tests: Use a domain name in the identity for get_emsk OOM tests

These test cases depend on ERP processing to reach the get_emsk handler
function. Since ERP really needs the realm to derive a proper
keyName-NAI, modify these test cases to pass the realm part in the
identity to allow error checking to be introduced for rejecting ERP
cases where the realm is not available.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/tests/hwsim/auth_serv/eap_user.conf b/tests/hwsim/auth_serv/eap_user.conf
index 495e9566817434bde82413918476b8bb30e88a5e..1b1b68437b375933910bb85e855e68f21c896adc 100644 (file)
--- a/tests/hwsim/auth_serv/eap_user.conf
+++ b/tests/hwsim/auth_serv/eap_user.conf
@@ -1,10 +1,15 @@
 "pwd user"     PWD     "secret password"
+"pwd user@domain"      PWD     "secret password"
 "pwd-hash"     PWD     hash:e3718ece8ab74792cbbfffd316d2d19a
 "pwd.user@test123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890.example.com"  PWD     "secret password"
 "gpsk user"    GPSK    "abcdefghijklmnop0123456789abcdef"
+"gpsk user@domain"     GPSK    "abcdefghijklmnop0123456789abcdef"
 "sake user"    SAKE    0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
+"sake user@domain"     SAKE    0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
 "eke user"     EKE     "hello"
+"eke user@domain"      EKE     "hello"
 "ikev2 user"   IKEV2   "ike password"
+"ikev2 user@domain"    IKEV2   "ike password"
 "pax.user@example.com" PAX     0123456789abcdef0123456789abcdef
 "psk.user@example.com" PSK     0123456789abcdef0123456789abcdef
 "vendor-test"  VENDOR-TEST     "foo"
@@ -111,6 +116,7 @@ radius_accept_attr=56:x:32000011
 "chap user"    TTLS-CHAP       "password"      [2]
 "mschap user"  TTLS-MSCHAP     "password"      [2]
 "DOMAIN\mschapv2 user" TTLS-MSCHAPV2   hash:8846f7eaee8fb117ad06bdd830b7586c   [2]
+"mschapv2 user@domain" TTLS-MSCHAPV2   hash:8846f7eaee8fb117ad06bdd830b7586c   [2]
 "hs20-test"    TTLS-MSCHAPV2   "password"      [2]
 "hs20-test-with-domain@example.com"    TTLS-MSCHAPV2   "password"      [2]
 "utf8-user"    TTLS-MSCHAPV2   "secret-åäö-€-password"    [2]

diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py
index 8ddbeb2730903193a64b5c931bbb4e13a28f9ad5..0a62fea18bacb7cf77d7ae6a3aaa1630a2f81cec 100644 (file)
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -5773,7 +5773,7 @@ def test_eap_gpsk_errors(dev, apdev):
         with alloc_fail(dev[0], count, func):
             dev[0].request("ERP_FLUSH")
             dev[0].connect("test-wpa-eap", key_mgmt="WPA-EAP", eap="GPSK",
-                           identity="gpsk user", erp="1",
+                           identity="gpsk user@domain", erp="1",
                            password="abcdefghijklmnop0123456789abcdef",
                            wait_connect=False, scan_freq="2412")
             wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
@@ -6151,7 +6151,8 @@ def test_eap_tls_errors(dev, apdev):
     for func in tests:
         with alloc_fail(dev[0], 1, func):
             dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS",
-                           identity="tls user", ca_cert="auth_serv/ca.pem",
+                           identity="tls user@domain",
+                           ca_cert="auth_serv/ca.pem",
                            client_cert="auth_serv/user.pem",
                            private_key="auth_serv/user.key",
                            erp="1",

diff --git a/tests/hwsim/test_eap_proto.py b/tests/hwsim/test_eap_proto.py
index cef72903739ac91dcbbefe341191a32c3e793978..6ebfbe992f92721f4a1b05f58bd65d9a990abc22 100644 (file)
--- a/tests/hwsim/test_eap_proto.py
+++ b/tests/hwsim/test_eap_proto.py
@@ -803,7 +803,7 @@ def test_eap_proto_sake_errors(dev, apdev):
     for count, func in tests:
         with alloc_fail(dev[0], count, func):
             dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="SAKE", identity="sake user",
+                           eap="SAKE", identity="sake user@domain",
                            password_hex="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
                            erp="1",
                            wait_connect=False)
@@ -2261,7 +2261,7 @@ def test_eap_proto_eke(dev, apdev):
 
 def eap_eke_test_fail(dev, phase1=None, success=False):
     dev.connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                eap="EKE", identity="eke user", password="hello",
+                eap="EKE", identity="eke user@domain", password="hello",
                 phase1=phase1, erp="1", wait_connect=False)
     ev = dev.wait_event([ "CTRL-EVENT-EAP-FAILURE",
                           "CTRL-EVENT-EAP-SUCCESS" ], timeout=5)
@@ -4531,7 +4531,7 @@ def test_eap_proto_sim_errors(dev, apdev):
     for count, func in tests:
         with alloc_fail(dev[0], count, func):
             dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="SIM", identity="1232010000000000",
+                           eap="SIM", identity="1232010000000000@domain",
                            password="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581",
                            erp="1", wait_connect=False)
             wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
@@ -4630,7 +4630,7 @@ def test_eap_proto_aka_errors(dev, apdev):
     for count, func in tests:
         with alloc_fail(dev[0], count, func):
             dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="AKA", identity="0232010000000000",
+                           eap="AKA", identity="0232010000000000@domain",
                            password="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123",
                            erp="1", wait_connect=False)
             wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
@@ -5311,7 +5311,7 @@ def test_eap_proto_ikev2_errors(dev, apdev):
     for count, func in tests:
         with alloc_fail(dev[0], count, func):
             dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="IKEV2", identity="ikev2 user",
+                           eap="IKEV2", identity="ikev2 user@domain",
                            password="ike password", erp="1", wait_connect=False)
             ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
                                    timeout=15)
@@ -6278,7 +6278,7 @@ def test_eap_proto_pwd_errors(dev, apdev):
     for func in funcs:
         with alloc_fail(dev[0], 1, func):
             dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
-                           eap="PWD", identity="pwd user",
+                           eap="PWD", identity="pwd user@domain",
                            password="secret password", erp="1",
                            wait_connect=False)
             wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
@@ -6604,7 +6604,7 @@ def test_eap_proto_fast_errors(dev, apdev):
         with alloc_fail(dev[0], count, func):
             dev[0].connect("eap-test", key_mgmt="WPA-EAP", scan_freq="2412",
                            eap="FAST", anonymous_identity="FAST",
-                           identity="user", password="password",
+                           identity="user@example.com", password="password",
                            ca_cert="auth_serv/ca.pem", phase2="auth=GTC",
                            phase1="fast_provisioning=2",
                            pac_file="blob://fast_pac_auth_errors",
@@ -6867,7 +6867,7 @@ def test_eap_proto_ttls_errors(dev, apdev):
               (1, "eap_ttls_get_session_id",
                "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
               (1, "eap_ttls_get_emsk",
-               "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
+               "mschapv2 user@domain", "auth=MSCHAPV2"),
               (1, "wpabuf_alloc;eap_ttls_phase2_request_mschap",
                "mschap user", "auth=MSCHAP"),
               (1, "eap_peer_tls_derive_key;eap_ttls_phase2_request_mschap",