mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 02:44:03 -05:00
tests: Skip EAP-MD5 and EAP-MSCHAPV2 test cases in FIPS mode
These would require MD5 or MD4 which are not allowed in FIPS mode. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
ca158ea621
commit
e7ac04ceaf
@ -993,6 +993,7 @@ def test_ap_wpa2_eap_ttls_eap_gtc_server_oom(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_ttls_eap_md5(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-TTLS/EAP-MD5"""
|
||||
check_eap_capa(dev[0], "MD5")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "TTLS", "user",
|
||||
@ -1003,6 +1004,7 @@ def test_ap_wpa2_eap_ttls_eap_md5(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_ttls_eap_md5_incorrect_password(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-TTLS/EAP-MD5 - incorrect password"""
|
||||
check_eap_capa(dev[0], "MD5")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "TTLS", "user",
|
||||
@ -1012,6 +1014,7 @@ def test_ap_wpa2_eap_ttls_eap_md5_incorrect_password(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_ttls_eap_md5_no_password(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-TTLS/EAP-MD5 - no password"""
|
||||
check_eap_capa(dev[0], "MD5")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "TTLS", "user-no-passwd",
|
||||
@ -1021,6 +1024,7 @@ def test_ap_wpa2_eap_ttls_eap_md5_no_password(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_ttls_eap_md5_server_oom(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-TTLS/EAP-MD5 - server OOM"""
|
||||
check_eap_capa(dev[0], "MD5")
|
||||
params = int_eap_server_params()
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
with alloc_fail(hapd, 1, "eap_md5_init"):
|
||||
@ -1045,6 +1049,7 @@ def test_ap_wpa2_eap_ttls_eap_md5_server_oom(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_ttls_eap_mschapv2(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-TTLS/EAP-MSCHAPv2"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "TTLS", "user",
|
||||
@ -1062,6 +1067,7 @@ def test_ap_wpa2_eap_ttls_eap_mschapv2(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_ttls_eap_mschapv2_no_password(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-TTLS/EAP-MSCHAPv2 - no password"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "TTLS", "user-no-passwd",
|
||||
@ -1071,6 +1077,7 @@ def test_ap_wpa2_eap_ttls_eap_mschapv2_no_password(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_ttls_eap_mschapv2_server_oom(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-TTLS/EAP-MSCHAPv2 - server OOM"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = int_eap_server_params()
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
with alloc_fail(hapd, 1, "eap_mschapv2_init"):
|
||||
@ -1154,6 +1161,7 @@ def test_ap_wpa2_eap_fast_eap_aka(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_peap_eap_mschapv2(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-PEAP/EAP-MSCHAPv2"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "PEAP", "user",
|
||||
@ -1183,6 +1191,7 @@ def test_ap_wpa2_eap_peap_eap_mschapv2(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_peap_eap_mschapv2_domain(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-PEAP/EAP-MSCHAPv2 with domain"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "PEAP", "DOMAIN\user3",
|
||||
@ -1193,6 +1202,7 @@ def test_ap_wpa2_eap_peap_eap_mschapv2_domain(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_peap_eap_mschapv2_incorrect_password(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-PEAP/EAP-MSCHAPv2 - incorrect password"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "PEAP", "user",
|
||||
@ -1202,6 +1212,7 @@ def test_ap_wpa2_eap_peap_eap_mschapv2_incorrect_password(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_peap_crypto_binding(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-PEAPv0/EAP-MSCHAPv2 and crypto binding"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "PEAP", "user", password="password",
|
||||
@ -1222,6 +1233,7 @@ def test_ap_wpa2_eap_peap_crypto_binding(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_peap_crypto_binding_server_oom(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-PEAPv0/EAP-MSCHAPv2 and crypto binding with server OOM"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = int_eap_server_params()
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
with alloc_fail(hapd, 1, "eap_mschapv2_getKey"):
|
||||
@ -1233,6 +1245,7 @@ def test_ap_wpa2_eap_peap_crypto_binding_server_oom(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_peap_params(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-PEAPv0/EAP-MSCHAPv2 and various parameters"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
eap_connect(dev[0], apdev[0], "PEAP", "user",
|
||||
@ -1345,6 +1358,7 @@ def test_ap_wpa2_eap_tls_pkcs12_blob(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_tls_neg_incorrect_trust_root(dev, apdev):
|
||||
"""WPA2-Enterprise negative test - incorrect trust root"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
cert = read_pem("auth_serv/ca-incorrect.pem")
|
||||
@ -2159,6 +2173,7 @@ def test_ap_wpa2_eap_psk_oom(dev, apdev):
|
||||
|
||||
def test_ap_wpa_eap_peap_eap_mschapv2(dev, apdev):
|
||||
"""WPA-Enterprise connection using EAP-PEAP/EAP-MSCHAPv2"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa_eap_params(ssid="test-wpa-eap")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
dev[0].connect("test-wpa-eap", key_mgmt="WPA-EAP", eap="PEAP",
|
||||
@ -2182,6 +2197,7 @@ def test_ap_wpa_eap_peap_eap_mschapv2(dev, apdev):
|
||||
|
||||
def test_ap_wpa2_eap_interactive(dev, apdev):
|
||||
"""WPA2-Enterprise connection using interactive identity/password entry"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
||||
|
@ -160,6 +160,7 @@ def check_probe_resp(wt, bssid_unexpected, bssid_expected):
|
||||
|
||||
def test_ap_anqp_sharing(dev, apdev):
|
||||
"""ANQP sharing within ESS and explicit unshare"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
dev[0].flush_scan_cache()
|
||||
|
||||
bssid = apdev[0]['bssid']
|
||||
@ -211,6 +212,7 @@ def test_ap_anqp_sharing(dev, apdev):
|
||||
|
||||
def test_ap_nai_home_realm_query(dev, apdev):
|
||||
"""NAI Home Realm Query"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
|
||||
@ -478,6 +480,7 @@ def test_ap_hs20_ext_sim_roaming(dev, apdev):
|
||||
|
||||
def test_ap_hs20_username(dev, apdev):
|
||||
"""Hotspot 2.0 connection in username/password credential"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -507,6 +510,7 @@ def test_ap_hs20_username(dev, apdev):
|
||||
|
||||
def test_ap_hs20_connect_api(dev, apdev):
|
||||
"""Hotspot 2.0 connection with connect API"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -534,6 +538,7 @@ def test_ap_hs20_connect_api(dev, apdev):
|
||||
|
||||
def test_ap_hs20_auto_interworking(dev, apdev):
|
||||
"""Hotspot 2.0 connection with auto_interworking=1"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -644,10 +649,12 @@ def test_ap_hs20_eap_unknown(dev, apdev):
|
||||
|
||||
def test_ap_hs20_eap_peap_mschapv2(dev, apdev):
|
||||
"""Hotspot 2.0 connection with PEAP/MSCHAPV2"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
eap_test(dev[0], apdev[0], "25[3:26]", "PEAP", "user")
|
||||
|
||||
def test_ap_hs20_eap_peap_default(dev, apdev):
|
||||
"""Hotspot 2.0 connection with PEAP/MSCHAPV2 (as default)"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
eap_test(dev[0], apdev[0], "25", "PEAP", "user")
|
||||
|
||||
def test_ap_hs20_eap_peap_gtc(dev, apdev):
|
||||
@ -677,6 +684,7 @@ def test_ap_hs20_eap_ttls_mschap(dev, apdev):
|
||||
|
||||
def test_ap_hs20_eap_ttls_eap_mschapv2(dev, apdev):
|
||||
"""Hotspot 2.0 connection with TTLS/EAP-MSCHAPv2"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
eap_test(dev[0], apdev[0], "21[3:26][6:7][99:99]", "TTLS", "user")
|
||||
|
||||
def test_ap_hs20_eap_ttls_eap_unknown(dev, apdev):
|
||||
@ -824,6 +832,7 @@ def test_ap_hs20_roaming_consortium(dev, apdev):
|
||||
|
||||
def test_ap_hs20_username_roaming(dev, apdev):
|
||||
"""Hotspot 2.0 connection in username/password credential (roaming)"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
|
||||
@ -845,6 +854,7 @@ def test_ap_hs20_username_roaming(dev, apdev):
|
||||
|
||||
def test_ap_hs20_username_unknown(dev, apdev):
|
||||
"""Hotspot 2.0 connection in username/password credential (no domain in cred)"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -861,6 +871,7 @@ def test_ap_hs20_username_unknown(dev, apdev):
|
||||
|
||||
def test_ap_hs20_username_unknown2(dev, apdev):
|
||||
"""Hotspot 2.0 connection in username/password credential (no domain advertized)"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -879,6 +890,7 @@ def test_ap_hs20_username_unknown2(dev, apdev):
|
||||
|
||||
def test_ap_hs20_gas_while_associated(dev, apdev):
|
||||
"""Hotspot 2.0 connection with GAS query while associated"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -902,6 +914,7 @@ def test_ap_hs20_gas_while_associated(dev, apdev):
|
||||
|
||||
def test_ap_hs20_gas_while_associated_with_pmf(dev, apdev):
|
||||
"""Hotspot 2.0 connection with GAS query while associated and using PMF"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_gas_while_associated_with_pmf(dev, apdev)
|
||||
finally:
|
||||
@ -938,6 +951,7 @@ def _test_ap_hs20_gas_while_associated_with_pmf(dev, apdev):
|
||||
|
||||
def test_ap_hs20_gas_frag_while_associated(dev, apdev):
|
||||
"""Hotspot 2.0 connection with fragmented GAS query while associated"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -963,6 +977,7 @@ def test_ap_hs20_gas_frag_while_associated(dev, apdev):
|
||||
|
||||
def test_ap_hs20_multiple_connects(dev, apdev):
|
||||
"""Hotspot 2.0 connection through multiple network selections"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -1100,6 +1115,7 @@ def default_cred(domain=None, user="hs20-test"):
|
||||
|
||||
def test_ap_hs20_prefer_home(dev, apdev):
|
||||
"""Hotspot 2.0 required roaming consortium"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hs20_ap_params()
|
||||
params['domain_name'] = "example.org"
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1117,6 +1133,7 @@ def test_ap_hs20_prefer_home(dev, apdev):
|
||||
|
||||
def test_ap_hs20_req_roaming_consortium(dev, apdev):
|
||||
"""Hotspot 2.0 required roaming consortium"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
|
||||
@ -1141,6 +1158,7 @@ def test_ap_hs20_req_roaming_consortium(dev, apdev):
|
||||
|
||||
def test_ap_hs20_excluded_ssid(dev, apdev):
|
||||
"""Hotspot 2.0 exclusion based on SSID"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hs20_ap_params()
|
||||
params['roaming_consortium'] = [ "223344" ]
|
||||
params['anqp_3gpp_cell_net'] = "555,444"
|
||||
@ -1184,6 +1202,7 @@ def test_ap_hs20_excluded_ssid(dev, apdev):
|
||||
|
||||
def test_ap_hs20_roam_to_higher_prio(dev, apdev):
|
||||
"""Hotspot 2.0 and roaming from current to higher priority network"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params(ssid="test-hs20-visited")
|
||||
params['domain_name'] = "visited.example.org"
|
||||
@ -1222,6 +1241,7 @@ def test_ap_hs20_roam_to_higher_prio(dev, apdev):
|
||||
|
||||
def test_ap_hs20_domain_suffix_match_full(dev, apdev):
|
||||
"""Hotspot 2.0 and domain_suffix_match"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1251,6 +1271,7 @@ def test_ap_hs20_domain_suffix_match_full(dev, apdev):
|
||||
|
||||
def test_ap_hs20_domain_suffix_match(dev, apdev):
|
||||
"""Hotspot 2.0 and domain_suffix_match"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
check_domain_match_full(dev[0])
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
@ -1269,6 +1290,7 @@ def test_ap_hs20_domain_suffix_match(dev, apdev):
|
||||
|
||||
def test_ap_hs20_roaming_partner_preference(dev, apdev):
|
||||
"""Hotspot 2.0 and roaming partner preference"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hs20_ap_params()
|
||||
params['domain_name'] = "roaming.example.org"
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1293,6 +1315,7 @@ def test_ap_hs20_roaming_partner_preference(dev, apdev):
|
||||
|
||||
def test_ap_hs20_max_bss_load(dev, apdev):
|
||||
"""Hotspot 2.0 and maximum BSS load"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hs20_ap_params()
|
||||
params['bss_load_test'] = "12:200:20000"
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1328,6 +1351,7 @@ def test_ap_hs20_max_bss_load(dev, apdev):
|
||||
|
||||
def test_ap_hs20_max_bss_load2(dev, apdev):
|
||||
"""Hotspot 2.0 and maximum BSS load with one AP not advertising"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
params = hs20_ap_params()
|
||||
params['bss_load_test'] = "12:200:20000"
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1351,6 +1375,7 @@ def test_ap_hs20_max_bss_load2(dev, apdev):
|
||||
|
||||
def test_ap_hs20_multi_cred_sp_prio(dev, apdev):
|
||||
"""Hotspot 2.0 multi-cred sp_priority"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_multi_cred_sp_prio(dev, apdev)
|
||||
finally:
|
||||
@ -1394,6 +1419,7 @@ def _test_ap_hs20_multi_cred_sp_prio(dev, apdev):
|
||||
|
||||
def test_ap_hs20_multi_cred_sp_prio2(dev, apdev):
|
||||
"""Hotspot 2.0 multi-cred sp_priority with two BSSes"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_multi_cred_sp_prio2(dev, apdev)
|
||||
finally:
|
||||
@ -1470,6 +1496,7 @@ def conn_capab_cred(domain=None, req_conn_capab=None):
|
||||
|
||||
def test_ap_hs20_req_conn_capab(dev, apdev):
|
||||
"""Hotspot 2.0 network selection with req_conn_capab"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1524,6 +1551,7 @@ def test_ap_hs20_req_conn_capab(dev, apdev):
|
||||
|
||||
def test_ap_hs20_req_conn_capab_and_roaming_partner_preference(dev, apdev):
|
||||
"""Hotspot 2.0 and req_conn_capab with roaming partner preference"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['domain_name'] = "roaming.example.org"
|
||||
@ -1575,6 +1603,7 @@ def bw_cred(domain=None, dl_home=None, ul_home=None, dl_roaming=None, ul_roaming
|
||||
|
||||
def test_ap_hs20_min_bandwidth_home(dev, apdev):
|
||||
"""Hotspot 2.0 network selection with min bandwidth (home)"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1610,6 +1639,7 @@ def test_ap_hs20_min_bandwidth_home(dev, apdev):
|
||||
|
||||
def test_ap_hs20_min_bandwidth_home_hidden_ssid_in_scan_res(dev, apdev):
|
||||
"""Hotspot 2.0 network selection with min bandwidth (home) while hidden SSID is included in scan results"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": 'secret',
|
||||
@ -1656,6 +1686,7 @@ def test_ap_hs20_min_bandwidth_home_hidden_ssid_in_scan_res(dev, apdev):
|
||||
|
||||
def test_ap_hs20_min_bandwidth_roaming(dev, apdev):
|
||||
"""Hotspot 2.0 network selection with min bandwidth (roaming)"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1691,6 +1722,7 @@ def test_ap_hs20_min_bandwidth_roaming(dev, apdev):
|
||||
|
||||
def test_ap_hs20_min_bandwidth_and_roaming_partner_preference(dev, apdev):
|
||||
"""Hotspot 2.0 and minimum bandwidth with roaming partner preference"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['domain_name'] = "roaming.example.org"
|
||||
@ -1729,6 +1761,7 @@ def test_ap_hs20_min_bandwidth_no_wan_metrics(dev, apdev):
|
||||
|
||||
def test_ap_hs20_deauth_req_ess(dev, apdev):
|
||||
"""Hotspot 2.0 connection and deauthentication request for ESS"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_deauth_req_ess(dev, apdev)
|
||||
finally:
|
||||
@ -1758,6 +1791,7 @@ def _test_ap_hs20_deauth_req_ess(dev, apdev):
|
||||
|
||||
def test_ap_hs20_deauth_req_bss(dev, apdev):
|
||||
"""Hotspot 2.0 connection and deauthentication request for BSS"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_deauth_req_bss(dev, apdev)
|
||||
finally:
|
||||
@ -1789,6 +1823,7 @@ def _test_ap_hs20_deauth_req_bss(dev, apdev):
|
||||
|
||||
def test_ap_hs20_deauth_req_from_radius(dev, apdev):
|
||||
"""Hotspot 2.0 connection and deauthentication request from RADIUS"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_deauth_req_from_radius(dev, apdev)
|
||||
finally:
|
||||
@ -1817,6 +1852,7 @@ def _test_ap_hs20_deauth_req_from_radius(dev, apdev):
|
||||
|
||||
def test_ap_hs20_remediation_required(dev, apdev):
|
||||
"""Hotspot 2.0 connection and remediation required from RADIUS"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_remediation_required(dev, apdev)
|
||||
finally:
|
||||
@ -1843,6 +1879,7 @@ def _test_ap_hs20_remediation_required(dev, apdev):
|
||||
|
||||
def test_ap_hs20_remediation_required_ctrl(dev, apdev):
|
||||
"""Hotspot 2.0 connection and subrem from ctrl_iface"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_remediation_required_ctrl(dev, apdev)
|
||||
finally:
|
||||
@ -1884,6 +1921,7 @@ def _test_ap_hs20_remediation_required_ctrl(dev, apdev):
|
||||
|
||||
def test_ap_hs20_session_info(dev, apdev):
|
||||
"""Hotspot 2.0 connection and session information from RADIUS"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_session_info(dev, apdev)
|
||||
finally:
|
||||
@ -1953,6 +1991,7 @@ def test_ap_hs20_osen(dev, apdev):
|
||||
|
||||
def test_ap_hs20_network_preference(dev, apdev):
|
||||
"""Hotspot 2.0 network selection with preferred home network"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -1993,6 +2032,7 @@ def test_ap_hs20_network_preference(dev, apdev):
|
||||
|
||||
def test_ap_hs20_network_preference2(dev, apdev):
|
||||
"""Hotspot 2.0 network selection with preferred credential"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid2 = apdev[1]['bssid']
|
||||
params = hostapd.wpa2_params(ssid="home", passphrase="12345678")
|
||||
hostapd.add_ap(apdev[1]['ifname'], params)
|
||||
@ -2033,6 +2073,7 @@ def test_ap_hs20_network_preference2(dev, apdev):
|
||||
|
||||
def test_ap_hs20_network_preference3(dev, apdev):
|
||||
"""Hotspot 2.0 network selection with two credential (one preferred)"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -2073,6 +2114,7 @@ def test_ap_hs20_network_preference3(dev, apdev):
|
||||
|
||||
def test_ap_hs20_network_preference4(dev, apdev):
|
||||
"""Hotspot 2.0 network selection with username vs. SIM credential"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -2115,6 +2157,7 @@ def test_ap_hs20_network_preference4(dev, apdev):
|
||||
|
||||
def test_ap_hs20_interworking_select_blocking_scan(dev, apdev):
|
||||
"""Ongoing INTERWORKING_SELECT blocking SCAN"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
@ -2310,6 +2353,7 @@ def test_ap_hs20_fetch_osu_stop(dev, apdev):
|
||||
|
||||
def test_ap_hs20_ft(dev, apdev):
|
||||
"""Hotspot 2.0 connection with FT"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['wpa_key_mgmt'] = "FT-EAP"
|
||||
@ -2331,6 +2375,7 @@ def test_ap_hs20_ft(dev, apdev):
|
||||
|
||||
def test_ap_hs20_remediation_sql(dev, apdev, params):
|
||||
"""Hotspot 2.0 connection and remediation required using SQLite for user DB"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
import sqlite3
|
||||
except ImportError:
|
||||
@ -2394,6 +2439,7 @@ def test_ap_hs20_remediation_sql(dev, apdev, params):
|
||||
|
||||
def test_ap_hs20_external_selection(dev, apdev):
|
||||
"""Hotspot 2.0 connection using external network selection and creation"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -2410,6 +2456,7 @@ def test_ap_hs20_external_selection(dev, apdev):
|
||||
|
||||
def test_ap_hs20_random_mac_addr(dev, apdev):
|
||||
"""Hotspot 2.0 connection with random MAC address"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
@ -2445,6 +2492,7 @@ def test_ap_hs20_random_mac_addr(dev, apdev):
|
||||
|
||||
def test_ap_hs20_multi_network_and_cred_removal(dev, apdev):
|
||||
"""Multiple networks and cred removal"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['nai_realm'] = [ "0,example.com,25[3:26]"]
|
||||
@ -2480,6 +2528,7 @@ def test_ap_hs20_multi_network_and_cred_removal(dev, apdev):
|
||||
|
||||
def test_ap_hs20_interworking_add_network(dev, apdev):
|
||||
"""Hotspot 2.0 connection using INTERWORKING_ADD_NETWORK"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['nai_realm'] = [ "0,example.com,21[3:26][6:7][99:99]" ]
|
||||
@ -2580,6 +2629,7 @@ def _test_ap_hs20_proxyarp(dev, apdev):
|
||||
|
||||
def test_ap_hs20_hidden_ssid_in_scan_res(dev, apdev):
|
||||
"""Hotspot 2.0 connection with hidden SSId in scan results"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": 'secret',
|
||||
@ -2612,6 +2662,7 @@ def test_ap_hs20_hidden_ssid_in_scan_res(dev, apdev):
|
||||
|
||||
def test_ap_hs20_proxyarp(dev, apdev):
|
||||
"""Hotspot 2.0 and ProxyARP"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_proxyarp(dev, apdev)
|
||||
finally:
|
||||
@ -2708,6 +2759,7 @@ def _test_ap_hs20_proxyarp_dgaf(dev, apdev, disabled):
|
||||
|
||||
def test_ap_hs20_proxyarp_disable_dgaf(dev, apdev):
|
||||
"""Hotspot 2.0 and ProxyARP with DGAF disabled"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_proxyarp_dgaf(dev, apdev, True)
|
||||
finally:
|
||||
@ -2718,6 +2770,7 @@ def test_ap_hs20_proxyarp_disable_dgaf(dev, apdev):
|
||||
|
||||
def test_ap_hs20_proxyarp_enable_dgaf(dev, apdev):
|
||||
"""Hotspot 2.0 and ProxyARP with DGAF enabled"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
try:
|
||||
_test_ap_hs20_proxyarp_dgaf(dev, apdev, False)
|
||||
finally:
|
||||
@ -3483,6 +3536,7 @@ def test_proxyarp_open_ebtables(dev, apdev, params):
|
||||
|
||||
def test_ap_hs20_connect_deinit(dev, apdev):
|
||||
"""Hotspot 2.0 connection interrupted with deinit"""
|
||||
check_eap_capa(dev[0], "MSCHAPV2")
|
||||
bssid = apdev[0]['bssid']
|
||||
params = hs20_ap_params()
|
||||
params['hessid'] = bssid
|
||||
|
@ -1,5 +1,5 @@
|
||||
# EAP protocol tests
|
||||
# Copyright (c) 2014, Jouni Malinen <j@w1.fi>
|
||||
# Copyright (c) 2014-2015, Jouni Malinen <j@w1.fi>
|
||||
#
|
||||
# This software may be distributed under the terms of the BSD license.
|
||||
# See README for more details.
|
||||
@ -14,6 +14,7 @@ import time
|
||||
|
||||
import hostapd
|
||||
from utils import HwsimSkip
|
||||
from test_ap_eap import check_eap_capa
|
||||
|
||||
EAP_CODE_REQUEST = 1
|
||||
EAP_CODE_RESPONSE = 2
|
||||
@ -141,6 +142,7 @@ def start_ap(ifname):
|
||||
|
||||
def test_eap_proto(dev, apdev):
|
||||
"""EAP protocol tests"""
|
||||
check_eap_capa(dev[0], "MD5")
|
||||
def eap_handler(ctx, req):
|
||||
logger.info("eap_handler - RX " + req.encode("hex"))
|
||||
if 'num' not in ctx:
|
||||
@ -722,6 +724,8 @@ def test_eap_proto_leap(dev, apdev):
|
||||
|
||||
def test_eap_proto_md5(dev, apdev):
|
||||
"""EAP-MD5 protocol tests"""
|
||||
check_eap_capa(dev[0], "MD5")
|
||||
|
||||
def md5_handler(ctx, req):
|
||||
logger.info("md5_handler - RX " + req.encode("hex"))
|
||||
if 'num' not in ctx:
|
||||
|
Loading…
Reference in New Issue
Block a user