Commit graph

83 commits

Author SHA1 Message Date
Jouni Malinen
750904dd42 tests: Extend EAP key lifetime in memory to cover MSK and EMSK
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-03 15:49:57 +02:00
Jouni Malinen
5b3c40a65b tests: Verify that wpa_supplicant clears keys from memory
Check that PMK and PTK and not left in memory (heap or stack)
unnecessarily after they are not needed anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-30 10:37:02 +02:00
Jouni Malinen
5f35a5e27f tests: Add wait_connected() and wait_disconnected() helpers
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 13:10:09 +02:00
Jouni Malinen
2fc4749c91 tests: Verify that EAP-FAST PAC and TLS session ticket was used
This provides a regression test that would have caught the recent
issue with tls_openssl.c change breaking EAP-FAST.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 23:47:47 +02:00
Jouni Malinen
d463c5566f tests: Additional coverage for SCAN_RESULTS and BSS entry flags
This increases wpa_supplicant_ie_txt(), print_bss_info(), and
wpa_supplicant_ctrl_iface_scan_result() testing coverage to include the
previously missing key management options.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:06 +02:00
Jouni Malinen
47dcb1186f tests: Move external_sim reset to test cases that change this
This removes unnecessary reset() step from between every test case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
a8375c94c0 tests: Pass wpas/hapd instance to test_connectivity()
This makes it easier to replace data connectivity testing to use
something else than local hwsim_test binary on the controller device.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-19 17:54:49 +03:00
Jouni Malinen
89f20842f6 tests: OpenSSL cipherlist configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 11:59:04 +03:00
Jouni Malinen
c1d1b6998d tests: Update server and user certificates
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
9a5cfd7007 tests: No EAP fast session resumption between network blocks
Verify that EAP fast session resumption is skipped if the connection
uses a different network configuration than the last EAP connection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-26 20:23:08 +03:00
Jouni Malinen
72cbc6847b tests: EAP-SIM external_sim error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 19:43:11 +03:00
Jouni Malinen
d8e02214ea tests: EAP-AKA external_sim error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 11:30:57 +03:00
Jouni Malinen
32747a3eee tests: EAP-SIM/AKA invalid Milenage key configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-20 10:59:08 +03:00
Jouni Malinen
b246e2af79 tests: Non-ASCII EAP user identity
This is a regression test for printf_encode() bounds checking issues
that can now be caught under valgrind.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-02 17:36:51 +03:00
Jouni Malinen
745f87715e tests: Verify SQLite DB as hostapd EAP user database
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
c4d370117b tests: EAP-PEAP parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:44:39 +03:00
Jouni Malinen
ea6464b07f tests: EAP-PEAP crypto_binding=0/1
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:33:59 +03:00
Jouni Malinen
873e7c297c tests: EAP-FAST using PAC file
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:28:31 +03:00
Jouni Malinen
8583d66478 tests: EAP-AKA' and EAP-AKA both enabled (bidding mechanism)
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-18 00:04:18 +03:00
Jouni Malinen
95fb531ccc tests: EAP-TTLS/EAP-AKA, EAP-PEAP/EAP-AKA, EAP-FAST/EAP-AKA
These add some more EAP-TTLS/PEAP/FAST coverage to test pending Phase 2
response re-processing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:43:50 +03:00
Jouni Malinen
82a8f5b533 tests: Incorrect/missing password with TTLS non-EAP methods
Incorrect password was already tested with TTLS/MSCHAPv2, but the other
non-EAP inner methods in TTLS use their own implementation of password
validation, so check each and also verify the case of no matching EAP
user entry for the specific method.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 23:19:28 +03:00
Jouni Malinen
d314bedf2d tests: EAP-AKA using external USIM processing for UMTS auth
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 20:37:39 +03:00
Jouni Malinen
cbb85a0380 tests: Make ap_wpa2_eap_ttls_server_cert_hash_invalid more robust
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
5a0c15174b tests: UNAUTH-TLS
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
8ba89e0a32 tests: EAP-pwd with server fragmenting messages
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
47a74ad81a tests: EAP-IKEv2 fragmentation
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
46e094bd6f tests: EAP-FAST and missing PAC configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
c6ab1cdbc5 tests: EAP-FAST using binary PAC file format
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
4b2d209824 tests: EAP-pwd with invalid group
This could result in wpa_supplicant segmentation fault prior to the
EAP-pwd fix for error case handling.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
e2a90a4c79 tests: EAP-SIM/AKA configuration parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
5b1aaf6cfb tests: EAP-SIM/AKA/AKA' with SQLite
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 17:57:28 +03:00
Jouni Malinen
32dca985c7 tests: EAP with expanded Nak
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:33:49 +03:00
Jouni Malinen
633e364b60 tests: EAP roundtrip limit
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:20:54 +03:00
Jouni Malinen
0403fa0a93 tests: Increas EAP-pwd fragmentation coverage
Verify fragmentation of additional message types.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-06 00:52:13 +03:00
Jouni Malinen
eaf3f9b10d tests: wpa_supplicant MIB command output for WPA/WPA2 information
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-05 23:56:03 +03:00
Jouni Malinen
a0f350fd79 tests: EAP-SIM server using GSM triplets
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-30 16:28:48 +03:00
Jouni Malinen
650383134d tests: hostapd GET_CONFIG key_mgmt values
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-22 19:01:34 +02:00
Jouni Malinen
910f16ca0e tests: EAP-SIM/AKA with protected result indication
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-21 12:56:48 +02:00
Jouni Malinen
c37b02fcc4 tests: Authentication server using PKCS#12 file
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-20 00:16:00 +02:00
Jouni Malinen
2a6a2192b7 tests: Invalid ca_cert hash:// value
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-20 00:02:00 +02:00
Jouni Malinen
c61dca40a4 tests: TLS domain_suffix_match rejection due to incomplete label match
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-19 23:50:57 +02:00
Jouni Malinen
5c65e277a0 tests: Increase altsubject_match coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-19 23:46:53 +02:00
Jouni Malinen
6ea231e6d4 tests: EAP TLS parameters using configuration blobs
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-15 23:52:43 +02:00
Jouni Malinen
8b56743ef7 tests: Displayable message in EAP Request-Identity
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-10 00:27:15 +02:00
Jouni Malinen
7c50093f37 tests: Authenticator-initiated EAP reauthentication
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-10 00:18:49 +02:00
Jouni Malinen
14bef66d66 tests: Server certificate with both client and server EKU
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 10:35:33 +02:00
Jouni Malinen
5be9dcbb86 tests: Remove unnecessary interpreter line from most python files
Only run-tests.py is actually executed, so there is no need to specify
the interpreter in all the helper files and test script files.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-21 20:21:53 +02:00
Jouni Malinen
6f939e591e tests: Convert connect() to use kwargs
This makes it more convenient to add new network block parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 21:58:09 +02:00
Jouni Malinen
eac674402f tests: Verify NtPasswordHash with different UTF-8 cases
This adds a password that uses one, two, and three octet encoding
for UTF-8 characters. The value is tested against a pre-configured
hash to verify that utf8_to_ucs2() function works correctly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 12:08:50 +02:00
Jouni Malinen
242219c563 tests: Set dh_file on EAP client
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:42:56 +02:00