|
||||
|
||||
ca_cert=auth_serv/ca.pem
|
||||
server_cert=auth_serv/server.pem
|
||||
private_key=auth_serv/server.key
|
||||
|
|
|
@ -220,13 +220,17 @@ class Hostapd:
|
|||
vals[name] = value
|
||||
return vals
|
||||
|
||||
def get_mib(self):
|
||||
res = self.request("MIB")
|
||||
def get_mib(self, param=None):
|
||||
if param:
|
||||
res = self.request("MIB " + param)
|
||||
else:
|
||||
res = self.request("MIB")
|
||||
lines = res.splitlines()
|
||||
vals = dict()
|
||||
for l in lines:
|
||||
[name,value] = l.split('=', 1)
|
||||
vals[name] = value
|
||||
name_val = l.split('=', 1)
|
||||
if len(name_val) > 1:
|
||||
vals[name_val[0]] = name_val[1]
|
||||
return vals
|
||||
|
||||
def add_ap(ifname, params, wait_enabled=True):
|
||||
|
|
|
@ -39,6 +39,8 @@ for i in 0 1 2; do
|
|||
sed "s/ GROUP=.*$/ GROUP=$GROUP/" "$DIR/p2p$i.conf" > "$LOGDIR/p2p$i.conf"
|
||||
done
|
||||
|
||||
sed "s/group=admin/group=$GROUP/" "$DIR/auth_serv/as.conf" > "$LOGDIR/as.conf"
|
||||
|
||||
if [ "$1" = "valgrind" ]; then
|
||||
VALGRIND=y
|
||||
VALGRIND_WPAS="valgrind --log-file=$LOGDIR/valgrind-wlan%d"
|
||||
|
@ -78,10 +80,10 @@ if [ "x$VALGRIND" = "xy" ]; then
|
|||
fi
|
||||
|
||||
if [ -x $HLR_AUC_GW ]; then
|
||||
$HLR_AUC_GW -m $DIR/auth_serv/hlr_auc_gw.milenage_db > $LOGDIR/hlr_auc_gw &
|
||||
sudo $HLR_AUC_GW -m $DIR/auth_serv/hlr_auc_gw.milenage_db > $LOGDIR/hlr_auc_gw &
|
||||
fi
|
||||
|
||||
$HAPD_AS -ddKt $DIR/auth_serv/as.conf > $LOGDIR/auth_serv &
|
||||
sudo $HAPD_AS -ddKt $LOGDIR/as.conf > $LOGDIR/auth_serv &
|
||||
|
||||
# wait for programs to be fully initialized
|
||||
for i in 0 1 2; do
|
||||
|
|
|
@ -19,7 +19,7 @@ if grep -q hwsim0 /proc/net/dev; then
|
|||
sudo ifconfig hwsim0 down
|
||||
fi
|
||||
|
||||
killall -q hlr_auc_gw
|
||||
sudo killall -q hlr_auc_gw
|
||||
|
||||
if [ "$RUNNING" = "yes" ]; then
|
||||
# give some time for hostapd and wpa_supplicant to complete deinit
|
||||
|
@ -38,7 +38,7 @@ if pidof wpa_supplicant hostapd hlr_auc_gw > /dev/null; then
|
|||
echo "wpa_supplicant/hostapd/hlr_auc_gw did not exit - try to force them to die"
|
||||
sudo killall -9 -q hostapd
|
||||
sudo killall -9 -q wpa_supplicant
|
||||
killall -9 -q hlr_auc_gw
|
||||
sudo killall -9 -q hlr_auc_gw
|
||||
for i in `seq 1 5`; do
|
||||
if pidof wpa_supplicant hostapd hlr_auc_gw > /dev/null; then
|
||||
echo "Waiting for processes to exit (2)"
|
||||
|
|
|
@ -59,6 +59,8 @@ def test_radius_acct_unreachable(dev, apdev):
|
|||
|
||||
def test_radius_acct(dev, apdev):
|
||||
"""RADIUS Accounting"""
|
||||
as_hapd = hostapd.Hostapd("as")
|
||||
as_mib_start = as_hapd.get_mib(param="radius_server")
|
||||
params = hostapd.wpa2_eap_params(ssid="radius-acct")
|
||||
params['acct_server_addr'] = "127.0.0.1"
|
||||
params['acct_server_port'] = "1813"
|
||||
|
@ -79,3 +81,15 @@ def test_radius_acct(dev, apdev):
|
|||
|
||||
if int(mib['radiusAccClientRetransmissions']) > 0:
|
||||
raise Exception("Unexpected Accounting-Request retransmission")
|
||||
|
||||
as_mib_end = as_hapd.get_mib(param="radius_server")
|
||||
|
||||
req_s = int(as_mib_start['radiusAccServTotalRequests'])
|
||||
req_e = int(as_mib_end['radiusAccServTotalRequests'])
|
||||
if req_e < req_s + 2:
|
||||
raise Exception("Unexpected RADIUS server acct MIB value")
|
||||
|
||||
acc_s = int(as_mib_start['radiusAuthServAccessAccepts'])
|
||||
acc_e = int(as_mib_end['radiusAuthServAccessAccepts'])
|
||||
if acc_e < acc_s + 1:
|
||||
raise Exception("Unexpected RADIUS server auth MIB value")
|
||||
|
|
Loading…
Reference in a new issue