Commit graph

3183 commits

Author SHA1 Message Date
Jouni Malinen
e1348d21e9 tests: OpenSSL ECDH curve configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-17 14:01:57 +02:00
Jouni Malinen
836f0ddac1 tests: EAP-PEAP/EAP-GTC
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 12:03:45 +02:00
Jouni Malinen
810dcfb667 tests: Wi-Fi generation indication for HT and VHT
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 02:09:41 +02:00
Jouni Malinen
dd12e58e5f tests: ap_wpa_ie_parsing to allow EAPOL-Key msg 2/4 rejection
Once mac80211 starts reporting the used Association Request frame IEs in
the association event, wpa_supplicant will update RSN supplicant IE
information based on that and that will make the AP reject EAPOL-Key msg
2/4 in this particular test scenario due to the hack of including two
RSN IEs in the Association Request frame. Accept this sequence as a
valid test execution in addition to the previously expected connection
to avoid reporting incorrect failures.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 02:09:41 +02:00
Jouni Malinen
b4788908ca tests: AP VLAN based on PSK/passphrase
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-14 13:36:54 +02:00
Jouni Malinen
051c8cae6a tests: DPP and two initiators
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-14 11:50:40 +02:00
Jouni Malinen
6c02fa214b tests: AP not receiving Authentication frame ACK
Verify that the not-associated STA gets deauthenticated, not
disassociated, on inactivity timeout.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-11 17:42:59 +02:00
Masashi Honma
51c83edfca tests: Catch only specific exceptions
This allows unexpected cases to terminate parallel-vm.py without being
hidden by the exception handler.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-11 12:42:52 +02:00
Jouni Malinen
b623634262 tests: Document some of the test tools
This will hopefully make it easier for others to use these test tools.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
a4a9737d6b tests: Fix wnm-fuzzer by adding dummy configuration
Some of the WNM implementation expects configuration to be available
(e.g., ieee802_!1_rx_wnm_coloc_intf_req() dereferences wpa_s->conf), so
add a dummy configuration to allow the fuzzer tool to be used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
525923b1d7 tests: EAPOL-Key fuzzing tool
Add test-eapol program that can be used for fuzzing the EAPOL-Key
Supplicant and Authenticator implementations. This tool can write
Supplicant or Authenticator messages into a file as an initialization
step and for the fuzzing step, that file (with potential modifications)
can be used to replace the internally generated message contents.

The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the EAPOL-Key operations. This will
also make the implementation ignore Key MIC and AES keywrap errors to
allow processing of modified messages to continue further.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
79fa1b4530 tests: JSON parser fuzzer
test-json can be used for fuzz testing the JSON parser implementation in
src/utils/json.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
1ac9c020b5 tests: TLS fuzzing tool
Add test-tls program that can be used for fuzzing the internal TLS
client and server implementations. This tool can write client or server
messages into a file as an initialization step and for the fuzzing step,
that file (with potential modifications) can be used to replace the
internally generated message contents.

The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the TLS operations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
b49ec25979 tests: Add a simple HTTPS server for TLS testing
This makes it easier to use TLS testing tools against the internal TLS
implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:55:39 +02:00
Masashi Honma
45d3e2edbd tests: Explicitly flush stdin for python3
Without this flush(), test does not run.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-10 01:43:50 +02:00
Masashi Honma
3069be8fe3 tests: Encode VM input for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-10 01:43:50 +02:00
Masashi Honma
689a956049 tests: Decode VM output for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-10 01:43:50 +02:00
Masashi Honma
0da6d93dbf tests: Change handling of reading non blocked empty stream for python3
The result of reading non blocked empty stream is different between
python2 and 3. The python2 sends "[Errno 11] Resource temporarily
unavailable" exception. The python3 could read "None" without
exception, so handle this "None" case as well.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-10 01:43:50 +02:00
Jouni Malinen
6447b87400 tests: EAP-TLS and TLS 1.3
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Johannes Berg
3281c1590d tests: hwsim: macsec: correct configuration reference
You need CONFIG_DRIVER_MACSEC_LINUX, not CONFIG_MACSEC_LINUX,
so fix this in the messages.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-06 23:04:54 +02:00
Johannes Berg
e5a410f472 tests: Make /etc/alternatives work in VM
In recent Debian versions, ebtables is an alias managed by
the alternatives(8) mechanism. This means /usr/sbin/ebtables
is a symlink to /etc/alternatives/ebtables, which in turn
links to the real binary.

As we mount a tmpfs over /etc, we cannot access this.

Fix this by bind-mounting the real /etc to /tmp/etc and
adding a symlink from /etc/alternatives to this.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 23:51:37 +02:00
Johannes Berg
4b1cc13914 tests: Add sigma_dut to .gitignore
Evidently this file must exist when running the sigma_dut
dependent tests, add it to .gitignore so it's not seen as
making the tree "unclean" when it is added manually.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 23:51:36 +02:00
Johannes Berg
00bd8157aa tests: Build hs20-osu-client
For tests, build the HS 2.0 OSU client (without browser to avoid
having webkit/curl dependencies).

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 23:51:36 +02:00
Johannes Berg
b513ed429d tests: Remove useless test list from run-tests.py help
There's no point in printing out a 3k+ long list, just remove it.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 23:51:36 +02:00
Johannes Berg
3691db26f7 tests: Add test reconnecting on assoc failure
Add a test that drops the authentication frame, so that
hostapd thinks the station is unknown, and then sends one
by itself, so the station thinks it's associated. This
tests mostly the kernel's capability to recover from this
scenario.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 23:51:31 +02:00
Jouni Malinen
cdc23db2a6 tests: PEAP/GTC key lifetime in memory
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
43e3114c5f tests: Fix EAP-FAST protocol testing with python3
This was hit on Ubuntu 18.04 (newer python3 and OpenSSL library versions
compared to earlier tests).

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-05 15:50:45 +02:00
Johannes Berg
e339511007 tests: Optionally start telnet server inside VMs
If telnetd is installed and --telnet <port> is passed on the
vm-run.sh command line, start a telnet server (directly connected
to bash, no login) inside the VM(s) to be able to look into them
when something is wrong. Use a user network in qemu with a single
host forward from the specified port for this, listening only on
'localhost'.

Please note that this provides unauthenticated access to the guest
system from anything that can open a TCP connection on the host system.
The guess system does have access to reading all files on the host that
the user account running kvm has access to (and even write access if the
default ROTAG ,readonly parameter is cleared). In other words, this
option should not be used on any multiuser systems where kvm is run
under user accounts that are not dedicated for testing purposes (i.e.,
do not have access to any files that should not be readable to
everyone).

This needs CONFIG_VIRTIO_NET=y in the guest kernel.

For parallel-vm.py, the --telnet argument specifies the base port
and each VM index (0, 1, ...) is added to it.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 14:26:36 +02:00
Johannes Berg
b0797ec955 tests: Suppress annoying console reset from VMs
Recently, qemu/seabios grew an annoying console/terminal reset,
which also causes my terminal to be left in a state where long
lines don't work well and less gets confused because of this.

Suppress this by suppressing all output from qemu before a new
magic string printed from inside.sh.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 13:35:15 +02:00
Jouni Malinen
06faf9e40b tests: Support python3 in multi-ocsp test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-05 03:04:56 +02:00
Jouni Malinen
671c390a23 tests: Fix multi-ocsp response conents
These were not updated when the server certificates were updated the
last time (or the previous time).

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-05 03:01:38 +02:00
Jouni Malinen
2e5397d5db tests: Create radio for p2ps_channel_active_go_and_station_different_mcc
Instead of relying on existing configuration (which may conflict
with other tests) and skipping otherwise, create a new radio with
two channels in this test and use it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-05 02:12:00 +02:00
Johannes Berg
d25f16e478 tests: Create radio for p2ps_channel_both_connected_different_mcc
Instead of relying on existing configuration (which may conflict
with other tests) and skipping otherwise, create a new radio with
two channels in this test and use it.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 02:06:36 +02:00
Jouni Malinen
d5cac05952 tests: Multi-BSSID test cases with python3
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 20:03:29 +02:00
Jouni Malinen
200ac5daf6 tests: Encode Disconnect-Request attributes in sorted order for python3
This is needed to fix issues with dict iteration resulting in different
order of attributes when trying to calculate Message-Authenticator
externally to pyrad.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 20:03:29 +02:00
Jouni Malinen
55845e190b tests: Clean up pyrad test cases for python3 compatibility
All other test cases seem to work, but radius_das_disconnect_time_window
is still failing due to incorrect authenticator or Message-Authenticator
in Disconnect-Request.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 20:03:29 +02:00
Jouni Malinen
366ada0412 tests: Decode sigma_dut output for python3
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 16:48:22 +02:00
Jouni Malinen
37df1775ad tests: Read sigma_dut-ap.conf as binary data for python3 compatibility
Sending UTF-8 encoded data to logger file is currently not working
properly, so create a separate binary file with a copy of
sigma_dut-ap.conf instead to work with both python2 and python3.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 16:46:31 +02:00
Jouni Malinen
e50c58e585 tests: Replace file() with open() to work with python3
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 16:11:42 +02:00
Jouni Malinen
c37ef330d0 tests: MAC address ASCII string generation in python3 compatible manner
Use struct.unpack() to get a list of int and then generate a list of
hexstr octets from it for ':'.join() to get consistent behavior for both
python2 and python3.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:35 +02:00
Masashi Honma
b723b25926 tests: Replace dict.has_key() with the in operator for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-04 12:26:35 +02:00
Masashi Honma
4aa2336ed5 tests: Use binary mode for writing WPS attributes
This is needed for python3.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-04 12:26:34 +02:00
Masashi Honma
59aecb1c42 tests: Decode StreamRequestHandler read for python3
WPSAPHTTPServer class needs to explicitly decode the read value from
a bytes object to a str object.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-04 12:26:34 +02:00
Masashi Honma
732b76139a tests: Decode upnp_soap_action() response for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-04 12:26:34 +02:00
Masashi Honma
69f58282bc tests: ElementTree string representation in python3 compatible manner
Use ET.tostring() to avoid implicit bytes/str conversion issues within
ET implementation. Add XML declaration separately to match previous
behavior.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-04 12:26:34 +02:00
Masashi Honma
308ecbc16e tests: urlopen() compatibility for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-04 12:26:34 +02:00
Jouni Malinen
b7da11fd95 tests: Extend build_wsc_attr() to accept both bytes and str objects
This is needed for python3.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:34 +02:00
Jouni Malinen
786ce912ce tests: Fix struct.unpack() call for a single octet with python3
python3 needs this to be a bytes object, not the first octet of that
object.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:34 +02:00
Jouni Malinen
fd86ea402e tests: Remove forgotten development time print
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:34 +02:00
Masashi Honma
27a7e75651 tests: Open Hotspot 2.0 icon files in binary modes for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-02-04 12:26:34 +02:00