From febf575200b9e511723e08df95d65d286623d234 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 31 Mar 2015 19:40:41 +0300 Subject: [PATCH] tests: EAP-TTLS with TLS session ticket enabled Signed-off-by: Jouni Malinen --- tests/hwsim/test_ap_eap.py | 26 ++++++++++++++++++++++++++ tests/hwsim/wpasupplicant.py | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py index dd4255c0a..a75f8fa46 100644 --- a/tests/hwsim/test_ap_eap.py +++ b/tests/hwsim/test_ap_eap.py @@ -2840,3 +2840,29 @@ def _test_ap_wpa2_eap_in_bridge(dev, apdev): wpas.wait_disconnected() wpas.request("RECONNECT") wpas.wait_connected() + +def test_ap_wpa2_eap_session_ticket(dev, apdev): + """WPA2-Enterprise connection using EAP-TTLS and TLS session ticket enabled""" + params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") + hapd = hostapd.add_ap(apdev[0]['ifname'], params) + key_mgmt = hapd.get_config()['key_mgmt'] + if key_mgmt.split(' ')[0] != "WPA-EAP": + raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt) + eap_connect(dev[0], apdev[0], "TTLS", "pap user", + anonymous_identity="ttls", password="password", + ca_cert="auth_serv/ca.pem", + phase1="tls_disable_session_ticket=0", phase2="auth=PAP") + eap_reauth(dev[0], "TTLS") + +def test_ap_wpa2_eap_no_workaround(dev, apdev): + """WPA2-Enterprise connection using EAP-TTLS and eap_workaround=0""" + params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") + hapd = hostapd.add_ap(apdev[0]['ifname'], params) + key_mgmt = hapd.get_config()['key_mgmt'] + if key_mgmt.split(' ')[0] != "WPA-EAP": + raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt) + eap_connect(dev[0], apdev[0], "TTLS", "pap user", + anonymous_identity="ttls", password="password", + ca_cert="auth_serv/ca.pem", eap_workaround='0', + phase2="auth=PAP") + eap_reauth(dev[0], "TTLS") diff --git a/tests/hwsim/wpasupplicant.py b/tests/hwsim/wpasupplicant.py index 034dbadee..45a813fb2 100644 --- a/tests/hwsim/wpasupplicant.py +++ b/tests/hwsim/wpasupplicant.py @@ -838,7 +838,7 @@ class WpaSupplicant: "disable_ht40", "disable_sgi", "disable_ldpc", "ht40_intolerant", "update_identifier", "mac_addr", "erp", "bg_scan_period", "bssid_blacklist", - "bssid_whitelist", "mem_only_psk" ] + "bssid_whitelist", "mem_only_psk", "eap_workaround" ] for field in not_quoted: if field in kwargs and kwargs[field]: self.set_network(id, field, kwargs[field])