From: Jouni Malinen <j@w1.fi>
Date: Sat, 10 Jan 2015 22:10:53 +0000 (+0200)
Subject: tests: Increase altsubject_match testing coverage
X-Git-Tag: hostap_2_4~461
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=37d613550751882f82a2d7d37b5666adf3210346;p=thirdparty%2Fhostap.git

tests: Increase altsubject_match testing coverage

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py
index 700130a9f..6c50236b5 100644
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -1355,11 +1355,20 @@ def test_ap_wpa2_eap_tls_neg_altsubject_match(dev, apdev):
     """WPA2-Enterprise negative test - altsubject mismatch"""
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hostapd.add_ap(apdev[0]['ifname'], params)
+
+    tests = [ "incorrect.example.com",
+              "DNS:incorrect.example.com",
+              "DNS:w1.fi",
+              "DNS:erver.w1.fi" ]
+    for match in tests:
+        _test_ap_wpa2_eap_tls_neg_altsubject_match(dev, apdev, match)
+
+def _test_ap_wpa2_eap_tls_neg_altsubject_match(dev, apdev, match):
     dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
                    identity="DOMAIN\mschapv2 user", anonymous_identity="ttls",
                    password="password", phase2="auth=MSCHAPV2",
                    ca_cert="auth_serv/ca.pem",
-                   altsubject_match="incorrect.example.com",
+                   altsubject_match=match,
                    wait_connect=False, scan_freq="2412")
 
     ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=10)
@@ -1404,6 +1413,8 @@ def test_ap_wpa2_eap_tls_neg_altsubject_match(dev, apdev):
     if ev is None:
         raise Exception("Network block disabling not reported")
 
+    dev[0].request("REMOVE_NETWORK all")
+
 def test_ap_wpa2_eap_unauth_tls(dev, apdev):
     """WPA2-Enterprise connection using UNAUTH-TLS"""
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")