diff options
Diffstat (limited to 'contrib/wpa/wpa_supplicant/doc/docbook/eapol_test.sgml')
-rw-r--r-- | contrib/wpa/wpa_supplicant/doc/docbook/eapol_test.sgml | 209 |
1 files changed, 209 insertions, 0 deletions
diff --git a/contrib/wpa/wpa_supplicant/doc/docbook/eapol_test.sgml b/contrib/wpa/wpa_supplicant/doc/docbook/eapol_test.sgml new file mode 100644 index 000000000000..4cfa3c1db384 --- /dev/null +++ b/contrib/wpa/wpa_supplicant/doc/docbook/eapol_test.sgml @@ -0,0 +1,209 @@ +<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> + +<refentry> + <refentryinfo> + <date>07 August 2019</date> + </refentryinfo> + + <refmeta> + <refentrytitle>eapol_test</refentrytitle> + <manvolnum>8</manvolnum> + </refmeta> + <refnamediv> + <refname>eapol_test</refname> + + <refpurpose>EAP peer and RADIUS client testing</refpurpose> + </refnamediv> + + <refsynopsisdiv> + <cmdsynopsis> + <command>eapol_test</command> + <arg>-nWS</arg> + <arg>-c<replaceable>config file</replaceable></arg> + <arg>-a<replaceable>server IP address</replaceable></arg> + <arg>-A<replaceable>client IP address</replaceable></arg> + <arg>-p<replaceable>UDP port</replaceable></arg> + <arg>-s<replaceable>shared secret</replaceable></arg> + <arg>-r<replaceable>re-authentications</replaceable></arg> + <arg>-t<replaceable>timeout</replaceable></arg> + <arg>-C<replaceable>Connect-Info</replaceable></arg> + <arg>-M<replaceable>MAC address</replaceable></arg> + <arg>-o<replaceable>file</replaceable></arg> + <arg>-N<replaceable>attr spec</replaceable></arg> + </cmdsynopsis> + <cmdsynopsis> + <command>eapol_test scard</command> + </cmdsynopsis> + <cmdsynopsis> + <command>eapol_test sim</command> + <arg>PIN</arg> + <arg>num triplets</arg> + </cmdsynopsis> + </refsynopsisdiv> + + <refsect1> + <title>Overview</title> + + <para>eapol_test is a program that links together the same EAP + peer implementation that wpa_supplicant is using and the RADIUS + authentication client code from hostapd. In addition, it has + minimal glue code to combine these two components in similar + ways to IEEE 802.1X/EAPOL Authenticator state machines. In other + words, it integrates IEEE 802.1X Authenticator (normally, an + access point) and IEEE 802.1X Supplicant (normally, a wireless + client) together to generate a single program that can be used to + test EAP methods without having to setup an access point and a + wireless client.</para> + + <para>The main uses for eapol_test are in interoperability testing + of EAP methods against RADIUS servers and in development testing + for new EAP methods. It can be easily used to automate EAP testing + for interoperability and regression since the program can be run + from shell scripts without require additional test components apart + from a RADIUS server. For example, the automated EAP tests described + in eap_testing.txt are implemented with eapol_test. Similarly, + eapol_test could be used to implement an automated regression + test suite for a RADIUS authentication server.</para> + + + <para>As an example:</para> + +<blockquote><programlisting> +eapol_test -ctest.conf -a127.0.0.1 -p1812 -ssecret -r1 +</programlisting></blockquote> + + <para>tries to complete EAP authentication based on the network + configuration from test.conf against the RADIUS server running + on the local host. A re-authentication is triggered to test fast + re-authentication. The configuration file uses the same format for + network blocks as wpa_supplicant.</para> + + </refsect1> + <refsect1> + <title>Command Arguments</title> + <variablelist> + <varlistentry> + <term>-c configuration file path</term> + + <listitem><para>A configuration to use. The configuration should + use the same format for network blocks as wpa_supplicant. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-a AS address</term> + + <listitem><para>IP address of the authentication server. The + default is '127.0.0.1'.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-A client address</term> + + <listitem><para>IP address of the client. The default is to + select an address automatically.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-p AS port</term> + + <listitem><para>UDP port of the authentication server. The + default is '1812'.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-s AS secret</term> + + <listitem><para>Shared secret with the authentication server. + The default is 'radius'.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-r count</term> + + <listitem><para>Number of reauthentications.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-t timeout</term> + + <listitem><para>Timeout in seconds. The default is 30.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-C info</term> + + <listitem><para>RADIUS Connect-Info. The default is + 'CONNECT 11Mbps 802.11b'.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>-M mac address</term> + + <listitem><para>Client MAC address (Calling-Station-Id). The + default is '02:00:00:00:00:01'.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-o file</term> + + <listitem><para>Location to write out server certificate. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-N attr spec</term> + + <listitem><para>Send arbitrary attribute specific by + attr_id:syntax:value, or attr_id alone. attr_id should be the numeric + ID of the attribute, and syntax should be one of 's' (string), + 'd' (integer), or 'x' (octet string). The value is the attribute value + to send. When attr_id is given alone, NULL is used as the attribute + value. Multiple attributes can be specified by using the option + several times.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-n</term> + + <listitem><para>Indicates that no MPPE keys are expected. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-W</term> + + <listitem><para>Wait for a control interface monitor before starting. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-S</term> + + <listitem><para>Save configuration after authentication. + </para></listitem> + </varlistentry> + + </variablelist> + </refsect1> + <refsect1> + <title>See Also</title> + <para> + <citerefentry> + <refentrytitle>wpa_supplicant</refentrytitle> + <manvolnum>8</manvolnum> + </citerefentry> + </para> + </refsect1> + <refsect1> + <title>Legal</title> + <para>wpa_supplicant is copyright (c) 2003-2019, + Jouni Malinen <email>j@w1.fi</email> and + contributors. + All Rights Reserved.</para> + + <para>This program is licensed under the BSD license (the one with + advertisement clause removed).</para> + </refsect1> +</refentry> |