diff --git a/tests/hwsim/auth_serv/dh2.conf b/tests/hwsim/auth_serv/dh2.conf new file mode 100644 index 000000000..5532efe2a --- /dev/null +++ b/tests/hwsim/auth_serv/dh2.conf @@ -0,0 +1,8 @@ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEAnMarPft+gvX8Ul5WKDn3rSa67dCNNhIivHnHBTn7I6LFE4pf3NY6 +KCUcVgJtOl55+58GxkpFsTZEmcykrbTjtJIyNfXFx6n/JKZTNYT0Vv7xmpSN3v53 +208v8rY91OiqO3T8L1PAsENMwuvMZL65IdLiMmVpAktgLGCafektBkaHj29bYCGS +oGwz65iypzZGKGZmzET168lbh1SIuZkq3JOFEvE0ZJS5XhLrVUw14uZV/7lPRE+E +dtza3kVlJXbkgnkrBsiuBlmWiga7EjPtD2o18WhPThI8zX/FoAyQUem4DkhfSpS8 +FrJUrODwQQycS5AaexDmZqHJ/L4GdlHcAwIBAg== +-----END DH PARAMETERS----- diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py index a75f8fa46..e53a0053f 100644 --- a/tests/hwsim/test_ap_eap.py +++ b/tests/hwsim/test_ap_eap.py @@ -2452,7 +2452,7 @@ def test_ap_wpa2_eap_ttls_dh_params_blob(dev, apdev): """WPA2-Enterprise connection using EAP-TTLS/CHAP and setting DH params from blob""" params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hostapd.add_ap(apdev[0]['ifname'], params) - dh = read_pem("auth_serv/dh.conf") + dh = read_pem("auth_serv/dh2.conf") if "OK" not in dev[0].request("SET blob dhparams " + dh.encode("hex")): raise Exception("Could not set dhparams blob") eap_connect(dev[0], apdev[0], "TTLS", "chap user", @@ -2460,6 +2460,15 @@ def test_ap_wpa2_eap_ttls_dh_params_blob(dev, apdev): ca_cert="auth_serv/ca.der", phase2="auth=CHAP", dh_file="blob://dhparams") +def test_ap_wpa2_eap_ttls_dh_params_server(dev, apdev): + """WPA2-Enterprise using EAP-TTLS and alternative server dhparams""" + params = int_eap_server_params() + params["dh_file"] = "auth_serv/dh2.conf" + hostapd.add_ap(apdev[0]['ifname'], params) + eap_connect(dev[0], apdev[0], "TTLS", "chap user", + anonymous_identity="ttls", password="password", + ca_cert="auth_serv/ca.der", phase2="auth=CHAP") + def test_ap_wpa2_eap_reauth(dev, apdev): """WPA2-Enterprise and Authenticator forcing reauthentication""" params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")