def test_ap_vlan_wpa2_radius_mixed(dev, apdev):
"""AP VLAN with WPA2-Enterprise and tagged+untagged VLANs"""
ifname = 'wlan0.1'
try:
params = hostapd.wpa2_eap_params(ssid="test-vlan")
params['dynamic_vlan'] = "1"
params["vlan_naming"] = "1"
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan", key_mgmt="WPA-EAP", eap="PAX",
identity="vlan12mixed",
password_hex="0123456789abcdef0123456789abcdef",
scan_freq="2412")
# Add tagged VLAN interface to wpa_supplicant interface for testing
subprocess.call(['ip', 'link', 'add', 'link', dev[0].ifname,
'name', ifname, 'type', 'vlan', 'id', '1'])
subprocess.call(['ifconfig', ifname, 'up'])
logger.info("Test connectivity in untagged VLAN 2")
hwsim_utils.run_connectivity_test(dev[0], hapd, 0,
ifname1=dev[0].ifname,
ifname2="brvlan2")
logger.info("Test connectivity in tagged VLAN 1")
hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1=ifname,
ifname2="brvlan1")
finally:
subprocess.call(['ifconfig', ifname, 'down'])
subprocess.call(['ip', 'link', 'del', ifname])
def test_ap_vlan_wpa2_radius_tagged(dev, apdev):
"""AP VLAN with WPA2-Enterprise and RADIUS EGRESS_VLANID attributes"""
ifname = 'wlan0.1'
try:
params = hostapd.wpa2_eap_params(ssid="test-vlan")
params['dynamic_vlan'] = "1"
params["vlan_naming"] = "1"
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan",
key_mgmt="WPA-EAP",
eap="PAX",
identity="vlan1tagged",
password_hex="0123456789abcdef0123456789abcdef",
scan_freq="2412")
# Create tagged interface for wpa_supplicant
subprocess.call([
'ip', 'link', 'add', 'link', dev[0].ifname, 'name', ifname, 'type',
'vlan', 'id', '1'
])
subprocess.call(['ifconfig', ifname, 'up'])
hwsim_utils.run_connectivity_test(dev[0],
hapd,
0,
ifname1=ifname,
ifname2="brvlan1")
finally:
subprocess.call(['ifconfig', ifname, 'down'])
subprocess.call(['ip', 'link', 'del', ifname])
def test_ap_vlan_wpa2_radius_tagged(dev, apdev):
"""AP VLAN with WPA2-Enterprise and RADIUS EGRESS_VLANID attributes"""
ifname = 'wlan0.1'
try:
params = hostapd.wpa2_eap_params(ssid="test-vlan")
params['dynamic_vlan'] = "1"
params["vlan_naming"] = "1"
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan", key_mgmt="WPA-EAP", eap="PAX",
identity="vlan1tagged",
password_hex="0123456789abcdef0123456789abcdef",
scan_freq="2412")
# Create tagged interface for wpa_supplicant
subprocess.call(['ip', 'link', 'add', 'link', dev[0].ifname,
'name', ifname, 'type', 'vlan', 'id', '1'])
subprocess.call(['ifconfig', ifname, 'up'])
hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1=ifname,
ifname2="brvlan1")
finally:
subprocess.call(['ifconfig', ifname, 'down'])
subprocess.call(['ip', 'link', 'del', ifname])
def generic_ap_vlan_wpa2_radius_id_change(dev, apdev, tagged):
as_params = { "ssid": "as",
"beacon_int": "2000",
"radius_server_clients": "auth_serv/radius_clients.conf",
"radius_server_auth_port": '18128',
"eap_server": "1",
"eap_user_file": "auth_serv/eap_user.conf",
"ca_cert": "auth_serv/ca.pem",
"server_cert": "auth_serv/server.pem",
"private_key": "auth_serv/server.key" }
authserv = hostapd.add_ap(apdev[1], as_params)
params = hostapd.wpa2_eap_params(ssid="test-vlan")
params['dynamic_vlan'] = "1"
params['auth_server_port'] = "18128"
hapd = hostapd.add_ap(apdev[0], params)
identity = "vlan1tagged" if tagged else "vlan1"
dev[0].connect("test-vlan", key_mgmt="WPA-EAP", eap="PAX",
identity=identity,
password_hex="0123456789abcdef0123456789abcdef",
scan_freq="2412")
if tagged:
hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1="wlan0.1",
ifname2="brvlan1")
else:
hwsim_utils.test_connectivity_iface(dev[0], hapd, "brvlan1")
logger.info("VLAN-ID -> 2")
authserv.disable()
authserv.set('eap_user_file', "auth_serv/eap_user_vlan.conf")
authserv.enable()
dev[0].dump_monitor()
dev[0].request("REAUTHENTICATE")
ev = dev[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=15)
if ev is None:
raise Exception("EAP reauthentication timed out")
ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=5)
if ev is None:
raise Exception("4-way handshake after reauthentication timed out")
state = dev[0].get_status_field('wpa_state')
if state != "COMPLETED":
raise Exception("Unexpected state after reauth: " + state)
sta = hapd.get_sta(dev[0].own_addr())
if 'vlan_id' not in sta:
raise Exception("No VLAN ID in STA info")
if (not tagged) and (sta['vlan_id'] != '2'):
raise Exception("Unexpected VLAN ID: " + sta['vlan_id'])
if tagged:
hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1="wlan0.2",
ifname2="brvlan2")
else:
hwsim_utils.test_connectivity_iface(dev[0], hapd, "brvlan2")
logger.info("VLAN-ID -> 1")
time.sleep(1)
authserv.disable()
authserv.set('eap_user_file', "auth_serv/eap_user.conf")
authserv.enable()
dev[0].dump_monitor()
dev[0].request("REAUTHENTICATE")
ev = dev[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=15)
if ev is None:
raise Exception("EAP reauthentication timed out")
ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=5)
if ev is None:
raise Exception("4-way handshake after reauthentication timed out")
state = dev[0].get_status_field('wpa_state')
if state != "COMPLETED":
raise Exception("Unexpected state after reauth: " + state)
sta = hapd.get_sta(dev[0].own_addr())
if 'vlan_id' not in sta:
raise Exception("No VLAN ID in STA info")
if (not tagged) and (sta['vlan_id'] != '1'):
raise Exception("Unexpected VLAN ID: " + sta['vlan_id'])
time.sleep(0.2)
try:
if tagged:
hwsim_utils.run_connectivity_test(dev[0], hapd, 0,
ifname1="wlan0.1",
ifname2="brvlan1")
else:
hwsim_utils.test_connectivity_iface(dev[0], hapd, "brvlan1")
except Exception, e:
# It is possible for new bridge setup to not be ready immediately, so
# try again to avoid reporting issues related to that.
logger.info("First VLAN-ID 1 data test failed - try again")
if tagged:
hwsim_utils.run_connectivity_test(dev[0], hapd, 0,
ifname1="wlan0.1",
ifname2="brvlan1")
else:
hwsim_utils.test_connectivity_iface(dev[0], hapd, "brvlan1")
