def test_ap_open_no_reflection(dev, apdev):
"""AP with open mode, STA sending packets to itself"""
hapd = hostapd.add_ap(apdev[0], {"ssid": "open"})
dev[0].connect("open", key_mgmt="NONE", scan_freq="2412")
ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=5)
if ev is None:
raise Exception("No connection event received from hostapd")
# test normal connectivity is OK
hwsim_utils.test_connectivity(dev[0], hapd)
# test that we can't talk to ourselves
addr = dev[0].own_addr()
res = dev[0].request('DATA_TEST_CONFIG 1')
try:
assert 'OK' in res
cmd = "DATA_TEST_TX {} {} {}".format(addr, addr, 0)
dev[0].request(cmd)
ev = dev[0].wait_event(["DATA-TEST-RX"], timeout=1)
if ev is not None and "DATA-TEST-RX {} {}".format(addr, addr) in ev:
raise Exception("STA can unexpectedly talk to itself")
finally:
dev[0].request('DATA_TEST_CONFIG 0')
def test_ibss_rsn_group_rekey(dev):
"""IBSS RSN group rekeying"""
ssid = "ibss-rsn"
logger.info("Start IBSS on the first STA")
id = add_ibss_rsn(dev[0], ssid, group_rekey=4, scan_freq=2412)
connect_ibss_cmd(dev[0], id)
bssid0 = wait_ibss_connection(dev[0])
dev[0].dump_monitor()
logger.info("Join two STAs to the IBSS")
dev[1].scan_for_bss(bssid0, freq=2412)
id = add_ibss_rsn(dev[1], ssid, scan_freq=2412)
connect_ibss_cmd(dev[1], id)
bssid1 = wait_ibss_connection(dev[1])
if bssid0 != bssid1:
raise Exception("STA0 BSSID " + bssid0 + " differs from STA1 BSSID " + bssid1)
wait_4way_handshake(dev[0], dev[1])
wait_4way_handshake(dev[1], dev[0])
dev[0].dump_monitor()
dev[1].dump_monitor()
hwsim_utils.test_connectivity(dev[0], dev[1])
ev = dev[1].wait_event(["WPA: Group rekeying completed"], timeout=10)
if ev is None:
raise Exception("No group rekeying reported")
hwsim_utils.test_connectivity(dev[0], dev[1])
def test_connect_cmd_concurrent_grpform_while_connecting(dev, apdev):
"""Concurrent P2P group formation while connecting to an AP using cfg80211 connect command"""
logger.info("Start connection to an infrastructure AP")
hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "test-open" })
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
wpas.connect("test-open", key_mgmt="NONE", wait_connect=False)
wpas.dump_monitor()
logger.info("Form a P2P group while connecting to an AP")
wpas.request("SET p2p_no_group_iface 0")
[i_res, r_res] = go_neg_pin_authorized(i_dev=dev[0], i_freq=2412,
r_dev=wpas, r_freq=2412)
check_grpform_results(i_res, r_res)
remove_group(dev[0], wpas)
wpas.dump_monitor()
logger.info("Confirm AP connection after P2P group removal")
hwsim_utils.test_connectivity(wpas, hapd)
wpas.request("DISCONNECT")
wpas.wait_disconnected()
wpas.dump_monitor()
def test_dfs_ht40_minus(dev, apdev, params):
"""DFS CAC functionality on channel 104 HT40- [long]"""
if not params['long']:
raise HwsimSkip("Skip test case with long duration due to --long not specified")
try:
hapd = None
hapd = start_dfs_ap(apdev[0], allow_failure=True, ht40minus=True,
channel=104)
ev = wait_dfs_event(hapd, "DFS-CAC-COMPLETED", 70)
if "success=1" not in ev:
raise Exception("CAC failed")
if "freq=5520" not in ev:
raise Exception("Unexpected DFS freq result")
ev = hapd.wait_event(["AP-ENABLED"], timeout=5)
if not ev:
raise Exception("AP setup timed out")
state = hapd.get_status_field("state")
if state != "ENABLED":
raise Exception("Unexpected interface state")
freq = hapd.get_status_field("freq")
if freq != "5520":
raise Exception("Unexpected frequency")
dev[0].connect("dfs", key_mgmt="NONE", scan_freq="5520")
hwsim_utils.test_connectivity(dev[0], hapd)
finally:
dev[0].request("DISCONNECT")
if hapd:
hapd.request("DISABLE")
subprocess.call(['iw', 'reg', 'set', '00'])
dev[0].flush_scan_cache()
def test_ap_wpa2_delayed_m1_m3_zero_tk(dev, apdev):
"""Delayed M1+M3 retransmission and zero TK"""
params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678")
hapd = hostapd.add_ap(apdev[0], params)
Wlantest.setup(hapd)
wt = Wlantest()
wt.flush()
wt.add_passphrase("12345678")
dev[0].connect("test-wpa2-psk", psk="12345678", scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
addr = dev[0].own_addr()
if "OK" not in hapd.request("RESEND_M1 " + addr + " change-anonce"):
raise Exception("RESEND_M1 failed")
if "OK" not in hapd.request("RESEND_M1 " + addr):
raise Exception("RESEND_M1 failed")
if "OK" not in hapd.request("RESEND_M3 " + addr):
raise Exception("RESEND_M3 failed")
if "OK" not in hapd.request("SET_KEY 3 %s %d %d %s %s" % (addr, 0, 1, 6*"00", 16*"00")):
raise Exception("SET_KEY failed")
time.sleep(0.1)
hwsim_utils.test_connectivity(dev[0], hapd, timeout=1, broadcast=False,
success_expected=False)
dev[0].request("DISCONNECT")
dev[0].wait_disconnected()
def test_go_neg_with_bss_connected(dev, apdev):
"""P2P channel selection: GO negotiation when station interface is connected"""
dev[0].request("SET p2p_no_group_iface 0")
hapd = hostapd.add_ap(apdev[0]['ifname'],
{ "ssid": 'bss-2.4ghz', "channel": '5' })
dev[0].connect("bss-2.4ghz", key_mgmt="NONE", scan_freq="2432")
#dev[0] as GO
[i_res, r_res] = go_neg_pbc(i_dev=dev[0], i_intent=10, r_dev=dev[1],
r_intent=1)
check_grpform_results(i_res, r_res)
if i_res['role'] != "GO":
raise Exception("GO not selected according to go_intent")
if i_res['freq'] != "2432":
raise Exception("Group formed on a different frequency than BSS")
hwsim_utils.test_connectivity(dev[0], hapd)
dev[0].remove_group(i_res['ifname'])
if dev[0].get_mcc() > 1:
logger.info("Skip as-client case due to MCC being enabled")
return;
#dev[0] as client
[i_res2, r_res2] = go_neg_pbc(i_dev=dev[0], i_intent=1, r_dev=dev[1],
r_intent=10)
check_grpform_results(i_res2, r_res2)
if i_res2['role'] != "client":
raise Exception("GO not selected according to go_intent")
if i_res2['freq'] != "2432":
raise Exception("Group formed on a different frequency than BSS")
hwsim_utils.test_connectivity(dev[0], hapd)
def run_owe_transition_mode_multi_bss(dev, apdev):
if "OWE" not in dev[0].get_capability("key_mgmt"):
raise HwsimSkip("OWE not supported")
ifname1 = apdev[0]['ifname']
ifname2 = apdev[0]['ifname'] + '-2'
hapd1 = hostapd.add_bss(apdev[0], ifname1, 'owe-bss-1.conf')
hapd2 = hostapd.add_bss(apdev[0], ifname2, 'owe-bss-2.conf')
hapd2.bssidx = 1
bssid = hapd1.own_addr()
bssid2 = hapd2.own_addr()
# Beaconing with the OWE Transition Mode element can start only once both
# BSSs are enabled, so the very first Beacon frame may go out without this
# element. Wait a bit to avoid getting incomplete scan results.
time.sleep(0.1)
dev[0].request("SCAN_INTERVAL 1")
dev[0].scan_for_bss(bssid2, freq="2412")
dev[0].scan_for_bss(bssid, freq="2412")
dev[0].connect("transition-mode-open", key_mgmt="OWE")
val = dev[0].get_status_field("bssid")
if val != bssid2:
raise Exception("Unexpected bssid: " + val)
val = dev[0].get_status_field("key_mgmt")
if val != "OWE":
raise Exception("Unexpected key_mgmt: " + val)
hwsim_utils.test_connectivity(dev[0], hapd2)
def test_ap_vht80(dev, apdev):
"""VHT with 80 MHz channel width"""
try:
hapd = None
params = { "ssid": "vht",
"country_code": "FI",
"hw_mode": "a",
"channel": "36",
"ht_capab": "[HT40+]",
"ieee80211n": "1",
"ieee80211ac": "1",
"vht_oper_chwidth": "1",
"vht_oper_centr_freq_seg0_idx": "42" }
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
bssid = apdev[0]['bssid']
dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180")
hwsim_utils.test_connectivity(dev[0], hapd)
est = dev[0].get_bss(bssid)['est_throughput']
if est != "390001":
raise Exception("Unexpected BSS est_throughput: " + est)
except Exception, e:
if isinstance(e, Exception) and str(e) == "AP startup failed":
if not vht_supported():
raise HwsimSkip("80 MHz channel not supported in regulatory information")
raise
def test_wpas_mesh_secure_no_auto(dev, apdev):
"""wpa_supplicant secure MESH network connectivity"""
check_mesh_support(dev[0], secure=True)
dev[0].request("SET sae_groups 19")
id = add_mesh_secure_net(dev[0])
dev[0].mesh_group_add(id)
dev[1].request("SET sae_groups 19")
id = add_mesh_secure_net(dev[1])
dev[1].set_network(id, "no_auto_peer", "1")
dev[1].mesh_group_add(id)
# Check for mesh joined
check_mesh_group_added(dev[0])
check_mesh_group_added(dev[1])
# Check for peer connected
check_mesh_peer_connected(dev[0], timeout=30)
check_mesh_peer_connected(dev[1])
# Test connectivity 0->1 and 1->0
hwsim_utils.test_connectivity(dev[0], dev[1])
dev[0].request("SET sae_groups ")
dev[1].request("SET sae_groups ")
def test_ap_open_ifdown(dev, apdev):
"""AP with open mode and external ifconfig down"""
params = { "ssid": "open",
"ap_max_inactivity": "1" }
hapd = hostapd.add_ap(apdev[0], params)
bssid = apdev[0]['bssid']
dev[0].connect("open", key_mgmt="NONE", scan_freq="2412")
dev[1].connect("open", key_mgmt="NONE", scan_freq="2412")
hapd.cmd_execute(['ip', 'link', 'set', 'dev', apdev[0]['ifname'], 'down'])
ev = hapd.wait_event(["AP-STA-DISCONNECTED"], timeout=10)
if ev is None:
raise Exception("Timeout on AP-STA-DISCONNECTED (1)")
ev = hapd.wait_event(["AP-STA-DISCONNECTED"], timeout=5)
if ev is None:
raise Exception("Timeout on AP-STA-DISCONNECTED (2)")
ev = hapd.wait_event(["INTERFACE-DISABLED"], timeout=5)
if ev is None:
raise Exception("No INTERFACE-DISABLED event")
# The following wait tests beacon loss detection in mac80211 on dev0.
# dev1 is used to test stopping of AP side functionality on client polling.
dev[1].request("REMOVE_NETWORK all")
hapd.cmd_execute(['ip', 'link', 'set', 'dev', apdev[0]['ifname'], 'up'])
dev[0].wait_disconnected()
dev[1].wait_disconnected()
ev = hapd.wait_event(["INTERFACE-ENABLED"], timeout=10)
if ev is None:
raise Exception("No INTERFACE-ENABLED event")
dev[0].wait_connected()
hwsim_utils.test_connectivity(dev[0], hapd)
def test_rfkill_wpa2_psk(dev, apdev):
"""rfkill block/unblock during WPA2-PSK connection"""
id = get_rfkill_id(dev[0])
if id is None:
return "skip"
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
try:
logger.info("rfkill block")
subprocess.call(['sudo', 'rfkill', 'block', id])
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=10)
if ev is None:
raise Exception("Missing disconnection event on rfkill block")
logger.info("rfkill unblock")
subprocess.call(['sudo', 'rfkill', 'unblock', id])
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=10)
if ev is None:
raise Exception("Missing connection event on rfkill unblock")
hwsim_utils.test_connectivity(dev[0], hapd)
finally:
subprocess.call(['sudo', 'rfkill', 'unblock', id])
def test_ap_vht80_params(dev, apdev):
"""VHT with 80 MHz channel width and number of optional features enabled"""
try:
hapd = None
params = { "ssid": "vht",
"country_code": "FI",
"hw_mode": "a",
"channel": "36",
"ht_capab": "[HT40+][SHORT-GI-40][DSS_CCK-40]",
"ieee80211n": "1",
"ieee80211ac": "1",
"vht_oper_chwidth": "1",
"vht_capab": "[MAX-MPDU-11454][RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-STBC-1][MAX-A-MPDU-LEN-EXP0]",
"vht_oper_centr_freq_seg0_idx": "42",
"require_vht": "1" }
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[1].connect("vht", key_mgmt="NONE", scan_freq="5180",
disable_vht="1", wait_connect=False)
dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180")
ev = dev[1].wait_event(["CTRL-EVENT-ASSOC-REJECT"])
if ev is None:
raise Exception("Association rejection timed out")
if "status_code=104" not in ev:
raise Exception("Unexpected rejection status code")
dev[1].request("DISCONNECT")
hwsim_utils.test_connectivity(dev[0], hapd)
except Exception, e:
if isinstance(e, Exception) and str(e) == "AP startup failed":
if not vht_supported():
raise HwsimSkip("80 MHz channel not supported in regulatory information")
raise
def test_ap_ht_antenna_config(dev, apdev):
"""HT and antenna configuration"""
hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "open" })
phy = hapd.get_driver_status_field("phyname")
hapd.disable()
try:
subprocess.call(['iw', 'phy', phy, 'set', 'antenna', '0x1'])
hapd = None
params = { "ssid": "ht",
"country_code": "FI",
"hw_mode": "a",
"channel": "36",
"ieee80211n": "1" }
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
bssid = apdev[0]['bssid']
dev[0].connect("ht", key_mgmt="NONE", scan_freq="5180")
hwsim_utils.test_connectivity(dev[0], hapd)
finally:
dev[0].request("DISCONNECT")
if hapd:
hapd.request("DISABLE")
subprocess.call(['iw', 'reg', 'set', '00'])
dev[0].flush_scan_cache()
subprocess.call(['iw', 'phy', phy, 'set', 'antenna', 'all'])
def test_ieee8021x_open(dev, apdev):
"""IEEE 802.1X connection using open network"""
params = hostapd.radius_params()
params["ssid"] = "ieee8021x-open"
params["ieee8021x"] = "1"
hapd = hostapd.add_ap(apdev[0]["ifname"], params)
id = dev[0].connect(
"ieee8021x-open",
key_mgmt="IEEE8021X",
eapol_flags="0",
eap="PSK",
identity="*****@*****.**",
password_hex="0123456789abcdef0123456789abcdef",
scan_freq="2412",
)
hwsim_utils.test_connectivity(dev[0], hapd)
logger.info("Test EAPOL-Logoff")
dev[0].request("LOGOFF")
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
if ev is None:
raise Exception("Did not get disconnected")
if "reason=23" not in ev:
raise Exception("Unexpected disconnection reason")
dev[0].request("LOGON")
dev[0].connect_network(id)
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_pmf_required(dev, apdev):
"""WPA2-PSK AP with PMF required"""
ssid = "test-pmf-required"
wt = Wlantest()
wt.flush()
wt.add_passphrase("12345678")
params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
params["wpa_key_mgmt"] = "WPA-PSK-SHA256";
params["ieee80211w"] = "2";
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
key_mgmt = hapd.get_config()['key_mgmt']
if key_mgmt.split(' ')[0] != "WPA-PSK-SHA256":
raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt)
dev[0].connect(ssid, psk="12345678", ieee80211w="1",
key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2",
scan_freq="2412")
hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
dev[1].connect(ssid, psk="12345678", ieee80211w="2",
key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2",
scan_freq="2412")
hwsim_utils.test_connectivity(dev[1].ifname, apdev[0]['ifname'])
hapd = hostapd.Hostapd(apdev[0]['ifname'])
hapd.request("SA_QUERY " + dev[0].p2p_interface_addr())
hapd.request("SA_QUERY " + dev[1].p2p_interface_addr())
wt.require_ap_pmf_mandatory(apdev[0]['bssid'])
wt.require_sta_pmf(apdev[0]['bssid'], dev[0].p2p_interface_addr())
wt.require_sta_pmf_mandatory(apdev[0]['bssid'], dev[1].p2p_interface_addr())
time.sleep(0.1)
if wt.get_sta_counter("valid_saqueryresp_tx", apdev[0]['bssid'],
dev[0].p2p_interface_addr()) < 1:
raise Exception("STA did not reply to SA Query")
if wt.get_sta_counter("valid_saqueryresp_tx", apdev[0]['bssid'],
dev[1].p2p_interface_addr()) < 1:
raise Exception("STA did not reply to SA Query")
def test_ap_pmf_optional_2akm(dev, apdev):
"""WPA2-PSK AP with PMF optional (2 AKMs)"""
ssid = "test-pmf-optional-2akm"
wt = Wlantest()
wt.flush()
wt.add_passphrase("12345678")
params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
params["wpa_key_mgmt"] = "WPA-PSK WPA-PSK-SHA256";
params["ieee80211w"] = "1";
hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk="12345678", ieee80211w="1",
key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2",
scan_freq="2412")
hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
dev[1].connect(ssid, psk="12345678", ieee80211w="2",
key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2",
scan_freq="2412")
hwsim_utils.test_connectivity(dev[1].ifname, apdev[0]['ifname'])
wt.require_ap_pmf_optional(apdev[0]['bssid'])
wt.require_sta_pmf(apdev[0]['bssid'], dev[0].p2p_interface_addr())
wt.require_sta_key_mgmt(apdev[0]['bssid'], dev[0].p2p_interface_addr(),
"PSK-SHA256")
wt.require_sta_pmf_mandatory(apdev[0]['bssid'], dev[1].p2p_interface_addr())
wt.require_sta_key_mgmt(apdev[0]['bssid'], dev[1].p2p_interface_addr(),
"PSK-SHA256")
def check_group_mgmt_cipher(dev, ap, cipher):
wt = Wlantest()
wt.flush()
wt.add_passphrase("12345678")
if cipher not in dev.get_capability("group_mgmt"):
raise HwsimSkip("Cipher %s not supported" % cipher)
params = { "ssid": "test-wpa2-psk-pmf",
"wpa_passphrase": "12345678",
"wpa": "2",
"ieee80211w": "2",
"wpa_key_mgmt": "WPA-PSK-SHA256",
"rsn_pairwise": "CCMP",
"group_mgmt_cipher": cipher }
hapd = hostapd.add_ap(ap['ifname'], params)
dev.connect("test-wpa2-psk-pmf", psk="12345678", ieee80211w="2",
key_mgmt="WPA-PSK-SHA256",
pairwise="CCMP", group="CCMP", scan_freq="2412")
hwsim_utils.test_connectivity(dev, hapd)
hapd.request("DEAUTHENTICATE ff:ff:ff:ff:ff:ff")
dev.wait_disconnected()
if wt.get_bss_counter('valid_bip_mmie', ap['bssid']) < 1:
raise Exception("No valid BIP MMIE seen")
if wt.get_bss_counter('bip_deauth', ap['bssid']) < 1:
raise Exception("No valid BIP deauth seen")
if cipher == "AES-128-CMAC":
group_mgmt = "BIP"
else:
group_mgmt = cipher
res = wt.info_bss('group_mgmt', ap['bssid']).strip()
if res != group_mgmt:
raise Exception("Unexpected group mgmt cipher: " + res)
def test_ap_roam_with_reassoc_auth_timeout(dev, apdev, params):
"""Roam using reassoc between two APs and authentication times out"""
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5",
drv_params="force_connect_cmd=1,force_bss_selection=1")
params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678")
hapd0 = hostapd.add_ap(apdev[0], params)
bssid0 = hapd0.own_addr()
id = wpas.connect("test-wpa2-psk", psk="12345678", scan_freq="2412")
hwsim_utils.test_connectivity(wpas, hapd0)
hapd1 = hostapd.add_ap(apdev[1], params)
bssid1 = hapd1.own_addr()
wpas.scan_for_bss(bssid1, freq=2412)
if "OK" not in wpas.request("SET_NETWORK " + str(id) + " bssid " + bssid1):
raise Exception("SET_NETWORK failed")
if "OK" not in wpas.request("SET ignore_auth_resp 1"):
raise Exception("SET ignore_auth_resp failed")
if "OK" not in wpas.request("REASSOCIATE"):
raise Exception("REASSOCIATE failed")
logger.info("Wait ~10s for auth timeout...")
time.sleep(10)
ev = wpas.wait_event(["CTRL-EVENT-SCAN-STARTED"], 12)
if not ev:
raise Exception("CTRL-EVENT-SCAN-STARTED not seen")
b = get_blacklist(wpas)
if bssid0 in b:
raise Exception("Unexpected blacklist contents: " + str(b))
def test_ap_roam_wpa2_psk_failed(dev, apdev, params):
"""Roam failure with WPA2-PSK AP due to wrong passphrase"""
params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678")
hapd0 = hostapd.add_ap(apdev[0], params)
id = dev[0].connect("test-wpa2-psk", psk="12345678", scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd0)
params['wpa_passphrase'] = "22345678"
hapd1 = hostapd.add_ap(apdev[1], params)
bssid = hapd1.own_addr()
dev[0].scan_for_bss(bssid, freq=2412)
dev[0].dump_monitor()
if "OK" not in dev[0].request("ROAM " + bssid):
raise Exception("ROAM failed")
ev = dev[0].wait_event(["CTRL-EVENT-SSID-TEMP-DISABLED",
"CTRL-EVENT-CONNECTED"], 5)
if "CTRL-EVENT-CONNECTED" in ev:
raise Exception("Got unexpected CTRL-EVENT-CONNECTED")
if "CTRL-EVENT-SSID-TEMP-DISABLED" not in ev:
raise Exception("CTRL-EVENT-SSID-TEMP-DISABLED not seen")
if "OK" not in dev[0].request("SELECT_NETWORK id=" + str(id)):
raise Exception("SELECT_NETWORK failed")
ev = dev[0].wait_event(["CTRL-EVENT-SSID-REENABLED"], 3)
if not ev:
raise Exception("CTRL-EVENT-SSID-REENABLED not seen")
dev[0].wait_connected(timeout=5)
hwsim_utils.test_connectivity(dev[0], hapd0)
def test_ap_vht80_antenna_config(dev, apdev):
"""VHT with 80 MHz channel width and antenna configuration"""
hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "open" })
phy = hapd.get_driver_status_field("phyname")
hapd.disable()
try:
subprocess.call(['iw', 'phy', phy, 'set', 'antenna', '0x3'])
hapd = None
params = { "ssid": "vht",
"country_code": "FI",
"hw_mode": "a",
"channel": "36",
"ht_capab": "[HT40+]",
"ieee80211n": "1",
"ieee80211ac": "1",
"vht_oper_chwidth": "1",
"vht_oper_centr_freq_seg0_idx": "42" }
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
bssid = apdev[0]['bssid']
dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180")
hwsim_utils.test_connectivity(dev[0], hapd)
except Exception, e:
if isinstance(e, Exception) and str(e) == "AP startup failed":
if not vht_supported():
raise HwsimSkip("80 MHz channel not supported in regulatory information")
raise
def test_ap_vht_40_fallback_to_20(devs, apdevs):
"""VHT and 40 MHz channel configuration falling back to 20 MHz"""
dev = devs[0]
ap = apdevs[0]
try:
hapd = None
params = { "ssid": "test-vht40",
"country_code": "US",
"hw_mode": "a",
"basic_rates": "60 120 240",
"channel": "161",
"ieee80211d": "1",
"ieee80211h": "1",
"ieee80211n": "1",
"ieee80211ac": "1",
"ht_capab": "[HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]",
"vht_capab": "[RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-STBC1][MAX-MPDU-11454][MAX-A-MPDU-LEN-EXP7]",
"vht_oper_chwidth": "0",
"vht_oper_centr_freq_seg0_idx": "155",
}
hapd = hostapd.add_ap(ap, params)
dev.connect("test-vht40", scan_freq="5805", key_mgmt="NONE")
hwsim_utils.test_connectivity(dev, hapd)
finally:
dev.request("DISCONNECT")
if hapd:
hapd.request("DISABLE")
subprocess.call(['iw', 'reg', 'set', '00'])
dev.flush_scan_cache()
def test_cfg80211_wep_key_idx_change(dev, apdev):
"""WEP Shared Key authentication and key index change without deauth"""
hapd = hostapd.add_ap(apdev[0],
{ "ssid": "wep-shared-key",
"wep_key0": '"hello12345678"',
"wep_key1": '"other12345678"',
"auth_algs": "2" })
id = dev[0].connect("wep-shared-key", key_mgmt="NONE", auth_alg="SHARED",
wep_key0='"hello12345678"',
wep_key1='"other12345678"',
wep_tx_keyidx="0",
scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
dev[0].set_network(id, "wep_tx_keyidx", "1")
# clear cfg80211 auth state to allow new auth without deauth frame
ifindex = int(dev[0].get_driver_status_field("ifindex"))
attrs = build_nl80211_attr_u32('IFINDEX', ifindex)
attrs += build_nl80211_attr_u16('REASON_CODE', 1)
attrs += build_nl80211_attr_mac('MAC', apdev[0]['bssid'])
attrs += build_nl80211_attr_flag('LOCAL_STATE_CHANGE')
nl80211_command(dev[0], 'DEAUTHENTICATE', attrs)
dev[0].wait_disconnected(timeout=5, error="Local-deauth timed out")
# the previous command results in deauth event followed by auto-reconnect
dev[0].wait_connected(timeout=10, error="Reassociation timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_wep_ht_vht(dev, apdev):
"""WEP and HT/VHT"""
dev[0].flush_scan_cache()
try:
hapd = None
params = { "ssid": "test-vht40-wep",
"country_code": "SE",
"hw_mode": "a",
"channel": "36",
"ieee80211n": "1",
"ieee80211ac": "1",
"ht_capab": "[HT40+]",
"vht_capab": "",
"vht_oper_chwidth": "0",
"vht_oper_centr_freq_seg0_idx": "0",
"wep_key0": '"hello"' }
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vht40-wep", scan_freq="5180", key_mgmt="NONE",
wep_key0='"hello"')
hwsim_utils.test_connectivity(dev[0], hapd)
status = hapd.get_status()
logger.info("hostapd STATUS: " + str(status))
if status["ieee80211n"] != "0":
raise Exception("Unexpected STATUS ieee80211n value")
if status["ieee80211ac"] != "0":
raise Exception("Unexpected STATUS ieee80211ac value")
if status["secondary_channel"] != "0":
raise Exception("Unexpected STATUS secondary_channel value")
finally:
dev[0].request("DISCONNECT")
if hapd:
hapd.request("DISABLE")
subprocess.call(['iw', 'reg', 'set', '00'])
dev[0].flush_scan_cache()
def test_rfkill_open(dev, apdev):
"""rfkill block/unblock during open mode connection"""
rfk = get_rfkill(dev[0])
hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "open" })
dev[0].connect("open", key_mgmt="NONE", scan_freq="2412")
try:
logger.info("rfkill block")
rfk.block()
dev[0].wait_disconnected(timeout=10,
error="Missing disconnection event on rfkill block")
if "FAIL" not in dev[0].request("REASSOCIATE"):
raise Exception("REASSOCIATE accepted while disabled")
if "FAIL" not in dev[0].request("REATTACH"):
raise Exception("REATTACH accepted while disabled")
if "FAIL" not in dev[0].request("RECONNECT"):
raise Exception("RECONNECT accepted while disabled")
if "FAIL" not in dev[0].request("FETCH_OSU"):
raise Exception("FETCH_OSU accepted while disabled")
logger.info("rfkill unblock")
rfk.unblock()
dev[0].wait_connected(timeout=10,
error="Missing connection event on rfkill unblock")
hwsim_utils.test_connectivity(dev[0], hapd)
finally:
rfk.unblock()
def test_ap_pmf_inject_auth(dev, apdev):
"""WPA2-PSK AP with PMF and Authentication frame injection"""
ssid = "test-pmf"
params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
params["ieee80211w"] = "2"
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect(ssid, psk="12345678", ieee80211w="2",
key_mgmt="WPA-PSK-SHA256", proto="WPA2",
scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
bssid = hapd.own_addr().replace(':', '')
addr = dev[0].own_addr().replace(':', '')
# Inject an unprotected Authentication frame claiming to be from the
# associated STA.
auth = "b0003a01" + bssid + addr + bssid + '1000000001000000'
hapd.request("SET ext_mgmt_frame_handling 1")
res = hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % auth)
hapd.request("SET ext_mgmt_frame_handling 0")
if "OK" not in res:
raise Exception("MGMT_RX_PROCESS failed")
# Verify that original association is still functional.
hwsim_utils.test_connectivity(dev[0], hapd)
def test_wext_wpa_psk(dev, apdev):
"""WEXT driver interface with WPA-PSK"""
skip_with_fips(dev[0])
wpas = get_wext_interface()
params = hostapd.wpa_params(ssid="wext-wpa-psk", passphrase="12345678")
hapd = hostapd.add_ap(apdev[0], params)
testfile = "/sys/kernel/debug/ieee80211/%s/netdev:%s/tkip_mic_test" % (hapd.get_driver_status_field("phyname"), apdev[0]['ifname'])
if not os.path.exists(testfile):
wpas.close_ctrl()
raise HwsimSkip("tkip_mic_test not supported in mac80211")
wpas.connect("wext-wpa-psk", psk="12345678")
hwsim_utils.test_connectivity(wpas, hapd)
with open(testfile, "w") as f:
f.write(wpas.p2p_interface_addr())
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=1)
if ev is not None:
raise Exception("Unexpected disconnection on first Michael MIC failure")
with open(testfile, "w") as f:
f.write("ff:ff:ff:ff:ff:ff")
ev = wpas.wait_disconnected(timeout=10,
error="No disconnection after two Michael MIC failures")
if "reason=14 locally_generated=1" not in ev:
raise Exception("Unexpected disconnection reason: " + ev)
def test_ap_vht_on_24ghz(dev, apdev):
"""Subset of VHT features on 2.4 GHz"""
hapd = None
params = { "ssid": "test-vht-2g",
"hw_mode": "g",
"channel": "1",
"ieee80211n": "1",
"vendor_vht": "1",
"vht_capab": "[MAX-MPDU-11454]",
"vht_oper_chwidth": "0",
"vht_oper_centr_freq_seg0_idx": "1"
}
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
try:
if "OK" not in dev[0].request("VENDOR_ELEM_ADD 13 dd1300904c0400bf0c3240820feaff0000eaff0000"):
raise Exception("Failed to add vendor element")
dev[0].connect("test-vht-2g", scan_freq="2412", key_mgmt="NONE")
hwsim_utils.test_connectivity(dev[0], hapd)
sta = hapd.get_sta(dev[0].own_addr())
if '[VENDOR_VHT]' not in sta['flags']:
raise Exception("No VENDOR_VHT STA flag")
dev[1].connect("test-vht-2g", scan_freq="2412", key_mgmt="NONE")
sta = hapd.get_sta(dev[1].own_addr())
if '[VENDOR_VHT]' in sta['flags']:
raise Exception("Unexpected VENDOR_VHT STA flag")
finally:
dev[0].request("VENDOR_ELEM_REMOVE 13 *")
def test_ap_vht_40(devs, apdevs):
"""VHT and 40 MHz channel"""
dev = devs[0]
ap = apdevs[0]
try:
hapd = None
params = { "ssid": "test-vht40",
"country_code": "DE",
"hw_mode": "a",
"channel": "36",
"ieee80211n": "1",
"ieee80211ac": "1",
"ht_capab": "[HT40+]",
"vht_capab": "",
"vht_oper_chwidth": "0",
"vht_oper_centr_freq_seg0_idx": "0",
}
hapd = hostapd.add_ap(ap['ifname'], params)
dev.connect("test-vht40", scan_freq="5180", key_mgmt="NONE")
hwsim_utils.test_connectivity(dev, hapd)
finally:
dev.request("DISCONNECT")
if hapd:
hapd.request("DISABLE")
subprocess.call(['iw', 'reg', 'set', '00'])
dev.flush_scan_cache()
def test_ap_ft_ptk_rekey_ap(dev, apdev):
"""WPA2-PSK-FT PTK rekeying triggered by AP after roam"""
ssid = "test-ft"
passphrase="12345678"
params = ft_params1(ssid=ssid, passphrase=passphrase)
params['wpa_ptk_rekey'] = '2'
hapd0 = hostapd.add_ap(apdev[0], params)
params = ft_params2(ssid=ssid, passphrase=passphrase)
params['wpa_ptk_rekey'] = '2'
hapd1 = hostapd.add_ap(apdev[1], params)
run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase)
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED",
"WPA: Key negotiation completed"], timeout=5)
if ev is None:
raise Exception("No event received after roam")
if "CTRL-EVENT-DISCONNECTED" in ev:
raise Exception("Unexpected disconnection after roam")
if dev[0].get_status_field('bssid') == apdev[0]['bssid']:
hapd = hapd0
else:
hapd = hapd1
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_csa_1_switch_count_1(dev, apdev):
"""AP Channel Switch, one switch with count 1"""
csa_supported(dev[0])
ap = connect(dev[0], apdev)
hwsim_utils.test_connectivity(dev[0], ap)
switch_channel(ap, 1, 2462)
def test_wpas_ap_wps(dev):
"""wpa_supplicant AP mode - WPS operations"""
id = dev[0].add_network()
dev[0].set_network(id, "mode", "2")
dev[0].set_network_quoted(id, "ssid", "wpas-ap-wps")
dev[0].set_network_quoted(id, "psk", "1234567890")
dev[0].set_network(id, "frequency", "2412")
dev[0].set_network(id, "scan_freq", "2412")
dev[0].select_network(id)
wait_ap_ready(dev[0])
bssid = dev[0].p2p_interface_addr()
logger.info("Test PBC mode start/stop")
if "FAIL" not in dev[0].request("WPS_CANCEL"):
raise Exception("Unexpected WPS_CANCEL success")
dev[0].request("WPS_PBC")
ev = dev[0].wait_event(["WPS-PBC-ACTIVE"])
if ev is None:
raise Exception("PBC mode start timeout")
if "OK" not in dev[0].request("WPS_CANCEL"):
raise Exception("Unexpected WPS_CANCEL failure")
ev = dev[0].wait_event(["WPS-TIMEOUT"])
if ev is None:
raise Exception("PBC mode disabling timeout")
logger.info("Test PBC protocol run")
dev[0].request("WPS_PBC")
ev = dev[0].wait_event(["WPS-PBC-ACTIVE"])
if ev is None:
raise Exception("PBC mode start timeout")
dev[1].request("WPS_PBC")
dev[1].wait_connected(timeout=30, error="WPS PBC operation timed out")
hwsim_utils.test_connectivity(dev[0], dev[1])
logger.info("Test AP PIN to learn configuration")
pin = dev[0].request("WPS_AP_PIN random")
if "FAIL" in pin:
raise Exception("Could not generate random AP PIN")
if pin not in dev[0].request("WPS_AP_PIN get"):
raise Exception("Could not fetch current AP PIN")
dev[2].wps_reg(bssid, pin)
hwsim_utils.test_connectivity(dev[1], dev[2])
dev[1].request("REMOVE_NETWORK all")
dev[2].request("REMOVE_NETWORK all")
logger.info("Test AP PIN operations")
dev[0].request("WPS_AP_PIN disable")
dev[0].request("WPS_AP_PIN set " + pin + " 1")
time.sleep(1.1)
if "FAIL" not in dev[0].request("WPS_AP_PIN get"):
raise Exception("AP PIN unexpectedly still enabled")
pin = dev[1].wps_read_pin()
dev[0].request("WPS_PIN any " + pin)
dev[1].request("WPS_PIN any " + pin)
dev[1].wait_connected(timeout=30)
dev[1].request("REMOVE_NETWORK all")
dev[1].dump_monitor()
dev[0].request("WPS_PIN any " + pin + " 100")
dev[1].request("WPS_PIN any " + pin)
dev[1].wait_connected(timeout=30)
dev[1].request("REMOVE_NETWORK all")
dev[1].dump_monitor()
dev[0].request("WPS_AP_PIN set 12345670")
dev[0].dump_monitor()
runs = ("88887777", "12340000", "00000000", "12345670")
for pin in runs:
logger.info("Try AP PIN " + pin)
dev[2].dump_monitor()
dev[2].request("WPS_REG " + bssid + " " + pin)
ev = dev[2].wait_event(["WPS-SUCCESS", "WPS-FAIL msg"], timeout=15)
if ev is None:
raise Exception("WPS operation timed out")
if "WPS-SUCCESS" in ev:
raise Exception("WPS operation succeeded unexpectedly")
dev[2].wait_disconnected(timeout=10)
dev[2].request("WPS_CANCEL")
dev[2].request("REMOVE_NETWORK all")
ev = dev[0].wait_event(["WPS-AP-SETUP-LOCKED"])
if ev is None:
raise Exception("WPS AP PIN not locked")
dev[0].dump_monitor()
logger.info("Test random AP PIN timeout")
pin = dev[0].request("WPS_AP_PIN random 1")
if "FAIL" in pin:
raise Exception("Could not generate random AP PIN")
res = dev[0].request("WPS_AP_PIN get")
if pin not in res:
raise Exception("Could not fetch current AP PIN")
for i in range(10):
time.sleep(0.2)
res = dev[0].request("WPS_AP_PIN get")
if "FAIL" in res:
break
if "FAIL" not in res:
raise Exception("WPS_AP_PIN random timeout did not work")
if "FAIL" not in dev[0].request("WPS_AP_PIN foo"):
raise Exception("Invalid WPS_AP_PIN command not rejected")
if "FAIL" not in dev[0].request("WPS_AP_PIN set"):
raise Exception("Invalid WPS_AP_PIN command not rejected")
def run_macsec_psk_ns(dev, apdev, params):
try:
subprocess.check_call([
"ip", "link", "add", "veth0", "type", "veth", "peer", "name",
"veth1"
])
except subprocess.CalledProcessError:
raise HwsimSkip("veth not supported (kernel CONFIG_VETH)")
prefix = "macsec_psk_ns"
conffile = os.path.join(params['logdir'], prefix + ".conf")
pidfile = os.path.join(params['logdir'], prefix + ".pid")
logfile0 = os.path.join(params['logdir'], prefix + ".veth0.log")
logfile1 = os.path.join(params['logdir'], prefix + ".veth1.log")
cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap")
cap_veth1 = os.path.join(params['logdir'], prefix + ".veth1.pcap")
cap_macsec0 = os.path.join(params['logdir'], prefix + ".macsec0.pcap")
cap_macsec1 = os.path.join(params['logdir'], prefix + ".macsec1.pcap")
for i in range(2):
try:
subprocess.check_call(["ip", "netns", "add", "ns%d" % i])
except subprocess.CalledProcessError:
raise HwsimSkip(
"network namespace not supported (kernel CONFIG_NAMESPACES, CONFIG_NET_NS)"
)
subprocess.check_call(
["ip", "link", "set",
"veth%d" % i, "netns",
"ns%d" % i])
subprocess.check_call([
"ip", "netns", "exec",
"ns%d" % i, "ip", "link", "set", "dev",
"veth%d" % i, "up"
])
cmd = {}
cmd[0] = subprocess.Popen([
'ip', 'netns', 'exec', 'ns0', 'tcpdump', '-p', '-U', '-i', 'veth0',
'-w', cap_veth0, '-s', '2000', '--immediate-mode'
],
stderr=open('/dev/null', 'w'))
cmd[1] = subprocess.Popen([
'ip', 'netns', 'exec', 'ns1', 'tcpdump', '-p', '-U', '-i', 'veth1',
'-w', cap_veth1, '-s', '2000', '--immediate-mode'
],
stderr=open('/dev/null', 'w'))
write_conf(conffile + '0')
write_conf(conffile + '1', mka_priority=100)
prg = os.path.join(params['logdir'],
'alt-wpa_supplicant/wpa_supplicant/wpa_supplicant')
if not os.path.exists(prg):
prg = '../../wpa_supplicant/wpa_supplicant'
arg = [
"ip", "netns", "exec", "ns0", prg, '-BdddtKW', '-P', pidfile + '0',
'-f', logfile0, '-g', '/tmp/wpas-veth0', '-Dmacsec_linux', '-c',
conffile + '0', '-i', "veth0"
]
logger.info("Start wpa_supplicant: " + str(arg))
try:
subprocess.check_call(arg)
except subprocess.CalledProcessError:
raise HwsimSkip(
"macsec supported (wpa_supplicant CONFIG_MACSEC, CONFIG_DRIVER_MACSEC_LINUX; kernel CONFIG_MACSEC)"
)
if os.path.exists("wpa_supplicant-macsec2"):
logger.info(
"Use alternative wpa_supplicant binary for one of the macsec devices"
)
prg = "wpa_supplicant-macsec2"
arg = [
"ip", "netns", "exec", "ns1", prg, '-BdddtKW', '-P', pidfile + '1',
'-f', logfile1, '-g', '/tmp/wpas-veth1', '-Dmacsec_linux', '-c',
conffile + '1', '-i', "veth1"
]
logger.info("Start wpa_supplicant: " + str(arg))
subprocess.check_call(arg)
wpas0 = WpaSupplicant('veth0', '/tmp/wpas-veth0')
wpas1 = WpaSupplicant('veth1', '/tmp/wpas-veth1')
log_ip_macsec_ns()
log_ip_link_ns()
logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
logger.info("wpas0 STATUS-DRIVER:\n" + wpas0.request("STATUS-DRIVER"))
logger.info("wpas1 STATUS-DRIVER:\n" + wpas1.request("STATUS-DRIVER"))
macsec_ifname0 = wpas0.get_driver_status_field("parent_ifname")
macsec_ifname1 = wpas1.get_driver_status_field("parent_ifname")
for i in range(10):
key_tx0 = int(wpas0.get_status_field("Number of Keys Distributed"))
key_rx0 = int(wpas0.get_status_field("Number of Keys Received"))
key_tx1 = int(wpas1.get_status_field("Number of Keys Distributed"))
key_rx1 = int(wpas1.get_status_field("Number of Keys Received"))
if key_rx0 > 0 and key_tx1 > 0:
break
time.sleep(1)
cmd[2] = subprocess.Popen([
'ip', 'netns', 'exec', 'ns0', 'tcpdump', '-p', '-U', '-i',
macsec_ifname0, '-w', cap_macsec0, '-s', '2000', '--immediate-mode'
],
stderr=open('/dev/null', 'w'))
cmd[3] = subprocess.Popen([
'ip', 'netns', 'exec', 'ns0', 'tcpdump', '-p', '-U', '-i',
macsec_ifname1, '-w', cap_macsec1, '-s', '2000', '--immediate-mode'
],
stderr=open('/dev/null', 'w'))
time.sleep(0.5)
logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
log_ip_macsec_ns()
hwsim_utils.test_connectivity(wpas0,
wpas1,
ifname1=macsec_ifname0,
ifname2=macsec_ifname1,
send_len=1400)
log_ip_macsec_ns()
subprocess.check_call([
'ip', 'netns', 'exec', 'ns0', 'ip', 'addr', 'add', '192.168.248.17/30',
'dev', macsec_ifname0
])
subprocess.check_call([
'ip', 'netns', 'exec', 'ns1', 'ip', 'addr', 'add', '192.168.248.18/30',
'dev', macsec_ifname1
])
c = subprocess.Popen(
['ip', 'netns', 'exec', 'ns0', 'ping', '-c', '2', '192.168.248.18'],
stdout=subprocess.PIPE)
res = c.stdout.read().decode()
c.stdout.close()
logger.info("ping:\n" + res)
if "2 packets transmitted, 2 received" not in res:
raise Exception("ping did not work")
wpas0.close_monitor()
wpas0.request("TERMINATE")
wpas0.close_control()
del wpas0
wpas1.close_monitor()
wpas1.request("TERMINATE")
wpas1.close_control()
del wpas1
time.sleep(1)
for i in range(len(cmd)):
cmd[i].terminate()
def run_macsec_psk_br(dev, apdev, count, mka_priority):
subprocess.check_call(["brctl", "addbr", "brveth"])
subprocess.call(
["echo 8 > /sys/devices/virtual/net/brveth/bridge/group_fwd_mask"],
shell=True)
try:
for i in range(count):
subprocess.check_call([
"ip", "link", "add",
"veth%d" % i, "type", "veth", "peer", "name",
"vethbr%d" % i
])
subprocess.check_call(["ip", "link", "set", "vethbr%d" % i, "up"])
subprocess.check_call(["brctl", "addif", "brveth", "vethbr%d" % i])
except subprocess.CalledProcessError:
raise HwsimSkip("veth not supported (kernel CONFIG_VETH)")
subprocess.check_call(["ip", "link", "set", "brveth", "up"])
log_ip_link()
wpa = add_wpas_interfaces(count=count)
for i in range(count):
set_mka_psk_config(wpa[i], mka_priority=mka_priority[i])
wpa[i].dump_monitor()
wait_mka_done(wpa)
macsec_ifname = []
for i in range(count):
macsec_ifname.append(wpa[i].get_driver_status_field("parent_ifname"))
timeout = 2
max_tries = 2 if count > 2 else 1
success_seen = False
failure_seen = False
for i in range(1, count):
try:
hwsim_utils.test_connectivity(wpa[0],
wpa[i],
ifname1=macsec_ifname[0],
ifname2=macsec_ifname[i],
send_len=1400,
timeout=timeout,
max_tries=max_tries)
success_seen = True
logger.info("Traffic test %d<->%d success" % (0, i))
except:
failure_seen = True
logger.info("Traffic test %d<->%d failure" % (0, i))
for i in range(2, count):
try:
hwsim_utils.test_connectivity(wpa[1],
wpa[i],
ifname1=macsec_ifname[1],
ifname2=macsec_ifname[i],
send_len=1400,
timeout=timeout,
max_tries=max_tries)
success_seen = True
logger.info("Traffic test %d<->%d success" % (1, i))
except:
failure_seen = True
logger.info("Traffic test %d<->%d failure" % (1, i))
if not success_seen:
raise Exception("None of the data traffic tests succeeded")
# Something seems to be failing with three device tests semi-regularly, so
# do not report this as a failed test case until the real reason behind
# those failures have been determined.
if failure_seen:
if count < 3:
raise Exception("Data traffic test failed")
else:
logger.info(
"Data traffic test failed - ignore for now for >= 3 device cases"
)
for i in range(count):
wpa[i].close_monitor()
for i in range(count):
wpa[0].close_control()
del wpa[0]
def run_macsec_psk(dev,
apdev,
params,
prefix,
integ_only=False,
port0=None,
port1=None,
ckn0=None,
ckn1=None,
cak0=None,
cak1=None,
expect_failure=False):
add_veth()
cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap")
cap_veth1 = os.path.join(params['logdir'], prefix + ".veth1.pcap")
cap_macsec0 = os.path.join(params['logdir'], prefix + ".macsec0.pcap")
cap_macsec1 = os.path.join(params['logdir'], prefix + ".macsec1.pcap")
for i in range(2):
subprocess.check_call(["ip", "link", "set", "dev", "veth%d" % i, "up"])
cmd = {}
cmd[0] = subprocess.Popen([
'tcpdump', '-p', '-U', '-i', 'veth0', '-w', cap_veth0, '-s', '2000',
'--immediate-mode'
],
stderr=open('/dev/null', 'w'))
cmd[1] = subprocess.Popen([
'tcpdump', '-p', '-U', '-i', 'veth1', '-w', cap_veth1, '-s', '2000',
'--immediate-mode'
],
stderr=open('/dev/null', 'w'))
wpa = add_wpas_interfaces()
wpas0 = wpa[0]
wpas1 = wpa[1]
set_mka_psk_config(wpas0,
integ_only=integ_only,
port=port0,
ckn=ckn0,
cak=cak0)
set_mka_psk_config(wpas1,
mka_priority=100,
integ_only=integ_only,
port=port1,
ckn=ckn1,
cak=cak1)
log_ip_macsec()
log_ip_link()
logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
logger.info("wpas0 STATUS-DRIVER:\n" + wpas0.request("STATUS-DRIVER"))
logger.info("wpas1 STATUS-DRIVER:\n" + wpas1.request("STATUS-DRIVER"))
macsec_ifname0 = wpas0.get_driver_status_field("parent_ifname")
macsec_ifname1 = wpas1.get_driver_status_field("parent_ifname")
wait_mka_done(wpa, expect_failure=expect_failure)
if expect_failure:
for i in range(len(cmd)):
cmd[i].terminate()
return
cmd[2] = subprocess.Popen([
'tcpdump', '-p', '-U', '-i', macsec_ifname0, '-w', cap_macsec0, '-s',
'2000', '--immediate-mode'
],
stderr=open('/dev/null', 'w'))
cmd[3] = subprocess.Popen([
'tcpdump', '-p', '-U', '-i', macsec_ifname1, '-w', cap_macsec1, '-s',
'2000', '--immediate-mode'
],
stderr=open('/dev/null', 'w'))
time.sleep(0.5)
mi0 = wpas0.get_status_field("mi")
mi1 = wpas1.get_status_field("mi")
sci0 = wpas0.get_status_field("actor_sci")
sci1 = wpas1.get_status_field("actor_sci")
logger.info("wpas0 MIB:\n" + wpas0.request("MIB"))
logger.info("wpas1 MIB:\n" + wpas1.request("MIB"))
mib0 = wpas0.get_mib()
mib1 = wpas1.get_mib()
if mib0['ieee8021XKayMkaPeerListMI'] != mi1:
raise Exception("Unexpected ieee8021XKayMkaPeerListMI value (0)")
if mib0['ieee8021XKayMkaPeerListType'] != "1":
raise Exception("Unexpected ieee8021XKayMkaPeerListType value (0)")
if mib0['ieee8021XKayMkaPeerListSCI'] != sci1:
raise Exception("Unexpected ieee8021XKayMkaPeerListSCI value (0)")
if mib1['ieee8021XKayMkaPeerListMI'] != mi0:
raise Exception("Unexpected ieee8021XKayMkaPeerListMI value (1)")
if mib1['ieee8021XKayMkaPeerListType'] != "1":
raise Exception("Unexpected ieee8021XKayMkaPeerListType value (1)")
if mib1['ieee8021XKayMkaPeerListSCI'] != sci0:
raise Exception("Unexpected ieee8021XKayMkaPeerListSCI value (1)")
logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
log_ip_macsec()
hwsim_utils.test_connectivity(wpas0,
wpas1,
ifname1=macsec_ifname0,
ifname2=macsec_ifname1,
send_len=1400)
log_ip_macsec()
time.sleep(1)
for i in range(len(cmd)):
cmd[i].terminate()
def run_roams(dev,
apdev,
hapd0,
hapd1,
ssid,
passphrase,
over_ds=False,
sae=False,
eap=False,
fail_test=False,
roams=1):
logger.info("Connect to first AP")
if eap:
dev.connect(ssid,
key_mgmt="FT-EAP",
proto="WPA2",
ieee80211w="1",
eap="GPSK",
identity="gpsk user",
password="******",
scan_freq="2412")
else:
if sae:
key_mgmt = "FT-SAE"
else:
key_mgmt = "FT-PSK"
dev.connect(ssid,
psk=passphrase,
key_mgmt=key_mgmt,
proto="WPA2",
ieee80211w="1",
scan_freq="2412")
if dev.get_status_field('bssid') == apdev[0]['bssid']:
ap1 = apdev[0]
ap2 = apdev[1]
hapd1ap = hapd0
hapd2ap = hapd1
else:
ap1 = apdev[1]
ap2 = apdev[0]
hapd1ap = hapd1
hapd2ap = hapd0
hwsim_utils.test_connectivity(dev, hapd1ap)
dev.scan_for_bss(ap2['bssid'], freq="2412")
for i in range(0, roams):
logger.info("Roam to the second AP")
if over_ds:
dev.roam_over_ds(ap2['bssid'], fail_test=fail_test)
else:
dev.roam(ap2['bssid'], fail_test=fail_test)
if fail_test:
return
if dev.get_status_field('bssid') != ap2['bssid']:
raise Exception("Did not connect to correct AP")
if i == 0 or i == roams - 1:
hwsim_utils.test_connectivity(dev, hapd2ap)
logger.info("Roam back to the first AP")
if over_ds:
dev.roam_over_ds(ap1['bssid'])
else:
dev.roam(ap1['bssid'])
if dev.get_status_field('bssid') != ap1['bssid']:
raise Exception("Did not connect to correct AP")
if i == 0 or i == roams - 1:
hwsim_utils.test_connectivity(dev, hapd1ap)
def _test_wmediumd_path_rann(dev, apdev):
for i in range(0, 3):
check_mesh_support(dev[i])
add_open_mesh_network(dev[i], freq="2462", basic_rates="60 120 240")
# Check for mesh joined
for i in range(0, 3):
check_mesh_group_added(dev[i])
state = dev[i].get_status_field("wpa_state")
if state != "COMPLETED":
raise Exception("Unexpected wpa_state on dev" + str(i) + ": " + state)
mode = dev[i].get_status_field("mode")
if mode != "mesh":
raise Exception("Unexpected mode: " + mode)
# set node 2 as RANN supported root
subprocess.check_call(["iw", "dev", dev[0].ifname, "set", "mesh_param",
"mesh_hwmp_rootmode=0"])
subprocess.check_call(["iw", "dev", dev[1].ifname, "set", "mesh_param",
"mesh_hwmp_rootmode=0"])
subprocess.check_call(["iw", "dev", dev[2].ifname, "set", "mesh_param",
"mesh_hwmp_rootmode=4"])
subprocess.check_call(["iw", "dev", dev[2].ifname, "set", "mesh_param",
"mesh_hwmp_rann_interval=2000"])
# Check for peer connected
check_mesh_peer_connected(dev[0])
check_mesh_peer_connected(dev[0])
check_mesh_peer_connected(dev[1])
check_mesh_peer_connected(dev[2])
# Wait for RANN frame
time.sleep(10)
# Test connectivity 1->2 and 2->1
hwsim_utils.test_connectivity(dev[1], dev[2])
# Check mpath table on 0
res, data = dev[0].cmd_execute(['iw', dev[0].ifname, 'mpath', 'dump'])
if res != 0:
raise Exception("iw command failed on dev0")
if data.find(dev[1].own_addr() + ' ' + dev[1].own_addr()) == -1 or \
data.find(dev[2].own_addr() + ' ' + dev[2].own_addr()) == -1:
raise Exception("mpath not found on dev0:\n" + data)
if data.find(dev[0].own_addr()) > -1:
raise Exception("invalid mpath found on dev0:\n" + data)
# Check mpath table on 1
res, data = dev[1].cmd_execute(['iw', dev[1].ifname, 'mpath', 'dump'])
if res != 0:
raise Exception("iw command failed on dev1")
if data.find(dev[0].own_addr() + ' ' + dev[0].own_addr()) == -1 or \
data.find(dev[2].own_addr() + ' ' + dev[0].own_addr()) == -1:
raise Exception("mpath not found on dev1:\n" + data)
if data.find(dev[2].own_addr() + ' ' + dev[2].own_addr()) > -1 or \
data.find(dev[1].own_addr()) > -1:
raise Exception("invalid mpath found on dev1:\n" + data)
# Check mpath table on 2
res, data = dev[2].cmd_execute(['iw', dev[2].ifname, 'mpath', 'dump'])
if res != 0:
raise Exception("iw command failed on dev2")
if data.find(dev[0].own_addr() + ' ' + dev[0].own_addr()) == -1 or \
data.find(dev[1].own_addr() + ' ' + dev[0].own_addr()) == -1:
raise Exception("mpath not found on dev2:\n" + data)
if data.find(dev[1].own_addr() + ' ' + dev[1].own_addr()) > -1 or \
data.find(dev[2].own_addr()) > -1:
raise Exception("invalid mpath found on dev2:\n" + data)
# remove mesh groups
for i in range(0, 3):
dev[i].mesh_group_remove()
check_mesh_group_removed(dev[i])
dev[i].dump_monitor()
def test_ap_vht80(dev, apdev):
"""VHT with 80 MHz channel width"""
try:
hapd = None
params = {
"ssid": "vht",
"country_code": "FI",
"hw_mode": "a",
"channel": "36",
"ht_capab": "[HT40+]",
"ieee80211n": "1",
"ieee80211ac": "1",
"vht_oper_chwidth": "1",
"vht_oper_centr_freq_seg0_idx": "42"
}
hapd = hostapd.add_ap(apdev[0], params)
bssid = apdev[0]['bssid']
dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180")
hwsim_utils.test_connectivity(dev[0], hapd)
sig = dev[0].request("SIGNAL_POLL").splitlines()
if "FREQUENCY=5180" not in sig:
raise Exception("Unexpected SIGNAL_POLL value(1): " + str(sig))
if "WIDTH=80 MHz" not in sig:
raise Exception("Unexpected SIGNAL_POLL value(2): " + str(sig))
est = dev[0].get_bss(bssid)['est_throughput']
if est != "390001":
raise Exception("Unexpected BSS est_throughput: " + est)
status = dev[0].get_status()
if status["ieee80211ac"] != "1":
raise Exception("Unexpected STATUS ieee80211ac value (STA)")
status = hapd.get_status()
logger.info("hostapd STATUS: " + str(status))
if status["ieee80211n"] != "1":
raise Exception("Unexpected STATUS ieee80211n value")
if status["ieee80211ac"] != "1":
raise Exception("Unexpected STATUS ieee80211ac value")
if status["secondary_channel"] != "1":
raise Exception("Unexpected STATUS secondary_channel value")
if status["vht_oper_chwidth"] != "1":
raise Exception("Unexpected STATUS vht_oper_chwidth value")
if status["vht_oper_centr_freq_seg0_idx"] != "42":
raise Exception(
"Unexpected STATUS vht_oper_centr_freq_seg0_idx value")
if "vht_caps_info" not in status:
raise Exception("Missing vht_caps_info")
sta = hapd.get_sta(dev[0].own_addr())
logger.info("hostapd STA: " + str(sta))
if "[HT]" not in sta['flags']:
raise Exception("Missing STA flag: HT")
if "[VHT]" not in sta['flags']:
raise Exception("Missing STA flag: VHT")
except Exception as e:
if isinstance(e, Exception) and str(e) == "AP startup failed":
if not vht_supported():
raise HwsimSkip(
"80 MHz channel not supported in regulatory information")
raise
finally:
dev[0].request("DISCONNECT")
clear_regdom(hapd, dev)
def test_p2p_device_misuses(dev, apdev):
"""cfg80211 P2P Device misuses"""
hapd = hostapd.add_ap(apdev[0]['ifname'], {"ssid": "open"})
with HWSimRadio(use_p2p_device=True) as (radio, iface):
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add(iface)
# Add a normal network profile to the P2P Device management only
# interface to verify that it does not get used.
id = int(
wpas.global_request('IFNAME=p2p-dev-%s ADD_NETWORK' %
iface).strip())
wpas.global_request('IFNAME=p2p-dev-%s SET_NETWORK %d ssid "open"' %
(iface, id))
wpas.global_request('IFNAME=p2p-dev-%s SET_NETWORK %d key_mgmt NONE' %
(iface, id))
wpas.global_request('IFNAME=p2p-dev-%s ENABLE_NETWORK %d' %
(iface, id))
# Scan requests get ignored on p2p-dev
wpas.global_request('IFNAME=p2p-dev-%s SCAN' % iface)
dev[0].p2p_start_go(freq=2412)
addr = dev[0].p2p_interface_addr()
wpas.scan_for_bss(addr, freq=2412)
wpas.connect("open", key_mgmt="NONE", scan_freq="2412")
hwsim_utils.test_connectivity(wpas, hapd)
pin = wpas.wps_read_pin()
dev[0].p2p_go_authorize_client(pin)
res = wpas.p2p_connect_group(dev[0].p2p_dev_addr(),
pin,
timeout=60,
social=True,
freq=2412)
hwsim_utils.test_connectivity_p2p(dev[0], wpas)
# Optimize scan-after-disconnect
wpas.group_request("SET_NETWORK 0 scan_freq 2412")
dev[0].group_request("DISASSOCIATE " + wpas.p2p_interface_addr())
ev = wpas.wait_group_event(["CTRL-EVENT-DISCONNECT"])
if ev is None:
raise Exception(
"Did not see disconnect event on P2P group interface")
dev[0].remove_group()
ev = wpas.wait_group_event(["CTRL-EVENT-SCAN-STARTED"], timeout=5)
if ev is None:
raise Exception("Scan not started")
ev = wpas.wait_group_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=15)
if ev is None:
raise Exception("Scan not completed")
time.sleep(1)
hwsim_utils.test_connectivity(wpas, hapd)
ev = hapd.wait_event(["AP-STA-DISCONNECTED"], timeout=0.1)
if ev is not None:
raise Exception(
"Unexpected disconnection event received from hostapd")
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=0.1)
if ev is not None:
raise Exception(
"Unexpected disconnection event received from wpa_supplicant")
wpas.request("DISCONNECT")
wpas.wait_disconnected()
if not os.path.exists("/proc/net/wireless"):
logger.info("WEXT support not included in the kernel")
return "skip"
params = {"ssid": "wext-open"}
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
try:
wpas.interface_add("wlan5", driver="wext")
except Exception, e:
logger.info("WEXT driver support not included in wpa_supplicant")
return "skip"
wpas.connect("wext-open", key_mgmt="NONE")
hwsim_utils.test_connectivity(wpas, hapd)
def test_wext_wpa2_psk(dev, apdev):
"""WEXT driver interface with WPA2-PSK"""
if not os.path.exists("/proc/net/wireless"):
logger.info("WEXT support not included in the kernel")
return "skip"
params = hostapd.wpa2_params(ssid="wext-wpa2-psk", passphrase="12345678")
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
try:
wpas.interface_add("wlan5", driver="wext")
except Exception, e:
def test_dfs_etsi(dev, apdev, params):
"""DFS and uniform spreading requirement for ETSI [long]"""
if not params['long']:
raise HwsimSkip(
"Skip test case with long duration due to --long not specified")
try:
hapd = None
hapd = start_dfs_ap(apdev[0], allow_failure=True)
ev = wait_dfs_event(hapd, "DFS-CAC-COMPLETED", 70)
if "success=1" not in ev:
raise Exception("CAC failed")
if "freq=5260" not in ev:
raise Exception("Unexpected DFS freq result")
ev = hapd.wait_event(["AP-ENABLED"], timeout=5)
if not ev:
raise Exception("AP setup timed out")
state = hapd.get_status_field("state")
if state != "ENABLED":
raise Exception("Unexpected interface state")
freq = hapd.get_status_field("freq")
if freq != "5260":
raise Exception("Unexpected frequency")
dev[0].connect("dfs", key_mgmt="NONE")
dev[0].wait_regdom(country_ie=True)
hwsim_utils.test_connectivity(dev[0], hapd)
hapd.request("RADAR DETECTED freq=%s ht_enabled=1 chan_width=1" % freq)
ev = hapd.wait_event(["DFS-RADAR-DETECTED"], timeout=5)
if ev is None:
raise Exception("DFS-RADAR-DETECTED event not reported")
if "freq=%s" % freq not in ev:
raise Exception("Incorrect frequency in radar detected event: " +
ev)
ev = hapd.wait_event(["DFS-NEW-CHANNEL"], timeout=5)
if ev is None:
raise Exception("DFS-NEW-CHANNEL event not reported")
if "freq=%s" % freq in ev:
raise Exception("Channel did not change after radar was detected")
ev = hapd.wait_event(["AP-CSA-FINISHED", "DFS-CAC-START"], timeout=10)
if ev is None:
raise Exception(
"AP-CSA-FINISHED or DFS-CAC-START event not reported")
if "DFS-CAC-START" in ev:
# The selected new channel requires CAC
ev = wait_dfs_event(hapd, "DFS-CAC-COMPLETED", 70)
if "success=1" not in ev:
raise Exception("CAC failed")
ev = hapd.wait_event(["AP-ENABLED"], timeout=5)
if not ev:
raise Exception("AP setup timed out")
ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=30)
if not ev:
raise Exception("STA did not reconnect on new DFS channel")
else:
# The new channel did not require CAC - try again
if "freq=%s" % freq in ev:
raise Exception(
"Channel did not change after radar was detected(2)")
time.sleep(1)
hwsim_utils.test_connectivity(dev[0], hapd)
finally:
clear_regdom(hapd, dev)
def test_ap_vht80plus80(dev, apdev):
"""VHT with 80+80 MHz channel width"""
try:
hapd = None
hapd2 = None
params = { "ssid": "vht",
"country_code": "US",
"hw_mode": "a",
"channel": "52",
"ht_capab": "[HT40+]",
"ieee80211n": "1",
"ieee80211ac": "1",
"vht_oper_chwidth": "3",
"vht_oper_centr_freq_seg0_idx": "58",
"vht_oper_centr_freq_seg1_idx": "155",
'ieee80211d': '1',
'ieee80211h': '1' }
hapd = hostapd.add_ap(apdev[0], params, wait_enabled=False)
# This will actually fail since DFS on 80+80 is not yet supported
ev = hapd.wait_event(["AP-DISABLED"], timeout=5)
# ignore result to avoid breaking the test once 80+80 DFS gets enabled
params = { "ssid": "vht2",
"country_code": "US",
"hw_mode": "a",
"channel": "36",
"ht_capab": "[HT40+]",
"ieee80211n": "1",
"ieee80211ac": "1",
"vht_oper_chwidth": "3",
"vht_oper_centr_freq_seg0_idx": "42",
"vht_oper_centr_freq_seg1_idx": "155" }
hapd2 = hostapd.add_ap(apdev[1], params, wait_enabled=False)
ev = hapd2.wait_event(["AP-ENABLED", "AP-DISABLED"], timeout=5)
if not ev:
raise Exception("AP setup timed out(2)")
if "AP-DISABLED" in ev:
# Assume this failed due to missing regulatory update for now
raise HwsimSkip("80+80 MHz channel not supported in regulatory information")
state = hapd2.get_status_field("state")
if state != "ENABLED":
raise Exception("Unexpected interface state(2)")
dev[1].connect("vht2", key_mgmt="NONE", scan_freq="5180")
hwsim_utils.test_connectivity(dev[1], hapd2)
sig = dev[1].request("SIGNAL_POLL").splitlines()
if "FREQUENCY=5180" not in sig:
raise Exception("Unexpected SIGNAL_POLL value(1): " + str(sig))
if "WIDTH=80+80 MHz" not in sig:
raise Exception("Unexpected SIGNAL_POLL value(2): " + str(sig))
if "CENTER_FRQ1=5210" not in sig:
raise Exception("Unexpected SIGNAL_POLL value(3): " + str(sig))
if "CENTER_FRQ2=5775" not in sig:
raise Exception("Unexpected SIGNAL_POLL value(4): " + str(sig))
except Exception, e:
if isinstance(e, Exception) and str(e) == "AP startup failed":
if not vht_supported():
raise HwsimSkip("80/160 MHz channel not supported in regulatory information")
raise
def test_ap_vht80_csa(dev, apdev):
"""VHT with 80 MHz channel width and CSA"""
csa_supported(dev[0])
try:
hapd = None
params = {
"ssid": "vht",
"country_code": "US",
"hw_mode": "a",
"channel": "149",
"ht_capab": "[HT40+]",
"ieee80211n": "1",
"ieee80211ac": "1",
"vht_oper_chwidth": "1",
"vht_oper_centr_freq_seg0_idx": "155"
}
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("vht", key_mgmt="NONE", scan_freq="5745")
hwsim_utils.test_connectivity(dev[0], hapd)
hapd.request(
"CHAN_SWITCH 5 5180 ht vht blocktx center_freq1=5210 sec_channel_offset=1 bandwidth=80"
)
ev = hapd.wait_event(["CTRL-EVENT-STARTED-CHANNEL-SWITCH"], timeout=10)
if ev is None:
raise Exception("Channel switch start event not seen")
if "freq=5180" not in ev:
raise Exception("Unexpected channel in CS started")
ev = hapd.wait_event(["CTRL-EVENT-CHANNEL-SWITCH"], timeout=10)
if ev is None:
raise Exception("Channel switch completion event not seen")
if "freq=5180" not in ev:
raise Exception("Unexpected channel in CS completed")
ev = hapd.wait_event(["AP-CSA-FINISHED"], timeout=10)
if ev is None:
raise Exception("CSA finished event timed out")
if "freq=5180" not in ev:
raise Exception("Unexpected channel in CSA finished event")
time.sleep(0.5)
hwsim_utils.test_connectivity(dev[0], hapd)
hapd.request("CHAN_SWITCH 5 5745")
ev = hapd.wait_event(["AP-CSA-FINISHED"], timeout=10)
if ev is None:
raise Exception("CSA finished event timed out")
if "freq=5745" not in ev:
raise Exception("Unexpected channel in CSA finished event")
time.sleep(0.5)
hwsim_utils.test_connectivity(dev[0], hapd)
# This CSA to same channel will fail in kernel, so use this only for
# extra code coverage.
hapd.request("CHAN_SWITCH 5 5745")
hapd.wait_event(["AP-CSA-FINISHED"], timeout=1)
except Exception as e:
if isinstance(e, Exception) and str(e) == "AP startup failed":
if not vht_supported():
raise HwsimSkip(
"80 MHz channel not supported in regulatory information")
raise
finally:
dev[0].request("DISCONNECT")
if hapd:
hapd.request("DISABLE")
subprocess.call(['iw', 'reg', 'set', '00'])
dev[0].flush_scan_cache()
def test_ap_vht160(dev, apdev):
"""VHT with 160 MHz channel width (1)"""
try:
hapd = None
params = {
"ssid": "vht",
"country_code": "FI",
"hw_mode": "a",
"channel": "36",
"ht_capab": "[HT40+]",
"ieee80211n": "1",
"ieee80211ac": "1",
"vht_oper_chwidth": "2",
"vht_oper_centr_freq_seg0_idx": "50",
'ieee80211d': '1',
'ieee80211h': '1'
}
hapd = hostapd.add_ap(apdev[0], params, wait_enabled=False)
ev = wait_dfs_event(hapd, "DFS-CAC-START", 5)
if "DFS-CAC-START" not in ev:
raise Exception("Unexpected DFS event")
state = hapd.get_status_field("state")
if state != "DFS":
if state == "DISABLED" and not os.path.exists("dfs"):
# Not all systems have recent enough CRDA version and
# wireless-regdb changes to support 160 MHz and DFS. For now,
# do not report failures for this test case.
raise HwsimSkip(
"CRDA or wireless-regdb did not support 160 MHz")
raise Exception("Unexpected interface state: " + state)
logger.info("Waiting for CAC to complete")
ev = wait_dfs_event(hapd, "DFS-CAC-COMPLETED", 70)
if "success=1" not in ev:
raise Exception("CAC failed")
if "freq=5180" not in ev:
raise Exception("Unexpected DFS freq result")
ev = hapd.wait_event(["AP-ENABLED"], timeout=5)
if not ev:
raise Exception("AP setup timed out")
state = hapd.get_status_field("state")
if state != "ENABLED":
raise Exception("Unexpected interface state")
dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180")
dev[0].wait_regdom(country_ie=True)
hwsim_utils.test_connectivity(dev[0], hapd)
sig = dev[0].request("SIGNAL_POLL").splitlines()
if "FREQUENCY=5180" not in sig:
raise Exception("Unexpected SIGNAL_POLL value(1): " + str(sig))
if "WIDTH=160 MHz" not in sig:
raise Exception("Unexpected SIGNAL_POLL value(2): " + str(sig))
except Exception as e:
if isinstance(e, Exception) and str(e) == "AP startup failed":
if not vht_supported():
raise HwsimSkip(
"80/160 MHz channel not supported in regulatory information"
)
raise
finally:
if hapd:
hapd.request("DISABLE")
dev[0].disconnect_and_stop_scan()
subprocess.call(['iw', 'reg', 'set', '00'])
dev[0].wait_event(["CTRL-EVENT-REGDOM-CHANGE"], timeout=0.5)
dev[0].flush_scan_cache()
def check_connectivity(sta0, sta1, ap):
hwsim_utils.test_connectivity_sta(sta0, sta1)
hwsim_utils.test_connectivity(sta0.ifname, ap['ifname'])
hwsim_utils.test_connectivity(sta1.ifname, ap['ifname'])
def check_connectivity(sta0, sta1, hapd):
hwsim_utils.test_connectivity_sta(sta0, sta1)
hwsim_utils.test_connectivity(sta0, hapd)
hwsim_utils.test_connectivity(sta1, hapd)
def connectivity(dev, hapd):
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
hwsim_utils.test_connectivity(dev[0], hapd)
hwsim_utils.test_connectivity(dev[1], hapd)
print bssid0
print bssid1
print bssid2
# Allow some time for all peers to complete key setup
time.sleep(1)
# This is supposed to work, but looks like WPA-None does not work with
# mac80211 currently..
try:
hwsim_utils.test_connectivity(dev[0].ifname, dev[1].ifname)
except Exception, e:
logger.info("Ignoring known connectivity failure: " + str(e))
try:
hwsim_utils.test_connectivity(dev[0].ifname, dev[2].ifname)
except Exception, e:
logger.info("Ignoring known connectivity failure: " + str(e))
try:
hwsim_utils.test_connectivity(dev[1].ifname, dev[2].ifname)
except Exception, e:
logger.info("Ignoring known connectivity failure: " + str(e))
def test_ibss_wpa_none_ccmp(dev):
"""IBSS WPA-None/CCMP"""
ssid="ibss-wpa-none"
logger.info("Start IBSS on the first STA")
id = add_ibss_wpa_none(dev[0], ssid)
connect_ibss_cmd(dev[0], id)
bssid0 = wait_ibss_connection(dev[0])
def test_tspec(dev, apdev):
"""Basic addts/delts tests"""
# configure ap with VO and VI requiring admission-control
hapd = add_wmm_ap(apdev[0], ["VO", "VI"])
dev[0].connect("wmm_ac", key_mgmt="NONE", scan_freq="2462")
hwsim_utils.test_connectivity(dev[0], hapd)
status = dev[0].request("WMM_AC_STATUS")
if "WMM AC is Enabled" not in status:
raise Exception("WMM-AC not enabled")
if "TSID" in status:
raise Exception("Unexpected TSID info")
if "BK: acm=0 uapsd=0" not in status:
raise Exception("Unexpected BK info" + status)
if "BE: acm=0 uapsd=0" not in status:
raise Exception("Unexpected BE info" + status)
if "VI: acm=1 uapsd=0" not in status:
raise Exception("Unexpected VI info" + status)
if "VO: acm=1 uapsd=0" not in status:
raise Exception("Unexpected VO info" + status)
# no tsid --> tsid out of range
if "FAIL" not in dev[0].request("WMM_AC_ADDTS downlink"):
raise Exception("Invalid WMM_AC_ADDTS accepted")
# no direction
if "FAIL" not in dev[0].request("WMM_AC_ADDTS tsid=5"):
raise Exception("Invalid WMM_AC_ADDTS accepted")
# param out of range
if "FAIL" not in dev[0].request("WMM_AC_ADDTS tsid=5 downlink"):
raise Exception("Invalid WMM_AC_ADDTS accepted")
tsid = 5
# make sure we fail when the ac is not configured for acm
try:
dev[0].add_ts(tsid, 3)
raise Exception("ADDTS succeeded although it should have failed")
except Exception as e:
if not str(e).startswith("ADDTS failed"):
raise
status = dev[0].request("WMM_AC_STATUS")
if "TSID" in status:
raise Exception("Unexpected TSID info")
# add tspec for UP=6
dev[0].add_ts(tsid, 6)
status = dev[0].request("WMM_AC_STATUS")
if "TSID" not in status:
raise Exception("Missing TSID info")
# using the same tsid for a different ac is invalid
try:
dev[0].add_ts(tsid, 5)
raise Exception("ADDTS succeeded although it should have failed")
except Exception as e:
if not str(e).startswith("ADDTS failed"):
raise
# update the tspec for a different UP of the same ac
dev[0].add_ts(tsid, 7, extra="fixed_nominal_msdu")
dev[0].del_ts(tsid)
status = dev[0].request("WMM_AC_STATUS")
if "TSID" in status:
raise Exception("Unexpected TSID info")
# verify failure on uplink/bidi without driver support
tsid = 6
try:
dev[0].add_ts(tsid, 7, direction="uplink")
raise Exception("ADDTS succeeded although it should have failed")
except Exception as e:
if not str(e).startswith("ADDTS failed"):
raise
try:
dev[0].add_ts(tsid, 7, direction="bidi")
raise Exception("ADDTS succeeded although it should have failed")
except Exception as e:
if not str(e).startswith("ADDTS failed"):
raise
# attempt to delete non-existing tsid
try:
dev[0].del_ts(tsid)
raise Exception("DELTS succeeded although it should have failed")
except Exception as e:
if not str(e).startswith("DELTS failed"):
raise
# "CTRL: Invalid WMM_AC_ADDTS parameter: 'foo'
if "FAIL" not in dev[0].request("WMM_AC_ADDTS foo"):
raise Exception("Invalid WMM_AC_ADDTS command accepted")
def test_ibss_rsn(dev):
"""IBSS RSN"""
ssid = "ibss-rsn"
logger.info("Start IBSS on the first STA")
id = add_ibss_rsn(dev[0], ssid)
# FIX: For now, this disables HT to avoid a strange issue with mac80211
# frame reordering during the final test_connectivity() call. Once that is
# figured out, these disable_ht=1 calls should be removed from the test
# case.
dev[0].set_network(id, "disable_ht", "1")
connect_ibss_cmd(dev[0], id)
bssid0 = wait_ibss_connection(dev[0])
logger.info("Join two STAs to the IBSS")
id = add_ibss_rsn(dev[1], ssid)
dev[1].set_network(id, "disable_ht", "1")
connect_ibss_cmd(dev[1], id)
bssid1 = wait_ibss_connection(dev[1])
if bssid0 != bssid1:
logger.info("STA0 BSSID " + bssid0 + " differs from STA1 BSSID " + bssid1)
# try to merge with a scan
dev[1].scan()
wait_4way_handshake(dev[0], dev[1])
wait_4way_handshake(dev[1], dev[0])
id = add_ibss_rsn(dev[2], ssid)
connect_ibss_cmd(dev[2], id)
bssid2 = wait_ibss_connection(dev[2])
if bssid0 != bssid2:
logger.info("STA0 BSSID " + bssid0 + " differs from STA2 BSSID " + bssid2)
# try to merge with a scan
dev[2].scan()
wait_4way_handshake(dev[0], dev[2])
wait_4way_handshake2(dev[2], dev[0], dev[1])
# Allow some time for all peers to complete key setup
time.sleep(3)
hwsim_utils.test_connectivity(dev[0], dev[1])
hwsim_utils.test_connectivity(dev[0], dev[2])
hwsim_utils.test_connectivity(dev[1], dev[2])
dev[1].request("REMOVE_NETWORK all")
time.sleep(1)
id = add_ibss_rsn(dev[1], ssid)
dev[1].set_network(id, "disable_ht", "1")
connect_ibss_cmd(dev[1], id)
bssid1 = wait_ibss_connection(dev[1])
if bssid0 != bssid1:
logger.info("STA0 BSSID " + bssid0 + " differs from STA1 BSSID " + bssid1)
# try to merge with a scan
dev[1].scan()
wait_4way_handshake(dev[0], dev[1])
wait_4way_handshake(dev[1], dev[0])
time.sleep(3)
hwsim_utils.test_connectivity(dev[0], dev[1])
if "OK" not in dev[0].request("IBSS_RSN " + dev[1].p2p_interface_addr()):
raise Exception("IBSS_RSN command failed")
key_mgmt = dev[0].get_status_field("key_mgmt")
if key_mgmt != "WPA2-PSK":
raise Exception("Unexpected STATUS key_mgmt: " + key_mgmt)
def connectivity(dev, ap_ifname):
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
hwsim_utils.test_connectivity(dev[0].ifname, ap_ifname)
hwsim_utils.test_connectivity(dev[1].ifname, ap_ifname)
def test_ap_mixed_security(dev, apdev):
"""WPA/WPA2 with PSK, EAP, SAE, FT in a single BSS"""
skip_with_fips(dev[0])
dev[0].flush_scan_cache()
sae = "SAE" in dev[0].get_capability("auth_alg")
ssid = "test-mixed"
passphrase = 'qwertyuiop'
params = hostapd.wpa_mixed_params(ssid=ssid, passphrase=passphrase)
params['wpa_key_mgmt'] = "WPA-PSK WPA-PSK-SHA256 WPA-EAP WPA-EAP-SHA256 SAE FT-PSK FT-EAP FT-SAE"
params["ieee8021x"] = "1"
params["eap_server"] = "1"
params["eap_user_file"] = "auth_serv/eap_user.conf"
params['nas_identifier'] = "nas1.w1.fi"
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect(ssid, key_mgmt="WPA-PSK", proto="WPA", pairwise="TKIP",
psk=passphrase, scan_freq="2412")
dev[1].connect(ssid, key_mgmt="WPA-EAP-SHA256", proto="WPA2", eap="GPSK",
identity="gpsk user",
password="******",
scan_freq="2412")
if sae:
dev[2].connect(ssid, psk=passphrase, key_mgmt="SAE", scan_freq="2412")
logger.debug(dev[0].request("SCAN_RESULTS"))
bss = dev[0].get_bss(apdev[0]['bssid'])
logger.debug(bss)
if "[WPA-EAP+PSK-TKIP]" not in bss['flags']:
raise Exception("Unexpected flags (WPA): " + bss['flags'])
if sae and "[WPA2-EAP+PSK+SAE+FT/EAP+FT/PSK+FT/SAE+EAP-SHA256+PSK-SHA256-CCMP]" not in bss['flags']:
raise Exception("Unexpected flags (WPA2): " + bss['flags'])
if dev[0].get_status_field("key_mgmt") != "WPA-PSK":
raise Exception("Unexpected key_mgmt(1)")
if dev[0].get_status_field("pairwise_cipher") != "TKIP":
raise Exception("Unexpected pairwise(1)")
if dev[1].get_status_field("key_mgmt") != "WPA2-EAP-SHA256":
raise Exception("Unexpected key_mgmt(2)")
if sae and dev[2].get_status_field("key_mgmt") != "SAE":
raise Exception("Unexpected key_mgmt(3)")
hwsim_utils.test_connectivity(dev[0], dev[1])
if sae:
hwsim_utils.test_connectivity(dev[1], dev[2])
hwsim_utils.test_connectivity(dev[0], dev[2])
for i in range(3):
if i < 2 or sae:
hwsim_utils.test_connectivity(dev[i], hapd)
dev[i].request("DISCONNECT")
dev[0].connect(ssid, key_mgmt="WPA-PSK WPA-PSK-SHA256", psk=passphrase,
scan_freq="2412")
dev[1].connect(ssid, key_mgmt="WPA-EAP", proto="WPA", eap="GPSK",
identity="gpsk user",
password="******",
scan_freq="2412")
if sae:
dev[2].connect(ssid, key_mgmt="WPA-PSK WPA-PSK-SHA256 SAE",
psk=passphrase, scan_freq="2412")
if dev[0].get_status_field("key_mgmt") != "WPA2-PSK-SHA256":
raise Exception("Unexpected key_mgmt(1b)")
if dev[0].get_status_field("pairwise_cipher") != "CCMP":
raise Exception("Unexpected pairwise(1b)")
if dev[1].get_status_field("key_mgmt") != "WPA/IEEE 802.1X/EAP":
raise Exception("Unexpected key_mgmt(2b)")
if sae and dev[2].get_status_field("key_mgmt") != "SAE":
raise Exception("Unexpected key_mgmt(3b)")
for i in range(3):
dev[i].request("DISCONNECT")
dev[0].connect(ssid, key_mgmt="FT-PSK", psk=passphrase, scan_freq="2412")
dev[1].connect(ssid, key_mgmt="FT-EAP", eap="GPSK", identity="gpsk user",
password="******",
scan_freq="2412")
if sae:
dev[2].connect(ssid, psk=passphrase, key_mgmt="FT-SAE",
scan_freq="2412")
if dev[0].get_status_field("key_mgmt") != "FT-PSK":
raise Exception("Unexpected key_mgmt(1c)")
if dev[1].get_status_field("key_mgmt") != "FT-EAP":
raise Exception("Unexpected key_mgmt(2c)")
if sae and dev[2].get_status_field("key_mgmt") != "FT-SAE":
raise Exception("Unexpected key_mgmt(3c)")
if 'flags' not in bss:
raise Exception("Could not get BSS flags from BSS table")
if "[WPA-None-TKIP]" not in bss['flags']:
raise Exception("Unexpected BSS flags: " + bss['flags'])
# Allow some time for all peers to complete key setup
time.sleep(1)
# This is supposed to work, but looks like WPA-None does not work with
# mac80211 currently..
try:
hwsim_utils.test_connectivity(dev[0], dev[1])
except Exception, e:
logger.info("Ignoring known connectivity failure: " + str(e))
try:
hwsim_utils.test_connectivity(dev[0], dev[2])
except Exception, e:
logger.info("Ignoring known connectivity failure: " + str(e))
try:
hwsim_utils.test_connectivity(dev[1], dev[2])
except Exception, e:
logger.info("Ignoring known connectivity failure: " + str(e))
def test_ibss_wpa_none_ccmp(dev):
"""IBSS WPA-None/CCMP"""
ssid="ibss-wpa-none"
logger.info("Start IBSS on the first STA")
id = add_ibss_wpa_none(dev[0], ssid)
connect_ibss_cmd(dev[0], id)
bssid0 = wait_ibss_connection(dev[0])
def test_ap_pmf_inject_auth(dev, apdev):
"""WPA2-PSK AP with PMF and Authentication frame injection"""
ssid = "test-pmf"
params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
params["ieee80211w"] = "2"
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect(ssid,
psk="12345678",
ieee80211w="2",
key_mgmt="WPA-PSK-SHA256",
proto="WPA2",
scan_freq="2412")
hapd.wait_sta()
hwsim_utils.test_connectivity(dev[0], hapd)
bssid = hapd.own_addr().replace(':', '')
addr = dev[0].own_addr().replace(':', '')
# Inject an unprotected Authentication frame claiming to be from the
# associated STA, from another STA, from the AP's own address, from all
# zeros and all ones addresses, and from a multicast address.
hapd.request("SET ext_mgmt_frame_handling 1")
failed = False
addresses = [addr, "021122334455", bssid, 6 * "00", 6 * "ff", 6 * "01"]
for a in addresses:
auth = "b0003a01" + bssid + a + bssid + '1000000001000000'
res = hapd.request(
"MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" %
auth)
if "OK" not in res:
failed = True
hapd.request("SET ext_mgmt_frame_handling 0")
if failed:
raise Exception("MGMT_RX_PROCESS failed")
time.sleep(0.1)
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=0.1)
if ev:
raise Exception("Unexpected disconnection reported on the STA")
# Verify that original association is still functional.
hwsim_utils.test_connectivity(dev[0], hapd)
# Inject an unprotected Association Request frame (with and without RSNE)
# claiming to be from the set of test addresses.
hapd.request("SET ext_mgmt_frame_handling 1")
for a in addresses:
assoc = "00003a01" + bssid + a + bssid + '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824' + '301a0100000fac040100000fac040100000fac06c0000000000fac06'
res = hapd.request(
"MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" %
assoc)
if "OK" not in res:
failed = True
assoc = "00003a01" + bssid + a + bssid + '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824' + '3000'
res = hapd.request(
"MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" %
assoc)
if "OK" not in res:
failed = True
assoc = "00003a01" + bssid + a + bssid + '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824'
res = hapd.request(
"MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" %
assoc)
if "OK" not in res:
failed = True
hapd.request("SET ext_mgmt_frame_handling 0")
if failed:
raise Exception("MGMT_RX_PROCESS failed")
time.sleep(5)
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=0.1)
if ev:
raise Exception("Unexpected disconnection reported on the STA")
# Verify that original association is still functional.
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ibss_wpa_none(dev):
"""IBSS WPA-None"""
ssid = "ibss-wpa-none"
logger.info("Start IBSS on the first STA")
id = add_ibss_wpa_none(dev[0], ssid)
connect_ibss_cmd(dev[0], id)
bssid0 = wait_ibss_connection(dev[0])
# This is a bit ugly, but no one really cares about WPA-None, so there may
# not be enough justification to clean this up.. For now, wpa_supplicant
# will show two connection events with mac80211_hwsim where the first one
# comes with all zeros address.
if bssid0 == "00:00:00:00:00:00":
logger.info("Waiting for real BSSID on the first STA")
bssid0 = wait_ibss_connection(dev[0])
logger.info("Join two STAs to the IBSS")
id = add_ibss_wpa_none(dev[1], ssid)
connect_ibss_cmd(dev[1], id)
id = add_ibss_wpa_none(dev[2], ssid)
connect_ibss_cmd(dev[2], id)
bssid1 = wait_ibss_connection(dev[1])
if bssid0 != bssid1:
logger.info("STA0 BSSID " + bssid0 + " differs from STA1 BSSID " + bssid1)
bssid1 = wait_ibss_connection(dev[1])
bssid2 = wait_ibss_connection(dev[2])
if bssid0 != bssid2:
logger.info("STA0 BSSID " + bssid0 + " differs from STA2 BSSID " + bssid2)
bssid2 = wait_ibss_connection(dev[2])
logger.info("bssid0=%s bssid1=%s bssid2=%s" % (bssid0, bssid1, bssid2))
bss = dev[0].get_bss(bssid0)
if not bss:
bss = dev[1].get_bss(bssid1)
if not bss:
raise Exception("Could not find BSS entry for IBSS")
if 'flags' not in bss:
raise Exception("Could not get BSS flags from BSS table")
if "[WPA-None-TKIP]" not in bss['flags']:
raise Exception("Unexpected BSS flags: " + bss['flags'])
# Allow some time for all peers to complete key setup
time.sleep(1)
# This is supposed to work, but looks like WPA-None does not work with
# mac80211 currently..
try:
hwsim_utils.test_connectivity(dev[0], dev[1])
except Exception as e:
logger.info("Ignoring known connectivity failure: " + str(e))
try:
hwsim_utils.test_connectivity(dev[0], dev[2])
except Exception as e:
logger.info("Ignoring known connectivity failure: " + str(e))
try:
hwsim_utils.test_connectivity(dev[1], dev[2])
except Exception as e:
logger.info("Ignoring known connectivity failure: " + str(e))
key_mgmt = dev[0].get_status_field("key_mgmt")
if key_mgmt != "WPA-NONE":
raise Exception("Unexpected STATUS key_mgmt: " + key_mgmt)
def test_fils_sk_multiple_realms(dev, apdev):
"""FILS SK and multiple realms"""
check_fils_capa(dev[0])
check_erp_capa(dev[0])
start_erp_as(apdev[1])
bssid = apdev[0]['bssid']
params = hostapd.wpa2_eap_params(ssid="fils")
params['wpa_key_mgmt'] = "FILS-SHA256"
params['auth_server_port'] = "18128"
params['erp_domain'] = 'example.com'
fils_realms = [
'r1.example.org', 'r2.EXAMPLE.org', 'r3.example.org', 'r4.example.org',
'r5.example.org', 'r6.example.org', 'r7.example.org', 'r8.example.org',
'example.com', 'r9.example.org', 'r10.example.org', 'r11.example.org',
'r12.example.org', 'r13.example.org', 'r14.example.org',
'r15.example.org', 'r16.example.org'
]
params['fils_realm'] = fils_realms
params['fils_cache_id'] = "1234"
params['hessid'] = bssid
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].scan_for_bss(bssid, freq=2412)
if "OK" not in dev[0].request("ANQP_GET " + bssid + " 275"):
raise Exception("ANQP_GET command failed")
ev = dev[0].wait_event(["GAS-QUERY-DONE"], timeout=10)
if ev is None:
raise Exception("GAS query timed out")
bss = dev[0].get_bss(bssid)
if 'fils_info' not in bss:
raise Exception("FILS Indication element information missing")
if bss['fils_info'] != '02b8':
raise Exception("Unexpected FILS Information: " + bss['fils_info'])
if 'fils_cache_id' not in bss:
raise Exception("FILS Cache Identifier missing")
if bss['fils_cache_id'] != '1234':
raise Exception("Unexpected FILS Cache Identifier: " +
bss['fils_cache_id'])
if 'fils_realms' not in bss:
raise Exception("FILS Realm Identifiers missing")
expected = ''
count = 0
for realm in fils_realms:
hash = hashlib.sha256(realm.lower()).digest()
expected += binascii.hexlify(hash[0:2])
count += 1
if count == 7:
break
if bss['fils_realms'] != expected:
raise Exception("Unexpected FILS Realm Identifiers: " +
bss['fils_realms'])
if 'anqp_fils_realm_info' not in bss:
raise Exception("FILS Realm Information ANQP-element not seen")
info = bss['anqp_fils_realm_info']
expected = ''
for realm in fils_realms:
hash = hashlib.sha256(realm.lower()).digest()
expected += binascii.hexlify(hash[0:2])
if info != expected:
raise Exception("Unexpected FILS Realm Info ANQP-element: " + info)
dev[0].request("ERP_FLUSH")
id = dev[0].connect("fils",
key_mgmt="FILS-SHA256",
eap="PSK",
identity="*****@*****.**",
password_hex="0123456789abcdef0123456789abcdef",
erp="1",
scan_freq="2412")
dev[0].request("DISCONNECT")
dev[0].wait_disconnected()
dev[0].dump_monitor()
dev[0].select_network(id, freq=2412)
ev = dev[0].wait_event([
"CTRL-EVENT-EAP-STARTED", "EVENT-ASSOC-REJECT", "CTRL-EVENT-CONNECTED"
],
timeout=10)
if ev is None:
raise Exception("Connection using FILS/ERP timed out")
if "CTRL-EVENT-EAP-STARTED" in ev:
raise Exception("Unexpected EAP exchange")
if "EVENT-ASSOC-REJECT" in ev:
raise Exception("Association failed")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_go_neg_forced_freq_diff_than_bss_freq(dev, apdev):
"""P2P channel selection: GO negotiation with forced freq different than station interface"""
with HWSimRadio(n_channels=2) as (radio, iface):
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add(iface)
if wpas.get_mcc() < 2:
raise Exception("New radio does not support MCC")
# Clear possible PBC session overlap from previous test case
dev[1].flush_scan_cache()
wpas.request("SET p2p_no_group_iface 0")
hapd = hostapd.add_ap(
apdev[0]['ifname'], {
"country_code": 'US',
"ssid": 'bss-5ghz',
"hw_mode": 'a',
"channel": '40'
})
wpas.connect("bss-5ghz", key_mgmt="NONE", scan_freq="5200")
# GO and peer force the same freq, different than BSS freq,
# wpas to become GO
[i_res, r_res] = go_neg_pbc(i_dev=dev[1],
i_intent=1,
i_freq=5180,
r_dev=wpas,
r_intent=14,
r_freq=5180)
check_grpform_results(i_res, r_res)
if i_res['freq'] != "5180":
raise Exception("P2P group formed on unexpected frequency: " +
i_res['freq'])
if r_res['role'] != "GO":
raise Exception("GO not selected according to go_intent")
hwsim_utils.test_connectivity(wpas, hapd)
wpas.remove_group(r_res['ifname'])
dev[1].wait_go_ending_session()
dev[1].flush_scan_cache()
# GO and peer force the same freq, different than BSS freq, wpas to
# become client
[i_res2, r_res2] = go_neg_pbc(i_dev=dev[1],
i_intent=14,
i_freq=2422,
r_dev=wpas,
r_intent=1,
r_freq=2422)
check_grpform_results(i_res2, r_res2)
if i_res2['freq'] != "2422":
raise Exception("P2P group formed on unexpected frequency: " +
i_res2['freq'])
if r_res2['role'] != "client":
raise Exception("GO not selected according to go_intent")
hwsim_utils.test_connectivity(wpas, hapd)
wpas.request("DISCONNECT")
hapd.request("DISABLE")
subprocess.call(['iw', 'reg', 'set', '00'])
wpas.flush_scan_cache()
def test_fils_sk_pmksa_caching_and_cache_id(dev, apdev):
"""FILS SK and PMKSA caching with Cache Identifier"""
check_fils_capa(dev[0])
check_erp_capa(dev[0])
bssid = apdev[0]['bssid']
params = hostapd.wpa2_eap_params(ssid="fils")
params['wpa_key_mgmt'] = "FILS-SHA256"
params['auth_server_port'] = "18128"
params['erp_domain'] = 'example.com'
params['fils_realm'] = 'example.com'
params['fils_cache_id'] = "abcd"
params["radius_server_clients"] = "auth_serv/radius_clients.conf"
params["radius_server_auth_port"] = '18128'
params["eap_server"] = "1"
params["eap_user_file"] = "auth_serv/eap_user.conf"
params["ca_cert"] = "auth_serv/ca.pem"
params["server_cert"] = "auth_serv/server.pem"
params["private_key"] = "auth_serv/server.key"
params["eap_sim_db"] = "unix:/tmp/hlr_auc_gw.sock"
params["dh_file"] = "auth_serv/dh.conf"
params["pac_opaque_encr_key"] = "000102030405060708090a0b0c0d0e0f"
params["eap_fast_a_id"] = "101112131415161718191a1b1c1d1e1f"
params["eap_fast_a_id_info"] = "test server"
params["eap_server_erp"] = "1"
params["erp_domain"] = "example.com"
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].scan_for_bss(bssid, freq=2412)
dev[0].request("ERP_FLUSH")
id = dev[0].connect("fils",
key_mgmt="FILS-SHA256",
eap="PSK",
identity="*****@*****.**",
password_hex="0123456789abcdef0123456789abcdef",
erp="1",
scan_freq="2412")
res = dev[0].request("PMKSA")
if "FILS Cache Identifier" not in res:
raise Exception("PMKSA list does not include FILS Cache Identifier")
pmksa = dev[0].get_pmksa(bssid)
if pmksa is None:
raise Exception("No PMKSA cache entry created")
if "cache_id" not in pmksa:
raise Exception("No FILS Cache Identifier listed")
if pmksa["cache_id"] != "abcd":
raise Exception(
"The configured FILS Cache Identifier not seen in PMKSA")
bssid2 = apdev[1]['bssid']
params = hostapd.wpa2_eap_params(ssid="fils")
params['wpa_key_mgmt'] = "FILS-SHA256"
params['auth_server_port'] = "18128"
params['erp_domain'] = 'example.com'
params['fils_realm'] = 'example.com'
params['fils_cache_id'] = "abcd"
hapd2 = hostapd.add_ap(apdev[1]['ifname'], params)
dev[0].scan_for_bss(bssid2, freq=2412)
dev[0].dump_monitor()
if "OK" not in dev[0].request("ROAM " + bssid2):
raise Exception("ROAM failed")
ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED", "CTRL-EVENT-CONNECTED"],
timeout=10)
if ev is None:
raise Exception("Connection using PMKSA caching timed out")
if "CTRL-EVENT-EAP-STARTED" in ev:
raise Exception("Unexpected EAP exchange")
if bssid2 not in ev:
raise Exception("Failed to connect to the second AP")
hwsim_utils.test_connectivity(dev[0], hapd2)
pmksa2 = dev[0].get_pmksa(bssid2)
if pmksa2:
raise Exception("Unexpected extra PMKSA cache added")
pmksa2 = dev[0].get_pmksa(bssid)
if not pmksa2:
raise Exception("Original PMKSA cache entry removed")
if pmksa['pmkid'] != pmksa2['pmkid']:
raise Exception("Unexpected PMKID change")
def run_owe_transition_mode(dev, apdev):
if "OWE" not in dev[0].get_capability("key_mgmt"):
raise HwsimSkip("OWE not supported")
dev[0].flush_scan_cache()
params = {
"ssid": "owe-random",
"wpa": "2",
"wpa_key_mgmt": "OWE",
"rsn_pairwise": "CCMP",
"ieee80211w": "2",
"owe_transition_bssid": apdev[1]['bssid'],
"owe_transition_ssid": '"owe-test"',
"ignore_broadcast_ssid": "1"
}
hapd = hostapd.add_ap(apdev[0], params)
bssid = hapd.own_addr()
params = {
"ssid": "owe-test",
"owe_transition_bssid": apdev[0]['bssid'],
"owe_transition_ssid": '"owe-random"'
}
hapd2 = hostapd.add_ap(apdev[1], params)
bssid2 = hapd2.own_addr()
dev[0].scan_for_bss(bssid, freq="2412")
dev[0].scan_for_bss(bssid2, freq="2412")
bss = dev[0].get_bss(bssid)
if "[WPA2-OWE-CCMP]" not in bss['flags']:
raise Exception("OWE AKM not recognized: " + bss['flags'])
if "[OWE-TRANS]" not in bss['flags']:
raise Exception("OWE transition not recognized: " + bss['flags'])
bss = dev[0].get_bss(bssid2)
if "[OWE-TRANS-OPEN]" not in bss['flags']:
raise Exception("OWE transition (open) not recognized: " +
bss['flags'])
id = dev[0].connect("owe-test",
key_mgmt="OWE",
ieee80211w="2",
scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
val = dev[0].get_status_field("key_mgmt")
if val != "OWE":
raise Exception("Unexpected key_mgmt: " + val)
logger.info("Move to OWE only mode (disable transition mode)")
dev[0].request("DISCONNECT")
dev[0].wait_disconnected()
dev[0].dump_monitor()
hapd2.disable()
hapd.disable()
dev[0].flush_scan_cache()
hapd.set("owe_transition_bssid", "00:00:00:00:00:00")
hapd.set("ignore_broadcast_ssid", '0')
hapd.set("ssid", 'owe-test')
hapd.enable()
dev[0].scan_for_bss(bssid, freq="2412")
dev[0].select_network(id, 2412)
dev[0].wait_connected()
hwsim_utils.test_connectivity(dev[0], hapd)
def test_wpas_mesh_dynamic_interface(dev):
"""wpa_supplicant mesh with dynamic interface"""
check_mesh_support(dev[0])
mesh0 = None
mesh1 = None
try:
mesh0 = dev[0].request("MESH_INTERFACE_ADD ifname=mesh0")
if "FAIL" in mesh0:
raise Exception("MESH_INTERFACE_ADD failed")
mesh1 = dev[1].request("MESH_INTERFACE_ADD")
if "FAIL" in mesh1:
raise Exception("MESH_INTERFACE_ADD failed")
wpas0 = WpaSupplicant(ifname=mesh0)
wpas1 = WpaSupplicant(ifname=mesh1)
logger.info(mesh0 + " address " + wpas0.get_status_field("address"))
logger.info(mesh1 + " address " + wpas1.get_status_field("address"))
add_open_mesh_network(wpas0)
add_open_mesh_network(wpas1)
check_mesh_group_added(wpas0)
check_mesh_group_added(wpas1)
check_mesh_peer_connected(wpas0)
check_mesh_peer_connected(wpas1)
hwsim_utils.test_connectivity(wpas0, wpas1)
# Must not allow MESH_GROUP_REMOVE on dynamic interface
if "FAIL" not in wpas0.request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in wpas1.request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
# Must not allow MESH_GROUP_REMOVE on another radio interface
if "FAIL" not in wpas0.request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in wpas1.request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
wpas0.remove_ifname()
wpas1.remove_ifname()
if "OK" not in dev[0].request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("MESH_GROUP_REMOVE failed")
if "OK" not in dev[1].request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("MESH_GROUP_REMOVE failed")
if "FAIL" not in dev[0].request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in dev[1].request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
logger.info("Make sure another dynamic group can be added")
mesh0 = dev[0].request("MESH_INTERFACE_ADD ifname=mesh0")
if "FAIL" in mesh0:
raise Exception("MESH_INTERFACE_ADD failed")
mesh1 = dev[1].request("MESH_INTERFACE_ADD")
if "FAIL" in mesh1:
raise Exception("MESH_INTERFACE_ADD failed")
wpas0 = WpaSupplicant(ifname=mesh0)
wpas1 = WpaSupplicant(ifname=mesh1)
logger.info(mesh0 + " address " + wpas0.get_status_field("address"))
logger.info(mesh1 + " address " + wpas1.get_status_field("address"))
add_open_mesh_network(wpas0)
add_open_mesh_network(wpas1)
check_mesh_group_added(wpas0)
check_mesh_group_added(wpas1)
check_mesh_peer_connected(wpas0)
check_mesh_peer_connected(wpas1)
hwsim_utils.test_connectivity(wpas0, wpas1)
finally:
if mesh0:
dev[0].request("MESH_GROUP_REMOVE " + mesh0)
if mesh1:
dev[1].request("MESH_GROUP_REMOVE " + mesh1)
def test_fils_sk_erp_another_ssid(dev, apdev):
"""FILS SK using ERP and roam to another SSID"""
check_fils_capa(dev[0])
check_erp_capa(dev[0])
start_erp_as(apdev[1])
bssid = apdev[0]['bssid']
params = hostapd.wpa2_eap_params(ssid="fils")
params['wpa_key_mgmt'] = "FILS-SHA256"
params['auth_server_port'] = "18128"
params['erp_domain'] = 'example.com'
params['fils_realm'] = 'example.com'
params['disable_pmksa_caching'] = '1'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].scan_for_bss(bssid, freq=2412)
dev[0].request("ERP_FLUSH")
id = dev[0].connect("fils",
key_mgmt="FILS-SHA256",
eap="PSK",
identity="*****@*****.**",
password_hex="0123456789abcdef0123456789abcdef",
erp="1",
scan_freq="2412")
dev[0].request("DISCONNECT")
dev[0].wait_disconnected()
hapd.disable()
dev[0].flush_scan_cache()
if "FAIL" in dev[0].request("PMKSA_FLUSH"):
raise Exception("PMKSA_FLUSH failed")
params = hostapd.wpa2_eap_params(ssid="fils2")
params['wpa_key_mgmt'] = "FILS-SHA256"
params['auth_server_port'] = "18128"
params['erp_domain'] = 'example.com'
params['fils_realm'] = 'example.com'
params['disable_pmksa_caching'] = '1'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].scan_for_bss(bssid, freq=2412)
dev[0].dump_monitor()
id = dev[0].connect("fils2",
key_mgmt="FILS-SHA256",
eap="PSK",
identity="*****@*****.**",
password_hex="0123456789abcdef0123456789abcdef",
erp="1",
scan_freq="2412",
wait_connect=False)
ev = dev[0].wait_event([
"CTRL-EVENT-EAP-STARTED", "EVENT-ASSOC-REJECT", "CTRL-EVENT-CONNECTED"
],
timeout=10)
if ev is None:
raise Exception("Connection using FILS/ERP timed out")
if "CTRL-EVENT-EAP-STARTED" in ev:
raise Exception("Unexpected EAP exchange")
if "EVENT-ASSOC-REJECT" in ev:
raise Exception("Association failed")
hwsim_utils.test_connectivity(dev[0], hapd)
