def test_ap_cipher_gcmp_ccmp(dev, apdev, params):
"""WPA2-PSK/GCMP/CCMP ciphers"""
config = os.path.join(params['logdir'], 'ap_cipher_gcmp_ccmp.conf')
for cipher in ["CCMP", "GCMP", "CCMP-256", "GCMP-256"]:
if cipher not in dev[0].get_capability("pairwise"):
raise HwsimSkip("Cipher %s not supported" % cipher)
if cipher not in dev[0].get_capability("group"):
raise HwsimSkip("Group cipher %s not supported" % cipher)
params = {
"ssid": "test-wpa2-psk",
"wpa_passphrase": "12345678",
"wpa": "2",
"wpa_key_mgmt": "WPA-PSK",
"rsn_pairwise": "CCMP GCMP CCMP-256 GCMP-256"
}
hapd = hostapd.add_ap(apdev[0], params)
for cipher in ["CCMP", "GCMP", "CCMP-256", "GCMP-256"]:
dev[0].connect("test-wpa2-psk",
psk="12345678",
pairwise=cipher,
group="CCMP",
scan_freq="2412")
if dev[0].get_status_field("group_cipher") != "CCMP":
raise Exception("Unexpected group_cipher")
if dev[0].get_status_field("pairwise_cipher") != cipher:
raise Exception("Unexpected pairwise_cipher")
dev[0].request("REMOVE_NETWORK all")
dev[0].wait_disconnected()
dev[0].connect("test-wpa2-psk",
psk="12345678",
pairwise="CCMP CCMP-256 GCMP GCMP-256",
group="CCMP CCMP-256 GCMP GCMP-256",
scan_freq="2412")
if dev[0].get_status_field("group_cipher") != "CCMP":
raise Exception("Unexpected group_cipher")
res = dev[0].get_status_field("pairwise_cipher")
if res != "CCMP-256" and res != "GCMP-256":
raise Exception("Unexpected pairwise_cipher")
try:
with open(config, "w") as f:
f.write("network={\n" + "\tssid=\"test-wpa2-psk\"\n" +
"\tkey_mgmt=WPA-PSK\n" + "\tpsk=\"12345678\"\n" +
"\tpairwise=GCMP\n" + "\tgroup=CCMP\n" +
"\tscan_freq=2412\n" + "}\n")
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", config=config)
wpas.wait_connected()
if wpas.get_status_field("group_cipher") != "CCMP":
raise Exception("Unexpected group_cipher")
if wpas.get_status_field("pairwise_cipher") != "GCMP":
raise Exception("Unexpected pairwise_cipher")
finally:
os.remove(config)
def test_ap_cipher_gcmp_ccmp(dev, apdev, params):
"""WPA2-PSK/GCMP/CCMP ciphers"""
config = os.path.join(params['logdir'], 'ap_cipher_gcmp_ccmp.conf')
for cipher in [ "CCMP", "GCMP", "CCMP-256", "GCMP-256" ]:
if cipher not in dev[0].get_capability("pairwise"):
raise HwsimSkip("Cipher %s not supported" % cipher)
if cipher not in dev[0].get_capability("group"):
raise HwsimSkip("Group cipher %s not supported" % cipher)
params = { "ssid": "test-wpa2-psk",
"wpa_passphrase": "12345678",
"wpa": "2",
"wpa_key_mgmt": "WPA-PSK",
"rsn_pairwise": "CCMP GCMP CCMP-256 GCMP-256" }
hapd = hostapd.add_ap(apdev[0], params)
for cipher in [ "CCMP", "GCMP", "CCMP-256", "GCMP-256" ]:
dev[0].connect("test-wpa2-psk", psk="12345678",
pairwise=cipher, group="CCMP", scan_freq="2412")
if dev[0].get_status_field("group_cipher") != "CCMP":
raise Exception("Unexpected group_cipher")
if dev[0].get_status_field("pairwise_cipher") != cipher:
raise Exception("Unexpected pairwise_cipher")
dev[0].request("REMOVE_NETWORK all")
dev[0].wait_disconnected()
dev[0].connect("test-wpa2-psk", psk="12345678",
pairwise="CCMP CCMP-256 GCMP GCMP-256",
group="CCMP CCMP-256 GCMP GCMP-256", scan_freq="2412")
if dev[0].get_status_field("group_cipher") != "CCMP":
raise Exception("Unexpected group_cipher")
res = dev[0].get_status_field("pairwise_cipher")
if res != "CCMP-256" and res != "GCMP-256":
raise Exception("Unexpected pairwise_cipher")
try:
with open(config, "w") as f:
f.write("network={\n" +
"\tssid=\"test-wpa2-psk\"\n" +
"\tkey_mgmt=WPA-PSK\n" +
"\tpsk=\"12345678\"\n" +
"\tpairwise=GCMP\n" +
"\tgroup=CCMP\n" +
"\tscan_freq=2412\n" +
"}\n")
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", config=config)
wpas.wait_connected()
if wpas.get_status_field("group_cipher") != "CCMP":
raise Exception("Unexpected group_cipher")
if wpas.get_status_field("pairwise_cipher") != "GCMP":
raise Exception("Unexpected pairwise_cipher")
finally:
os.remove(config)
def test_sta_dynamic_ext_mac_addr_change(dev, apdev):
"""Dynamically added wpa_supplicant interface with external MAC address change"""
params = hostapd.wpa2_params(ssid="sta-dynamic", passphrase="12345678")
hapd = hostapd.add_ap(apdev[0], params)
logger.info("Create a dynamic wpa_supplicant interface and connect")
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5")
wpas.connect("sta-dynamic", psk="12345678", scan_freq="2412")
hwsim_utils.test_connectivity(wpas, hapd)
subprocess.call(['ifconfig', wpas.ifname, 'down'])
wpas.wait_disconnected(timeout=10)
if wpas.get_status_field("wpa_state") != "INTERFACE_DISABLED":
raise Exception("Unexpected wpa_state")
prev_addr = wpas.p2p_interface_addr()
new_addr = '02:11:22:33:44:55'
try:
subprocess.call(
['ip', 'link', 'set', 'dev', wpas.ifname, 'address', new_addr])
subprocess.call(['ifconfig', wpas.ifname, 'up'])
wpas.wait_connected(timeout=15, error="Reconnection not reported")
if wpas.get_driver_status_field('addr') != new_addr:
raise Exception("Address change not reported")
hwsim_utils.test_connectivity(wpas, hapd)
sta = hapd.get_sta(new_addr)
if sta['addr'] != new_addr:
raise Exception("STA association with new address not found")
finally:
subprocess.call(['ifconfig', wpas.ifname, 'down'])
subprocess.call(
['ip', 'link', 'set', 'dev', wpas.ifname, 'address', prev_addr])
subprocess.call(['ifconfig', wpas.ifname, 'up'])
def test_sta_dynamic_ext_mac_addr_change(dev, apdev):
"""Dynamically added wpa_supplicant interface with external MAC address change"""
params = hostapd.wpa2_params(ssid="sta-dynamic", passphrase="12345678")
hapd = hostapd.add_ap(apdev[0], params)
logger.info("Create a dynamic wpa_supplicant interface and connect")
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5")
wpas.connect("sta-dynamic", psk="12345678", scan_freq="2412")
hwsim_utils.test_connectivity(wpas, hapd)
subprocess.call(['ifconfig', wpas.ifname, 'down'])
wpas.wait_disconnected(timeout=10)
if wpas.get_status_field("wpa_state") != "INTERFACE_DISABLED":
raise Exception("Unexpected wpa_state")
prev_addr = wpas.p2p_interface_addr()
new_addr = '02:11:22:33:44:55'
try:
subprocess.call(['ip', 'link', 'set', 'dev', wpas.ifname,
'address', new_addr])
subprocess.call(['ifconfig', wpas.ifname, 'up'])
wpas.wait_connected(timeout=15, error="Reconnection not reported")
if wpas.get_driver_status_field('addr') != new_addr:
raise Exception("Address change not reported")
hwsim_utils.test_connectivity(wpas, hapd)
sta = hapd.get_sta(new_addr)
if sta['addr'] != new_addr:
raise Exception("STA association with new address not found")
finally:
subprocess.call(['ifconfig', wpas.ifname, 'down'])
subprocess.call(['ip', 'link', 'set', 'dev', wpas.ifname,
'address', prev_addr])
subprocess.call(['ifconfig', wpas.ifname, 'up'])
def test_rfkill_wpas(dev, apdev):
"""rfkill block prior to wpa_supplicant start"""
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5")
rfk = get_rfkill(wpas)
wpas.interface_remove("wlan5")
try:
rfk.block()
wpas.interface_add("wlan5")
time.sleep(0.5)
state = wpas.get_status_field("wpa_state")
if state != "INTERFACE_DISABLED":
raise Exception("Unexpected state with rfkill blocked: " + state)
rfk.unblock()
time.sleep(0.5)
state = wpas.get_status_field("wpa_state")
if state == "INTERFACE_DISABLED":
raise Exception("Unexpected state with rfkill unblocked: " + state)
finally:
rfk.unblock()
def test_rfkill_wpas(dev, apdev):
"""rfkill block prior to wpa_supplicant start"""
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5")
rfk = get_rfkill(wpas)
wpas.interface_remove("wlan5")
try:
rfk.block()
wpas.interface_add("wlan5")
time.sleep(0.5)
state = wpas.get_status_field("wpa_state")
if state != "INTERFACE_DISABLED":
raise Exception("Unexpected state with rfkill blocked: " + state)
rfk.unblock()
time.sleep(0.5)
state = wpas.get_status_field("wpa_state")
if state == "INTERFACE_DISABLED":
raise Exception("Unexpected state with rfkill unblocked: " + state)
finally:
rfk.unblock()
def test_sta_dynamic_ext_mac_addr_change_for_connection(dev, apdev):
"""Dynamically added wpa_supplicant interface with external MAC address change for connection"""
params = hostapd.wpa2_params(ssid="sta-dynamic", passphrase="12345678")
hapd = hostapd.add_ap(apdev[0], params)
bssid = apdev[0]['ifname']
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5")
wpas.scan_for_bss(bssid, freq=2412)
subprocess.call(['ifconfig', wpas.ifname, 'down'])
if wpas.get_status_field("wpa_state") != "INTERFACE_DISABLED":
raise Exception("Unexpected wpa_state")
prev_addr = wpas.own_addr()
new_addr = '02:11:22:33:44:55'
try:
subprocess.call(
['ip', 'link', 'set', 'dev', wpas.ifname, 'address', new_addr])
subprocess.call(['ifconfig', wpas.ifname, 'up'])
wpas.connect("sta-dynamic",
psk="12345678",
scan_freq="2412",
wait_connect=False)
ev = wpas.wait_event(
["CTRL-EVENT-CONNECTED", "CTRL-EVENT-SCAN-RESULTS"], timeout=10)
if "CTRL-EVENT-SCAN-RESULTS" in ev:
raise Exception("Unexpected scan after MAC address change")
hapd.wait_sta()
hwsim_utils.test_connectivity(wpas, hapd)
sta = hapd.get_sta(new_addr)
if sta['addr'] != new_addr:
raise Exception("STA association with new address not found")
wpas.request("DISCONNECT")
wpas.wait_disconnected()
wpas.dump_monitor()
subprocess.call(['ifconfig', wpas.ifname, 'down'])
time.sleep(0.1)
res = wpas.get_bss(bssid)
if res is None:
raise Exception(
"BSS entry not maintained after interface disabling")
ev = wpas.wait_event(["CTRL-EVENT-BSS-REMOVED"], timeout=5.5)
if ev is None:
raise Exception(
"BSS entry not removed after interface has been disabled for a while"
)
res2 = wpas.get_bss(bssid)
if res2 is not None:
raise Exception(
"Unexpected BSS entry found on a disabled interface")
finally:
subprocess.call(['ifconfig', wpas.ifname, 'down'])
subprocess.call(
['ip', 'link', 'set', 'dev', wpas.ifname, 'address', prev_addr])
subprocess.call(['ifconfig', wpas.ifname, 'up'])
def test_sta_dynamic_down_up(dev, apdev):
"""Dynamically added wpa_supplicant interface down/up"""
params = hostapd.wpa2_params(ssid="sta-dynamic", passphrase="12345678")
hapd = hostapd.add_ap(apdev[0], params)
logger.info("Create a dynamic wpa_supplicant interface and connect")
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5")
wpas.connect("sta-dynamic", psk="12345678", scan_freq="2412")
hwsim_utils.test_connectivity(wpas, hapd)
subprocess.call(['ifconfig', wpas.ifname, 'down'])
wpas.wait_disconnected(timeout=10)
if wpas.get_status_field("wpa_state") != "INTERFACE_DISABLED":
raise Exception("Unexpected wpa_state")
subprocess.call(['ifconfig', wpas.ifname, 'up'])
wpas.wait_connected(timeout=15, error="Reconnection not reported")
hwsim_utils.test_connectivity(wpas, hapd)
def test_sta_dynamic_down_up(dev, apdev):
"""Dynamically added wpa_supplicant interface down/up"""
params = hostapd.wpa2_params(ssid="sta-dynamic", passphrase="12345678")
hapd = hostapd.add_ap(apdev[0], params)
logger.info("Create a dynamic wpa_supplicant interface and connect")
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5")
wpas.connect("sta-dynamic", psk="12345678", scan_freq="2412")
hwsim_utils.test_connectivity(wpas, hapd)
subprocess.call(['ifconfig', wpas.ifname, 'down'])
wpas.wait_disconnected(timeout=10)
if wpas.get_status_field("wpa_state") != "INTERFACE_DISABLED":
raise Exception("Unexpected wpa_state")
subprocess.call(['ifconfig', wpas.ifname, 'up'])
wpas.wait_connected(timeout=15, error="Reconnection not reported")
hwsim_utils.test_connectivity(wpas, hapd)
def test_wpas_mesh_dynamic_interface(dev):
"""wpa_supplicant mesh with dynamic interface"""
check_mesh_support(dev[0])
mesh0 = None
mesh1 = None
try:
mesh0 = dev[0].request("MESH_INTERFACE_ADD ifname=mesh0")
if "FAIL" in mesh0:
raise Exception("MESH_INTERFACE_ADD failed")
mesh1 = dev[1].request("MESH_INTERFACE_ADD")
if "FAIL" in mesh1:
raise Exception("MESH_INTERFACE_ADD failed")
wpas0 = WpaSupplicant(ifname=mesh0)
wpas1 = WpaSupplicant(ifname=mesh1)
logger.info(mesh0 + " address " + wpas0.get_status_field("address"))
logger.info(mesh1 + " address " + wpas1.get_status_field("address"))
add_open_mesh_network(wpas0)
add_open_mesh_network(wpas1)
check_mesh_group_added(wpas0)
check_mesh_group_added(wpas1)
check_mesh_peer_connected(wpas0)
check_mesh_peer_connected(wpas1)
hwsim_utils.test_connectivity(wpas0, wpas1)
# Must not allow MESH_GROUP_REMOVE on dynamic interface
if "FAIL" not in wpas0.request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in wpas1.request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
# Must not allow MESH_GROUP_REMOVE on another radio interface
if "FAIL" not in wpas0.request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in wpas1.request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
wpas0.remove_ifname()
wpas1.remove_ifname()
if "OK" not in dev[0].request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("MESH_GROUP_REMOVE failed")
if "OK" not in dev[1].request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("MESH_GROUP_REMOVE failed")
if "FAIL" not in dev[0].request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in dev[1].request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
logger.info("Make sure another dynamic group can be added")
mesh0 = dev[0].request("MESH_INTERFACE_ADD ifname=mesh0")
if "FAIL" in mesh0:
raise Exception("MESH_INTERFACE_ADD failed")
mesh1 = dev[1].request("MESH_INTERFACE_ADD")
if "FAIL" in mesh1:
raise Exception("MESH_INTERFACE_ADD failed")
wpas0 = WpaSupplicant(ifname=mesh0)
wpas1 = WpaSupplicant(ifname=mesh1)
logger.info(mesh0 + " address " + wpas0.get_status_field("address"))
logger.info(mesh1 + " address " + wpas1.get_status_field("address"))
add_open_mesh_network(wpas0)
add_open_mesh_network(wpas1)
check_mesh_group_added(wpas0)
check_mesh_group_added(wpas1)
check_mesh_peer_connected(wpas0)
check_mesh_peer_connected(wpas1)
hwsim_utils.test_connectivity(wpas0, wpas1)
finally:
if mesh0:
dev[0].request("MESH_GROUP_REMOVE " + mesh0)
if mesh1:
dev[1].request("MESH_GROUP_REMOVE " + mesh1)
def test_wpas_mesh_dynamic_interface(dev):
"""wpa_supplicant mesh with dynamic interface"""
check_mesh_support(dev[0])
mesh0 = None
mesh1 = None
try:
mesh0 = dev[0].request("MESH_INTERFACE_ADD ifname=mesh0")
if "FAIL" in mesh0:
raise Exception("MESH_INTERFACE_ADD failed")
mesh1 = dev[1].request("MESH_INTERFACE_ADD")
if "FAIL" in mesh1:
raise Exception("MESH_INTERFACE_ADD failed")
wpas0 = WpaSupplicant(ifname=mesh0)
wpas1 = WpaSupplicant(ifname=mesh1)
logger.info(mesh0 + " address " + wpas0.get_status_field("address"))
logger.info(mesh1 + " address " + wpas1.get_status_field("address"))
add_open_mesh_network(wpas0)
add_open_mesh_network(wpas1)
check_mesh_group_added(wpas0)
check_mesh_group_added(wpas1)
check_mesh_peer_connected(wpas0)
check_mesh_peer_connected(wpas1)
hwsim_utils.test_connectivity(wpas0, wpas1)
# Must not allow MESH_GROUP_REMOVE on dynamic interface
if "FAIL" not in wpas0.request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in wpas1.request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
# Must not allow MESH_GROUP_REMOVE on another radio interface
if "FAIL" not in wpas0.request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in wpas1.request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
wpas0.remove_ifname()
wpas1.remove_ifname()
if "OK" not in dev[0].request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("MESH_GROUP_REMOVE failed")
if "OK" not in dev[1].request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("MESH_GROUP_REMOVE failed")
if "FAIL" not in dev[0].request("MESH_GROUP_REMOVE " + mesh0):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
if "FAIL" not in dev[1].request("MESH_GROUP_REMOVE " + mesh1):
raise Exception("Invalid MESH_GROUP_REMOVE accepted")
logger.info("Make sure another dynamic group can be added")
mesh0 = dev[0].request("MESH_INTERFACE_ADD ifname=mesh0")
if "FAIL" in mesh0:
raise Exception("MESH_INTERFACE_ADD failed")
mesh1 = dev[1].request("MESH_INTERFACE_ADD")
if "FAIL" in mesh1:
raise Exception("MESH_INTERFACE_ADD failed")
wpas0 = WpaSupplicant(ifname=mesh0)
wpas1 = WpaSupplicant(ifname=mesh1)
logger.info(mesh0 + " address " + wpas0.get_status_field("address"))
logger.info(mesh1 + " address " + wpas1.get_status_field("address"))
add_open_mesh_network(wpas0)
add_open_mesh_network(wpas1)
check_mesh_group_added(wpas0)
check_mesh_group_added(wpas1)
check_mesh_peer_connected(wpas0)
check_mesh_peer_connected(wpas1)
hwsim_utils.test_connectivity(wpas0, wpas1)
finally:
if mesh0:
dev[0].request("MESH_GROUP_REMOVE " + mesh0)
if mesh1:
dev[1].request("MESH_GROUP_REMOVE " + mesh1)
def run_macsec_psk_ns(dev, apdev, params):
try:
subprocess.check_call([
"ip", "link", "add", "veth0", "type", "veth", "peer", "name",
"veth1"
])
except subprocess.CalledProcessError:
raise HwsimSkip("veth not supported (kernel CONFIG_VETH)")
prefix = "macsec_psk_ns"
conffile = os.path.join(params['logdir'], prefix + ".conf")
pidfile = os.path.join(params['logdir'], prefix + ".pid")
logfile0 = os.path.join(params['logdir'], prefix + ".veth0.log")
logfile1 = os.path.join(params['logdir'], prefix + ".veth1.log")
cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap")
cap_veth1 = os.path.join(params['logdir'], prefix + ".veth1.pcap")
cap_macsec0 = os.path.join(params['logdir'], prefix + ".macsec0.pcap")
cap_macsec1 = os.path.join(params['logdir'], prefix + ".macsec1.pcap")
for i in range(2):
try:
subprocess.check_call(["ip", "netns", "add", "ns%d" % i])
except subprocess.CalledProcessError:
raise HwsimSkip(
"network namespace not supported (kernel CONFIG_NAMESPACES, CONFIG_NET_NS)"
)
subprocess.check_call(
["ip", "link", "set",
"veth%d" % i, "netns",
"ns%d" % i])
subprocess.check_call([
"ip", "netns", "exec",
"ns%d" % i, "ip", "link", "set", "dev",
"veth%d" % i, "up"
])
cmd = {}
cmd[0] = WlantestCapture('veth0', cap_veth0, netns='ns0')
cmd[1] = WlantestCapture('veth1', cap_veth1, netns='ns1')
write_conf(conffile + '0')
write_conf(conffile + '1', mka_priority=100)
prg = os.path.join(params['logdir'],
'alt-wpa_supplicant/wpa_supplicant/wpa_supplicant')
if not os.path.exists(prg):
prg = '../../wpa_supplicant/wpa_supplicant'
arg = [
"ip", "netns", "exec", "ns0", prg, '-BdddtKW', '-P', pidfile + '0',
'-f', logfile0, '-g', '/tmp/wpas-veth0', '-Dmacsec_linux', '-c',
conffile + '0', '-i', "veth0"
]
logger.info("Start wpa_supplicant: " + str(arg))
try:
subprocess.check_call(arg)
except subprocess.CalledProcessError:
raise HwsimSkip(
"macsec supported (wpa_supplicant CONFIG_MACSEC, CONFIG_DRIVER_MACSEC_LINUX; kernel CONFIG_MACSEC)"
)
if os.path.exists("wpa_supplicant-macsec2"):
logger.info(
"Use alternative wpa_supplicant binary for one of the macsec devices"
)
prg = "wpa_supplicant-macsec2"
arg = [
"ip", "netns", "exec", "ns1", prg, '-BdddtKW', '-P', pidfile + '1',
'-f', logfile1, '-g', '/tmp/wpas-veth1', '-Dmacsec_linux', '-c',
conffile + '1', '-i', "veth1"
]
logger.info("Start wpa_supplicant: " + str(arg))
subprocess.check_call(arg)
wpas0 = WpaSupplicant('veth0', '/tmp/wpas-veth0')
wpas1 = WpaSupplicant('veth1', '/tmp/wpas-veth1')
log_ip_macsec_ns()
log_ip_link_ns()
logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
logger.info("wpas0 STATUS-DRIVER:\n" + wpas0.request("STATUS-DRIVER"))
logger.info("wpas1 STATUS-DRIVER:\n" + wpas1.request("STATUS-DRIVER"))
for i in range(10):
macsec_ifname0 = wpas0.get_driver_status_field("parent_ifname")
macsec_ifname1 = wpas1.get_driver_status_field("parent_ifname")
if "Number of Keys" in wpas0.request("STATUS"):
key_tx0 = int(wpas0.get_status_field("Number of Keys Distributed"))
key_rx0 = int(wpas0.get_status_field("Number of Keys Received"))
else:
key_tx0 = 0
key_rx0 = 0
if "Number of Keys" in wpas1.request("STATUS"):
key_tx1 = int(wpas1.get_status_field("Number of Keys Distributed"))
key_rx1 = int(wpas1.get_status_field("Number of Keys Received"))
else:
key_tx1 = 0
key_rx1 = 0
if key_rx0 > 0 and key_tx1 > 0:
break
time.sleep(1)
cmd[2] = WlantestCapture(macsec_ifname0, cap_macsec0, netns='ns0')
cmd[3] = WlantestCapture(macsec_ifname1, cap_macsec1, netns='ns0')
time.sleep(0.5)
logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
log_ip_macsec_ns()
hwsim_utils.test_connectivity(wpas0,
wpas1,
ifname1=macsec_ifname0,
ifname2=macsec_ifname1,
send_len=1400)
log_ip_macsec_ns()
subprocess.check_call([
'ip', 'netns', 'exec', 'ns0', 'ip', 'addr', 'add', '192.168.248.17/30',
'dev', macsec_ifname0
])
subprocess.check_call([
'ip', 'netns', 'exec', 'ns1', 'ip', 'addr', 'add', '192.168.248.18/30',
'dev', macsec_ifname1
])
c = subprocess.Popen(
['ip', 'netns', 'exec', 'ns0', 'ping', '-c', '2', '192.168.248.18'],
stdout=subprocess.PIPE)
res = c.stdout.read().decode()
c.stdout.close()
logger.info("ping:\n" + res)
if "2 packets transmitted, 2 received" not in res:
raise Exception("ping did not work")
wpas0.close_monitor()
wpas0.request("TERMINATE")
wpas0.close_control()
del wpas0
wpas1.close_monitor()
wpas1.request("TERMINATE")
wpas1.close_control()
del wpas1
time.sleep(1)
for i in range(len(cmd)):
cmd[i].close()
def run_macsec_psk_ns(dev, apdev, params):
try:
subprocess.check_call(["ip", "link", "add", "veth0", "type", "veth",
"peer", "name", "veth1"])
except subprocess.CalledProcessError:
raise HwsimSkip("veth not supported (kernel CONFIG_VETH)")
prefix = "macsec_psk_ns"
conffile = os.path.join(params['logdir'], prefix + ".conf")
pidfile = os.path.join(params['logdir'], prefix + ".pid")
logfile0 = os.path.join(params['logdir'], prefix + ".veth0.log")
logfile1 = os.path.join(params['logdir'], prefix + ".veth1.log")
cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap")
cap_veth1 = os.path.join(params['logdir'], prefix + ".veth1.pcap")
cap_macsec0 = os.path.join(params['logdir'], prefix + ".macsec0.pcap")
cap_macsec1 = os.path.join(params['logdir'], prefix + ".macsec1.pcap")
for i in range(2):
try:
subprocess.check_call(["ip", "netns", "add", "ns%d" % i])
except subprocess.CalledProcessError:
raise HwsimSkip("network namespace not supported (kernel CONFIG_NAMESPACES, CONFIG_NET_NS)")
subprocess.check_call(["ip", "link", "set", "veth%d" % i,
"netns", "ns%d" %i])
subprocess.check_call(["ip", "netns", "exec", "ns%d" % i,
"ip", "link", "set", "dev", "veth%d" % i,
"up"])
cmd = {}
cmd[0] = subprocess.Popen(['ip', 'netns', 'exec', 'ns0',
'tcpdump', '-p', '-U', '-i', 'veth0',
'-w', cap_veth0, '-s', '2000',
'--immediate-mode'],
stderr=open('/dev/null', 'w'))
cmd[1] = subprocess.Popen(['ip', 'netns', 'exec', 'ns1',
'tcpdump', '-p', '-U', '-i', 'veth1',
'-w', cap_veth1, '-s', '2000',
'--immediate-mode'],
stderr=open('/dev/null', 'w'))
write_conf(conffile + '0')
write_conf(conffile + '1', mka_priority=100)
prg = os.path.join(params['logdir'],
'alt-wpa_supplicant/wpa_supplicant/wpa_supplicant')
if not os.path.exists(prg):
prg = '../../wpa_supplicant/wpa_supplicant'
arg = ["ip", "netns", "exec", "ns0",
prg, '-BdddtKW', '-P', pidfile + '0', '-f', logfile0,
'-g', '/tmp/wpas-veth0',
'-Dmacsec_linux', '-c', conffile + '0', '-i', "veth0"]
logger.info("Start wpa_supplicant: " + str(arg))
try:
subprocess.check_call(arg)
except subprocess.CalledProcessError:
raise HwsimSkip("macsec supported (wpa_supplicant CONFIG_MACSEC, CONFIG_DRIVER_MACSEC_LINUX; kernel CONFIG_MACSEC)")
if os.path.exists("wpa_supplicant-macsec2"):
logger.info("Use alternative wpa_supplicant binary for one of the macsec devices")
prg = "wpa_supplicant-macsec2"
arg = ["ip", "netns", "exec", "ns1",
prg, '-BdddtKW', '-P', pidfile + '1', '-f', logfile1,
'-g', '/tmp/wpas-veth1',
'-Dmacsec_linux', '-c', conffile + '1', '-i', "veth1"]
logger.info("Start wpa_supplicant: " + str(arg))
subprocess.check_call(arg)
wpas0 = WpaSupplicant('veth0', '/tmp/wpas-veth0')
wpas1 = WpaSupplicant('veth1', '/tmp/wpas-veth1')
log_ip_macsec_ns()
log_ip_link_ns()
logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
logger.info("wpas0 STATUS-DRIVER:\n" + wpas0.request("STATUS-DRIVER"))
logger.info("wpas1 STATUS-DRIVER:\n" + wpas1.request("STATUS-DRIVER"))
macsec_ifname0 = wpas0.get_driver_status_field("parent_ifname")
macsec_ifname1 = wpas1.get_driver_status_field("parent_ifname")
for i in range(10):
key_tx0 = int(wpas0.get_status_field("Number of Keys Distributed"))
key_rx0 = int(wpas0.get_status_field("Number of Keys Received"))
key_tx1 = int(wpas1.get_status_field("Number of Keys Distributed"))
key_rx1 = int(wpas1.get_status_field("Number of Keys Received"))
if key_rx0 > 0 and key_tx1 > 0:
break
time.sleep(1)
cmd[2] = subprocess.Popen(['ip', 'netns', 'exec', 'ns0',
'tcpdump', '-p', '-U', '-i', macsec_ifname0,
'-w', cap_macsec0, '-s', '2000',
'--immediate-mode'],
stderr=open('/dev/null', 'w'))
cmd[3] = subprocess.Popen(['ip', 'netns', 'exec', 'ns0',
'tcpdump', '-p', '-U', '-i', macsec_ifname1,
'-w', cap_macsec1, '-s', '2000',
'--immediate-mode'],
stderr=open('/dev/null', 'w'))
time.sleep(0.5)
logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
log_ip_macsec_ns()
hwsim_utils.test_connectivity(wpas0, wpas1,
ifname1=macsec_ifname0,
ifname2=macsec_ifname1,
send_len=1400)
log_ip_macsec_ns()
subprocess.check_call(['ip', 'netns', 'exec', 'ns0',
'ip', 'addr', 'add', '192.168.248.17/30',
'dev', macsec_ifname0])
subprocess.check_call(['ip', 'netns', 'exec', 'ns1',
'ip', 'addr', 'add', '192.168.248.18/30',
'dev', macsec_ifname1])
c = subprocess.Popen(['ip', 'netns', 'exec', 'ns0',
'ping', '-c', '2', '192.168.248.18'],
stdout=subprocess.PIPE)
res = c.stdout.read().decode()
c.stdout.close()
logger.info("ping:\n" + res)
if "2 packets transmitted, 2 received" not in res:
raise Exception("ping did not work")
wpas0.close_monitor()
wpas0.request("TERMINATE")
wpas0.close_control()
del wpas0
wpas1.close_monitor()
wpas1.request("TERMINATE")
wpas1.close_control()
del wpas1
time.sleep(1)
for i in range(len(cmd)):
cmd[i].terminate()
