Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].
This step (4) converts the cases that call hostapd.add_ap() from a
helper function that got apdev[i] as an argument.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].
This step (1) converts the cases where apdev[#]['ifname'] was used as
the argument to hostapd.add_ap().
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
These need to be run without realm in the identity value to allow the
realm from the anonymous_identity to be used.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The decrypted copy of a GTK from EAPOL-Key is cleared from memory only
after having sent out CTRL-EVENT-CONNECTED. As such, there was a race
condition on the test case reading the wpa_supplicant process memory
after the connection. This was unlikely to occur due to the one second
sleep, but even with that, it would be at least theorically possible to
hit this race under heavy load (e.g., when using large number of VMs to
run parallel testing). Avoid this by running a PING command to make sure
wpa_supplicant has returned to eloop before reading the process memory.
This should make it less likely to report false positives on GTK being
found in memory.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like it is possible for the GTK to be found from memory every
now and then. This makes these test cases fail. Write the memory
addresses in which the GTK was found to the log to make it somewhat
easier to try to figure out where the key can be left in memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for the GTK-found-in-memory case to be triggered due to
a retransmission of EAPOL-Key msg 3/4 especially when running test cases
under heavy load (i.e., timeout on hostapd due to not receiving the 4/4
response quickly enough). Make this false failure report less likely by
waiting a bit longer after the connection has been completed before
fetching the process memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
Check wpa_supplicant EAP capability and skip EAP-pwd and EAP-FAST test
cases if the build did not include support for these. This is cleaner
than reporting failures for such test cases when the selected TLS
library does not support the EAP method.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of returning "skip" from the test function, raise the new
HwsimSkip exception to indicate a test case was skipped.
Signed-off-by: Jouni Malinen <j@w1.fi>
This tests RP EAP-Initiate/Re-auth-Start transmission, ERP key
derivation, and EAP-Initiate/Re-auth + EAP-Finish/Re-auth exchange and
rMSK derivation.
Signed-off-by: Jouni Malinen <j@w1.fi>
