def test_ap_open_no_reflection(dev, apdev): """AP with open mode, STA sending packets to itself""" hapd = hostapd.add_ap(apdev[0], {"ssid": "open"}) dev[0].connect("open", key_mgmt="NONE", scan_freq="2412") ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=5) if ev is None: raise Exception("No connection event received from hostapd") # test normal connectivity is OK hwsim_utils.test_connectivity(dev[0], hapd) # test that we can't talk to ourselves addr = dev[0].own_addr() res = dev[0].request('DATA_TEST_CONFIG 1') try: assert 'OK' in res cmd = "DATA_TEST_TX {} {} {}".format(addr, addr, 0) dev[0].request(cmd) ev = dev[0].wait_event(["DATA-TEST-RX"], timeout=1) if ev is not None and "DATA-TEST-RX {} {}".format(addr, addr) in ev: raise Exception("STA can unexpectedly talk to itself") finally: dev[0].request('DATA_TEST_CONFIG 0')
def test_ibss_rsn_group_rekey(dev): """IBSS RSN group rekeying""" ssid = "ibss-rsn" logger.info("Start IBSS on the first STA") id = add_ibss_rsn(dev[0], ssid, group_rekey=4, scan_freq=2412) connect_ibss_cmd(dev[0], id) bssid0 = wait_ibss_connection(dev[0]) dev[0].dump_monitor() logger.info("Join two STAs to the IBSS") dev[1].scan_for_bss(bssid0, freq=2412) id = add_ibss_rsn(dev[1], ssid, scan_freq=2412) connect_ibss_cmd(dev[1], id) bssid1 = wait_ibss_connection(dev[1]) if bssid0 != bssid1: raise Exception("STA0 BSSID " + bssid0 + " differs from STA1 BSSID " + bssid1) wait_4way_handshake(dev[0], dev[1]) wait_4way_handshake(dev[1], dev[0]) dev[0].dump_monitor() dev[1].dump_monitor() hwsim_utils.test_connectivity(dev[0], dev[1]) ev = dev[1].wait_event(["WPA: Group rekeying completed"], timeout=10) if ev is None: raise Exception("No group rekeying reported") hwsim_utils.test_connectivity(dev[0], dev[1])
def test_connect_cmd_concurrent_grpform_while_connecting(dev, apdev): """Concurrent P2P group formation while connecting to an AP using cfg80211 connect command""" logger.info("Start connection to an infrastructure AP") hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "test-open" }) wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') wpas.interface_add("wlan5", drv_params="force_connect_cmd=1") wpas.connect("test-open", key_mgmt="NONE", wait_connect=False) wpas.dump_monitor() logger.info("Form a P2P group while connecting to an AP") wpas.request("SET p2p_no_group_iface 0") [i_res, r_res] = go_neg_pin_authorized(i_dev=dev[0], i_freq=2412, r_dev=wpas, r_freq=2412) check_grpform_results(i_res, r_res) remove_group(dev[0], wpas) wpas.dump_monitor() logger.info("Confirm AP connection after P2P group removal") hwsim_utils.test_connectivity(wpas, hapd) wpas.request("DISCONNECT") wpas.wait_disconnected() wpas.dump_monitor()
def test_dfs_ht40_minus(dev, apdev, params): """DFS CAC functionality on channel 104 HT40- [long]""" if not params['long']: raise HwsimSkip("Skip test case with long duration due to --long not specified") try: hapd = None hapd = start_dfs_ap(apdev[0], allow_failure=True, ht40minus=True, channel=104) ev = wait_dfs_event(hapd, "DFS-CAC-COMPLETED", 70) if "success=1" not in ev: raise Exception("CAC failed") if "freq=5520" not in ev: raise Exception("Unexpected DFS freq result") ev = hapd.wait_event(["AP-ENABLED"], timeout=5) if not ev: raise Exception("AP setup timed out") state = hapd.get_status_field("state") if state != "ENABLED": raise Exception("Unexpected interface state") freq = hapd.get_status_field("freq") if freq != "5520": raise Exception("Unexpected frequency") dev[0].connect("dfs", key_mgmt="NONE", scan_freq="5520") hwsim_utils.test_connectivity(dev[0], hapd) finally: dev[0].request("DISCONNECT") if hapd: hapd.request("DISABLE") subprocess.call(['iw', 'reg', 'set', '00']) dev[0].flush_scan_cache()
def test_ap_wpa2_delayed_m1_m3_zero_tk(dev, apdev): """Delayed M1+M3 retransmission and zero TK""" params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678") hapd = hostapd.add_ap(apdev[0], params) Wlantest.setup(hapd) wt = Wlantest() wt.flush() wt.add_passphrase("12345678") dev[0].connect("test-wpa2-psk", psk="12345678", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd) addr = dev[0].own_addr() if "OK" not in hapd.request("RESEND_M1 " + addr + " change-anonce"): raise Exception("RESEND_M1 failed") if "OK" not in hapd.request("RESEND_M1 " + addr): raise Exception("RESEND_M1 failed") if "OK" not in hapd.request("RESEND_M3 " + addr): raise Exception("RESEND_M3 failed") if "OK" not in hapd.request("SET_KEY 3 %s %d %d %s %s" % (addr, 0, 1, 6*"00", 16*"00")): raise Exception("SET_KEY failed") time.sleep(0.1) hwsim_utils.test_connectivity(dev[0], hapd, timeout=1, broadcast=False, success_expected=False) dev[0].request("DISCONNECT") dev[0].wait_disconnected()
def test_go_neg_with_bss_connected(dev, apdev): """P2P channel selection: GO negotiation when station interface is connected""" dev[0].request("SET p2p_no_group_iface 0") hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": 'bss-2.4ghz', "channel": '5' }) dev[0].connect("bss-2.4ghz", key_mgmt="NONE", scan_freq="2432") #dev[0] as GO [i_res, r_res] = go_neg_pbc(i_dev=dev[0], i_intent=10, r_dev=dev[1], r_intent=1) check_grpform_results(i_res, r_res) if i_res['role'] != "GO": raise Exception("GO not selected according to go_intent") if i_res['freq'] != "2432": raise Exception("Group formed on a different frequency than BSS") hwsim_utils.test_connectivity(dev[0], hapd) dev[0].remove_group(i_res['ifname']) if dev[0].get_mcc() > 1: logger.info("Skip as-client case due to MCC being enabled") return; #dev[0] as client [i_res2, r_res2] = go_neg_pbc(i_dev=dev[0], i_intent=1, r_dev=dev[1], r_intent=10) check_grpform_results(i_res2, r_res2) if i_res2['role'] != "client": raise Exception("GO not selected according to go_intent") if i_res2['freq'] != "2432": raise Exception("Group formed on a different frequency than BSS") hwsim_utils.test_connectivity(dev[0], hapd)
def run_owe_transition_mode_multi_bss(dev, apdev): if "OWE" not in dev[0].get_capability("key_mgmt"): raise HwsimSkip("OWE not supported") ifname1 = apdev[0]['ifname'] ifname2 = apdev[0]['ifname'] + '-2' hapd1 = hostapd.add_bss(apdev[0], ifname1, 'owe-bss-1.conf') hapd2 = hostapd.add_bss(apdev[0], ifname2, 'owe-bss-2.conf') hapd2.bssidx = 1 bssid = hapd1.own_addr() bssid2 = hapd2.own_addr() # Beaconing with the OWE Transition Mode element can start only once both # BSSs are enabled, so the very first Beacon frame may go out without this # element. Wait a bit to avoid getting incomplete scan results. time.sleep(0.1) dev[0].request("SCAN_INTERVAL 1") dev[0].scan_for_bss(bssid2, freq="2412") dev[0].scan_for_bss(bssid, freq="2412") dev[0].connect("transition-mode-open", key_mgmt="OWE") val = dev[0].get_status_field("bssid") if val != bssid2: raise Exception("Unexpected bssid: " + val) val = dev[0].get_status_field("key_mgmt") if val != "OWE": raise Exception("Unexpected key_mgmt: " + val) hwsim_utils.test_connectivity(dev[0], hapd2)
def test_ap_vht80(dev, apdev): """VHT with 80 MHz channel width""" try: hapd = None params = { "ssid": "vht", "country_code": "FI", "hw_mode": "a", "channel": "36", "ht_capab": "[HT40+]", "ieee80211n": "1", "ieee80211ac": "1", "vht_oper_chwidth": "1", "vht_oper_centr_freq_seg0_idx": "42" } hapd = hostapd.add_ap(apdev[0]['ifname'], params) bssid = apdev[0]['bssid'] dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180") hwsim_utils.test_connectivity(dev[0], hapd) est = dev[0].get_bss(bssid)['est_throughput'] if est != "390001": raise Exception("Unexpected BSS est_throughput: " + est) except Exception, e: if isinstance(e, Exception) and str(e) == "AP startup failed": if not vht_supported(): raise HwsimSkip("80 MHz channel not supported in regulatory information") raise
def test_wpas_mesh_secure_no_auto(dev, apdev): """wpa_supplicant secure MESH network connectivity""" check_mesh_support(dev[0], secure=True) dev[0].request("SET sae_groups 19") id = add_mesh_secure_net(dev[0]) dev[0].mesh_group_add(id) dev[1].request("SET sae_groups 19") id = add_mesh_secure_net(dev[1]) dev[1].set_network(id, "no_auto_peer", "1") dev[1].mesh_group_add(id) # Check for mesh joined check_mesh_group_added(dev[0]) check_mesh_group_added(dev[1]) # Check for peer connected check_mesh_peer_connected(dev[0], timeout=30) check_mesh_peer_connected(dev[1]) # Test connectivity 0->1 and 1->0 hwsim_utils.test_connectivity(dev[0], dev[1]) dev[0].request("SET sae_groups ") dev[1].request("SET sae_groups ")
def test_ap_open_ifdown(dev, apdev): """AP with open mode and external ifconfig down""" params = { "ssid": "open", "ap_max_inactivity": "1" } hapd = hostapd.add_ap(apdev[0], params) bssid = apdev[0]['bssid'] dev[0].connect("open", key_mgmt="NONE", scan_freq="2412") dev[1].connect("open", key_mgmt="NONE", scan_freq="2412") hapd.cmd_execute(['ip', 'link', 'set', 'dev', apdev[0]['ifname'], 'down']) ev = hapd.wait_event(["AP-STA-DISCONNECTED"], timeout=10) if ev is None: raise Exception("Timeout on AP-STA-DISCONNECTED (1)") ev = hapd.wait_event(["AP-STA-DISCONNECTED"], timeout=5) if ev is None: raise Exception("Timeout on AP-STA-DISCONNECTED (2)") ev = hapd.wait_event(["INTERFACE-DISABLED"], timeout=5) if ev is None: raise Exception("No INTERFACE-DISABLED event") # The following wait tests beacon loss detection in mac80211 on dev0. # dev1 is used to test stopping of AP side functionality on client polling. dev[1].request("REMOVE_NETWORK all") hapd.cmd_execute(['ip', 'link', 'set', 'dev', apdev[0]['ifname'], 'up']) dev[0].wait_disconnected() dev[1].wait_disconnected() ev = hapd.wait_event(["INTERFACE-ENABLED"], timeout=10) if ev is None: raise Exception("No INTERFACE-ENABLED event") dev[0].wait_connected() hwsim_utils.test_connectivity(dev[0], hapd)
def test_rfkill_wpa2_psk(dev, apdev): """rfkill block/unblock during WPA2-PSK connection""" id = get_rfkill_id(dev[0]) if id is None: return "skip" ssid = "test-wpa2-psk" passphrase = 'qwertyuiop' params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase) hapd = hostapd.add_ap(apdev[0]['ifname'], params) dev[0].connect(ssid, psk=passphrase, scan_freq="2412") try: logger.info("rfkill block") subprocess.call(['sudo', 'rfkill', 'block', id]) ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=10) if ev is None: raise Exception("Missing disconnection event on rfkill block") logger.info("rfkill unblock") subprocess.call(['sudo', 'rfkill', 'unblock', id]) ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=10) if ev is None: raise Exception("Missing connection event on rfkill unblock") hwsim_utils.test_connectivity(dev[0], hapd) finally: subprocess.call(['sudo', 'rfkill', 'unblock', id])
def test_ap_vht80_params(dev, apdev): """VHT with 80 MHz channel width and number of optional features enabled""" try: hapd = None params = { "ssid": "vht", "country_code": "FI", "hw_mode": "a", "channel": "36", "ht_capab": "[HT40+][SHORT-GI-40][DSS_CCK-40]", "ieee80211n": "1", "ieee80211ac": "1", "vht_oper_chwidth": "1", "vht_capab": "[MAX-MPDU-11454][RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-STBC-1][MAX-A-MPDU-LEN-EXP0]", "vht_oper_centr_freq_seg0_idx": "42", "require_vht": "1" } hapd = hostapd.add_ap(apdev[0]['ifname'], params) dev[1].connect("vht", key_mgmt="NONE", scan_freq="5180", disable_vht="1", wait_connect=False) dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180") ev = dev[1].wait_event(["CTRL-EVENT-ASSOC-REJECT"]) if ev is None: raise Exception("Association rejection timed out") if "status_code=104" not in ev: raise Exception("Unexpected rejection status code") dev[1].request("DISCONNECT") hwsim_utils.test_connectivity(dev[0], hapd) except Exception, e: if isinstance(e, Exception) and str(e) == "AP startup failed": if not vht_supported(): raise HwsimSkip("80 MHz channel not supported in regulatory information") raise
def test_ap_ht_antenna_config(dev, apdev): """HT and antenna configuration""" hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "open" }) phy = hapd.get_driver_status_field("phyname") hapd.disable() try: subprocess.call(['iw', 'phy', phy, 'set', 'antenna', '0x1']) hapd = None params = { "ssid": "ht", "country_code": "FI", "hw_mode": "a", "channel": "36", "ieee80211n": "1" } hapd = hostapd.add_ap(apdev[0]['ifname'], params) bssid = apdev[0]['bssid'] dev[0].connect("ht", key_mgmt="NONE", scan_freq="5180") hwsim_utils.test_connectivity(dev[0], hapd) finally: dev[0].request("DISCONNECT") if hapd: hapd.request("DISABLE") subprocess.call(['iw', 'reg', 'set', '00']) dev[0].flush_scan_cache() subprocess.call(['iw', 'phy', phy, 'set', 'antenna', 'all'])
def test_ieee8021x_open(dev, apdev): """IEEE 802.1X connection using open network""" params = hostapd.radius_params() params["ssid"] = "ieee8021x-open" params["ieee8021x"] = "1" hapd = hostapd.add_ap(apdev[0]["ifname"], params) id = dev[0].connect( "ieee8021x-open", key_mgmt="IEEE8021X", eapol_flags="0", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", scan_freq="2412", ) hwsim_utils.test_connectivity(dev[0], hapd) logger.info("Test EAPOL-Logoff") dev[0].request("LOGOFF") ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"]) if ev is None: raise Exception("Did not get disconnected") if "reason=23" not in ev: raise Exception("Unexpected disconnection reason") dev[0].request("LOGON") dev[0].connect_network(id) hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_pmf_required(dev, apdev): """WPA2-PSK AP with PMF required""" ssid = "test-pmf-required" wt = Wlantest() wt.flush() wt.add_passphrase("12345678") params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678") params["wpa_key_mgmt"] = "WPA-PSK-SHA256"; params["ieee80211w"] = "2"; hapd = hostapd.add_ap(apdev[0]['ifname'], params) key_mgmt = hapd.get_config()['key_mgmt'] if key_mgmt.split(' ')[0] != "WPA-PSK-SHA256": raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt) dev[0].connect(ssid, psk="12345678", ieee80211w="1", key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2", scan_freq="2412") hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname']) dev[1].connect(ssid, psk="12345678", ieee80211w="2", key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2", scan_freq="2412") hwsim_utils.test_connectivity(dev[1].ifname, apdev[0]['ifname']) hapd = hostapd.Hostapd(apdev[0]['ifname']) hapd.request("SA_QUERY " + dev[0].p2p_interface_addr()) hapd.request("SA_QUERY " + dev[1].p2p_interface_addr()) wt.require_ap_pmf_mandatory(apdev[0]['bssid']) wt.require_sta_pmf(apdev[0]['bssid'], dev[0].p2p_interface_addr()) wt.require_sta_pmf_mandatory(apdev[0]['bssid'], dev[1].p2p_interface_addr()) time.sleep(0.1) if wt.get_sta_counter("valid_saqueryresp_tx", apdev[0]['bssid'], dev[0].p2p_interface_addr()) < 1: raise Exception("STA did not reply to SA Query") if wt.get_sta_counter("valid_saqueryresp_tx", apdev[0]['bssid'], dev[1].p2p_interface_addr()) < 1: raise Exception("STA did not reply to SA Query")
def test_ap_pmf_optional_2akm(dev, apdev): """WPA2-PSK AP with PMF optional (2 AKMs)""" ssid = "test-pmf-optional-2akm" wt = Wlantest() wt.flush() wt.add_passphrase("12345678") params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678") params["wpa_key_mgmt"] = "WPA-PSK WPA-PSK-SHA256"; params["ieee80211w"] = "1"; hostapd.add_ap(apdev[0]['ifname'], params) dev[0].connect(ssid, psk="12345678", ieee80211w="1", key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2", scan_freq="2412") hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname']) dev[1].connect(ssid, psk="12345678", ieee80211w="2", key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2", scan_freq="2412") hwsim_utils.test_connectivity(dev[1].ifname, apdev[0]['ifname']) wt.require_ap_pmf_optional(apdev[0]['bssid']) wt.require_sta_pmf(apdev[0]['bssid'], dev[0].p2p_interface_addr()) wt.require_sta_key_mgmt(apdev[0]['bssid'], dev[0].p2p_interface_addr(), "PSK-SHA256") wt.require_sta_pmf_mandatory(apdev[0]['bssid'], dev[1].p2p_interface_addr()) wt.require_sta_key_mgmt(apdev[0]['bssid'], dev[1].p2p_interface_addr(), "PSK-SHA256")
def check_group_mgmt_cipher(dev, ap, cipher): wt = Wlantest() wt.flush() wt.add_passphrase("12345678") if cipher not in dev.get_capability("group_mgmt"): raise HwsimSkip("Cipher %s not supported" % cipher) params = { "ssid": "test-wpa2-psk-pmf", "wpa_passphrase": "12345678", "wpa": "2", "ieee80211w": "2", "wpa_key_mgmt": "WPA-PSK-SHA256", "rsn_pairwise": "CCMP", "group_mgmt_cipher": cipher } hapd = hostapd.add_ap(ap['ifname'], params) dev.connect("test-wpa2-psk-pmf", psk="12345678", ieee80211w="2", key_mgmt="WPA-PSK-SHA256", pairwise="CCMP", group="CCMP", scan_freq="2412") hwsim_utils.test_connectivity(dev, hapd) hapd.request("DEAUTHENTICATE ff:ff:ff:ff:ff:ff") dev.wait_disconnected() if wt.get_bss_counter('valid_bip_mmie', ap['bssid']) < 1: raise Exception("No valid BIP MMIE seen") if wt.get_bss_counter('bip_deauth', ap['bssid']) < 1: raise Exception("No valid BIP deauth seen") if cipher == "AES-128-CMAC": group_mgmt = "BIP" else: group_mgmt = cipher res = wt.info_bss('group_mgmt', ap['bssid']).strip() if res != group_mgmt: raise Exception("Unexpected group mgmt cipher: " + res)
def test_ap_roam_with_reassoc_auth_timeout(dev, apdev, params): """Roam using reassoc between two APs and authentication times out""" wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') wpas.interface_add("wlan5", drv_params="force_connect_cmd=1,force_bss_selection=1") params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678") hapd0 = hostapd.add_ap(apdev[0], params) bssid0 = hapd0.own_addr() id = wpas.connect("test-wpa2-psk", psk="12345678", scan_freq="2412") hwsim_utils.test_connectivity(wpas, hapd0) hapd1 = hostapd.add_ap(apdev[1], params) bssid1 = hapd1.own_addr() wpas.scan_for_bss(bssid1, freq=2412) if "OK" not in wpas.request("SET_NETWORK " + str(id) + " bssid " + bssid1): raise Exception("SET_NETWORK failed") if "OK" not in wpas.request("SET ignore_auth_resp 1"): raise Exception("SET ignore_auth_resp failed") if "OK" not in wpas.request("REASSOCIATE"): raise Exception("REASSOCIATE failed") logger.info("Wait ~10s for auth timeout...") time.sleep(10) ev = wpas.wait_event(["CTRL-EVENT-SCAN-STARTED"], 12) if not ev: raise Exception("CTRL-EVENT-SCAN-STARTED not seen") b = get_blacklist(wpas) if bssid0 in b: raise Exception("Unexpected blacklist contents: " + str(b))
def test_ap_roam_wpa2_psk_failed(dev, apdev, params): """Roam failure with WPA2-PSK AP due to wrong passphrase""" params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678") hapd0 = hostapd.add_ap(apdev[0], params) id = dev[0].connect("test-wpa2-psk", psk="12345678", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd0) params['wpa_passphrase'] = "22345678" hapd1 = hostapd.add_ap(apdev[1], params) bssid = hapd1.own_addr() dev[0].scan_for_bss(bssid, freq=2412) dev[0].dump_monitor() if "OK" not in dev[0].request("ROAM " + bssid): raise Exception("ROAM failed") ev = dev[0].wait_event(["CTRL-EVENT-SSID-TEMP-DISABLED", "CTRL-EVENT-CONNECTED"], 5) if "CTRL-EVENT-CONNECTED" in ev: raise Exception("Got unexpected CTRL-EVENT-CONNECTED") if "CTRL-EVENT-SSID-TEMP-DISABLED" not in ev: raise Exception("CTRL-EVENT-SSID-TEMP-DISABLED not seen") if "OK" not in dev[0].request("SELECT_NETWORK id=" + str(id)): raise Exception("SELECT_NETWORK failed") ev = dev[0].wait_event(["CTRL-EVENT-SSID-REENABLED"], 3) if not ev: raise Exception("CTRL-EVENT-SSID-REENABLED not seen") dev[0].wait_connected(timeout=5) hwsim_utils.test_connectivity(dev[0], hapd0)
def test_ap_vht80_antenna_config(dev, apdev): """VHT with 80 MHz channel width and antenna configuration""" hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "open" }) phy = hapd.get_driver_status_field("phyname") hapd.disable() try: subprocess.call(['iw', 'phy', phy, 'set', 'antenna', '0x3']) hapd = None params = { "ssid": "vht", "country_code": "FI", "hw_mode": "a", "channel": "36", "ht_capab": "[HT40+]", "ieee80211n": "1", "ieee80211ac": "1", "vht_oper_chwidth": "1", "vht_oper_centr_freq_seg0_idx": "42" } hapd = hostapd.add_ap(apdev[0]['ifname'], params) bssid = apdev[0]['bssid'] dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180") hwsim_utils.test_connectivity(dev[0], hapd) except Exception, e: if isinstance(e, Exception) and str(e) == "AP startup failed": if not vht_supported(): raise HwsimSkip("80 MHz channel not supported in regulatory information") raise
def test_ap_vht_40_fallback_to_20(devs, apdevs): """VHT and 40 MHz channel configuration falling back to 20 MHz""" dev = devs[0] ap = apdevs[0] try: hapd = None params = { "ssid": "test-vht40", "country_code": "US", "hw_mode": "a", "basic_rates": "60 120 240", "channel": "161", "ieee80211d": "1", "ieee80211h": "1", "ieee80211n": "1", "ieee80211ac": "1", "ht_capab": "[HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]", "vht_capab": "[RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-STBC1][MAX-MPDU-11454][MAX-A-MPDU-LEN-EXP7]", "vht_oper_chwidth": "0", "vht_oper_centr_freq_seg0_idx": "155", } hapd = hostapd.add_ap(ap, params) dev.connect("test-vht40", scan_freq="5805", key_mgmt="NONE") hwsim_utils.test_connectivity(dev, hapd) finally: dev.request("DISCONNECT") if hapd: hapd.request("DISABLE") subprocess.call(['iw', 'reg', 'set', '00']) dev.flush_scan_cache()
def test_cfg80211_wep_key_idx_change(dev, apdev): """WEP Shared Key authentication and key index change without deauth""" hapd = hostapd.add_ap(apdev[0], { "ssid": "wep-shared-key", "wep_key0": '"hello12345678"', "wep_key1": '"other12345678"', "auth_algs": "2" }) id = dev[0].connect("wep-shared-key", key_mgmt="NONE", auth_alg="SHARED", wep_key0='"hello12345678"', wep_key1='"other12345678"', wep_tx_keyidx="0", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd) dev[0].set_network(id, "wep_tx_keyidx", "1") # clear cfg80211 auth state to allow new auth without deauth frame ifindex = int(dev[0].get_driver_status_field("ifindex")) attrs = build_nl80211_attr_u32('IFINDEX', ifindex) attrs += build_nl80211_attr_u16('REASON_CODE', 1) attrs += build_nl80211_attr_mac('MAC', apdev[0]['bssid']) attrs += build_nl80211_attr_flag('LOCAL_STATE_CHANGE') nl80211_command(dev[0], 'DEAUTHENTICATE', attrs) dev[0].wait_disconnected(timeout=5, error="Local-deauth timed out") # the previous command results in deauth event followed by auto-reconnect dev[0].wait_connected(timeout=10, error="Reassociation timed out") hwsim_utils.test_connectivity(dev[0], hapd)
def test_wep_ht_vht(dev, apdev): """WEP and HT/VHT""" dev[0].flush_scan_cache() try: hapd = None params = { "ssid": "test-vht40-wep", "country_code": "SE", "hw_mode": "a", "channel": "36", "ieee80211n": "1", "ieee80211ac": "1", "ht_capab": "[HT40+]", "vht_capab": "", "vht_oper_chwidth": "0", "vht_oper_centr_freq_seg0_idx": "0", "wep_key0": '"hello"' } hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("test-vht40-wep", scan_freq="5180", key_mgmt="NONE", wep_key0='"hello"') hwsim_utils.test_connectivity(dev[0], hapd) status = hapd.get_status() logger.info("hostapd STATUS: " + str(status)) if status["ieee80211n"] != "0": raise Exception("Unexpected STATUS ieee80211n value") if status["ieee80211ac"] != "0": raise Exception("Unexpected STATUS ieee80211ac value") if status["secondary_channel"] != "0": raise Exception("Unexpected STATUS secondary_channel value") finally: dev[0].request("DISCONNECT") if hapd: hapd.request("DISABLE") subprocess.call(['iw', 'reg', 'set', '00']) dev[0].flush_scan_cache()
def test_rfkill_open(dev, apdev): """rfkill block/unblock during open mode connection""" rfk = get_rfkill(dev[0]) hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "open" }) dev[0].connect("open", key_mgmt="NONE", scan_freq="2412") try: logger.info("rfkill block") rfk.block() dev[0].wait_disconnected(timeout=10, error="Missing disconnection event on rfkill block") if "FAIL" not in dev[0].request("REASSOCIATE"): raise Exception("REASSOCIATE accepted while disabled") if "FAIL" not in dev[0].request("REATTACH"): raise Exception("REATTACH accepted while disabled") if "FAIL" not in dev[0].request("RECONNECT"): raise Exception("RECONNECT accepted while disabled") if "FAIL" not in dev[0].request("FETCH_OSU"): raise Exception("FETCH_OSU accepted while disabled") logger.info("rfkill unblock") rfk.unblock() dev[0].wait_connected(timeout=10, error="Missing connection event on rfkill unblock") hwsim_utils.test_connectivity(dev[0], hapd) finally: rfk.unblock()
def test_ap_pmf_inject_auth(dev, apdev): """WPA2-PSK AP with PMF and Authentication frame injection""" ssid = "test-pmf" params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678") params["wpa_key_mgmt"] = "WPA-PSK-SHA256" params["ieee80211w"] = "2" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect(ssid, psk="12345678", ieee80211w="2", key_mgmt="WPA-PSK-SHA256", proto="WPA2", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd) bssid = hapd.own_addr().replace(':', '') addr = dev[0].own_addr().replace(':', '') # Inject an unprotected Authentication frame claiming to be from the # associated STA. auth = "b0003a01" + bssid + addr + bssid + '1000000001000000' hapd.request("SET ext_mgmt_frame_handling 1") res = hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % auth) hapd.request("SET ext_mgmt_frame_handling 0") if "OK" not in res: raise Exception("MGMT_RX_PROCESS failed") # Verify that original association is still functional. hwsim_utils.test_connectivity(dev[0], hapd)
def test_wext_wpa_psk(dev, apdev): """WEXT driver interface with WPA-PSK""" skip_with_fips(dev[0]) wpas = get_wext_interface() params = hostapd.wpa_params(ssid="wext-wpa-psk", passphrase="12345678") hapd = hostapd.add_ap(apdev[0], params) testfile = "/sys/kernel/debug/ieee80211/%s/netdev:%s/tkip_mic_test" % (hapd.get_driver_status_field("phyname"), apdev[0]['ifname']) if not os.path.exists(testfile): wpas.close_ctrl() raise HwsimSkip("tkip_mic_test not supported in mac80211") wpas.connect("wext-wpa-psk", psk="12345678") hwsim_utils.test_connectivity(wpas, hapd) with open(testfile, "w") as f: f.write(wpas.p2p_interface_addr()) ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=1) if ev is not None: raise Exception("Unexpected disconnection on first Michael MIC failure") with open(testfile, "w") as f: f.write("ff:ff:ff:ff:ff:ff") ev = wpas.wait_disconnected(timeout=10, error="No disconnection after two Michael MIC failures") if "reason=14 locally_generated=1" not in ev: raise Exception("Unexpected disconnection reason: " + ev)
def test_ap_vht_on_24ghz(dev, apdev): """Subset of VHT features on 2.4 GHz""" hapd = None params = { "ssid": "test-vht-2g", "hw_mode": "g", "channel": "1", "ieee80211n": "1", "vendor_vht": "1", "vht_capab": "[MAX-MPDU-11454]", "vht_oper_chwidth": "0", "vht_oper_centr_freq_seg0_idx": "1" } hapd = hostapd.add_ap(apdev[0]['ifname'], params) try: if "OK" not in dev[0].request("VENDOR_ELEM_ADD 13 dd1300904c0400bf0c3240820feaff0000eaff0000"): raise Exception("Failed to add vendor element") dev[0].connect("test-vht-2g", scan_freq="2412", key_mgmt="NONE") hwsim_utils.test_connectivity(dev[0], hapd) sta = hapd.get_sta(dev[0].own_addr()) if '[VENDOR_VHT]' not in sta['flags']: raise Exception("No VENDOR_VHT STA flag") dev[1].connect("test-vht-2g", scan_freq="2412", key_mgmt="NONE") sta = hapd.get_sta(dev[1].own_addr()) if '[VENDOR_VHT]' in sta['flags']: raise Exception("Unexpected VENDOR_VHT STA flag") finally: dev[0].request("VENDOR_ELEM_REMOVE 13 *")
def test_ap_vht_40(devs, apdevs): """VHT and 40 MHz channel""" dev = devs[0] ap = apdevs[0] try: hapd = None params = { "ssid": "test-vht40", "country_code": "DE", "hw_mode": "a", "channel": "36", "ieee80211n": "1", "ieee80211ac": "1", "ht_capab": "[HT40+]", "vht_capab": "", "vht_oper_chwidth": "0", "vht_oper_centr_freq_seg0_idx": "0", } hapd = hostapd.add_ap(ap['ifname'], params) dev.connect("test-vht40", scan_freq="5180", key_mgmt="NONE") hwsim_utils.test_connectivity(dev, hapd) finally: dev.request("DISCONNECT") if hapd: hapd.request("DISABLE") subprocess.call(['iw', 'reg', 'set', '00']) dev.flush_scan_cache()
def test_ap_ft_ptk_rekey_ap(dev, apdev): """WPA2-PSK-FT PTK rekeying triggered by AP after roam""" ssid = "test-ft" passphrase="12345678" params = ft_params1(ssid=ssid, passphrase=passphrase) params['wpa_ptk_rekey'] = '2' hapd0 = hostapd.add_ap(apdev[0], params) params = ft_params2(ssid=ssid, passphrase=passphrase) params['wpa_ptk_rekey'] = '2' hapd1 = hostapd.add_ap(apdev[1], params) run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase) ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED", "WPA: Key negotiation completed"], timeout=5) if ev is None: raise Exception("No event received after roam") if "CTRL-EVENT-DISCONNECTED" in ev: raise Exception("Unexpected disconnection after roam") if dev[0].get_status_field('bssid') == apdev[0]['bssid']: hapd = hapd0 else: hapd = hapd1 hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_csa_1_switch_count_1(dev, apdev): """AP Channel Switch, one switch with count 1""" csa_supported(dev[0]) ap = connect(dev[0], apdev) hwsim_utils.test_connectivity(dev[0], ap) switch_channel(ap, 1, 2462)
def test_wpas_ap_wps(dev): """wpa_supplicant AP mode - WPS operations""" id = dev[0].add_network() dev[0].set_network(id, "mode", "2") dev[0].set_network_quoted(id, "ssid", "wpas-ap-wps") dev[0].set_network_quoted(id, "psk", "1234567890") dev[0].set_network(id, "frequency", "2412") dev[0].set_network(id, "scan_freq", "2412") dev[0].select_network(id) wait_ap_ready(dev[0]) bssid = dev[0].p2p_interface_addr() logger.info("Test PBC mode start/stop") if "FAIL" not in dev[0].request("WPS_CANCEL"): raise Exception("Unexpected WPS_CANCEL success") dev[0].request("WPS_PBC") ev = dev[0].wait_event(["WPS-PBC-ACTIVE"]) if ev is None: raise Exception("PBC mode start timeout") if "OK" not in dev[0].request("WPS_CANCEL"): raise Exception("Unexpected WPS_CANCEL failure") ev = dev[0].wait_event(["WPS-TIMEOUT"]) if ev is None: raise Exception("PBC mode disabling timeout") logger.info("Test PBC protocol run") dev[0].request("WPS_PBC") ev = dev[0].wait_event(["WPS-PBC-ACTIVE"]) if ev is None: raise Exception("PBC mode start timeout") dev[1].request("WPS_PBC") dev[1].wait_connected(timeout=30, error="WPS PBC operation timed out") hwsim_utils.test_connectivity(dev[0], dev[1]) logger.info("Test AP PIN to learn configuration") pin = dev[0].request("WPS_AP_PIN random") if "FAIL" in pin: raise Exception("Could not generate random AP PIN") if pin not in dev[0].request("WPS_AP_PIN get"): raise Exception("Could not fetch current AP PIN") dev[2].wps_reg(bssid, pin) hwsim_utils.test_connectivity(dev[1], dev[2]) dev[1].request("REMOVE_NETWORK all") dev[2].request("REMOVE_NETWORK all") logger.info("Test AP PIN operations") dev[0].request("WPS_AP_PIN disable") dev[0].request("WPS_AP_PIN set " + pin + " 1") time.sleep(1.1) if "FAIL" not in dev[0].request("WPS_AP_PIN get"): raise Exception("AP PIN unexpectedly still enabled") pin = dev[1].wps_read_pin() dev[0].request("WPS_PIN any " + pin) dev[1].request("WPS_PIN any " + pin) dev[1].wait_connected(timeout=30) dev[1].request("REMOVE_NETWORK all") dev[1].dump_monitor() dev[0].request("WPS_PIN any " + pin + " 100") dev[1].request("WPS_PIN any " + pin) dev[1].wait_connected(timeout=30) dev[1].request("REMOVE_NETWORK all") dev[1].dump_monitor() dev[0].request("WPS_AP_PIN set 12345670") dev[0].dump_monitor() runs = ("88887777", "12340000", "00000000", "12345670") for pin in runs: logger.info("Try AP PIN " + pin) dev[2].dump_monitor() dev[2].request("WPS_REG " + bssid + " " + pin) ev = dev[2].wait_event(["WPS-SUCCESS", "WPS-FAIL msg"], timeout=15) if ev is None: raise Exception("WPS operation timed out") if "WPS-SUCCESS" in ev: raise Exception("WPS operation succeeded unexpectedly") dev[2].wait_disconnected(timeout=10) dev[2].request("WPS_CANCEL") dev[2].request("REMOVE_NETWORK all") ev = dev[0].wait_event(["WPS-AP-SETUP-LOCKED"]) if ev is None: raise Exception("WPS AP PIN not locked") dev[0].dump_monitor() logger.info("Test random AP PIN timeout") pin = dev[0].request("WPS_AP_PIN random 1") if "FAIL" in pin: raise Exception("Could not generate random AP PIN") res = dev[0].request("WPS_AP_PIN get") if pin not in res: raise Exception("Could not fetch current AP PIN") for i in range(10): time.sleep(0.2) res = dev[0].request("WPS_AP_PIN get") if "FAIL" in res: break if "FAIL" not in res: raise Exception("WPS_AP_PIN random timeout did not work") if "FAIL" not in dev[0].request("WPS_AP_PIN foo"): raise Exception("Invalid WPS_AP_PIN command not rejected") if "FAIL" not in dev[0].request("WPS_AP_PIN set"): raise Exception("Invalid WPS_AP_PIN command not rejected")
def run_macsec_psk_ns(dev, apdev, params): try: subprocess.check_call([ "ip", "link", "add", "veth0", "type", "veth", "peer", "name", "veth1" ]) except subprocess.CalledProcessError: raise HwsimSkip("veth not supported (kernel CONFIG_VETH)") prefix = "macsec_psk_ns" conffile = os.path.join(params['logdir'], prefix + ".conf") pidfile = os.path.join(params['logdir'], prefix + ".pid") logfile0 = os.path.join(params['logdir'], prefix + ".veth0.log") logfile1 = os.path.join(params['logdir'], prefix + ".veth1.log") cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap") cap_veth1 = os.path.join(params['logdir'], prefix + ".veth1.pcap") cap_macsec0 = os.path.join(params['logdir'], prefix + ".macsec0.pcap") cap_macsec1 = os.path.join(params['logdir'], prefix + ".macsec1.pcap") for i in range(2): try: subprocess.check_call(["ip", "netns", "add", "ns%d" % i]) except subprocess.CalledProcessError: raise HwsimSkip( "network namespace not supported (kernel CONFIG_NAMESPACES, CONFIG_NET_NS)" ) subprocess.check_call( ["ip", "link", "set", "veth%d" % i, "netns", "ns%d" % i]) subprocess.check_call([ "ip", "netns", "exec", "ns%d" % i, "ip", "link", "set", "dev", "veth%d" % i, "up" ]) cmd = {} cmd[0] = subprocess.Popen([ 'ip', 'netns', 'exec', 'ns0', 'tcpdump', '-p', '-U', '-i', 'veth0', '-w', cap_veth0, '-s', '2000', '--immediate-mode' ], stderr=open('/dev/null', 'w')) cmd[1] = subprocess.Popen([ 'ip', 'netns', 'exec', 'ns1', 'tcpdump', '-p', '-U', '-i', 'veth1', '-w', cap_veth1, '-s', '2000', '--immediate-mode' ], stderr=open('/dev/null', 'w')) write_conf(conffile + '0') write_conf(conffile + '1', mka_priority=100) prg = os.path.join(params['logdir'], 'alt-wpa_supplicant/wpa_supplicant/wpa_supplicant') if not os.path.exists(prg): prg = '../../wpa_supplicant/wpa_supplicant' arg = [ "ip", "netns", "exec", "ns0", prg, '-BdddtKW', '-P', pidfile + '0', '-f', logfile0, '-g', '/tmp/wpas-veth0', '-Dmacsec_linux', '-c', conffile + '0', '-i', "veth0" ] logger.info("Start wpa_supplicant: " + str(arg)) try: subprocess.check_call(arg) except subprocess.CalledProcessError: raise HwsimSkip( "macsec supported (wpa_supplicant CONFIG_MACSEC, CONFIG_DRIVER_MACSEC_LINUX; kernel CONFIG_MACSEC)" ) if os.path.exists("wpa_supplicant-macsec2"): logger.info( "Use alternative wpa_supplicant binary for one of the macsec devices" ) prg = "wpa_supplicant-macsec2" arg = [ "ip", "netns", "exec", "ns1", prg, '-BdddtKW', '-P', pidfile + '1', '-f', logfile1, '-g', '/tmp/wpas-veth1', '-Dmacsec_linux', '-c', conffile + '1', '-i', "veth1" ] logger.info("Start wpa_supplicant: " + str(arg)) subprocess.check_call(arg) wpas0 = WpaSupplicant('veth0', '/tmp/wpas-veth0') wpas1 = WpaSupplicant('veth1', '/tmp/wpas-veth1') log_ip_macsec_ns() log_ip_link_ns() logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS")) logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS")) logger.info("wpas0 STATUS-DRIVER:\n" + wpas0.request("STATUS-DRIVER")) logger.info("wpas1 STATUS-DRIVER:\n" + wpas1.request("STATUS-DRIVER")) macsec_ifname0 = wpas0.get_driver_status_field("parent_ifname") macsec_ifname1 = wpas1.get_driver_status_field("parent_ifname") for i in range(10): key_tx0 = int(wpas0.get_status_field("Number of Keys Distributed")) key_rx0 = int(wpas0.get_status_field("Number of Keys Received")) key_tx1 = int(wpas1.get_status_field("Number of Keys Distributed")) key_rx1 = int(wpas1.get_status_field("Number of Keys Received")) if key_rx0 > 0 and key_tx1 > 0: break time.sleep(1) cmd[2] = subprocess.Popen([ 'ip', 'netns', 'exec', 'ns0', 'tcpdump', '-p', '-U', '-i', macsec_ifname0, '-w', cap_macsec0, '-s', '2000', '--immediate-mode' ], stderr=open('/dev/null', 'w')) cmd[3] = subprocess.Popen([ 'ip', 'netns', 'exec', 'ns0', 'tcpdump', '-p', '-U', '-i', macsec_ifname1, '-w', cap_macsec1, '-s', '2000', '--immediate-mode' ], stderr=open('/dev/null', 'w')) time.sleep(0.5) logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS")) logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS")) log_ip_macsec_ns() hwsim_utils.test_connectivity(wpas0, wpas1, ifname1=macsec_ifname0, ifname2=macsec_ifname1, send_len=1400) log_ip_macsec_ns() subprocess.check_call([ 'ip', 'netns', 'exec', 'ns0', 'ip', 'addr', 'add', '192.168.248.17/30', 'dev', macsec_ifname0 ]) subprocess.check_call([ 'ip', 'netns', 'exec', 'ns1', 'ip', 'addr', 'add', '192.168.248.18/30', 'dev', macsec_ifname1 ]) c = subprocess.Popen( ['ip', 'netns', 'exec', 'ns0', 'ping', '-c', '2', '192.168.248.18'], stdout=subprocess.PIPE) res = c.stdout.read().decode() c.stdout.close() logger.info("ping:\n" + res) if "2 packets transmitted, 2 received" not in res: raise Exception("ping did not work") wpas0.close_monitor() wpas0.request("TERMINATE") wpas0.close_control() del wpas0 wpas1.close_monitor() wpas1.request("TERMINATE") wpas1.close_control() del wpas1 time.sleep(1) for i in range(len(cmd)): cmd[i].terminate()
def run_macsec_psk_br(dev, apdev, count, mka_priority): subprocess.check_call(["brctl", "addbr", "brveth"]) subprocess.call( ["echo 8 > /sys/devices/virtual/net/brveth/bridge/group_fwd_mask"], shell=True) try: for i in range(count): subprocess.check_call([ "ip", "link", "add", "veth%d" % i, "type", "veth", "peer", "name", "vethbr%d" % i ]) subprocess.check_call(["ip", "link", "set", "vethbr%d" % i, "up"]) subprocess.check_call(["brctl", "addif", "brveth", "vethbr%d" % i]) except subprocess.CalledProcessError: raise HwsimSkip("veth not supported (kernel CONFIG_VETH)") subprocess.check_call(["ip", "link", "set", "brveth", "up"]) log_ip_link() wpa = add_wpas_interfaces(count=count) for i in range(count): set_mka_psk_config(wpa[i], mka_priority=mka_priority[i]) wpa[i].dump_monitor() wait_mka_done(wpa) macsec_ifname = [] for i in range(count): macsec_ifname.append(wpa[i].get_driver_status_field("parent_ifname")) timeout = 2 max_tries = 2 if count > 2 else 1 success_seen = False failure_seen = False for i in range(1, count): try: hwsim_utils.test_connectivity(wpa[0], wpa[i], ifname1=macsec_ifname[0], ifname2=macsec_ifname[i], send_len=1400, timeout=timeout, max_tries=max_tries) success_seen = True logger.info("Traffic test %d<->%d success" % (0, i)) except: failure_seen = True logger.info("Traffic test %d<->%d failure" % (0, i)) for i in range(2, count): try: hwsim_utils.test_connectivity(wpa[1], wpa[i], ifname1=macsec_ifname[1], ifname2=macsec_ifname[i], send_len=1400, timeout=timeout, max_tries=max_tries) success_seen = True logger.info("Traffic test %d<->%d success" % (1, i)) except: failure_seen = True logger.info("Traffic test %d<->%d failure" % (1, i)) if not success_seen: raise Exception("None of the data traffic tests succeeded") # Something seems to be failing with three device tests semi-regularly, so # do not report this as a failed test case until the real reason behind # those failures have been determined. if failure_seen: if count < 3: raise Exception("Data traffic test failed") else: logger.info( "Data traffic test failed - ignore for now for >= 3 device cases" ) for i in range(count): wpa[i].close_monitor() for i in range(count): wpa[0].close_control() del wpa[0]
def run_macsec_psk(dev, apdev, params, prefix, integ_only=False, port0=None, port1=None, ckn0=None, ckn1=None, cak0=None, cak1=None, expect_failure=False): add_veth() cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap") cap_veth1 = os.path.join(params['logdir'], prefix + ".veth1.pcap") cap_macsec0 = os.path.join(params['logdir'], prefix + ".macsec0.pcap") cap_macsec1 = os.path.join(params['logdir'], prefix + ".macsec1.pcap") for i in range(2): subprocess.check_call(["ip", "link", "set", "dev", "veth%d" % i, "up"]) cmd = {} cmd[0] = subprocess.Popen([ 'tcpdump', '-p', '-U', '-i', 'veth0', '-w', cap_veth0, '-s', '2000', '--immediate-mode' ], stderr=open('/dev/null', 'w')) cmd[1] = subprocess.Popen([ 'tcpdump', '-p', '-U', '-i', 'veth1', '-w', cap_veth1, '-s', '2000', '--immediate-mode' ], stderr=open('/dev/null', 'w')) wpa = add_wpas_interfaces() wpas0 = wpa[0] wpas1 = wpa[1] set_mka_psk_config(wpas0, integ_only=integ_only, port=port0, ckn=ckn0, cak=cak0) set_mka_psk_config(wpas1, mka_priority=100, integ_only=integ_only, port=port1, ckn=ckn1, cak=cak1) log_ip_macsec() log_ip_link() logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS")) logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS")) logger.info("wpas0 STATUS-DRIVER:\n" + wpas0.request("STATUS-DRIVER")) logger.info("wpas1 STATUS-DRIVER:\n" + wpas1.request("STATUS-DRIVER")) macsec_ifname0 = wpas0.get_driver_status_field("parent_ifname") macsec_ifname1 = wpas1.get_driver_status_field("parent_ifname") wait_mka_done(wpa, expect_failure=expect_failure) if expect_failure: for i in range(len(cmd)): cmd[i].terminate() return cmd[2] = subprocess.Popen([ 'tcpdump', '-p', '-U', '-i', macsec_ifname0, '-w', cap_macsec0, '-s', '2000', '--immediate-mode' ], stderr=open('/dev/null', 'w')) cmd[3] = subprocess.Popen([ 'tcpdump', '-p', '-U', '-i', macsec_ifname1, '-w', cap_macsec1, '-s', '2000', '--immediate-mode' ], stderr=open('/dev/null', 'w')) time.sleep(0.5) mi0 = wpas0.get_status_field("mi") mi1 = wpas1.get_status_field("mi") sci0 = wpas0.get_status_field("actor_sci") sci1 = wpas1.get_status_field("actor_sci") logger.info("wpas0 MIB:\n" + wpas0.request("MIB")) logger.info("wpas1 MIB:\n" + wpas1.request("MIB")) mib0 = wpas0.get_mib() mib1 = wpas1.get_mib() if mib0['ieee8021XKayMkaPeerListMI'] != mi1: raise Exception("Unexpected ieee8021XKayMkaPeerListMI value (0)") if mib0['ieee8021XKayMkaPeerListType'] != "1": raise Exception("Unexpected ieee8021XKayMkaPeerListType value (0)") if mib0['ieee8021XKayMkaPeerListSCI'] != sci1: raise Exception("Unexpected ieee8021XKayMkaPeerListSCI value (0)") if mib1['ieee8021XKayMkaPeerListMI'] != mi0: raise Exception("Unexpected ieee8021XKayMkaPeerListMI value (1)") if mib1['ieee8021XKayMkaPeerListType'] != "1": raise Exception("Unexpected ieee8021XKayMkaPeerListType value (1)") if mib1['ieee8021XKayMkaPeerListSCI'] != sci0: raise Exception("Unexpected ieee8021XKayMkaPeerListSCI value (1)") logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS")) logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS")) log_ip_macsec() hwsim_utils.test_connectivity(wpas0, wpas1, ifname1=macsec_ifname0, ifname2=macsec_ifname1, send_len=1400) log_ip_macsec() time.sleep(1) for i in range(len(cmd)): cmd[i].terminate()
def run_roams(dev, apdev, hapd0, hapd1, ssid, passphrase, over_ds=False, sae=False, eap=False, fail_test=False, roams=1): logger.info("Connect to first AP") if eap: dev.connect(ssid, key_mgmt="FT-EAP", proto="WPA2", ieee80211w="1", eap="GPSK", identity="gpsk user", password="******", scan_freq="2412") else: if sae: key_mgmt = "FT-SAE" else: key_mgmt = "FT-PSK" dev.connect(ssid, psk=passphrase, key_mgmt=key_mgmt, proto="WPA2", ieee80211w="1", scan_freq="2412") if dev.get_status_field('bssid') == apdev[0]['bssid']: ap1 = apdev[0] ap2 = apdev[1] hapd1ap = hapd0 hapd2ap = hapd1 else: ap1 = apdev[1] ap2 = apdev[0] hapd1ap = hapd1 hapd2ap = hapd0 hwsim_utils.test_connectivity(dev, hapd1ap) dev.scan_for_bss(ap2['bssid'], freq="2412") for i in range(0, roams): logger.info("Roam to the second AP") if over_ds: dev.roam_over_ds(ap2['bssid'], fail_test=fail_test) else: dev.roam(ap2['bssid'], fail_test=fail_test) if fail_test: return if dev.get_status_field('bssid') != ap2['bssid']: raise Exception("Did not connect to correct AP") if i == 0 or i == roams - 1: hwsim_utils.test_connectivity(dev, hapd2ap) logger.info("Roam back to the first AP") if over_ds: dev.roam_over_ds(ap1['bssid']) else: dev.roam(ap1['bssid']) if dev.get_status_field('bssid') != ap1['bssid']: raise Exception("Did not connect to correct AP") if i == 0 or i == roams - 1: hwsim_utils.test_connectivity(dev, hapd1ap)
def _test_wmediumd_path_rann(dev, apdev): for i in range(0, 3): check_mesh_support(dev[i]) add_open_mesh_network(dev[i], freq="2462", basic_rates="60 120 240") # Check for mesh joined for i in range(0, 3): check_mesh_group_added(dev[i]) state = dev[i].get_status_field("wpa_state") if state != "COMPLETED": raise Exception("Unexpected wpa_state on dev" + str(i) + ": " + state) mode = dev[i].get_status_field("mode") if mode != "mesh": raise Exception("Unexpected mode: " + mode) # set node 2 as RANN supported root subprocess.check_call(["iw", "dev", dev[0].ifname, "set", "mesh_param", "mesh_hwmp_rootmode=0"]) subprocess.check_call(["iw", "dev", dev[1].ifname, "set", "mesh_param", "mesh_hwmp_rootmode=0"]) subprocess.check_call(["iw", "dev", dev[2].ifname, "set", "mesh_param", "mesh_hwmp_rootmode=4"]) subprocess.check_call(["iw", "dev", dev[2].ifname, "set", "mesh_param", "mesh_hwmp_rann_interval=2000"]) # Check for peer connected check_mesh_peer_connected(dev[0]) check_mesh_peer_connected(dev[0]) check_mesh_peer_connected(dev[1]) check_mesh_peer_connected(dev[2]) # Wait for RANN frame time.sleep(10) # Test connectivity 1->2 and 2->1 hwsim_utils.test_connectivity(dev[1], dev[2]) # Check mpath table on 0 res, data = dev[0].cmd_execute(['iw', dev[0].ifname, 'mpath', 'dump']) if res != 0: raise Exception("iw command failed on dev0") if data.find(dev[1].own_addr() + ' ' + dev[1].own_addr()) == -1 or \ data.find(dev[2].own_addr() + ' ' + dev[2].own_addr()) == -1: raise Exception("mpath not found on dev0:\n" + data) if data.find(dev[0].own_addr()) > -1: raise Exception("invalid mpath found on dev0:\n" + data) # Check mpath table on 1 res, data = dev[1].cmd_execute(['iw', dev[1].ifname, 'mpath', 'dump']) if res != 0: raise Exception("iw command failed on dev1") if data.find(dev[0].own_addr() + ' ' + dev[0].own_addr()) == -1 or \ data.find(dev[2].own_addr() + ' ' + dev[0].own_addr()) == -1: raise Exception("mpath not found on dev1:\n" + data) if data.find(dev[2].own_addr() + ' ' + dev[2].own_addr()) > -1 or \ data.find(dev[1].own_addr()) > -1: raise Exception("invalid mpath found on dev1:\n" + data) # Check mpath table on 2 res, data = dev[2].cmd_execute(['iw', dev[2].ifname, 'mpath', 'dump']) if res != 0: raise Exception("iw command failed on dev2") if data.find(dev[0].own_addr() + ' ' + dev[0].own_addr()) == -1 or \ data.find(dev[1].own_addr() + ' ' + dev[0].own_addr()) == -1: raise Exception("mpath not found on dev2:\n" + data) if data.find(dev[1].own_addr() + ' ' + dev[1].own_addr()) > -1 or \ data.find(dev[2].own_addr()) > -1: raise Exception("invalid mpath found on dev2:\n" + data) # remove mesh groups for i in range(0, 3): dev[i].mesh_group_remove() check_mesh_group_removed(dev[i]) dev[i].dump_monitor()
def test_ap_vht80(dev, apdev): """VHT with 80 MHz channel width""" try: hapd = None params = { "ssid": "vht", "country_code": "FI", "hw_mode": "a", "channel": "36", "ht_capab": "[HT40+]", "ieee80211n": "1", "ieee80211ac": "1", "vht_oper_chwidth": "1", "vht_oper_centr_freq_seg0_idx": "42" } hapd = hostapd.add_ap(apdev[0], params) bssid = apdev[0]['bssid'] dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180") hwsim_utils.test_connectivity(dev[0], hapd) sig = dev[0].request("SIGNAL_POLL").splitlines() if "FREQUENCY=5180" not in sig: raise Exception("Unexpected SIGNAL_POLL value(1): " + str(sig)) if "WIDTH=80 MHz" not in sig: raise Exception("Unexpected SIGNAL_POLL value(2): " + str(sig)) est = dev[0].get_bss(bssid)['est_throughput'] if est != "390001": raise Exception("Unexpected BSS est_throughput: " + est) status = dev[0].get_status() if status["ieee80211ac"] != "1": raise Exception("Unexpected STATUS ieee80211ac value (STA)") status = hapd.get_status() logger.info("hostapd STATUS: " + str(status)) if status["ieee80211n"] != "1": raise Exception("Unexpected STATUS ieee80211n value") if status["ieee80211ac"] != "1": raise Exception("Unexpected STATUS ieee80211ac value") if status["secondary_channel"] != "1": raise Exception("Unexpected STATUS secondary_channel value") if status["vht_oper_chwidth"] != "1": raise Exception("Unexpected STATUS vht_oper_chwidth value") if status["vht_oper_centr_freq_seg0_idx"] != "42": raise Exception( "Unexpected STATUS vht_oper_centr_freq_seg0_idx value") if "vht_caps_info" not in status: raise Exception("Missing vht_caps_info") sta = hapd.get_sta(dev[0].own_addr()) logger.info("hostapd STA: " + str(sta)) if "[HT]" not in sta['flags']: raise Exception("Missing STA flag: HT") if "[VHT]" not in sta['flags']: raise Exception("Missing STA flag: VHT") except Exception as e: if isinstance(e, Exception) and str(e) == "AP startup failed": if not vht_supported(): raise HwsimSkip( "80 MHz channel not supported in regulatory information") raise finally: dev[0].request("DISCONNECT") clear_regdom(hapd, dev)
def test_p2p_device_misuses(dev, apdev): """cfg80211 P2P Device misuses""" hapd = hostapd.add_ap(apdev[0]['ifname'], {"ssid": "open"}) with HWSimRadio(use_p2p_device=True) as (radio, iface): wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') wpas.interface_add(iface) # Add a normal network profile to the P2P Device management only # interface to verify that it does not get used. id = int( wpas.global_request('IFNAME=p2p-dev-%s ADD_NETWORK' % iface).strip()) wpas.global_request('IFNAME=p2p-dev-%s SET_NETWORK %d ssid "open"' % (iface, id)) wpas.global_request('IFNAME=p2p-dev-%s SET_NETWORK %d key_mgmt NONE' % (iface, id)) wpas.global_request('IFNAME=p2p-dev-%s ENABLE_NETWORK %d' % (iface, id)) # Scan requests get ignored on p2p-dev wpas.global_request('IFNAME=p2p-dev-%s SCAN' % iface) dev[0].p2p_start_go(freq=2412) addr = dev[0].p2p_interface_addr() wpas.scan_for_bss(addr, freq=2412) wpas.connect("open", key_mgmt="NONE", scan_freq="2412") hwsim_utils.test_connectivity(wpas, hapd) pin = wpas.wps_read_pin() dev[0].p2p_go_authorize_client(pin) res = wpas.p2p_connect_group(dev[0].p2p_dev_addr(), pin, timeout=60, social=True, freq=2412) hwsim_utils.test_connectivity_p2p(dev[0], wpas) # Optimize scan-after-disconnect wpas.group_request("SET_NETWORK 0 scan_freq 2412") dev[0].group_request("DISASSOCIATE " + wpas.p2p_interface_addr()) ev = wpas.wait_group_event(["CTRL-EVENT-DISCONNECT"]) if ev is None: raise Exception( "Did not see disconnect event on P2P group interface") dev[0].remove_group() ev = wpas.wait_group_event(["CTRL-EVENT-SCAN-STARTED"], timeout=5) if ev is None: raise Exception("Scan not started") ev = wpas.wait_group_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=15) if ev is None: raise Exception("Scan not completed") time.sleep(1) hwsim_utils.test_connectivity(wpas, hapd) ev = hapd.wait_event(["AP-STA-DISCONNECTED"], timeout=0.1) if ev is not None: raise Exception( "Unexpected disconnection event received from hostapd") ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=0.1) if ev is not None: raise Exception( "Unexpected disconnection event received from wpa_supplicant") wpas.request("DISCONNECT") wpas.wait_disconnected()
if not os.path.exists("/proc/net/wireless"): logger.info("WEXT support not included in the kernel") return "skip" params = {"ssid": "wext-open"} hapd = hostapd.add_ap(apdev[0]['ifname'], params) wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') try: wpas.interface_add("wlan5", driver="wext") except Exception, e: logger.info("WEXT driver support not included in wpa_supplicant") return "skip" wpas.connect("wext-open", key_mgmt="NONE") hwsim_utils.test_connectivity(wpas, hapd) def test_wext_wpa2_psk(dev, apdev): """WEXT driver interface with WPA2-PSK""" if not os.path.exists("/proc/net/wireless"): logger.info("WEXT support not included in the kernel") return "skip" params = hostapd.wpa2_params(ssid="wext-wpa2-psk", passphrase="12345678") hapd = hostapd.add_ap(apdev[0]['ifname'], params) wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') try: wpas.interface_add("wlan5", driver="wext") except Exception, e:
def test_dfs_etsi(dev, apdev, params): """DFS and uniform spreading requirement for ETSI [long]""" if not params['long']: raise HwsimSkip( "Skip test case with long duration due to --long not specified") try: hapd = None hapd = start_dfs_ap(apdev[0], allow_failure=True) ev = wait_dfs_event(hapd, "DFS-CAC-COMPLETED", 70) if "success=1" not in ev: raise Exception("CAC failed") if "freq=5260" not in ev: raise Exception("Unexpected DFS freq result") ev = hapd.wait_event(["AP-ENABLED"], timeout=5) if not ev: raise Exception("AP setup timed out") state = hapd.get_status_field("state") if state != "ENABLED": raise Exception("Unexpected interface state") freq = hapd.get_status_field("freq") if freq != "5260": raise Exception("Unexpected frequency") dev[0].connect("dfs", key_mgmt="NONE") dev[0].wait_regdom(country_ie=True) hwsim_utils.test_connectivity(dev[0], hapd) hapd.request("RADAR DETECTED freq=%s ht_enabled=1 chan_width=1" % freq) ev = hapd.wait_event(["DFS-RADAR-DETECTED"], timeout=5) if ev is None: raise Exception("DFS-RADAR-DETECTED event not reported") if "freq=%s" % freq not in ev: raise Exception("Incorrect frequency in radar detected event: " + ev) ev = hapd.wait_event(["DFS-NEW-CHANNEL"], timeout=5) if ev is None: raise Exception("DFS-NEW-CHANNEL event not reported") if "freq=%s" % freq in ev: raise Exception("Channel did not change after radar was detected") ev = hapd.wait_event(["AP-CSA-FINISHED", "DFS-CAC-START"], timeout=10) if ev is None: raise Exception( "AP-CSA-FINISHED or DFS-CAC-START event not reported") if "DFS-CAC-START" in ev: # The selected new channel requires CAC ev = wait_dfs_event(hapd, "DFS-CAC-COMPLETED", 70) if "success=1" not in ev: raise Exception("CAC failed") ev = hapd.wait_event(["AP-ENABLED"], timeout=5) if not ev: raise Exception("AP setup timed out") ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=30) if not ev: raise Exception("STA did not reconnect on new DFS channel") else: # The new channel did not require CAC - try again if "freq=%s" % freq in ev: raise Exception( "Channel did not change after radar was detected(2)") time.sleep(1) hwsim_utils.test_connectivity(dev[0], hapd) finally: clear_regdom(hapd, dev)
def test_ap_vht80plus80(dev, apdev): """VHT with 80+80 MHz channel width""" try: hapd = None hapd2 = None params = { "ssid": "vht", "country_code": "US", "hw_mode": "a", "channel": "52", "ht_capab": "[HT40+]", "ieee80211n": "1", "ieee80211ac": "1", "vht_oper_chwidth": "3", "vht_oper_centr_freq_seg0_idx": "58", "vht_oper_centr_freq_seg1_idx": "155", 'ieee80211d': '1', 'ieee80211h': '1' } hapd = hostapd.add_ap(apdev[0], params, wait_enabled=False) # This will actually fail since DFS on 80+80 is not yet supported ev = hapd.wait_event(["AP-DISABLED"], timeout=5) # ignore result to avoid breaking the test once 80+80 DFS gets enabled params = { "ssid": "vht2", "country_code": "US", "hw_mode": "a", "channel": "36", "ht_capab": "[HT40+]", "ieee80211n": "1", "ieee80211ac": "1", "vht_oper_chwidth": "3", "vht_oper_centr_freq_seg0_idx": "42", "vht_oper_centr_freq_seg1_idx": "155" } hapd2 = hostapd.add_ap(apdev[1], params, wait_enabled=False) ev = hapd2.wait_event(["AP-ENABLED", "AP-DISABLED"], timeout=5) if not ev: raise Exception("AP setup timed out(2)") if "AP-DISABLED" in ev: # Assume this failed due to missing regulatory update for now raise HwsimSkip("80+80 MHz channel not supported in regulatory information") state = hapd2.get_status_field("state") if state != "ENABLED": raise Exception("Unexpected interface state(2)") dev[1].connect("vht2", key_mgmt="NONE", scan_freq="5180") hwsim_utils.test_connectivity(dev[1], hapd2) sig = dev[1].request("SIGNAL_POLL").splitlines() if "FREQUENCY=5180" not in sig: raise Exception("Unexpected SIGNAL_POLL value(1): " + str(sig)) if "WIDTH=80+80 MHz" not in sig: raise Exception("Unexpected SIGNAL_POLL value(2): " + str(sig)) if "CENTER_FRQ1=5210" not in sig: raise Exception("Unexpected SIGNAL_POLL value(3): " + str(sig)) if "CENTER_FRQ2=5775" not in sig: raise Exception("Unexpected SIGNAL_POLL value(4): " + str(sig)) except Exception, e: if isinstance(e, Exception) and str(e) == "AP startup failed": if not vht_supported(): raise HwsimSkip("80/160 MHz channel not supported in regulatory information") raise
def test_ap_vht80_csa(dev, apdev): """VHT with 80 MHz channel width and CSA""" csa_supported(dev[0]) try: hapd = None params = { "ssid": "vht", "country_code": "US", "hw_mode": "a", "channel": "149", "ht_capab": "[HT40+]", "ieee80211n": "1", "ieee80211ac": "1", "vht_oper_chwidth": "1", "vht_oper_centr_freq_seg0_idx": "155" } hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("vht", key_mgmt="NONE", scan_freq="5745") hwsim_utils.test_connectivity(dev[0], hapd) hapd.request( "CHAN_SWITCH 5 5180 ht vht blocktx center_freq1=5210 sec_channel_offset=1 bandwidth=80" ) ev = hapd.wait_event(["CTRL-EVENT-STARTED-CHANNEL-SWITCH"], timeout=10) if ev is None: raise Exception("Channel switch start event not seen") if "freq=5180" not in ev: raise Exception("Unexpected channel in CS started") ev = hapd.wait_event(["CTRL-EVENT-CHANNEL-SWITCH"], timeout=10) if ev is None: raise Exception("Channel switch completion event not seen") if "freq=5180" not in ev: raise Exception("Unexpected channel in CS completed") ev = hapd.wait_event(["AP-CSA-FINISHED"], timeout=10) if ev is None: raise Exception("CSA finished event timed out") if "freq=5180" not in ev: raise Exception("Unexpected channel in CSA finished event") time.sleep(0.5) hwsim_utils.test_connectivity(dev[0], hapd) hapd.request("CHAN_SWITCH 5 5745") ev = hapd.wait_event(["AP-CSA-FINISHED"], timeout=10) if ev is None: raise Exception("CSA finished event timed out") if "freq=5745" not in ev: raise Exception("Unexpected channel in CSA finished event") time.sleep(0.5) hwsim_utils.test_connectivity(dev[0], hapd) # This CSA to same channel will fail in kernel, so use this only for # extra code coverage. hapd.request("CHAN_SWITCH 5 5745") hapd.wait_event(["AP-CSA-FINISHED"], timeout=1) except Exception as e: if isinstance(e, Exception) and str(e) == "AP startup failed": if not vht_supported(): raise HwsimSkip( "80 MHz channel not supported in regulatory information") raise finally: dev[0].request("DISCONNECT") if hapd: hapd.request("DISABLE") subprocess.call(['iw', 'reg', 'set', '00']) dev[0].flush_scan_cache()
def test_ap_vht160(dev, apdev): """VHT with 160 MHz channel width (1)""" try: hapd = None params = { "ssid": "vht", "country_code": "FI", "hw_mode": "a", "channel": "36", "ht_capab": "[HT40+]", "ieee80211n": "1", "ieee80211ac": "1", "vht_oper_chwidth": "2", "vht_oper_centr_freq_seg0_idx": "50", 'ieee80211d': '1', 'ieee80211h': '1' } hapd = hostapd.add_ap(apdev[0], params, wait_enabled=False) ev = wait_dfs_event(hapd, "DFS-CAC-START", 5) if "DFS-CAC-START" not in ev: raise Exception("Unexpected DFS event") state = hapd.get_status_field("state") if state != "DFS": if state == "DISABLED" and not os.path.exists("dfs"): # Not all systems have recent enough CRDA version and # wireless-regdb changes to support 160 MHz and DFS. For now, # do not report failures for this test case. raise HwsimSkip( "CRDA or wireless-regdb did not support 160 MHz") raise Exception("Unexpected interface state: " + state) logger.info("Waiting for CAC to complete") ev = wait_dfs_event(hapd, "DFS-CAC-COMPLETED", 70) if "success=1" not in ev: raise Exception("CAC failed") if "freq=5180" not in ev: raise Exception("Unexpected DFS freq result") ev = hapd.wait_event(["AP-ENABLED"], timeout=5) if not ev: raise Exception("AP setup timed out") state = hapd.get_status_field("state") if state != "ENABLED": raise Exception("Unexpected interface state") dev[0].connect("vht", key_mgmt="NONE", scan_freq="5180") dev[0].wait_regdom(country_ie=True) hwsim_utils.test_connectivity(dev[0], hapd) sig = dev[0].request("SIGNAL_POLL").splitlines() if "FREQUENCY=5180" not in sig: raise Exception("Unexpected SIGNAL_POLL value(1): " + str(sig)) if "WIDTH=160 MHz" not in sig: raise Exception("Unexpected SIGNAL_POLL value(2): " + str(sig)) except Exception as e: if isinstance(e, Exception) and str(e) == "AP startup failed": if not vht_supported(): raise HwsimSkip( "80/160 MHz channel not supported in regulatory information" ) raise finally: if hapd: hapd.request("DISABLE") dev[0].disconnect_and_stop_scan() subprocess.call(['iw', 'reg', 'set', '00']) dev[0].wait_event(["CTRL-EVENT-REGDOM-CHANGE"], timeout=0.5) dev[0].flush_scan_cache()
def check_connectivity(sta0, sta1, ap): hwsim_utils.test_connectivity_sta(sta0, sta1) hwsim_utils.test_connectivity(sta0.ifname, ap['ifname']) hwsim_utils.test_connectivity(sta1.ifname, ap['ifname'])
def check_connectivity(sta0, sta1, hapd): hwsim_utils.test_connectivity_sta(sta0, sta1) hwsim_utils.test_connectivity(sta0, hapd) hwsim_utils.test_connectivity(sta1, hapd)
def connectivity(dev, hapd): hwsim_utils.test_connectivity_sta(dev[0], dev[1]) hwsim_utils.test_connectivity(dev[0], hapd) hwsim_utils.test_connectivity(dev[1], hapd)
print bssid0 print bssid1 print bssid2 # Allow some time for all peers to complete key setup time.sleep(1) # This is supposed to work, but looks like WPA-None does not work with # mac80211 currently.. try: hwsim_utils.test_connectivity(dev[0].ifname, dev[1].ifname) except Exception, e: logger.info("Ignoring known connectivity failure: " + str(e)) try: hwsim_utils.test_connectivity(dev[0].ifname, dev[2].ifname) except Exception, e: logger.info("Ignoring known connectivity failure: " + str(e)) try: hwsim_utils.test_connectivity(dev[1].ifname, dev[2].ifname) except Exception, e: logger.info("Ignoring known connectivity failure: " + str(e)) def test_ibss_wpa_none_ccmp(dev): """IBSS WPA-None/CCMP""" ssid="ibss-wpa-none" logger.info("Start IBSS on the first STA") id = add_ibss_wpa_none(dev[0], ssid) connect_ibss_cmd(dev[0], id) bssid0 = wait_ibss_connection(dev[0])
def test_tspec(dev, apdev): """Basic addts/delts tests""" # configure ap with VO and VI requiring admission-control hapd = add_wmm_ap(apdev[0], ["VO", "VI"]) dev[0].connect("wmm_ac", key_mgmt="NONE", scan_freq="2462") hwsim_utils.test_connectivity(dev[0], hapd) status = dev[0].request("WMM_AC_STATUS") if "WMM AC is Enabled" not in status: raise Exception("WMM-AC not enabled") if "TSID" in status: raise Exception("Unexpected TSID info") if "BK: acm=0 uapsd=0" not in status: raise Exception("Unexpected BK info" + status) if "BE: acm=0 uapsd=0" not in status: raise Exception("Unexpected BE info" + status) if "VI: acm=1 uapsd=0" not in status: raise Exception("Unexpected VI info" + status) if "VO: acm=1 uapsd=0" not in status: raise Exception("Unexpected VO info" + status) # no tsid --> tsid out of range if "FAIL" not in dev[0].request("WMM_AC_ADDTS downlink"): raise Exception("Invalid WMM_AC_ADDTS accepted") # no direction if "FAIL" not in dev[0].request("WMM_AC_ADDTS tsid=5"): raise Exception("Invalid WMM_AC_ADDTS accepted") # param out of range if "FAIL" not in dev[0].request("WMM_AC_ADDTS tsid=5 downlink"): raise Exception("Invalid WMM_AC_ADDTS accepted") tsid = 5 # make sure we fail when the ac is not configured for acm try: dev[0].add_ts(tsid, 3) raise Exception("ADDTS succeeded although it should have failed") except Exception as e: if not str(e).startswith("ADDTS failed"): raise status = dev[0].request("WMM_AC_STATUS") if "TSID" in status: raise Exception("Unexpected TSID info") # add tspec for UP=6 dev[0].add_ts(tsid, 6) status = dev[0].request("WMM_AC_STATUS") if "TSID" not in status: raise Exception("Missing TSID info") # using the same tsid for a different ac is invalid try: dev[0].add_ts(tsid, 5) raise Exception("ADDTS succeeded although it should have failed") except Exception as e: if not str(e).startswith("ADDTS failed"): raise # update the tspec for a different UP of the same ac dev[0].add_ts(tsid, 7, extra="fixed_nominal_msdu") dev[0].del_ts(tsid) status = dev[0].request("WMM_AC_STATUS") if "TSID" in status: raise Exception("Unexpected TSID info") # verify failure on uplink/bidi without driver support tsid = 6 try: dev[0].add_ts(tsid, 7, direction="uplink") raise Exception("ADDTS succeeded although it should have failed") except Exception as e: if not str(e).startswith("ADDTS failed"): raise try: dev[0].add_ts(tsid, 7, direction="bidi") raise Exception("ADDTS succeeded although it should have failed") except Exception as e: if not str(e).startswith("ADDTS failed"): raise # attempt to delete non-existing tsid try: dev[0].del_ts(tsid) raise Exception("DELTS succeeded although it should have failed") except Exception as e: if not str(e).startswith("DELTS failed"): raise # "CTRL: Invalid WMM_AC_ADDTS parameter: 'foo' if "FAIL" not in dev[0].request("WMM_AC_ADDTS foo"): raise Exception("Invalid WMM_AC_ADDTS command accepted")
def test_ibss_rsn(dev): """IBSS RSN""" ssid = "ibss-rsn" logger.info("Start IBSS on the first STA") id = add_ibss_rsn(dev[0], ssid) # FIX: For now, this disables HT to avoid a strange issue with mac80211 # frame reordering during the final test_connectivity() call. Once that is # figured out, these disable_ht=1 calls should be removed from the test # case. dev[0].set_network(id, "disable_ht", "1") connect_ibss_cmd(dev[0], id) bssid0 = wait_ibss_connection(dev[0]) logger.info("Join two STAs to the IBSS") id = add_ibss_rsn(dev[1], ssid) dev[1].set_network(id, "disable_ht", "1") connect_ibss_cmd(dev[1], id) bssid1 = wait_ibss_connection(dev[1]) if bssid0 != bssid1: logger.info("STA0 BSSID " + bssid0 + " differs from STA1 BSSID " + bssid1) # try to merge with a scan dev[1].scan() wait_4way_handshake(dev[0], dev[1]) wait_4way_handshake(dev[1], dev[0]) id = add_ibss_rsn(dev[2], ssid) connect_ibss_cmd(dev[2], id) bssid2 = wait_ibss_connection(dev[2]) if bssid0 != bssid2: logger.info("STA0 BSSID " + bssid0 + " differs from STA2 BSSID " + bssid2) # try to merge with a scan dev[2].scan() wait_4way_handshake(dev[0], dev[2]) wait_4way_handshake2(dev[2], dev[0], dev[1]) # Allow some time for all peers to complete key setup time.sleep(3) hwsim_utils.test_connectivity(dev[0], dev[1]) hwsim_utils.test_connectivity(dev[0], dev[2]) hwsim_utils.test_connectivity(dev[1], dev[2]) dev[1].request("REMOVE_NETWORK all") time.sleep(1) id = add_ibss_rsn(dev[1], ssid) dev[1].set_network(id, "disable_ht", "1") connect_ibss_cmd(dev[1], id) bssid1 = wait_ibss_connection(dev[1]) if bssid0 != bssid1: logger.info("STA0 BSSID " + bssid0 + " differs from STA1 BSSID " + bssid1) # try to merge with a scan dev[1].scan() wait_4way_handshake(dev[0], dev[1]) wait_4way_handshake(dev[1], dev[0]) time.sleep(3) hwsim_utils.test_connectivity(dev[0], dev[1]) if "OK" not in dev[0].request("IBSS_RSN " + dev[1].p2p_interface_addr()): raise Exception("IBSS_RSN command failed") key_mgmt = dev[0].get_status_field("key_mgmt") if key_mgmt != "WPA2-PSK": raise Exception("Unexpected STATUS key_mgmt: " + key_mgmt)
def connectivity(dev, ap_ifname): hwsim_utils.test_connectivity_sta(dev[0], dev[1]) hwsim_utils.test_connectivity(dev[0].ifname, ap_ifname) hwsim_utils.test_connectivity(dev[1].ifname, ap_ifname)
def test_ap_mixed_security(dev, apdev): """WPA/WPA2 with PSK, EAP, SAE, FT in a single BSS""" skip_with_fips(dev[0]) dev[0].flush_scan_cache() sae = "SAE" in dev[0].get_capability("auth_alg") ssid = "test-mixed" passphrase = 'qwertyuiop' params = hostapd.wpa_mixed_params(ssid=ssid, passphrase=passphrase) params['wpa_key_mgmt'] = "WPA-PSK WPA-PSK-SHA256 WPA-EAP WPA-EAP-SHA256 SAE FT-PSK FT-EAP FT-SAE" params["ieee8021x"] = "1" params["eap_server"] = "1" params["eap_user_file"] = "auth_serv/eap_user.conf" params['nas_identifier'] = "nas1.w1.fi" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect(ssid, key_mgmt="WPA-PSK", proto="WPA", pairwise="TKIP", psk=passphrase, scan_freq="2412") dev[1].connect(ssid, key_mgmt="WPA-EAP-SHA256", proto="WPA2", eap="GPSK", identity="gpsk user", password="******", scan_freq="2412") if sae: dev[2].connect(ssid, psk=passphrase, key_mgmt="SAE", scan_freq="2412") logger.debug(dev[0].request("SCAN_RESULTS")) bss = dev[0].get_bss(apdev[0]['bssid']) logger.debug(bss) if "[WPA-EAP+PSK-TKIP]" not in bss['flags']: raise Exception("Unexpected flags (WPA): " + bss['flags']) if sae and "[WPA2-EAP+PSK+SAE+FT/EAP+FT/PSK+FT/SAE+EAP-SHA256+PSK-SHA256-CCMP]" not in bss['flags']: raise Exception("Unexpected flags (WPA2): " + bss['flags']) if dev[0].get_status_field("key_mgmt") != "WPA-PSK": raise Exception("Unexpected key_mgmt(1)") if dev[0].get_status_field("pairwise_cipher") != "TKIP": raise Exception("Unexpected pairwise(1)") if dev[1].get_status_field("key_mgmt") != "WPA2-EAP-SHA256": raise Exception("Unexpected key_mgmt(2)") if sae and dev[2].get_status_field("key_mgmt") != "SAE": raise Exception("Unexpected key_mgmt(3)") hwsim_utils.test_connectivity(dev[0], dev[1]) if sae: hwsim_utils.test_connectivity(dev[1], dev[2]) hwsim_utils.test_connectivity(dev[0], dev[2]) for i in range(3): if i < 2 or sae: hwsim_utils.test_connectivity(dev[i], hapd) dev[i].request("DISCONNECT") dev[0].connect(ssid, key_mgmt="WPA-PSK WPA-PSK-SHA256", psk=passphrase, scan_freq="2412") dev[1].connect(ssid, key_mgmt="WPA-EAP", proto="WPA", eap="GPSK", identity="gpsk user", password="******", scan_freq="2412") if sae: dev[2].connect(ssid, key_mgmt="WPA-PSK WPA-PSK-SHA256 SAE", psk=passphrase, scan_freq="2412") if dev[0].get_status_field("key_mgmt") != "WPA2-PSK-SHA256": raise Exception("Unexpected key_mgmt(1b)") if dev[0].get_status_field("pairwise_cipher") != "CCMP": raise Exception("Unexpected pairwise(1b)") if dev[1].get_status_field("key_mgmt") != "WPA/IEEE 802.1X/EAP": raise Exception("Unexpected key_mgmt(2b)") if sae and dev[2].get_status_field("key_mgmt") != "SAE": raise Exception("Unexpected key_mgmt(3b)") for i in range(3): dev[i].request("DISCONNECT") dev[0].connect(ssid, key_mgmt="FT-PSK", psk=passphrase, scan_freq="2412") dev[1].connect(ssid, key_mgmt="FT-EAP", eap="GPSK", identity="gpsk user", password="******", scan_freq="2412") if sae: dev[2].connect(ssid, psk=passphrase, key_mgmt="FT-SAE", scan_freq="2412") if dev[0].get_status_field("key_mgmt") != "FT-PSK": raise Exception("Unexpected key_mgmt(1c)") if dev[1].get_status_field("key_mgmt") != "FT-EAP": raise Exception("Unexpected key_mgmt(2c)") if sae and dev[2].get_status_field("key_mgmt") != "FT-SAE": raise Exception("Unexpected key_mgmt(3c)")
if 'flags' not in bss: raise Exception("Could not get BSS flags from BSS table") if "[WPA-None-TKIP]" not in bss['flags']: raise Exception("Unexpected BSS flags: " + bss['flags']) # Allow some time for all peers to complete key setup time.sleep(1) # This is supposed to work, but looks like WPA-None does not work with # mac80211 currently.. try: hwsim_utils.test_connectivity(dev[0], dev[1]) except Exception, e: logger.info("Ignoring known connectivity failure: " + str(e)) try: hwsim_utils.test_connectivity(dev[0], dev[2]) except Exception, e: logger.info("Ignoring known connectivity failure: " + str(e)) try: hwsim_utils.test_connectivity(dev[1], dev[2]) except Exception, e: logger.info("Ignoring known connectivity failure: " + str(e)) def test_ibss_wpa_none_ccmp(dev): """IBSS WPA-None/CCMP""" ssid="ibss-wpa-none" logger.info("Start IBSS on the first STA") id = add_ibss_wpa_none(dev[0], ssid) connect_ibss_cmd(dev[0], id) bssid0 = wait_ibss_connection(dev[0])
def test_ap_pmf_inject_auth(dev, apdev): """WPA2-PSK AP with PMF and Authentication frame injection""" ssid = "test-pmf" params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678") params["wpa_key_mgmt"] = "WPA-PSK-SHA256" params["ieee80211w"] = "2" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect(ssid, psk="12345678", ieee80211w="2", key_mgmt="WPA-PSK-SHA256", proto="WPA2", scan_freq="2412") hapd.wait_sta() hwsim_utils.test_connectivity(dev[0], hapd) bssid = hapd.own_addr().replace(':', '') addr = dev[0].own_addr().replace(':', '') # Inject an unprotected Authentication frame claiming to be from the # associated STA, from another STA, from the AP's own address, from all # zeros and all ones addresses, and from a multicast address. hapd.request("SET ext_mgmt_frame_handling 1") failed = False addresses = [addr, "021122334455", bssid, 6 * "00", 6 * "ff", 6 * "01"] for a in addresses: auth = "b0003a01" + bssid + a + bssid + '1000000001000000' res = hapd.request( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % auth) if "OK" not in res: failed = True hapd.request("SET ext_mgmt_frame_handling 0") if failed: raise Exception("MGMT_RX_PROCESS failed") time.sleep(0.1) ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=0.1) if ev: raise Exception("Unexpected disconnection reported on the STA") # Verify that original association is still functional. hwsim_utils.test_connectivity(dev[0], hapd) # Inject an unprotected Association Request frame (with and without RSNE) # claiming to be from the set of test addresses. hapd.request("SET ext_mgmt_frame_handling 1") for a in addresses: assoc = "00003a01" + bssid + a + bssid + '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824' + '301a0100000fac040100000fac040100000fac06c0000000000fac06' res = hapd.request( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % assoc) if "OK" not in res: failed = True assoc = "00003a01" + bssid + a + bssid + '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824' + '3000' res = hapd.request( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % assoc) if "OK" not in res: failed = True assoc = "00003a01" + bssid + a + bssid + '2000' + '31040500' + '0008746573742d706d66' + '010802040b160c121824' res = hapd.request( "MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % assoc) if "OK" not in res: failed = True hapd.request("SET ext_mgmt_frame_handling 0") if failed: raise Exception("MGMT_RX_PROCESS failed") time.sleep(5) ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=0.1) if ev: raise Exception("Unexpected disconnection reported on the STA") # Verify that original association is still functional. hwsim_utils.test_connectivity(dev[0], hapd)
def test_ibss_wpa_none(dev): """IBSS WPA-None""" ssid = "ibss-wpa-none" logger.info("Start IBSS on the first STA") id = add_ibss_wpa_none(dev[0], ssid) connect_ibss_cmd(dev[0], id) bssid0 = wait_ibss_connection(dev[0]) # This is a bit ugly, but no one really cares about WPA-None, so there may # not be enough justification to clean this up.. For now, wpa_supplicant # will show two connection events with mac80211_hwsim where the first one # comes with all zeros address. if bssid0 == "00:00:00:00:00:00": logger.info("Waiting for real BSSID on the first STA") bssid0 = wait_ibss_connection(dev[0]) logger.info("Join two STAs to the IBSS") id = add_ibss_wpa_none(dev[1], ssid) connect_ibss_cmd(dev[1], id) id = add_ibss_wpa_none(dev[2], ssid) connect_ibss_cmd(dev[2], id) bssid1 = wait_ibss_connection(dev[1]) if bssid0 != bssid1: logger.info("STA0 BSSID " + bssid0 + " differs from STA1 BSSID " + bssid1) bssid1 = wait_ibss_connection(dev[1]) bssid2 = wait_ibss_connection(dev[2]) if bssid0 != bssid2: logger.info("STA0 BSSID " + bssid0 + " differs from STA2 BSSID " + bssid2) bssid2 = wait_ibss_connection(dev[2]) logger.info("bssid0=%s bssid1=%s bssid2=%s" % (bssid0, bssid1, bssid2)) bss = dev[0].get_bss(bssid0) if not bss: bss = dev[1].get_bss(bssid1) if not bss: raise Exception("Could not find BSS entry for IBSS") if 'flags' not in bss: raise Exception("Could not get BSS flags from BSS table") if "[WPA-None-TKIP]" not in bss['flags']: raise Exception("Unexpected BSS flags: " + bss['flags']) # Allow some time for all peers to complete key setup time.sleep(1) # This is supposed to work, but looks like WPA-None does not work with # mac80211 currently.. try: hwsim_utils.test_connectivity(dev[0], dev[1]) except Exception as e: logger.info("Ignoring known connectivity failure: " + str(e)) try: hwsim_utils.test_connectivity(dev[0], dev[2]) except Exception as e: logger.info("Ignoring known connectivity failure: " + str(e)) try: hwsim_utils.test_connectivity(dev[1], dev[2]) except Exception as e: logger.info("Ignoring known connectivity failure: " + str(e)) key_mgmt = dev[0].get_status_field("key_mgmt") if key_mgmt != "WPA-NONE": raise Exception("Unexpected STATUS key_mgmt: " + key_mgmt)
def test_fils_sk_multiple_realms(dev, apdev): """FILS SK and multiple realms""" check_fils_capa(dev[0]) check_erp_capa(dev[0]) start_erp_as(apdev[1]) bssid = apdev[0]['bssid'] params = hostapd.wpa2_eap_params(ssid="fils") params['wpa_key_mgmt'] = "FILS-SHA256" params['auth_server_port'] = "18128" params['erp_domain'] = 'example.com' fils_realms = [ 'r1.example.org', 'r2.EXAMPLE.org', 'r3.example.org', 'r4.example.org', 'r5.example.org', 'r6.example.org', 'r7.example.org', 'r8.example.org', 'example.com', 'r9.example.org', 'r10.example.org', 'r11.example.org', 'r12.example.org', 'r13.example.org', 'r14.example.org', 'r15.example.org', 'r16.example.org' ] params['fils_realm'] = fils_realms params['fils_cache_id'] = "1234" params['hessid'] = bssid hapd = hostapd.add_ap(apdev[0]['ifname'], params) dev[0].scan_for_bss(bssid, freq=2412) if "OK" not in dev[0].request("ANQP_GET " + bssid + " 275"): raise Exception("ANQP_GET command failed") ev = dev[0].wait_event(["GAS-QUERY-DONE"], timeout=10) if ev is None: raise Exception("GAS query timed out") bss = dev[0].get_bss(bssid) if 'fils_info' not in bss: raise Exception("FILS Indication element information missing") if bss['fils_info'] != '02b8': raise Exception("Unexpected FILS Information: " + bss['fils_info']) if 'fils_cache_id' not in bss: raise Exception("FILS Cache Identifier missing") if bss['fils_cache_id'] != '1234': raise Exception("Unexpected FILS Cache Identifier: " + bss['fils_cache_id']) if 'fils_realms' not in bss: raise Exception("FILS Realm Identifiers missing") expected = '' count = 0 for realm in fils_realms: hash = hashlib.sha256(realm.lower()).digest() expected += binascii.hexlify(hash[0:2]) count += 1 if count == 7: break if bss['fils_realms'] != expected: raise Exception("Unexpected FILS Realm Identifiers: " + bss['fils_realms']) if 'anqp_fils_realm_info' not in bss: raise Exception("FILS Realm Information ANQP-element not seen") info = bss['anqp_fils_realm_info'] expected = '' for realm in fils_realms: hash = hashlib.sha256(realm.lower()).digest() expected += binascii.hexlify(hash[0:2]) if info != expected: raise Exception("Unexpected FILS Realm Info ANQP-element: " + info) dev[0].request("ERP_FLUSH") id = dev[0].connect("fils", key_mgmt="FILS-SHA256", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", erp="1", scan_freq="2412") dev[0].request("DISCONNECT") dev[0].wait_disconnected() dev[0].dump_monitor() dev[0].select_network(id, freq=2412) ev = dev[0].wait_event([ "CTRL-EVENT-EAP-STARTED", "EVENT-ASSOC-REJECT", "CTRL-EVENT-CONNECTED" ], timeout=10) if ev is None: raise Exception("Connection using FILS/ERP timed out") if "CTRL-EVENT-EAP-STARTED" in ev: raise Exception("Unexpected EAP exchange") if "EVENT-ASSOC-REJECT" in ev: raise Exception("Association failed") hwsim_utils.test_connectivity(dev[0], hapd)
def test_go_neg_forced_freq_diff_than_bss_freq(dev, apdev): """P2P channel selection: GO negotiation with forced freq different than station interface""" with HWSimRadio(n_channels=2) as (radio, iface): wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') wpas.interface_add(iface) if wpas.get_mcc() < 2: raise Exception("New radio does not support MCC") # Clear possible PBC session overlap from previous test case dev[1].flush_scan_cache() wpas.request("SET p2p_no_group_iface 0") hapd = hostapd.add_ap( apdev[0]['ifname'], { "country_code": 'US', "ssid": 'bss-5ghz', "hw_mode": 'a', "channel": '40' }) wpas.connect("bss-5ghz", key_mgmt="NONE", scan_freq="5200") # GO and peer force the same freq, different than BSS freq, # wpas to become GO [i_res, r_res] = go_neg_pbc(i_dev=dev[1], i_intent=1, i_freq=5180, r_dev=wpas, r_intent=14, r_freq=5180) check_grpform_results(i_res, r_res) if i_res['freq'] != "5180": raise Exception("P2P group formed on unexpected frequency: " + i_res['freq']) if r_res['role'] != "GO": raise Exception("GO not selected according to go_intent") hwsim_utils.test_connectivity(wpas, hapd) wpas.remove_group(r_res['ifname']) dev[1].wait_go_ending_session() dev[1].flush_scan_cache() # GO and peer force the same freq, different than BSS freq, wpas to # become client [i_res2, r_res2] = go_neg_pbc(i_dev=dev[1], i_intent=14, i_freq=2422, r_dev=wpas, r_intent=1, r_freq=2422) check_grpform_results(i_res2, r_res2) if i_res2['freq'] != "2422": raise Exception("P2P group formed on unexpected frequency: " + i_res2['freq']) if r_res2['role'] != "client": raise Exception("GO not selected according to go_intent") hwsim_utils.test_connectivity(wpas, hapd) wpas.request("DISCONNECT") hapd.request("DISABLE") subprocess.call(['iw', 'reg', 'set', '00']) wpas.flush_scan_cache()
def test_fils_sk_pmksa_caching_and_cache_id(dev, apdev): """FILS SK and PMKSA caching with Cache Identifier""" check_fils_capa(dev[0]) check_erp_capa(dev[0]) bssid = apdev[0]['bssid'] params = hostapd.wpa2_eap_params(ssid="fils") params['wpa_key_mgmt'] = "FILS-SHA256" params['auth_server_port'] = "18128" params['erp_domain'] = 'example.com' params['fils_realm'] = 'example.com' params['fils_cache_id'] = "abcd" params["radius_server_clients"] = "auth_serv/radius_clients.conf" params["radius_server_auth_port"] = '18128' params["eap_server"] = "1" params["eap_user_file"] = "auth_serv/eap_user.conf" params["ca_cert"] = "auth_serv/ca.pem" params["server_cert"] = "auth_serv/server.pem" params["private_key"] = "auth_serv/server.key" params["eap_sim_db"] = "unix:/tmp/hlr_auc_gw.sock" params["dh_file"] = "auth_serv/dh.conf" params["pac_opaque_encr_key"] = "000102030405060708090a0b0c0d0e0f" params["eap_fast_a_id"] = "101112131415161718191a1b1c1d1e1f" params["eap_fast_a_id_info"] = "test server" params["eap_server_erp"] = "1" params["erp_domain"] = "example.com" hapd = hostapd.add_ap(apdev[0]['ifname'], params) dev[0].scan_for_bss(bssid, freq=2412) dev[0].request("ERP_FLUSH") id = dev[0].connect("fils", key_mgmt="FILS-SHA256", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", erp="1", scan_freq="2412") res = dev[0].request("PMKSA") if "FILS Cache Identifier" not in res: raise Exception("PMKSA list does not include FILS Cache Identifier") pmksa = dev[0].get_pmksa(bssid) if pmksa is None: raise Exception("No PMKSA cache entry created") if "cache_id" not in pmksa: raise Exception("No FILS Cache Identifier listed") if pmksa["cache_id"] != "abcd": raise Exception( "The configured FILS Cache Identifier not seen in PMKSA") bssid2 = apdev[1]['bssid'] params = hostapd.wpa2_eap_params(ssid="fils") params['wpa_key_mgmt'] = "FILS-SHA256" params['auth_server_port'] = "18128" params['erp_domain'] = 'example.com' params['fils_realm'] = 'example.com' params['fils_cache_id'] = "abcd" hapd2 = hostapd.add_ap(apdev[1]['ifname'], params) dev[0].scan_for_bss(bssid2, freq=2412) dev[0].dump_monitor() if "OK" not in dev[0].request("ROAM " + bssid2): raise Exception("ROAM failed") ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED", "CTRL-EVENT-CONNECTED"], timeout=10) if ev is None: raise Exception("Connection using PMKSA caching timed out") if "CTRL-EVENT-EAP-STARTED" in ev: raise Exception("Unexpected EAP exchange") if bssid2 not in ev: raise Exception("Failed to connect to the second AP") hwsim_utils.test_connectivity(dev[0], hapd2) pmksa2 = dev[0].get_pmksa(bssid2) if pmksa2: raise Exception("Unexpected extra PMKSA cache added") pmksa2 = dev[0].get_pmksa(bssid) if not pmksa2: raise Exception("Original PMKSA cache entry removed") if pmksa['pmkid'] != pmksa2['pmkid']: raise Exception("Unexpected PMKID change")
def run_owe_transition_mode(dev, apdev): if "OWE" not in dev[0].get_capability("key_mgmt"): raise HwsimSkip("OWE not supported") dev[0].flush_scan_cache() params = { "ssid": "owe-random", "wpa": "2", "wpa_key_mgmt": "OWE", "rsn_pairwise": "CCMP", "ieee80211w": "2", "owe_transition_bssid": apdev[1]['bssid'], "owe_transition_ssid": '"owe-test"', "ignore_broadcast_ssid": "1" } hapd = hostapd.add_ap(apdev[0], params) bssid = hapd.own_addr() params = { "ssid": "owe-test", "owe_transition_bssid": apdev[0]['bssid'], "owe_transition_ssid": '"owe-random"' } hapd2 = hostapd.add_ap(apdev[1], params) bssid2 = hapd2.own_addr() dev[0].scan_for_bss(bssid, freq="2412") dev[0].scan_for_bss(bssid2, freq="2412") bss = dev[0].get_bss(bssid) if "[WPA2-OWE-CCMP]" not in bss['flags']: raise Exception("OWE AKM not recognized: " + bss['flags']) if "[OWE-TRANS]" not in bss['flags']: raise Exception("OWE transition not recognized: " + bss['flags']) bss = dev[0].get_bss(bssid2) if "[OWE-TRANS-OPEN]" not in bss['flags']: raise Exception("OWE transition (open) not recognized: " + bss['flags']) id = dev[0].connect("owe-test", key_mgmt="OWE", ieee80211w="2", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd) val = dev[0].get_status_field("key_mgmt") if val != "OWE": raise Exception("Unexpected key_mgmt: " + val) logger.info("Move to OWE only mode (disable transition mode)") dev[0].request("DISCONNECT") dev[0].wait_disconnected() dev[0].dump_monitor() hapd2.disable() hapd.disable() dev[0].flush_scan_cache() hapd.set("owe_transition_bssid", "00:00:00:00:00:00") hapd.set("ignore_broadcast_ssid", '0') hapd.set("ssid", 'owe-test') hapd.enable() dev[0].scan_for_bss(bssid, freq="2412") dev[0].select_network(id, 2412) dev[0].wait_connected() hwsim_utils.test_connectivity(dev[0], hapd)
def test_wpas_mesh_dynamic_interface(dev): """wpa_supplicant mesh with dynamic interface""" check_mesh_support(dev[0]) mesh0 = None mesh1 = None try: mesh0 = dev[0].request("MESH_INTERFACE_ADD ifname=mesh0") if "FAIL" in mesh0: raise Exception("MESH_INTERFACE_ADD failed") mesh1 = dev[1].request("MESH_INTERFACE_ADD") if "FAIL" in mesh1: raise Exception("MESH_INTERFACE_ADD failed") wpas0 = WpaSupplicant(ifname=mesh0) wpas1 = WpaSupplicant(ifname=mesh1) logger.info(mesh0 + " address " + wpas0.get_status_field("address")) logger.info(mesh1 + " address " + wpas1.get_status_field("address")) add_open_mesh_network(wpas0) add_open_mesh_network(wpas1) check_mesh_group_added(wpas0) check_mesh_group_added(wpas1) check_mesh_peer_connected(wpas0) check_mesh_peer_connected(wpas1) hwsim_utils.test_connectivity(wpas0, wpas1) # Must not allow MESH_GROUP_REMOVE on dynamic interface if "FAIL" not in wpas0.request("MESH_GROUP_REMOVE " + mesh0): raise Exception("Invalid MESH_GROUP_REMOVE accepted") if "FAIL" not in wpas1.request("MESH_GROUP_REMOVE " + mesh1): raise Exception("Invalid MESH_GROUP_REMOVE accepted") # Must not allow MESH_GROUP_REMOVE on another radio interface if "FAIL" not in wpas0.request("MESH_GROUP_REMOVE " + mesh1): raise Exception("Invalid MESH_GROUP_REMOVE accepted") if "FAIL" not in wpas1.request("MESH_GROUP_REMOVE " + mesh0): raise Exception("Invalid MESH_GROUP_REMOVE accepted") wpas0.remove_ifname() wpas1.remove_ifname() if "OK" not in dev[0].request("MESH_GROUP_REMOVE " + mesh0): raise Exception("MESH_GROUP_REMOVE failed") if "OK" not in dev[1].request("MESH_GROUP_REMOVE " + mesh1): raise Exception("MESH_GROUP_REMOVE failed") if "FAIL" not in dev[0].request("MESH_GROUP_REMOVE " + mesh0): raise Exception("Invalid MESH_GROUP_REMOVE accepted") if "FAIL" not in dev[1].request("MESH_GROUP_REMOVE " + mesh1): raise Exception("Invalid MESH_GROUP_REMOVE accepted") logger.info("Make sure another dynamic group can be added") mesh0 = dev[0].request("MESH_INTERFACE_ADD ifname=mesh0") if "FAIL" in mesh0: raise Exception("MESH_INTERFACE_ADD failed") mesh1 = dev[1].request("MESH_INTERFACE_ADD") if "FAIL" in mesh1: raise Exception("MESH_INTERFACE_ADD failed") wpas0 = WpaSupplicant(ifname=mesh0) wpas1 = WpaSupplicant(ifname=mesh1) logger.info(mesh0 + " address " + wpas0.get_status_field("address")) logger.info(mesh1 + " address " + wpas1.get_status_field("address")) add_open_mesh_network(wpas0) add_open_mesh_network(wpas1) check_mesh_group_added(wpas0) check_mesh_group_added(wpas1) check_mesh_peer_connected(wpas0) check_mesh_peer_connected(wpas1) hwsim_utils.test_connectivity(wpas0, wpas1) finally: if mesh0: dev[0].request("MESH_GROUP_REMOVE " + mesh0) if mesh1: dev[1].request("MESH_GROUP_REMOVE " + mesh1)
def test_fils_sk_erp_another_ssid(dev, apdev): """FILS SK using ERP and roam to another SSID""" check_fils_capa(dev[0]) check_erp_capa(dev[0]) start_erp_as(apdev[1]) bssid = apdev[0]['bssid'] params = hostapd.wpa2_eap_params(ssid="fils") params['wpa_key_mgmt'] = "FILS-SHA256" params['auth_server_port'] = "18128" params['erp_domain'] = 'example.com' params['fils_realm'] = 'example.com' params['disable_pmksa_caching'] = '1' hapd = hostapd.add_ap(apdev[0]['ifname'], params) dev[0].scan_for_bss(bssid, freq=2412) dev[0].request("ERP_FLUSH") id = dev[0].connect("fils", key_mgmt="FILS-SHA256", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", erp="1", scan_freq="2412") dev[0].request("DISCONNECT") dev[0].wait_disconnected() hapd.disable() dev[0].flush_scan_cache() if "FAIL" in dev[0].request("PMKSA_FLUSH"): raise Exception("PMKSA_FLUSH failed") params = hostapd.wpa2_eap_params(ssid="fils2") params['wpa_key_mgmt'] = "FILS-SHA256" params['auth_server_port'] = "18128" params['erp_domain'] = 'example.com' params['fils_realm'] = 'example.com' params['disable_pmksa_caching'] = '1' hapd = hostapd.add_ap(apdev[0]['ifname'], params) dev[0].scan_for_bss(bssid, freq=2412) dev[0].dump_monitor() id = dev[0].connect("fils2", key_mgmt="FILS-SHA256", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", erp="1", scan_freq="2412", wait_connect=False) ev = dev[0].wait_event([ "CTRL-EVENT-EAP-STARTED", "EVENT-ASSOC-REJECT", "CTRL-EVENT-CONNECTED" ], timeout=10) if ev is None: raise Exception("Connection using FILS/ERP timed out") if "CTRL-EVENT-EAP-STARTED" in ev: raise Exception("Unexpected EAP exchange") if "EVENT-ASSOC-REJECT" in ev: raise Exception("Association failed") hwsim_utils.test_connectivity(dev[0], hapd)