mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 10:54:03 -05:00
14d28a655a
Before we have to kill an application we start in the thread - in most cases using killall and sometimes kill other applicantions, e.g., tcpdump, iper, iperf3, tshark. With this patch we are able to stop/kill a single application/thread instead, based on the pid file. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com> |
||
---|---|---|
.. | ||
auth_serv | ||
tnc | ||
vm | ||
.gitignore | ||
build.sh | ||
check_kernel.py | ||
devdetail.xml | ||
devinfo.xml | ||
dictionary.radius | ||
example-hostapd.config | ||
example-setup.txt | ||
example-wpa_supplicant.config | ||
fst_module_aux.py | ||
fst_test_common.py | ||
hostapd.py | ||
hostapd.vlan | ||
hostapd.vlan2 | ||
hostapd.wlan3.vlan | ||
hostapd.wlan4.vlan | ||
hostapd.wpa_psk | ||
hwsim_utils.py | ||
hwsim.py | ||
multi-bss-acs.conf | ||
multi-bss-iface-per_sta_vif.conf | ||
multi-bss-iface.conf | ||
multi-bss.conf | ||
netlink.py | ||
nl80211.py | ||
owe-bss-1.conf | ||
owe-bss-2.conf | ||
p2p0.conf | ||
p2p1.conf | ||
p2p2.conf | ||
p2p_utils.py | ||
pps-mo-1.xml | ||
radius_das.py | ||
README | ||
remotehost.py | ||
rfkill.py | ||
run-all.sh | ||
run-tests.py | ||
start.sh | ||
stop.sh | ||
test_ap_acs.py | ||
test_ap_ciphers.py | ||
test_ap_config.py | ||
test_ap_csa.py | ||
test_ap_dynamic.py | ||
test_ap_eap.py | ||
test_ap_ft.py | ||
test_ap_hs20.py | ||
test_ap_ht.py | ||
test_ap_mixed.py | ||
test_ap_open.py | ||
test_ap_params.py | ||
test_ap_pmf.py | ||
test_ap_psk.py | ||
test_ap_qosmap.py | ||
test_ap_roam.py | ||
test_ap_tdls.py | ||
test_ap_track.py | ||
test_ap_vht.py | ||
test_ap_vlan.py | ||
test_ap_wps.py | ||
test_authsrv.py | ||
test_autoscan.py | ||
test_bgscan.py | ||
test_cert_check.py | ||
test_cfg80211.py | ||
test_connect_cmd.py | ||
test_dbus.py | ||
test_dfs.py | ||
test_dpp.py | ||
test_eap_proto.py | ||
test_eap.py | ||
test_erp.py | ||
test_ext_password.py | ||
test_fils.py | ||
test_fst_config.py | ||
test_fst_module.py | ||
test_gas.py | ||
test_hapd_ctrl.py | ||
test_he.py | ||
test_hostapd_oom.py | ||
test_hs20_filter.py | ||
test_hs20_pps_mo.py | ||
test_ibss.py | ||
test_ieee8021x.py | ||
test_kernel.py | ||
test_macsec.py | ||
test_mbo.py | ||
test_module_tests.py | ||
test_monitor_interface.py | ||
test_multi_ap.py | ||
test_nfc_p2p.py | ||
test_nfc_wps.py | ||
test_oce.py | ||
test_ocv.py | ||
test_offchannel_tx.py | ||
test_owe.py | ||
test_p2p_autogo.py | ||
test_p2p_channel.py | ||
test_p2p_concurrency.py | ||
test_p2p_device.py | ||
test_p2p_discovery.py | ||
test_p2p_ext.py | ||
test_p2p_grpform.py | ||
test_p2p_invitation.py | ||
test_p2p_messages.py | ||
test_p2p_persistent.py | ||
test_p2p_service.py | ||
test_p2p_set.py | ||
test_p2p_wifi_display.py | ||
test_p2ps.py | ||
test_pmksa_cache.py | ||
test_radio_work.py | ||
test_radius.py | ||
test_rfkill.py | ||
test_rrm.py | ||
test_sae_pk.py | ||
test_sae.py | ||
test_scan.py | ||
test_sigma_dut.py | ||
test_ssid.py | ||
test_sta_dynamic.py | ||
test_suite_b.py | ||
test_tnc.py | ||
test_wep.py | ||
test_wext.py | ||
test_wmediumd.py | ||
test_wnm.py | ||
test_wpas_ap.py | ||
test_wpas_config.py | ||
test_wpas_ctrl.py | ||
test_wpas_mesh.py | ||
test_wpas_wmm_ac.py | ||
tshark.py | ||
utils.py | ||
w1fi_logo.png | ||
wlantest.py | ||
wpasupplicant.py | ||
wps-ctrl-cred | ||
wps-ctrl-cred2 | ||
wps-mixed-cred | ||
wps-wep-cred |
Automated hostapd/wpa_supplicant testing with mac80211_hwsim ------------------------------------------------------------ This directory contains testing infrastructure and test cases to run automated tests of full hostapd and wpa_supplicant functionality. This testing is done with the help of mac80211_hwsim which is Linux kernel driver that simulates IEEE 802.11 radios without requiring any additional hardware. This setup most of the hostapd and wpa_supplicant functionality (and large parts of the Linux cfg80211 and mac80211 functionality for that matter) to be tested. mac80211_hwsim is loaded with five simulated radios to allow different device combinations to be tested. wlantest is used analyze raw packets captured through the hwsim0 monitor interface that capture all frames sent on all channels. wlantest is used to store the frames for analysis. Three wpa_supplicant processes are used to control three virtual radios and one hostapd process is used to dynamically control the other two virtual radios. wpa_supplicant/hostapd test functionality is used to verify that data connection (both unicast and broadcast) works between two netdevs. The python scripts and tools in this directory control test case execution. They interact wpa_supplicant and hostapd through control interfaces to perform the operations. In addition, wlantest_cli is used to verify that operations have been performed correctly and that the network connection works in the expected way. These test cases are run automatically against the hostap.git commits for regression testing and to help in keeping the hostap.git master branch in stable state. Results from these tests are available here: http://buildbot.w1.fi/hwsim/ Building binaries for testing ----------------------------- You will need to build (or use already built) components to be tested. These are available in the hostap.git repository and can be built for example as follows: cd ../../wpa_supplicant cp ../tests/hwsim/example-wpa_supplicant.config .config make clean make cd ../hostapd cp ../tests/hwsim/example-hostapd.config .config make clean make hostapd hostapd_cli hlr_auc_gw cd ../wlantest make clean make Alternatively, the build.sh script here can be used to run these steps with conditional creation of .config files only if they do not exist. The test scripts can find the binaries in the locations where they were built. It is also possible to install wlantest_cli somewhere on the path to use pre-built tools. Please note that some of the configuration parameters used to enable more testing coverage may require development packages that may not be installed by default in many distributions. For example, following Debian/Ubuntu packages are likely to be needed: - binutils-dev - libsqlite3-dev - libpcap-dev example-setup.txt provides more complete step-by-step example on how a test setup can be built. wpaspy ------ The python scripts use wpaspy.py to interact with the wpa_supplicant control interface, but the run-tests.py script adds the (relative) path into the environment so it doesn't need to be installed. mac80211_hwsim -------------- mac80211_hwsim kernel module is available from the upstream Linux kernel. Some Linux distributions enable it by default. If that's not the case, you can either enable it in the kernel configuration (CONFIG_MAC80211_HWSIM=m) and rebuild your kernel or use Backports with CPTCFG_MAC80211_HWSIM=m to replace the wireless LAN components in the base kernel. sudo ---- Some parts of the testing process requires root privileges. The test scripts are currently using sudo to achieve this. To be able to run the tests, you'll probably want to enable sudo with a timeout to not expire password entry very quickly. For example, use this in the sudoers file: Defaults env_reset,timestamp_timeout=180 Or on a dedicated test system, you could even disable password prompting with this in sudoers: %sudo ALL=NOPASSWD: ALL Other network interfaces ------------------------ Some of the test scripts are still using hardcoded interface names, so the easiest way of making things work is to avoid using other network devices that may use conflicting interface names. For example, unload any wireless LAN driver before running the tests and make sure that wlan0..4 gets assigned as the interface names for the mac80211_hwsim radios. It may also be possible to rename the interface expectations in run-tests.py to allow other names to be used. Please also note that some commonly enabled tools, like NetworkManager, may end up trying to control new network interfaces automatically. This can result in conflicts with the test scripts and you may need to disable such network services or at least mark the mac80211_hwsim wlan# interfaces as umanaged. As an example, this can be done in /etc/NetworkManager/NetworkManager.conf with following addition: [keyfile] unmanaged-devices=mac:02:00:00:00:00:00;mac:02:00:00:00:01:00;mac:02:00:00:00:02:00;mac:02:00:00:00:03:00;mac:02:00:00:00:04:00 Running tests ------------- Simplest way to run a full set of the test cases is by running run-all.sh in tests/hwsim directory. This will use start.sh to load the mac80211_hwsim module and start wpa_supplicant, hostapd, and various test tools. run-tests.sh is then used to run through all the defined test cases and stop.sh to stop the programs and unload the kernel module. run-all.sh can be used to run the same test cases under different conditions: # run normal test cases ./run-all.sh # run normal test cases under valgrind ./run-all.sh valgrind # run normal test cases with Linux tracing ./run-all.sh trace # run normal test cases with multi channel support (see details below) ./run-all.sh channels=<num of channels> run-all.sh directs debug logs into the logs subdirectory (or $LOGDIR if present in the environment). Log file names include the current UNIX timestamp and a postfix to identify the specific log: - *.log0 = wpa_supplicant debug log for the first radio - *.log1 = wpa_supplicant debug log for the second radio - *.log2 = wpa_supplicant debug log for the third radio - *.hostapd = hostapd debug log - hwsim0 = wlantest debug log - hwsim0.pcapng = capture with all frames exchanged during the tests - *.log = debug prints from the test scripts - trace.dat = Linux tracing record (if enabled) - hlr_auc_gw - hlr_auc_gw (EAP-SIM/AKA/AKA' authentication) log - auth_serv - hostapd as RADIUS authentication server log For manual testing, ./start.sh can be used to initialize interfaces and programs and run-tests.py to execute one or more test cases. run-tests.py output verbosity can be controlled with -d (more verbose debug output) and -q (less verbose output) on the command line. "-f <module name>" (pointing to file test_<module name>.py) can be used to specify that all test cases from a single file are to be run. Test name as the last command line argument can be specified that a single test case is to be run (e.g., "./run-tests.py ap_pmf_required"). Notice that some tests require the driver to support concurrent operation on multi channels in order to run. These tests will be skipped in case the driver does not support multi channels. To enable support for multi channel, the number of supported channel is passed as an argument to run-all.sh or start.sh Adding/modifying test cases --------------------------- All the test cases are defined in the test_*.py files. These are python scripts that can use the local helper classes to interact with the test components. While various python constructs can be used in the scripts, only a minimal level of python knowledge should really be needed to modify and add new test cases. The easiest starting point for this is likely to take a look at some of the example scripts. When working on a new test, run-tests.py with -d and the test case name on the command line is a convenient way of verifying functionality. run-tests.py will automatically import all test cases from the test_*.py files in this directory. All functions starting with the "test_" prefix in these files are assumed to be test cases. Each test case is named by the function name following the "test_" prefix. Results database ---------------- run-tests.py can be requested to write results from the execution of each test case into an sqlite database. The "-S <path to database>" and "-b <build id>" command line arguments can be used to do that. The database must have been prepared before this, e.g., with following: cat | sqlite3 /tmp/example.db <<EOF CREATE TABLE results (test,result,run,time,duration,build,commitid); CREATE INDEX results_idx ON results (test); CREATE INDEX results_idx2 ON results (run); CREATE TABLE tests (test,description); CREATE UNIQUE INDEX tests_idx ON tests (test); CREATE TABLE logs (test,run,type,contents); CREATE INDEX logs_idx ON logs (test); CREATE INDEX logs_idx2 ON logs (run); EOF