]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_hs20.py
2 # Copyright (c) 2013-2015, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
12 logger
= logging
.getLogger()
19 from utils
import HwsimSkip
21 from wlantest
import Wlantest
22 from wpasupplicant
import WpaSupplicant
23 from test_ap_eap
import check_eap_capa
25 def hs20_ap_params(ssid
="test-hs20"):
26 params
= hostapd
.wpa2_params(ssid
=ssid
)
27 params
['wpa_key_mgmt'] = "WPA-EAP"
28 params
['ieee80211w'] = "1"
29 params
['ieee8021x'] = "1"
30 params
['auth_server_addr'] = "127.0.0.1"
31 params
['auth_server_port'] = "1812"
32 params
['auth_server_shared_secret'] = "radius"
33 params
['interworking'] = "1"
34 params
['access_network_type'] = "14"
35 params
['internet'] = "1"
39 params
['venue_group'] = "7"
40 params
['venue_type'] = "1"
41 params
['venue_name'] = [ "eng:Example venue", "fin:Esimerkkipaikka" ]
42 params
['roaming_consortium'] = [ "112233", "1020304050", "010203040506",
44 params
['domain_name'] = "example.com,another.example.com"
45 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
46 "0,another.example.com" ]
48 params
['hs20_wan_metrics'] = "01:8000:1000:80:240:3000"
49 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0" ]
50 params
['hs20_operating_class'] = "5173"
51 params
['anqp_3gpp_cell_net'] = "244,91"
54 def check_auto_select(dev
, bssid
):
55 dev
.scan_for_bss(bssid
, freq
="2412")
56 dev
.request("INTERWORKING_SELECT auto freq=2412")
57 ev
= dev
.wait_connected(timeout
=15)
59 raise Exception("Connected to incorrect network")
60 dev
.request("REMOVE_NETWORK all")
62 def interworking_select(dev
, bssid
, type=None, no_match
=False, freq
=None):
64 if bssid
and freq
and not no_match
:
65 dev
.scan_for_bss(bssid
, freq
=freq
)
66 freq_extra
= " freq=" + freq
if freq
else ""
67 dev
.request("INTERWORKING_SELECT" + freq_extra
)
68 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
71 raise Exception("Network selection timed out");
73 if "INTERWORKING-NO-MATCH" not in ev
:
74 raise Exception("Unexpected network match")
76 if "INTERWORKING-NO-MATCH" in ev
:
77 logger
.info("Matching network not found - try again")
79 dev
.request("INTERWORKING_SELECT" + freq_extra
)
80 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
83 raise Exception("Network selection timed out");
84 if "INTERWORKING-NO-MATCH" in ev
:
85 raise Exception("Matching network not found")
86 if bssid
and bssid
not in ev
:
87 raise Exception("Unexpected BSSID in match")
88 if type and "type=" + type not in ev
:
89 raise Exception("Network type not recognized correctly")
91 def check_sp_type(dev
, sp_type
):
92 type = dev
.get_status_field("sp_type")
94 raise Exception("sp_type not available")
96 raise Exception("sp_type did not indicate home network")
98 def hlr_auc_gw_available():
99 if not os
.path
.exists("/tmp/hlr_auc_gw.sock"):
100 raise HwsimSkip("No hlr_auc_gw socket available")
101 if not os
.path
.exists("../../hostapd/hlr_auc_gw"):
102 raise HwsimSkip("No hlr_auc_gw available")
104 def interworking_ext_sim_connect(dev
, bssid
, method
):
105 dev
.request("INTERWORKING_CONNECT " + bssid
)
106 interworking_ext_sim_auth(dev
, method
)
108 def interworking_ext_sim_auth(dev
, method
):
109 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
111 raise Exception("Network connected timed out")
112 if "(" + method
+ ")" not in ev
:
113 raise Exception("Unexpected EAP method selection")
115 ev
= dev
.wait_event(["CTRL-REQ-SIM"], timeout
=15)
117 raise Exception("Wait for external SIM processing request timed out")
119 if p
[1] != "GSM-AUTH":
120 raise Exception("Unexpected CTRL-REQ-SIM type")
121 id = p
[0].split('-')[3]
122 rand
= p
[2].split(' ')[0]
124 res
= subprocess
.check_output(["../../hostapd/hlr_auc_gw",
126 "auth_serv/hlr_auc_gw.milenage_db",
127 "GSM-AUTH-REQ 232010000000000 " + rand
])
128 if "GSM-AUTH-RESP" not in res
:
129 raise Exception("Unexpected hlr_auc_gw response")
130 resp
= res
.split(' ')[2].rstrip()
132 dev
.request("CTRL-RSP-SIM-" + id + ":GSM-AUTH:" + resp
)
133 dev
.wait_connected(timeout
=15)
135 def interworking_connect(dev
, bssid
, method
):
136 dev
.request("INTERWORKING_CONNECT " + bssid
)
137 interworking_auth(dev
, method
)
139 def interworking_auth(dev
, method
):
140 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
142 raise Exception("Network connected timed out")
143 if "(" + method
+ ")" not in ev
:
144 raise Exception("Unexpected EAP method selection")
146 dev
.wait_connected(timeout
=15)
148 def check_probe_resp(wt
, bssid_unexpected
, bssid_expected
):
150 count
= wt
.get_bss_counter("probe_response", bssid_unexpected
)
152 raise Exception("Unexpected Probe Response frame from AP")
155 count
= wt
.get_bss_counter("probe_response", bssid_expected
)
157 raise Exception("No Probe Response frame from AP")
159 def test_ap_anqp_sharing(dev
, apdev
):
160 """ANQP sharing within ESS and explicit unshare"""
161 bssid
= apdev
[0]['bssid']
162 params
= hs20_ap_params()
163 params
['hessid'] = bssid
164 hostapd
.add_ap(apdev
[0]['ifname'], params
)
166 bssid2
= apdev
[1]['bssid']
167 params
= hs20_ap_params()
168 params
['hessid'] = bssid
169 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ]
170 hostapd
.add_ap(apdev
[1]['ifname'], params
)
173 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
174 'password': "secret",
175 'domain': "example.com" })
176 logger
.info("Normal network selection with shared ANQP results")
177 dev
[0].scan_for_bss(bssid
, freq
="2412")
178 dev
[0].scan_for_bss(bssid2
, freq
="2412")
179 interworking_select(dev
[0], None, "home", freq
="2412")
180 dev
[0].dump_monitor()
182 res1
= dev
[0].get_bss(bssid
)
183 res2
= dev
[0].get_bss(bssid2
)
184 if res1
['anqp_nai_realm'] != res2
['anqp_nai_realm']:
185 raise Exception("ANQP results were not shared between BSSes")
187 logger
.info("Explicit ANQP request to unshare ANQP results")
188 dev
[0].request("ANQP_GET " + bssid
+ " 263")
189 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
191 raise Exception("ANQP operation timed out")
193 dev
[0].request("ANQP_GET " + bssid2
+ " 263")
194 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
196 raise Exception("ANQP operation timed out")
198 res1
= dev
[0].get_bss(bssid
)
199 res2
= dev
[0].get_bss(bssid2
)
200 if res1
['anqp_nai_realm'] == res2
['anqp_nai_realm']:
201 raise Exception("ANQP results were not unshared")
203 def test_ap_nai_home_realm_query(dev
, apdev
):
204 """NAI Home Realm Query"""
205 bssid
= apdev
[0]['bssid']
206 params
= hs20_ap_params()
207 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
208 "0,another.example.org" ]
209 hostapd
.add_ap(apdev
[0]['ifname'], params
)
211 dev
[0].scan(freq
="2412")
212 dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
+ " realm=example.com")
213 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
215 raise Exception("ANQP operation timed out")
216 nai1
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
217 dev
[0].dump_monitor()
219 dev
[0].request("ANQP_GET " + bssid
+ " 263")
220 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
222 raise Exception("ANQP operation timed out")
223 nai2
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
225 if len(nai1
) >= len(nai2
):
226 raise Exception("Unexpected NAI Realm list response lengths")
227 if "example.com".encode('hex') not in nai1
:
228 raise Exception("Home realm not reported")
229 if "example.org".encode('hex') in nai1
:
230 raise Exception("Non-home realm reported")
231 if "example.com".encode('hex') not in nai2
:
232 raise Exception("Home realm not reported in wildcard query")
233 if "example.org".encode('hex') not in nai2
:
234 raise Exception("Non-home realm not reported in wildcard query ")
237 "00:11:22:33:44:55 123",
238 "00:11:22:33:44:55 qq" ]
240 if "FAIL" not in dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + cmd
):
241 raise Exception("Invalid HS20_GET_NAI_HOME_REALM_LIST accepted: " + cmd
)
243 dev
[0].dump_monitor()
244 if "OK" not in dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
):
245 raise Exception("HS20_GET_NAI_HOME_REALM_LIST failed")
246 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
248 raise Exception("ANQP operation timed out")
249 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=0.1)
251 raise Exception("Unexpected ANQP response: " + ev
)
253 dev
[0].dump_monitor()
254 if "OK" not in dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
+ " 01000b6578616d706c652e636f6d"):
255 raise Exception("HS20_GET_NAI_HOME_REALM_LIST failed")
256 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=10)
258 raise Exception("No ANQP response")
259 if "NAI Realm list" not in ev
:
260 raise Exception("Missing NAI Realm list: " + ev
)
262 dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
263 'password': "secret",
264 'domain': "example.com" })
265 dev
[0].dump_monitor()
266 if "OK" not in dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
):
267 raise Exception("HS20_GET_NAI_HOME_REALM_LIST failed")
268 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=10)
270 raise Exception("No ANQP response")
271 if "NAI Realm list" not in ev
:
272 raise Exception("Missing NAI Realm list: " + ev
)
274 def test_ap_interworking_scan_filtering(dev
, apdev
):
275 """Interworking scan filtering with HESSID and access network type"""
277 _test_ap_interworking_scan_filtering(dev
, apdev
)
279 dev
[0].request("SET hessid 00:00:00:00:00:00")
280 dev
[0].request("SET access_network_type 15")
282 def _test_ap_interworking_scan_filtering(dev
, apdev
):
283 bssid
= apdev
[0]['bssid']
284 params
= hs20_ap_params()
285 ssid
= "test-hs20-ap1"
286 params
['ssid'] = ssid
287 params
['hessid'] = bssid
288 hostapd
.add_ap(apdev
[0]['ifname'], params
)
290 bssid2
= apdev
[1]['bssid']
291 params
= hs20_ap_params()
292 ssid2
= "test-hs20-ap2"
293 params
['ssid'] = ssid2
294 params
['hessid'] = bssid2
295 params
['access_network_type'] = "1"
296 del params
['venue_group']
297 del params
['venue_type']
298 hostapd
.add_ap(apdev
[1]['ifname'], params
)
305 logger
.info("Check probe request filtering based on HESSID")
307 dev
[0].request("SET hessid " + bssid2
)
308 dev
[0].scan(freq
="2412")
310 check_probe_resp(wt
, bssid
, bssid2
)
312 logger
.info("Check probe request filtering based on access network type")
314 wt
.clear_bss_counters(bssid
)
315 wt
.clear_bss_counters(bssid2
)
316 dev
[0].request("SET hessid 00:00:00:00:00:00")
317 dev
[0].request("SET access_network_type 14")
318 dev
[0].scan(freq
="2412")
320 check_probe_resp(wt
, bssid2
, bssid
)
322 wt
.clear_bss_counters(bssid
)
323 wt
.clear_bss_counters(bssid2
)
324 dev
[0].request("SET hessid 00:00:00:00:00:00")
325 dev
[0].request("SET access_network_type 1")
326 dev
[0].scan(freq
="2412")
328 check_probe_resp(wt
, bssid
, bssid2
)
330 logger
.info("Check probe request filtering based on HESSID and ANT")
332 wt
.clear_bss_counters(bssid
)
333 wt
.clear_bss_counters(bssid2
)
334 dev
[0].request("SET hessid " + bssid
)
335 dev
[0].request("SET access_network_type 14")
336 dev
[0].scan(freq
="2412")
338 check_probe_resp(wt
, bssid2
, bssid
)
340 wt
.clear_bss_counters(bssid
)
341 wt
.clear_bss_counters(bssid2
)
342 dev
[0].request("SET hessid " + bssid2
)
343 dev
[0].request("SET access_network_type 14")
344 dev
[0].scan(freq
="2412")
346 check_probe_resp(wt
, bssid
, None)
347 check_probe_resp(wt
, bssid2
, None)
349 wt
.clear_bss_counters(bssid
)
350 wt
.clear_bss_counters(bssid2
)
351 dev
[0].request("SET hessid " + bssid
)
352 dev
[0].request("SET access_network_type 1")
353 dev
[0].scan(freq
="2412")
355 check_probe_resp(wt
, bssid
, None)
356 check_probe_resp(wt
, bssid2
, None)
358 def test_ap_hs20_select(dev
, apdev
):
359 """Hotspot 2.0 network selection"""
360 bssid
= apdev
[0]['bssid']
361 params
= hs20_ap_params()
362 params
['hessid'] = bssid
363 hostapd
.add_ap(apdev
[0]['ifname'], params
)
366 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
367 'password': "secret",
368 'domain': "example.com" })
369 interworking_select(dev
[0], bssid
, "home")
371 dev
[0].remove_cred(id)
372 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
373 'password': "secret",
374 'domain': "no.match.example.com" })
375 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
377 dev
[0].set_cred_quoted(id, "realm", "no.match.example.com");
378 interworking_select(dev
[0], bssid
, no_match
=True, freq
="2412")
380 res
= dev
[0].request("SCAN_RESULTS")
381 if "[HS20]" not in res
:
382 raise Exception("HS20 flag missing from scan results: " + res
)
384 bssid2
= apdev
[1]['bssid']
385 params
= hs20_ap_params()
386 params
['nai_realm'] = [ "0,example.org,21" ]
387 params
['hessid'] = bssid2
388 params
['domain_name'] = "example.org"
389 hostapd
.add_ap(apdev
[1]['ifname'], params
)
390 dev
[0].remove_cred(id)
391 id = dev
[0].add_cred_values({ 'realm': "example.org", 'username': "test",
392 'password': "secret",
393 'domain': "example.org" })
394 interworking_select(dev
[0], bssid2
, "home", freq
="2412")
396 def hs20_simulated_sim(dev
, ap
, method
):
398 params
= hs20_ap_params()
399 params
['hessid'] = bssid
400 params
['anqp_3gpp_cell_net'] = "555,444"
401 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
402 hostapd
.add_ap(ap
['ifname'], params
)
405 dev
.add_cred_values({ 'imsi': "555444-333222111", 'eap': method
,
406 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
407 interworking_select(dev
, "home", freq
="2412")
408 interworking_connect(dev
, bssid
, method
)
409 check_sp_type(dev
, "home")
411 def test_ap_hs20_sim(dev
, apdev
):
412 """Hotspot 2.0 with simulated SIM and EAP-SIM"""
413 hlr_auc_gw_available()
414 hs20_simulated_sim(dev
[0], apdev
[0], "SIM")
415 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
416 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
418 raise Exception("Timeout on already-connected event")
420 def test_ap_hs20_aka(dev
, apdev
):
421 """Hotspot 2.0 with simulated USIM and EAP-AKA"""
422 hlr_auc_gw_available()
423 hs20_simulated_sim(dev
[0], apdev
[0], "AKA")
425 def test_ap_hs20_aka_prime(dev
, apdev
):
426 """Hotspot 2.0 with simulated USIM and EAP-AKA'"""
427 hlr_auc_gw_available()
428 hs20_simulated_sim(dev
[0], apdev
[0], "AKA'")
430 def test_ap_hs20_ext_sim(dev
, apdev
):
431 """Hotspot 2.0 with external SIM processing"""
432 hlr_auc_gw_available()
433 bssid
= apdev
[0]['bssid']
434 params
= hs20_ap_params()
435 params
['hessid'] = bssid
436 params
['anqp_3gpp_cell_net'] = "232,01"
437 params
['domain_name'] = "wlan.mnc001.mcc232.3gppnetwork.org"
438 hostapd
.add_ap(apdev
[0]['ifname'], params
)
442 dev
[0].request("SET external_sim 1")
443 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
444 interworking_select(dev
[0], "home", freq
="2412")
445 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
446 check_sp_type(dev
[0], "home")
448 dev
[0].request("SET external_sim 0")
450 def test_ap_hs20_ext_sim_roaming(dev
, apdev
):
451 """Hotspot 2.0 with external SIM processing in roaming network"""
452 hlr_auc_gw_available()
453 bssid
= apdev
[0]['bssid']
454 params
= hs20_ap_params()
455 params
['hessid'] = bssid
456 params
['anqp_3gpp_cell_net'] = "244,91;310,026;232,01;234,56"
457 params
['domain_name'] = "wlan.mnc091.mcc244.3gppnetwork.org"
458 hostapd
.add_ap(apdev
[0]['ifname'], params
)
462 dev
[0].request("SET external_sim 1")
463 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
464 interworking_select(dev
[0], "roaming", freq
="2412")
465 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
466 check_sp_type(dev
[0], "roaming")
468 dev
[0].request("SET external_sim 0")
470 def test_ap_hs20_username(dev
, apdev
):
471 """Hotspot 2.0 connection in username/password credential"""
472 bssid
= apdev
[0]['bssid']
473 params
= hs20_ap_params()
474 params
['hessid'] = bssid
475 params
['disable_dgaf'] = '1'
476 hostapd
.add_ap(apdev
[0]['ifname'], params
)
479 id = dev
[0].add_cred_values({ 'realm': "example.com",
480 'username': "hs20-test",
481 'password': "password",
482 'ca_cert': "auth_serv/ca.pem",
483 'domain': "example.com",
484 'update_identifier': "1234" })
485 interworking_select(dev
[0], bssid
, "home", freq
="2412")
486 interworking_connect(dev
[0], bssid
, "TTLS")
487 check_sp_type(dev
[0], "home")
488 status
= dev
[0].get_status()
489 if status
['pairwise_cipher'] != "CCMP":
490 raise Exception("Unexpected pairwise cipher")
491 if status
['hs20'] != "2":
492 raise Exception("Unexpected HS 2.0 support indication")
494 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
495 identity
="hs20-test", password
="password",
496 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
499 def test_ap_hs20_connect_api(dev
, apdev
):
500 """Hotspot 2.0 connection with connect API"""
501 bssid
= apdev
[0]['bssid']
502 params
= hs20_ap_params()
503 params
['hessid'] = bssid
504 params
['disable_dgaf'] = '1'
505 hostapd
.add_ap(apdev
[0]['ifname'], params
)
507 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
508 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
510 wpas
.flush_scan_cache()
511 id = wpas
.add_cred_values({ 'realm': "example.com",
512 'username': "hs20-test",
513 'password': "password",
514 'ca_cert': "auth_serv/ca.pem",
515 'domain': "example.com",
516 'update_identifier': "1234" })
517 interworking_select(wpas
, bssid
, "home", freq
="2412")
518 interworking_connect(wpas
, bssid
, "TTLS")
519 check_sp_type(wpas
, "home")
520 status
= wpas
.get_status()
521 if status
['pairwise_cipher'] != "CCMP":
522 raise Exception("Unexpected pairwise cipher")
523 if status
['hs20'] != "2":
524 raise Exception("Unexpected HS 2.0 support indication")
526 def test_ap_hs20_auto_interworking(dev
, apdev
):
527 """Hotspot 2.0 connection with auto_interworking=1"""
528 bssid
= apdev
[0]['bssid']
529 params
= hs20_ap_params()
530 params
['hessid'] = bssid
531 params
['disable_dgaf'] = '1'
532 hostapd
.add_ap(apdev
[0]['ifname'], params
)
534 dev
[0].hs20_enable(auto_interworking
=True)
535 id = dev
[0].add_cred_values({ 'realm': "example.com",
536 'username': "hs20-test",
537 'password': "password",
538 'ca_cert': "auth_serv/ca.pem",
539 'domain': "example.com",
540 'update_identifier': "1234" })
541 dev
[0].request("REASSOCIATE")
542 dev
[0].wait_connected(timeout
=15)
543 check_sp_type(dev
[0], "home")
544 status
= dev
[0].get_status()
545 if status
['pairwise_cipher'] != "CCMP":
546 raise Exception("Unexpected pairwise cipher")
547 if status
['hs20'] != "2":
548 raise Exception("Unexpected HS 2.0 support indication")
550 def test_ap_hs20_auto_interworking_no_cred_match(dev
, apdev
):
551 """Hotspot 2.0 connection with auto_interworking=1 but no cred match"""
552 bssid
= apdev
[0]['bssid']
553 params
= { "ssid": "test" }
554 hostapd
.add_ap(apdev
[0]['ifname'], params
)
556 dev
[0].hs20_enable(auto_interworking
=True)
557 dev
[0].add_cred_values({ 'realm': "example.com",
558 'username': "hs20-test",
559 'password': "password",
560 'ca_cert': "auth_serv/ca.pem",
561 'domain': "example.com" })
563 id = dev
[0].connect("test", psk
="12345678", only_add_network
=True)
564 dev
[0].request("ENABLE_NETWORK %s" % id)
565 logger
.info("Verify that scanning continues when there is partial network block match")
566 for i
in range(0, 2):
567 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 10)
569 raise Exception("Scan timed out")
570 logger
.info("Scan completed")
572 def eap_test(dev
, ap
, eap_params
, method
, user
):
574 params
= hs20_ap_params()
575 params
['nai_realm'] = [ "0,example.com," + eap_params
]
576 hostapd
.add_ap(ap
['ifname'], params
)
579 dev
.add_cred_values({ 'realm': "example.com",
580 'ca_cert': "auth_serv/ca.pem",
582 'password': "password" })
583 interworking_select(dev
, bssid
, freq
="2412")
584 interworking_connect(dev
, bssid
, method
)
586 def test_ap_hs20_eap_unknown(dev
, apdev
):
587 """Hotspot 2.0 connection with unknown EAP method"""
588 bssid
= apdev
[0]['bssid']
589 params
= hs20_ap_params()
590 params
['nai_realm'] = "0,example.com,99"
591 hostapd
.add_ap(apdev
[0]['ifname'], params
)
594 dev
[0].add_cred_values(default_cred())
595 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
597 def test_ap_hs20_eap_peap_mschapv2(dev
, apdev
):
598 """Hotspot 2.0 connection with PEAP/MSCHAPV2"""
599 eap_test(dev
[0], apdev
[0], "25[3:26]", "PEAP", "user")
601 def test_ap_hs20_eap_peap_default(dev
, apdev
):
602 """Hotspot 2.0 connection with PEAP/MSCHAPV2 (as default)"""
603 eap_test(dev
[0], apdev
[0], "25", "PEAP", "user")
605 def test_ap_hs20_eap_peap_gtc(dev
, apdev
):
606 """Hotspot 2.0 connection with PEAP/GTC"""
607 eap_test(dev
[0], apdev
[0], "25[3:6]", "PEAP", "user")
609 def test_ap_hs20_eap_peap_unknown(dev
, apdev
):
610 """Hotspot 2.0 connection with PEAP/unknown"""
611 bssid
= apdev
[0]['bssid']
612 params
= hs20_ap_params()
613 params
['nai_realm'] = "0,example.com,25[3:99]"
614 hostapd
.add_ap(apdev
[0]['ifname'], params
)
617 dev
[0].add_cred_values(default_cred())
618 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
620 def test_ap_hs20_eap_ttls_chap(dev
, apdev
):
621 """Hotspot 2.0 connection with TTLS/CHAP"""
622 eap_test(dev
[0], apdev
[0], "21[2:2]", "TTLS", "chap user")
624 def test_ap_hs20_eap_ttls_mschap(dev
, apdev
):
625 """Hotspot 2.0 connection with TTLS/MSCHAP"""
626 eap_test(dev
[0], apdev
[0], "21[2:3]", "TTLS", "mschap user")
628 def test_ap_hs20_eap_ttls_eap_mschapv2(dev
, apdev
):
629 """Hotspot 2.0 connection with TTLS/EAP-MSCHAPv2"""
630 eap_test(dev
[0], apdev
[0], "21[3:26][6:7][99:99]", "TTLS", "user")
632 def test_ap_hs20_eap_ttls_eap_unknown(dev
, apdev
):
633 """Hotspot 2.0 connection with TTLS/EAP-unknown"""
634 bssid
= apdev
[0]['bssid']
635 params
= hs20_ap_params()
636 params
['nai_realm'] = "0,example.com,21[3:99]"
637 hostapd
.add_ap(apdev
[0]['ifname'], params
)
640 dev
[0].add_cred_values(default_cred())
641 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
643 def test_ap_hs20_eap_ttls_eap_unsupported(dev
, apdev
):
644 """Hotspot 2.0 connection with TTLS/EAP-OTP(unsupported)"""
645 bssid
= apdev
[0]['bssid']
646 params
= hs20_ap_params()
647 params
['nai_realm'] = "0,example.com,21[3:5]"
648 hostapd
.add_ap(apdev
[0]['ifname'], params
)
651 dev
[0].add_cred_values(default_cred())
652 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
654 def test_ap_hs20_eap_ttls_unknown(dev
, apdev
):
655 """Hotspot 2.0 connection with TTLS/unknown"""
656 bssid
= apdev
[0]['bssid']
657 params
= hs20_ap_params()
658 params
['nai_realm'] = "0,example.com,21[2:5]"
659 hostapd
.add_ap(apdev
[0]['ifname'], params
)
662 dev
[0].add_cred_values(default_cred())
663 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
665 def test_ap_hs20_eap_fast_mschapv2(dev
, apdev
):
666 """Hotspot 2.0 connection with FAST/EAP-MSCHAPV2"""
667 check_eap_capa(dev
[0], "FAST")
668 eap_test(dev
[0], apdev
[0], "43[3:26]", "FAST", "user")
670 def test_ap_hs20_eap_fast_gtc(dev
, apdev
):
671 """Hotspot 2.0 connection with FAST/EAP-GTC"""
672 check_eap_capa(dev
[0], "FAST")
673 eap_test(dev
[0], apdev
[0], "43[3:6]", "FAST", "user")
675 def test_ap_hs20_eap_tls(dev
, apdev
):
676 """Hotspot 2.0 connection with EAP-TLS"""
677 bssid
= apdev
[0]['bssid']
678 params
= hs20_ap_params()
679 params
['nai_realm'] = [ "0,example.com,13[5:6]" ]
680 hostapd
.add_ap(apdev
[0]['ifname'], params
)
683 dev
[0].add_cred_values({ 'realm': "example.com",
684 'username': "certificate-user",
685 'ca_cert': "auth_serv/ca.pem",
686 'client_cert': "auth_serv/user.pem",
687 'private_key': "auth_serv/user.key"})
688 interworking_select(dev
[0], bssid
, freq
="2412")
689 interworking_connect(dev
[0], bssid
, "TLS")
691 def test_ap_hs20_eap_cert_unknown(dev
, apdev
):
692 """Hotspot 2.0 connection with certificate, but unknown EAP method"""
693 bssid
= apdev
[0]['bssid']
694 params
= hs20_ap_params()
695 params
['nai_realm'] = [ "0,example.com,99[5:6]" ]
696 hostapd
.add_ap(apdev
[0]['ifname'], params
)
699 dev
[0].add_cred_values({ 'realm': "example.com",
700 'username': "certificate-user",
701 'ca_cert': "auth_serv/ca.pem",
702 'client_cert': "auth_serv/user.pem",
703 'private_key': "auth_serv/user.key"})
704 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
706 def test_ap_hs20_eap_cert_unsupported(dev
, apdev
):
707 """Hotspot 2.0 connection with certificate, but unsupported TTLS"""
708 bssid
= apdev
[0]['bssid']
709 params
= hs20_ap_params()
710 params
['nai_realm'] = [ "0,example.com,21[5:6]" ]
711 hostapd
.add_ap(apdev
[0]['ifname'], params
)
714 dev
[0].add_cred_values({ 'realm': "example.com",
715 'username': "certificate-user",
716 'ca_cert': "auth_serv/ca.pem",
717 'client_cert': "auth_serv/user.pem",
718 'private_key': "auth_serv/user.key"})
719 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
721 def test_ap_hs20_eap_invalid_cred(dev
, apdev
):
722 """Hotspot 2.0 connection with invalid cred configuration"""
723 bssid
= apdev
[0]['bssid']
724 params
= hs20_ap_params()
725 hostapd
.add_ap(apdev
[0]['ifname'], params
)
728 dev
[0].add_cred_values({ 'realm': "example.com",
729 'username': "certificate-user",
730 'client_cert': "auth_serv/user.pem" })
731 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
733 def test_ap_hs20_nai_realms(dev
, apdev
):
734 """Hotspot 2.0 connection and multiple NAI realms and TTLS/PAP"""
735 bssid
= apdev
[0]['bssid']
736 params
= hs20_ap_params()
737 params
['hessid'] = bssid
738 params
['nai_realm'] = [ "0,no.match.here;example.com;no.match.here.either,21[2:1][5:7]" ]
739 hostapd
.add_ap(apdev
[0]['ifname'], params
)
742 id = dev
[0].add_cred_values({ 'realm': "example.com",
743 'ca_cert': "auth_serv/ca.pem",
744 'username': "pap user",
745 'password': "password",
746 'domain': "example.com" })
747 interworking_select(dev
[0], bssid
, "home", freq
="2412")
748 interworking_connect(dev
[0], bssid
, "TTLS")
749 check_sp_type(dev
[0], "home")
751 def test_ap_hs20_roaming_consortium(dev
, apdev
):
752 """Hotspot 2.0 connection based on roaming consortium match"""
753 bssid
= apdev
[0]['bssid']
754 params
= hs20_ap_params()
755 params
['hessid'] = bssid
756 hostapd
.add_ap(apdev
[0]['ifname'], params
)
759 for consortium
in [ "112233", "1020304050", "010203040506", "fedcba" ]:
760 id = dev
[0].add_cred_values({ 'username': "user",
761 'password': "password",
762 'domain': "example.com",
763 'ca_cert': "auth_serv/ca.pem",
764 'roaming_consortium': consortium
,
766 interworking_select(dev
[0], bssid
, "home", freq
="2412")
767 interworking_connect(dev
[0], bssid
, "PEAP")
768 check_sp_type(dev
[0], "home")
769 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
770 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
772 raise Exception("Timeout on already-connected event")
773 dev
[0].remove_cred(id)
775 def test_ap_hs20_username_roaming(dev
, apdev
):
776 """Hotspot 2.0 connection in username/password credential (roaming)"""
777 bssid
= apdev
[0]['bssid']
778 params
= hs20_ap_params()
779 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
780 "0,roaming.example.com,21[2:4][5:7]",
781 "0,another.example.com" ]
782 params
['domain_name'] = "another.example.com"
783 params
['hessid'] = bssid
784 hostapd
.add_ap(apdev
[0]['ifname'], params
)
787 id = dev
[0].add_cred_values({ 'realm': "roaming.example.com",
788 'username': "hs20-test",
789 'password': "password",
790 'ca_cert': "auth_serv/ca.pem",
791 'domain': "example.com" })
792 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
793 interworking_connect(dev
[0], bssid
, "TTLS")
794 check_sp_type(dev
[0], "roaming")
796 def test_ap_hs20_username_unknown(dev
, apdev
):
797 """Hotspot 2.0 connection in username/password credential (no domain in cred)"""
798 bssid
= apdev
[0]['bssid']
799 params
= hs20_ap_params()
800 params
['hessid'] = bssid
801 hostapd
.add_ap(apdev
[0]['ifname'], params
)
804 id = dev
[0].add_cred_values({ 'realm': "example.com",
805 'ca_cert': "auth_serv/ca.pem",
806 'username': "hs20-test",
807 'password': "password" })
808 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
809 interworking_connect(dev
[0], bssid
, "TTLS")
810 check_sp_type(dev
[0], "unknown")
812 def test_ap_hs20_username_unknown2(dev
, apdev
):
813 """Hotspot 2.0 connection in username/password credential (no domain advertized)"""
814 bssid
= apdev
[0]['bssid']
815 params
= hs20_ap_params()
816 params
['hessid'] = bssid
817 del params
['domain_name']
818 hostapd
.add_ap(apdev
[0]['ifname'], params
)
821 id = dev
[0].add_cred_values({ 'realm': "example.com",
822 'ca_cert': "auth_serv/ca.pem",
823 'username': "hs20-test",
824 'password': "password",
825 'domain': "example.com" })
826 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
827 interworking_connect(dev
[0], bssid
, "TTLS")
828 check_sp_type(dev
[0], "unknown")
830 def test_ap_hs20_gas_while_associated(dev
, apdev
):
831 """Hotspot 2.0 connection with GAS query while associated"""
832 bssid
= apdev
[0]['bssid']
833 params
= hs20_ap_params()
834 params
['hessid'] = bssid
835 hostapd
.add_ap(apdev
[0]['ifname'], params
)
838 id = dev
[0].add_cred_values({ 'realm': "example.com",
839 'ca_cert': "auth_serv/ca.pem",
840 'username': "hs20-test",
841 'password': "password",
842 'domain': "example.com" })
843 interworking_select(dev
[0], bssid
, "home", freq
="2412")
844 interworking_connect(dev
[0], bssid
, "TTLS")
846 logger
.info("Verifying GAS query while associated")
847 dev
[0].request("FETCH_ANQP")
848 for i
in range(0, 6):
849 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
851 raise Exception("Operation timed out")
853 def test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
):
854 """Hotspot 2.0 connection with GAS query while associated and using PMF"""
856 _test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
)
858 dev
[0].request("SET pmf 0")
860 def _test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
):
861 bssid
= apdev
[0]['bssid']
862 params
= hs20_ap_params()
863 params
['hessid'] = bssid
864 hostapd
.add_ap(apdev
[0]['ifname'], params
)
866 bssid2
= apdev
[1]['bssid']
867 params
= hs20_ap_params()
868 params
['hessid'] = bssid2
869 params
['nai_realm'] = [ "0,no-match.example.org,13[5:6],21[2:4][5:7]" ]
870 hostapd
.add_ap(apdev
[1]['ifname'], params
)
873 dev
[0].request("SET pmf 2")
874 id = dev
[0].add_cred_values({ 'realm': "example.com",
875 'ca_cert': "auth_serv/ca.pem",
876 'username': "hs20-test",
877 'password': "password",
878 'domain': "example.com" })
879 interworking_select(dev
[0], bssid
, "home", freq
="2412")
880 interworking_connect(dev
[0], bssid
, "TTLS")
882 logger
.info("Verifying GAS query while associated")
883 dev
[0].request("FETCH_ANQP")
884 for i
in range(0, 2 * 6):
885 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
887 raise Exception("Operation timed out")
889 def test_ap_hs20_gas_frag_while_associated(dev
, apdev
):
890 """Hotspot 2.0 connection with fragmented GAS query while associated"""
891 bssid
= apdev
[0]['bssid']
892 params
= hs20_ap_params()
893 params
['hessid'] = bssid
894 hostapd
.add_ap(apdev
[0]['ifname'], params
)
895 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
896 hapd
.set("gas_frag_limit", "50")
899 id = dev
[0].add_cred_values({ 'realm': "example.com",
900 'ca_cert': "auth_serv/ca.pem",
901 'username': "hs20-test",
902 'password': "password",
903 'domain': "example.com" })
904 interworking_select(dev
[0], bssid
, "home", freq
="2412")
905 interworking_connect(dev
[0], bssid
, "TTLS")
907 logger
.info("Verifying GAS query while associated")
908 dev
[0].request("FETCH_ANQP")
909 for i
in range(0, 6):
910 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
912 raise Exception("Operation timed out")
914 def test_ap_hs20_multiple_connects(dev
, apdev
):
915 """Hotspot 2.0 connection through multiple network selections"""
916 bssid
= apdev
[0]['bssid']
917 params
= hs20_ap_params()
918 params
['hessid'] = bssid
919 hostapd
.add_ap(apdev
[0]['ifname'], params
)
922 values
= { 'realm': "example.com",
923 'ca_cert': "auth_serv/ca.pem",
924 'username': "hs20-test",
925 'password': "password",
926 'domain': "example.com" }
927 id = dev
[0].add_cred_values(values
)
929 dev
[0].scan_for_bss(bssid
, freq
="2412")
931 for i
in range(0, 3):
932 logger
.info("Starting Interworking network selection")
933 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
935 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
936 "INTERWORKING-ALREADY-CONNECTED",
937 "CTRL-EVENT-CONNECTED"], timeout
=15)
939 raise Exception("Connection timed out")
940 if "INTERWORKING-NO-MATCH" in ev
:
941 raise Exception("Matching AP not found")
942 if "CTRL-EVENT-CONNECTED" in ev
:
944 if i
== 2 and "INTERWORKING-ALREADY-CONNECTED" in ev
:
947 dev
[0].request("DISCONNECT")
948 dev
[0].dump_monitor()
950 networks
= dev
[0].list_networks()
951 if len(networks
) > 1:
952 raise Exception("Duplicated network block detected")
954 def test_ap_hs20_disallow_aps(dev
, apdev
):
955 """Hotspot 2.0 connection and disallow_aps"""
956 bssid
= apdev
[0]['bssid']
957 params
= hs20_ap_params()
958 params
['hessid'] = bssid
959 hostapd
.add_ap(apdev
[0]['ifname'], params
)
962 values
= { 'realm': "example.com",
963 'ca_cert': "auth_serv/ca.pem",
964 'username': "hs20-test",
965 'password': "password",
966 'domain': "example.com" }
967 id = dev
[0].add_cred_values(values
)
969 dev
[0].scan_for_bss(bssid
, freq
="2412")
971 logger
.info("Verify disallow_aps bssid")
972 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
973 dev
[0].request("INTERWORKING_SELECT auto")
974 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
976 raise Exception("Network selection timed out")
977 dev
[0].dump_monitor()
979 logger
.info("Verify disallow_aps ssid")
980 dev
[0].request("SET disallow_aps ssid 746573742d68733230")
981 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
982 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
984 raise Exception("Network selection timed out")
985 dev
[0].dump_monitor()
987 logger
.info("Verify disallow_aps clear")
988 dev
[0].request("SET disallow_aps ")
989 interworking_select(dev
[0], bssid
, "home", freq
="2412")
991 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
992 ret
= dev
[0].request("INTERWORKING_CONNECT " + bssid
)
993 if "FAIL" not in ret
:
994 raise Exception("INTERWORKING_CONNECT to disallowed BSS not rejected")
996 if "FAIL" not in dev
[0].request("INTERWORKING_CONNECT foo"):
997 raise Exception("Invalid INTERWORKING_CONNECT not rejected")
998 if "FAIL" not in dev
[0].request("INTERWORKING_CONNECT 00:11:22:33:44:55"):
999 raise Exception("Invalid INTERWORKING_CONNECT not rejected")
1001 def policy_test(dev
, ap
, values
, only_one
=True):
1004 logger
.info("Verify network selection to AP " + ap
['ifname'])
1006 dev
.scan_for_bss(bssid
, freq
="2412")
1008 logger
.info("Verify network selection")
1011 id = dev
.add_cred_values(values
)
1012 dev
.request("INTERWORKING_SELECT auto freq=2412")
1015 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH",
1016 "INTERWORKING-BLACKLISTED",
1017 "INTERWORKING-SELECTED"], timeout
=15)
1019 raise Exception("Network selection timed out")
1021 if "INTERWORKING-NO-MATCH" in ev
:
1022 raise Exception("Matching AP not found")
1023 if bssid
and only_one
and "INTERWORKING-AP" in ev
and bssid
not in ev
:
1024 raise Exception("Unexpected AP claimed acceptable")
1025 if "INTERWORKING-SELECTED" in ev
:
1026 if bssid
and bssid
not in ev
:
1027 raise Exception("Selected incorrect BSS")
1030 ev
= dev
.wait_connected(timeout
=15)
1031 if bssid
and bssid
not in ev
:
1032 raise Exception("Connected to incorrect BSS")
1034 conn_bssid
= dev
.get_status_field("bssid")
1035 if bssid
and conn_bssid
!= bssid
:
1036 raise Exception("bssid information points to incorrect BSS")
1042 def default_cred(domain
=None):
1043 cred
= { 'realm': "example.com",
1044 'ca_cert': "auth_serv/ca.pem",
1045 'username': "hs20-test",
1046 'password': "password" }
1048 cred
['domain'] = domain
1051 def test_ap_hs20_prefer_home(dev
, apdev
):
1052 """Hotspot 2.0 required roaming consortium"""
1053 params
= hs20_ap_params()
1054 params
['domain_name'] = "example.org"
1055 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1057 params
= hs20_ap_params()
1058 params
['ssid'] = "test-hs20-other"
1059 params
['domain_name'] = "example.com"
1060 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1062 values
= default_cred()
1063 values
['domain'] = "example.com"
1064 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1065 values
['domain'] = "example.org"
1066 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1068 def test_ap_hs20_req_roaming_consortium(dev
, apdev
):
1069 """Hotspot 2.0 required roaming consortium"""
1070 params
= hs20_ap_params()
1071 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1073 params
= hs20_ap_params()
1074 params
['ssid'] = "test-hs20-other"
1075 params
['roaming_consortium'] = [ "223344" ]
1076 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1078 values
= default_cred()
1079 values
['required_roaming_consortium'] = "223344"
1080 policy_test(dev
[0], apdev
[1], values
)
1081 values
['required_roaming_consortium'] = "112233"
1082 policy_test(dev
[0], apdev
[0], values
)
1084 id = dev
[0].add_cred()
1085 dev
[0].set_cred(id, "required_roaming_consortium", "112233")
1086 dev
[0].set_cred(id, "required_roaming_consortium", "112233445566778899aabbccddeeff")
1088 for val
in [ "", "1", "11", "1122", "1122334", "112233445566778899aabbccddeeff00" ]:
1089 if "FAIL" not in dev
[0].request('SET_CRED {} required_roaming_consortium {}'.format(id, val
)):
1090 raise Exception("Invalid roaming consortium value accepted: " + val
)
1092 def test_ap_hs20_excluded_ssid(dev
, apdev
):
1093 """Hotspot 2.0 exclusion based on SSID"""
1094 params
= hs20_ap_params()
1095 params
['roaming_consortium'] = [ "223344" ]
1096 params
['anqp_3gpp_cell_net'] = "555,444"
1097 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1099 params
= hs20_ap_params()
1100 params
['ssid'] = "test-hs20-other"
1101 params
['roaming_consortium'] = [ "223344" ]
1102 params
['anqp_3gpp_cell_net'] = "555,444"
1103 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1105 values
= default_cred()
1106 values
['excluded_ssid'] = "test-hs20"
1107 events
= policy_test(dev
[0], apdev
[1], values
)
1108 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1110 raise Exception("Excluded network not reported")
1111 values
['excluded_ssid'] = "test-hs20-other"
1112 events
= policy_test(dev
[0], apdev
[0], values
)
1113 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[1]['bssid'] in e
]
1115 raise Exception("Excluded network not reported")
1117 values
= default_cred()
1118 values
['roaming_consortium'] = "223344"
1119 values
['eap'] = "TTLS"
1120 values
['phase2'] = "auth=MSCHAPV2"
1121 values
['excluded_ssid'] = "test-hs20"
1122 events
= policy_test(dev
[0], apdev
[1], values
)
1123 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1125 raise Exception("Excluded network not reported")
1127 values
= { 'imsi': "555444-333222111", 'eap': "SIM",
1128 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123",
1129 'excluded_ssid': "test-hs20" }
1130 events
= policy_test(dev
[0], apdev
[1], values
)
1131 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1133 raise Exception("Excluded network not reported")
1135 def test_ap_hs20_roam_to_higher_prio(dev
, apdev
):
1136 """Hotspot 2.0 and roaming from current to higher priority network"""
1137 bssid
= apdev
[0]['bssid']
1138 params
= hs20_ap_params(ssid
="test-hs20-visited")
1139 params
['domain_name'] = "visited.example.org"
1140 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1142 dev
[0].hs20_enable()
1143 id = dev
[0].add_cred_values({ 'realm': "example.com",
1144 'ca_cert': "auth_serv/ca.pem",
1145 'username': "hs20-test",
1146 'password': "password",
1147 'domain': "example.com" })
1148 logger
.info("Connect to the only network option")
1149 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
1150 dev
[0].dump_monitor()
1151 interworking_connect(dev
[0], bssid
, "TTLS")
1153 logger
.info("Start another AP (home operator) and reconnect")
1154 bssid2
= apdev
[1]['bssid']
1155 params
= hs20_ap_params(ssid
="test-hs20-home")
1156 params
['domain_name'] = "example.com"
1157 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1159 dev
[0].scan_for_bss(bssid2
, freq
="2412", force_scan
=True)
1160 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1161 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
1162 "INTERWORKING-ALREADY-CONNECTED",
1163 "CTRL-EVENT-CONNECTED"], timeout
=15)
1165 raise Exception("Connection timed out")
1166 if "INTERWORKING-NO-MATCH" in ev
:
1167 raise Exception("Matching AP not found")
1168 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1169 raise Exception("Unexpected AP selected")
1170 if bssid2
not in ev
:
1171 raise Exception("Unexpected BSSID after reconnection")
1173 def test_ap_hs20_domain_suffix_match(dev
, apdev
):
1174 """Hotspot 2.0 and domain_suffix_match"""
1175 bssid
= apdev
[0]['bssid']
1176 params
= hs20_ap_params()
1177 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1179 dev
[0].hs20_enable()
1180 id = dev
[0].add_cred_values({ 'realm': "example.com",
1181 'username': "hs20-test",
1182 'password': "password",
1183 'ca_cert': "auth_serv/ca.pem",
1184 'domain': "example.com",
1185 'domain_suffix_match': "w1.fi" })
1186 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1187 dev
[0].dump_monitor()
1188 interworking_connect(dev
[0], bssid
, "TTLS")
1189 dev
[0].request("REMOVE_NETWORK all")
1190 dev
[0].dump_monitor()
1192 dev
[0].set_cred_quoted(id, "domain_suffix_match", "no-match.example.com")
1193 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1194 dev
[0].dump_monitor()
1195 dev
[0].request("INTERWORKING_CONNECT " + bssid
)
1196 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"])
1198 raise Exception("TLS certificate error not reported")
1199 if "Domain suffix mismatch" not in ev
:
1200 raise Exception("Domain suffix mismatch not reported")
1202 def test_ap_hs20_roaming_partner_preference(dev
, apdev
):
1203 """Hotspot 2.0 and roaming partner preference"""
1204 params
= hs20_ap_params()
1205 params
['domain_name'] = "roaming.example.org"
1206 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1208 params
= hs20_ap_params()
1209 params
['ssid'] = "test-hs20-other"
1210 params
['domain_name'] = "roaming.example.net"
1211 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1213 logger
.info("Verify default vs. specified preference")
1214 values
= default_cred()
1215 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1216 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1217 values
['roaming_partner'] = "roaming.example.net,1,129,*"
1218 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1220 logger
.info("Verify partial FQDN match")
1221 values
['roaming_partner'] = "example.net,0,0,*"
1222 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1223 values
['roaming_partner'] = "example.net,0,255,*"
1224 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1226 def test_ap_hs20_max_bss_load(dev
, apdev
):
1227 """Hotspot 2.0 and maximum BSS load"""
1228 params
= hs20_ap_params()
1229 params
['bss_load_test'] = "12:200:20000"
1230 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1232 params
= hs20_ap_params()
1233 params
['ssid'] = "test-hs20-other"
1234 params
['bss_load_test'] = "5:20:10000"
1235 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1237 logger
.info("Verify maximum BSS load constraint")
1238 values
= default_cred()
1239 values
['domain'] = "example.com"
1240 values
['max_bss_load'] = "100"
1241 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1243 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1244 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1245 raise Exception("Maximum BSS Load case not noticed")
1246 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1247 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1248 raise Exception("Maximum BSS Load case reported incorrectly")
1250 logger
.info("Verify maximum BSS load does not prevent connection")
1251 values
['max_bss_load'] = "1"
1252 events
= policy_test(dev
[0], None, values
)
1254 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1255 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1256 raise Exception("Maximum BSS Load case not noticed")
1257 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1258 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1259 raise Exception("Maximum BSS Load case not noticed")
1261 def test_ap_hs20_max_bss_load2(dev
, apdev
):
1262 """Hotspot 2.0 and maximum BSS load with one AP not advertising"""
1263 params
= hs20_ap_params()
1264 params
['bss_load_test'] = "12:200:20000"
1265 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1267 params
= hs20_ap_params()
1268 params
['ssid'] = "test-hs20-other"
1269 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1271 logger
.info("Verify maximum BSS load constraint with AP advertisement")
1272 values
= default_cred()
1273 values
['domain'] = "example.com"
1274 values
['max_bss_load'] = "100"
1275 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1277 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1278 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1279 raise Exception("Maximum BSS Load case not noticed")
1280 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1281 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1282 raise Exception("Maximum BSS Load case reported incorrectly")
1284 def test_ap_hs20_multi_cred_sp_prio(dev
, apdev
):
1285 """Hotspot 2.0 multi-cred sp_priority"""
1287 _test_ap_hs20_multi_cred_sp_prio(dev
, apdev
)
1289 dev
[0].request("SET external_sim 0")
1291 def _test_ap_hs20_multi_cred_sp_prio(dev
, apdev
):
1292 hlr_auc_gw_available()
1293 bssid
= apdev
[0]['bssid']
1294 params
= hs20_ap_params()
1295 params
['hessid'] = bssid
1296 del params
['domain_name']
1297 params
['anqp_3gpp_cell_net'] = "232,01"
1298 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1300 dev
[0].hs20_enable()
1301 dev
[0].scan_for_bss(bssid
, freq
="2412")
1302 dev
[0].request("SET external_sim 1")
1303 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1304 'provisioning_sp': "example.com",
1305 'sp_priority' :"1" })
1306 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1307 'ca_cert': "auth_serv/ca.pem",
1308 'username': "hs20-test",
1309 'password': "password",
1310 'domain': "example.com",
1311 'provisioning_sp': "example.com",
1312 'sp_priority': "2" })
1313 dev
[0].dump_monitor()
1314 dev
[0].scan_for_bss(bssid
, freq
="2412")
1315 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1316 interworking_ext_sim_auth(dev
[0], "SIM")
1317 check_sp_type(dev
[0], "unknown")
1318 dev
[0].request("REMOVE_NETWORK all")
1320 dev
[0].set_cred(id1
, "sp_priority", "2")
1321 dev
[0].set_cred(id2
, "sp_priority", "1")
1322 dev
[0].dump_monitor()
1323 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1324 interworking_auth(dev
[0], "TTLS")
1325 check_sp_type(dev
[0], "unknown")
1327 def test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
):
1328 """Hotspot 2.0 multi-cred sp_priority with two BSSes"""
1330 _test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
)
1332 dev
[0].request("SET external_sim 0")
1334 def _test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
):
1335 hlr_auc_gw_available()
1336 bssid
= apdev
[0]['bssid']
1337 params
= hs20_ap_params()
1338 params
['hessid'] = bssid
1339 del params
['nai_realm']
1340 del params
['domain_name']
1341 params
['anqp_3gpp_cell_net'] = "232,01"
1342 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1344 bssid2
= apdev
[1]['bssid']
1345 params
= hs20_ap_params()
1346 params
['ssid'] = "test-hs20-other"
1347 params
['hessid'] = bssid2
1348 del params
['domain_name']
1349 del params
['anqp_3gpp_cell_net']
1350 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1352 dev
[0].hs20_enable()
1353 dev
[0].request("SET external_sim 1")
1354 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1355 'provisioning_sp': "example.com",
1356 'sp_priority': "1" })
1357 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1358 'ca_cert': "auth_serv/ca.pem",
1359 'username': "hs20-test",
1360 'password': "password",
1361 'domain': "example.com",
1362 'provisioning_sp': "example.com",
1363 'sp_priority': "2" })
1364 dev
[0].dump_monitor()
1365 dev
[0].scan_for_bss(bssid
, freq
="2412")
1366 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1367 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1368 interworking_ext_sim_auth(dev
[0], "SIM")
1369 check_sp_type(dev
[0], "unknown")
1370 conn_bssid
= dev
[0].get_status_field("bssid")
1371 if conn_bssid
!= bssid
:
1372 raise Exception("Connected to incorrect BSS")
1373 dev
[0].request("REMOVE_NETWORK all")
1375 dev
[0].set_cred(id1
, "sp_priority", "2")
1376 dev
[0].set_cred(id2
, "sp_priority", "1")
1377 dev
[0].dump_monitor()
1378 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1379 interworking_auth(dev
[0], "TTLS")
1380 check_sp_type(dev
[0], "unknown")
1381 conn_bssid
= dev
[0].get_status_field("bssid")
1382 if conn_bssid
!= bssid2
:
1383 raise Exception("Connected to incorrect BSS")
1385 def check_conn_capab_selection(dev
, type, missing
):
1386 dev
.request("INTERWORKING_SELECT freq=2412")
1387 ev
= dev
.wait_event(["INTERWORKING-AP"])
1389 raise Exception("Network selection timed out");
1390 if "type=" + type not in ev
:
1391 raise Exception("Unexpected network type")
1392 if missing
and "conn_capab_missing=1" not in ev
:
1393 raise Exception("conn_capab_missing not reported")
1394 if not missing
and "conn_capab_missing=1" in ev
:
1395 raise Exception("conn_capab_missing reported unexpectedly")
1397 def conn_capab_cred(domain
=None, req_conn_capab
=None):
1398 cred
= default_cred(domain
=domain
)
1400 cred
['req_conn_capab'] = req_conn_capab
1403 def test_ap_hs20_req_conn_capab(dev
, apdev
):
1404 """Hotspot 2.0 network selection with req_conn_capab"""
1405 bssid
= apdev
[0]['bssid']
1406 params
= hs20_ap_params()
1407 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1409 dev
[0].hs20_enable()
1410 dev
[0].scan_for_bss(bssid
, freq
="2412")
1411 logger
.info("Not used in home network")
1412 values
= conn_capab_cred(domain
="example.com", req_conn_capab
="6:1234")
1413 id = dev
[0].add_cred_values(values
)
1414 check_conn_capab_selection(dev
[0], "home", False)
1416 logger
.info("Used in roaming network")
1417 dev
[0].remove_cred(id)
1418 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="6:1234")
1419 id = dev
[0].add_cred_values(values
)
1420 check_conn_capab_selection(dev
[0], "roaming", True)
1422 logger
.info("Verify that req_conn_capab does not prevent connection if no other network is available")
1423 check_auto_select(dev
[0], bssid
)
1425 logger
.info("Additional req_conn_capab checks")
1427 dev
[0].remove_cred(id)
1428 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="1:0")
1429 id = dev
[0].add_cred_values(values
)
1430 check_conn_capab_selection(dev
[0], "roaming", True)
1432 dev
[0].remove_cred(id)
1433 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="17:5060")
1434 id = dev
[0].add_cred_values(values
)
1435 check_conn_capab_selection(dev
[0], "roaming", True)
1437 bssid2
= apdev
[1]['bssid']
1438 params
= hs20_ap_params(ssid
="test-hs20b")
1439 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1440 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1442 dev
[0].remove_cred(id)
1443 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="50")
1444 id = dev
[0].add_cred_values(values
)
1445 dev
[0].set_cred(id, "req_conn_capab", "6:22")
1446 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1447 dev
[0].request("INTERWORKING_SELECT freq=2412")
1448 for i
in range(0, 2):
1449 ev
= dev
[0].wait_event(["INTERWORKING-AP"])
1451 raise Exception("Network selection timed out");
1452 if bssid
in ev
and "conn_capab_missing=1" not in ev
:
1453 raise Exception("Missing protocol connection capability not reported")
1454 if bssid2
in ev
and "conn_capab_missing=1" in ev
:
1455 raise Exception("Protocol connection capability not reported correctly")
1457 def test_ap_hs20_req_conn_capab_and_roaming_partner_preference(dev
, apdev
):
1458 """Hotspot 2.0 and req_conn_capab with roaming partner preference"""
1459 bssid
= apdev
[0]['bssid']
1460 params
= hs20_ap_params()
1461 params
['domain_name'] = "roaming.example.org"
1462 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1463 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1465 bssid2
= apdev
[1]['bssid']
1466 params
= hs20_ap_params(ssid
="test-hs20-b")
1467 params
['domain_name'] = "roaming.example.net"
1468 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1470 values
= default_cred()
1471 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1472 id = dev
[0].add_cred_values(values
)
1473 check_auto_select(dev
[0], bssid2
)
1475 dev
[0].set_cred(id, "req_conn_capab", "50")
1476 check_auto_select(dev
[0], bssid
)
1478 dev
[0].remove_cred(id)
1479 id = dev
[0].add_cred_values(values
)
1480 dev
[0].set_cred(id, "req_conn_capab", "51")
1481 check_auto_select(dev
[0], bssid2
)
1483 def check_bandwidth_selection(dev
, type, below
):
1484 dev
.request("INTERWORKING_SELECT freq=2412")
1485 ev
= dev
.wait_event(["INTERWORKING-AP"])
1487 raise Exception("Network selection timed out");
1488 if "type=" + type not in ev
:
1489 raise Exception("Unexpected network type")
1490 if below
and "below_min_backhaul=1" not in ev
:
1491 raise Exception("below_min_backhaul not reported")
1492 if not below
and "below_min_backhaul=1" in ev
:
1493 raise Exception("below_min_backhaul reported unexpectedly")
1495 def bw_cred(domain
=None, dl_home
=None, ul_home
=None, dl_roaming
=None, ul_roaming
=None):
1496 cred
= default_cred(domain
=domain
)
1498 cred
['min_dl_bandwidth_home'] = str(dl_home
)
1500 cred
['min_ul_bandwidth_home'] = str(ul_home
)
1502 cred
['min_dl_bandwidth_roaming'] = str(dl_roaming
)
1504 cred
['min_ul_bandwidth_roaming'] = str(ul_roaming
)
1507 def test_ap_hs20_min_bandwidth_home(dev
, apdev
):
1508 """Hotspot 2.0 network selection with min bandwidth (home)"""
1509 bssid
= apdev
[0]['bssid']
1510 params
= hs20_ap_params()
1511 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1513 dev
[0].hs20_enable()
1514 dev
[0].scan_for_bss(bssid
, freq
="2412")
1515 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=58)
1516 id = dev
[0].add_cred_values(values
)
1517 check_bandwidth_selection(dev
[0], "home", False)
1518 dev
[0].remove_cred(id)
1520 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=58)
1521 id = dev
[0].add_cred_values(values
)
1522 check_bandwidth_selection(dev
[0], "home", True)
1523 dev
[0].remove_cred(id)
1525 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=59)
1526 id = dev
[0].add_cred_values(values
)
1527 check_bandwidth_selection(dev
[0], "home", True)
1528 dev
[0].remove_cred(id)
1530 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=59)
1531 id = dev
[0].add_cred_values(values
)
1532 check_bandwidth_selection(dev
[0], "home", True)
1533 check_auto_select(dev
[0], bssid
)
1535 bssid2
= apdev
[1]['bssid']
1536 params
= hs20_ap_params(ssid
="test-hs20-b")
1537 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1538 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1540 check_auto_select(dev
[0], bssid2
)
1542 def test_ap_hs20_min_bandwidth_roaming(dev
, apdev
):
1543 """Hotspot 2.0 network selection with min bandwidth (roaming)"""
1544 bssid
= apdev
[0]['bssid']
1545 params
= hs20_ap_params()
1546 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1548 dev
[0].hs20_enable()
1549 dev
[0].scan_for_bss(bssid
, freq
="2412")
1550 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=58)
1551 id = dev
[0].add_cred_values(values
)
1552 check_bandwidth_selection(dev
[0], "roaming", False)
1553 dev
[0].remove_cred(id)
1555 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=58)
1556 id = dev
[0].add_cred_values(values
)
1557 check_bandwidth_selection(dev
[0], "roaming", True)
1558 dev
[0].remove_cred(id)
1560 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=59)
1561 id = dev
[0].add_cred_values(values
)
1562 check_bandwidth_selection(dev
[0], "roaming", True)
1563 dev
[0].remove_cred(id)
1565 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=59)
1566 id = dev
[0].add_cred_values(values
)
1567 check_bandwidth_selection(dev
[0], "roaming", True)
1568 check_auto_select(dev
[0], bssid
)
1570 bssid2
= apdev
[1]['bssid']
1571 params
= hs20_ap_params(ssid
="test-hs20-b")
1572 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1573 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1575 check_auto_select(dev
[0], bssid2
)
1577 def test_ap_hs20_min_bandwidth_and_roaming_partner_preference(dev
, apdev
):
1578 """Hotspot 2.0 and minimum bandwidth with roaming partner preference"""
1579 bssid
= apdev
[0]['bssid']
1580 params
= hs20_ap_params()
1581 params
['domain_name'] = "roaming.example.org"
1582 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1583 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1585 bssid2
= apdev
[1]['bssid']
1586 params
= hs20_ap_params(ssid
="test-hs20-b")
1587 params
['domain_name'] = "roaming.example.net"
1588 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1590 values
= default_cred()
1591 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1592 id = dev
[0].add_cred_values(values
)
1593 check_auto_select(dev
[0], bssid2
)
1595 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "6000")
1596 check_auto_select(dev
[0], bssid
)
1598 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "10000")
1599 check_auto_select(dev
[0], bssid2
)
1601 def test_ap_hs20_min_bandwidth_no_wan_metrics(dev
, apdev
):
1602 """Hotspot 2.0 network selection with min bandwidth but no WAN Metrics"""
1603 bssid
= apdev
[0]['bssid']
1604 params
= hs20_ap_params()
1605 del params
['hs20_wan_metrics']
1606 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1608 dev
[0].hs20_enable()
1609 dev
[0].scan_for_bss(bssid
, freq
="2412")
1610 values
= bw_cred(domain
="example.com", dl_home
=10000, ul_home
=10000,
1611 dl_roaming
=10000, ul_roaming
=10000)
1612 dev
[0].add_cred_values(values
)
1613 check_bandwidth_selection(dev
[0], "home", False)
1615 def test_ap_hs20_deauth_req_ess(dev
, apdev
):
1616 """Hotspot 2.0 connection and deauthentication request for ESS"""
1618 _test_ap_hs20_deauth_req_ess(dev
, apdev
)
1620 dev
[0].request("SET pmf 0")
1622 def _test_ap_hs20_deauth_req_ess(dev
, apdev
):
1623 dev
[0].request("SET pmf 2")
1624 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1625 dev
[0].dump_monitor()
1626 addr
= dev
[0].p2p_interface_addr()
1627 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1628 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 1 120 http://example.com/")
1629 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1631 raise Exception("Timeout on deauth imminent notice")
1632 if "1 120 http://example.com/" not in ev
:
1633 raise Exception("Unexpected deauth imminent notice: " + ev
)
1634 hapd
.request("DEAUTHENTICATE " + addr
)
1635 dev
[0].wait_disconnected(timeout
=10)
1636 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1637 raise Exception("Network not marked temporarily disabled")
1638 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1639 "Trying to associate",
1640 "CTRL-EVENT-CONNECTED"], timeout
=5)
1642 raise Exception("Unexpected connection attempt")
1644 def test_ap_hs20_deauth_req_bss(dev
, apdev
):
1645 """Hotspot 2.0 connection and deauthentication request for BSS"""
1647 _test_ap_hs20_deauth_req_bss(dev
, apdev
)
1649 dev
[0].request("SET pmf 0")
1651 def _test_ap_hs20_deauth_req_bss(dev
, apdev
):
1652 dev
[0].request("SET pmf 2")
1653 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1654 dev
[0].dump_monitor()
1655 addr
= dev
[0].p2p_interface_addr()
1656 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1657 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 0 120 http://example.com/")
1658 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1660 raise Exception("Timeout on deauth imminent notice")
1661 if "0 120 http://example.com/" not in ev
:
1662 raise Exception("Unexpected deauth imminent notice: " + ev
)
1663 hapd
.request("DEAUTHENTICATE " + addr
+ " reason=4")
1664 ev
= dev
[0].wait_disconnected(timeout
=10)
1665 if "reason=4" not in ev
:
1666 raise Exception("Unexpected disconnection reason")
1667 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1668 raise Exception("Network not marked temporarily disabled")
1669 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1670 "Trying to associate",
1671 "CTRL-EVENT-CONNECTED"], timeout
=5)
1673 raise Exception("Unexpected connection attempt")
1675 def test_ap_hs20_deauth_req_from_radius(dev
, apdev
):
1676 """Hotspot 2.0 connection and deauthentication request from RADIUS"""
1678 _test_ap_hs20_deauth_req_from_radius(dev
, apdev
)
1680 dev
[0].request("SET pmf 0")
1682 def _test_ap_hs20_deauth_req_from_radius(dev
, apdev
):
1683 bssid
= apdev
[0]['bssid']
1684 params
= hs20_ap_params()
1685 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1686 params
['hs20_deauth_req_timeout'] = "2"
1687 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1689 dev
[0].request("SET pmf 2")
1690 dev
[0].hs20_enable()
1691 dev
[0].add_cred_values({ 'realm': "example.com",
1692 'username': "hs20-deauth-test",
1693 'password': "password" })
1694 interworking_select(dev
[0], bssid
, freq
="2412")
1695 interworking_connect(dev
[0], bssid
, "TTLS")
1696 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"], timeout
=5)
1698 raise Exception("Timeout on deauth imminent notice")
1699 if " 1 100" not in ev
:
1700 raise Exception("Unexpected deauth imminent contents")
1701 dev
[0].wait_disconnected(timeout
=3)
1703 def test_ap_hs20_remediation_required(dev
, apdev
):
1704 """Hotspot 2.0 connection and remediation required from RADIUS"""
1706 _test_ap_hs20_remediation_required(dev
, apdev
)
1708 dev
[0].request("SET pmf 0")
1710 def _test_ap_hs20_remediation_required(dev
, apdev
):
1711 bssid
= apdev
[0]['bssid']
1712 params
= hs20_ap_params()
1713 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1714 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1716 dev
[0].request("SET pmf 1")
1717 dev
[0].hs20_enable()
1718 dev
[0].add_cred_values({ 'realm': "example.com",
1719 'username': "hs20-subrem-test",
1720 'password': "password" })
1721 interworking_select(dev
[0], bssid
, freq
="2412")
1722 interworking_connect(dev
[0], bssid
, "TTLS")
1723 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1725 raise Exception("Timeout on subscription remediation notice")
1726 if " 1 https://example.com/" not in ev
:
1727 raise Exception("Unexpected subscription remediation event contents")
1729 def test_ap_hs20_remediation_required_ctrl(dev
, apdev
):
1730 """Hotspot 2.0 connection and subrem from ctrl_iface"""
1732 _test_ap_hs20_remediation_required_ctrl(dev
, apdev
)
1734 dev
[0].request("SET pmf 0")
1736 def _test_ap_hs20_remediation_required_ctrl(dev
, apdev
):
1737 bssid
= apdev
[0]['bssid']
1738 addr
= dev
[0].p2p_dev_addr()
1739 params
= hs20_ap_params()
1740 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1741 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
1743 dev
[0].request("SET pmf 1")
1744 dev
[0].hs20_enable()
1745 dev
[0].add_cred_values(default_cred())
1746 interworking_select(dev
[0], bssid
, freq
="2412")
1747 interworking_connect(dev
[0], bssid
, "TTLS")
1749 hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://example.com/")
1750 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1752 raise Exception("Timeout on subscription remediation notice")
1753 if " 1 https://example.com/" not in ev
:
1754 raise Exception("Unexpected subscription remediation event contents")
1756 hapd
.request("HS20_WNM_NOTIF " + addr
)
1757 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1759 raise Exception("Timeout on subscription remediation notice")
1760 if not ev
.endswith("HS20-SUBSCRIPTION-REMEDIATION "):
1761 raise Exception("Unexpected subscription remediation event contents: " + ev
)
1763 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF "):
1764 raise Exception("Unexpected HS20_WNM_NOTIF success")
1765 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF foo"):
1766 raise Exception("Unexpected HS20_WNM_NOTIF success")
1767 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://12345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678927.very.long.example.com/"):
1768 raise Exception("Unexpected HS20_WNM_NOTIF success")
1770 def test_ap_hs20_session_info(dev
, apdev
):
1771 """Hotspot 2.0 connection and session information from RADIUS"""
1773 _test_ap_hs20_session_info(dev
, apdev
)
1775 dev
[0].request("SET pmf 0")
1777 def _test_ap_hs20_session_info(dev
, apdev
):
1778 bssid
= apdev
[0]['bssid']
1779 params
= hs20_ap_params()
1780 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1781 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1783 dev
[0].request("SET pmf 1")
1784 dev
[0].hs20_enable()
1785 dev
[0].add_cred_values({ 'realm': "example.com",
1786 'username': "hs20-session-info-test",
1787 'password': "password" })
1788 interworking_select(dev
[0], bssid
, freq
="2412")
1789 interworking_connect(dev
[0], bssid
, "TTLS")
1790 ev
= dev
[0].wait_event(["ESS-DISASSOC-IMMINENT"], timeout
=10)
1792 raise Exception("Timeout on ESS disassociation imminent notice")
1793 if " 1 59904 https://example.com/" not in ev
:
1794 raise Exception("Unexpected ESS disassociation imminent event contents")
1795 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-STARTED"])
1797 raise Exception("Scan not started")
1798 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=30)
1800 raise Exception("Scan not completed")
1802 def test_ap_hs20_osen(dev
, apdev
):
1803 """Hotspot 2.0 OSEN connection"""
1804 params
= { 'ssid': "osen",
1806 'auth_server_addr': "127.0.0.1",
1807 'auth_server_port': "1812",
1808 'auth_server_shared_secret': "radius" }
1809 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1811 dev
[1].connect("osen", key_mgmt
="NONE", scan_freq
="2412",
1813 dev
[2].connect("osen", key_mgmt
="NONE", wep_key0
='"hello"',
1814 scan_freq
="2412", wait_connect
=False)
1815 dev
[0].connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1816 group
="GTK_NOT_USED",
1817 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1818 ca_cert
="auth_serv/ca.pem",
1821 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
1822 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
1823 wpas
.connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1824 group
="GTK_NOT_USED",
1825 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1826 ca_cert
="auth_serv/ca.pem",
1828 wpas
.request("DISCONNECT")
1830 def test_ap_hs20_network_preference(dev
, apdev
):
1831 """Hotspot 2.0 network selection with preferred home network"""
1832 bssid
= apdev
[0]['bssid']
1833 params
= hs20_ap_params()
1834 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1836 dev
[0].hs20_enable()
1837 values
= { 'realm': "example.com",
1838 'username': "hs20-test",
1839 'password': "password",
1840 'domain': "example.com" }
1841 dev
[0].add_cred_values(values
)
1843 id = dev
[0].add_network()
1844 dev
[0].set_network_quoted(id, "ssid", "home")
1845 dev
[0].set_network_quoted(id, "psk", "12345678")
1846 dev
[0].set_network(id, "priority", "1")
1847 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1849 dev
[0].scan_for_bss(bssid
, freq
="2412")
1850 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1851 ev
= dev
[0].wait_connected(timeout
=15)
1853 raise Exception("Unexpected network selected")
1855 bssid2
= apdev
[1]['bssid']
1856 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1857 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1859 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1860 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1861 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1862 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1864 raise Exception("Connection timed out")
1865 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1866 raise Exception("No roam to higher priority network")
1867 if bssid2
not in ev
:
1868 raise Exception("Unexpected network selected")
1870 def test_ap_hs20_network_preference2(dev
, apdev
):
1871 """Hotspot 2.0 network selection with preferred credential"""
1872 bssid2
= apdev
[1]['bssid']
1873 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1874 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1876 dev
[0].hs20_enable()
1877 values
= { 'realm': "example.com",
1878 'username': "hs20-test",
1879 'password': "password",
1880 'domain': "example.com",
1882 dev
[0].add_cred_values(values
)
1884 id = dev
[0].add_network()
1885 dev
[0].set_network_quoted(id, "ssid", "home")
1886 dev
[0].set_network_quoted(id, "psk", "12345678")
1887 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1889 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1890 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1891 ev
= dev
[0].wait_connected(timeout
=15)
1892 if bssid2
not in ev
:
1893 raise Exception("Unexpected network selected")
1895 bssid
= apdev
[0]['bssid']
1896 params
= hs20_ap_params()
1897 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1899 dev
[0].scan_for_bss(bssid
, freq
="2412")
1900 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1901 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1902 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1904 raise Exception("Connection timed out")
1905 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1906 raise Exception("No roam to higher priority network")
1908 raise Exception("Unexpected network selected")
1910 def test_ap_hs20_network_preference3(dev
, apdev
):
1911 """Hotspot 2.0 network selection with two credential (one preferred)"""
1912 bssid
= apdev
[0]['bssid']
1913 params
= hs20_ap_params()
1914 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1916 bssid2
= apdev
[1]['bssid']
1917 params
= hs20_ap_params(ssid
="test-hs20b")
1918 params
['nai_realm'] = "0,example.org,13[5:6],21[2:4][5:7]"
1919 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1921 dev
[0].hs20_enable()
1922 values
= { 'realm': "example.com",
1923 'username': "hs20-test",
1924 'password': "password",
1926 dev
[0].add_cred_values(values
)
1927 values
= { 'realm': "example.org",
1928 'username': "hs20-test",
1929 'password': "password" }
1930 id = dev
[0].add_cred_values(values
)
1932 dev
[0].scan_for_bss(bssid
, freq
="2412")
1933 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1934 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1935 ev
= dev
[0].wait_connected(timeout
=15)
1937 raise Exception("Unexpected network selected")
1939 dev
[0].set_cred(id, "priority", "2")
1940 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1941 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1942 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1944 raise Exception("Connection timed out")
1945 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1946 raise Exception("No roam to higher priority network")
1947 if bssid2
not in ev
:
1948 raise Exception("Unexpected network selected")
1950 def test_ap_hs20_network_preference4(dev
, apdev
):
1951 """Hotspot 2.0 network selection with username vs. SIM credential"""
1952 bssid
= apdev
[0]['bssid']
1953 params
= hs20_ap_params()
1954 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1956 bssid2
= apdev
[1]['bssid']
1957 params
= hs20_ap_params(ssid
="test-hs20b")
1958 params
['hessid'] = bssid2
1959 params
['anqp_3gpp_cell_net'] = "555,444"
1960 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
1961 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1963 dev
[0].hs20_enable()
1964 values
= { 'realm': "example.com",
1965 'username': "hs20-test",
1966 'password': "password",
1968 dev
[0].add_cred_values(values
)
1969 values
= { 'imsi': "555444-333222111",
1971 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123" }
1972 id = dev
[0].add_cred_values(values
)
1974 dev
[0].scan_for_bss(bssid
, freq
="2412")
1975 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1976 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1977 ev
= dev
[0].wait_connected(timeout
=15)
1979 raise Exception("Unexpected network selected")
1981 dev
[0].set_cred(id, "priority", "2")
1982 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1983 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1984 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1986 raise Exception("Connection timed out")
1987 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1988 raise Exception("No roam to higher priority network")
1989 if bssid2
not in ev
:
1990 raise Exception("Unexpected network selected")
1992 def test_ap_hs20_fetch_osu(dev
, apdev
):
1993 """Hotspot 2.0 OSU provider and icon fetch"""
1994 bssid
= apdev
[0]['bssid']
1995 params
= hs20_ap_params()
1996 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
1997 params
['osu_ssid'] = '"HS 2.0 OSU open"'
1998 params
['osu_method_list'] = "1"
1999 params
['osu_friendly_name'] = [ "eng:Test OSU", "fin:Testi-OSU" ]
2000 params
['osu_icon'] = "w1fi_logo"
2001 params
['osu_service_desc'] = [ "eng:Example services", "fin:Esimerkkipalveluja" ]
2002 params
['osu_server_uri'] = "https://example.com/osu/"
2003 hostapd
.add_ap(apdev
[0]['ifname'], params
)
2005 bssid2
= apdev
[1]['bssid']
2006 params
= hs20_ap_params(ssid
="test-hs20b")
2007 params
['hessid'] = bssid2
2008 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
2009 params
['osu_ssid'] = '"HS 2.0 OSU OSEN"'
2010 params
['osu_method_list'] = "0"
2011 params
['osu_nai'] = "osen@example.com"
2012 params
['osu_friendly_name'] = [ "eng:Test2 OSU", "fin:Testi2-OSU" ]
2013 params
['osu_icon'] = "w1fi_logo"
2014 params
['osu_service_desc'] = [ "eng:Example services2", "fin:Esimerkkipalveluja2" ]
2015 params
['osu_server_uri'] = "https://example.org/osu/"
2016 hostapd
.add_ap(apdev
[1]['ifname'], params
)
2018 with
open("w1fi_logo.png", "r") as f
:
2019 orig_logo
= f
.read()
2020 dev
[0].hs20_enable()
2021 dir = "/tmp/osu-fetch"
2022 if os
.path
.isdir(dir):
2023 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
2025 os
.remove(dir + "/" + f
)
2032 dev
[1].scan_for_bss(bssid
, freq
="2412")
2033 dev
[0].request("SET osu_dir " + dir)
2034 dev
[0].request("FETCH_OSU")
2035 if "FAIL" not in dev
[1].request("HS20_ICON_REQUEST foo w1fi_logo"):
2036 raise Exception("Invalid HS20_ICON_REQUEST accepted")
2037 if "OK" not in dev
[1].request("HS20_ICON_REQUEST " + bssid
+ " w1fi_logo"):
2038 raise Exception("HS20_ICON_REQUEST failed")
2041 ev
= dev
[0].wait_event(["OSU provider fetch completed",
2042 "RX-HS20-ANQP-ICON"], timeout
=15)
2044 raise Exception("Timeout on OSU fetch")
2045 if "OSU provider fetch completed" in ev
:
2047 if "RX-HS20-ANQP-ICON" in ev
:
2048 with
open(ev
.split(' ')[1], "r") as f
:
2050 if logo
== orig_logo
:
2053 with
open(dir + "/osu-providers.txt", "r") as f
:
2055 if "OSU-PROVIDER " + bssid
not in prov
:
2056 raise Exception("Missing OSU_PROVIDER")
2057 if "OSU-PROVIDER " + bssid2
not in prov
:
2058 raise Exception("Missing OSU_PROVIDER")
2060 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
2062 os
.remove(dir + "/" + f
)
2066 raise Exception("Unexpected number of icons fetched")
2068 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=5)
2070 raise Exception("Timeout on GAS-QUERY-DONE")
2071 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=5)
2073 raise Exception("Timeout on GAS-QUERY-DONE")
2074 if "freq=2412 status_code=0 result=SUCCESS" not in ev
:
2075 raise Exception("Unexpected GAS-QUERY-DONE: " + ev
)
2076 ev
= dev
[1].wait_event(["RX-HS20-ANQP"], timeout
=15)
2078 raise Exception("Timeout on icon fetch")
2079 if "Icon Binary File" not in ev
:
2080 raise Exception("Unexpected ANQP element")
2082 def test_ap_hs20_fetch_osu_stop(dev
, apdev
):
2083 """Hotspot 2.0 OSU provider fetch stopped"""
2084 bssid
= apdev
[0]['bssid']
2085 params
= hs20_ap_params()
2086 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
2087 params
['osu_ssid'] = '"HS 2.0 OSU open"'
2088 params
['osu_method_list'] = "1"
2089 params
['osu_friendly_name'] = [ "eng:Test OSU", "fin:Testi-OSU" ]
2090 params
['osu_icon'] = "w1fi_logo"
2091 params
['osu_service_desc'] = [ "eng:Example services", "fin:Esimerkkipalveluja" ]
2092 params
['osu_server_uri'] = "https://example.com/osu/"
2093 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
2095 dev
[0].hs20_enable()
2096 dir = "/tmp/osu-fetch"
2097 if os
.path
.isdir(dir):
2098 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
2100 os
.remove(dir + "/" + f
)
2107 dev
[0].request("SET osu_dir " + dir)
2108 dev
[0].request("SCAN freq=2412-2462")
2109 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-STARTED"], timeout
=10)
2111 raise Exception("Scan did not start")
2112 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2113 raise Exception("FETCH_OSU accepted while scanning")
2114 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 10)
2116 raise Exception("Scan timed out")
2117 hapd
.set("ext_mgmt_frame_handling", "1")
2118 dev
[0].request("FETCH_ANQP")
2119 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2120 raise Exception("FETCH_OSU accepted while in FETCH_ANQP")
2121 dev
[0].request("STOP_FETCH_ANQP")
2122 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=5)
2123 dev
[0].dump_monitor()
2125 dev
[0].request("INTERWORKING_SELECT freq=2412")
2127 msg
= hapd
.mgmt_rx()
2128 if msg
['subtype'] == 13:
2130 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2131 raise Exception("FETCH_OSU accepted while in INTERWORKING_SELECT")
2132 ev
= dev
[0].wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
2135 raise Exception("Network selection timed out");
2137 dev
[0].dump_monitor()
2138 if "OK" not in dev
[0].request("FETCH_OSU"):
2139 raise Exception("FETCH_OSU failed")
2140 dev
[0].request("CANCEL_FETCH_OSU")
2144 if dev
[0].get_driver_status_field("scan_state") == "SCAN_COMPLETED":
2147 dev
[0].dump_monitor()
2148 if "OK" not in dev
[0].request("FETCH_OSU"):
2149 raise Exception("FETCH_OSU failed")
2150 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2151 raise Exception("FETCH_OSU accepted while in FETCH_OSU")
2152 ev
= dev
[0].wait_event(["GAS-QUERY-START"], 10)
2154 raise Exception("GAS timed out")
2155 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2156 raise Exception("FETCH_OSU accepted while in FETCH_OSU")
2157 dev
[0].request("CANCEL_FETCH_OSU")
2158 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], 10)
2160 raise Exception("GAS event timed out after CANCEL_FETCH_OSU")
2162 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
2164 os
.remove(dir + "/" + f
)
2167 def test_ap_hs20_ft(dev
, apdev
):
2168 """Hotspot 2.0 connection with FT"""
2169 bssid
= apdev
[0]['bssid']
2170 params
= hs20_ap_params()
2171 params
['wpa_key_mgmt'] = "FT-EAP"
2172 params
['nas_identifier'] = "nas1.w1.fi"
2173 params
['r1_key_holder'] = "000102030405"
2174 params
["mobility_domain"] = "a1b2"
2175 params
["reassociation_deadline"] = "1000"
2176 hostapd
.add_ap(apdev
[0]['ifname'], params
)
2178 dev
[0].hs20_enable()
2179 id = dev
[0].add_cred_values({ 'realm': "example.com",
2180 'username': "hs20-test",
2181 'password': "password",
2182 'ca_cert': "auth_serv/ca.pem",
2183 'domain': "example.com",
2184 'update_identifier': "1234" })
2185 interworking_select(dev
[0], bssid
, "home", freq
="2412")
2186 interworking_connect(dev
[0], bssid
, "TTLS")
2188 def test_ap_hs20_remediation_sql(dev
, apdev
, params
):
2189 """Hotspot 2.0 connection and remediation required using SQLite for user DB"""
2193 raise HwsimSkip("No sqlite3 module available")
2194 dbfile
= os
.path
.join(params
['logdir'], "eap-user.db")
2199 con
= sqlite3
.connect(dbfile
)
2202 cur
.execute("CREATE TABLE users(identity TEXT PRIMARY KEY, methods TEXT, password TEXT, remediation TEXT, phase2 INTEGER)")
2203 cur
.execute("CREATE TABLE wildcards(identity TEXT PRIMARY KEY, methods TEXT)")
2204 cur
.execute("INSERT INTO users(identity,methods,password,phase2,remediation) VALUES ('user-mschapv2','TTLS-MSCHAPV2','password',1,'user')")
2205 cur
.execute("INSERT INTO wildcards(identity,methods) VALUES ('','TTLS,TLS')")
2206 cur
.execute("CREATE TABLE authlog(timestamp TEXT, session TEXT, nas_ip TEXT, username TEXT, note TEXT)")
2209 params
= { "ssid": "as", "beacon_int": "2000",
2210 "radius_server_clients": "auth_serv/radius_clients.conf",
2211 "radius_server_auth_port": '18128',
2213 "eap_user_file": "sqlite:" + dbfile
,
2214 "ca_cert": "auth_serv/ca.pem",
2215 "server_cert": "auth_serv/server.pem",
2216 "private_key": "auth_serv/server.key",
2217 "subscr_remediation_url": "https://example.org/",
2218 "subscr_remediation_method": "1" }
2219 hostapd
.add_ap(apdev
[1]['ifname'], params
)
2221 bssid
= apdev
[0]['bssid']
2222 params
= hs20_ap_params()
2223 params
['auth_server_port'] = "18128"
2224 hostapd
.add_ap(apdev
[0]['ifname'], params
)
2226 dev
[0].request("SET pmf 1")
2227 dev
[0].hs20_enable()
2228 id = dev
[0].add_cred_values({ 'realm': "example.com",
2229 'username': "user-mschapv2",
2230 'password': "password",
2231 'ca_cert': "auth_serv/ca.pem" })
2232 interworking_select(dev
[0], bssid
, freq
="2412")
2233 interworking_connect(dev
[0], bssid
, "TTLS")
2234 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
2236 raise Exception("Timeout on subscription remediation notice")
2237 if " 1 https://example.org/" not in ev
:
2238 raise Exception("Unexpected subscription remediation event contents")
2242 cur
.execute("SELECT * from authlog")
2243 rows
= cur
.fetchall()
2245 raise Exception("No authlog entries")
2249 dev
[0].request("SET pmf 0")
2251 def test_ap_hs20_external_selection(dev
, apdev
):
2252 """Hotspot 2.0 connection using external network selection and creation"""
2253 bssid
= apdev
[0]['bssid']
2254 params
= hs20_ap_params()
2255 params
['hessid'] = bssid
2256 params
['disable_dgaf'] = '1'
2257 hostapd
.add_ap(apdev
[0]['ifname'], params
)
2259 dev
[0].hs20_enable()
2260 dev
[0].connect("test-hs20", proto
="RSN", key_mgmt
="WPA-EAP", eap
="TTLS",
2261 identity
="hs20-test", password
="password",
2262 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
2263 scan_freq
="2412", update_identifier
="54321")
2264 if dev
[0].get_status_field("hs20") != "2":
2265 raise Exception("Unexpected hs20 indication")
2267 def test_ap_hs20_random_mac_addr(dev
, apdev
):
2268 """Hotspot 2.0 connection with random MAC address"""
2269 bssid
= apdev
[0]['bssid']
2270 params
= hs20_ap_params()
2271 params
['hessid'] = bssid
2272 params
['disable_dgaf'] = '1'
2273 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
2275 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
2276 wpas
.interface_add("wlan5")
2277 addr
= wpas
.p2p_interface_addr()
2278 wpas
.request("SET mac_addr 1")
2279 wpas
.request("SET preassoc_mac_addr 1")
2280 wpas
.request("SET rand_addr_lifetime 60")
2282 wpas
.flush_scan_cache()
2283 id = wpas
.add_cred_values({ 'realm': "example.com",
2284 'username': "hs20-test",
2285 'password': "password",
2286 'ca_cert': "auth_serv/ca.pem",
2287 'domain': "example.com",
2288 'update_identifier': "1234" })
2289 interworking_select(wpas
, bssid
, "home", freq
="2412")
2290 interworking_connect(wpas
, bssid
, "TTLS")
2291 addr1
= wpas
.get_driver_status_field("addr")
2293 raise Exception("Did not use random MAC address")
2295 sta
= hapd
.get_sta(addr
)
2296 if sta
['addr'] != "FAIL":
2297 raise Exception("Unexpected STA association with permanent address")
2298 sta
= hapd
.get_sta(addr1
)
2299 if sta
['addr'] != addr1
:
2300 raise Exception("STA association with random address not found")
2302 def test_ap_hs20_multi_network_and_cred_removal(dev
, apdev
):
2303 """Multiple networks and cred removal"""
2304 bssid
= apdev
[0]['bssid']
2305 params
= hs20_ap_params()
2306 params
['nai_realm'] = [ "0,example.com,25[3:26]"]
2307 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
2309 dev
[0].add_network()
2310 dev
[0].hs20_enable()
2311 id = dev
[0].add_cred_values({ 'realm': "example.com",
2313 'password': "password" })
2314 interworking_select(dev
[0], bssid
, freq
="2412")
2315 interworking_connect(dev
[0], bssid
, "PEAP")
2316 dev
[0].add_network()
2318 dev
[0].request("DISCONNECT")
2319 dev
[0].wait_disconnected(timeout
=10)
2322 hapd
.set("ssid", "another ssid")
2325 interworking_select(dev
[0], bssid
, freq
="2412")
2326 interworking_connect(dev
[0], bssid
, "PEAP")
2327 dev
[0].add_network()
2328 if len(dev
[0].list_networks()) != 5:
2329 raise Exception("Unexpected number of networks prior to remove_crec")
2331 dev
[0].dump_monitor()
2332 dev
[0].remove_cred(id)
2333 if len(dev
[0].list_networks()) != 3:
2334 raise Exception("Unexpected number of networks after to remove_crec")
2335 dev
[0].wait_disconnected(timeout
=10)
2337 def _test_ap_hs20_proxyarp(dev
, apdev
):
2338 bssid
= apdev
[0]['bssid']
2339 params
= hs20_ap_params()
2340 params
['hessid'] = bssid
2341 params
['disable_dgaf'] = '0'
2342 params
['proxy_arp'] = '1'
2343 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
, no_enable
=True)
2344 if "OK" in hapd
.request("ENABLE"):
2345 raise Exception("Incomplete hostapd configuration was accepted")
2346 hapd
.set("ap_isolate", "1")
2347 if "OK" in hapd
.request("ENABLE"):
2348 raise Exception("Incomplete hostapd configuration was accepted")
2349 hapd
.set('bridge', 'ap-br0')
2354 # For now, do not report failures due to missing kernel support
2355 raise HwsimSkip("Could not start hostapd - assume proxyarp not supported in kernel version")
2356 ev
= hapd
.wait_event(["AP-ENABLED", "AP-DISABLED"], timeout
=10)
2358 raise Exception("AP startup timed out")
2359 if "AP-ENABLED" not in ev
:
2360 raise Exception("AP startup failed")
2362 dev
[0].hs20_enable()
2363 subprocess
.call(['brctl', 'setfd', 'ap-br0', '0'])
2364 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2366 id = dev
[0].add_cred_values({ 'realm': "example.com",
2367 'username': "hs20-test",
2368 'password': "password",
2369 'ca_cert': "auth_serv/ca.pem",
2370 'domain': "example.com",
2371 'update_identifier': "1234" })
2372 interworking_select(dev
[0], bssid
, "home", freq
="2412")
2373 interworking_connect(dev
[0], bssid
, "TTLS")
2375 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
2376 identity
="hs20-test", password
="password",
2377 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
2381 addr0
= dev
[0].p2p_interface_addr()
2382 addr1
= dev
[1].p2p_interface_addr()
2384 src_ll_opt0
= "\x01\x01" + binascii
.unhexlify(addr0
.replace(':',''))
2385 src_ll_opt1
= "\x01\x01" + binascii
.unhexlify(addr1
.replace(':',''))
2387 pkt
= build_ns(src_ll
=addr0
, ip_src
="aaaa:bbbb:cccc::2",
2388 ip_dst
="ff02::1:ff00:2", target
="aaaa:bbbb:cccc::2",
2390 if "OK" not in dev
[0].request("DATA_TEST_FRAME " + binascii
.hexlify(pkt
)):
2391 raise Exception("DATA_TEST_FRAME failed")
2393 pkt
= build_ns(src_ll
=addr1
, ip_src
="aaaa:bbbb:dddd::2",
2394 ip_dst
="ff02::1:ff00:2", target
="aaaa:bbbb:dddd::2",
2396 if "OK" not in dev
[1].request("DATA_TEST_FRAME " + binascii
.hexlify(pkt
)):
2397 raise Exception("DATA_TEST_FRAME failed")
2399 pkt
= build_ns(src_ll
=addr1
, ip_src
="aaaa:bbbb:eeee::2",
2400 ip_dst
="ff02::1:ff00:2", target
="aaaa:bbbb:eeee::2",
2402 if "OK" not in dev
[1].request("DATA_TEST_FRAME " + binascii
.hexlify(pkt
)):
2403 raise Exception("DATA_TEST_FRAME failed")
2405 matches
= get_permanent_neighbors("ap-br0")
2406 logger
.info("After connect: " + str(matches
))
2407 if len(matches
) != 3:
2408 raise Exception("Unexpected number of neighbor entries after connect")
2409 if 'aaaa:bbbb:cccc::2 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2410 raise Exception("dev0 addr missing")
2411 if 'aaaa:bbbb:dddd::2 dev ap-br0 lladdr 02:00:00:00:01:00 PERMANENT' not in matches
:
2412 raise Exception("dev1 addr(1) missing")
2413 if 'aaaa:bbbb:eeee::2 dev ap-br0 lladdr 02:00:00:00:01:00 PERMANENT' not in matches
:
2414 raise Exception("dev1 addr(2) missing")
2415 dev
[0].request("DISCONNECT")
2416 dev
[1].request("DISCONNECT")
2418 matches
= get_permanent_neighbors("ap-br0")
2419 logger
.info("After disconnect: " + str(matches
))
2420 if len(matches
) > 0:
2421 raise Exception("Unexpected neighbor entries after disconnect")
2423 def test_ap_hs20_proxyarp(dev
, apdev
):
2424 """Hotspot 2.0 and ProxyARP"""
2426 _test_ap_hs20_proxyarp(dev
, apdev
)
2428 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2429 stderr
=open('/dev/null', 'w'))
2430 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
2431 stderr
=open('/dev/null', 'w'))
2433 def _test_ap_hs20_proxyarp_dgaf(dev
, apdev
, disabled
):
2434 bssid
= apdev
[0]['bssid']
2435 params
= hs20_ap_params()
2436 params
['hessid'] = bssid
2437 params
['disable_dgaf'] = '1' if disabled
else '0'
2438 params
['proxy_arp'] = '1'
2439 params
['ap_isolate'] = '1'
2440 params
['bridge'] = 'ap-br0'
2441 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
, no_enable
=True)
2445 # For now, do not report failures due to missing kernel support
2446 raise HwsimSkip("Could not start hostapd - assume proxyarp not supported in kernel version")
2447 ev
= hapd
.wait_event(["AP-ENABLED"], timeout
=10)
2449 raise Exception("AP startup timed out")
2451 dev
[0].hs20_enable()
2452 subprocess
.call(['brctl', 'setfd', 'ap-br0', '0'])
2453 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2455 id = dev
[0].add_cred_values({ 'realm': "example.com",
2456 'username': "hs20-test",
2457 'password': "password",
2458 'ca_cert': "auth_serv/ca.pem",
2459 'domain': "example.com",
2460 'update_identifier': "1234" })
2461 interworking_select(dev
[0], bssid
, "home", freq
="2412")
2462 interworking_connect(dev
[0], bssid
, "TTLS")
2464 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
2465 identity
="hs20-test", password
="password",
2466 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
2470 addr0
= dev
[0].p2p_interface_addr()
2472 src_ll_opt0
= "\x01\x01" + binascii
.unhexlify(addr0
.replace(':',''))
2474 pkt
= build_ns(src_ll
=addr0
, ip_src
="aaaa:bbbb:cccc::2",
2475 ip_dst
="ff02::1:ff00:2", target
="aaaa:bbbb:cccc::2",
2477 if "OK" not in dev
[0].request("DATA_TEST_FRAME " + binascii
.hexlify(pkt
)):
2478 raise Exception("DATA_TEST_FRAME failed")
2480 pkt
= build_ra(src_ll
=apdev
[0]['bssid'], ip_src
="aaaa:bbbb:cccc::33",
2482 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2483 raise Exception("DATA_TEST_FRAME failed")
2485 pkt
= build_na(src_ll
=apdev
[0]['bssid'], ip_src
="aaaa:bbbb:cccc::44",
2486 ip_dst
="ff01::1", target
="aaaa:bbbb:cccc::55")
2487 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2488 raise Exception("DATA_TEST_FRAME failed")
2490 pkt
= build_dhcp_ack(dst_ll
="ff:ff:ff:ff:ff:ff", src_ll
=bssid
,
2491 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2492 yiaddr
="192.168.1.123", chaddr
=addr0
)
2493 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2494 raise Exception("DATA_TEST_FRAME failed")
2495 # another copy for additional code coverage
2496 pkt
= build_dhcp_ack(dst_ll
=addr0
, src_ll
=bssid
,
2497 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2498 yiaddr
="192.168.1.123", chaddr
=addr0
)
2499 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2500 raise Exception("DATA_TEST_FRAME failed")
2502 matches
= get_permanent_neighbors("ap-br0")
2503 logger
.info("After connect: " + str(matches
))
2504 if len(matches
) != 2:
2505 raise Exception("Unexpected number of neighbor entries after connect")
2506 if 'aaaa:bbbb:cccc::2 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2507 raise Exception("dev0 addr missing")
2508 if '192.168.1.123 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2509 raise Exception("dev0 IPv4 addr missing")
2510 dev
[0].request("DISCONNECT")
2511 dev
[1].request("DISCONNECT")
2513 matches
= get_permanent_neighbors("ap-br0")
2514 logger
.info("After disconnect: " + str(matches
))
2515 if len(matches
) > 0:
2516 raise Exception("Unexpected neighbor entries after disconnect")
2518 def test_ap_hs20_proxyarp_disable_dgaf(dev
, apdev
):
2519 """Hotspot 2.0 and ProxyARP with DGAF disabled"""
2521 _test_ap_hs20_proxyarp_dgaf(dev
, apdev
, True)
2523 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2524 stderr
=open('/dev/null', 'w'))
2525 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
2526 stderr
=open('/dev/null', 'w'))
2528 def test_ap_hs20_proxyarp_enable_dgaf(dev
, apdev
):
2529 """Hotspot 2.0 and ProxyARP with DGAF enabled"""
2531 _test_ap_hs20_proxyarp_dgaf(dev
, apdev
, False)
2533 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2534 stderr
=open('/dev/null', 'w'))
2535 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
2536 stderr
=open('/dev/null', 'w'))
2538 def ip_checksum(buf
):
2542 for i
in range(0, len(buf
), 2):
2543 val
, = struct
.unpack('H', buf
[i
:i
+2])
2546 sum = (sum & 0xffff) + (sum >> 16)
2547 return struct
.pack('H', ~
sum & 0xffff)
2549 def ipv6_solicited_node_mcaddr(target
):
2550 prefix
= socket
.inet_pton(socket
.AF_INET6
, "ff02::1:ff00:0")
2551 mask
= socket
.inet_pton(socket
.AF_INET6
, "::ff:ffff")
2552 _target
= socket
.inet_pton(socket
.AF_INET6
, target
)
2553 p
= struct
.unpack('4I', prefix
)
2554 m
= struct
.unpack('4I', mask
)
2555 t
= struct
.unpack('4I', _target
)
2556 res
= (p
[0] |
(t
[0] & m
[0]),
2557 p
[1] |
(t
[1] & m
[1]),
2558 p
[2] |
(t
[2] & m
[2]),
2559 p
[3] |
(t
[3] & m
[3]))
2560 return socket
.inet_ntop(socket
.AF_INET6
, struct
.pack('4I', *res
))
2562 def build_icmpv6(ipv6_addrs
, type, code
, payload
):
2563 start
= struct
.pack("BB", type, code
)
2565 icmp
= start
+ '\x00\x00' + end
2566 pseudo
= ipv6_addrs
+ struct
.pack(">LBBBB", len(icmp
), 0, 0, 0, 58)
2567 csum
= ip_checksum(pseudo
+ icmp
)
2568 return start
+ csum
+ end
2570 def build_ra(src_ll
, ip_src
, ip_dst
, cur_hop_limit
=0, router_lifetime
=0,
2571 reachable_time
=0, retrans_timer
=0, opt
=None):
2572 link_mc
= binascii
.unhexlify("3333ff000002")
2573 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2575 ehdr
= link_mc
+ _src_ll
+ proto
2576 _ip_src
= socket
.inet_pton(socket
.AF_INET6
, ip_src
)
2577 _ip_dst
= socket
.inet_pton(socket
.AF_INET6
, ip_dst
)
2579 adv
= struct
.pack('>BBHLL', cur_hop_limit
, 0, router_lifetime
,
2580 reachable_time
, retrans_timer
)
2585 icmp
= build_icmpv6(_ip_src
+ _ip_dst
, 134, 0, payload
)
2587 ipv6
= struct
.pack('>BBBBHBB', 0x60, 0, 0, 0, len(icmp
), 58, 255)
2588 ipv6
+= _ip_src
+ _ip_dst
2590 return ehdr
+ ipv6
+ icmp
2592 def build_ns(src_ll
, ip_src
, ip_dst
, target
, opt
=None):
2593 link_mc
= binascii
.unhexlify("3333ff000002")
2594 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2596 ehdr
= link_mc
+ _src_ll
+ proto
2597 _ip_src
= socket
.inet_pton(socket
.AF_INET6
, ip_src
)
2599 ip_dst
= ipv6_solicited_node_mcaddr(target
)
2600 _ip_dst
= socket
.inet_pton(socket
.AF_INET6
, ip_dst
)
2602 reserved
= '\x00\x00\x00\x00'
2603 _target
= socket
.inet_pton(socket
.AF_INET6
, target
)
2605 payload
= reserved
+ _target
+ opt
2607 payload
= reserved
+ _target
2608 icmp
= build_icmpv6(_ip_src
+ _ip_dst
, 135, 0, payload
)
2610 ipv6
= struct
.pack('>BBBBHBB', 0x60, 0, 0, 0, len(icmp
), 58, 255)
2611 ipv6
+= _ip_src
+ _ip_dst
2613 return ehdr
+ ipv6
+ icmp
2615 def send_ns(dev
, src_ll
=None, target
=None, ip_src
=None, ip_dst
=None, opt
=None,
2620 cmd
= "DATA_TEST_FRAME ifname=ap-br0 "
2623 src_ll
= dev
.p2p_interface_addr()
2624 cmd
= "DATA_TEST_FRAME "
2627 opt
= "\x01\x01" + binascii
.unhexlify(src_ll
.replace(':',''))
2629 pkt
= build_ns(src_ll
=src_ll
, ip_src
=ip_src
, ip_dst
=ip_dst
, target
=target
,
2631 if "OK" not in dev
.request(cmd
+ binascii
.hexlify(pkt
)):
2632 raise Exception("DATA_TEST_FRAME failed")
2634 def build_na(src_ll
, ip_src
, ip_dst
, target
, opt
=None):
2635 link_mc
= binascii
.unhexlify("3333ff000002")
2636 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2638 ehdr
= link_mc
+ _src_ll
+ proto
2639 _ip_src
= socket
.inet_pton(socket
.AF_INET6
, ip_src
)
2640 _ip_dst
= socket
.inet_pton(socket
.AF_INET6
, ip_dst
)
2642 reserved
= '\x00\x00\x00\x00'
2643 _target
= socket
.inet_pton(socket
.AF_INET6
, target
)
2645 payload
= reserved
+ _target
+ opt
2647 payload
= reserved
+ _target
2648 icmp
= build_icmpv6(_ip_src
+ _ip_dst
, 136, 0, payload
)
2650 ipv6
= struct
.pack('>BBBBHBB', 0x60, 0, 0, 0, len(icmp
), 58, 255)
2651 ipv6
+= _ip_src
+ _ip_dst
2653 return ehdr
+ ipv6
+ icmp
2655 def send_na(dev
, src_ll
=None, target
=None, ip_src
=None, ip_dst
=None, opt
=None,
2660 cmd
= "DATA_TEST_FRAME ifname=ap-br0 "
2663 src_ll
= dev
.p2p_interface_addr()
2664 cmd
= "DATA_TEST_FRAME "
2666 pkt
= build_na(src_ll
=src_ll
, ip_src
=ip_src
, ip_dst
=ip_dst
, target
=target
,
2668 if "OK" not in dev
.request(cmd
+ binascii
.hexlify(pkt
)):
2669 raise Exception("DATA_TEST_FRAME failed")
2671 def build_dhcp_ack(dst_ll
, src_ll
, ip_src
, ip_dst
, yiaddr
, chaddr
,
2672 subnet_mask
="255.255.255.0", truncated_opt
=False,
2673 wrong_magic
=False, force_tot_len
=None, no_dhcp
=False):
2674 _dst_ll
= binascii
.unhexlify(dst_ll
.replace(':',''))
2675 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2677 ehdr
= _dst_ll
+ _src_ll
+ proto
2678 _ip_src
= socket
.inet_pton(socket
.AF_INET
, ip_src
)
2679 _ip_dst
= socket
.inet_pton(socket
.AF_INET
, ip_dst
)
2680 _subnet_mask
= socket
.inet_pton(socket
.AF_INET
, subnet_mask
)
2682 _ciaddr
= '\x00\x00\x00\x00'
2683 _yiaddr
= socket
.inet_pton(socket
.AF_INET
, yiaddr
)
2684 _siaddr
= '\x00\x00\x00\x00'
2685 _giaddr
= '\x00\x00\x00\x00'
2686 _chaddr
= binascii
.unhexlify(chaddr
.replace(':','') + "00000000000000000000")
2687 payload
= struct
.pack('>BBBBL3BB', 2, 1, 6, 0, 12345, 0, 0, 0, 0)
2688 payload
+= _ciaddr
+ _yiaddr
+ _siaddr
+ _giaddr
+ _chaddr
+ 192*'\x00'
2691 payload
+= '\x63\x82\x53\x00'
2693 payload
+= '\x63\x82\x53\x63'
2695 payload
+= '\x22\xff\x00'
2696 # Option: DHCP Message Type = ACK
2697 payload
+= '\x35\x01\x05'
2700 # Option: Subnet Mask
2701 payload
+= '\x01\x04' + _subnet_mask
2702 # Option: Time Offset
2703 payload
+= struct
.pack('>BBL', 2, 4, 0)
2707 payload
+= '\x00\x00\x00\x00'
2710 payload
= struct
.pack('>BBBBL3BB', 2, 1, 6, 0, 12345, 0, 0, 0, 0)
2711 payload
+= _ciaddr
+ _yiaddr
+ _siaddr
+ _giaddr
+ _chaddr
+ 192*'\x00'
2713 udp
= struct
.pack('>HHHH', 67, 68, 8 + len(payload
), 0) + payload
2716 tot_len
= force_tot_len
2718 tot_len
= 20 + len(udp
)
2719 start
= struct
.pack('>BBHHBBBB', 0x45, 0, tot_len
, 0, 0, 0, 128, 17)
2720 ipv4
= start
+ '\x00\x00' + _ip_src
+ _ip_dst
2721 csum
= ip_checksum(ipv4
)
2722 ipv4
= start
+ csum
+ _ip_src
+ _ip_dst
2724 return ehdr
+ ipv4
+ udp
2726 def build_arp(dst_ll
, src_ll
, opcode
, sender_mac
, sender_ip
,
2727 target_mac
, target_ip
):
2728 _dst_ll
= binascii
.unhexlify(dst_ll
.replace(':',''))
2729 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2731 ehdr
= _dst_ll
+ _src_ll
+ proto
2733 _sender_mac
= binascii
.unhexlify(sender_mac
.replace(':',''))
2734 _sender_ip
= socket
.inet_pton(socket
.AF_INET
, sender_ip
)
2735 _target_mac
= binascii
.unhexlify(target_mac
.replace(':',''))
2736 _target_ip
= socket
.inet_pton(socket
.AF_INET
, target_ip
)
2738 arp
= struct
.pack('>HHBBH', 1, 0x0800, 6, 4, opcode
)
2739 arp
+= _sender_mac
+ _sender_ip
2740 arp
+= _target_mac
+ _target_ip
2744 def send_arp(dev
, dst_ll
="ff:ff:ff:ff:ff:ff", src_ll
=None, opcode
=1,
2745 sender_mac
=None, sender_ip
="0.0.0.0",
2746 target_mac
="00:00:00:00:00:00", target_ip
="0.0.0.0",
2751 if sender_mac
is None:
2752 sender_mac
= hapd_bssid
2753 cmd
= "DATA_TEST_FRAME ifname=ap-br0 "
2756 src_ll
= dev
.p2p_interface_addr()
2757 if sender_mac
is None:
2758 sender_mac
= dev
.p2p_interface_addr()
2759 cmd
= "DATA_TEST_FRAME "
2761 pkt
= build_arp(dst_ll
=dst_ll
, src_ll
=src_ll
, opcode
=opcode
,
2762 sender_mac
=sender_mac
, sender_ip
=sender_ip
,
2763 target_mac
=target_mac
, target_ip
=target_ip
)
2764 if "OK" not in dev
.request(cmd
+ binascii
.hexlify(pkt
)):
2765 raise Exception("DATA_TEST_FRAME failed")
2767 def get_permanent_neighbors(ifname
):
2768 cmd
= subprocess
.Popen(['ip', 'nei'], stdout
=subprocess
.PIPE
)
2769 res
= cmd
.stdout
.read()
2771 return [ line
for line
in res
.splitlines() if "PERMANENT" in line
and ifname
in line
]
2773 def _test_proxyarp_open(dev
, apdev
, params
):
2774 cap_br
= os
.path
.join(params
['logdir'], "proxyarp_open.ap-br0.pcap")
2775 cap_dev0
= os
.path
.join(params
['logdir'], "proxyarp_open.%s.pcap" % dev
[0].ifname
)
2776 cap_dev1
= os
.path
.join(params
['logdir'], "proxyarp_open.%s.pcap" % dev
[1].ifname
)
2778 bssid
= apdev
[0]['bssid']
2779 params
= { 'ssid': 'open' }
2780 params
['proxy_arp'] = '1'
2781 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
, no_enable
=True)
2782 hapd
.set("ap_isolate", "1")
2783 hapd
.set('bridge', 'ap-br0')
2788 # For now, do not report failures due to missing kernel support
2789 raise HwsimSkip("Could not start hostapd - assume proxyarp not supported in kernel version")
2790 ev
= hapd
.wait_event(["AP-ENABLED", "AP-DISABLED"], timeout
=10)
2792 raise Exception("AP startup timed out")
2793 if "AP-ENABLED" not in ev
:
2794 raise Exception("AP startup failed")
2796 subprocess
.call(['brctl', 'setfd', 'ap-br0', '0'])
2797 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2799 for chain
in [ 'FORWARD', 'OUTPUT' ]:
2800 subprocess
.call(['ebtables', '-A', chain
, '-p', 'ARP',
2801 '-d', 'Broadcast', '-o', apdev
[0]['ifname'],
2803 subprocess
.call(['ebtables', '-A', chain
, '-d', 'Multicast',
2804 '-p', 'IPv6', '--ip6-protocol', 'ipv6-icmp',
2805 '--ip6-icmp-type', 'neighbor-solicitation',
2806 '-o', apdev
[0]['ifname'], '-j', 'DROP'])
2807 subprocess
.call(['ebtables', '-A', chain
, '-d', 'Multicast',
2808 '-p', 'IPv6', '--ip6-protocol', 'ipv6-icmp',
2809 '--ip6-icmp-type', 'neighbor-advertisement',
2810 '-o', apdev
[0]['ifname'], '-j', 'DROP'])
2811 subprocess
.call(['ebtables', '-A', chain
,
2812 '-p', 'IPv6', '--ip6-protocol', 'ipv6-icmp',
2813 '--ip6-icmp-type', 'router-solicitation',
2814 '-o', apdev
[0]['ifname'], '-j', 'DROP'])
2815 # Multicast Listener Report Message
2816 subprocess
.call(['ebtables', '-A', chain
, '-d', 'Multicast',
2817 '-p', 'IPv6', '--ip6-protocol', 'ipv6-icmp',
2818 '--ip6-icmp-type', '143',
2819 '-o', apdev
[0]['ifname'], '-j', 'DROP'])
2822 cmd
[0] = subprocess
.Popen(['tcpdump', '-p', '-U', '-i', 'ap-br0',
2823 '-w', cap_br
, '-s', '2000'],
2824 stderr
=open('/dev/null', 'w'))
2825 cmd
[1] = subprocess
.Popen(['tcpdump', '-p', '-U', '-i', dev
[0].ifname
,
2826 '-w', cap_dev0
, '-s', '2000'],
2827 stderr
=open('/dev/null', 'w'))
2828 cmd
[2] = subprocess
.Popen(['tcpdump', '-p', '-U', '-i', dev
[1].ifname
,
2829 '-w', cap_dev1
, '-s', '2000'],
2830 stderr
=open('/dev/null', 'w'))
2832 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
2833 dev
[1].connect("open", key_mgmt
="NONE", scan_freq
="2412")
2836 addr0
= dev
[0].p2p_interface_addr()
2837 addr1
= dev
[1].p2p_interface_addr()
2839 src_ll_opt0
= "\x01\x01" + binascii
.unhexlify(addr0
.replace(':',''))
2840 src_ll_opt1
= "\x01\x01" + binascii
.unhexlify(addr1
.replace(':',''))
2843 send_ns(dev
[0], ip_src
="::", target
="aaaa:bbbb:cccc::2")
2845 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2")
2846 # test frame without source link-layer address option
2847 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2",
2849 # test frame with bogus option
2850 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2",
2851 opt
="\x70\x01\x01\x02\x03\x04\x05\x05")
2852 # test frame with truncated source link-layer address option
2853 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2",
2854 opt
="\x01\x01\x01\x02\x03\x04")
2855 # test frame with foreign source link-layer address option
2856 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2",
2857 opt
="\x01\x01\x01\x02\x03\x04\x05\x06")
2859 send_ns(dev
[1], ip_src
="aaaa:bbbb:dddd::2", target
="aaaa:bbbb:dddd::2")
2861 send_ns(dev
[1], ip_src
="aaaa:bbbb:eeee::2", target
="aaaa:bbbb:eeee::2")
2862 # another copy for additional code coverage
2863 send_ns(dev
[1], ip_src
="aaaa:bbbb:eeee::2", target
="aaaa:bbbb:eeee::2")
2865 pkt
= build_dhcp_ack(dst_ll
="ff:ff:ff:ff:ff:ff", src_ll
=bssid
,
2866 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2867 yiaddr
="192.168.1.124", chaddr
=addr0
)
2868 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2869 raise Exception("DATA_TEST_FRAME failed")
2870 # Change address and verify unicast
2871 pkt
= build_dhcp_ack(dst_ll
=addr0
, src_ll
=bssid
,
2872 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2873 yiaddr
="192.168.1.123", chaddr
=addr0
)
2874 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2875 raise Exception("DATA_TEST_FRAME failed")
2877 # Not-associated client MAC address
2878 pkt
= build_dhcp_ack(dst_ll
="ff:ff:ff:ff:ff:ff", src_ll
=bssid
,
2879 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2880 yiaddr
="192.168.1.125", chaddr
="22:33:44:55:66:77")
2881 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2882 raise Exception("DATA_TEST_FRAME failed")
2885 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2886 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2887 yiaddr
="0.0.0.0", chaddr
=addr1
)
2888 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2889 raise Exception("DATA_TEST_FRAME failed")
2892 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2893 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2894 yiaddr
="192.168.1.126", chaddr
=addr1
,
2895 subnet_mask
="0.0.0.0")
2896 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2897 raise Exception("DATA_TEST_FRAME failed")
2900 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2901 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2902 yiaddr
="192.168.1.127", chaddr
=addr1
,
2904 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2905 raise Exception("DATA_TEST_FRAME failed")
2908 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2909 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2910 yiaddr
="192.168.1.128", chaddr
=addr1
,
2912 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2913 raise Exception("DATA_TEST_FRAME failed")
2915 # Wrong IPv4 total length
2916 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2917 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2918 yiaddr
="192.168.1.129", chaddr
=addr1
,
2920 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2921 raise Exception("DATA_TEST_FRAME failed")
2924 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2925 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2926 yiaddr
="192.168.1.129", chaddr
=addr1
,
2928 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2929 raise Exception("DATA_TEST_FRAME failed")
2931 matches
= get_permanent_neighbors("ap-br0")
2932 logger
.info("After connect: " + str(matches
))
2933 if len(matches
) != 4:
2934 raise Exception("Unexpected number of neighbor entries after connect")
2935 if 'aaaa:bbbb:cccc::2 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2936 raise Exception("dev0 addr missing")
2937 if 'aaaa:bbbb:dddd::2 dev ap-br0 lladdr 02:00:00:00:01:00 PERMANENT' not in matches
:
2938 raise Exception("dev1 addr(1) missing")
2939 if 'aaaa:bbbb:eeee::2 dev ap-br0 lladdr 02:00:00:00:01:00 PERMANENT' not in matches
:
2940 raise Exception("dev1 addr(2) missing")
2941 if '192.168.1.123 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2942 raise Exception("dev0 IPv4 addr missing")
2944 targets
= [ "192.168.1.123", "192.168.1.124", "192.168.1.125",
2946 for target
in targets
:
2947 send_arp(dev
[1], sender_ip
="192.168.1.100", target_ip
=target
)
2949 for target
in targets
:
2950 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.101",
2953 # ARP Probe from wireless STA
2954 send_arp(dev
[1], target_ip
="192.168.1.127")
2955 # ARP Announcement from wireless STA
2956 send_arp(dev
[1], sender_ip
="192.168.1.127", target_ip
="192.168.1.127")
2957 send_arp(dev
[1], sender_ip
="192.168.1.127", target_ip
="192.168.1.127",
2960 matches
= get_permanent_neighbors("ap-br0")
2961 logger
.info("After ARP Probe + Announcement: " + str(matches
))
2963 # ARP Request for the newly introduced IP address from wireless STA
2964 send_arp(dev
[0], sender_ip
="192.168.1.123", target_ip
="192.168.1.127")
2966 # ARP Request for the newly introduced IP address from bridge
2967 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.102",
2968 target_ip
="192.168.1.127")
2970 # ARP Probe from bridge
2971 send_arp(hapd
, hapd_bssid
=bssid
, target_ip
="192.168.1.130")
2972 # ARP Announcement from bridge (not to be learned by AP for proxyarp)
2973 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.130",
2974 target_ip
="192.168.1.130")
2975 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.130",
2976 target_ip
="192.168.1.130", opcode
=2)
2978 matches
= get_permanent_neighbors("ap-br0")
2979 logger
.info("After ARP Probe + Announcement: " + str(matches
))
2981 # ARP Request for the newly introduced IP address from wireless STA
2982 send_arp(dev
[0], sender_ip
="192.168.1.123", target_ip
="192.168.1.130")
2983 # ARP Response from bridge (AP does not proxy for non-wireless devices)
2984 send_arp(hapd
, hapd_bssid
=bssid
, dst_ll
=addr0
, sender_ip
="192.168.1.130",
2985 target_ip
="192.168.1.123", opcode
=2)
2987 # ARP Request for the newly introduced IP address from bridge
2988 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.102",
2989 target_ip
="192.168.1.130")
2991 # ARP Probe from wireless STA (duplicate address; learned through DHCP)
2992 send_arp(dev
[1], target_ip
="192.168.1.123")
2993 # ARP Probe from wireless STA (duplicate address; learned through ARP)
2994 send_arp(dev
[0], target_ip
="192.168.1.127")
2996 # Gratuitous ARP Reply for another STA's IP address
2997 send_arp(dev
[0], opcode
=2, sender_mac
=addr0
, sender_ip
="192.168.1.127",
2998 target_mac
=addr1
, target_ip
="192.168.1.127")
2999 send_arp(dev
[1], opcode
=2, sender_mac
=addr1
, sender_ip
="192.168.1.123",
3000 target_mac
=addr0
, target_ip
="192.168.1.123")
3001 # ARP Request to verify previous mapping
3002 send_arp(dev
[1], sender_ip
="192.168.1.127", target_ip
="192.168.1.123")
3003 send_arp(dev
[0], sender_ip
="192.168.1.123", target_ip
="192.168.1.127")
3007 send_ns(dev
[0], target
="aaaa:bbbb:dddd::2", ip_src
="aaaa:bbbb:cccc::2")
3009 send_ns(dev
[1], target
="aaaa:bbbb:cccc::2", ip_src
="aaaa:bbbb:dddd::2")
3011 send_ns(hapd
, hapd_bssid
=bssid
, target
="aaaa:bbbb:dddd::2",
3012 ip_src
="aaaa:bbbb:ffff::2")
3015 # Try to probe for an already assigned address
3016 send_ns(dev
[1], target
="aaaa:bbbb:cccc::2", ip_src
="::")
3018 send_ns(hapd
, hapd_bssid
=bssid
, target
="aaaa:bbbb:cccc::2", ip_src
="::")
3022 send_na(dev
[1], target
="aaaa:bbbb:cccc:aeae::3",
3023 ip_src
="aaaa:bbbb:cccc:aeae::3", ip_dst
="ff02::1")
3024 send_na(hapd
, hapd_bssid
=bssid
, target
="aaaa:bbbb:cccc:aeae::4",
3025 ip_src
="aaaa:bbbb:cccc:aeae::4", ip_dst
="ff02::1")
3027 hwsim_utils
.test_connectivity_iface(dev
[0], hapd
, "ap-br0")
3028 hwsim_utils
.test_connectivity_iface(dev
[1], hapd
, "ap-br0")
3029 hwsim_utils
.test_connectivity(dev
[0], dev
[1])
3031 dev
[0].request("DISCONNECT")
3032 dev
[1].request("DISCONNECT")
3036 matches
= get_permanent_neighbors("ap-br0")
3037 logger
.info("After disconnect: " + str(matches
))
3038 if len(matches
) > 0:
3039 raise Exception("Unexpected neighbor entries after disconnect")
3040 cmd
= subprocess
.Popen(['ebtables', '-L', '--Lc'], stdout
=subprocess
.PIPE
)
3041 res
= cmd
.stdout
.read()
3043 logger
.info("ebtables results:\n" + res
)
3045 def test_proxyarp_open(dev
, apdev
, params
):
3046 """ProxyARP with open network"""
3048 _test_proxyarp_open(dev
, apdev
, params
)
3051 subprocess
.call(['ebtables', '-F', 'FORWARD'])
3052 subprocess
.call(['ebtables', '-F', 'OUTPUT'])
3055 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
3056 stderr
=open('/dev/null', 'w'))
3057 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
3058 stderr
=open('/dev/null', 'w'))