Browse Source

tests: EAP-FAST using PAC file

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 11 years ago
parent
commit
873e7c297c
1 changed files with 40 additions and 1 deletions
  1. 40 1
      tests/hwsim/test_ap_eap.py

+ 40 - 1
tests/hwsim/test_ap_eap.py

@@ -10,7 +10,7 @@ import time
 import subprocess
 import logging
 logger = logging.getLogger()
-import os.path
+import os
 
 import hwsim_utils
 import hostapd
@@ -1327,6 +1327,45 @@ def test_ap_wpa2_eap_fast_mschapv2_unauth_prov(dev, apdev):
     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
     eap_reauth(dev[0], "FAST")
 
+def test_ap_wpa2_eap_fast_pac_file(dev, apdev, params):
+    """WPA2-Enterprise connection using EAP-FAST/MSCHAPv2 and PAC file"""
+    pac_file = os.path.join(params['logdir'], "fast.pac")
+    pac_file2 = os.path.join(params['logdir'], "fast-bin.pac")
+    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+    hostapd.add_ap(apdev[0]['ifname'], params)
+
+    try:
+        eap_connect(dev[0], apdev[0], "FAST", "user",
+                    anonymous_identity="FAST", password="password",
+                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
+                    phase1="fast_provisioning=1", pac_file=pac_file)
+        with open(pac_file, "r") as f:
+            data = f.read()
+            if "wpa_supplicant EAP-FAST PAC file - version 1" not in data:
+                raise Exception("PAC file header missing")
+            if "PAC-Key=" not in data:
+                raise Exception("PAC-Key missing from PAC file")
+        dev[0].request("REMOVE_NETWORK all")
+        eap_connect(dev[0], apdev[0], "FAST", "user",
+                    anonymous_identity="FAST", password="password",
+                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
+                    pac_file=pac_file)
+
+        eap_connect(dev[1], apdev[0], "FAST", "user",
+                    anonymous_identity="FAST", password="password",
+                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
+                    phase1="fast_provisioning=1 fast_pac_format=binary",
+                    pac_file=pac_file2)
+        dev[1].request("REMOVE_NETWORK all")
+        eap_connect(dev[1], apdev[0], "FAST", "user",
+                    anonymous_identity="FAST", password="password",
+                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
+                    phase1="fast_pac_format=binary",
+                    pac_file=pac_file2)
+    finally:
+        subprocess.call(['sudo', 'rm', pac_file])
+        subprocess.call(['sudo', 'rm', pac_file2])
+
 def test_ap_wpa2_eap_fast_binary_pac(dev, apdev):
     """WPA2-Enterprise connection using EAP-FAST and binary PAC format"""
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")