Commit graph

3392 commits

Author SHA1 Message Date
Jouni Malinen
5e6ab36df8 tests: Add X.509v3 parsing example with invalid BasicConstraints
This is a regression test based on an input data from OSS-Fuzz.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-22 18:15:22 +03:00
Jouni Malinen
df5dc87873 tests: sigma_dut and UOSC when CA is not trusted
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-20 23:46:46 +03:00
Jouni Malinen
4fc5c00c78 tests: Specify EAP type in ap_hs20_set_profile_failures
Matching with roaming_consortium requires EAP type to be specified to
work for the connection. This test case was not really testing the
connection part, so this has not been much of an issue in the past, but
in preparation for the matching rules to start filtering out invalid
credential configurations from selection, the EAP type needs to be
explicitly set here.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-14 23:10:51 +03:00
Jouni Malinen
20eba39b51 tests: WNM BSS Transition Management disabled
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-14 23:10:51 +03:00
Jouni Malinen
4068d683f5 tests: sigma_dut server certificate validation with UOSC/TOD
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-14 23:10:50 +03:00
Jouni Malinen
1363fdb283 tests: EAP-TLS server certificate validation and TOD
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-14 23:10:50 +03:00
Jouni Malinen
82b9de98c3 tests: Add a server certificate with TOD policy
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-12 22:29:09 +03:00
Jouni Malinen
8a3368d7f4 tests: sigma_dut and DPPConfIndex,8
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-12 22:29:09 +03:00
Jouni Malinen
d438b4a3ce tests: Fix CFLAGS passing for new fuzzing tools
src/*/Makefile needs to allow additional CFLAGS values to be provided
from the calling Makefiles so that the clang command line arguments to
enable sanitizers consistently. In addition, it can be useful to be able
to provide CC, CFLAGS, and LDFLAGS from external setup while still
requesing LIBFUZZER=y build. Allow that by not overriding these
variables if they are already set.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-11 06:34:19 +03:00
Jouni Malinen
009c4d79d3 tests: Fix eapol-key-auth memory use for the callback pointer struct
This struct needs to remain valid through the lifetime of the
authenticator state machine, so move it to the context struct instead of
being a local stack variable inside the setup function that returns
before the actual test functionality is executed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-07 23:54:20 +03:00
Jouni Malinen
ea27fcff61 tests: Skip mesh_link_probe if kernel support not present
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-03 20:30:51 +03:00
Jouni Malinen
41bca92662 tests: MACsec with hostapd
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-03 20:27:44 +03:00
Jouni Malinen
fe40c679d2 tests: Fix EAP-FAST protocol testing with older OpenSSL library versions
Looks like the previous fix for a newer OpenSSL versions broke
functionality with older versions that did not seem to like @SECLEVEL=0
in the cipher list. Make that addition conditional on OpenSSL version to
work with both versions.

Fixes: e87e6f609b ("tests: Fix EAP-FAST protocol testing with newer OpenSSL and pyOpenSSL")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-03 20:27:43 +03:00
Jouni Malinen
041aa44b69 tests: Fix ap-mgmt 'make clean'
The binary name had not been updated for the new tool.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-03 13:51:41 +03:00
Masashi Honma
689db8b3a7 tests: Fix wpas_ap_async_fail false negative by using common finalizer
wpas_ap_async_fail fails with this message.

---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------

This patch fixes the issue.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-06-02 17:05:49 +03:00
Masashi Honma
1ae044f77d tests: Fix nfc_wps_handover_5ghz false negative by using common finalizer
nfc_wps_handover_5ghz fails with this message.

---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------

This patch fixes the issue.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-06-02 17:05:49 +03:00
Masashi Honma
7c2102acbb tests: Fix dfs_cac_restart_on_enable false negative by using common finalizer
dfs_cac_restart_on_enable fails with this message.

---------------
START dfs_cac_restart_on_enable 1/1
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
FAIL dfs_cac_restart_on_enable 3.037694 2019-05-28 01:35:07.548390
failed tests: dfs_cac_restart_on_enable
---------------

This patch fixes the false negative.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-06-02 17:05:49 +03:00
Jouni Malinen
a1f3f88ac7 tests: New style fuzzing tool for EAP-AKA peer processing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 17:02:57 +03:00
Jouni Malinen
23ddc7b810 tests: New style fuzzing tool for EAP-SIM peer processing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 16:42:41 +03:00
Jouni Malinen
991ff882fd tests: New style fuzzing tool for X.509 certificate parsing
This is a newer version of tests/test-x509 tool.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:17:31 +03:00
Jouni Malinen
98612544b1 tests: New style fuzzing tools for TLS client/server
These are newer versions of tests/test-tls tool.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:11:56 +03:00
Jouni Malinen
d005d3647b tests: Build test for new fuzzer tools
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:00:39 +03:00
Jouni Malinen
150b9dc547 tests: New style fuzzing tools for EAPOL-Key frame processing
These are newer versions of tests/test-eapol tool.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:00:39 +03:00
Jouni Malinen
f86e6c3d95 tests: New style fuzzing tool for EAPOL frame processing (supplicant)
This is a newer version of tests/eapol-fuzzer tool.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:00:39 +03:00
Jouni Malinen
77876ee25c tests: New style fuzzing tool for ASN.1 parser
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:00:39 +03:00
Jouni Malinen
efbd631862 tests: New style fuzzing tool for P2P frame processing
This is a newer version of tests/p2p-fuzzer tool.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:00:39 +03:00
Jouni Malinen
e30c7d5269 tests: New style fuzzing tool for AP Management frame processing
This is a newer version of tests/ap-mgmt-fuzzer tool.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:00:39 +03:00
Jouni Malinen
a3275fc023 tests: New style fuzzing tool for JSON parser
This is a newer version of tests/test-json tool.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:00:39 +03:00
Jouni Malinen
065e6e7010 tests: New style fuzzing tool for wpa_supplicant WNM handling
This is a newer version of tests/wnm-fuzzer tool as the initial step in
creating a more uniform set of fuzzing tools that can be used with both
libFuzzer and afl-fuzz.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 13:00:36 +03:00
Jouni Malinen
867f1c466d tests: Fix test-eapol fuzzing tool
Update the tool to use the current API for WPA authenticator functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-06-02 12:43:52 +03:00
Jouni Malinen
f50187a64c tests: EAP-SIM with external GSM auth and anonymous identity
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-05-31 16:52:15 +03:00
Jouni Malinen
bc4d7dfc5a tests: Fix ap-mgmt-fuzzer build configuration to match libap.a
Missing CONFIG_AIRTIME_POLICY=y made the offset of struct
hostapd_iface::prev_wmm different between libap.a and ap-mgmt-fuzzer.o
which resulted in odd fuzzing failures due to a memcpy to
ctx.iface->prev_wmm ending up writing on top of the ctx.hapd and in
particular, on top of ctx.hapd.iface pointer.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15013
Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15014
Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15015
Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15017
Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15019
Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15020
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-05-29 13:59:39 +03:00
Jouni Malinen
7d89a99714 tests: Add more wait around tcpdump capture processes for proxyarp
It looks like the previously used sleep time was not sufficient to allow
capturing the frames from wlan0/wlan1/wlan2 to start and complete so
that all the necessary frames can be checked. This was the case
especially with UML time-travel=inf-cpu.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-28 23:37:25 +03:00
Andrei Otcheretianski
bab3b7c5c7 tests: Update regulatory for FI to allow new regdb rules
Recent regdb enabled UNII 3 in Finland. Change the
mbo_supp_oper_classes_fi test accordingly to accept either the previous
or the current value to be reported.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2019-05-28 18:43:09 +03:00
Jouni Malinen
73dbcd7951 tests: Make pmksa_cache_preauth_auto more robust
It is fine for the station to associate with either AP in this test
case, so do not force AP side connection check with apdev[0].

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-28 17:14:33 +03:00
Jouni Malinen
a9b4e558af tests: Mesh link probing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-28 15:29:58 +03:00
Jouni Malinen
2a0db3eb5d tests: PEM encoded ca_cert blob
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-28 13:47:15 +03:00
Johannes Berg
2080f4c779 tests: uml: Request non-raw serial ports
When the serial ports are set into raw mode on stdio (fd:0,fd:1)
then Ctrl-C is sort of passed through, but not effective. Request
non-raw mode to avoid that and let us cancel test execution with
Ctrl-C properly (both in parallel-vm.py and vm-run.sh cases).

Note that this requires a currently out-of-tree patch, but so
does the virtual time. If the patch is not applied, the command
line argument is ignored.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-05-28 13:34:44 +03:00
Jouni Malinen
658ed3ba62 tests: Fix status fetching loop in macsec_psk_ns with UML
time-travel=inf-cpu needs bit more wait before being able to fetch the
STATUS* items after initial connection request.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-28 00:02:14 +03:00
Jouni Malinen
e87e6f609b tests: Fix EAP-FAST protocol testing with newer OpenSSL and pyOpenSSL
Need to drop OpenSSL security level to 0 for ADH-AES128-SHA to work with
the latest library version.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-28 00:01:01 +03:00
Jouni Malinen
1df79115aa tests: Fix sae_anti_clogging_during_attack with UML time-travel=inf-cpu
Need to add short break to allow time-travel=inf-cpu case to allow the
connection events to be processed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-27 23:11:47 +03:00
Jouni Malinen
298eb0792e tests: Give more time in ap_wpa2_psk_ext_delayed_ptk_rekey for UML
Waiting for exactly one second for a one second timeout with
time-travel=inf-cpu is not exactly robust, so increase that wait to be
able to see the last EAPOL-Key TX attempt from hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-27 22:53:53 +03:00
Jouni Malinen
f19c56e383 tests: Fix ap_wpa2_eap_status loop with UML time-travel=inf-cpu
Busy loop for waiting is not going to work with time-travel=inf-cpu, so
need to something a bit more explicit to wait for the wpa_supplicant
process to proceed while not fully breaking the idea of this test case
to iteration through large number of STATUS-VERBOSE commands to hit
different states.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-27 22:43:07 +03:00
Jouni Malinen
d55035c935 tests: Use time-travel=inf-cpu with UML
This is the current proposed way of configuring virtual time.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-27 22:43:04 +03:00
Jouni Malinen
e1923f5b6a tests: Skip ap_ft_eap_sha384_reassoc without CONFIG_SUITEB192=y
This test case required Suite B 192-bit support to be enabled in the
build, so skip it if that is not the case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-25 22:24:30 +03:00
Jouni Malinen
c9ead82d11 tests: Fix robustness issue in DPP test cases with SAE
The sae_groups parameter needs to be cleared before attempt a SAE
connection in a test case to avoid issues with this parameter having
been left to something else than the default one by a previous test
case. This was found with the following sequence:
sae_pwe_failure dpp_auto_connect_legacy_psk_sae_1

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-25 21:18:24 +03:00
Jouni Malinen
f82a840878 tests: Fix ERP test cases to close separate AS (ifname=as-erp)
The earlier change from using apdev[1] to using a no-interface
ifname=as-erp in the ERP related test cases ended up leaving the
separate authentication server interface running after the end of the
test case. This left UDP port 18128 open and any consecutive test case
needing this port failed to start another authentication server.

This can be reproduced with following test case sequence:
fils_auth_gtk_rekey authsrv_unknown_user

Fixes: e374def207 ("tests: Start ERP authentication server without AP")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-25 19:07:11 +03:00
Jouni Malinen
2d11e5d5e6 tests: ERP with EAP-SIM/AKA/AKA' fast reauthentication
Verify Session-Id derivation when using EAP-SIM/AKA/AKA' fast
reauthentication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-25 17:18:39 +03:00
Jouni Malinen
27486bc5ab tests: Fix ap-mgmt-fuzzer exit to free memory
This fuzzing wrapper does not go through full hostapd_clean_iface() call
to free memory, so call ap_list_deinit() to avoid reporting memory leaks
from added AP list entries. This case could not be hit with
hostapd/wpa_supplicant since they perform full interface deinit on
interface removal.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14928
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-05-25 01:34:58 +03:00
Jouni Malinen
724c0f17b8 tests: Fix p2p-fuzzer callbacks
Couple of the callback functions had changed their prototypes and
p2p-fuzzer compilation resulted in a warning and not returning
*scheduled from the send_action() callback. This was reported as
use-of-uninitialized-value which was not really possible with
wpa_supplicant since the issue was only in the fuzzing wrapper.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14924
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-05-25 01:20:01 +03:00