3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-01-27 08:54:13 +01:00
iwd/autotests/testEncryptedProfiles/connection_test.py
James Prestwood 53e8bf4cb0 auto-t: fix testEncryptedProfiles mtime check
Yet another weird UML quirk. The intent of this tests was to ensure
the profile gets encrypted, and to check this both the mtime and
contents of the profile were checked.

But under UML the profile is copied, IWD started, and the profile
is encrypted all without any time passing. The (same) mtime was
then updated without any changes which fails the mtime check.

This puts a sleep after copying the profile to ensure the system
time differs once IWD encrypts the profile.
2022-06-24 18:11:15 -05:00

164 lines
4.7 KiB
Python

#!/usr/bin/python3
import unittest
import sys
sys.path.append('../util')
import iwd
import os
from time import sleep
from iwd import IWD
from iwd import NetworkType
from iwd import PSKAgent
class Test(unittest.TestCase):
def profile_is_encrypted(self, profile):
with open('/tmp/iwd/' + profile) as f:
contents = f.read()
if 'Passphrase' in contents:
return False
return True
def validate(self, wd):
devices = wd.list_devices(1)
device = devices[0]
ordered_network = device.get_ordered_network('ssidCCMP')
self.assertEqual(ordered_network.type, NetworkType.psk)
condition = 'not obj.connected'
wd.wait_for_object_condition(ordered_network.network_object, condition)
ordered_network.network_object.connect()
condition = 'obj.state == DeviceState.connected'
wd.wait_for_object_condition(device, condition)
device.disconnect()
condition = 'not obj.connected'
wd.wait_for_object_condition(ordered_network.network_object, condition)
# Tests that an existing plaintext profile gets encrypted
def test_new_profile(self):
IWD.copy_to_storage('ssidCCMP.psk')
mtime = os.path.getmtime('/tmp/iwd/' + 'ssidCCMP.psk')
self.assertFalse(self.profile_is_encrypted('ssidCCMP.psk'))
sleep(1)
wd = IWD(True)
# Make sure profile was accepted
condition = 'len(obj.list_known_networks()) == 1'
wd.wait_for_object_condition(wd, condition)
# Check the file was modified (should be encrypted now)
self.assertNotEqual(mtime, os.path.getmtime('/tmp/iwd/' + 'ssidCCMP.psk'))
self.validate(wd)
self.assertTrue(self.profile_is_encrypted('ssidCCMP.psk'))
# Tests that a new connection with agent gets written to an encrypted profile
def test_agent_profile(self):
wd = IWD(True)
psk_agent = PSKAgent("secret123")
wd.register_psk_agent(psk_agent)
with self.assertRaises(FileNotFoundError):
self.profile_is_encrypted('ssidCCMP.psk')
self.validate(wd)
self.assertTrue(self.profile_is_encrypted('ssidCCMP.psk'))
wd.unregister_psk_agent(psk_agent)
# Tests that an invalid profile gets re-written after an agent request
def test_invalid_profile_rewritten(self):
bad_config = '[Security]\nPassphrase=incorrect\n'
os.system('echo "%s" > /tmp/iwd/ssidCCMP.psk' % bad_config)
wd = IWD(True)
condition = 'len(obj.list_known_networks()) == 1'
wd.wait_for_object_condition(wd, condition)
# IWD should still encrypt the profile automatically
self.assertTrue(self.profile_is_encrypted('ssidCCMP.psk'))
# This should fail
with self.assertRaises(iwd.FailedEx):
self.validate(wd)
psk_agent = PSKAgent("secret123")
wd.register_psk_agent(psk_agent)
self.validate(wd)
self.assertTrue(self.profile_is_encrypted('ssidCCMP.psk'))
# Tests that a profile that doesn't decrypt wont become a known network
def test_decryption_failure(self):
bad_config = \
'''
[Security]
EncryptedSalt=000102030405060708090a0b0c0d0e0f
EncryptedSecurity=aabbccddeeff00112233445566778899
'''
os.system('echo "%s" > /tmp/iwd/ssidCCMP.psk' % bad_config)
wd = IWD(True)
self.assertEqual(wd.list_known_networks(), [])
# This test starts and stops IWD so quickly the DBus utilities don't
# even have a chance to set up the Device interface object which causes
# exceptions on the next test as the InterfaceAdded signals arrive. This
# allows the device interface to get set up before ending the test.
wd.list_devices(1)
def test_runtime_profile(self):
wd = IWD(True)
self.assertEqual(wd.list_known_networks(), [])
# Add profile after IWD starts
IWD.copy_to_storage('ssidCCMP.psk')
self.validate(wd)
# Should now be encrypted
self.assertTrue(self.profile_is_encrypted('ssidCCMP.psk'))
with open('/tmp/iwd/ssidCCMP.psk') as f:
profile = f.read()
# Edit the profile, corrupting it
profile.replace('EncryptedSecurity=', 'EncryptedSecurity=00')
devices = wd.list_devices(1)
device = devices[0]
condition = 'obj.state == DeviceState.disconnected'
wd.wait_for_object_condition(device, condition)
def tearDown(self):
IWD.clear_storage()
@classmethod
def setUpClass(cls):
os.environ['CREDENTIALS_DIRECTORY'] = '/tmp'
@classmethod
def tearDownClass(cls):
IWD.clear_storage()
if __name__ == '__main__':
unittest.main(exit=True)