aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2016-01-04 16:11:28 (GMT)
committerJouni Malinen <j@w1.fi>2016-01-04 16:11:28 (GMT)
commite114e999e06333a8fcae05261eea80db07e55d6b (patch)
tree3230b04e460f61a13899e529829fe2efb3a87eca /tests
parent656f11c73230a352ad3d71dbe8437f05d97bd797 (diff)
downloadhostap-e114e999e06333a8fcae05261eea80db07e55d6b.zip
hostap-e114e999e06333a8fcae05261eea80db07e55d6b.tar.gz
hostap-e114e999e06333a8fcae05261eea80db07e55d6b.tar.bz2
tests: EAP-LEAP protocol tests (error paths)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'tests')
-rw-r--r--tests/hwsim/test_eap_proto.py284
1 files changed, 284 insertions, 0 deletions
diff --git a/tests/hwsim/test_eap_proto.py b/tests/hwsim/test_eap_proto.py
index 3f416ff..46efac8 100644
--- a/tests/hwsim/test_eap_proto.py
+++ b/tests/hwsim/test_eap_proto.py
@@ -960,6 +960,290 @@ def test_eap_proto_leap(dev, apdev):
finally:
stop_radius_server(srv)
+def test_eap_proto_leap_errors(dev, apdev):
+ """EAP-LEAP protocol tests (error paths)"""
+ check_eap_capa(dev[0], "LEAP")
+
+ def leap_handler2(ctx, req):
+ logger.info("leap_handler2 - RX " + req.encode("hex"))
+ if 'num' not in ctx:
+ ctx['num'] = 0
+ ctx['num'] = ctx['num'] + 1
+ if 'id' not in ctx:
+ ctx['id'] = 1
+ ctx['id'] = (ctx['id'] + 1) % 256
+ idx = 0
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ return struct.pack(">BBH", EAP_CODE_FAILURE, ctx['id'], 4)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Success")
+ return struct.pack(">BBH", EAP_CODE_SUCCESS, ctx['id'], 4)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Success")
+ return struct.pack(">BBH", EAP_CODE_SUCCESS, ctx['id'], 4)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challange value in Response")
+ return struct.pack(">BBHBBBB24B", EAP_CODE_RESPONSE, ctx['id'],
+ 4 + 1 + 3 + 24,
+ EAP_TYPE_LEAP,
+ 1, 0, 24,
+ 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
+ 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
+ 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challange value in Response")
+ return struct.pack(">BBHBBBB24B", EAP_CODE_RESPONSE, ctx['id'],
+ 4 + 1 + 3 + 24,
+ EAP_TYPE_LEAP,
+ 1, 0, 24,
+ 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
+ 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
+ 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challange value in Response")
+ return struct.pack(">BBHBBBB24B", EAP_CODE_RESPONSE, ctx['id'],
+ 4 + 1 + 3 + 24,
+ EAP_TYPE_LEAP,
+ 1, 0, 24,
+ 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
+ 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
+ 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challange value in Response")
+ return struct.pack(">BBHBBBB24B", EAP_CODE_RESPONSE, ctx['id'],
+ 4 + 1 + 3 + 24,
+ EAP_TYPE_LEAP,
+ 1, 0, 24,
+ 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
+ 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
+ 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challange value in Response")
+ return struct.pack(">BBHBBBB24B", EAP_CODE_RESPONSE, ctx['id'],
+ 4 + 1 + 3 + 24,
+ EAP_TYPE_LEAP,
+ 1, 0, 24,
+ 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
+ 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
+ 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challange value in Response")
+ return struct.pack(">BBHBBBB24B", EAP_CODE_RESPONSE, ctx['id'],
+ 4 + 1 + 3 + 24,
+ EAP_TYPE_LEAP,
+ 1, 0, 24,
+ 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
+ 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
+ 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
+
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challenge")
+ return struct.pack(">BBHBBBBLL", EAP_CODE_REQUEST, ctx['id'],
+ 4 + 1 + 3 + 8,
+ EAP_TYPE_LEAP,
+ 1, 0, 8, 0, 0)
+ idx += 1
+ if ctx['num'] == idx:
+ logger.info("Test: Valid challange value in Response")
+ return struct.pack(">BBHBBBB24B", EAP_CODE_RESPONSE, ctx['id'],
+ 4 + 1 + 3 + 24,
+ EAP_TYPE_LEAP,
+ 1, 0, 24,
+ 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
+ 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
+ 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
+
+ return struct.pack(">BBH", EAP_CODE_FAILURE, ctx['id'], 4)
+
+ srv = start_radius_server(leap_handler2)
+
+ try:
+ hapd = start_ap(apdev[0]['ifname'])
+
+ with alloc_fail(dev[0], 1, "eap_leap_init"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user", password="password",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with alloc_fail(dev[0], 1, "eap_msg_alloc;eap_leap_process_request"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user",
+ password_hex="hash:8846f7eaee8fb117ad06bdd830b7586c",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with alloc_fail(dev[0], 1, "eap_leap_process_success"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user", password="password",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with fail_test(dev[0], 1, "os_get_random;eap_leap_process_success"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user", password="password",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with fail_test(dev[0], 1, "eap_leap_process_response"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user",
+ password_hex="hash:8846f7eaee8fb117ad06bdd830b7586c",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with fail_test(dev[0], 1, "nt_password_hash;eap_leap_process_response"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user", password="password",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with fail_test(dev[0], 1, "hash_nt_password_hash;eap_leap_process_response"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user", password="password",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with alloc_fail(dev[0], 1, "eap_leap_getKey"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user",
+ password_hex="hash:8846f7eaee8fb117ad06bdd830b7586c",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with fail_test(dev[0], 1, "eap_leap_getKey"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user",
+ password_hex="hash:8846f7eaee8fb117ad06bdd830b7586c",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with fail_test(dev[0], 1, "nt_password_hash;eap_leap_getKey"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user", password="password",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ with fail_test(dev[0], 1, "hash_nt_password_hash;eap_leap_getKey"):
+ dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
+ eap="LEAP", identity="user", password="password",
+ wait_connect=False)
+ wait_fail_trigger(dev[0], "GET_FAIL")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+ finally:
+ stop_radius_server(srv)
+
def test_eap_proto_md5(dev, apdev):
"""EAP-MD5 protocol tests"""
check_eap_capa(dev[0], "MD5")