Commit graph

57 commits

Author SHA1 Message Date
Michael Braun
942b52a8f6 tests: FT with AP-to-AP broadcast messages
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 22:16:14 +03:00
Michael Braun
ba88dd65e7 tests: Update FT RRB function OOM paths
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 22:16:14 +03:00
Jouni Malinen
c95dd8e48b tests: FT using old style key for AP-to-AP protocol
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-03 21:55:29 +03:00
Michael Braun
9441a227ac tests: Update FT test cases for new RRB message format
This updates the AP-to-AP keys to the longer form and OOM test case
functions to match the new implementation.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 21:55:29 +03:00
Jouni Malinen
e4612f8443 tests: WPA2-PSK-FT AP with non-FT AKMs enabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-26 21:13:21 +03:00
Jouni Malinen
c89422864f tests: WPA2-PSK-FT AP Reassociation Request frame processing
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-19 11:55:51 +02:00
Jouni Malinen
fd7205fabe tests: WPA2-PSK-FT AP and RIC
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-18 21:39:01 +02:00
Jouni Malinen
a04e6f3da2 tests: WPA2-PSK-FT AP over DS protocol testing for AP processing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-15 11:17:37 +02:00
Jouni Malinen
682a79f088 tests: WPA2-PSK-FT and AP OOM
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-15 10:35:44 +02:00
Jouni Malinen
55139acbe3 tests: WPA2-PSK-FT AP over DS disabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-29 01:15:11 +02:00
Jouni Malinen
8344ba1229 tests: Remove pmk_r1_push parameter from ap_ft_local_key_gen
Local key generation for FT-PSK does not use the AP-to-AP protocol and
as such, setting pmk_r1_push=1 is a bit confusing here since it gets
ignored in practice. Remove it to keep the test case easier to
understand.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-13 13:57:39 +02:00
Jouni Malinen
c85fcff2b1 tests: WPA2-PSK-FT AP with WPA2-PSK enabled and unexpected MDE
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-11-26 11:39:44 +02:00
Michael Braun
150948e68b test: FT: EAP test for mismatching keys
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2016-10-09 12:02:23 +03:00
Michael Braun
d0175d6e48 test: FT with locally generated PMK-R0/PMK-R1 from PSK
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2016-10-09 12:01:34 +03:00
Jouni Malinen
dcbb5d808b tests: FT OOM in SME
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-07-18 00:14:14 +03:00
Jouni Malinen
bc6e32880f tests: Remove extra semicolons from python scripts
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-07-03 22:37:01 +03:00
Jonathan Afek
9fd6804d61 tests: Mark 525 tests as remote compatible
After successfully passing the 525 tests on a remote setup mark the
tests as remote compatible.

Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
2016-06-27 21:47:37 +03:00
Jonathan Afek
fb120f1652 tests: Remove unused import subprocess
Number of files imported subprocess without using anything from subprocess.

Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
2016-06-27 21:10:35 +03:00
Janusz Dziedzic
8b8a1864ff tests: Pass full apdev to add_ap() function (1)
Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].

This step (1) converts the cases where apdev[#]['ifname'] was used as
the argument to hostapd.add_ap().

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2016-04-03 22:45:57 +03:00
Michael Braun
186ca4736d tests: FT RRB internal delivery to non-WPA BSS
A malicious station could try to do FT-over-DS with a non WPA-enabled
BSS. When this BSS is located in the same hostapd instance, internal RRB
delivery will be used and thus the FT Action Frame will be processed by
a non-WPA enabled BSS. This processing used to crash hostapd as
hapd->wpa_auth is NULL.

This test implements such a malicious request for regression testing.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2016-02-28 17:45:45 +02:00
Jouni Malinen
7cbc8e6719 tests: fail_test instead of alloc_fail for aes_{encrypt,decrypt}_init
This is needed to fix ap_wpa2_eap_psk_oom, ap_wpa2_eap_sim_oom,
eap_proto_psk_errors, and ap_ft_oom with the new OpenSSL dynamic memory
allocation design.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-01-14 20:10:16 +02:00
Jouni Malinen
8e416cecdb tests: Make key-lifetime-in-memory more robust for GTK check
The decrypted copy of a GTK from EAPOL-Key is cleared from memory only
after having sent out CTRL-EVENT-CONNECTED. As such, there was a race
condition on the test case reading the wpa_supplicant process memory
after the connection. This was unlikely to occur due to the one second
sleep, but even with that, it would be at least theorically possible to
hit this race under heavy load (e.g., when using large number of VMs to
run parallel testing). Avoid this by running a PING command to make sure
wpa_supplicant has returned to eloop before reading the process memory.
This should make it less likely to report false positives on GTK being
found in memory.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-14 17:23:47 +02:00
Jouni Malinen
1025603b3f tests: FT PTK rekeying triggered by AP/station after roam
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-10 00:14:36 +02:00
Jouni Malinen
8eb45bde38 tests: Write GTK locations into debug log in key_lifetime_in_memory
It looks like it is possible for the GTK to be found from memory every
now and then. This makes these test cases fail. Write the memory
addresses in which the GTK was found to the log to make it somewhat
easier to try to figure out where the key can be left in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-06 17:48:43 +02:00
Jouni Malinen
4013d6885b tests: Verify EAPOL reauthentication after FT protocol
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-19 21:16:29 +02:00
Jouni Malinen
ecafa0cf47 tests: RSN element protocol testing for STA side
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-08 20:04:07 +03:00
Jouni Malinen
38934ed100 tests: Skip ap_wpa2_eap_psk_oom and ap_ft_oom in FIPS mode
omac1_aes_128() implementation within crypto_openssl.c is used in this
case and that cannot fail the memory allocation similarly to the
non-FIPS case and aes-omac1.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
6f3815c0da tests: WPA2-PSK-FT RRB protocol testing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-17 11:16:15 +03:00
Jouni Malinen
34d3eaa8ee tests: WPA2-PSK-FT AP over DS protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
cf671d54bd tests: WPA2-PSK-FT and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
7b741a5383 tests: WPA2-PSK-FT AP with GCMP-256 cipher
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
664093b55b tests: WPA2-PSK-FT AP and invalid response IEs
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 18:04:50 +03:00
Jouni Malinen
211bb7c5ea tests: WPA2-PSK-FT AP over DS and unexpected response
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-15 16:36:37 +02:00
Jouni Malinen
54f2cae2e6 tests: Make *_key_lifetime_in_memory more robust
It was possible for the GTK-found-in-memory case to be triggered due to
a retransmission of EAPOL-Key msg 3/4 especially when running test cases
under heavy load (i.e., timeout on hostapd due to not receiving the 4/4
response quickly enough). Make this false failure report less likely by
waiting a bit longer after the connection has been completed before
fetching the process memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-31 18:06:06 +02:00
Jouni Malinen
f918b95b9d tests: Fix ft_psk_key_lifetime_in_memory with new PTK derivation debug
PTK is not printed out anymore as a single entry, so fetch KCK, KEK, and
TK separately.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:43:55 +02:00
Jouni Malinen
b9749b6aaa tests: Verify that SAE is supported for test cases requiring it
This makes it more convenient to run tests with wpa_supplicant builds
that do not support SAE (e.g., due to crypto library not providing
sufficient functionality for this).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
81e787b750 tests: Convert test skipping to use exception
Instead of returning "skip" from the test function, raise the new
HwsimSkip exception to indicate a test case was skipped.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-08 22:43:47 +02:00
Jouni Malinen
5b3c40a65b tests: Verify that wpa_supplicant clears keys from memory
Check that PMK and PTK and not left in memory (heap or stack)
unnecessarily after they are not needed anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-30 10:37:02 +02:00
Jouni Malinen
2f816c212c tests: Optimize FT test cases
Use single channel scan instead of full scan to save time. In addition,
use EAP-GPSK which takes significantly less CPU that EAP-EKE with
default parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-05 17:12:30 +02:00
Jouni Malinen
c337d07a1b tests: FT_DS with unknown target
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-05 17:05:46 +02:00
Jouni Malinen
17ffdf3951 tests: Clear sae_groups to default value in forgotten cases
It was possible for some of the SAE test cases (e.g., ap_ft_sae) to fail
if they were run after the sae_groups test case that left the SAE group
configuration to a value that is not enabled by default. Fix this by
clearing sae_groups setting in the couple of test cases that were not
yet doing this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-25 15:19:19 +02:00
Jouni Malinen
a8375c94c0 tests: Pass wpas/hapd instance to test_connectivity()
This makes it easier to replace data connectivity testing to use
something else than local hwsim_test binary on the controller device.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-19 17:54:49 +03:00
Jouni Malinen
40602101de tests: FT roams multiple times
This extends testing coverage by running FT-over-air and FT-over-DS
tests for hundred roams.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 15:48:48 +03:00
Jouni Malinen
c6b6e10578 tests: FT and GTK rekeying
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 13:22:24 +03:00
Jouni Malinen
ae14a2e29f tests: FT negative test with mismatching R0KH-ID
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 20:05:55 +03:00
Jouni Malinen
655bc8bfd6 tests: Make FT test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP. In addition, check for ROAM/FT_DS failures to be
able to report errors more clearly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
91bc6c364f tests: Verify network information in SCAN_RESULTS
This checks WPA/RSN IE parsing result and WEP information in
SCAN_RESULTS.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-29 12:52:10 +03:00
Jouni Malinen
eaf3f9b10d tests: wpa_supplicant MIB command output for WPA/WPA2 information
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-05 23:56:03 +03:00
Jouni Malinen
3b80894541 tests: Negative FT RRB test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-23 19:28:53 +02:00
Jouni Malinen
aaba98d30e tests: FT pull PMK-R1
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-23 18:31:58 +02:00