]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_hs20.py
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
10 logger
= logging
.getLogger()
16 from wlantest
import Wlantest
17 from wpasupplicant
import WpaSupplicant
19 def hs20_ap_params(ssid
="test-hs20"):
20 params
= hostapd
.wpa2_params(ssid
=ssid
)
21 params
['wpa_key_mgmt'] = "WPA-EAP"
22 params
['ieee80211w'] = "1"
23 params
['ieee8021x'] = "1"
24 params
['auth_server_addr'] = "127.0.0.1"
25 params
['auth_server_port'] = "1812"
26 params
['auth_server_shared_secret'] = "radius"
27 params
['interworking'] = "1"
28 params
['access_network_type'] = "14"
29 params
['internet'] = "1"
33 params
['venue_group'] = "7"
34 params
['venue_type'] = "1"
35 params
['venue_name'] = [ "eng:Example venue", "fin:Esimerkkipaikka" ]
36 params
['roaming_consortium'] = [ "112233", "1020304050", "010203040506",
38 params
['domain_name'] = "example.com,another.example.com"
39 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
40 "0,another.example.com" ]
42 params
['hs20_wan_metrics'] = "01:8000:1000:80:240:3000"
43 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0" ]
44 params
['hs20_operating_class'] = "5173"
45 params
['anqp_3gpp_cell_net'] = "244,91"
48 def check_auto_select(dev
, bssid
):
49 dev
.request("INTERWORKING_SELECT auto freq=2412")
50 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
52 raise Exception("Connection timed out")
54 raise Exception("Connected to incorrect network")
55 dev
.request("REMOVE_NETWORK all")
57 def interworking_select(dev
, bssid
, type=None, no_match
=False, freq
=None):
59 freq_extra
= " freq=" + freq
if freq
else ""
60 dev
.request("INTERWORKING_SELECT" + freq_extra
)
61 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
64 raise Exception("Network selection timed out");
66 if "INTERWORKING-NO-MATCH" not in ev
:
67 raise Exception("Unexpected network match")
69 if "INTERWORKING-NO-MATCH" in ev
:
70 raise Exception("Matching network not found")
71 if bssid
and bssid
not in ev
:
72 raise Exception("Unexpected BSSID in match")
73 if type and "type=" + type not in ev
:
74 raise Exception("Network type not recognized correctly")
76 def check_sp_type(dev
, sp_type
):
77 type = dev
.get_status_field("sp_type")
79 raise Exception("sp_type not available")
81 raise Exception("sp_type did not indicate home network")
83 def hlr_auc_gw_available():
84 if not os
.path
.exists("/tmp/hlr_auc_gw.sock"):
85 logger
.info("No hlr_auc_gw available");
87 if not os
.path
.exists("../../hostapd/hlr_auc_gw"):
88 logger
.info("No hlr_auc_gw available");
92 def interworking_ext_sim_connect(dev
, bssid
, method
):
93 dev
.request("INTERWORKING_CONNECT " + bssid
)
94 interworking_ext_sim_auth(dev
, method
)
96 def interworking_ext_sim_auth(dev
, method
):
97 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
99 raise Exception("Network connected timed out")
100 if "(" + method
+ ")" not in ev
:
101 raise Exception("Unexpected EAP method selection")
103 ev
= dev
.wait_event(["CTRL-REQ-SIM"], timeout
=15)
105 raise Exception("Wait for external SIM processing request timed out")
107 if p
[1] != "GSM-AUTH":
108 raise Exception("Unexpected CTRL-REQ-SIM type")
109 id = p
[0].split('-')[3]
110 rand
= p
[2].split(' ')[0]
112 res
= subprocess
.check_output(["../../hostapd/hlr_auc_gw",
114 "auth_serv/hlr_auc_gw.milenage_db",
115 "GSM-AUTH-REQ 232010000000000 " + rand
])
116 if "GSM-AUTH-RESP" not in res
:
117 raise Exception("Unexpected hlr_auc_gw response")
118 resp
= res
.split(' ')[2].rstrip()
120 dev
.request("CTRL-RSP-SIM-" + id + ":GSM-AUTH:" + resp
)
121 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
123 raise Exception("Connection timed out")
125 def interworking_connect(dev
, bssid
, method
):
126 dev
.request("INTERWORKING_CONNECT " + bssid
)
127 interworking_auth(dev
, method
)
129 def interworking_auth(dev
, method
):
130 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
132 raise Exception("Network connected timed out")
133 if "(" + method
+ ")" not in ev
:
134 raise Exception("Unexpected EAP method selection")
136 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
138 raise Exception("Connection timed out")
140 def check_probe_resp(wt
, bssid_unexpected
, bssid_expected
):
142 count
= wt
.get_bss_counter("probe_response", bssid_unexpected
)
144 raise Exception("Unexpected Probe Response frame from AP")
147 count
= wt
.get_bss_counter("probe_response", bssid_expected
)
149 raise Exception("No Probe Response frame from AP")
151 def test_ap_anqp_sharing(dev
, apdev
):
152 """ANQP sharing within ESS and explicit unshare"""
153 bssid
= apdev
[0]['bssid']
154 params
= hs20_ap_params()
155 params
['hessid'] = bssid
156 hostapd
.add_ap(apdev
[0]['ifname'], params
)
158 bssid2
= apdev
[1]['bssid']
159 params
= hs20_ap_params()
160 params
['hessid'] = bssid
161 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ]
162 hostapd
.add_ap(apdev
[1]['ifname'], params
)
165 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
166 'password': "secret",
167 'domain': "example.com" })
168 logger
.info("Normal network selection with shared ANQP results")
169 interworking_select(dev
[0], None, "home", freq
="2412")
170 dev
[0].dump_monitor()
172 res1
= dev
[0].get_bss(bssid
)
173 res2
= dev
[0].get_bss(bssid2
)
174 if res1
['anqp_nai_realm'] != res2
['anqp_nai_realm']:
175 raise Exception("ANQP results were not shared between BSSes")
177 logger
.info("Explicit ANQP request to unshare ANQP results")
178 dev
[0].request("ANQP_GET " + bssid
+ " 263")
179 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
181 raise Exception("ANQP operation timed out")
183 dev
[0].request("ANQP_GET " + bssid2
+ " 263")
184 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
186 raise Exception("ANQP operation timed out")
188 res1
= dev
[0].get_bss(bssid
)
189 res2
= dev
[0].get_bss(bssid2
)
190 if res1
['anqp_nai_realm'] == res2
['anqp_nai_realm']:
191 raise Exception("ANQP results were not unshared")
193 def test_ap_nai_home_realm_query(dev
, apdev
):
194 """NAI Home Realm Query"""
195 bssid
= apdev
[0]['bssid']
196 params
= hs20_ap_params()
197 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
198 "0,another.example.org" ]
199 hostapd
.add_ap(apdev
[0]['ifname'], params
)
201 dev
[0].scan(freq
="2412")
202 dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
+ " realm=example.com")
203 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
205 raise Exception("ANQP operation timed out")
206 nai1
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
207 dev
[0].dump_monitor()
209 dev
[0].request("ANQP_GET " + bssid
+ " 263")
210 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
212 raise Exception("ANQP operation timed out")
213 nai2
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
215 if len(nai1
) >= len(nai2
):
216 raise Exception("Unexpected NAI Realm list response lengths")
217 if "example.com".encode('hex') not in nai1
:
218 raise Exception("Home realm not reported")
219 if "example.org".encode('hex') in nai1
:
220 raise Exception("Non-home realm reported")
221 if "example.com".encode('hex') not in nai2
:
222 raise Exception("Home realm not reported in wildcard query")
223 if "example.org".encode('hex') not in nai2
:
224 raise Exception("Non-home realm not reported in wildcard query ")
226 def test_ap_interworking_scan_filtering(dev
, apdev
):
227 """Interworking scan filtering with HESSID and access network type"""
228 bssid
= apdev
[0]['bssid']
229 params
= hs20_ap_params()
230 ssid
= "test-hs20-ap1"
231 params
['ssid'] = ssid
232 params
['hessid'] = bssid
233 hostapd
.add_ap(apdev
[0]['ifname'], params
)
235 bssid2
= apdev
[1]['bssid']
236 params
= hs20_ap_params()
237 ssid2
= "test-hs20-ap2"
238 params
['ssid'] = ssid2
239 params
['hessid'] = bssid2
240 params
['access_network_type'] = "1"
241 del params
['venue_group']
242 del params
['venue_type']
243 hostapd
.add_ap(apdev
[1]['ifname'], params
)
250 logger
.info("Check probe request filtering based on HESSID")
252 dev
[0].request("SET hessid " + bssid2
)
253 dev
[0].scan(freq
="2412")
255 check_probe_resp(wt
, bssid
, bssid2
)
257 logger
.info("Check probe request filtering based on access network type")
259 wt
.clear_bss_counters(bssid
)
260 wt
.clear_bss_counters(bssid2
)
261 dev
[0].request("SET hessid 00:00:00:00:00:00")
262 dev
[0].request("SET access_network_type 14")
263 dev
[0].scan(freq
="2412")
265 check_probe_resp(wt
, bssid2
, bssid
)
267 wt
.clear_bss_counters(bssid
)
268 wt
.clear_bss_counters(bssid2
)
269 dev
[0].request("SET hessid 00:00:00:00:00:00")
270 dev
[0].request("SET access_network_type 1")
271 dev
[0].scan(freq
="2412")
273 check_probe_resp(wt
, bssid
, bssid2
)
275 logger
.info("Check probe request filtering based on HESSID and ANT")
277 wt
.clear_bss_counters(bssid
)
278 wt
.clear_bss_counters(bssid2
)
279 dev
[0].request("SET hessid " + bssid
)
280 dev
[0].request("SET access_network_type 14")
281 dev
[0].scan(freq
="2412")
283 check_probe_resp(wt
, bssid2
, bssid
)
285 wt
.clear_bss_counters(bssid
)
286 wt
.clear_bss_counters(bssid2
)
287 dev
[0].request("SET hessid " + bssid2
)
288 dev
[0].request("SET access_network_type 14")
289 dev
[0].scan(freq
="2412")
291 check_probe_resp(wt
, bssid
, None)
292 check_probe_resp(wt
, bssid2
, None)
294 wt
.clear_bss_counters(bssid
)
295 wt
.clear_bss_counters(bssid2
)
296 dev
[0].request("SET hessid " + bssid
)
297 dev
[0].request("SET access_network_type 1")
298 dev
[0].scan(freq
="2412")
300 check_probe_resp(wt
, bssid
, None)
301 check_probe_resp(wt
, bssid2
, None)
303 def test_ap_hs20_select(dev
, apdev
):
304 """Hotspot 2.0 network selection"""
305 bssid
= apdev
[0]['bssid']
306 params
= hs20_ap_params()
307 params
['hessid'] = bssid
308 hostapd
.add_ap(apdev
[0]['ifname'], params
)
311 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
312 'password': "secret",
313 'domain': "example.com" })
314 interworking_select(dev
[0], bssid
, "home")
316 dev
[0].remove_cred(id)
317 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
318 'password': "secret",
319 'domain': "no.match.example.com" })
320 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
322 dev
[0].set_cred_quoted(id, "realm", "no.match.example.com");
323 interworking_select(dev
[0], bssid
, no_match
=True, freq
="2412")
325 bssid2
= apdev
[1]['bssid']
326 params
= hs20_ap_params()
327 params
['nai_realm'] = [ "0,example.org,21" ]
328 params
['hessid'] = bssid2
329 params
['domain_name'] = "example.org"
330 hostapd
.add_ap(apdev
[1]['ifname'], params
)
331 dev
[0].remove_cred(id)
332 id = dev
[0].add_cred_values({ 'realm': "example.org", 'username': "test",
333 'password': "secret",
334 'domain': "example.org" })
335 interworking_select(dev
[0], bssid2
, "home", freq
="2412")
337 def hs20_simulated_sim(dev
, ap
, method
):
339 params
= hs20_ap_params()
340 params
['hessid'] = bssid
341 params
['anqp_3gpp_cell_net'] = "555,444"
342 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
343 hostapd
.add_ap(ap
['ifname'], params
)
346 dev
.add_cred_values({ 'imsi': "555444-333222111", 'eap': method
,
347 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
348 interworking_select(dev
, "home", freq
="2412")
349 interworking_connect(dev
, bssid
, method
)
350 check_sp_type(dev
, "home")
352 def test_ap_hs20_sim(dev
, apdev
):
353 """Hotspot 2.0 with simulated SIM and EAP-SIM"""
354 if not hlr_auc_gw_available():
356 hs20_simulated_sim(dev
[0], apdev
[0], "SIM")
357 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
358 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
360 raise Exception("Timeout on already-connected event")
362 def test_ap_hs20_aka(dev
, apdev
):
363 """Hotspot 2.0 with simulated USIM and EAP-AKA"""
364 if not hlr_auc_gw_available():
366 hs20_simulated_sim(dev
[0], apdev
[0], "AKA")
368 def test_ap_hs20_aka_prime(dev
, apdev
):
369 """Hotspot 2.0 with simulated USIM and EAP-AKA'"""
370 if not hlr_auc_gw_available():
372 hs20_simulated_sim(dev
[0], apdev
[0], "AKA'")
374 def test_ap_hs20_ext_sim(dev
, apdev
):
375 """Hotspot 2.0 with external SIM processing"""
376 if not hlr_auc_gw_available():
378 bssid
= apdev
[0]['bssid']
379 params
= hs20_ap_params()
380 params
['hessid'] = bssid
381 params
['anqp_3gpp_cell_net'] = "232,01"
382 params
['domain_name'] = "wlan.mnc001.mcc232.3gppnetwork.org"
383 hostapd
.add_ap(apdev
[0]['ifname'], params
)
386 dev
[0].request("SET external_sim 1")
387 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
388 interworking_select(dev
[0], "home", freq
="2412")
389 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
390 check_sp_type(dev
[0], "home")
392 def test_ap_hs20_ext_sim_roaming(dev
, apdev
):
393 """Hotspot 2.0 with external SIM processing in roaming network"""
394 if not hlr_auc_gw_available():
396 bssid
= apdev
[0]['bssid']
397 params
= hs20_ap_params()
398 params
['hessid'] = bssid
399 params
['anqp_3gpp_cell_net'] = "244,91;310,026;232,01;234,56"
400 params
['domain_name'] = "wlan.mnc091.mcc244.3gppnetwork.org"
401 hostapd
.add_ap(apdev
[0]['ifname'], params
)
404 dev
[0].request("SET external_sim 1")
405 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
406 interworking_select(dev
[0], "roaming", freq
="2412")
407 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
408 check_sp_type(dev
[0], "roaming")
410 def test_ap_hs20_username(dev
, apdev
):
411 """Hotspot 2.0 connection in username/password credential"""
412 bssid
= apdev
[0]['bssid']
413 params
= hs20_ap_params()
414 params
['hessid'] = bssid
415 params
['disable_dgaf'] = '1'
416 hostapd
.add_ap(apdev
[0]['ifname'], params
)
419 id = dev
[0].add_cred_values({ 'realm': "example.com",
420 'username': "hs20-test",
421 'password': "password",
422 'ca_cert': "auth_serv/ca.pem",
423 'domain': "example.com",
424 'update_identifier': "1234" })
425 interworking_select(dev
[0], bssid
, "home", freq
="2412")
426 interworking_connect(dev
[0], bssid
, "TTLS")
427 check_sp_type(dev
[0], "home")
428 status
= dev
[0].get_status()
429 if status
['pairwise_cipher'] != "CCMP":
430 raise Exception("Unexpected pairwise cipher")
431 if status
['hs20'] != "2":
432 raise Exception("Unexpected HS 2.0 support indication")
434 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
435 identity
="hs20-test", password
="password",
436 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
439 def test_ap_hs20_connect_api(dev
, apdev
):
440 """Hotspot 2.0 connection with connect API"""
441 bssid
= apdev
[0]['bssid']
442 params
= hs20_ap_params()
443 params
['hessid'] = bssid
444 params
['disable_dgaf'] = '1'
445 hostapd
.add_ap(apdev
[0]['ifname'], params
)
447 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
448 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
450 id = wpas
.add_cred_values({ 'realm': "example.com",
451 'username': "hs20-test",
452 'password': "password",
453 'ca_cert': "auth_serv/ca.pem",
454 'domain': "example.com",
455 'update_identifier': "1234" })
456 interworking_select(wpas
, bssid
, "home", freq
="2412")
457 interworking_connect(wpas
, bssid
, "TTLS")
458 check_sp_type(wpas
, "home")
459 status
= wpas
.get_status()
460 if status
['pairwise_cipher'] != "CCMP":
461 raise Exception("Unexpected pairwise cipher")
462 if status
['hs20'] != "2":
463 raise Exception("Unexpected HS 2.0 support indication")
465 def test_ap_hs20_auto_interworking(dev
, apdev
):
466 """Hotspot 2.0 connection with auto_interworking=1"""
467 bssid
= apdev
[0]['bssid']
468 params
= hs20_ap_params()
469 params
['hessid'] = bssid
470 params
['disable_dgaf'] = '1'
471 hostapd
.add_ap(apdev
[0]['ifname'], params
)
473 dev
[0].hs20_enable(auto_interworking
=True)
474 id = dev
[0].add_cred_values({ 'realm': "example.com",
475 'username': "hs20-test",
476 'password': "password",
477 'ca_cert': "auth_serv/ca.pem",
478 'domain': "example.com",
479 'update_identifier': "1234" })
480 dev
[0].request("REASSOCIATE")
481 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
483 raise Exception("Connection timed out")
484 check_sp_type(dev
[0], "home")
485 status
= dev
[0].get_status()
486 if status
['pairwise_cipher'] != "CCMP":
487 raise Exception("Unexpected pairwise cipher")
488 if status
['hs20'] != "2":
489 raise Exception("Unexpected HS 2.0 support indication")
491 def eap_test(dev
, ap
, eap_params
, method
, user
):
493 params
= hs20_ap_params()
494 params
['nai_realm'] = [ "0,example.com," + eap_params
]
495 hostapd
.add_ap(ap
['ifname'], params
)
498 dev
.add_cred_values({ 'realm': "example.com",
500 'password': "password" })
501 interworking_select(dev
, bssid
, freq
="2412")
502 interworking_connect(dev
, bssid
, method
)
504 def test_ap_hs20_eap_unknown(dev
, apdev
):
505 """Hotspot 2.0 connection with unknown EAP method"""
506 bssid
= apdev
[0]['bssid']
507 params
= hs20_ap_params()
508 params
['nai_realm'] = "0,example.com,99"
509 hostapd
.add_ap(apdev
[0]['ifname'], params
)
512 dev
[0].add_cred_values(default_cred())
513 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
515 def test_ap_hs20_eap_peap_mschapv2(dev
, apdev
):
516 """Hotspot 2.0 connection with PEAP/MSCHAPV2"""
517 eap_test(dev
[0], apdev
[0], "25[3:26]", "PEAP", "user")
519 def test_ap_hs20_eap_peap_default(dev
, apdev
):
520 """Hotspot 2.0 connection with PEAP/MSCHAPV2 (as default)"""
521 eap_test(dev
[0], apdev
[0], "25", "PEAP", "user")
523 def test_ap_hs20_eap_peap_gtc(dev
, apdev
):
524 """Hotspot 2.0 connection with PEAP/GTC"""
525 eap_test(dev
[0], apdev
[0], "25[3:6]", "PEAP", "user")
527 def test_ap_hs20_eap_peap_unknown(dev
, apdev
):
528 """Hotspot 2.0 connection with PEAP/unknown"""
529 bssid
= apdev
[0]['bssid']
530 params
= hs20_ap_params()
531 params
['nai_realm'] = "0,example.com,25[3:99]"
532 hostapd
.add_ap(apdev
[0]['ifname'], params
)
535 dev
[0].add_cred_values(default_cred())
536 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
538 def test_ap_hs20_eap_ttls_chap(dev
, apdev
):
539 """Hotspot 2.0 connection with TTLS/CHAP"""
540 eap_test(dev
[0], apdev
[0], "21[2:2]", "TTLS", "chap user")
542 def test_ap_hs20_eap_ttls_mschap(dev
, apdev
):
543 """Hotspot 2.0 connection with TTLS/MSCHAP"""
544 eap_test(dev
[0], apdev
[0], "21[2:3]", "TTLS", "mschap user")
546 def test_ap_hs20_eap_ttls_eap_mschapv2(dev
, apdev
):
547 """Hotspot 2.0 connection with TTLS/EAP-MSCHAPv2"""
548 eap_test(dev
[0], apdev
[0], "21[3:26][6:7][99:99]", "TTLS", "user")
550 def test_ap_hs20_eap_ttls_eap_unknown(dev
, apdev
):
551 """Hotspot 2.0 connection with TTLS/EAP-unknown"""
552 bssid
= apdev
[0]['bssid']
553 params
= hs20_ap_params()
554 params
['nai_realm'] = "0,example.com,21[3:99]"
555 hostapd
.add_ap(apdev
[0]['ifname'], params
)
558 dev
[0].add_cred_values(default_cred())
559 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
561 def test_ap_hs20_eap_ttls_eap_unsupported(dev
, apdev
):
562 """Hotspot 2.0 connection with TTLS/EAP-OTP(unsupported)"""
563 bssid
= apdev
[0]['bssid']
564 params
= hs20_ap_params()
565 params
['nai_realm'] = "0,example.com,21[3:5]"
566 hostapd
.add_ap(apdev
[0]['ifname'], params
)
569 dev
[0].add_cred_values(default_cred())
570 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
572 def test_ap_hs20_eap_ttls_unknown(dev
, apdev
):
573 """Hotspot 2.0 connection with TTLS/unknown"""
574 bssid
= apdev
[0]['bssid']
575 params
= hs20_ap_params()
576 params
['nai_realm'] = "0,example.com,21[2:5]"
577 hostapd
.add_ap(apdev
[0]['ifname'], params
)
580 dev
[0].add_cred_values(default_cred())
581 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
583 def test_ap_hs20_eap_fast_mschapv2(dev
, apdev
):
584 """Hotspot 2.0 connection with FAST/EAP-MSCHAPV2"""
585 eap_test(dev
[0], apdev
[0], "43[3:26]", "FAST", "user")
587 def test_ap_hs20_eap_fast_gtc(dev
, apdev
):
588 """Hotspot 2.0 connection with FAST/EAP-GTC"""
589 eap_test(dev
[0], apdev
[0], "43[3:6]", "FAST", "user")
591 def test_ap_hs20_eap_tls(dev
, apdev
):
592 """Hotspot 2.0 connection with EAP-TLS"""
593 bssid
= apdev
[0]['bssid']
594 params
= hs20_ap_params()
595 params
['nai_realm'] = [ "0,example.com,13[5:6]" ]
596 hostapd
.add_ap(apdev
[0]['ifname'], params
)
599 dev
[0].add_cred_values({ 'realm': "example.com",
600 'username': "certificate-user",
601 'ca_cert': "auth_serv/ca.pem",
602 'client_cert': "auth_serv/user.pem",
603 'private_key': "auth_serv/user.key"})
604 interworking_select(dev
[0], bssid
, freq
="2412")
605 interworking_connect(dev
[0], bssid
, "TLS")
607 def test_ap_hs20_eap_cert_unknown(dev
, apdev
):
608 """Hotspot 2.0 connection with certificate, but unknown EAP method"""
609 bssid
= apdev
[0]['bssid']
610 params
= hs20_ap_params()
611 params
['nai_realm'] = [ "0,example.com,99[5:6]" ]
612 hostapd
.add_ap(apdev
[0]['ifname'], params
)
615 dev
[0].add_cred_values({ 'realm': "example.com",
616 'username': "certificate-user",
617 'ca_cert': "auth_serv/ca.pem",
618 'client_cert': "auth_serv/user.pem",
619 'private_key': "auth_serv/user.key"})
620 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
622 def test_ap_hs20_eap_cert_unsupported(dev
, apdev
):
623 """Hotspot 2.0 connection with certificate, but unsupported TTLS"""
624 bssid
= apdev
[0]['bssid']
625 params
= hs20_ap_params()
626 params
['nai_realm'] = [ "0,example.com,21[5:6]" ]
627 hostapd
.add_ap(apdev
[0]['ifname'], params
)
630 dev
[0].add_cred_values({ 'realm': "example.com",
631 'username': "certificate-user",
632 'ca_cert': "auth_serv/ca.pem",
633 'client_cert': "auth_serv/user.pem",
634 'private_key': "auth_serv/user.key"})
635 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
637 def test_ap_hs20_eap_invalid_cred(dev
, apdev
):
638 """Hotspot 2.0 connection with invalid cred configuration"""
639 bssid
= apdev
[0]['bssid']
640 params
= hs20_ap_params()
641 hostapd
.add_ap(apdev
[0]['ifname'], params
)
644 dev
[0].add_cred_values({ 'realm': "example.com",
645 'username': "certificate-user",
646 'client_cert': "auth_serv/user.pem" })
647 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
649 def test_ap_hs20_nai_realms(dev
, apdev
):
650 """Hotspot 2.0 connection and multiple NAI realms and TTLS/PAP"""
651 bssid
= apdev
[0]['bssid']
652 params
= hs20_ap_params()
653 params
['hessid'] = bssid
654 params
['nai_realm'] = [ "0,no.match.here;example.com;no.match.here.either,21[2:1][5:7]" ]
655 hostapd
.add_ap(apdev
[0]['ifname'], params
)
658 id = dev
[0].add_cred_values({ 'realm': "example.com",
659 'username': "pap user",
660 'password': "password",
661 'domain': "example.com" })
662 interworking_select(dev
[0], bssid
, "home", freq
="2412")
663 interworking_connect(dev
[0], bssid
, "TTLS")
664 check_sp_type(dev
[0], "home")
666 def test_ap_hs20_roaming_consortium(dev
, apdev
):
667 """Hotspot 2.0 connection based on roaming consortium match"""
668 bssid
= apdev
[0]['bssid']
669 params
= hs20_ap_params()
670 params
['hessid'] = bssid
671 hostapd
.add_ap(apdev
[0]['ifname'], params
)
674 for consortium
in [ "112233", "1020304050", "010203040506", "fedcba" ]:
675 id = dev
[0].add_cred_values({ 'username': "user",
676 'password': "password",
677 'domain': "example.com",
678 'roaming_consortium': consortium
,
680 interworking_select(dev
[0], bssid
, "home", freq
="2412")
681 interworking_connect(dev
[0], bssid
, "PEAP")
682 check_sp_type(dev
[0], "home")
683 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
684 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
686 raise Exception("Timeout on already-connected event")
687 dev
[0].remove_cred(id)
689 def test_ap_hs20_username_roaming(dev
, apdev
):
690 """Hotspot 2.0 connection in username/password credential (roaming)"""
691 bssid
= apdev
[0]['bssid']
692 params
= hs20_ap_params()
693 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
694 "0,roaming.example.com,21[2:4][5:7]",
695 "0,another.example.com" ]
696 params
['domain_name'] = "another.example.com"
697 params
['hessid'] = bssid
698 hostapd
.add_ap(apdev
[0]['ifname'], params
)
701 id = dev
[0].add_cred_values({ 'realm': "roaming.example.com",
702 'username': "hs20-test",
703 'password': "password",
704 'domain': "example.com" })
705 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
706 interworking_connect(dev
[0], bssid
, "TTLS")
707 check_sp_type(dev
[0], "roaming")
709 def test_ap_hs20_username_unknown(dev
, apdev
):
710 """Hotspot 2.0 connection in username/password credential (no domain in cred)"""
711 bssid
= apdev
[0]['bssid']
712 params
= hs20_ap_params()
713 params
['hessid'] = bssid
714 hostapd
.add_ap(apdev
[0]['ifname'], params
)
717 id = dev
[0].add_cred_values({ 'realm': "example.com",
718 'username': "hs20-test",
719 'password': "password" })
720 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
721 interworking_connect(dev
[0], bssid
, "TTLS")
722 check_sp_type(dev
[0], "unknown")
724 def test_ap_hs20_username_unknown2(dev
, apdev
):
725 """Hotspot 2.0 connection in username/password credential (no domain advertized)"""
726 bssid
= apdev
[0]['bssid']
727 params
= hs20_ap_params()
728 params
['hessid'] = bssid
729 del params
['domain_name']
730 hostapd
.add_ap(apdev
[0]['ifname'], params
)
733 id = dev
[0].add_cred_values({ 'realm': "example.com",
734 'username': "hs20-test",
735 'password': "password",
736 'domain': "example.com" })
737 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
738 interworking_connect(dev
[0], bssid
, "TTLS")
739 check_sp_type(dev
[0], "unknown")
741 def test_ap_hs20_gas_while_associated(dev
, apdev
):
742 """Hotspot 2.0 connection with GAS query while associated"""
743 bssid
= apdev
[0]['bssid']
744 params
= hs20_ap_params()
745 params
['hessid'] = bssid
746 hostapd
.add_ap(apdev
[0]['ifname'], params
)
749 id = dev
[0].add_cred_values({ 'realm': "example.com",
750 'username': "hs20-test",
751 'password': "password",
752 'domain': "example.com" })
753 interworking_select(dev
[0], bssid
, "home", freq
="2412")
754 interworking_connect(dev
[0], bssid
, "TTLS")
756 logger
.info("Verifying GAS query while associated")
757 dev
[0].request("FETCH_ANQP")
758 for i
in range(0, 6):
759 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
761 raise Exception("Operation timed out")
763 def test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
):
764 """Hotspot 2.0 connection with GAS query while associated and using PMF"""
765 bssid
= apdev
[0]['bssid']
766 params
= hs20_ap_params()
767 params
['hessid'] = bssid
768 hostapd
.add_ap(apdev
[0]['ifname'], params
)
770 bssid2
= apdev
[1]['bssid']
771 params
= hs20_ap_params()
772 params
['hessid'] = bssid2
773 params
['nai_realm'] = [ "0,no-match.example.org,13[5:6],21[2:4][5:7]" ]
774 hostapd
.add_ap(apdev
[1]['ifname'], params
)
777 dev
[0].request("SET pmf 2")
778 id = dev
[0].add_cred_values({ 'realm': "example.com",
779 'username': "hs20-test",
780 'password': "password",
781 'domain': "example.com" })
782 interworking_select(dev
[0], bssid
, "home", freq
="2412")
783 interworking_connect(dev
[0], bssid
, "TTLS")
785 logger
.info("Verifying GAS query while associated")
786 dev
[0].request("FETCH_ANQP")
787 for i
in range(0, 2 * 6):
788 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
790 raise Exception("Operation timed out")
792 def test_ap_hs20_gas_frag_while_associated(dev
, apdev
):
793 """Hotspot 2.0 connection with fragmented GAS query while associated"""
794 bssid
= apdev
[0]['bssid']
795 params
= hs20_ap_params()
796 params
['hessid'] = bssid
797 hostapd
.add_ap(apdev
[0]['ifname'], params
)
798 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
799 hapd
.set("gas_frag_limit", "50")
802 id = dev
[0].add_cred_values({ 'realm': "example.com",
803 'username': "hs20-test",
804 'password': "password",
805 'domain': "example.com" })
806 interworking_select(dev
[0], bssid
, "home", freq
="2412")
807 interworking_connect(dev
[0], bssid
, "TTLS")
809 logger
.info("Verifying GAS query while associated")
810 dev
[0].request("FETCH_ANQP")
811 for i
in range(0, 6):
812 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
814 raise Exception("Operation timed out")
816 def test_ap_hs20_multiple_connects(dev
, apdev
):
817 """Hotspot 2.0 connection through multiple network selections"""
818 bssid
= apdev
[0]['bssid']
819 params
= hs20_ap_params()
820 params
['hessid'] = bssid
821 hostapd
.add_ap(apdev
[0]['ifname'], params
)
824 values
= { 'realm': "example.com",
825 'username': "hs20-test",
826 'password': "password",
827 'domain': "example.com" }
828 id = dev
[0].add_cred_values(values
)
830 for i
in range(0, 3):
831 logger
.info("Starting Interworking network selection")
832 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
834 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
835 "INTERWORKING-ALREADY-CONNECTED",
836 "CTRL-EVENT-CONNECTED"], timeout
=15)
838 raise Exception("Connection timed out")
839 if "INTERWORKING-NO-MATCH" in ev
:
840 raise Exception("Matching AP not found")
841 if "CTRL-EVENT-CONNECTED" in ev
:
843 if i
== 2 and "INTERWORKING-ALREADY-CONNECTED" in ev
:
846 dev
[0].request("DISCONNECT")
847 dev
[0].dump_monitor()
849 networks
= dev
[0].list_networks()
850 if len(networks
) > 1:
851 raise Exception("Duplicated network block detected")
853 def test_ap_hs20_disallow_aps(dev
, apdev
):
854 """Hotspot 2.0 connection and disallow_aps"""
855 bssid
= apdev
[0]['bssid']
856 params
= hs20_ap_params()
857 params
['hessid'] = bssid
858 hostapd
.add_ap(apdev
[0]['ifname'], params
)
861 values
= { 'realm': "example.com",
862 'username': "hs20-test",
863 'password': "password",
864 'domain': "example.com" }
865 id = dev
[0].add_cred_values(values
)
867 logger
.info("Verify disallow_aps bssid")
868 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
869 dev
[0].request("INTERWORKING_SELECT auto")
870 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
872 raise Exception("Network selection timed out")
873 dev
[0].dump_monitor()
875 logger
.info("Verify disallow_aps ssid")
876 dev
[0].request("SET disallow_aps ssid 746573742d68733230")
877 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
878 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
880 raise Exception("Network selection timed out")
881 dev
[0].dump_monitor()
883 logger
.info("Verify disallow_aps clear")
884 dev
[0].request("SET disallow_aps ")
885 interworking_select(dev
[0], bssid
, "home", freq
="2412")
887 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
888 ret
= dev
[0].request("INTERWORKING_CONNECT " + bssid
)
889 if "FAIL" not in ret
:
890 raise Exception("INTERWORKING_CONNECT to disallowed BSS not rejected")
892 def policy_test(dev
, ap
, values
, only_one
=True):
895 logger
.info("Verify network selection to AP " + ap
['ifname'])
898 logger
.info("Verify network selection")
901 id = dev
.add_cred_values(values
)
902 dev
.request("INTERWORKING_SELECT auto freq=2412")
905 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH",
906 "INTERWORKING-BLACKLISTED",
907 "INTERWORKING-SELECTED"], timeout
=15)
909 raise Exception("Network selection timed out")
911 if "INTERWORKING-NO-MATCH" in ev
:
912 raise Exception("Matching AP not found")
913 if bssid
and only_one
and "INTERWORKING-AP" in ev
and bssid
not in ev
:
914 raise Exception("Unexpected AP claimed acceptable")
915 if "INTERWORKING-SELECTED" in ev
:
916 if bssid
and bssid
not in ev
:
917 raise Exception("Selected incorrect BSS")
920 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
922 raise Exception("Connection timed out")
923 if bssid
and bssid
not in ev
:
924 raise Exception("Connected to incorrect BSS")
926 conn_bssid
= dev
.get_status_field("bssid")
927 if bssid
and conn_bssid
!= bssid
:
928 raise Exception("bssid information points to incorrect BSS")
934 def default_cred(domain
=None):
935 cred
= { 'realm': "example.com",
936 'username': "hs20-test",
937 'password': "password" }
939 cred
['domain'] = domain
942 def test_ap_hs20_prefer_home(dev
, apdev
):
943 """Hotspot 2.0 required roaming consortium"""
944 params
= hs20_ap_params()
945 params
['domain_name'] = "example.org"
946 hostapd
.add_ap(apdev
[0]['ifname'], params
)
948 params
= hs20_ap_params()
949 params
['ssid'] = "test-hs20-other"
950 params
['domain_name'] = "example.com"
951 hostapd
.add_ap(apdev
[1]['ifname'], params
)
953 values
= default_cred()
954 values
['domain'] = "example.com"
955 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
956 values
['domain'] = "example.org"
957 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
959 def test_ap_hs20_req_roaming_consortium(dev
, apdev
):
960 """Hotspot 2.0 required roaming consortium"""
961 params
= hs20_ap_params()
962 hostapd
.add_ap(apdev
[0]['ifname'], params
)
964 params
= hs20_ap_params()
965 params
['ssid'] = "test-hs20-other"
966 params
['roaming_consortium'] = [ "223344" ]
967 hostapd
.add_ap(apdev
[1]['ifname'], params
)
969 values
= default_cred()
970 values
['required_roaming_consortium'] = "223344"
971 policy_test(dev
[0], apdev
[1], values
)
972 values
['required_roaming_consortium'] = "112233"
973 policy_test(dev
[0], apdev
[0], values
)
975 id = dev
[0].add_cred()
976 dev
[0].set_cred(id, "required_roaming_consortium", "112233")
977 dev
[0].set_cred(id, "required_roaming_consortium", "112233445566778899aabbccddeeff")
979 for val
in [ "", "1", "11", "1122", "1122334", "112233445566778899aabbccddeeff00" ]:
980 if "FAIL" not in dev
[0].request('SET_CRED {} required_roaming_consortium {}'.format(id, val
)):
981 raise Exception("Invalid roaming consortium value accepted: " + val
)
983 def test_ap_hs20_excluded_ssid(dev
, apdev
):
984 """Hotspot 2.0 exclusion based on SSID"""
985 params
= hs20_ap_params()
986 params
['roaming_consortium'] = [ "223344" ]
987 params
['anqp_3gpp_cell_net'] = "555,444"
988 hostapd
.add_ap(apdev
[0]['ifname'], params
)
990 params
= hs20_ap_params()
991 params
['ssid'] = "test-hs20-other"
992 params
['roaming_consortium'] = [ "223344" ]
993 params
['anqp_3gpp_cell_net'] = "555,444"
994 hostapd
.add_ap(apdev
[1]['ifname'], params
)
996 values
= default_cred()
997 values
['excluded_ssid'] = "test-hs20"
998 events
= policy_test(dev
[0], apdev
[1], values
)
999 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1001 raise Exception("Excluded network not reported")
1002 values
['excluded_ssid'] = "test-hs20-other"
1003 events
= policy_test(dev
[0], apdev
[0], values
)
1004 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[1]['bssid'] in e
]
1006 raise Exception("Excluded network not reported")
1008 values
= default_cred()
1009 values
['roaming_consortium'] = "223344"
1010 values
['eap'] = "TTLS"
1011 values
['phase2'] = "auth=MSCHAPV2"
1012 values
['excluded_ssid'] = "test-hs20"
1013 events
= policy_test(dev
[0], apdev
[1], values
)
1014 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1016 raise Exception("Excluded network not reported")
1018 values
= { 'imsi': "555444-333222111", 'eap': "SIM",
1019 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123",
1020 'excluded_ssid': "test-hs20" }
1021 events
= policy_test(dev
[0], apdev
[1], values
)
1022 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1024 raise Exception("Excluded network not reported")
1026 def test_ap_hs20_roam_to_higher_prio(dev
, apdev
):
1027 """Hotspot 2.0 and roaming from current to higher priority network"""
1028 bssid
= apdev
[0]['bssid']
1029 params
= hs20_ap_params(ssid
="test-hs20-visited")
1030 params
['domain_name'] = "visited.example.org"
1031 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1033 dev
[0].hs20_enable()
1034 id = dev
[0].add_cred_values({ 'realm': "example.com",
1035 'username': "hs20-test",
1036 'password': "password",
1037 'domain': "example.com" })
1038 logger
.info("Connect to the only network option")
1039 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
1040 dev
[0].dump_monitor()
1041 interworking_connect(dev
[0], bssid
, "TTLS")
1043 logger
.info("Start another AP (home operator) and reconnect")
1044 bssid2
= apdev
[1]['bssid']
1045 params
= hs20_ap_params(ssid
="test-hs20-home")
1046 params
['domain_name'] = "example.com"
1047 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1049 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1050 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
1051 "INTERWORKING-ALREADY-CONNECTED",
1052 "CTRL-EVENT-CONNECTED"], timeout
=15)
1054 raise Exception("Connection timed out")
1055 if "INTERWORKING-NO-MATCH" in ev
:
1056 raise Exception("Matching AP not found")
1057 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1058 raise Exception("Unexpected AP selected")
1059 if bssid2
not in ev
:
1060 raise Exception("Unexpected BSSID after reconnection")
1062 def test_ap_hs20_domain_suffix_match(dev
, apdev
):
1063 """Hotspot 2.0 and domain_suffix_match"""
1064 bssid
= apdev
[0]['bssid']
1065 params
= hs20_ap_params()
1066 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1068 dev
[0].hs20_enable()
1069 id = dev
[0].add_cred_values({ 'realm': "example.com",
1070 'username': "hs20-test",
1071 'password': "password",
1072 'domain': "example.com",
1073 'domain_suffix_match': "w1.fi" })
1074 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1075 dev
[0].dump_monitor()
1076 interworking_connect(dev
[0], bssid
, "TTLS")
1077 dev
[0].request("REMOVE_NETWORK all")
1078 dev
[0].dump_monitor()
1080 dev
[0].set_cred_quoted(id, "domain_suffix_match", "no-match.example.com")
1081 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1082 dev
[0].dump_monitor()
1083 dev
[0].request("INTERWORKING_CONNECT " + bssid
)
1084 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"])
1086 raise Exception("TLS certificate error not reported")
1087 if "Domain suffix mismatch" not in ev
:
1088 raise Exception("Domain suffix mismatch not reported")
1090 def test_ap_hs20_roaming_partner_preference(dev
, apdev
):
1091 """Hotspot 2.0 and roaming partner preference"""
1092 params
= hs20_ap_params()
1093 params
['domain_name'] = "roaming.example.org"
1094 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1096 params
= hs20_ap_params()
1097 params
['ssid'] = "test-hs20-other"
1098 params
['domain_name'] = "roaming.example.net"
1099 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1101 logger
.info("Verify default vs. specified preference")
1102 values
= default_cred()
1103 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1104 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1105 values
['roaming_partner'] = "roaming.example.net,1,129,*"
1106 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1108 logger
.info("Verify partial FQDN match")
1109 values
['roaming_partner'] = "example.net,0,0,*"
1110 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1111 values
['roaming_partner'] = "example.net,0,255,*"
1112 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1114 def test_ap_hs20_max_bss_load(dev
, apdev
):
1115 """Hotspot 2.0 and maximum BSS load"""
1116 params
= hs20_ap_params()
1117 params
['bss_load_test'] = "12:200:20000"
1118 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1120 params
= hs20_ap_params()
1121 params
['ssid'] = "test-hs20-other"
1122 params
['bss_load_test'] = "5:20:10000"
1123 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1125 logger
.info("Verify maximum BSS load constraint")
1126 values
= default_cred()
1127 values
['domain'] = "example.com"
1128 values
['max_bss_load'] = "100"
1129 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1131 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1132 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1133 raise Exception("Maximum BSS Load case not noticed")
1134 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1135 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1136 raise Exception("Maximum BSS Load case reported incorrectly")
1138 logger
.info("Verify maximum BSS load does not prevent connection")
1139 values
['max_bss_load'] = "1"
1140 events
= policy_test(dev
[0], None, values
)
1142 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1143 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1144 raise Exception("Maximum BSS Load case not noticed")
1145 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1146 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1147 raise Exception("Maximum BSS Load case not noticed")
1149 def test_ap_hs20_max_bss_load2(dev
, apdev
):
1150 """Hotspot 2.0 and maximum BSS load with one AP not advertising"""
1151 params
= hs20_ap_params()
1152 params
['bss_load_test'] = "12:200:20000"
1153 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1155 params
= hs20_ap_params()
1156 params
['ssid'] = "test-hs20-other"
1157 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1159 logger
.info("Verify maximum BSS load constraint with AP advertisement")
1160 values
= default_cred()
1161 values
['domain'] = "example.com"
1162 values
['max_bss_load'] = "100"
1163 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1165 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1166 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1167 raise Exception("Maximum BSS Load case not noticed")
1168 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1169 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1170 raise Exception("Maximum BSS Load case reported incorrectly")
1172 def test_ap_hs20_multi_cred_sp_prio(dev
, apdev
):
1173 """Hotspot 2.0 multi-cred sp_priority"""
1174 if not hlr_auc_gw_available():
1176 bssid
= apdev
[0]['bssid']
1177 params
= hs20_ap_params()
1178 params
['hessid'] = bssid
1179 del params
['domain_name']
1180 params
['anqp_3gpp_cell_net'] = "232,01"
1181 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1183 dev
[0].hs20_enable()
1184 dev
[0].request("SET external_sim 1")
1185 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1186 'provisioning_sp': "example.com",
1187 'sp_priority' :"1" })
1188 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1189 'username': "hs20-test",
1190 'password': "password",
1191 'domain': "example.com",
1192 'provisioning_sp': "example.com",
1193 'sp_priority': "2" })
1194 dev
[0].dump_monitor()
1195 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1196 interworking_ext_sim_auth(dev
[0], "SIM")
1197 check_sp_type(dev
[0], "unknown")
1198 dev
[0].request("REMOVE_NETWORK all")
1200 dev
[0].set_cred(id1
, "sp_priority", "2")
1201 dev
[0].set_cred(id2
, "sp_priority", "1")
1202 dev
[0].dump_monitor()
1203 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1204 interworking_auth(dev
[0], "TTLS")
1205 check_sp_type(dev
[0], "unknown")
1207 def test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
):
1208 """Hotspot 2.0 multi-cred sp_priority with two BSSes"""
1209 if not hlr_auc_gw_available():
1211 bssid
= apdev
[0]['bssid']
1212 params
= hs20_ap_params()
1213 params
['hessid'] = bssid
1214 del params
['nai_realm']
1215 del params
['domain_name']
1216 params
['anqp_3gpp_cell_net'] = "232,01"
1217 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1219 bssid2
= apdev
[1]['bssid']
1220 params
= hs20_ap_params()
1221 params
['ssid'] = "test-hs20-other"
1222 params
['hessid'] = bssid2
1223 del params
['domain_name']
1224 del params
['anqp_3gpp_cell_net']
1225 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1227 dev
[0].hs20_enable()
1228 dev
[0].request("SET external_sim 1")
1229 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1230 'provisioning_sp': "example.com",
1231 'sp_priority': "1" })
1232 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1233 'username': "hs20-test",
1234 'password': "password",
1235 'domain': "example.com",
1236 'provisioning_sp': "example.com",
1237 'sp_priority': "2" })
1238 dev
[0].dump_monitor()
1239 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1240 interworking_ext_sim_auth(dev
[0], "SIM")
1241 check_sp_type(dev
[0], "unknown")
1242 conn_bssid
= dev
[0].get_status_field("bssid")
1243 if conn_bssid
!= bssid
:
1244 raise Exception("Connected to incorrect BSS")
1245 dev
[0].request("REMOVE_NETWORK all")
1247 dev
[0].set_cred(id1
, "sp_priority", "2")
1248 dev
[0].set_cred(id2
, "sp_priority", "1")
1249 dev
[0].dump_monitor()
1250 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1251 interworking_auth(dev
[0], "TTLS")
1252 check_sp_type(dev
[0], "unknown")
1253 conn_bssid
= dev
[0].get_status_field("bssid")
1254 if conn_bssid
!= bssid2
:
1255 raise Exception("Connected to incorrect BSS")
1257 def check_conn_capab_selection(dev
, type, missing
):
1258 dev
.request("INTERWORKING_SELECT freq=2412")
1259 ev
= dev
.wait_event(["INTERWORKING-AP"])
1261 raise Exception("Network selection timed out");
1262 if "type=" + type not in ev
:
1263 raise Exception("Unexpected network type")
1264 if missing
and "conn_capab_missing=1" not in ev
:
1265 raise Exception("conn_capab_missing not reported")
1266 if not missing
and "conn_capab_missing=1" in ev
:
1267 raise Exception("conn_capab_missing reported unexpectedly")
1269 def conn_capab_cred(domain
=None, req_conn_capab
=None):
1270 cred
= default_cred(domain
=domain
)
1272 cred
['req_conn_capab'] = req_conn_capab
1275 def test_ap_hs20_req_conn_capab(dev
, apdev
):
1276 """Hotspot 2.0 network selection with req_conn_capab"""
1277 bssid
= apdev
[0]['bssid']
1278 params
= hs20_ap_params()
1279 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1281 dev
[0].hs20_enable()
1282 logger
.info("Not used in home network")
1283 values
= conn_capab_cred(domain
="example.com", req_conn_capab
="6:1234")
1284 id = dev
[0].add_cred_values(values
)
1285 check_conn_capab_selection(dev
[0], "home", False)
1287 logger
.info("Used in roaming network")
1288 dev
[0].remove_cred(id)
1289 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="6:1234")
1290 id = dev
[0].add_cred_values(values
)
1291 check_conn_capab_selection(dev
[0], "roaming", True)
1293 logger
.info("Verify that req_conn_capab does not prevent connection if no other network is available")
1294 check_auto_select(dev
[0], bssid
)
1296 logger
.info("Additional req_conn_capab checks")
1298 dev
[0].remove_cred(id)
1299 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="1:0")
1300 id = dev
[0].add_cred_values(values
)
1301 check_conn_capab_selection(dev
[0], "roaming", True)
1303 dev
[0].remove_cred(id)
1304 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="17:5060")
1305 id = dev
[0].add_cred_values(values
)
1306 check_conn_capab_selection(dev
[0], "roaming", True)
1308 bssid2
= apdev
[1]['bssid']
1309 params
= hs20_ap_params(ssid
="test-hs20b")
1310 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1311 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1313 dev
[0].remove_cred(id)
1314 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="50")
1315 id = dev
[0].add_cred_values(values
)
1316 dev
[0].set_cred(id, "req_conn_capab", "6:22")
1317 dev
[0].request("INTERWORKING_SELECT freq=2412")
1318 for i
in range(0, 2):
1319 ev
= dev
[0].wait_event(["INTERWORKING-AP"])
1321 raise Exception("Network selection timed out");
1322 if bssid
in ev
and "conn_capab_missing=1" not in ev
:
1323 raise Exception("Missing protocol connection capability not reported")
1324 if bssid2
in ev
and "conn_capab_missing=1" in ev
:
1325 raise Exception("Protocol connection capability not reported correctly")
1327 def test_ap_hs20_req_conn_capab_and_roaming_partner_preference(dev
, apdev
):
1328 """Hotspot 2.0 and req_conn_capab with roaming partner preference"""
1329 bssid
= apdev
[0]['bssid']
1330 params
= hs20_ap_params()
1331 params
['domain_name'] = "roaming.example.org"
1332 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1333 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1335 bssid2
= apdev
[1]['bssid']
1336 params
= hs20_ap_params(ssid
="test-hs20-b")
1337 params
['domain_name'] = "roaming.example.net"
1338 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1340 values
= default_cred()
1341 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1342 id = dev
[0].add_cred_values(values
)
1343 check_auto_select(dev
[0], bssid2
)
1345 dev
[0].set_cred(id, "req_conn_capab", "50")
1346 check_auto_select(dev
[0], bssid
)
1348 dev
[0].remove_cred(id)
1349 id = dev
[0].add_cred_values(values
)
1350 dev
[0].set_cred(id, "req_conn_capab", "51")
1351 check_auto_select(dev
[0], bssid2
)
1353 def check_bandwidth_selection(dev
, type, below
):
1354 dev
.request("INTERWORKING_SELECT freq=2412")
1355 ev
= dev
.wait_event(["INTERWORKING-AP"])
1357 raise Exception("Network selection timed out");
1358 if "type=" + type not in ev
:
1359 raise Exception("Unexpected network type")
1360 if below
and "below_min_backhaul=1" not in ev
:
1361 raise Exception("below_min_backhaul not reported")
1362 if not below
and "below_min_backhaul=1" in ev
:
1363 raise Exception("below_min_backhaul reported unexpectedly")
1365 def bw_cred(domain
=None, dl_home
=None, ul_home
=None, dl_roaming
=None, ul_roaming
=None):
1366 cred
= default_cred(domain
=domain
)
1368 cred
['min_dl_bandwidth_home'] = str(dl_home
)
1370 cred
['min_ul_bandwidth_home'] = str(ul_home
)
1372 cred
['min_dl_bandwidth_roaming'] = str(dl_roaming
)
1374 cred
['min_ul_bandwidth_roaming'] = str(ul_roaming
)
1377 def test_ap_hs20_min_bandwidth_home(dev
, apdev
):
1378 """Hotspot 2.0 network selection with min bandwidth (home)"""
1379 bssid
= apdev
[0]['bssid']
1380 params
= hs20_ap_params()
1381 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1383 dev
[0].hs20_enable()
1384 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=58)
1385 id = dev
[0].add_cred_values(values
)
1386 check_bandwidth_selection(dev
[0], "home", False)
1387 dev
[0].remove_cred(id)
1389 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=58)
1390 id = dev
[0].add_cred_values(values
)
1391 check_bandwidth_selection(dev
[0], "home", True)
1392 dev
[0].remove_cred(id)
1394 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=59)
1395 id = dev
[0].add_cred_values(values
)
1396 check_bandwidth_selection(dev
[0], "home", True)
1397 dev
[0].remove_cred(id)
1399 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=59)
1400 id = dev
[0].add_cred_values(values
)
1401 check_bandwidth_selection(dev
[0], "home", True)
1402 check_auto_select(dev
[0], bssid
)
1404 bssid2
= apdev
[1]['bssid']
1405 params
= hs20_ap_params(ssid
="test-hs20-b")
1406 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1407 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1409 check_auto_select(dev
[0], bssid2
)
1411 def test_ap_hs20_min_bandwidth_roaming(dev
, apdev
):
1412 """Hotspot 2.0 network selection with min bandwidth (roaming)"""
1413 bssid
= apdev
[0]['bssid']
1414 params
= hs20_ap_params()
1415 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1417 dev
[0].hs20_enable()
1418 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=58)
1419 id = dev
[0].add_cred_values(values
)
1420 check_bandwidth_selection(dev
[0], "roaming", False)
1421 dev
[0].remove_cred(id)
1423 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=58)
1424 id = dev
[0].add_cred_values(values
)
1425 check_bandwidth_selection(dev
[0], "roaming", True)
1426 dev
[0].remove_cred(id)
1428 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=59)
1429 id = dev
[0].add_cred_values(values
)
1430 check_bandwidth_selection(dev
[0], "roaming", True)
1431 dev
[0].remove_cred(id)
1433 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=59)
1434 id = dev
[0].add_cred_values(values
)
1435 check_bandwidth_selection(dev
[0], "roaming", True)
1436 check_auto_select(dev
[0], bssid
)
1438 bssid2
= apdev
[1]['bssid']
1439 params
= hs20_ap_params(ssid
="test-hs20-b")
1440 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1441 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1443 check_auto_select(dev
[0], bssid2
)
1445 def test_ap_hs20_min_bandwidth_and_roaming_partner_preference(dev
, apdev
):
1446 """Hotspot 2.0 and minimum bandwidth with roaming partner preference"""
1447 bssid
= apdev
[0]['bssid']
1448 params
= hs20_ap_params()
1449 params
['domain_name'] = "roaming.example.org"
1450 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1451 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1453 bssid2
= apdev
[1]['bssid']
1454 params
= hs20_ap_params(ssid
="test-hs20-b")
1455 params
['domain_name'] = "roaming.example.net"
1456 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1458 values
= default_cred()
1459 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1460 id = dev
[0].add_cred_values(values
)
1461 check_auto_select(dev
[0], bssid2
)
1463 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "6000")
1464 check_auto_select(dev
[0], bssid
)
1466 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "10000")
1467 check_auto_select(dev
[0], bssid2
)
1469 def test_ap_hs20_min_bandwidth_no_wan_metrics(dev
, apdev
):
1470 """Hotspot 2.0 network selection with min bandwidth but no WAN Metrics"""
1471 bssid
= apdev
[0]['bssid']
1472 params
= hs20_ap_params()
1473 del params
['hs20_wan_metrics']
1474 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1476 dev
[0].hs20_enable()
1477 values
= bw_cred(domain
="example.com", dl_home
=10000, ul_home
=10000,
1478 dl_roaming
=10000, ul_roaming
=10000)
1479 dev
[0].add_cred_values(values
)
1480 check_bandwidth_selection(dev
[0], "home", False)
1482 def test_ap_hs20_deauth_req_ess(dev
, apdev
):
1483 """Hotspot 2.0 connection and deauthentication request for ESS"""
1484 dev
[0].request("SET pmf 2")
1485 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1486 dev
[0].dump_monitor()
1487 addr
= dev
[0].p2p_interface_addr()
1488 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1489 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 1 120 http://example.com/")
1490 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1492 raise Exception("Timeout on deauth imminent notice")
1493 if "1 120 http://example.com/" not in ev
:
1494 raise Exception("Unexpected deauth imminent notice: " + ev
)
1495 hapd
.request("DEAUTHENTICATE " + addr
)
1496 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1498 raise Exception("Timeout on disconnection")
1499 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1500 raise Exception("Network not marked temporarily disabled")
1501 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1502 "Trying to associate",
1503 "CTRL-EVENT-CONNECTED"], timeout
=5)
1505 raise Exception("Unexpected connection attempt")
1507 def test_ap_hs20_deauth_req_bss(dev
, apdev
):
1508 """Hotspot 2.0 connection and deauthentication request for BSS"""
1509 dev
[0].request("SET pmf 2")
1510 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1511 dev
[0].dump_monitor()
1512 addr
= dev
[0].p2p_interface_addr()
1513 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1514 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 0 120 http://example.com/")
1515 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1517 raise Exception("Timeout on deauth imminent notice")
1518 if "0 120 http://example.com/" not in ev
:
1519 raise Exception("Unexpected deauth imminent notice: " + ev
)
1520 hapd
.request("DEAUTHENTICATE " + addr
+ " reason=4")
1521 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1523 raise Exception("Timeout on disconnection")
1524 if "reason=4" not in ev
:
1525 raise Exception("Unexpected disconnection reason")
1526 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1527 raise Exception("Network not marked temporarily disabled")
1528 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1529 "Trying to associate",
1530 "CTRL-EVENT-CONNECTED"], timeout
=5)
1532 raise Exception("Unexpected connection attempt")
1534 def test_ap_hs20_deauth_req_from_radius(dev
, apdev
):
1535 """Hotspot 2.0 connection and deauthentication request from RADIUS"""
1536 bssid
= apdev
[0]['bssid']
1537 params
= hs20_ap_params()
1538 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1539 params
['hs20_deauth_req_timeout'] = "2"
1540 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1542 dev
[0].request("SET pmf 2")
1543 dev
[0].hs20_enable()
1544 dev
[0].add_cred_values({ 'realm': "example.com",
1545 'username': "hs20-deauth-test",
1546 'password': "password" })
1547 interworking_select(dev
[0], bssid
, freq
="2412")
1548 interworking_connect(dev
[0], bssid
, "TTLS")
1549 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"], timeout
=5)
1551 raise Exception("Timeout on deauth imminent notice")
1552 if " 1 100" not in ev
:
1553 raise Exception("Unexpected deauth imminent contents")
1554 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=3)
1556 raise Exception("Timeout on disconnection")
1558 def test_ap_hs20_remediation_required(dev
, apdev
):
1559 """Hotspot 2.0 connection and remediation required from RADIUS"""
1560 bssid
= apdev
[0]['bssid']
1561 params
= hs20_ap_params()
1562 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1563 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1565 dev
[0].request("SET pmf 1")
1566 dev
[0].hs20_enable()
1567 dev
[0].add_cred_values({ 'realm': "example.com",
1568 'username': "hs20-subrem-test",
1569 'password': "password" })
1570 interworking_select(dev
[0], bssid
, freq
="2412")
1571 interworking_connect(dev
[0], bssid
, "TTLS")
1572 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1574 raise Exception("Timeout on subscription remediation notice")
1575 if " 1 https://example.com/" not in ev
:
1576 raise Exception("Unexpected subscription remediation event contents")
1578 def test_ap_hs20_remediation_required_ctrl(dev
, apdev
):
1579 """Hotspot 2.0 connection and subrem from ctrl_iface"""
1580 bssid
= apdev
[0]['bssid']
1581 addr
= dev
[0].p2p_dev_addr()
1582 params
= hs20_ap_params()
1583 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1584 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
1586 dev
[0].request("SET pmf 1")
1587 dev
[0].hs20_enable()
1588 dev
[0].add_cred_values(default_cred())
1589 interworking_select(dev
[0], bssid
, freq
="2412")
1590 interworking_connect(dev
[0], bssid
, "TTLS")
1592 hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://example.com/")
1593 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1595 raise Exception("Timeout on subscription remediation notice")
1596 if " 1 https://example.com/" not in ev
:
1597 raise Exception("Unexpected subscription remediation event contents")
1599 hapd
.request("HS20_WNM_NOTIF " + addr
)
1600 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1602 raise Exception("Timeout on subscription remediation notice")
1603 if not ev
.endswith("HS20-SUBSCRIPTION-REMEDIATION "):
1604 raise Exception("Unexpected subscription remediation event contents: " + ev
)
1606 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF "):
1607 raise Exception("Unexpected HS20_WNM_NOTIF success")
1608 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF foo"):
1609 raise Exception("Unexpected HS20_WNM_NOTIF success")
1610 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://12345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678927.very.long.example.com/"):
1611 raise Exception("Unexpected HS20_WNM_NOTIF success")
1613 def test_ap_hs20_session_info(dev
, apdev
):
1614 """Hotspot 2.0 connection and session information from RADIUS"""
1615 bssid
= apdev
[0]['bssid']
1616 params
= hs20_ap_params()
1617 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1618 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1620 dev
[0].request("SET pmf 1")
1621 dev
[0].hs20_enable()
1622 dev
[0].add_cred_values({ 'realm': "example.com",
1623 'username': "hs20-session-info-test",
1624 'password': "password" })
1625 interworking_select(dev
[0], bssid
, freq
="2412")
1626 interworking_connect(dev
[0], bssid
, "TTLS")
1627 ev
= dev
[0].wait_event(["ESS-DISASSOC-IMMINENT"], timeout
=10)
1629 raise Exception("Timeout on ESS disassociation imminent notice")
1630 if " 1 59904 https://example.com/" not in ev
:
1631 raise Exception("Unexpected ESS disassociation imminent event contents")
1632 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-STARTED"])
1634 raise Exception("Scan not started")
1635 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
1637 raise Exception("Scan not completed")
1639 def test_ap_hs20_osen(dev
, apdev
):
1640 """Hotspot 2.0 OSEN connection"""
1641 params
= { 'ssid': "osen",
1643 'auth_server_addr': "127.0.0.1",
1644 'auth_server_port': "1812",
1645 'auth_server_shared_secret': "radius" }
1646 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1648 dev
[1].connect("osen", key_mgmt
="NONE", scan_freq
="2412",
1650 dev
[2].connect("osen", key_mgmt
="NONE", wep_key0
='"hello"',
1651 scan_freq
="2412", wait_connect
=False)
1652 dev
[0].connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1653 group
="GTK_NOT_USED",
1654 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1655 ca_cert
="auth_serv/ca.pem",
1658 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
1659 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
1660 wpas
.connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1661 group
="GTK_NOT_USED",
1662 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1663 ca_cert
="auth_serv/ca.pem",
1665 wpas
.request("DISCONNECT")
1667 def test_ap_hs20_network_preference(dev
, apdev
):
1668 """Hotspot 2.0 network selection with preferred home network"""
1669 bssid
= apdev
[0]['bssid']
1670 params
= hs20_ap_params()
1671 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1673 dev
[0].hs20_enable()
1674 values
= { 'realm': "example.com",
1675 'username': "hs20-test",
1676 'password': "password",
1677 'domain': "example.com" }
1678 dev
[0].add_cred_values(values
)
1680 id = dev
[0].add_network()
1681 dev
[0].set_network_quoted(id, "ssid", "home")
1682 dev
[0].set_network_quoted(id, "psk", "12345678")
1683 dev
[0].set_network(id, "priority", "1")
1684 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1686 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1687 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1689 raise Exception("Connection timed out")
1691 raise Exception("Unexpected network selected")
1693 bssid2
= apdev
[1]['bssid']
1694 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1695 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1697 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1698 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1699 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1701 raise Exception("Connection timed out")
1702 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1703 raise Exception("No roam to higher priority network")
1704 if bssid2
not in ev
:
1705 raise Exception("Unexpected network selected")
1707 def test_ap_hs20_network_preference2(dev
, apdev
):
1708 """Hotspot 2.0 network selection with preferred credential"""
1709 bssid2
= apdev
[1]['bssid']
1710 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1711 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1713 dev
[0].hs20_enable()
1714 values
= { 'realm': "example.com",
1715 'username': "hs20-test",
1716 'password': "password",
1717 'domain': "example.com",
1719 dev
[0].add_cred_values(values
)
1721 id = dev
[0].add_network()
1722 dev
[0].set_network_quoted(id, "ssid", "home")
1723 dev
[0].set_network_quoted(id, "psk", "12345678")
1724 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1726 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1727 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1729 raise Exception("Connection timed out")
1730 if bssid2
not in ev
:
1731 raise Exception("Unexpected network selected")
1733 bssid
= apdev
[0]['bssid']
1734 params
= hs20_ap_params()
1735 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1737 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1738 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1739 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1741 raise Exception("Connection timed out")
1742 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1743 raise Exception("No roam to higher priority network")
1745 raise Exception("Unexpected network selected")
1747 def test_ap_hs20_network_preference3(dev
, apdev
):
1748 """Hotspot 2.0 network selection with two credential (one preferred)"""
1749 bssid
= apdev
[0]['bssid']
1750 params
= hs20_ap_params()
1751 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1753 bssid2
= apdev
[1]['bssid']
1754 params
= hs20_ap_params(ssid
="test-hs20b")
1755 params
['nai_realm'] = "0,example.org,13[5:6],21[2:4][5:7]"
1756 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1758 dev
[0].hs20_enable()
1759 values
= { 'realm': "example.com",
1760 'username': "hs20-test",
1761 'password': "password",
1763 dev
[0].add_cred_values(values
)
1764 values
= { 'realm': "example.org",
1765 'username': "hs20-test",
1766 'password': "password" }
1767 id = dev
[0].add_cred_values(values
)
1769 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1770 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1772 raise Exception("Connection timed out")
1774 raise Exception("Unexpected network selected")
1776 dev
[0].set_cred(id, "priority", "2")
1777 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1778 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1779 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1781 raise Exception("Connection timed out")
1782 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1783 raise Exception("No roam to higher priority network")
1784 if bssid2
not in ev
:
1785 raise Exception("Unexpected network selected")
1787 def test_ap_hs20_network_preference4(dev
, apdev
):
1788 """Hotspot 2.0 network selection with username vs. SIM credential"""
1789 bssid
= apdev
[0]['bssid']
1790 params
= hs20_ap_params()
1791 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1793 bssid2
= apdev
[1]['bssid']
1794 params
= hs20_ap_params(ssid
="test-hs20b")
1795 params
['hessid'] = bssid2
1796 params
['anqp_3gpp_cell_net'] = "555,444"
1797 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
1798 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1800 dev
[0].hs20_enable()
1801 values
= { 'realm': "example.com",
1802 'username': "hs20-test",
1803 'password': "password",
1805 dev
[0].add_cred_values(values
)
1806 values
= { 'imsi': "555444-333222111",
1808 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123" }
1809 id = dev
[0].add_cred_values(values
)
1811 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1812 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1814 raise Exception("Connection timed out")
1816 raise Exception("Unexpected network selected")
1818 dev
[0].set_cred(id, "priority", "2")
1819 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1820 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1821 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1823 raise Exception("Connection timed out")
1824 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1825 raise Exception("No roam to higher priority network")
1826 if bssid2
not in ev
:
1827 raise Exception("Unexpected network selected")
1829 def test_ap_hs20_fetch_osu(dev
, apdev
):
1830 """Hotspot 2.0 OSU provider and icon fetch"""
1831 bssid
= apdev
[0]['bssid']
1832 params
= hs20_ap_params()
1833 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
1834 params
['osu_ssid'] = '"HS 2.0 OSU open"'
1835 params
['osu_method_list'] = "1"
1836 params
['osu_friendly_name'] = [ "eng:Test OSU", "fin:Testi-OSU" ]
1837 params
['osu_icon'] = "w1fi_logo"
1838 params
['osu_service_desc'] = [ "eng:Example services", "fin:Esimerkkipalveluja" ]
1839 params
['osu_server_uri'] = "https://example.com/osu/"
1840 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1842 bssid2
= apdev
[1]['bssid']
1843 params
= hs20_ap_params(ssid
="test-hs20b")
1844 params
['hessid'] = bssid2
1845 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
1846 params
['osu_ssid'] = '"HS 2.0 OSU OSEN"'
1847 params
['osu_method_list'] = "0"
1848 params
['osu_nai'] = "osen@example.com"
1849 params
['osu_friendly_name'] = [ "eng:Test2 OSU", "fin:Testi2-OSU" ]
1850 params
['osu_icon'] = "w1fi_logo"
1851 params
['osu_service_desc'] = [ "eng:Example services2", "fin:Esimerkkipalveluja2" ]
1852 params
['osu_server_uri'] = "https://example.org/osu/"
1853 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1855 with
open("w1fi_logo.png", "r") as f
:
1856 orig_logo
= f
.read()
1857 dev
[0].hs20_enable()
1858 dir = "/tmp/osu-fetch"
1859 if os
.path
.isdir(dir):
1860 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
1862 os
.remove(dir + "/" + f
)
1869 dev
[1].scan(freq
="2412")
1870 dev
[0].request("SET osu_dir " + dir)
1871 dev
[0].request("FETCH_OSU")
1872 if "OK" not in dev
[1].request("HS20_ICON_REQUEST " + bssid
+ " w1fi_logo"):
1873 raise Exception("HS20_ICON_REQUEST failed")
1876 ev
= dev
[0].wait_event(["OSU provider fetch completed",
1877 "RX-HS20-ANQP-ICON"], timeout
=15)
1879 raise Exception("Timeout on OSU fetch")
1880 if "OSU provider fetch completed" in ev
:
1882 if "RX-HS20-ANQP-ICON" in ev
:
1883 with
open(ev
.split(' ')[1], "r") as f
:
1885 if logo
== orig_logo
:
1888 with
open(dir + "/osu-providers.txt", "r") as f
:
1890 if "OSU-PROVIDER " + bssid
not in prov
:
1891 raise Exception("Missing OSU_PROVIDER")
1892 if "OSU-PROVIDER " + bssid2
not in prov
:
1893 raise Exception("Missing OSU_PROVIDER")
1895 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
1897 os
.remove(dir + "/" + f
)
1901 raise Exception("Unexpected number of icons fetched")
1903 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=5)
1905 raise Exception("Timeout on GAS-QUERY-DONE")
1906 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=5)
1908 raise Exception("Timeout on GAS-QUERY-DONE")
1909 if "freq=2412 status_code=0 result=SUCCESS" not in ev
:
1910 raise Exception("Unexpected GAS-QUERY-DONE: " + ev
)
1911 ev
= dev
[1].wait_event(["RX-HS20-ANQP"], timeout
=15)
1913 raise Exception("Timeout on icon fetch")
1914 if "Icon Binary File" not in ev
:
1915 raise Exception("Unexpected ANQP element")