auto-t: Test Tunneled-MSCHAPv2 over TTLS

autotests/testEAP-TTLS-MSCHAPv2/connection_test.py

@@ -0,0 +1,86 @@
+#!/usr/bin/python3
+
+import unittest
+import sys
+
+sys.path.append('../util')
+import iwd
+import testutil
+from iwd import IWD
+from iwd import PSKAgent
+from iwd import NetworkType
+
+from hostapd import HostapdCLI
+from hostapd import hostapd_map
+
+class Test(unittest.TestCase):
+
+    def test_connection_success(self):
+        hostapd = None
+
+        for hostapd_if in list(hostapd_map.values()):
+            hpd = HostapdCLI(hostapd_if)
+            if hpd.get_config_value('ssid') == 'ssidEAP-TTLS-MSCHAPv2':
+                hostapd = hpd
+                break
+
+        self.assertIsNotNone(hostapd)
+
+        wd = IWD(True)
+
+        psk_agent = PSKAgent('abc', ('domain\\user', 'testpasswd'))
+        wd.register_psk_agent(psk_agent)
+
+        device = wd.list_devices(1)[0];
+
+        condition = 'not obj.scanning'
+        wd.wait_for_object_condition(device, condition)
+
+        device.scan()
+
+        condition = 'not obj.scanning'
+        wd.wait_for_object_condition(device, condition)
+
+        ordered_networks = device.get_ordered_networks()
+        ordered_network = ordered_networks[0]
+
+        self.assertEqual(ordered_network.name, "ssidEAP-TTLS-MSCHAPv2")
+        self.assertEqual(ordered_network.type, NetworkType.eap)
+
+        condition = 'not obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        ordered_network.network_object.connect()
+
+        condition = 'obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        hostapd.eapol_reauth(device.address)
+
+        wd.wait(10)
+
+        condition = 'obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        testutil.test_iface_operstate()
+        testutil.test_ifaces_connected()
+
+        device.disconnect()
+
+        condition = 'not obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        wd.unregister_psk_agent(psk_agent)
+
+        del wd
+
+    @classmethod
+    def setUpClass(cls):
+        IWD.copy_to_storage('ssidEAP-TTLS-MSCHAPv2.8021x')
+
+    @classmethod
+    def tearDownClass(cls):
+        IWD.clear_storage()
+
+if __name__ == '__main__':
+    unittest.main(exit=True)

autotests/testEAP-TTLS-MSCHAPv2/eap-user-ttls-mschapv2.text

@@ -0,0 +1,4 @@
+# Phase 1 users
+* TTLS
+# Phase 2
+"domain\user" TTLS-MSCHAPV2 "testpasswd" [2]

autotests/testEAP-TTLS-MSCHAPv2/failure_test.py

@@ -0,0 +1,69 @@
+#!/usr/bin/python3
+
+import unittest
+import sys
+
+sys.path.append('../util')
+import iwd
+import testutil
+from iwd import IWD
+from iwd import PSKAgent
+from iwd import NetworkType
+
+from hostapd import HostapdCLI
+from hostapd import hostapd_map
+
+class Test(unittest.TestCase):
+
+    def test_connection_failure(self):
+        hostapd = None
+
+        for hostapd_if in list(hostapd_map.values()):
+            hpd = HostapdCLI(hostapd_if)
+            if hpd.get_config_value('ssid') == 'ssidEAP-TTLS-MSCHAPv2':
+                hostapd = hpd
+                break
+
+        self.assertIsNotNone(hostapd)
+
+        wd = IWD(True)
+
+        psk_agent = PSKAgent('abc', ('user', 'incorrect_password'))
+        wd.register_psk_agent(psk_agent)
+
+        device = wd.list_devices(1)[0];
+
+        condition = 'not obj.scanning'
+        wd.wait_for_object_condition(device, condition)
+
+        device.scan()
+
+        condition = 'not obj.scanning'
+        wd.wait_for_object_condition(device, condition)
+
+        ordered_networks = device.get_ordered_networks()
+        ordered_network = ordered_networks[0]
+
+        self.assertEqual(ordered_network.name, "ssidEAP-TTLS-MSCHAPv2")
+        self.assertEqual(ordered_network.type, NetworkType.eap)
+
+        condition = 'not obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        with self.assertRaises(iwd.FailedEx):
+            ordered_network.network_object.connect()
+
+        wd.unregister_psk_agent(psk_agent)
+
+        del wd
+
+    @classmethod
+    def setUpClass(cls):
+        IWD.copy_to_storage('ssidEAP-TTLS-MSCHAPv2.8021x')
+
+    @classmethod
+    def tearDownClass(cls):
+        IWD.clear_storage()
+
+if __name__ == '__main__':
+    unittest.main(exit=True)

autotests/testEAP-TTLS-MSCHAPv2/hw.conf

@@ -0,0 +1,7 @@
+[SETUP]
+num_radios=2
+tmpfs_extra_stuff=../misc/certs:eap-user-ttls-mschapv2.text
+start_iwd=False
+
+[HOSTAPD]
+rad0=ssidEAP-TTLS-MSCHAPv2.conf

autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.8021x

@@ -0,0 +1,12 @@
+[Security]
+EAP-Method=TTLS
+EAP-Identity=anonymous
+EAP-TTLS-Phase2-Method=Tunneled-MSCHAPv2
+
+# If MSCHAP Identity and Password are left out, they will be requested through
+# the agent.
+#EAP-TTLS-Phase2-Identity=user
+#EAP-TTLS-Phase2-Password=testpasswd
+
+[Settings]
+Autoconnect=False

autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.conf

@@ -0,0 +1,12 @@
+hw_mode=g
+channel=1
+ssid=ssidEAP-TTLS-MSCHAPv2
+
+wpa=3
+wpa_key_mgmt=WPA-EAP
+ieee8021x=1
+eap_server=1
+eap_user_file=/tmp/eap-user-ttls-mschapv2.text
+ca_cert=/tmp/certs/cert-ca.pem
+server_cert=/tmp/certs/cert-server.pem
+private_key=/tmp/certs/cert-server-key.pem