def test_ap_wpa_mixed_tdls(dev, apdev):
"""WPA+WPA2-PSK AP and two stations using TDLS"""
hapd = hostapd.add_ap(apdev[0]['ifname'],
hostapd.wpa_mixed_params(ssid="test-wpa-mixed-psk",
passphrase="12345678"))
wlantest_setup()
connect_2sta_wpa_psk_mixed(dev, hapd)
setup_tdls(dev[0], dev[1], apdev[0])
teardown_tdls(dev[0], dev[1], apdev[0])
setup_tdls(dev[1], dev[0], apdev[0])
def test_ap_wpa_mixed_tdls(dev, apdev):
"""WPA+WPA2-PSK AP and two stations using TDLS"""
hapd = hostapd.add_ap(apdev[0]['ifname'],
hostapd.wpa_mixed_params(ssid="test-wpa-mixed-psk",
passphrase="12345678"))
wlantest_setup()
connect_2sta_wpa_psk_mixed(dev, hapd)
setup_tdls(dev[0], dev[1], apdev[0])
teardown_tdls(dev[0], dev[1], apdev[0])
setup_tdls(dev[1], dev[0], apdev[0])
def test_multi_ap_wps_split_mixed(dev, apdev):
"""WPS on split fronthaul and backhaul AP with mixed-mode fronthaul"""
backhaul_ssid = "multi-ap-backhaul-wps"
backhaul_passphrase = "87654321"
params = hostapd.wpa_mixed_params(ssid="multi-ap-fronthaul-wps",
passphrase="12345678")
params.update({ "multi_ap": "2",
"multi_ap_backhaul_ssid": '"%s"' % backhaul_ssid,
"multi_ap_backhaul_wpa_passphrase": backhaul_passphrase })
params_backhaul = hostapd.wpa2_params(ssid=backhaul_ssid,
passphrase=backhaul_passphrase)
params_backhaul.update({ "multi_ap": "1" })
hapd_backhaul = hostapd.add_ap(apdev[1], params_backhaul)
run_multi_ap_wps(dev, apdev, params, hapd_backhaul.own_addr())
def test_multi_ap_wps_split_mixed(dev, apdev):
"""WPS on split fronthaul and backhaul AP with mixed-mode fronthaul"""
backhaul_ssid = "multi-ap-backhaul-wps"
backhaul_passphrase = "87654321"
params = hostapd.wpa_mixed_params(ssid="multi-ap-fronthaul-wps",
passphrase="12345678")
params.update({"multi_ap": "2",
"multi_ap_backhaul_ssid": '"%s"' % backhaul_ssid,
"multi_ap_backhaul_wpa_passphrase": backhaul_passphrase})
params_backhaul = hostapd.wpa2_params(ssid=backhaul_ssid,
passphrase=backhaul_passphrase)
params_backhaul.update({"multi_ap": "1"})
hapd_backhaul = hostapd.add_ap(apdev[1], params_backhaul)
run_multi_ap_wps(dev, apdev, params, hapd_backhaul.own_addr())
def get_ap_params(channel="1",
bw="HT20",
country="US",
security="open",
ht_capab=None,
vht_capab=None):
ssid = "test_" + channel + "_" + security + "_" + bw
if bw == "b_only":
params = hostapd.b_only_params(channel, ssid, country)
elif bw == "g_only":
params = hostapd.g_only_params(channel, ssid, country)
elif bw == "g_only_wmm":
params = hostapd.g_only_params(channel, ssid, country)
params['wmm_enabled'] = "1"
elif bw == "a_only":
params = hostapd.a_only_params(channel, ssid, country)
elif bw == "a_only_wmm":
params = hostapd.a_only_params(channel, ssid, country)
params['wmm_enabled'] = "1"
elif bw == "HT20":
params = hostapd.ht20_params(channel, ssid, country)
if ht_capab:
try:
params['ht_capab'] = params['ht_capab'] + ht_capab
except:
params['ht_capab'] = ht_capab
elif bw == "HT40+":
params = hostapd.ht40_plus_params(channel, ssid, country)
if ht_capab:
params['ht_capab'] = params['ht_capab'] + ht_capab
elif bw == "HT40-":
params = hostapd.ht40_minus_params(channel, ssid, country)
if ht_capab:
params['ht_capab'] = params['ht_capab'] + ht_capab
elif bw == "VHT80":
params = hostapd.ht40_plus_params(channel, ssid, country)
if ht_capab:
params['ht_capab'] = params['ht_capab'] + ht_capab
if vht_capab:
try:
params['vht_capab'] = params['vht_capab'] + vht_capab
except:
params['vht_capab'] = vht_capab
params['ieee80211ac'] = "1"
params['vht_oper_chwidth'] = "1"
params['vht_oper_centr_freq_seg0_idx'] = str(int(channel) + 6)
else:
params = {}
# now setup security params
if security == "tkip":
sec_params = hostapd.wpa_params(passphrase="testtest")
elif security == "ccmp":
sec_params = hostapd.wpa2_params(passphrase="testtest")
elif security == "mixed":
sec_params = hostapd.wpa_mixed_params(passphrase="testtest")
elif security == "wep":
sec_params = {
"wep_key0": "123456789a",
"wep_default_key": "0",
"auth_algs": "1"
}
elif security == "wep_shared":
sec_params = {
"wep_key0": "123456789a",
"wep_default_key": "0",
"auth_algs": "2"
}
else:
sec_params = {}
params.update(sec_params)
return params
def test_ap_mixed_security(dev, apdev):
"""WPA/WPA2 with PSK, EAP, SAE, FT in a single BSS"""
skip_with_fips(dev[0])
dev[0].flush_scan_cache()
sae = "SAE" in dev[0].get_capability("auth_alg")
ssid = "test-mixed"
passphrase = 'qwertyuiop'
params = hostapd.wpa_mixed_params(ssid=ssid, passphrase=passphrase)
params['wpa_key_mgmt'] = "WPA-PSK WPA-PSK-SHA256 WPA-EAP WPA-EAP-SHA256 SAE FT-PSK FT-EAP FT-SAE"
params["ieee8021x"] = "1"
params["eap_server"] = "1"
params["eap_user_file"] = "auth_serv/eap_user.conf"
params['nas_identifier'] = "nas1.w1.fi"
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, key_mgmt="WPA-PSK", proto="WPA", pairwise="TKIP",
psk=passphrase, scan_freq="2412")
dev[1].connect(ssid, key_mgmt="WPA-EAP-SHA256", proto="WPA2", eap="GPSK",
identity="gpsk user",
password="******",
scan_freq="2412")
if sae:
dev[2].connect(ssid, psk=passphrase, key_mgmt="SAE", scan_freq="2412")
logger.debug(dev[0].request("SCAN_RESULTS"))
bss = dev[0].get_bss(apdev[0]['bssid'])
logger.debug(bss)
if "[WPA-EAP+PSK-TKIP]" not in bss['flags']:
raise Exception("Unexpected flags (WPA): " + bss['flags'])
if sae and "[WPA2-EAP+PSK+SAE+FT/EAP+FT/PSK+FT/SAE+EAP-SHA256+PSK-SHA256-CCMP]" not in bss['flags']:
raise Exception("Unexpected flags (WPA2): " + bss['flags'])
if dev[0].get_status_field("key_mgmt") != "WPA-PSK":
raise Exception("Unexpected key_mgmt(1)")
if dev[0].get_status_field("pairwise_cipher") != "TKIP":
raise Exception("Unexpected pairwise(1)")
if dev[1].get_status_field("key_mgmt") != "WPA2-EAP-SHA256":
raise Exception("Unexpected key_mgmt(2)")
if sae and dev[2].get_status_field("key_mgmt") != "SAE":
raise Exception("Unexpected key_mgmt(3)")
hwsim_utils.test_connectivity(dev[0], dev[1])
if sae:
hwsim_utils.test_connectivity(dev[1], dev[2])
hwsim_utils.test_connectivity(dev[0], dev[2])
for i in range(3):
if i < 2 or sae:
hwsim_utils.test_connectivity(dev[i], hapd)
dev[i].request("DISCONNECT")
dev[0].connect(ssid, key_mgmt="WPA-PSK WPA-PSK-SHA256", psk=passphrase,
scan_freq="2412")
dev[1].connect(ssid, key_mgmt="WPA-EAP", proto="WPA", eap="GPSK",
identity="gpsk user",
password="******",
scan_freq="2412")
if sae:
dev[2].connect(ssid, key_mgmt="WPA-PSK WPA-PSK-SHA256 SAE",
psk=passphrase, scan_freq="2412")
if dev[0].get_status_field("key_mgmt") != "WPA2-PSK-SHA256":
raise Exception("Unexpected key_mgmt(1b)")
if dev[0].get_status_field("pairwise_cipher") != "CCMP":
raise Exception("Unexpected pairwise(1b)")
if dev[1].get_status_field("key_mgmt") != "WPA/IEEE 802.1X/EAP":
raise Exception("Unexpected key_mgmt(2b)")
if sae and dev[2].get_status_field("key_mgmt") != "SAE":
raise Exception("Unexpected key_mgmt(3b)")
for i in range(3):
dev[i].request("DISCONNECT")
dev[0].connect(ssid, key_mgmt="FT-PSK", psk=passphrase, scan_freq="2412")
dev[1].connect(ssid, key_mgmt="FT-EAP", eap="GPSK", identity="gpsk user",
password="******",
scan_freq="2412")
if sae:
dev[2].connect(ssid, psk=passphrase, key_mgmt="FT-SAE",
scan_freq="2412")
if dev[0].get_status_field("key_mgmt") != "FT-PSK":
raise Exception("Unexpected key_mgmt(1c)")
if dev[1].get_status_field("key_mgmt") != "FT-EAP":
raise Exception("Unexpected key_mgmt(2c)")
if sae and dev[2].get_status_field("key_mgmt") != "FT-SAE":
raise Exception("Unexpected key_mgmt(3c)")
def get_ap_params(channel="1", bw="HT20", country="US", security="open", ht_capab=None, vht_capab=None):
ssid = "test_" + channel + "_" + security + "_" + bw
if bw == "b_only":
params = hostapd.b_only_params(channel, ssid, country)
elif bw == "g_only":
params = hostapd.g_only_params(channel, ssid, country)
elif bw == "g_only_wmm":
params = hostapd.g_only_params(channel, ssid, country)
params['wmm_enabled'] = "1"
elif bw == "a_only":
params = hostapd.a_only_params(channel, ssid, country)
elif bw == "a_only_wmm":
params = hostapd.a_only_params(channel, ssid, country)
params['wmm_enabled'] = "1"
elif bw == "HT20":
params = hostapd.ht20_params(channel, ssid, country)
if ht_capab:
try:
params['ht_capab'] = params['ht_capab'] + ht_capab
except:
params['ht_capab'] = ht_capab
elif bw == "HT40+":
params = hostapd.ht40_plus_params(channel, ssid, country)
if ht_capab:
params['ht_capab'] = params['ht_capab'] + ht_capab
elif bw == "HT40-":
params = hostapd.ht40_minus_params(channel, ssid, country)
if ht_capab:
params['ht_capab'] = params['ht_capab'] + ht_capab
elif bw == "VHT80":
params = hostapd.ht40_plus_params(channel, ssid, country)
if ht_capab:
params['ht_capab'] = params['ht_capab'] + ht_capab
if vht_capab:
try:
params['vht_capab'] = params['vht_capab'] + vht_capab
except:
params['vht_capab'] = vht_capab
params['ieee80211ac'] = "1"
params['vht_oper_chwidth'] = "1"
params['vht_oper_centr_freq_seg0_idx'] = str(int(channel) + 6)
else:
params = {}
# now setup security params
if security == "tkip":
sec_params = hostapd.wpa_params(passphrase="testtest")
elif security == "ccmp":
sec_params = hostapd.wpa2_params(passphrase="testtest")
elif security == "mixed":
sec_params = hostapd.wpa_mixed_params(passphrase="testtest")
elif security == "wep":
sec_params = {"wep_key0" : "123456789a",
"wep_default_key" : "0",
"auth_algs" : "1"}
elif security == "wep_shared":
sec_params = {"wep_key0" : "123456789a",
"wep_default_key" : "0",
"auth_algs" : "2"}
else:
sec_params = {}
params.update(sec_params)
return params
