fragattacks/tests/hwsim
Jouni Malinen 9ec3debf24 tests: FILS SK authentication with SHA384
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:50:28 +02:00
..
auth_serv tests: Update server and user certificates (2015) 2016-09-30 22:45:03 +03:00
tnc tests: Use QUIET=1 option to make build.sh output much shorter 2014-12-29 15:49:05 +02:00
vm tests: Remove src/common/cli.c from code coverage report 2016-12-26 14:30:50 +02:00
bss-1.conf tests: Test dynamic BSS addition/removal 2013-10-31 23:04:50 +02:00
bss-2.conf tests: Test dynamic BSS addition/removal 2013-10-31 23:04:50 +02:00
bss-3.conf tests: Test dynamic BSS addition/removal 2013-10-31 23:04:50 +02:00
bss-ht40-1.conf tests: Verify BSS additional/removal during HT co-ex scan 2013-11-06 15:52:40 +02:00
bss-ht40-2.conf tests: Verify BSS additional/removal during HT co-ex scan 2013-11-06 15:52:40 +02:00
build.sh tests: Set FIPSLD_CC=gcc (if not set) to make CONFIG_FIPS=y use easier 2015-08-01 16:57:04 +03:00
check_kernel.py tests: Catch RTNL assertions in the kernel check 2015-08-24 19:28:12 +03:00
dictionary.radius tests: Verify dynamic_vlan=required is honored with macaddr_acl=2 2015-04-25 10:28:19 +03:00
example-hostapd.config tests: Enable FILS in the example hwsim build configurations 2016-10-27 16:06:13 +03:00
example-setup.txt tests: Document tshark and python-netifaces as dependencies 2016-02-28 15:25:37 +02:00
example-wpa_supplicant.config tests: PMKSA cache control interface for external management 2016-12-12 23:56:57 +02:00
fst_module_aux.py tests: Remove unused import subprocess 2016-06-27 21:10:35 +03:00
fst_test_common.py tests: Add FST module tests 2015-07-16 18:26:16 +03:00
hostapd.accept tests: Add test cases for AP VLAN 2014-03-08 11:35:08 +02:00
hostapd.macaddr tests: hostapd MAC ACL file entry removal 2014-03-30 17:06:34 +03:00
hostapd.py tests: Verify hostapd mgmt_tx() success 2016-12-18 13:01:49 +02:00
hostapd.vlan tests: VLAN using vlan_file mapping 2014-03-30 17:06:34 +03:00
hostapd.wlan3.vlan tests: RSN pre-auth and PMKSA caching with per_sta_vif 2016-02-28 15:43:24 +02:00
hostapd.wlan4.vlan tests: RSN pre-auth and PMKSA caching with per_sta_vif 2016-02-28 15:43:24 +02:00
hostapd.wpa_psk tests: Verify different ways of configuring passphrase/PSK 2014-02-04 13:10:57 +02:00
hwsim_utils.py tests: Verify multicast_to_unicast operation 2016-12-04 21:42:46 +02:00
hwsim.py tests: Introduce hwsim radio context manager 2014-10-21 17:35:20 +03:00
multi-bss-acs.conf tests: Add test cases for automatic channel selection 2013-11-03 21:30:31 +02:00
multi-bss-iface-per_sta_vif.conf tests: Verify ap_vlan_iface_cleanup_multibss with per_sta_vif 2016-02-17 11:46:13 +02:00
multi-bss-iface.conf tests: Verify correct VLAN operation in multi-BSS multi-VLAN case 2015-06-14 13:40:50 +03:00
multi-bss.conf tests: Add test case for multi-BSS configuration file 2013-11-03 20:20:50 +02:00
netlink.py hwsim tests: Add support for the chanctx flag when creating radios 2014-02-25 16:53:40 +02:00
nl80211.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
p2p0.conf tests: Add start/stop scripts and configuration files 2013-03-02 11:39:54 +02:00
p2p1.conf tests: Add start/stop scripts and configuration files 2013-03-02 11:39:54 +02:00
p2p2.conf tests: Add start/stop scripts and configuration files 2013-03-02 11:39:54 +02:00
p2p_utils.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
radius_das.py tests: Remove unnecessary interpreter line from most python files 2014-02-21 20:21:53 +02:00
README tests: Add step-by-step guide for setting up test framework 2015-01-18 18:11:11 +02:00
remotehost.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
rfkill.py tests: Add rfkill module 2015-01-08 20:56:47 +02:00
run-all.sh tests: Properly pass the num of channels to start.sh 2015-08-10 21:10:56 +03:00
run-tests.py tests: Do not attach wpa_supplicant monitor interface unnecessarily 2016-12-14 13:56:15 +02:00
start.sh tests: Update server and user certificates (2015) 2016-09-30 22:45:03 +03:00
stop.sh tests: Optimize stop.sh wait times 2014-12-22 19:37:08 +02:00
test_ap_acs.py tests: Use cmd_execute() for iw reg set 00 2016-06-27 21:10:35 +03:00
test_ap_ciphers.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_ap_config.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_ap_csa.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_ap_dynamic.py tests: IAPP and multiple BSSes 2016-08-18 20:07:17 +03:00
test_ap_eap.py tests: Skip eap_tls_pkcs8_pkcs5_v15 with BoringSSL 2016-12-21 12:31:20 +02:00
test_ap_ft.py tests: Remove pmk_r1_push parameter from ap_ft_local_key_gen 2016-12-13 13:57:39 +02:00
test_ap_hs20.py tests: Verify wpa_state after INTERWORKING_SELECT 2016-12-11 19:51:09 +02:00
test_ap_ht.py tests: Operating classes with HT20 and HT40 channels 2016-12-26 00:17:05 +02:00
test_ap_mixed.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_ap_open.py tests: AP with open mode and external association 2016-12-05 12:16:12 +02:00
test_ap_params.py tests: Disable HT in ap_wds_sta_wep 2016-12-19 22:47:07 +02:00
test_ap_pmf.py tests: PMF and Authentication frame injection 2016-11-29 16:26:00 +02:00
test_ap_psk.py tests: WPA-PSK AP and only rsn_pairwise set 2016-09-23 11:45:55 +03:00
test_ap_qosmap.py tests: Setup wlantest once for qosmap tests 2016-09-17 22:14:06 +03:00
test_ap_roam.py tests: Add testcase for reconnect failure due to auth timeout 2016-09-23 17:36:55 +03:00
test_ap_tdls.py tests: Open AP and TDLS prohibited 2016-10-29 00:28:17 +03:00
test_ap_track.py tests: Make ap_track_sta_no_probe_resp more robust 2016-12-13 20:07:52 +02:00
test_ap_vht.py tests: VHT with 160 MHz channel width and HT40 disabled 2016-12-26 14:30:50 +02:00
test_ap_vlan.py tests: Avoid failures in ap_vlan_without_station with new kernel 2016-10-27 21:37:19 +03:00
test_ap_wps.py tests: WPS ER enrolling a new device to a configured AP 2016-12-19 17:44:51 +02:00
test_autoscan.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_bgscan.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_cfg80211.py tests: Fix cfg80211_tx_frame test 2016-10-02 21:27:43 +03:00
test_connect_cmd.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_dbus_old.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_dbus.py tests: Additional D-Bus WPS Get/Set properties 2016-12-23 21:28:43 +02:00
test_dfs.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
test_eap_proto.py tests: Fix eap_fast_tlv_nak_oom and eap_fast_proto_phase2 2016-12-25 00:19:26 +02:00
test_erp.py tests: Pass full apdev to add_ap() function (4) 2016-04-03 22:46:12 +03:00
test_ext_password.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_fils.py tests: FILS SK authentication with SHA384 2016-12-26 14:50:28 +02:00
test_fst_config.py tests: Make FST kill_pid() more robust 2016-08-22 17:44:05 +03:00
test_fst_module.py tests: Fix FST scanning for non-FST APs 2016-12-15 14:17:14 +02:00
test_gas.py tests: Update gas_anqp_capab_list and gas_anqp_extra_elements 2016-12-18 13:01:49 +02:00
test_hapd_ctrl.py tests: hostapd and ctrl_iface commands when BSS not yet fully enabled 2016-08-22 17:44:05 +03:00
test_hostapd_oom.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_hs20_filter.py tests: Modify test_hs20_filter 2016-04-08 15:44:10 +03:00
test_ibss.py tests: More coverage for IBSS RSN OOM 2016-08-14 00:22:50 +03:00
test_ieee8021x.py tests: IEEE 802.1X + WEP reauthentication 2016-08-17 13:40:40 +03:00
test_kernel.py tests: mac80211 and unknown Action frame rejection in STA mode 2016-12-18 13:01:49 +02:00
test_mbo.py tests: MBO and ignoring disallowed association 2016-09-25 17:31:26 +03:00
test_module_tests.py tests: eloop socket re-open from timeout/socket handler 2015-07-23 18:39:02 +03:00
test_monitor_interface.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_nfc_p2p.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_nfc_wps.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_offchannel_tx.py tests: Import p2p_utils instead of functions from old locations 2015-11-25 15:47:16 +02:00
test_p2p_autogo.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
test_p2p_channel.py tests: Fix p2p_autogo_pref_chan_not_in_regulatory with new regdb 2016-12-25 01:09:06 +02:00
test_p2p_concurrency.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_p2p_device.py tests: Test configuration propagation to group interface 2016-04-25 00:15:35 +03:00
test_p2p_discovery.py tests: P2P device discovery and peer changing device name 2016-12-11 12:45:08 +02:00
test_p2p_ext.py tests: Make p2p_ext_vendor_elem_go_neg_conf more robust 2016-12-14 16:33:19 +02:00
test_p2p_grpform.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_p2p_invitation.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_p2p_messages.py tests: Clear monitor socket within p2p_msg_unexpected_go_neg_resp 2016-12-24 13:09:23 +02:00
test_p2p_persistent.py tests: Use global control interface to remove P2P networks 2016-10-02 21:16:55 +03:00
test_p2p_service.py tests: P2P service discovery restarted immediately 2016-12-21 00:21:37 +02:00
test_p2p_set.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_p2p_wifi_display.py tests: Peer disabling Wi-Fi Display advertisement 2016-12-11 12:45:08 +02:00
test_p2ps.py tests: Make p2ps_wildcard_p2ps more robust 2016-12-10 00:33:33 +02:00
test_peerkey.py tests: Fix peerkey_sniffer_check with newer Wireshark version 2016-12-25 00:38:52 +02:00
test_pmksa_cache.py tests: Properly skip pmksa_cache_ctrl_ext if PMKSA_GET is not supported 2016-12-13 20:13:42 +02:00
test_radio_work.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
test_radius.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_rfkill.py tests: Do not use tabs for indentation 2016-04-25 00:19:40 +03:00
test_rrm.py tests: hostapd stationary_ap=1 in neighbor DB 2016-10-29 19:25:39 +03:00
test_sae.py tests: SAE protocol testing with hostapd 2016-12-26 14:30:50 +02:00
test_scan.py tests: Fix scan_reqs_with_non_scan_radio_work error reporting 2016-12-13 20:07:52 +02:00
test_ssid.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_sta_dynamic.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_suite_b.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
test_tnc.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_wep.py tests: WEP with HT/VHT 2016-08-02 17:43:26 +03:00
test_wext.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
test_wmediumd.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
test_wnm.py tests: WNM BSS Transition Management request getting rejected 2016-09-25 17:31:26 +03:00
test_wpas_ap.py tests: Fix wpas_ap_acs after 5 GHz use 2016-12-12 00:58:00 +02:00
test_wpas_config.py tests: wpa_supplicant config file parsing of arbitrary global values 2016-05-02 11:08:25 +03:00
test_wpas_ctrl.py tests: wpa_supplicant BSS CURRENT command 2016-12-21 12:46:14 +02:00
test_wpas_mesh.py tests: Fix mesh_open_vht_160 skipping 2016-12-25 00:47:01 +02:00
test_wpas_wmm_ac.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
tshark.py tests: Fix peerkey_sniffer_check with newer Wireshark version 2016-12-25 00:38:52 +02:00
utils.py tests: Make ap_track_sta_no_probe_resp more robust 2016-12-13 20:07:52 +02:00
w1fi_logo.png tests: HS 2.0 OSU and icon fetch 2014-03-02 10:35:34 +02:00
wlantest.py tests: Add support for wlantest for remote hwsim tests 2016-05-28 16:34:09 +03:00
wpasupplicant.py tests: Do not attach wpa_supplicant monitor interface unnecessarily 2016-12-14 13:56:15 +02:00
wps-ctrl-cred tests: wpa_supplicant config file parsing/writing with WPS 2016-05-02 11:08:25 +03:00
wps-ctrl-cred2 tests: wpa_supplicant config file parsing/writing with WPS 2016-05-02 11:08:25 +03:00
wps-mixed-cred tests: WPS mixed-WPA/WPA2 credential merging 2014-08-29 20:25:18 +03:00
wps-wep-cred tests: WPS 2.0 rejection of WEP credential 2014-03-05 12:40:54 +02:00

Automated hostapd/wpa_supplicant testing with mac80211_hwsim
------------------------------------------------------------

This directory contains testing infrastructure and test cases to run
automated tests of full hostapd and wpa_supplicant functionality. This
testing is done with the help of mac80211_hwsim which is Linux kernel
driver that simulates IEEE 802.11 radios without requiring any
additional hardware. This setup most of the hostapd and wpa_supplicant
functionality (and large parts of the Linux cfg80211 and mac80211
functionality for that matter) to be tested.

mac80211_hwsim is loaded with five simulated radios to allow different
device combinations to be tested. wlantest is used analyze raw packets
captured through the hwsim0 monitor interface that capture all frames
sent on all channels. wlantest is used to store the frames for
analysis. Three wpa_supplicant processes are used to control three
virtual radios and one hostapd process is used to dynamically control
the other two virtual radios. wpa_supplicant/hostapd test functionality
is used to verify that data connection (both unicast and broadcast)
works between two netdevs.

The python scripts and tools in this directory control test case
execution. They interact wpa_supplicant and hostapd through control
interfaces to perform the operations. In addition, wlantest_cli is used
to verify that operations have been performed correctly and that the
network connection works in the expected way.

These test cases are run automatically against the hostap.git commits
for regression testing and to help in keeping the hostap.git master
branch in stable state. Results from these tests are available here:
http://buildbot.w1.fi/hwsim/


Building binaries for testing
-----------------------------

You will need to build (or use already built) components to be
tested. These are available in the hostap.git repository and can be
built for example as follows:

cd ../../wpa_supplicant
cp ../tests/hwsim/example-wpa_supplicant.config .config
make clean
make
cd ../hostapd
cp ../tests/hwsim/example-hostapd.config .config
make clean
make hostapd hlr_auc_gw
cd ../wlantest
make clean
make

Alternatively, the build.sh script here can be used to run these steps
with conditional creation of .config files only if they do not exist.

The test scripts can find the binaries in the locations where they were
built. It is also possible to install wlantest_cli somewhere on the path
to use pre-built tools.

Please note that some of the configuration parameters used to enable
more testing coverage may require development packages that may not be
installed by default in many distributions. For example, following
Debian/Ubuntu packages are likely to be needed:
- binutils-dev
- libsqlite3-dev
- libpcap-dev

example-setup.txt provides more complete step-by-step example on how a
test setup can be built.


wpaspy
------

The python scripts use wpaspy.py to interact with the wpa_supplicant
control interface, but the run-tests.py script adds the (relative)
path into the environment so it doesn't need to be installed.


mac80211_hwsim
--------------

mac80211_hwsim kernel module is available from the upstream Linux
kernel. Some Linux distributions enable it by default. If that's not the
case, you can either enable it in the kernel configuration
(CONFIG_MAC80211_HWSIM=m) and rebuild your kernel or use Backports with
CPTCFG_MAC80211_HWSIM=m to replace the wireless LAN components in the
base kernel.


sudo
----

Some parts of the testing process requires root privileges. The test
scripts are currently using sudo to achieve this. To be able to run the
tests, you'll probably want to enable sudo with a timeout to not expire
password entry very quickly. For example, use this in the sudoers file:

Defaults        env_reset,timestamp_timeout=180

Or on a dedicated test system, you could even disable password prompting
with this in sudoers:

%sudo   ALL=NOPASSWD: ALL


Other network interfaces
------------------------

Some of the test scripts are still using hardcoded interface names, so
the easiest way of making things work is to avoid using other network
devices that may use conflicting interface names. For example, unload
any wireless LAN driver before running the tests and make sure that
wlan0..4 gets assigned as the interface names for the mac80211_hwsim
radios. It may also be possible to rename the interface expectations in
run-tests.py to allow other names to be used.

Please also note that some commonly enabled tools, like NetworkManager,
may end up trying to control new network interfaces automatically. This
can result in conflicts with the test scripts and you may need to
disable such network services or at least mark the mac80211_hwsim wlan#
interfaces as umanaged. As an example, this can be done in
/etc/NetworkManager/NetworkManager.conf with following addition:

[keyfile]
unmanaged-devices=mac:02:00:00:00:00:00;mac:02:00:00:00:01:00;mac:02:00:00:00:02:00;mac:02:00:00:00:03:00;mac:02:00:00:00:04:00


Running tests
-------------

Simplest way to run a full set of the test cases is by running
run-all.sh in tests/hwsim directory. This will use start.sh to load the
mac80211_hwsim module and start wpa_supplicant, hostapd, and various
test tools. run-tests.sh is then used to run through all the defined
test cases and stop.sh to stop the programs and unload the kernel
module.

run-all.sh can be used to run the same test cases under different
conditions:

# run normal test cases
./run-all.sh

# run normal test cases under valgrind
./run-all.sh valgrind

# run normal test cases with Linux tracing
./run-all.sh trace

# run normal test cases with multi channel support (see details below)
./run-all.sh channels=<num of channels>

run-all.sh directs debug logs into the logs subdirectory (or $LOGDIR if
present in the environment). Log file names include the current UNIX
timestamp and a postfix to identify the specific log:
- *.log0 = wpa_supplicant debug log for the first radio
- *.log1 = wpa_supplicant debug log for the second radio
- *.log2 = wpa_supplicant debug log for the third radio
- *.hostapd = hostapd debug log
- hwsim0 = wlantest debug log
- hwsim0.pcapng = capture with all frames exchanged during the tests
- *.log = debug prints from the test scripts
- trace.dat = Linux tracing record (if enabled)
- hlr_auc_gw - hlr_auc_gw (EAP-SIM/AKA/AKA' authentication) log
- auth_serv - hostapd as RADIUS authentication server log


For manual testing, ./start.sh can be used to initialize interfaces and
programs and run-tests.py to execute one or more test
cases. run-tests.py output verbosity can be controlled with -d (more
verbose debug output) and -q (less verbose output) on the command
line. "-f <module name>" (pointing to file test_<module name>.py) can be
used to specify that all test cases from a single file are to be
run. Test name as the last command line argument can be specified that a
single test case is to be run (e.g., "./run-tests.py ap_pmf_required").

Notice that some tests require the driver to support concurrent
operation on multi channels in order to run. These tests will be skipped
in case the driver does not support multi channels. To enable support
for multi channel, the number of supported channel is passed as an
argument to run-all.sh or start.sh


Adding/modifying test cases
---------------------------

All the test cases are defined in the test_*.py files. These are python
scripts that can use the local helper classes to interact with the test
components. While various python constructs can be used in the scripts,
only a minimal level of python knowledge should really be needed to
modify and add new test cases. The easiest starting point for this is
likely to take a look at some of the example scripts. When working on a
new test, run-tests.py with -d and the test case name on the command
line is a convenient way of verifying functionality.

run-tests.py will automatically import all test cases from the test_*.py
files in this directory. All functions starting with the "test_" prefix
in these files are assumed to be test cases. Each test case is named by
the function name following the "test_" prefix.


Results database
----------------

run-tests.py can be requested to write results from the execution of
each test case into an sqlite database. The "-S <path to database>" and
"-b <build id>" command line arguments can be used to do that. The
database must have been prepared before this, e.g., with following:

cat | sqlite3 /tmp/example.db <<EOF
CREATE TABLE results (test,result,run,time,duration,build,commitid);
CREATE INDEX results_idx ON results (test);
CREATE INDEX results_idx2 ON results (run);
CREATE TABLE tests (test,description);
CREATE UNIQUE INDEX tests_idx ON tests (test);
CREATE TABLE logs (test,run,type,contents);
CREATE INDEX logs_idx ON logs (test);
CREATE INDEX logs_idx2 ON logs (run);
EOF