From 0b4509d8d2cb1ea75651892e7cae8a07760ee4dd Mon Sep 17 00:00:00 2001
From: Tim Kourt <tim.a.kourt@linux.intel.com>
Date: Thu, 10 Jan 2019 14:34:29 -0800
Subject: [PATCH] auto-t: Test Tunneled-MSCHAPv2 over TTLS

---
 .../testEAP-TTLS-MSCHAPv2/connection_test.py  | 86 +++++++++++++++++++
 .../eap-user-ttls-mschapv2.text               |  4 +
 .../testEAP-TTLS-MSCHAPv2/failure_test.py     | 69 +++++++++++++++
 autotests/testEAP-TTLS-MSCHAPv2/hw.conf       |  7 ++
 .../ssidEAP-TTLS-MSCHAPv2.8021x               | 12 +++
 .../ssidEAP-TTLS-MSCHAPv2.conf                | 12 +++
 6 files changed, 190 insertions(+)
 create mode 100644 autotests/testEAP-TTLS-MSCHAPv2/connection_test.py
 create mode 100644 autotests/testEAP-TTLS-MSCHAPv2/eap-user-ttls-mschapv2.text
 create mode 100644 autotests/testEAP-TTLS-MSCHAPv2/failure_test.py
 create mode 100644 autotests/testEAP-TTLS-MSCHAPv2/hw.conf
 create mode 100644 autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.8021x
 create mode 100644 autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.conf

diff --git a/autotests/testEAP-TTLS-MSCHAPv2/connection_test.py b/autotests/testEAP-TTLS-MSCHAPv2/connection_test.py
new file mode 100644
index 00000000..da00e609
--- /dev/null
+++ b/autotests/testEAP-TTLS-MSCHAPv2/connection_test.py
@@ -0,0 +1,86 @@
+#!/usr/bin/python3
+
+import unittest
+import sys
+
+sys.path.append('../util')
+import iwd
+import testutil
+from iwd import IWD
+from iwd import PSKAgent
+from iwd import NetworkType
+
+from hostapd import HostapdCLI
+from hostapd import hostapd_map
+
+class Test(unittest.TestCase):
+
+    def test_connection_success(self):
+        hostapd = None
+
+        for hostapd_if in list(hostapd_map.values()):
+            hpd = HostapdCLI(hostapd_if)
+            if hpd.get_config_value('ssid') == 'ssidEAP-TTLS-MSCHAPv2':
+                hostapd = hpd
+                break
+
+        self.assertIsNotNone(hostapd)
+
+        wd = IWD(True)
+
+        psk_agent = PSKAgent('abc', ('domain\\user', 'testpasswd'))
+        wd.register_psk_agent(psk_agent)
+
+        device = wd.list_devices(1)[0];
+
+        condition = 'not obj.scanning'
+        wd.wait_for_object_condition(device, condition)
+
+        device.scan()
+
+        condition = 'not obj.scanning'
+        wd.wait_for_object_condition(device, condition)
+
+        ordered_networks = device.get_ordered_networks()
+        ordered_network = ordered_networks[0]
+
+        self.assertEqual(ordered_network.name, "ssidEAP-TTLS-MSCHAPv2")
+        self.assertEqual(ordered_network.type, NetworkType.eap)
+
+        condition = 'not obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        ordered_network.network_object.connect()
+
+        condition = 'obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        hostapd.eapol_reauth(device.address)
+
+        wd.wait(10)
+
+        condition = 'obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        testutil.test_iface_operstate()
+        testutil.test_ifaces_connected()
+
+        device.disconnect()
+
+        condition = 'not obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        wd.unregister_psk_agent(psk_agent)
+
+        del wd
+
+    @classmethod
+    def setUpClass(cls):
+        IWD.copy_to_storage('ssidEAP-TTLS-MSCHAPv2.8021x')
+
+    @classmethod
+    def tearDownClass(cls):
+        IWD.clear_storage()
+
+if __name__ == '__main__':
+    unittest.main(exit=True)
diff --git a/autotests/testEAP-TTLS-MSCHAPv2/eap-user-ttls-mschapv2.text b/autotests/testEAP-TTLS-MSCHAPv2/eap-user-ttls-mschapv2.text
new file mode 100644
index 00000000..6acbdede
--- /dev/null
+++ b/autotests/testEAP-TTLS-MSCHAPv2/eap-user-ttls-mschapv2.text
@@ -0,0 +1,4 @@
+# Phase 1 users
+* TTLS
+# Phase 2
+"domain\user" TTLS-MSCHAPV2 "testpasswd" [2]
diff --git a/autotests/testEAP-TTLS-MSCHAPv2/failure_test.py b/autotests/testEAP-TTLS-MSCHAPv2/failure_test.py
new file mode 100644
index 00000000..1d7d62f6
--- /dev/null
+++ b/autotests/testEAP-TTLS-MSCHAPv2/failure_test.py
@@ -0,0 +1,69 @@
+#!/usr/bin/python3
+
+import unittest
+import sys
+
+sys.path.append('../util')
+import iwd
+import testutil
+from iwd import IWD
+from iwd import PSKAgent
+from iwd import NetworkType
+
+from hostapd import HostapdCLI
+from hostapd import hostapd_map
+
+class Test(unittest.TestCase):
+
+    def test_connection_failure(self):
+        hostapd = None
+
+        for hostapd_if in list(hostapd_map.values()):
+            hpd = HostapdCLI(hostapd_if)
+            if hpd.get_config_value('ssid') == 'ssidEAP-TTLS-MSCHAPv2':
+                hostapd = hpd
+                break
+
+        self.assertIsNotNone(hostapd)
+
+        wd = IWD(True)
+
+        psk_agent = PSKAgent('abc', ('user', 'incorrect_password'))
+        wd.register_psk_agent(psk_agent)
+
+        device = wd.list_devices(1)[0];
+
+        condition = 'not obj.scanning'
+        wd.wait_for_object_condition(device, condition)
+
+        device.scan()
+
+        condition = 'not obj.scanning'
+        wd.wait_for_object_condition(device, condition)
+
+        ordered_networks = device.get_ordered_networks()
+        ordered_network = ordered_networks[0]
+
+        self.assertEqual(ordered_network.name, "ssidEAP-TTLS-MSCHAPv2")
+        self.assertEqual(ordered_network.type, NetworkType.eap)
+
+        condition = 'not obj.connected'
+        wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+        with self.assertRaises(iwd.FailedEx):
+            ordered_network.network_object.connect()
+
+        wd.unregister_psk_agent(psk_agent)
+
+        del wd
+
+    @classmethod
+    def setUpClass(cls):
+        IWD.copy_to_storage('ssidEAP-TTLS-MSCHAPv2.8021x')
+
+    @classmethod
+    def tearDownClass(cls):
+        IWD.clear_storage()
+
+if __name__ == '__main__':
+    unittest.main(exit=True)
diff --git a/autotests/testEAP-TTLS-MSCHAPv2/hw.conf b/autotests/testEAP-TTLS-MSCHAPv2/hw.conf
new file mode 100644
index 00000000..406e830d
--- /dev/null
+++ b/autotests/testEAP-TTLS-MSCHAPv2/hw.conf
@@ -0,0 +1,7 @@
+[SETUP]
+num_radios=2
+tmpfs_extra_stuff=../misc/certs:eap-user-ttls-mschapv2.text
+start_iwd=False
+
+[HOSTAPD]
+rad0=ssidEAP-TTLS-MSCHAPv2.conf
diff --git a/autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.8021x b/autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.8021x
new file mode 100644
index 00000000..e39dc7b9
--- /dev/null
+++ b/autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.8021x
@@ -0,0 +1,12 @@
+[Security]
+EAP-Method=TTLS
+EAP-Identity=anonymous
+EAP-TTLS-Phase2-Method=Tunneled-MSCHAPv2
+
+# If MSCHAP Identity and Password are left out, they will be requested through
+# the agent.
+#EAP-TTLS-Phase2-Identity=user
+#EAP-TTLS-Phase2-Password=testpasswd
+
+[Settings]
+Autoconnect=False
diff --git a/autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.conf b/autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.conf
new file mode 100644
index 00000000..968589e4
--- /dev/null
+++ b/autotests/testEAP-TTLS-MSCHAPv2/ssidEAP-TTLS-MSCHAPv2.conf
@@ -0,0 +1,12 @@
+hw_mode=g
+channel=1
+ssid=ssidEAP-TTLS-MSCHAPv2
+
+wpa=3
+wpa_key_mgmt=WPA-EAP
+ieee8021x=1
+eap_server=1
+eap_user_file=/tmp/eap-user-ttls-mschapv2.text
+ca_cert=/tmp/certs/cert-ca.pem
+server_cert=/tmp/certs/cert-server.pem
+private_key=/tmp/certs/cert-server-key.pem