mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
tests: WPA2 with invalid PSK from RADIUS
This is a regression test case for a memory leak on a decode_tunnel_passwords() error path. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
0307eebdb9
commit
675c036fff
@ -1066,6 +1066,80 @@ def test_radius_psk(dev, apdev):
|
||||
t_events['stop'].set()
|
||||
t.join()
|
||||
|
||||
def test_radius_psk_invalid(dev, apdev):
|
||||
"""WPA2 with invalid PSK from RADIUS"""
|
||||
try:
|
||||
import pyrad.server
|
||||
import pyrad.packet
|
||||
import pyrad.dictionary
|
||||
except ImportError:
|
||||
raise HwsimSkip("No pyrad modules available")
|
||||
|
||||
class TestServer(pyrad.server.Server):
|
||||
def _HandleAuthPacket(self, pkt):
|
||||
pyrad.server.Server._HandleAuthPacket(self, pkt)
|
||||
logger.info("Received authentication request")
|
||||
reply = self.CreateReplyPacket(pkt)
|
||||
reply.code = pyrad.packet.AccessAccept
|
||||
a = "\xab\xcd"
|
||||
secret = reply.secret
|
||||
p = b'\x07' + "1234567" + 8 * b'\x00'
|
||||
b = hashlib.md5(secret + pkt.authenticator + a).digest()
|
||||
pp = bytearray(p)
|
||||
bb = bytearray(b)
|
||||
cc = bytearray(pp[i] ^ bb[i] for i in range(len(bb)))
|
||||
data = '\x00' + a + bytes(cc)
|
||||
reply.AddAttribute("Tunnel-Password", data)
|
||||
self.SendReplyPacket(pkt.fd, reply)
|
||||
|
||||
def RunWithStop(self, t_events):
|
||||
self._poll = select.poll()
|
||||
self._fdmap = {}
|
||||
self._PrepareSockets()
|
||||
self.t_events = t_events
|
||||
|
||||
while not t_events['stop'].is_set():
|
||||
for (fd, event) in self._poll.poll(1000):
|
||||
if event == select.POLLIN:
|
||||
try:
|
||||
fdo = self._fdmap[fd]
|
||||
self._ProcessInput(fdo)
|
||||
except pyrad.server.ServerPacketError as err:
|
||||
logger.info("pyrad server dropping packet: " + str(err))
|
||||
except pyrad.packet.PacketError as err:
|
||||
logger.info("pyrad server received invalid packet: " + str(err))
|
||||
else:
|
||||
logger.error("Unexpected event in pyrad server main loop")
|
||||
|
||||
srv = TestServer(dict=pyrad.dictionary.Dictionary("dictionary.radius"),
|
||||
authport=18138, acctport=18139)
|
||||
srv.hosts["127.0.0.1"] = pyrad.server.RemoteHost("127.0.0.1",
|
||||
"radius",
|
||||
"localhost")
|
||||
srv.BindToAddress("")
|
||||
t_events = {}
|
||||
t_events['stop'] = threading.Event()
|
||||
t = threading.Thread(target=run_pyrad_server, args=(srv, t_events))
|
||||
t.start()
|
||||
|
||||
try:
|
||||
ssid = "test-wpa2-psk"
|
||||
params = hostapd.radius_params()
|
||||
params['ssid'] = ssid
|
||||
params["wpa"] = "2"
|
||||
params["wpa_key_mgmt"] = "WPA-PSK"
|
||||
params["rsn_pairwise"] = "CCMP"
|
||||
params['macaddr_acl'] = '2'
|
||||
params['wpa_psk_radius'] = '2'
|
||||
params['auth_server_port'] = "18138"
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
dev[0].connect(ssid, psk="12345678", scan_freq="2412",
|
||||
wait_connect=False)
|
||||
time.sleep(1)
|
||||
finally:
|
||||
t_events['stop'].set()
|
||||
t.join()
|
||||
|
||||
def test_radius_auth_force_client_addr(dev, apdev):
|
||||
"""RADIUS client address specified"""
|
||||
params = hostapd.wpa2_eap_params(ssid="radius-auth")
|
||||
|
Loading…
Reference in New Issue
Block a user