1hostap.git test tools 2--------------------- 3 4The tests directory with its subdirectories contain number of tools used 5for testing wpa_supplicant and hostapd implementations. 6 7hwsim directory contains the test setup for full system testing of 8wpa_supplicant and hostapd with a simulated radio (mac80211_hwsim). See 9hwsim/READM and hwsim/vm/README for more details. 10 11 12Build testing 13------------- 14 15wpa_supplicant and hostapd support number of build option 16combinations. The test scripts in the build subdirectory can be used to 17verify that various combinations do not break the builds. More 18configuration examples can be added there 19(build-{hostapd,wpa_supplicant}-*.config) to get them included in test 20builds. 21 22# Example 23cd build 24./run-build-tests.h 25 26 27Fuzz testing 28------------ 29 30Newer fuzz testing tools are under the fuzzing directory. See 31fuzzing/README for more details on them. The following text describes 32the older fuzz testing tools that are subject to removal once the same 33newer tools have the same coverage available. 34 35Number of the test tools here can be used for fuzz testing with tools 36like American fuzzy lop (afl-fuzz) that are designed to modify an 37external file for program input. ap-mgmt-fuzzer, eapol-fuzzer, 38test-eapol, test-json, test-tls, and test-x509 are examples of such 39tools that expose hostap.git module functionality with input from a file 40specified on the command line. 41 42Here are some examples of how fuzzing can be performed: 43 44##### JSON parser 45make clean 46CC=afl-gcc make test-json 47mkdir json-examples 48cat > json-examples/1.json <<EOF 49{"a":[[]],"b":1,"c":"q","d":{"e":[{}]}} 50EOF 51afl-fuzz -i json-examples -o json-findings -- $PWD/test-json @@ 52 53Alternatively, using libFuzzer from LLVM: 54make clean 55make test-json LIBFUZZER=y 56mkdir json-examples 57cat > json-examples/1.json <<EOF 58{"a":[[]],"b":1,"c":"q","d":{"e":[{}]}} 59EOF 60./test-json json-examples 61 62##### EAPOL-Key Supplicant 63make clean 64CC=afl-gcc make test-eapol TEST_FUZZ=y 65mkdir eapol-auth-examples 66./test-eapol auth write eapol-auth-examples/auth.msg 67afl-fuzz -i eapol-auth-examples -o eapol-auth-findings -- $PWD/test-eapol auth read @@ 68 69##### EAPOL-Key Authenticator 70make clean 71CC=afl-gcc make test-eapol TEST_FUZZ=y 72mkdir eapol-supp-examples 73./test-eapol supp write eapol-supp-examples/supp.msg 74afl-fuzz -i eapol-supp-examples -o eapol-supp-findings -- $PWD/test-eapol supp read @@ 75 76##### TLS client 77make clean 78CC=afl-gcc make test-tls TEST_FUZZ=y 79mkdir tls-server-examples 80./test-tls server write tls-server-examples/server.msg 81afl-fuzz -i tls-server-examples -o tls-server-findings -- $PWD/test-tls server read @@ 82 83##### TLS server 84make clean 85CC=afl-gcc make test-tls TEST_FUZZ=y 86mkdir tls-client-examples 87./test-tls client write tls-client-examples/client.msg 88afl-fuzz -i tls-client-examples -o tls-client-findings -- $PWD/test-tls client read @@ 89 90##### AP management frame processing 91cd ap-mgmt-fuzzer 92make clean 93CC=afl-gcc make 94mkdir multi-examples 95cp multi.dat multi-examples 96afl-fuzz -i multi-examples -o multi-findings -- $PWD/ap-mgmt-fuzzer -m @@ 97 98##### EAPOL-Key Supplicant (separate) 99cd eapol-fuzzer 100make clean 101CC=afl-gcc make 102mkdir eapol-examples 103cp *.dat eapol-examples 104afl-fuzz -i eapol-examples -o eapol-findings -- $PWD/eapol-fuzzer @@ 105 106##### P2P 107cd p2p-fuzzer 108make clean 109CC=afl-gcc make 110mkdir p2p-proberesp-examples 111cp proberesp*.dat p2p-proberesp-examples 112afl-fuzz -i p2p-proberesp-examples -o p2p-proberesp-findings -- $PWD/p2p-fuzzer proberesp @@ 113mkdir p2p-action-examples 114cp go*.dat inv*.dat p2ps*.dat p2p-action-examples 115afl-fuzz -i p2p-action-examples -o p2p-action-findings -- $PWD/p2p-fuzzer action @@ 116 117##### WNM 118cd wnm-fuzzer 119make clean 120CC=afl-gcc make 121mkdir wnm-examples 122cp *.dat wnm-examples 123afl-fuzz -i wnm-examples -o wnm-findings -- $PWD/wnm-fuzzer @@ 124
