Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

tests: EAP-FAST using PAC file

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 11 years ago
parent
8583d66478
commit
873e7c297c
1 changed files with 40 additions and 1 deletions
Split View Show Diff Stats
  1. 40 1
      tests/hwsim/test_ap_eap.py

+ 40 - 1
tests/hwsim/test_ap_eap.py
View File 

@@ -10,7 +10,7 @@ import time
 
 import subprocess
 
 import logging
 
 logger = logging.getLogger()
 
-import os.path
 
+import os
 
 
 import hwsim_utils
 
 import hostapd
 
@@ -1327,6 +1327,45 @@ def test_ap_wpa2_eap_fast_mschapv2_unauth_prov(dev, apdev):
 
     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
 
     eap_reauth(dev[0], "FAST")
 
 
+def test_ap_wpa2_eap_fast_pac_file(dev, apdev, params):
 
+    """WPA2-Enterprise connection using EAP-FAST/MSCHAPv2 and PAC file"""
 
+    pac_file = os.path.join(params['logdir'], "fast.pac")
 
+    pac_file2 = os.path.join(params['logdir'], "fast-bin.pac")
 
+    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
 
+    hostapd.add_ap(apdev[0]['ifname'], params)
 
+
 
+    try:
 
+        eap_connect(dev[0], apdev[0], "FAST", "user",
 
+                    anonymous_identity="FAST", password="password",
 
+                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
 
+                    phase1="fast_provisioning=1", pac_file=pac_file)
 
+        with open(pac_file, "r") as f:
 
+            data = f.read()
 
+            if "wpa_supplicant EAP-FAST PAC file - version 1" not in data:
 
+                raise Exception("PAC file header missing")
 
+            if "PAC-Key=" not in data:
 
+                raise Exception("PAC-Key missing from PAC file")
 
+        dev[0].request("REMOVE_NETWORK all")
 
+        eap_connect(dev[0], apdev[0], "FAST", "user",
 
+                    anonymous_identity="FAST", password="password",
 
+                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
 
+                    pac_file=pac_file)
 
+
 
+        eap_connect(dev[1], apdev[0], "FAST", "user",
 
+                    anonymous_identity="FAST", password="password",
 
+                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
 
+                    phase1="fast_provisioning=1 fast_pac_format=binary",
 
+                    pac_file=pac_file2)
 
+        dev[1].request("REMOVE_NETWORK all")
 
+        eap_connect(dev[1], apdev[0], "FAST", "user",
 
+                    anonymous_identity="FAST", password="password",
 
+                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
 
+                    phase1="fast_pac_format=binary",
 
+                    pac_file=pac_file2)
 
+    finally:
 
+        subprocess.call(['sudo', 'rm', pac_file])
 
+        subprocess.call(['sudo', 'rm', pac_file2])
 
+
 
 def test_ap_wpa2_eap_fast_binary_pac(dev, apdev):
 
     """WPA2-Enterprise connection using EAP-FAST and binary PAC format"""
 
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")