Commit Graph

61 Commits

Author SHA1 Message Date
Jouni Malinen
cbb85a0380 tests: Make ap_wpa2_eap_ttls_server_cert_hash_invalid more robust
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
5a0c15174b tests: UNAUTH-TLS
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
8ba89e0a32 tests: EAP-pwd with server fragmenting messages
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
47a74ad81a tests: EAP-IKEv2 fragmentation
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
46e094bd6f tests: EAP-FAST and missing PAC configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
c6ab1cdbc5 tests: EAP-FAST using binary PAC file format
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
4b2d209824 tests: EAP-pwd with invalid group
This could result in wpa_supplicant segmentation fault prior to the
EAP-pwd fix for error case handling.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
e2a90a4c79 tests: EAP-SIM/AKA configuration parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
5b1aaf6cfb tests: EAP-SIM/AKA/AKA' with SQLite
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 17:57:28 +03:00
Jouni Malinen
32dca985c7 tests: EAP with expanded Nak
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:33:49 +03:00
Jouni Malinen
633e364b60 tests: EAP roundtrip limit
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-10 21:20:54 +03:00
Jouni Malinen
0403fa0a93 tests: Increas EAP-pwd fragmentation coverage
Verify fragmentation of additional message types.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-06 00:52:13 +03:00
Jouni Malinen
eaf3f9b10d tests: wpa_supplicant MIB command output for WPA/WPA2 information
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-05 23:56:03 +03:00
Jouni Malinen
a0f350fd79 tests: EAP-SIM server using GSM triplets
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-30 16:28:48 +03:00
Jouni Malinen
650383134d tests: hostapd GET_CONFIG key_mgmt values
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-22 19:01:34 +02:00
Jouni Malinen
910f16ca0e tests: EAP-SIM/AKA with protected result indication
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-21 12:56:48 +02:00
Jouni Malinen
c37b02fcc4 tests: Authentication server using PKCS#12 file
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-20 00:16:00 +02:00
Jouni Malinen
2a6a2192b7 tests: Invalid ca_cert hash:// value
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-20 00:02:00 +02:00
Jouni Malinen
c61dca40a4 tests: TLS domain_suffix_match rejection due to incomplete label match
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-19 23:50:57 +02:00
Jouni Malinen
5c65e277a0 tests: Increase altsubject_match coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-19 23:46:53 +02:00
Jouni Malinen
6ea231e6d4 tests: EAP TLS parameters using configuration blobs
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-15 23:52:43 +02:00
Jouni Malinen
8b56743ef7 tests: Displayable message in EAP Request-Identity
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-10 00:27:15 +02:00
Jouni Malinen
7c50093f37 tests: Authenticator-initiated EAP reauthentication
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-10 00:18:49 +02:00
Jouni Malinen
14bef66d66 tests: Server certificate with both client and server EKU
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 10:35:33 +02:00
Jouni Malinen
5be9dcbb86 tests: Remove unnecessary interpreter line from most python files
Only run-tests.py is actually executed, so there is no need to specify
the interpreter in all the helper files and test script files.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-21 20:21:53 +02:00
Jouni Malinen
6f939e591e tests: Convert connect() to use kwargs
This makes it more convenient to add new network block parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 21:58:09 +02:00
Jouni Malinen
eac674402f tests: Verify NtPasswordHash with different UTF-8 cases
This adds a password that uses one, two, and three octet encoding
for UTF-8 characters. The value is tested against a pre-configured
hash to verify that utf8_to_ucs2() function works correctly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 12:08:50 +02:00
Jouni Malinen
242219c563 tests: Set dh_file on EAP client
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:42:56 +02:00
Jouni Malinen
6ab4a7aa5a tests: EAP-TTLS and server certificate with client EKU
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:33:55 +02:00
Jouni Malinen
6a4d0dbe1c tests: Expired server certificate
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:28:22 +02:00
Jouni Malinen
64e05f9644 tests: Domain name suffix match against CN
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 10:19:16 +02:00
Jouni Malinen
d4c7a2b9e6 tests: EAP-TLS with OCSP
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:45:56 +02:00
Jouni Malinen
2d10eb0efd tests: PKCS#12 use for EAP-TLS
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:18:22 +02:00
Jouni Malinen
9f8994c623 tests: CA certificate in DER format
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:06:36 +02:00
Jouni Malinen
57be05e158 tests: Server certificate trust based on hash value
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:04:45 +02:00
Jouni Malinen
3b74982f93 tests: subject_match and altsubject_match
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 17:04:35 +02:00
Jouni Malinen
53a6f06a0b tests: EAP-FAST
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 16:42:15 +02:00
Jouni Malinen
c075f040a1 tests: Verify all implemented EAP-pwd groups
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 09:08:54 +02:00
Jouni Malinen
fa0ddb1484 tests: MSCHAPv2 password as hash value
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
e745c811ef tests: Verify EAP vendor test
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
d0ce105068 tests: Verify EAP-PEAP/EAP-TLS
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
f10ba3b2fc tests: Negative test cases with incorrect EAP password
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
6daf5b9c1c tests: Add more EAP fragmentation tests
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
40759604f6 tests: Interactive identity/password query for EAP
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
cb33ee143b tests: Make WPA2-Enterprise reauth test cases more robust
With the extra latencies removed from run-tests.py operations, it was
possible to hit race conditions in pairwise cipher configuration at the
end of the 4-way handshake. In some cases, the EAPOL-Start frame from
the station was not received by the AP and that could result in these
test cases failing. Since there are not really trying to test the race
condition, wait for the AP side to complete key configuration prior to
initiating the reauthentication sequence.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
369f9c20ee tests: Validate EAP-GPSK cipher suite negotiation
This covers all currently supported algorithms and the case of no match.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
bce774ad63 tests: Use ctrl_iface event for EAP reauth instead of STATUS poll
This speeds up the EAP test cases a bit by avoiding polling for
wpa_supplicant status.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
5dec879d5b tests: Verify STA command output and EAPOL state
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 18:10:30 +02:00
Jouni Malinen
2bb9e28336 tests: Validate EAP-EKE proposal negotiation
This covers all currently supported algorithms and the case of no match.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 17:18:17 +02:00
Jouni Malinen
2b00519431 tests: WPA2-Enterprise with PMF required
Increase test coverage with PMF required configuration and SHA256-based
AKM in one of the EAP test cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 10:00:31 +02:00