fragattacks/tests/hwsim
Jouni Malinen c20d3ca8f7 tests: DPP protocol - I/R-auth tag mismatch in PKEX Commit-Reveal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 20:18:52 +02:00
..
auth_serv tests: Update server and user certificates (2017) 2017-10-01 18:47:02 +03:00
tnc tests: Use QUIET=1 option to make build.sh output much shorter 2014-12-29 15:49:05 +02:00
vm tests: Add a script to aid bisecting Linux kernel with hwsim VM 2017-10-21 12:04:53 +03:00
bss-1.conf tests: Test dynamic BSS addition/removal 2013-10-31 23:04:50 +02:00
bss-2-dup.conf tests: Duplicate BSSID 2016-12-27 11:16:50 +02:00
bss-2.conf tests: Test dynamic BSS addition/removal 2013-10-31 23:04:50 +02:00
bss-3.conf tests: Test dynamic BSS addition/removal 2013-10-31 23:04:50 +02:00
bss-4.conf tests: Beacon request - active scan mode and many BSSs 2017-01-03 19:53:03 +02:00
bss-5.conf tests: Beacon request - active scan mode and many BSSs 2017-01-03 19:53:03 +02:00
bss-6.conf tests: Beacon request - active scan mode and many BSSs 2017-01-03 19:53:03 +02:00
bss-ht40-1.conf tests: Verify BSS additional/removal during HT co-ex scan 2013-11-06 15:52:40 +02:00
bss-ht40-2.conf tests: Verify BSS additional/removal during HT co-ex scan 2013-11-06 15:52:40 +02:00
build.sh tests: Set FIPSLD_CC=gcc (if not set) to make CONFIG_FIPS=y use easier 2015-08-01 16:57:04 +03:00
check_kernel.py tests: Catch various lockdep warnings 2017-07-08 15:18:40 +03:00
dictionary.radius tests: More WPA2 PSK from RADIUS Tunnel-Password coverage 2017-02-08 23:48:20 +02:00
example-hostapd.config tests: Enable DPP in default configuration files 2017-09-06 21:21:56 +03:00
example-setup.txt tests: Document rfkill workaround for systemd for hwsim tests 2017-03-29 15:03:16 +03:00
example-wpa_supplicant.config tests: Enable DPP in default configuration files 2017-09-06 21:21:56 +03:00
fst_module_aux.py tests: Remove unused import subprocess 2016-06-27 21:10:35 +03:00
fst_test_common.py tests: Add FST module tests 2015-07-16 18:26:16 +03:00
hostapd.accept tests: Add test cases for AP VLAN 2014-03-08 11:35:08 +02:00
hostapd.macaddr tests: Cover both binary search branches in hostapd_maclist_found() 2016-12-26 18:28:40 +02:00
hostapd.py tests: Verify hostapd mgmt_tx() success 2016-12-18 13:01:49 +02:00
hostapd.vlan tests: VLAN using vlan_file mapping 2014-03-30 17:06:34 +03:00
hostapd.wlan3.vlan tests: RSN pre-auth and PMKSA caching with per_sta_vif 2016-02-28 15:43:24 +02:00
hostapd.wlan4.vlan tests: RSN pre-auth and PMKSA caching with per_sta_vif 2016-02-28 15:43:24 +02:00
hostapd.wpa_psk tests: Verify different ways of configuring passphrase/PSK 2014-02-04 13:10:57 +02:00
hwsim_utils.py tests: Delayed M1+M3 retransmission and zero TK 2017-10-18 11:28:55 +03:00
hwsim.py tests: Introduce hwsim radio context manager 2014-10-21 17:35:20 +03:00
multi-bss-acs.conf tests: Add test cases for automatic channel selection 2013-11-03 21:30:31 +02:00
multi-bss-iface-per_sta_vif.conf tests: Verify ap_vlan_iface_cleanup_multibss with per_sta_vif 2016-02-17 11:46:13 +02:00
multi-bss-iface.conf tests: Verify correct VLAN operation in multi-BSS multi-VLAN case 2015-06-14 13:40:50 +03:00
multi-bss.conf tests: Add test case for multi-BSS configuration file 2013-11-03 20:20:50 +02:00
netlink.py tests: Remove trailing whitespace 2016-12-28 14:31:42 +02:00
nl80211.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
owe-bss-1.conf tests: Add the forgotten files for owe_transition_mode_multi_bss 2017-10-11 12:16:19 +03:00
owe-bss-2.conf tests: Add the forgotten files for owe_transition_mode_multi_bss 2017-10-11 12:16:19 +03:00
p2p0.conf tests: Add start/stop scripts and configuration files 2013-03-02 11:39:54 +02:00
p2p1.conf tests: Add start/stop scripts and configuration files 2013-03-02 11:39:54 +02:00
p2p2.conf tests: Add start/stop scripts and configuration files 2013-03-02 11:39:54 +02:00
p2p_utils.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
radius_das.py tests: Remove unnecessary interpreter line from most python files 2014-02-21 20:21:53 +02:00
README tests: Add step-by-step guide for setting up test framework 2015-01-18 18:11:11 +02:00
remotehost.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
rfkill.py tests: Remove trailing whitespace 2016-12-28 14:31:42 +02:00
run-all.sh tests: Properly pass the num of channels to start.sh 2015-08-10 21:10:56 +03:00
run-tests.py tests: Write TEST-START and TEST-STOP into kernel logs with timestamps 2017-05-27 11:08:16 +03:00
start.sh tests: Update server and user certificates (2017) 2017-10-01 18:47:02 +03:00
stop.sh tests: Optimize stop.sh wait times 2014-12-22 19:37:08 +02:00
test_ap_acs.py tests: Automatic channel selection failures 2017-03-04 17:30:15 +02:00
test_ap_ciphers.py tests: WPA+WPA2-PSK/TKIP countermeasures (detected by mixed mode AP) 2017-11-03 19:59:46 +02:00
test_ap_config.py tests: hostapd configuration reload modification from file on SIGHUP 2017-10-21 11:29:45 +03:00
test_ap_csa.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_ap_dynamic.py tests: Increase timeout in ap_bss_config_file for CTRL-EVENT-TERMINATING 2017-01-29 14:32:17 +02:00
test_ap_eap.py tests: ap_wpa2_eap_tls_versions to test TLSv1.2 with OpenSSL 1.1 2017-10-30 12:08:19 +02:00
test_ap_ft.py tests: WPA2-EAP-FT AP (pull PMK) - wildcard R0KH/R1KH 2017-10-21 12:00:22 +03:00
test_ap_hs20.py tests: ProxyARP error cases 2017-03-04 11:44:55 +02:00
test_ap_ht.py tests: HT40 with both plus and minus allowed 2017-04-29 16:35:23 +03:00
test_ap_mixed.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_ap_open.py tests: DISABLE_NETWORK during connection and blacklist behavior 2017-04-29 18:00:26 +03:00
test_ap_params.py tests: AP with wowlan_triggers 2016-12-30 00:45:04 +02:00
test_ap_pmf.py tests: Additional SA_QUERY coverage 2016-12-28 14:31:42 +02:00
test_ap_psk.py tests: WPA2-PSK AP and GTK rekey by AP request 2017-10-29 17:00:50 +02:00
test_ap_qosmap.py tests: More hostapd ctrl_iface QoS Map error coverage 2016-12-28 14:31:42 +02:00
test_ap_roam.py tests: Add testcase for reconnect failure due to auth timeout 2016-09-23 17:36:55 +03:00
test_ap_tdls.py tests: TDLS_CHAN_SWITCH error case 2017-01-08 17:16:01 +02:00
test_ap_track.py tests: Remove trailing whitespace 2016-12-28 14:31:42 +02:00
test_ap_vht.py tests: New hostapd STATUS/STA values 2017-10-31 17:10:17 +02:00
test_ap_vlan.py tests: Increase timeout in ap_vlan_iface_cleanup_multibss* 2017-01-29 14:42:05 +02:00
test_ap_wps.py tests: hostapd with zero length ap_pin parameter 2017-08-18 21:10:52 +03:00
test_authsrv.py tests: Fix authsrv_errors_1 and authsrv_errors_3 when running on host 2017-03-07 18:13:05 +02:00
test_autoscan.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_bgscan.py tests: Additional bgscan test coverage 2017-01-08 14:44:35 +02:00
test_cfg80211.py tests: Fix cfg80211_tx_frame test 2016-10-02 21:27:43 +03:00
test_connect_cmd.py tests: cfg80211 connect command with bssid_hint 2017-05-12 00:33:06 +03:00
test_dbus_old.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_dbus.py tests: Make dbus_scan_abort more robust 2017-09-20 15:37:58 +03:00
test_dfs.py tests: Verify DFS channel switch both in and outside ETSI 2017-05-13 20:01:44 +03:00
test_dpp.py tests: DPP protocol - I/R-auth tag mismatch in PKEX Commit-Reveal 2017-11-03 20:18:52 +02:00
test_eap_proto.py tests: Additional EAP-TTLS error path 2017-07-08 16:21:38 +03:00
test_erp.py tests: Comment out during-association TK-in-memory checks 2017-10-16 17:43:10 +03:00
test_ext_password.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_fils.py tests: Replayed FILS association request 2017-10-16 02:03:47 +03:00
test_fst_config.py tests: Make FST kill_pid() more robust 2016-08-22 17:44:05 +03:00
test_fst_module.py tests: Fix FST scanning for non-FST APs 2016-12-15 14:17:14 +02:00
test_gas.py tests: Extend ANQP_GET coverage for new functionality 2017-03-10 17:03:55 +02:00
test_hapd_ctrl.py tests: New hostapd STATUS/STA values 2017-10-31 17:10:17 +02:00
test_hostapd_oom.py tests: Make hostapd_oom_wpa2_psk catch cases more robustly 2016-12-26 18:24:05 +02:00
test_hs20_filter.py tests: Modify test_hs20_filter 2016-04-08 15:44:10 +03:00
test_ibss.py tests: Disable HT in ibss_rsn to avoid a strange issue with mac80211 2017-01-14 13:54:02 +02:00
test_ieee8021x.py tests: IEEE 802.1X and EAPOL-Key index workaround 2016-12-28 18:43:33 +02:00
test_kernel.py tests: mac80211 and unknown Action frame rejection in STA mode 2016-12-18 13:01:49 +02:00
test_mbo.py tests: MBO ANQP 2017-03-10 18:59:12 +02:00
test_module_tests.py tests: eloop socket re-open from timeout/socket handler 2015-07-23 18:39:02 +03:00
test_monitor_interface.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_nfc_p2p.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_nfc_wps.py tests: Additional hostapd WPS control interface coverage 2016-12-28 14:31:42 +02:00
test_offchannel_tx.py tests: Import p2p_utils instead of functions from old locations 2015-11-25 15:47:16 +02:00
test_owe.py tests: More robust owe_transition_mode* tests 2017-10-18 01:19:42 +03:00
test_p2p_autogo.py tests: P2P GO with Interworking element 2017-10-05 14:54:15 +03:00
test_p2p_channel.py tests: Use global control interface in test_p2p_channel.py 2017-07-08 16:06:38 +03:00
test_p2p_concurrency.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_p2p_device.py tests: P2P autonomous GO switching channels with cfg80211 P2P Device 2016-12-30 23:56:35 +02:00
test_p2p_discovery.py tests: P2P device discovery and p2p_find restart 2017-03-14 20:41:51 +02:00
test_p2p_ext.py tests: Make p2p_ext_vendor_elem_go_neg_conf more robust 2016-12-14 16:33:19 +02:00
test_p2p_grpform.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_p2p_invitation.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_p2p_messages.py tests: Clear monitor socket within p2p_msg_unexpected_go_neg_resp 2016-12-24 13:09:23 +02:00
test_p2p_persistent.py tests: Use global control interface to remove P2P networks 2016-10-02 21:16:55 +03:00
test_p2p_service.py tests: Make p2p_service_discovery_peer_not_listening a bit more robust 2017-04-29 22:40:01 +03:00
test_p2p_set.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_p2p_wifi_display.py tests: Wi-Fi Display extensions to P2P with R2 subelems 2017-03-01 12:16:10 +02:00
test_p2ps.py tests: Remove trailing whitespace 2016-12-28 14:31:42 +02:00
test_pmksa_cache.py tests: RSN pre-authentication based on pre-connection scan results 2017-09-12 16:47:30 +03:00
test_radio_work.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
test_radius.py tests: Fix radius_acct_failure_sta_data test 2017-09-10 22:05:33 +03:00
test_rfkill.py tests: Do not use tabs for indentation 2016-04-25 00:19:40 +03:00
test_rrm.py tests: Fix missing function on some rrm test case error paths 2017-09-10 21:54:38 +03:00
test_sae.py tests: Make sae_invalid_anti_clogging_token_req more robust 2017-10-22 17:21:57 +03:00
test_scan.py tests: Scan for a specific BSSID 2017-07-05 02:02:35 +03:00
test_sigma_dut.py tests: sigma_dut DPP functionality 2017-11-02 12:05:37 +02:00
test_ssid.py tests: Mark 525 tests as remote compatible 2016-06-27 21:47:37 +03:00
test_sta_dynamic.py tests: Pass full apdev to add_ap() function (1) 2016-04-03 22:45:57 +03:00
test_suite_b.py tests: Suite B with RSA keys 2017-09-18 12:12:48 +03:00
test_tnc.py tests: Update base64 OOM test cases to match implementation changes 2017-06-17 18:04:32 +03:00
test_wep.py tests: WEP with HT/VHT 2016-08-02 17:43:26 +03:00
test_wext.py tests: Remove extra semicolons from python scripts 2016-07-03 22:37:01 +03:00
test_wmediumd.py tests: Add a test of mesh RANN 2017-03-29 14:06:08 +03:00
test_wnm.py tests: WNM Sleep Mode - RSN with PMF and GTK/IGTK workaround 2017-10-29 17:19:07 +02:00
test_wpas_ap.py tests: wpa_supplicant AP mode - HT disabled 2017-03-11 11:20:17 +02:00
test_wpas_config.py tests: P2P GO with Interworking element 2017-10-05 14:54:15 +03:00
test_wpas_ctrl.py tests: Remove peerkey testing 2017-10-16 02:03:47 +03:00
test_wpas_mesh.py tests: Add mesh RSSI threshold test 2017-05-08 16:26:06 +03:00
test_wpas_wmm_ac.py tests: Additional WMM AP parsing coverage 2017-02-11 12:12:41 +02:00
tshark.py tests: tshark: deal with "wlan_mgt" -> "wlan" rename 2017-10-29 16:48:05 +02:00
utils.py tests: Make ap_track_sta_no_probe_resp more robust 2016-12-13 20:07:52 +02:00
w1fi_logo.png tests: HS 2.0 OSU and icon fetch 2014-03-02 10:35:34 +02:00
wlantest.py tests: Add support for wlantest for remote hwsim tests 2016-05-28 16:34:09 +03:00
wpasupplicant.py tests: SAE with sae_password 2017-10-11 23:24:19 +03:00
wps-ctrl-cred tests: wpa_supplicant config file parsing/writing with WPS 2016-05-02 11:08:25 +03:00
wps-ctrl-cred2 tests: wpa_supplicant config file parsing/writing with WPS 2016-05-02 11:08:25 +03:00
wps-mixed-cred tests: WPS mixed-WPA/WPA2 credential merging 2014-08-29 20:25:18 +03:00
wps-wep-cred tests: WPS 2.0 rejection of WEP credential 2014-03-05 12:40:54 +02:00

Automated hostapd/wpa_supplicant testing with mac80211_hwsim
------------------------------------------------------------

This directory contains testing infrastructure and test cases to run
automated tests of full hostapd and wpa_supplicant functionality. This
testing is done with the help of mac80211_hwsim which is Linux kernel
driver that simulates IEEE 802.11 radios without requiring any
additional hardware. This setup most of the hostapd and wpa_supplicant
functionality (and large parts of the Linux cfg80211 and mac80211
functionality for that matter) to be tested.

mac80211_hwsim is loaded with five simulated radios to allow different
device combinations to be tested. wlantest is used analyze raw packets
captured through the hwsim0 monitor interface that capture all frames
sent on all channels. wlantest is used to store the frames for
analysis. Three wpa_supplicant processes are used to control three
virtual radios and one hostapd process is used to dynamically control
the other two virtual radios. wpa_supplicant/hostapd test functionality
is used to verify that data connection (both unicast and broadcast)
works between two netdevs.

The python scripts and tools in this directory control test case
execution. They interact wpa_supplicant and hostapd through control
interfaces to perform the operations. In addition, wlantest_cli is used
to verify that operations have been performed correctly and that the
network connection works in the expected way.

These test cases are run automatically against the hostap.git commits
for regression testing and to help in keeping the hostap.git master
branch in stable state. Results from these tests are available here:
http://buildbot.w1.fi/hwsim/


Building binaries for testing
-----------------------------

You will need to build (or use already built) components to be
tested. These are available in the hostap.git repository and can be
built for example as follows:

cd ../../wpa_supplicant
cp ../tests/hwsim/example-wpa_supplicant.config .config
make clean
make
cd ../hostapd
cp ../tests/hwsim/example-hostapd.config .config
make clean
make hostapd hlr_auc_gw
cd ../wlantest
make clean
make

Alternatively, the build.sh script here can be used to run these steps
with conditional creation of .config files only if they do not exist.

The test scripts can find the binaries in the locations where they were
built. It is also possible to install wlantest_cli somewhere on the path
to use pre-built tools.

Please note that some of the configuration parameters used to enable
more testing coverage may require development packages that may not be
installed by default in many distributions. For example, following
Debian/Ubuntu packages are likely to be needed:
- binutils-dev
- libsqlite3-dev
- libpcap-dev

example-setup.txt provides more complete step-by-step example on how a
test setup can be built.


wpaspy
------

The python scripts use wpaspy.py to interact with the wpa_supplicant
control interface, but the run-tests.py script adds the (relative)
path into the environment so it doesn't need to be installed.


mac80211_hwsim
--------------

mac80211_hwsim kernel module is available from the upstream Linux
kernel. Some Linux distributions enable it by default. If that's not the
case, you can either enable it in the kernel configuration
(CONFIG_MAC80211_HWSIM=m) and rebuild your kernel or use Backports with
CPTCFG_MAC80211_HWSIM=m to replace the wireless LAN components in the
base kernel.


sudo
----

Some parts of the testing process requires root privileges. The test
scripts are currently using sudo to achieve this. To be able to run the
tests, you'll probably want to enable sudo with a timeout to not expire
password entry very quickly. For example, use this in the sudoers file:

Defaults        env_reset,timestamp_timeout=180

Or on a dedicated test system, you could even disable password prompting
with this in sudoers:

%sudo   ALL=NOPASSWD: ALL


Other network interfaces
------------------------

Some of the test scripts are still using hardcoded interface names, so
the easiest way of making things work is to avoid using other network
devices that may use conflicting interface names. For example, unload
any wireless LAN driver before running the tests and make sure that
wlan0..4 gets assigned as the interface names for the mac80211_hwsim
radios. It may also be possible to rename the interface expectations in
run-tests.py to allow other names to be used.

Please also note that some commonly enabled tools, like NetworkManager,
may end up trying to control new network interfaces automatically. This
can result in conflicts with the test scripts and you may need to
disable such network services or at least mark the mac80211_hwsim wlan#
interfaces as umanaged. As an example, this can be done in
/etc/NetworkManager/NetworkManager.conf with following addition:

[keyfile]
unmanaged-devices=mac:02:00:00:00:00:00;mac:02:00:00:00:01:00;mac:02:00:00:00:02:00;mac:02:00:00:00:03:00;mac:02:00:00:00:04:00


Running tests
-------------

Simplest way to run a full set of the test cases is by running
run-all.sh in tests/hwsim directory. This will use start.sh to load the
mac80211_hwsim module and start wpa_supplicant, hostapd, and various
test tools. run-tests.sh is then used to run through all the defined
test cases and stop.sh to stop the programs and unload the kernel
module.

run-all.sh can be used to run the same test cases under different
conditions:

# run normal test cases
./run-all.sh

# run normal test cases under valgrind
./run-all.sh valgrind

# run normal test cases with Linux tracing
./run-all.sh trace

# run normal test cases with multi channel support (see details below)
./run-all.sh channels=<num of channels>

run-all.sh directs debug logs into the logs subdirectory (or $LOGDIR if
present in the environment). Log file names include the current UNIX
timestamp and a postfix to identify the specific log:
- *.log0 = wpa_supplicant debug log for the first radio
- *.log1 = wpa_supplicant debug log for the second radio
- *.log2 = wpa_supplicant debug log for the third radio
- *.hostapd = hostapd debug log
- hwsim0 = wlantest debug log
- hwsim0.pcapng = capture with all frames exchanged during the tests
- *.log = debug prints from the test scripts
- trace.dat = Linux tracing record (if enabled)
- hlr_auc_gw - hlr_auc_gw (EAP-SIM/AKA/AKA' authentication) log
- auth_serv - hostapd as RADIUS authentication server log


For manual testing, ./start.sh can be used to initialize interfaces and
programs and run-tests.py to execute one or more test
cases. run-tests.py output verbosity can be controlled with -d (more
verbose debug output) and -q (less verbose output) on the command
line. "-f <module name>" (pointing to file test_<module name>.py) can be
used to specify that all test cases from a single file are to be
run. Test name as the last command line argument can be specified that a
single test case is to be run (e.g., "./run-tests.py ap_pmf_required").

Notice that some tests require the driver to support concurrent
operation on multi channels in order to run. These tests will be skipped
in case the driver does not support multi channels. To enable support
for multi channel, the number of supported channel is passed as an
argument to run-all.sh or start.sh


Adding/modifying test cases
---------------------------

All the test cases are defined in the test_*.py files. These are python
scripts that can use the local helper classes to interact with the test
components. While various python constructs can be used in the scripts,
only a minimal level of python knowledge should really be needed to
modify and add new test cases. The easiest starting point for this is
likely to take a look at some of the example scripts. When working on a
new test, run-tests.py with -d and the test case name on the command
line is a convenient way of verifying functionality.

run-tests.py will automatically import all test cases from the test_*.py
files in this directory. All functions starting with the "test_" prefix
in these files are assumed to be test cases. Each test case is named by
the function name following the "test_" prefix.


Results database
----------------

run-tests.py can be requested to write results from the execution of
each test case into an sqlite database. The "-S <path to database>" and
"-b <build id>" command line arguments can be used to do that. The
database must have been prepared before this, e.g., with following:

cat | sqlite3 /tmp/example.db <<EOF
CREATE TABLE results (test,result,run,time,duration,build,commitid);
CREATE INDEX results_idx ON results (test);
CREATE INDEX results_idx2 ON results (run);
CREATE TABLE tests (test,description);
CREATE UNIQUE INDEX tests_idx ON tests (test);
CREATE TABLE logs (test,run,type,contents);
CREATE INDEX logs_idx ON logs (test);
CREATE INDEX logs_idx2 ON logs (run);
EOF