def test_ap_vlan_wpa2_radius_mixed(dev, apdev): """AP VLAN with WPA2-Enterprise and tagged+untagged VLANs""" ifname = 'wlan0.1' try: params = hostapd.wpa2_eap_params(ssid="test-vlan") params['dynamic_vlan'] = "1" params["vlan_naming"] = "1" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("test-vlan", key_mgmt="WPA-EAP", eap="PAX", identity="vlan12mixed", password_hex="0123456789abcdef0123456789abcdef", scan_freq="2412") # Add tagged VLAN interface to wpa_supplicant interface for testing subprocess.call(['ip', 'link', 'add', 'link', dev[0].ifname, 'name', ifname, 'type', 'vlan', 'id', '1']) subprocess.call(['ifconfig', ifname, 'up']) logger.info("Test connectivity in untagged VLAN 2") hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1=dev[0].ifname, ifname2="brvlan2") logger.info("Test connectivity in tagged VLAN 1") hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1=ifname, ifname2="brvlan1") finally: subprocess.call(['ifconfig', ifname, 'down']) subprocess.call(['ip', 'link', 'del', ifname])
def test_ap_vlan_wpa2_radius_tagged(dev, apdev): """AP VLAN with WPA2-Enterprise and RADIUS EGRESS_VLANID attributes""" ifname = 'wlan0.1' try: params = hostapd.wpa2_eap_params(ssid="test-vlan") params['dynamic_vlan'] = "1" params["vlan_naming"] = "1" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("test-vlan", key_mgmt="WPA-EAP", eap="PAX", identity="vlan1tagged", password_hex="0123456789abcdef0123456789abcdef", scan_freq="2412") # Create tagged interface for wpa_supplicant subprocess.call([ 'ip', 'link', 'add', 'link', dev[0].ifname, 'name', ifname, 'type', 'vlan', 'id', '1' ]) subprocess.call(['ifconfig', ifname, 'up']) hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1=ifname, ifname2="brvlan1") finally: subprocess.call(['ifconfig', ifname, 'down']) subprocess.call(['ip', 'link', 'del', ifname])
def test_ap_vlan_wpa2_radius_tagged(dev, apdev): """AP VLAN with WPA2-Enterprise and RADIUS EGRESS_VLANID attributes""" ifname = 'wlan0.1' try: params = hostapd.wpa2_eap_params(ssid="test-vlan") params['dynamic_vlan'] = "1" params["vlan_naming"] = "1" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("test-vlan", key_mgmt="WPA-EAP", eap="PAX", identity="vlan1tagged", password_hex="0123456789abcdef0123456789abcdef", scan_freq="2412") # Create tagged interface for wpa_supplicant subprocess.call(['ip', 'link', 'add', 'link', dev[0].ifname, 'name', ifname, 'type', 'vlan', 'id', '1']) subprocess.call(['ifconfig', ifname, 'up']) hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1=ifname, ifname2="brvlan1") finally: subprocess.call(['ifconfig', ifname, 'down']) subprocess.call(['ip', 'link', 'del', ifname])
def generic_ap_vlan_wpa2_radius_id_change(dev, apdev, tagged): as_params = { "ssid": "as", "beacon_int": "2000", "radius_server_clients": "auth_serv/radius_clients.conf", "radius_server_auth_port": '18128', "eap_server": "1", "eap_user_file": "auth_serv/eap_user.conf", "ca_cert": "auth_serv/ca.pem", "server_cert": "auth_serv/server.pem", "private_key": "auth_serv/server.key" } authserv = hostapd.add_ap(apdev[1], as_params) params = hostapd.wpa2_eap_params(ssid="test-vlan") params['dynamic_vlan'] = "1" params['auth_server_port'] = "18128" hapd = hostapd.add_ap(apdev[0], params) identity = "vlan1tagged" if tagged else "vlan1" dev[0].connect("test-vlan", key_mgmt="WPA-EAP", eap="PAX", identity=identity, password_hex="0123456789abcdef0123456789abcdef", scan_freq="2412") if tagged: hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1="wlan0.1", ifname2="brvlan1") else: hwsim_utils.test_connectivity_iface(dev[0], hapd, "brvlan1") logger.info("VLAN-ID -> 2") authserv.disable() authserv.set('eap_user_file', "auth_serv/eap_user_vlan.conf") authserv.enable() dev[0].dump_monitor() dev[0].request("REAUTHENTICATE") ev = dev[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=15) if ev is None: raise Exception("EAP reauthentication timed out") ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=5) if ev is None: raise Exception("4-way handshake after reauthentication timed out") state = dev[0].get_status_field('wpa_state') if state != "COMPLETED": raise Exception("Unexpected state after reauth: " + state) sta = hapd.get_sta(dev[0].own_addr()) if 'vlan_id' not in sta: raise Exception("No VLAN ID in STA info") if (not tagged) and (sta['vlan_id'] != '2'): raise Exception("Unexpected VLAN ID: " + sta['vlan_id']) if tagged: hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1="wlan0.2", ifname2="brvlan2") else: hwsim_utils.test_connectivity_iface(dev[0], hapd, "brvlan2") logger.info("VLAN-ID -> 1") time.sleep(1) authserv.disable() authserv.set('eap_user_file', "auth_serv/eap_user.conf") authserv.enable() dev[0].dump_monitor() dev[0].request("REAUTHENTICATE") ev = dev[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=15) if ev is None: raise Exception("EAP reauthentication timed out") ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=5) if ev is None: raise Exception("4-way handshake after reauthentication timed out") state = dev[0].get_status_field('wpa_state') if state != "COMPLETED": raise Exception("Unexpected state after reauth: " + state) sta = hapd.get_sta(dev[0].own_addr()) if 'vlan_id' not in sta: raise Exception("No VLAN ID in STA info") if (not tagged) and (sta['vlan_id'] != '1'): raise Exception("Unexpected VLAN ID: " + sta['vlan_id']) time.sleep(0.2) try: if tagged: hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1="wlan0.1", ifname2="brvlan1") else: hwsim_utils.test_connectivity_iface(dev[0], hapd, "brvlan1") except Exception, e: # It is possible for new bridge setup to not be ready immediately, so # try again to avoid reporting issues related to that. logger.info("First VLAN-ID 1 data test failed - try again") if tagged: hwsim_utils.run_connectivity_test(dev[0], hapd, 0, ifname1="wlan0.1", ifname2="brvlan1") else: hwsim_utils.test_connectivity_iface(dev[0], hapd, "brvlan1")