3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 04:32:37 +01:00

unit: Add an EAPoL+EAP failure test

This commit is contained in:
Andrew Zaborowski 2015-10-30 11:12:25 +01:00 committed by Denis Kenzior
parent 4c04db5618
commit f23499cc3e

View File

@ -2434,6 +2434,114 @@ static void eapol_sm_test_eap_ttls_md5(const void *data)
eapol_sm_test_tls(&s.tls, eapol_8021x_config);
}
static bool eap_nak_verify_deauthenticate_called;
static void eap_nak_verify_deauthenticate(uint32_t ifindex, const uint8_t *aa,
const uint8_t *spa,
uint16_t reason_code,
void *user_data)
{
assert(!eap_nak_verify_deauthenticate_called);
eap_nak_verify_deauthenticate_called = true;
}
static const uint8_t eap_ttls_start_req[] = {
0x02, 0x00, 0x00, 0x06, 0x01, 0x02, 0x00, 0x06, 0x15, 0x20
};
static const uint8_t eap_nak_tls[] = {
0x02, 0x00, 0x00, 0x06, 0x02, 0x02, 0x00, 0x06, 0x03, 0x0d
};
static const uint8_t eap_failure[] = {
0x02, 0x00, 0x00, 0x04, 0x04, 0x02, 0x00, 0x04
};
static int verify_8021x_eap_nak(uint32_t ifindex, const uint8_t *aa_addr,
const uint8_t *sta_addr,
const struct eapol_frame *ef, void *user_data)
{
struct eapol_8021x_tls_test_state *s = user_data;
size_t len = sizeof(struct eapol_header) +
L_BE16_TO_CPU(ef->header.packet_len);
assert(ifindex == 1);
assert(!memcmp(sta_addr, spa, 6));
assert(!memcmp(aa_addr, aa, 6));
assert(len == sizeof(eap_nak_tls));
assert(!memcmp(ef, eap_nak_tls, sizeof(eap_nak_tls)));
assert(s->pending_req);
s->pending_req = 0;
return 0;
}
static void eapol_sm_test_eap_nak(const void *data)
{
static const char *eapol_8021x_config = "[Security]\n"
"EAP-Method=TLS\n"
"EAP-Identity=abc@example.com\n"
"EAP-TLS-CACert=ell/unit/cert-ca.pem\n"
"EAP-TLS-ClientCert=ell/unit/cert-client.pem\n"
"EAP-TLS-ClientKey=ell/unit/cert-client-key.pem";
static const unsigned char ap_wpa_ie[] = {
0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00,
0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50,
0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02 };
static uint8_t ap_address[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
static uint8_t sta_address[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
bool r;
struct eapol_sm *sm;
struct l_settings *settings;
struct eapol_8021x_tls_test_state s;
aa = ap_address;
spa = sta_address;
eapol_init();
__eapol_set_protocol_version(EAPOL_PROTOCOL_VERSION_2004);
__eapol_set_get_nonce_func(test_nonce);
__eapol_set_deauthenticate_func(verify_deauthenticate);
sm = eapol_sm_new();
eapol_sm_set_authenticator_address(sm, ap_address);
eapol_sm_set_supplicant_address(sm, sta_address);
eapol_sm_set_tx_user_data(sm, &s);
settings = l_settings_new();
l_settings_load_from_data(settings, eapol_8021x_config,
strlen(eapol_8021x_config));
eapol_sm_set_8021x_config(sm, settings);
l_settings_free(settings);
r = eapol_sm_set_own_wpa(sm,
eapol_key_data_20 + sizeof(struct eapol_key),
eapol_key_test_20.key_data_len);
assert(r);
eapol_sm_set_ap_wpa(sm, ap_wpa_ie, sizeof(ap_wpa_ie));
eapol_start(1, sm);
__eapol_set_tx_packet_func(verify_8021x_identity_resp);
s.pending_req = 1;
__eapol_rx_packet(1, sta_address, ap_address, eap_identity_req,
sizeof(eap_identity_req));
assert(!s.pending_req);
s.pending_req = 1;
__eapol_set_tx_packet_func(verify_8021x_eap_nak);
__eapol_rx_packet(1, sta_address, ap_address, eap_ttls_start_req,
sizeof(eap_ttls_start_req));
assert(!s.pending_req);
eap_nak_verify_deauthenticate_called = false;
__eapol_set_deauthenticate_func(eap_nak_verify_deauthenticate);
__eapol_rx_packet(1, sta_address, ap_address, eap_failure,
sizeof(eap_failure));
assert(eap_nak_verify_deauthenticate_called);
eapol_exit();
}
int main(int argc, char *argv[])
{
l_test_init(&argc, &argv);
@ -2521,5 +2629,8 @@ int main(int argc, char *argv[])
l_test_add("EAPoL/8021x EAP-TTLS+EAP-MD5 & 4-Way Handshake",
&eapol_sm_test_eap_ttls_md5, NULL);
l_test_add("EAPoL/8021x EAP NAK",
&eapol_sm_test_eap_nak, NULL);
return l_test_run();
}