From: Jouni Malinen Date: Sat, 24 Aug 2019 13:48:23 +0000 (+0300) Subject: tests: EAP-TEAP with user and machine credentials X-Git-Tag: hostap_2_10~2410 X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fhostap.git;a=commitdiff_plain;h=818ee96d589111db91044d7d32a0fb485a55fc4b tests: EAP-TEAP with user and machine credentials Signed-off-by: Jouni Malinen --- diff --git a/tests/hwsim/test_eap.py b/tests/hwsim/test_eap.py index 0d0ea273a..b31954554 100644 --- a/tests/hwsim/test_eap.py +++ b/tests/hwsim/test_eap.py @@ -132,6 +132,53 @@ def test_eap_teap_basic_password_auth_machine(dev, apdev): ca_cert="auth_serv/ca.pem", pac_file="blob://teap_pac") +def test_eap_teap_basic_password_auth_user_and_machine(dev, apdev): + """EAP-TEAP with Basic-Password-Auth using user and machine credentials""" + check_eap_capa(dev[0], "TEAP") + params = int_teap_server_params(eap_teap_auth="1", eap_teap_id="5") + hapd = hostapd.add_ap(apdev[0], params) + eap_connect(dev[0], hapd, "TEAP", "user", password="password", + anonymous_identity="TEAP", + machine_identity="machine", machine_password="machine-password", + ca_cert="auth_serv/ca.pem", + pac_file="blob://teap_pac") + +def test_eap_teap_basic_password_auth_user_and_machine_fail_user(dev, apdev): + """EAP-TEAP with Basic-Password-Auth using user and machine credentials (fail user)""" + check_eap_capa(dev[0], "TEAP") + params = int_teap_server_params(eap_teap_auth="1", eap_teap_id="5") + hapd = hostapd.add_ap(apdev[0], params) + eap_connect(dev[0], hapd, "TEAP", "user", password="wrong-password", + anonymous_identity="TEAP", + machine_identity="machine", machine_password="machine-password", + ca_cert="auth_serv/ca.pem", + pac_file="blob://teap_pac", + expect_failure=True) + +def test_eap_teap_basic_password_auth_user_and_machine_fail_machine(dev, apdev): + """EAP-TEAP with Basic-Password-Auth using user and machine credentials (fail machine)""" + check_eap_capa(dev[0], "TEAP") + params = int_teap_server_params(eap_teap_auth="1", eap_teap_id="5") + hapd = hostapd.add_ap(apdev[0], params) + eap_connect(dev[0], hapd, "TEAP", "user", password="password", + anonymous_identity="TEAP", + machine_identity="machine", + machine_password="wrong-machine-password", + ca_cert="auth_serv/ca.pem", + pac_file="blob://teap_pac", + expect_failure=True) + +def test_eap_teap_basic_password_auth_user_and_machine_no_machine(dev, apdev): + """EAP-TEAP with Basic-Password-Auth using user and machine credentials (no machine)""" + check_eap_capa(dev[0], "TEAP") + params = int_teap_server_params(eap_teap_auth="1", eap_teap_id="5") + hapd = hostapd.add_ap(apdev[0], params) + eap_connect(dev[0], hapd, "TEAP", "user", password="password", + anonymous_identity="TEAP", + ca_cert="auth_serv/ca.pem", + pac_file="blob://teap_pac", + expect_failure=True) + def test_eap_teap_peer_outer_tlvs(dev, apdev): """EAP-TEAP with peer Outer TLVs""" check_eap_capa(dev[0], "TEAP") @@ -242,6 +289,57 @@ def test_eap_teap_eap_mschapv2_machine(dev, apdev): ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2", pac_file="blob://teap_pac") +def test_eap_teap_eap_mschapv2_user_and_machine(dev, apdev): + """EAP-TEAP with inner EAP-MSCHAPv2 using user and machine credentials""" + check_eap_capa(dev[0], "TEAP") + check_eap_capa(dev[0], "MSCHAPV2") + params = int_teap_server_params(eap_teap_id="5") + hapd = hostapd.add_ap(apdev[0], params) + eap_connect(dev[0], hapd, "TEAP", "user", password="password", + anonymous_identity="TEAP", + machine_identity="machine", machine_password="machine-password", + ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2", + pac_file="blob://teap_pac") + +def test_eap_teap_eap_mschapv2_user_and_machine_fail_user(dev, apdev): + """EAP-TEAP with inner EAP-MSCHAPv2 using user and machine credentials (fail user)""" + check_eap_capa(dev[0], "TEAP") + check_eap_capa(dev[0], "MSCHAPV2") + params = int_teap_server_params(eap_teap_id="5") + hapd = hostapd.add_ap(apdev[0], params) + eap_connect(dev[0], hapd, "TEAP", "user", password="wrong-password", + anonymous_identity="TEAP", + machine_identity="machine", machine_password="machine-password", + ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2", + pac_file="blob://teap_pac", + expect_failure=True) + +def test_eap_teap_eap_mschapv2_user_and_machine_fail_machine(dev, apdev): + """EAP-TEAP with inner EAP-MSCHAPv2 using user and machine credentials (fail machine)""" + check_eap_capa(dev[0], "TEAP") + check_eap_capa(dev[0], "MSCHAPV2") + params = int_teap_server_params(eap_teap_id="5") + hapd = hostapd.add_ap(apdev[0], params) + eap_connect(dev[0], hapd, "TEAP", "user", password="password", + anonymous_identity="TEAP", + machine_identity="machine", + machine_password="wrong-machine-password", + ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2", + pac_file="blob://teap_pac", + expect_failure=True) + +def test_eap_teap_eap_mschapv2_user_and_machine_no_machine(dev, apdev): + """EAP-TEAP with inner EAP-MSCHAPv2 using user and machine credentials (no machine)""" + check_eap_capa(dev[0], "TEAP") + check_eap_capa(dev[0], "MSCHAPV2") + params = int_teap_server_params(eap_teap_id="5") + hapd = hostapd.add_ap(apdev[0], params) + eap_connect(dev[0], hapd, "TEAP", "user", password="password", + anonymous_identity="TEAP", + ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2", + pac_file="blob://teap_pac", + expect_failure=True) + def test_eap_teap_basic_password_auth_pac(dev, apdev): """EAP-TEAP with Basic-Password-Auth and PAC""" check_eap_capa(dev[0], "TEAP")