testing_tools.doxygen 7.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201
  1. /**
  2. \page testing_tools Testing and development tools
  3. [ \ref eapol_test "eapol_test" |
  4. \ref preauth_test "preauth_test" |
  5. \ref unit_tests "Unit tests" |
  6. \ref wpa_trace "Tracing code" ]
  7. wpa_supplicant source tree includes number of testing and development
  8. tools that make it easier to test the programs without having to setup
  9. a full test setup with wireless cards. In addition, these tools can be
  10. used to implement automatic tests suites.
  11. \section eapol_test eapol_test - EAP peer and RADIUS client testing
  12. eapol_test is a program that links together the same EAP peer
  13. implementation that wpa_supplicant is using and the RADIUS
  14. authentication client code from hostapd. In addition, it has minimal
  15. glue code to combine these two components in similar ways to IEEE
  16. 802.1X/EAPOL Authenticator state machines. In other words, it
  17. integrates IEEE 802.1X Authenticator (normally, an access point) and
  18. IEEE 802.1X Supplicant (normally, a wireless client) together to
  19. generate a single program that can be used to test EAP methods without
  20. having to setup an access point and a wireless client.
  21. The main uses for eapol_test are in interoperability testing of EAP
  22. methods against RADIUS servers and in development testing for new EAP
  23. methods. It can be easily used to automate EAP testing for
  24. interoperability and regression since the program can be run from
  25. shell scripts without require additional test components apart from a
  26. RADIUS server. For example, the automated EAP tests described in
  27. eap_testing.txt are implemented with eapol_test. Similarly, eapol_test
  28. could be used to implement an automated regression test suite for a
  29. RADIUS authentication server.
  30. eapol_test uses the same build time configuration file, .config, as
  31. wpa_supplicant. This file is used to select which EAP methods are
  32. included in eapol_test. This program is not built with the default
  33. Makefile target, so a separate make command needs to be used to
  34. compile the tool:
  35. \verbatim
  36. make eapol_test
  37. \endverbatim
  38. The resulting eapol_test binary has following command like options:
  39. \verbatim
  40. usage:
  41. eapol_test [-nWS] -c<conf> [-a<AS IP>] [-p<AS port>] [-s<AS secret>] \
  42. [-r<count>] [-t<timeout>] [-C<Connect-Info>] \
  43. [-M<client MAC address>]
  44. eapol_test scard
  45. eapol_test sim <PIN> <num triplets> [debug]
  46. options:
  47. -c<conf> = configuration file
  48. -a<AS IP> = IP address of the authentication server, default 127.0.0.1
  49. -p<AS port> = UDP port of the authentication server, default 1812
  50. -s<AS secret> = shared secret with the authentication server, default 'radius'
  51. -r<count> = number of re-authentications
  52. -W = wait for a control interface monitor before starting
  53. -S = save configuration after authentiation
  54. -n = no MPPE keys expected
  55. -t<timeout> = sets timeout in seconds (default: 30 s)
  56. -C<Connect-Info> = RADIUS Connect-Info (default: CONNECT 11Mbps 802.11b)
  57. -M<client MAC address> = Set own MAC address (Calling-Station-Id,
  58. default: 02:00:00:00:00:01)
  59. \endverbatim
  60. As an example,
  61. \verbatim
  62. eapol_test -ctest.conf -a127.0.0.1 -p1812 -ssecret -r1
  63. \endverbatim
  64. tries to complete EAP authentication based on the network
  65. configuration from test.conf against the RADIUS server running on the
  66. local host. A re-authentication is triggered to test fast
  67. re-authentication. The configuration file uses the same format for
  68. network blocks as wpa_supplicant.
  69. \section preauth_test preauth_test - WPA2 pre-authentication and EAP peer testing
  70. preauth_test is similar to eapol_test in the sense that in combines
  71. EAP peer implementation with something else, in this case, with WPA2
  72. pre-authentication. This tool can be used to test pre-authentication
  73. based on the code that wpa_supplicant is using. As such, it tests
  74. both the wpa_supplicant implementation and the functionality of an
  75. access point.
  76. preauth_test is built with:
  77. \verbatim
  78. make preauth_test
  79. \endverbatim
  80. and it uses following command line arguments:
  81. \verbatim
  82. usage: preauth_test <conf> <target MAC address> <ifname>
  83. \endverbatim
  84. For example,
  85. \verbatim
  86. preauth_test test.conf 02:11:22:33:44:55 eth0
  87. \endverbatim
  88. would use network configuration from test.conf to try to complete
  89. pre-authentication with AP using BSSID 02:11:22:33:44:55. The
  90. pre-authentication packets would be sent using the eth0 interface.
  91. \section unit_tests Unit tests
  92. Number of the components (.c files) used in wpa_supplicant define
  93. their own unit tests for automated validation of the basic
  94. functionality. Most of the tests for cryptographic algorithms are
  95. using standard test vectors to validate functionality. These tests can
  96. be useful especially when verifying port to a new CPU target.
  97. The test programs are collected in the tests subdirectory. All
  98. automated unit tests can be run with
  99. \verbatim
  100. make run-tests
  101. \endverbatim
  102. This make target builds and runs each test and terminates with zero
  103. exit code if all tests were completed successfully.
  104. \section wpa_trace Tracing code for developer debuggin
  105. wpa_supplicant and hostapd can be built with tracing code that will
  106. track and analyze memory allocations and other resource registrations
  107. and certain API uses. If incorrect use is detected, a backtrace of the
  108. call location (and/or allocation location) is shown. This can also be
  109. used to detect certain categories of memory leaks and report them
  110. automatically when the program is terminated. The report will also
  111. include information about forgotten eloop events.
  112. The trace code can be enabled with CONFIG_WPA_TRACE=y build
  113. option. More verbose backtrace information can be generated if libbfd
  114. is available and the binaries are not stripped of symbol
  115. information. This is enabled with CONFIG_WPA_TRACE_BFD=y.
  116. For example, a memory leak (forgotten os_free() call) would show up
  117. like this when the program is terminated:
  118. \verbatim
  119. MEMLEAK[0x82d200]: len 128
  120. WPA_TRACE: memleak - START
  121. [0]: ./wpa_supplicant(os_malloc+0x59) [0x41a5e9]
  122. os_malloc() ../src/utils/os_unix.c:359
  123. [1]: ./wpa_supplicant(os_zalloc+0x16) [0x41a676]
  124. os_zalloc() ../src/utils/os_unix.c:418
  125. [2]: ./wpa_supplicant(wpa_supplicant_init+0x38) [0x48b508]
  126. wpa_supplicant_init() wpa_supplicant.c:2315
  127. [3]: ./wpa_supplicant(main+0x2f3) [0x491073]
  128. main() main.c:252
  129. WPA_TRACE: memleak - END
  130. MEMLEAK: total 128 bytes
  131. \endverbatim
  132. Another type of error that can be detected is freeing of memory area
  133. that was registered for some use and is still be referenced:
  134. \verbatim
  135. WPA_TRACE: Freeing referenced memory - START
  136. [2]: ./wpa_supplicant(os_free+0x5c) [0x41a53c]
  137. os_free() ../src/utils/os_unix.c:411
  138. [3]: ./wpa_supplicant(wpa_supplicant_remove_iface+0x30) [0x48b380]
  139. wpa_supplicant_remove_iface() wpa_supplicant.c:2259
  140. [4]: ./wpa_supplicant(wpa_supplicant_deinit+0x20) [0x48b3e0]
  141. wpa_supplicant_deinit() wpa_supplicant.c:2430
  142. [5]: ./wpa_supplicant(main+0x357) [0x4910d7]
  143. main() main.c:276
  144. WPA_TRACE: Freeing referenced memory - END
  145. WPA_TRACE: Reference registration - START
  146. [1]: ./wpa_supplicant [0x41c040]
  147. eloop_trace_sock_add_ref() ../src/utils/eloop.c:94
  148. [2]: ./wpa_supplicant(wpa_supplicant_ctrl_iface_deinit+0x17) [0x473247]
  149. wpa_supplicant_ctrl_iface_deinit() ctrl_iface_unix.c:436
  150. [3]: ./wpa_supplicant [0x48b21c]
  151. wpa_supplicant_cleanup() wpa_supplicant.c:378
  152. wpa_supplicant_deinit_iface() wpa_supplicant.c:2155
  153. [4]: ./wpa_supplicant(wpa_supplicant_remove_iface+0x30) [0x48b380]
  154. wpa_supplicant_remove_iface() wpa_supplicant.c:2259
  155. [5]: ./wpa_supplicant(wpa_supplicant_deinit+0x20) [0x48b3e0]
  156. wpa_supplicant_deinit() wpa_supplicant.c:2430
  157. [6]: ./wpa_supplicant(main+0x357) [0x4910d7]
  158. main() main.c:276
  159. WPA_TRACE: Reference registration - END
  160. Aborted
  161. \endverbatim
  162. This type of error results in showing backtraces for both the location
  163. where the incorrect freeing happened and the location where the memory
  164. area was marked referenced.
  165. */