From: Matthew Newton <matthew-git@newtoncomputing.co.uk>
Date: Wed, 15 Nov 2023 12:15:38 +0000 (+0000)
Subject: run more of the eap protocol tests
X-Git-Tag: release_3_2_4~124
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cc04845eb2280495f3dc017bf6c0b1eb90fa4344;p=thirdparty%2Ffreeradius-server.git

run more of the eap protocol tests
---

diff --git a/src/tests/Makefile b/src/tests/Makefile
index 8e2773d741..3fba18c11c 100644
--- a/src/tests/Makefile
+++ b/src/tests/Makefile
@@ -170,6 +170,7 @@ config/eap-test: $(RADDB_PATH)mods-available/eap config/eap-test-inner-tunnel
 	     -e 's/= inner-tunnel/= eap-test-inner-tunnel/;s/use_tunneled_reply = no/use_tunneled_reply = yes/' \
 	     -e 's/enable = no/enable = yes/' \
 	     -e 's/^\(.*\)persist_dir =/  persist_dir =/' \
+	     -e 's/#.*softfail =.*/softfail = yes/' \
 	     -e 's/tls_min_version = "1.2"/tls_min_version = "1.0"/' \
 	     -e '$(if $(TLS1_3),s/tls_max_version = "1.2"/tls_max_version = "1.3"/)' \
 	     -e 's/cipher_list = "DEFAULT"/cipher_list = "DEFAULT${SECLEVEL}"/' \
@@ -215,7 +216,23 @@ radiusd.kill:
 #
 ifneq "$(EAPOL_TEST)" ""
 EAP_FILES        = eap-md5.conf
-EAP_TLS_FILES    = eap-ttls-pap.conf eap-ttls-mschapv2.conf peap-mschapv2.conf
+EAP_FILES       += eap-mschapv2.conf
+
+EAP_TLS_FILES    = eap-tls.conf
+EAP_TLS_FILES   += eap-ttls-eap-gtc.conf
+EAP_TLS_FILES   += eap-ttls-eap-mschapv2.conf
+EAP_TLS_FILES   += eap-ttls-eap-tls.conf
+EAP_TLS_FILES   += eap-ttls-mschapv2.conf
+EAP_TLS_FILES   += eap-ttls-pap.conf
+EAP_TLS_FILES   += peap-client-mschapv2.conf
+EAP_TLS_FILES   += peap-eap-tls.conf
+EAP_TLS_FILES   += peap-gtc.conf
+EAP_TLS_FILES   += peap-mschapv2.conf
+
+#EAP_TLS_FILES   += eap-fast.conf		# disabled in default config
+#EAP_TLS_FILES   += eap-pwd.conf		# disabled in default config
+#EAP_TLS_FILES   += eap-teap-mschapv2.conf	# not configured in eapol_test
+
 EAP_TLS_VERSIONS = 1.1 1.2
 EAP_TLS_DISABLE_STRING = tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1
 
@@ -314,7 +331,7 @@ EAPOL_OK_FILES := $(sort $(addprefix $(BUILD_PATH)/tests/eap/,$(patsubst %.conf,
 tests.eap: $(EAPOL_OK_FILES) | radiusd.kill radiusd.pid
 else
 tests.eap:
-	${Q}echo "EAPOL Tests is disabled"
+	${Q}echo "EAP tests are disabled"
 endif # we have eapol_test built
 
 # kill the server (if it's running)
diff --git a/src/tests/eap-ttls-eap-gtc.conf b/src/tests/eap-ttls-eap-gtc.conf
new file mode 100644
index 0000000000..2796a9945c
--- /dev/null
+++ b/src/tests/eap-ttls-eap-gtc.conf
@@ -0,0 +1,17 @@
+#
+#   eapol_test -c eap-ttls-eap-gtc.conf -s testing123
+#
+network={
+	key_mgmt=IEEE8021X
+	eap=TTLS
+
+	anonymous_identity="anonymous"
+
+	identity="bob"
+	password="bob"
+
+	phase1=""
+	phase2="autheap=GTC"
+
+	ca_cert="../../raddb/certs/ca.pem"
+}
diff --git a/src/tests/peap-gtc.conf b/src/tests/peap-gtc.conf
new file mode 100644
index 0000000000..bc8c74b85b
--- /dev/null
+++ b/src/tests/peap-gtc.conf
@@ -0,0 +1,13 @@
+#
+#   ./eapol_test -c peap-gtc.conf -s testing123
+#
+network={
+	ssid="example"
+	key_mgmt=WPA-EAP
+	eap=PEAP
+	identity="bob"
+	anonymous_identity="anonymous"
+	password="bob"
+	phase1=""
+	phase2="auth=GTC"
+}