]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_hs20.py
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
10 logger
= logging
.getLogger()
16 from wlantest
import Wlantest
17 from wpasupplicant
import WpaSupplicant
19 def hs20_ap_params(ssid
="test-hs20"):
20 params
= hostapd
.wpa2_params(ssid
=ssid
)
21 params
['wpa_key_mgmt'] = "WPA-EAP"
22 params
['ieee80211w'] = "1"
23 params
['ieee8021x'] = "1"
24 params
['auth_server_addr'] = "127.0.0.1"
25 params
['auth_server_port'] = "1812"
26 params
['auth_server_shared_secret'] = "radius"
27 params
['interworking'] = "1"
28 params
['access_network_type'] = "14"
29 params
['internet'] = "1"
33 params
['venue_group'] = "7"
34 params
['venue_type'] = "1"
35 params
['venue_name'] = [ "eng:Example venue", "fin:Esimerkkipaikka" ]
36 params
['roaming_consortium'] = [ "112233", "1020304050", "010203040506",
38 params
['domain_name'] = "example.com,another.example.com"
39 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
40 "0,another.example.com" ]
42 params
['hs20_wan_metrics'] = "01:8000:1000:80:240:3000"
43 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0" ]
44 params
['hs20_operating_class'] = "5173"
45 params
['anqp_3gpp_cell_net'] = "244,91"
48 def check_auto_select(dev
, bssid
):
49 dev
.request("INTERWORKING_SELECT auto freq=2412")
50 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
52 raise Exception("Connection timed out")
54 raise Exception("Connected to incorrect network")
55 dev
.request("REMOVE_NETWORK all")
57 def interworking_select(dev
, bssid
, type=None, no_match
=False, freq
=None):
59 freq_extra
= " freq=" + freq
if freq
else ""
60 dev
.request("INTERWORKING_SELECT" + freq_extra
)
61 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
64 raise Exception("Network selection timed out");
66 if "INTERWORKING-NO-MATCH" not in ev
:
67 raise Exception("Unexpected network match")
69 if "INTERWORKING-NO-MATCH" in ev
:
70 raise Exception("Matching network not found")
71 if bssid
and bssid
not in ev
:
72 raise Exception("Unexpected BSSID in match")
73 if type and "type=" + type not in ev
:
74 raise Exception("Network type not recognized correctly")
76 def check_sp_type(dev
, sp_type
):
77 type = dev
.get_status_field("sp_type")
79 raise Exception("sp_type not available")
81 raise Exception("sp_type did not indicate home network")
83 def hlr_auc_gw_available():
84 if not os
.path
.exists("/tmp/hlr_auc_gw.sock"):
85 logger
.info("No hlr_auc_gw available");
87 if not os
.path
.exists("../../hostapd/hlr_auc_gw"):
88 logger
.info("No hlr_auc_gw available");
92 def interworking_ext_sim_connect(dev
, bssid
, method
):
93 dev
.request("INTERWORKING_CONNECT " + bssid
)
94 interworking_ext_sim_auth(dev
, method
)
96 def interworking_ext_sim_auth(dev
, method
):
97 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
99 raise Exception("Network connected timed out")
100 if "(" + method
+ ")" not in ev
:
101 raise Exception("Unexpected EAP method selection")
103 ev
= dev
.wait_event(["CTRL-REQ-SIM"], timeout
=15)
105 raise Exception("Wait for external SIM processing request timed out")
107 if p
[1] != "GSM-AUTH":
108 raise Exception("Unexpected CTRL-REQ-SIM type")
109 id = p
[0].split('-')[3]
110 rand
= p
[2].split(' ')[0]
112 res
= subprocess
.check_output(["../../hostapd/hlr_auc_gw",
114 "auth_serv/hlr_auc_gw.milenage_db",
115 "GSM-AUTH-REQ 232010000000000 " + rand
])
116 if "GSM-AUTH-RESP" not in res
:
117 raise Exception("Unexpected hlr_auc_gw response")
118 resp
= res
.split(' ')[2].rstrip()
120 dev
.request("CTRL-RSP-SIM-" + id + ":GSM-AUTH:" + resp
)
121 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
123 raise Exception("Connection timed out")
125 def interworking_connect(dev
, bssid
, method
):
126 dev
.request("INTERWORKING_CONNECT " + bssid
)
127 interworking_auth(dev
, method
)
129 def interworking_auth(dev
, method
):
130 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
132 raise Exception("Network connected timed out")
133 if "(" + method
+ ")" not in ev
:
134 raise Exception("Unexpected EAP method selection")
136 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
138 raise Exception("Connection timed out")
140 def check_probe_resp(wt
, bssid_unexpected
, bssid_expected
):
142 count
= wt
.get_bss_counter("probe_response", bssid_unexpected
)
144 raise Exception("Unexpected Probe Response frame from AP")
147 count
= wt
.get_bss_counter("probe_response", bssid_expected
)
149 raise Exception("No Probe Response frame from AP")
151 def test_ap_anqp_sharing(dev
, apdev
):
152 """ANQP sharing within ESS and explicit unshare"""
153 bssid
= apdev
[0]['bssid']
154 params
= hs20_ap_params()
155 params
['hessid'] = bssid
156 hostapd
.add_ap(apdev
[0]['ifname'], params
)
158 bssid2
= apdev
[1]['bssid']
159 params
= hs20_ap_params()
160 params
['hessid'] = bssid
161 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ]
162 hostapd
.add_ap(apdev
[1]['ifname'], params
)
165 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
166 'password': "secret",
167 'domain': "example.com" })
168 logger
.info("Normal network selection with shared ANQP results")
169 interworking_select(dev
[0], None, "home", freq
="2412")
170 dev
[0].dump_monitor()
172 res1
= dev
[0].get_bss(bssid
)
173 res2
= dev
[0].get_bss(bssid2
)
174 if res1
['anqp_nai_realm'] != res2
['anqp_nai_realm']:
175 raise Exception("ANQP results were not shared between BSSes")
177 logger
.info("Explicit ANQP request to unshare ANQP results")
178 dev
[0].request("ANQP_GET " + bssid
+ " 263")
179 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
181 raise Exception("ANQP operation timed out")
183 dev
[0].request("ANQP_GET " + bssid2
+ " 263")
184 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
186 raise Exception("ANQP operation timed out")
188 res1
= dev
[0].get_bss(bssid
)
189 res2
= dev
[0].get_bss(bssid2
)
190 if res1
['anqp_nai_realm'] == res2
['anqp_nai_realm']:
191 raise Exception("ANQP results were not unshared")
193 def test_ap_nai_home_realm_query(dev
, apdev
):
194 """NAI Home Realm Query"""
195 bssid
= apdev
[0]['bssid']
196 params
= hs20_ap_params()
197 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
198 "0,another.example.org" ]
199 hostapd
.add_ap(apdev
[0]['ifname'], params
)
201 dev
[0].scan(freq
="2412")
202 dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
+ " realm=example.com")
203 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
205 raise Exception("ANQP operation timed out")
206 nai1
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
207 dev
[0].dump_monitor()
209 dev
[0].request("ANQP_GET " + bssid
+ " 263")
210 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
212 raise Exception("ANQP operation timed out")
213 nai2
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
215 if len(nai1
) >= len(nai2
):
216 raise Exception("Unexpected NAI Realm list response lengths")
217 if "example.com".encode('hex') not in nai1
:
218 raise Exception("Home realm not reported")
219 if "example.org".encode('hex') in nai1
:
220 raise Exception("Non-home realm reported")
221 if "example.com".encode('hex') not in nai2
:
222 raise Exception("Home realm not reported in wildcard query")
223 if "example.org".encode('hex') not in nai2
:
224 raise Exception("Non-home realm not reported in wildcard query ")
226 def test_ap_interworking_scan_filtering(dev
, apdev
):
227 """Interworking scan filtering with HESSID and access network type"""
228 bssid
= apdev
[0]['bssid']
229 params
= hs20_ap_params()
230 ssid
= "test-hs20-ap1"
231 params
['ssid'] = ssid
232 params
['hessid'] = bssid
233 hostapd
.add_ap(apdev
[0]['ifname'], params
)
235 bssid2
= apdev
[1]['bssid']
236 params
= hs20_ap_params()
237 ssid2
= "test-hs20-ap2"
238 params
['ssid'] = ssid2
239 params
['hessid'] = bssid2
240 params
['access_network_type'] = "1"
241 del params
['venue_group']
242 del params
['venue_type']
243 hostapd
.add_ap(apdev
[1]['ifname'], params
)
250 logger
.info("Check probe request filtering based on HESSID")
252 dev
[0].request("SET hessid " + bssid2
)
253 dev
[0].scan(freq
="2412")
255 check_probe_resp(wt
, bssid
, bssid2
)
257 logger
.info("Check probe request filtering based on access network type")
259 wt
.clear_bss_counters(bssid
)
260 wt
.clear_bss_counters(bssid2
)
261 dev
[0].request("SET hessid 00:00:00:00:00:00")
262 dev
[0].request("SET access_network_type 14")
263 dev
[0].scan(freq
="2412")
265 check_probe_resp(wt
, bssid2
, bssid
)
267 wt
.clear_bss_counters(bssid
)
268 wt
.clear_bss_counters(bssid2
)
269 dev
[0].request("SET hessid 00:00:00:00:00:00")
270 dev
[0].request("SET access_network_type 1")
271 dev
[0].scan(freq
="2412")
273 check_probe_resp(wt
, bssid
, bssid2
)
275 logger
.info("Check probe request filtering based on HESSID and ANT")
277 wt
.clear_bss_counters(bssid
)
278 wt
.clear_bss_counters(bssid2
)
279 dev
[0].request("SET hessid " + bssid
)
280 dev
[0].request("SET access_network_type 14")
281 dev
[0].scan(freq
="2412")
283 check_probe_resp(wt
, bssid2
, bssid
)
285 wt
.clear_bss_counters(bssid
)
286 wt
.clear_bss_counters(bssid2
)
287 dev
[0].request("SET hessid " + bssid2
)
288 dev
[0].request("SET access_network_type 14")
289 dev
[0].scan(freq
="2412")
291 check_probe_resp(wt
, bssid
, None)
292 check_probe_resp(wt
, bssid2
, None)
294 wt
.clear_bss_counters(bssid
)
295 wt
.clear_bss_counters(bssid2
)
296 dev
[0].request("SET hessid " + bssid
)
297 dev
[0].request("SET access_network_type 1")
298 dev
[0].scan(freq
="2412")
300 check_probe_resp(wt
, bssid
, None)
301 check_probe_resp(wt
, bssid2
, None)
303 def test_ap_hs20_select(dev
, apdev
):
304 """Hotspot 2.0 network selection"""
305 bssid
= apdev
[0]['bssid']
306 params
= hs20_ap_params()
307 params
['hessid'] = bssid
308 hostapd
.add_ap(apdev
[0]['ifname'], params
)
311 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
312 'password': "secret",
313 'domain': "example.com" })
314 interworking_select(dev
[0], bssid
, "home")
316 dev
[0].remove_cred(id)
317 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
318 'password': "secret",
319 'domain': "no.match.example.com" })
320 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
322 dev
[0].set_cred_quoted(id, "realm", "no.match.example.com");
323 interworking_select(dev
[0], bssid
, no_match
=True, freq
="2412")
325 bssid2
= apdev
[1]['bssid']
326 params
= hs20_ap_params()
327 params
['nai_realm'] = [ "0,example.org,21" ]
328 params
['hessid'] = bssid2
329 params
['domain_name'] = "example.org"
330 hostapd
.add_ap(apdev
[1]['ifname'], params
)
331 dev
[0].remove_cred(id)
332 id = dev
[0].add_cred_values({ 'realm': "example.org", 'username': "test",
333 'password': "secret",
334 'domain': "example.org" })
335 interworking_select(dev
[0], bssid2
, "home", freq
="2412")
337 def hs20_simulated_sim(dev
, ap
, method
):
339 params
= hs20_ap_params()
340 params
['hessid'] = bssid
341 params
['anqp_3gpp_cell_net'] = "555,444"
342 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
343 hostapd
.add_ap(ap
['ifname'], params
)
346 dev
.add_cred_values({ 'imsi': "555444-333222111", 'eap': method
,
347 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
348 interworking_select(dev
, "home", freq
="2412")
349 interworking_connect(dev
, bssid
, method
)
350 check_sp_type(dev
, "home")
352 def test_ap_hs20_sim(dev
, apdev
):
353 """Hotspot 2.0 with simulated SIM and EAP-SIM"""
354 if not hlr_auc_gw_available():
356 hs20_simulated_sim(dev
[0], apdev
[0], "SIM")
357 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
358 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
360 raise Exception("Timeout on already-connected event")
362 def test_ap_hs20_aka(dev
, apdev
):
363 """Hotspot 2.0 with simulated USIM and EAP-AKA"""
364 if not hlr_auc_gw_available():
366 hs20_simulated_sim(dev
[0], apdev
[0], "AKA")
368 def test_ap_hs20_aka_prime(dev
, apdev
):
369 """Hotspot 2.0 with simulated USIM and EAP-AKA'"""
370 if not hlr_auc_gw_available():
372 hs20_simulated_sim(dev
[0], apdev
[0], "AKA'")
374 def test_ap_hs20_ext_sim(dev
, apdev
):
375 """Hotspot 2.0 with external SIM processing"""
376 if not hlr_auc_gw_available():
378 bssid
= apdev
[0]['bssid']
379 params
= hs20_ap_params()
380 params
['hessid'] = bssid
381 params
['anqp_3gpp_cell_net'] = "232,01"
382 params
['domain_name'] = "wlan.mnc001.mcc232.3gppnetwork.org"
383 hostapd
.add_ap(apdev
[0]['ifname'], params
)
386 dev
[0].request("SET external_sim 1")
387 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
388 interworking_select(dev
[0], "home", freq
="2412")
389 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
390 check_sp_type(dev
[0], "home")
392 def test_ap_hs20_ext_sim_roaming(dev
, apdev
):
393 """Hotspot 2.0 with external SIM processing in roaming network"""
394 if not hlr_auc_gw_available():
396 bssid
= apdev
[0]['bssid']
397 params
= hs20_ap_params()
398 params
['hessid'] = bssid
399 params
['anqp_3gpp_cell_net'] = "244,91;310,026;232,01;234,56"
400 params
['domain_name'] = "wlan.mnc091.mcc244.3gppnetwork.org"
401 hostapd
.add_ap(apdev
[0]['ifname'], params
)
404 dev
[0].request("SET external_sim 1")
405 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
406 interworking_select(dev
[0], "roaming", freq
="2412")
407 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
408 check_sp_type(dev
[0], "roaming")
410 def test_ap_hs20_username(dev
, apdev
):
411 """Hotspot 2.0 connection in username/password credential"""
412 bssid
= apdev
[0]['bssid']
413 params
= hs20_ap_params()
414 params
['hessid'] = bssid
415 params
['disable_dgaf'] = '1'
416 hostapd
.add_ap(apdev
[0]['ifname'], params
)
419 id = dev
[0].add_cred_values({ 'realm': "example.com",
420 'username': "hs20-test",
421 'password': "password",
422 'ca_cert': "auth_serv/ca.pem",
423 'domain': "example.com",
424 'update_identifier': "1234" })
425 interworking_select(dev
[0], bssid
, "home", freq
="2412")
426 interworking_connect(dev
[0], bssid
, "TTLS")
427 check_sp_type(dev
[0], "home")
428 status
= dev
[0].get_status()
429 if status
['pairwise_cipher'] != "CCMP":
430 raise Exception("Unexpected pairwise cipher")
431 if status
['hs20'] != "2":
432 raise Exception("Unexpected HS 2.0 support indication")
434 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
435 identity
="hs20-test", password
="password",
436 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
439 def test_ap_hs20_auto_interworking(dev
, apdev
):
440 """Hotspot 2.0 connection with auto_interworking=1"""
441 bssid
= apdev
[0]['bssid']
442 params
= hs20_ap_params()
443 params
['hessid'] = bssid
444 params
['disable_dgaf'] = '1'
445 hostapd
.add_ap(apdev
[0]['ifname'], params
)
447 dev
[0].hs20_enable(auto_interworking
=True)
448 id = dev
[0].add_cred_values({ 'realm': "example.com",
449 'username': "hs20-test",
450 'password': "password",
451 'ca_cert': "auth_serv/ca.pem",
452 'domain': "example.com",
453 'update_identifier': "1234" })
454 dev
[0].request("REASSOCIATE")
455 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
457 raise Exception("Connection timed out")
458 check_sp_type(dev
[0], "home")
459 status
= dev
[0].get_status()
460 if status
['pairwise_cipher'] != "CCMP":
461 raise Exception("Unexpected pairwise cipher")
462 if status
['hs20'] != "2":
463 raise Exception("Unexpected HS 2.0 support indication")
465 def eap_test(dev
, ap
, eap_params
, method
, user
):
467 params
= hs20_ap_params()
468 params
['nai_realm'] = [ "0,example.com," + eap_params
]
469 hostapd
.add_ap(ap
['ifname'], params
)
472 dev
.add_cred_values({ 'realm': "example.com",
474 'password': "password" })
475 interworking_select(dev
, bssid
, freq
="2412")
476 interworking_connect(dev
, bssid
, method
)
478 def test_ap_hs20_eap_unknown(dev
, apdev
):
479 """Hotspot 2.0 connection with unknown EAP method"""
480 bssid
= apdev
[0]['bssid']
481 params
= hs20_ap_params()
482 params
['nai_realm'] = "0,example.com,99"
483 hostapd
.add_ap(apdev
[0]['ifname'], params
)
486 dev
[0].add_cred_values(default_cred())
487 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
489 def test_ap_hs20_eap_peap_mschapv2(dev
, apdev
):
490 """Hotspot 2.0 connection with PEAP/MSCHAPV2"""
491 eap_test(dev
[0], apdev
[0], "25[3:26]", "PEAP", "user")
493 def test_ap_hs20_eap_peap_default(dev
, apdev
):
494 """Hotspot 2.0 connection with PEAP/MSCHAPV2 (as default)"""
495 eap_test(dev
[0], apdev
[0], "25", "PEAP", "user")
497 def test_ap_hs20_eap_peap_gtc(dev
, apdev
):
498 """Hotspot 2.0 connection with PEAP/GTC"""
499 eap_test(dev
[0], apdev
[0], "25[3:6]", "PEAP", "user")
501 def test_ap_hs20_eap_peap_unknown(dev
, apdev
):
502 """Hotspot 2.0 connection with PEAP/unknown"""
503 bssid
= apdev
[0]['bssid']
504 params
= hs20_ap_params()
505 params
['nai_realm'] = "0,example.com,25[3:99]"
506 hostapd
.add_ap(apdev
[0]['ifname'], params
)
509 dev
[0].add_cred_values(default_cred())
510 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
512 def test_ap_hs20_eap_ttls_chap(dev
, apdev
):
513 """Hotspot 2.0 connection with TTLS/CHAP"""
514 eap_test(dev
[0], apdev
[0], "21[2:2]", "TTLS", "chap user")
516 def test_ap_hs20_eap_ttls_mschap(dev
, apdev
):
517 """Hotspot 2.0 connection with TTLS/MSCHAP"""
518 eap_test(dev
[0], apdev
[0], "21[2:3]", "TTLS", "mschap user")
520 def test_ap_hs20_eap_ttls_eap_mschapv2(dev
, apdev
):
521 """Hotspot 2.0 connection with TTLS/EAP-MSCHAPv2"""
522 eap_test(dev
[0], apdev
[0], "21[3:26][6:7][99:99]", "TTLS", "user")
524 def test_ap_hs20_eap_ttls_eap_unknown(dev
, apdev
):
525 """Hotspot 2.0 connection with TTLS/EAP-unknown"""
526 bssid
= apdev
[0]['bssid']
527 params
= hs20_ap_params()
528 params
['nai_realm'] = "0,example.com,21[3:99]"
529 hostapd
.add_ap(apdev
[0]['ifname'], params
)
532 dev
[0].add_cred_values(default_cred())
533 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
535 def test_ap_hs20_eap_ttls_eap_unsupported(dev
, apdev
):
536 """Hotspot 2.0 connection with TTLS/EAP-OTP(unsupported)"""
537 bssid
= apdev
[0]['bssid']
538 params
= hs20_ap_params()
539 params
['nai_realm'] = "0,example.com,21[3:5]"
540 hostapd
.add_ap(apdev
[0]['ifname'], params
)
543 dev
[0].add_cred_values(default_cred())
544 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
546 def test_ap_hs20_eap_ttls_unknown(dev
, apdev
):
547 """Hotspot 2.0 connection with TTLS/unknown"""
548 bssid
= apdev
[0]['bssid']
549 params
= hs20_ap_params()
550 params
['nai_realm'] = "0,example.com,21[2:5]"
551 hostapd
.add_ap(apdev
[0]['ifname'], params
)
554 dev
[0].add_cred_values(default_cred())
555 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
557 def test_ap_hs20_eap_fast_mschapv2(dev
, apdev
):
558 """Hotspot 2.0 connection with FAST/EAP-MSCHAPV2"""
559 eap_test(dev
[0], apdev
[0], "43[3:26]", "FAST", "user")
561 def test_ap_hs20_eap_fast_gtc(dev
, apdev
):
562 """Hotspot 2.0 connection with FAST/EAP-GTC"""
563 eap_test(dev
[0], apdev
[0], "43[3:6]", "FAST", "user")
565 def test_ap_hs20_eap_tls(dev
, apdev
):
566 """Hotspot 2.0 connection with EAP-TLS"""
567 bssid
= apdev
[0]['bssid']
568 params
= hs20_ap_params()
569 params
['nai_realm'] = [ "0,example.com,13[5:6]" ]
570 hostapd
.add_ap(apdev
[0]['ifname'], params
)
573 dev
[0].add_cred_values({ 'realm': "example.com",
574 'username': "certificate-user",
575 'ca_cert': "auth_serv/ca.pem",
576 'client_cert': "auth_serv/user.pem",
577 'private_key': "auth_serv/user.key"})
578 interworking_select(dev
[0], bssid
, freq
="2412")
579 interworking_connect(dev
[0], bssid
, "TLS")
581 def test_ap_hs20_eap_cert_unknown(dev
, apdev
):
582 """Hotspot 2.0 connection with certificate, but unknown EAP method"""
583 bssid
= apdev
[0]['bssid']
584 params
= hs20_ap_params()
585 params
['nai_realm'] = [ "0,example.com,99[5:6]" ]
586 hostapd
.add_ap(apdev
[0]['ifname'], params
)
589 dev
[0].add_cred_values({ 'realm': "example.com",
590 'username': "certificate-user",
591 'ca_cert': "auth_serv/ca.pem",
592 'client_cert': "auth_serv/user.pem",
593 'private_key': "auth_serv/user.key"})
594 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
596 def test_ap_hs20_eap_cert_unsupported(dev
, apdev
):
597 """Hotspot 2.0 connection with certificate, but unsupported TTLS"""
598 bssid
= apdev
[0]['bssid']
599 params
= hs20_ap_params()
600 params
['nai_realm'] = [ "0,example.com,21[5:6]" ]
601 hostapd
.add_ap(apdev
[0]['ifname'], params
)
604 dev
[0].add_cred_values({ 'realm': "example.com",
605 'username': "certificate-user",
606 'ca_cert': "auth_serv/ca.pem",
607 'client_cert': "auth_serv/user.pem",
608 'private_key': "auth_serv/user.key"})
609 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
611 def test_ap_hs20_eap_invalid_cred(dev
, apdev
):
612 """Hotspot 2.0 connection with invalid cred configuration"""
613 bssid
= apdev
[0]['bssid']
614 params
= hs20_ap_params()
615 hostapd
.add_ap(apdev
[0]['ifname'], params
)
618 dev
[0].add_cred_values({ 'realm': "example.com",
619 'username': "certificate-user",
620 'client_cert': "auth_serv/user.pem" })
621 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
623 def test_ap_hs20_nai_realms(dev
, apdev
):
624 """Hotspot 2.0 connection and multiple NAI realms and TTLS/PAP"""
625 bssid
= apdev
[0]['bssid']
626 params
= hs20_ap_params()
627 params
['hessid'] = bssid
628 params
['nai_realm'] = [ "0,no.match.here;example.com;no.match.here.either,21[2:1][5:7]" ]
629 hostapd
.add_ap(apdev
[0]['ifname'], params
)
632 id = dev
[0].add_cred_values({ 'realm': "example.com",
633 'username': "pap user",
634 'password': "password",
635 'domain': "example.com" })
636 interworking_select(dev
[0], bssid
, "home", freq
="2412")
637 interworking_connect(dev
[0], bssid
, "TTLS")
638 check_sp_type(dev
[0], "home")
640 def test_ap_hs20_roaming_consortium(dev
, apdev
):
641 """Hotspot 2.0 connection based on roaming consortium match"""
642 bssid
= apdev
[0]['bssid']
643 params
= hs20_ap_params()
644 params
['hessid'] = bssid
645 hostapd
.add_ap(apdev
[0]['ifname'], params
)
648 for consortium
in [ "112233", "1020304050", "010203040506", "fedcba" ]:
649 id = dev
[0].add_cred_values({ 'username': "user",
650 'password': "password",
651 'domain': "example.com",
652 'roaming_consortium': consortium
,
654 interworking_select(dev
[0], bssid
, "home", freq
="2412")
655 interworking_connect(dev
[0], bssid
, "PEAP")
656 check_sp_type(dev
[0], "home")
657 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
658 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
660 raise Exception("Timeout on already-connected event")
661 dev
[0].remove_cred(id)
663 def test_ap_hs20_username_roaming(dev
, apdev
):
664 """Hotspot 2.0 connection in username/password credential (roaming)"""
665 bssid
= apdev
[0]['bssid']
666 params
= hs20_ap_params()
667 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
668 "0,roaming.example.com,21[2:4][5:7]",
669 "0,another.example.com" ]
670 params
['domain_name'] = "another.example.com"
671 params
['hessid'] = bssid
672 hostapd
.add_ap(apdev
[0]['ifname'], params
)
675 id = dev
[0].add_cred_values({ 'realm': "roaming.example.com",
676 'username': "hs20-test",
677 'password': "password",
678 'domain': "example.com" })
679 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
680 interworking_connect(dev
[0], bssid
, "TTLS")
681 check_sp_type(dev
[0], "roaming")
683 def test_ap_hs20_username_unknown(dev
, apdev
):
684 """Hotspot 2.0 connection in username/password credential (no domain in cred)"""
685 bssid
= apdev
[0]['bssid']
686 params
= hs20_ap_params()
687 params
['hessid'] = bssid
688 hostapd
.add_ap(apdev
[0]['ifname'], params
)
691 id = dev
[0].add_cred_values({ 'realm': "example.com",
692 'username': "hs20-test",
693 'password': "password" })
694 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
695 interworking_connect(dev
[0], bssid
, "TTLS")
696 check_sp_type(dev
[0], "unknown")
698 def test_ap_hs20_username_unknown2(dev
, apdev
):
699 """Hotspot 2.0 connection in username/password credential (no domain advertized)"""
700 bssid
= apdev
[0]['bssid']
701 params
= hs20_ap_params()
702 params
['hessid'] = bssid
703 del params
['domain_name']
704 hostapd
.add_ap(apdev
[0]['ifname'], params
)
707 id = dev
[0].add_cred_values({ 'realm': "example.com",
708 'username': "hs20-test",
709 'password': "password",
710 'domain': "example.com" })
711 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
712 interworking_connect(dev
[0], bssid
, "TTLS")
713 check_sp_type(dev
[0], "unknown")
715 def test_ap_hs20_gas_while_associated(dev
, apdev
):
716 """Hotspot 2.0 connection with GAS query while associated"""
717 bssid
= apdev
[0]['bssid']
718 params
= hs20_ap_params()
719 params
['hessid'] = bssid
720 hostapd
.add_ap(apdev
[0]['ifname'], params
)
723 id = dev
[0].add_cred_values({ 'realm': "example.com",
724 'username': "hs20-test",
725 'password': "password",
726 'domain': "example.com" })
727 interworking_select(dev
[0], bssid
, "home", freq
="2412")
728 interworking_connect(dev
[0], bssid
, "TTLS")
730 logger
.info("Verifying GAS query while associated")
731 dev
[0].request("FETCH_ANQP")
732 for i
in range(0, 6):
733 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
735 raise Exception("Operation timed out")
737 def test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
):
738 """Hotspot 2.0 connection with GAS query while associated and using PMF"""
739 bssid
= apdev
[0]['bssid']
740 params
= hs20_ap_params()
741 params
['hessid'] = bssid
742 hostapd
.add_ap(apdev
[0]['ifname'], params
)
744 bssid2
= apdev
[1]['bssid']
745 params
= hs20_ap_params()
746 params
['hessid'] = bssid2
747 params
['nai_realm'] = [ "0,no-match.example.org,13[5:6],21[2:4][5:7]" ]
748 hostapd
.add_ap(apdev
[1]['ifname'], params
)
751 dev
[0].request("SET pmf 2")
752 id = dev
[0].add_cred_values({ 'realm': "example.com",
753 'username': "hs20-test",
754 'password': "password",
755 'domain': "example.com" })
756 interworking_select(dev
[0], bssid
, "home", freq
="2412")
757 interworking_connect(dev
[0], bssid
, "TTLS")
759 logger
.info("Verifying GAS query while associated")
760 dev
[0].request("FETCH_ANQP")
761 for i
in range(0, 2 * 6):
762 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
764 raise Exception("Operation timed out")
766 def test_ap_hs20_gas_frag_while_associated(dev
, apdev
):
767 """Hotspot 2.0 connection with fragmented GAS query while associated"""
768 bssid
= apdev
[0]['bssid']
769 params
= hs20_ap_params()
770 params
['hessid'] = bssid
771 hostapd
.add_ap(apdev
[0]['ifname'], params
)
772 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
773 hapd
.set("gas_frag_limit", "50")
776 id = dev
[0].add_cred_values({ 'realm': "example.com",
777 'username': "hs20-test",
778 'password': "password",
779 'domain': "example.com" })
780 interworking_select(dev
[0], bssid
, "home", freq
="2412")
781 interworking_connect(dev
[0], bssid
, "TTLS")
783 logger
.info("Verifying GAS query while associated")
784 dev
[0].request("FETCH_ANQP")
785 for i
in range(0, 6):
786 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
788 raise Exception("Operation timed out")
790 def test_ap_hs20_multiple_connects(dev
, apdev
):
791 """Hotspot 2.0 connection through multiple network selections"""
792 bssid
= apdev
[0]['bssid']
793 params
= hs20_ap_params()
794 params
['hessid'] = bssid
795 hostapd
.add_ap(apdev
[0]['ifname'], params
)
798 values
= { 'realm': "example.com",
799 'username': "hs20-test",
800 'password': "password",
801 'domain': "example.com" }
802 id = dev
[0].add_cred_values(values
)
804 for i
in range(0, 3):
805 logger
.info("Starting Interworking network selection")
806 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
808 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
809 "INTERWORKING-ALREADY-CONNECTED",
810 "CTRL-EVENT-CONNECTED"], timeout
=15)
812 raise Exception("Connection timed out")
813 if "INTERWORKING-NO-MATCH" in ev
:
814 raise Exception("Matching AP not found")
815 if "CTRL-EVENT-CONNECTED" in ev
:
817 if i
== 2 and "INTERWORKING-ALREADY-CONNECTED" in ev
:
820 dev
[0].request("DISCONNECT")
821 dev
[0].dump_monitor()
823 networks
= dev
[0].list_networks()
824 if len(networks
) > 1:
825 raise Exception("Duplicated network block detected")
827 def test_ap_hs20_disallow_aps(dev
, apdev
):
828 """Hotspot 2.0 connection and disallow_aps"""
829 bssid
= apdev
[0]['bssid']
830 params
= hs20_ap_params()
831 params
['hessid'] = bssid
832 hostapd
.add_ap(apdev
[0]['ifname'], params
)
835 values
= { 'realm': "example.com",
836 'username': "hs20-test",
837 'password': "password",
838 'domain': "example.com" }
839 id = dev
[0].add_cred_values(values
)
841 logger
.info("Verify disallow_aps bssid")
842 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
843 dev
[0].request("INTERWORKING_SELECT auto")
844 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
846 raise Exception("Network selection timed out")
847 dev
[0].dump_monitor()
849 logger
.info("Verify disallow_aps ssid")
850 dev
[0].request("SET disallow_aps ssid 746573742d68733230")
851 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
852 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
854 raise Exception("Network selection timed out")
855 dev
[0].dump_monitor()
857 logger
.info("Verify disallow_aps clear")
858 dev
[0].request("SET disallow_aps ")
859 interworking_select(dev
[0], bssid
, "home", freq
="2412")
861 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
862 ret
= dev
[0].request("INTERWORKING_CONNECT " + bssid
)
863 if "FAIL" not in ret
:
864 raise Exception("INTERWORKING_CONNECT to disallowed BSS not rejected")
866 def policy_test(dev
, ap
, values
, only_one
=True):
869 logger
.info("Verify network selection to AP " + ap
['ifname'])
872 logger
.info("Verify network selection")
875 id = dev
.add_cred_values(values
)
876 dev
.request("INTERWORKING_SELECT auto freq=2412")
879 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH",
880 "INTERWORKING-BLACKLISTED",
881 "INTERWORKING-SELECTED"], timeout
=15)
883 raise Exception("Network selection timed out")
885 if "INTERWORKING-NO-MATCH" in ev
:
886 raise Exception("Matching AP not found")
887 if bssid
and only_one
and "INTERWORKING-AP" in ev
and bssid
not in ev
:
888 raise Exception("Unexpected AP claimed acceptable")
889 if "INTERWORKING-SELECTED" in ev
:
890 if bssid
and bssid
not in ev
:
891 raise Exception("Selected incorrect BSS")
894 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
896 raise Exception("Connection timed out")
897 if bssid
and bssid
not in ev
:
898 raise Exception("Connected to incorrect BSS")
900 conn_bssid
= dev
.get_status_field("bssid")
901 if bssid
and conn_bssid
!= bssid
:
902 raise Exception("bssid information points to incorrect BSS")
908 def default_cred(domain
=None):
909 cred
= { 'realm': "example.com",
910 'username': "hs20-test",
911 'password': "password" }
913 cred
['domain'] = domain
916 def test_ap_hs20_prefer_home(dev
, apdev
):
917 """Hotspot 2.0 required roaming consortium"""
918 params
= hs20_ap_params()
919 params
['domain_name'] = "example.org"
920 hostapd
.add_ap(apdev
[0]['ifname'], params
)
922 params
= hs20_ap_params()
923 params
['ssid'] = "test-hs20-other"
924 params
['domain_name'] = "example.com"
925 hostapd
.add_ap(apdev
[1]['ifname'], params
)
927 values
= default_cred()
928 values
['domain'] = "example.com"
929 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
930 values
['domain'] = "example.org"
931 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
933 def test_ap_hs20_req_roaming_consortium(dev
, apdev
):
934 """Hotspot 2.0 required roaming consortium"""
935 params
= hs20_ap_params()
936 hostapd
.add_ap(apdev
[0]['ifname'], params
)
938 params
= hs20_ap_params()
939 params
['ssid'] = "test-hs20-other"
940 params
['roaming_consortium'] = [ "223344" ]
941 hostapd
.add_ap(apdev
[1]['ifname'], params
)
943 values
= default_cred()
944 values
['required_roaming_consortium'] = "223344"
945 policy_test(dev
[0], apdev
[1], values
)
946 values
['required_roaming_consortium'] = "112233"
947 policy_test(dev
[0], apdev
[0], values
)
949 id = dev
[0].add_cred()
950 dev
[0].set_cred(id, "required_roaming_consortium", "112233")
951 dev
[0].set_cred(id, "required_roaming_consortium", "112233445566778899aabbccddeeff")
953 for val
in [ "", "1", "11", "1122", "1122334", "112233445566778899aabbccddeeff00" ]:
954 if "FAIL" not in dev
[0].request('SET_CRED {} required_roaming_consortium {}'.format(id, val
)):
955 raise Exception("Invalid roaming consortium value accepted: " + val
)
957 def test_ap_hs20_excluded_ssid(dev
, apdev
):
958 """Hotspot 2.0 exclusion based on SSID"""
959 params
= hs20_ap_params()
960 params
['roaming_consortium'] = [ "223344" ]
961 params
['anqp_3gpp_cell_net'] = "555,444"
962 hostapd
.add_ap(apdev
[0]['ifname'], params
)
964 params
= hs20_ap_params()
965 params
['ssid'] = "test-hs20-other"
966 params
['roaming_consortium'] = [ "223344" ]
967 params
['anqp_3gpp_cell_net'] = "555,444"
968 hostapd
.add_ap(apdev
[1]['ifname'], params
)
970 values
= default_cred()
971 values
['excluded_ssid'] = "test-hs20"
972 events
= policy_test(dev
[0], apdev
[1], values
)
973 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
975 raise Exception("Excluded network not reported")
976 values
['excluded_ssid'] = "test-hs20-other"
977 events
= policy_test(dev
[0], apdev
[0], values
)
978 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[1]['bssid'] in e
]
980 raise Exception("Excluded network not reported")
982 values
= default_cred()
983 values
['roaming_consortium'] = "223344"
984 values
['eap'] = "TTLS"
985 values
['phase2'] = "auth=MSCHAPV2"
986 values
['excluded_ssid'] = "test-hs20"
987 events
= policy_test(dev
[0], apdev
[1], values
)
988 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
990 raise Exception("Excluded network not reported")
992 values
= { 'imsi': "555444-333222111", 'eap': "SIM",
993 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123",
994 'excluded_ssid': "test-hs20" }
995 events
= policy_test(dev
[0], apdev
[1], values
)
996 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
998 raise Exception("Excluded network not reported")
1000 def test_ap_hs20_roam_to_higher_prio(dev
, apdev
):
1001 """Hotspot 2.0 and roaming from current to higher priority network"""
1002 bssid
= apdev
[0]['bssid']
1003 params
= hs20_ap_params(ssid
="test-hs20-visited")
1004 params
['domain_name'] = "visited.example.org"
1005 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1007 dev
[0].hs20_enable()
1008 id = dev
[0].add_cred_values({ 'realm': "example.com",
1009 'username': "hs20-test",
1010 'password': "password",
1011 'domain': "example.com" })
1012 logger
.info("Connect to the only network option")
1013 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
1014 dev
[0].dump_monitor()
1015 interworking_connect(dev
[0], bssid
, "TTLS")
1017 logger
.info("Start another AP (home operator) and reconnect")
1018 bssid2
= apdev
[1]['bssid']
1019 params
= hs20_ap_params(ssid
="test-hs20-home")
1020 params
['domain_name'] = "example.com"
1021 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1023 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1024 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
1025 "INTERWORKING-ALREADY-CONNECTED",
1026 "CTRL-EVENT-CONNECTED"], timeout
=15)
1028 raise Exception("Connection timed out")
1029 if "INTERWORKING-NO-MATCH" in ev
:
1030 raise Exception("Matching AP not found")
1031 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1032 raise Exception("Unexpected AP selected")
1033 if bssid2
not in ev
:
1034 raise Exception("Unexpected BSSID after reconnection")
1036 def test_ap_hs20_domain_suffix_match(dev
, apdev
):
1037 """Hotspot 2.0 and domain_suffix_match"""
1038 bssid
= apdev
[0]['bssid']
1039 params
= hs20_ap_params()
1040 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1042 dev
[0].hs20_enable()
1043 id = dev
[0].add_cred_values({ 'realm': "example.com",
1044 'username': "hs20-test",
1045 'password': "password",
1046 'domain': "example.com",
1047 'domain_suffix_match': "w1.fi" })
1048 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1049 dev
[0].dump_monitor()
1050 interworking_connect(dev
[0], bssid
, "TTLS")
1051 dev
[0].request("REMOVE_NETWORK all")
1052 dev
[0].dump_monitor()
1054 dev
[0].set_cred_quoted(id, "domain_suffix_match", "no-match.example.com")
1055 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1056 dev
[0].dump_monitor()
1057 dev
[0].request("INTERWORKING_CONNECT " + bssid
)
1058 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"])
1060 raise Exception("TLS certificate error not reported")
1061 if "Domain suffix mismatch" not in ev
:
1062 raise Exception("Domain suffix mismatch not reported")
1064 def test_ap_hs20_roaming_partner_preference(dev
, apdev
):
1065 """Hotspot 2.0 and roaming partner preference"""
1066 params
= hs20_ap_params()
1067 params
['domain_name'] = "roaming.example.org"
1068 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1070 params
= hs20_ap_params()
1071 params
['ssid'] = "test-hs20-other"
1072 params
['domain_name'] = "roaming.example.net"
1073 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1075 logger
.info("Verify default vs. specified preference")
1076 values
= default_cred()
1077 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1078 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1079 values
['roaming_partner'] = "roaming.example.net,1,129,*"
1080 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1082 logger
.info("Verify partial FQDN match")
1083 values
['roaming_partner'] = "example.net,0,0,*"
1084 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1085 values
['roaming_partner'] = "example.net,0,255,*"
1086 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1088 def test_ap_hs20_max_bss_load(dev
, apdev
):
1089 """Hotspot 2.0 and maximum BSS load"""
1090 params
= hs20_ap_params()
1091 params
['bss_load_test'] = "12:200:20000"
1092 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1094 params
= hs20_ap_params()
1095 params
['ssid'] = "test-hs20-other"
1096 params
['bss_load_test'] = "5:20:10000"
1097 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1099 logger
.info("Verify maximum BSS load constraint")
1100 values
= default_cred()
1101 values
['domain'] = "example.com"
1102 values
['max_bss_load'] = "100"
1103 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1105 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1106 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1107 raise Exception("Maximum BSS Load case not noticed")
1108 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1109 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1110 raise Exception("Maximum BSS Load case reported incorrectly")
1112 logger
.info("Verify maximum BSS load does not prevent connection")
1113 values
['max_bss_load'] = "1"
1114 events
= policy_test(dev
[0], None, values
)
1116 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1117 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1118 raise Exception("Maximum BSS Load case not noticed")
1119 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1120 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1121 raise Exception("Maximum BSS Load case not noticed")
1123 def test_ap_hs20_max_bss_load2(dev
, apdev
):
1124 """Hotspot 2.0 and maximum BSS load with one AP not advertising"""
1125 params
= hs20_ap_params()
1126 params
['bss_load_test'] = "12:200:20000"
1127 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1129 params
= hs20_ap_params()
1130 params
['ssid'] = "test-hs20-other"
1131 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1133 logger
.info("Verify maximum BSS load constraint with AP advertisement")
1134 values
= default_cred()
1135 values
['domain'] = "example.com"
1136 values
['max_bss_load'] = "100"
1137 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1139 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1140 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1141 raise Exception("Maximum BSS Load case not noticed")
1142 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1143 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1144 raise Exception("Maximum BSS Load case reported incorrectly")
1146 def test_ap_hs20_multi_cred_sp_prio(dev
, apdev
):
1147 """Hotspot 2.0 multi-cred sp_priority"""
1148 if not hlr_auc_gw_available():
1150 bssid
= apdev
[0]['bssid']
1151 params
= hs20_ap_params()
1152 params
['hessid'] = bssid
1153 del params
['domain_name']
1154 params
['anqp_3gpp_cell_net'] = "232,01"
1155 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1157 dev
[0].hs20_enable()
1158 dev
[0].request("SET external_sim 1")
1159 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1160 'provisioning_sp': "example.com",
1161 'sp_priority' :"1" })
1162 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1163 'username': "hs20-test",
1164 'password': "password",
1165 'domain': "example.com",
1166 'provisioning_sp': "example.com",
1167 'sp_priority': "2" })
1168 dev
[0].dump_monitor()
1169 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1170 interworking_ext_sim_auth(dev
[0], "SIM")
1171 check_sp_type(dev
[0], "unknown")
1172 dev
[0].request("REMOVE_NETWORK all")
1174 dev
[0].set_cred(id1
, "sp_priority", "2")
1175 dev
[0].set_cred(id2
, "sp_priority", "1")
1176 dev
[0].dump_monitor()
1177 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1178 interworking_auth(dev
[0], "TTLS")
1179 check_sp_type(dev
[0], "unknown")
1181 def test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
):
1182 """Hotspot 2.0 multi-cred sp_priority with two BSSes"""
1183 if not hlr_auc_gw_available():
1185 bssid
= apdev
[0]['bssid']
1186 params
= hs20_ap_params()
1187 params
['hessid'] = bssid
1188 del params
['nai_realm']
1189 del params
['domain_name']
1190 params
['anqp_3gpp_cell_net'] = "232,01"
1191 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1193 bssid2
= apdev
[1]['bssid']
1194 params
= hs20_ap_params()
1195 params
['ssid'] = "test-hs20-other"
1196 params
['hessid'] = bssid2
1197 del params
['domain_name']
1198 del params
['anqp_3gpp_cell_net']
1199 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1201 dev
[0].hs20_enable()
1202 dev
[0].request("SET external_sim 1")
1203 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1204 'provisioning_sp': "example.com",
1205 'sp_priority': "1" })
1206 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1207 'username': "hs20-test",
1208 'password': "password",
1209 'domain': "example.com",
1210 'provisioning_sp': "example.com",
1211 'sp_priority': "2" })
1212 dev
[0].dump_monitor()
1213 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1214 interworking_ext_sim_auth(dev
[0], "SIM")
1215 check_sp_type(dev
[0], "unknown")
1216 conn_bssid
= dev
[0].get_status_field("bssid")
1217 if conn_bssid
!= bssid
:
1218 raise Exception("Connected to incorrect BSS")
1219 dev
[0].request("REMOVE_NETWORK all")
1221 dev
[0].set_cred(id1
, "sp_priority", "2")
1222 dev
[0].set_cred(id2
, "sp_priority", "1")
1223 dev
[0].dump_monitor()
1224 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1225 interworking_auth(dev
[0], "TTLS")
1226 check_sp_type(dev
[0], "unknown")
1227 conn_bssid
= dev
[0].get_status_field("bssid")
1228 if conn_bssid
!= bssid2
:
1229 raise Exception("Connected to incorrect BSS")
1231 def check_conn_capab_selection(dev
, type, missing
):
1232 dev
.request("INTERWORKING_SELECT freq=2412")
1233 ev
= dev
.wait_event(["INTERWORKING-AP"])
1235 raise Exception("Network selection timed out");
1236 if "type=" + type not in ev
:
1237 raise Exception("Unexpected network type")
1238 if missing
and "conn_capab_missing=1" not in ev
:
1239 raise Exception("conn_capab_missing not reported")
1240 if not missing
and "conn_capab_missing=1" in ev
:
1241 raise Exception("conn_capab_missing reported unexpectedly")
1243 def conn_capab_cred(domain
=None, req_conn_capab
=None):
1244 cred
= default_cred(domain
=domain
)
1246 cred
['req_conn_capab'] = req_conn_capab
1249 def test_ap_hs20_req_conn_capab(dev
, apdev
):
1250 """Hotspot 2.0 network selection with req_conn_capab"""
1251 bssid
= apdev
[0]['bssid']
1252 params
= hs20_ap_params()
1253 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1255 dev
[0].hs20_enable()
1256 logger
.info("Not used in home network")
1257 values
= conn_capab_cred(domain
="example.com", req_conn_capab
="6:1234")
1258 id = dev
[0].add_cred_values(values
)
1259 check_conn_capab_selection(dev
[0], "home", False)
1261 logger
.info("Used in roaming network")
1262 dev
[0].remove_cred(id)
1263 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="6:1234")
1264 id = dev
[0].add_cred_values(values
)
1265 check_conn_capab_selection(dev
[0], "roaming", True)
1267 logger
.info("Verify that req_conn_capab does not prevent connection if no other network is available")
1268 check_auto_select(dev
[0], bssid
)
1270 logger
.info("Additional req_conn_capab checks")
1272 dev
[0].remove_cred(id)
1273 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="1:0")
1274 id = dev
[0].add_cred_values(values
)
1275 check_conn_capab_selection(dev
[0], "roaming", True)
1277 dev
[0].remove_cred(id)
1278 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="17:5060")
1279 id = dev
[0].add_cred_values(values
)
1280 check_conn_capab_selection(dev
[0], "roaming", True)
1282 bssid2
= apdev
[1]['bssid']
1283 params
= hs20_ap_params(ssid
="test-hs20b")
1284 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1285 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1287 dev
[0].remove_cred(id)
1288 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="50")
1289 id = dev
[0].add_cred_values(values
)
1290 dev
[0].set_cred(id, "req_conn_capab", "6:22")
1291 dev
[0].request("INTERWORKING_SELECT freq=2412")
1292 for i
in range(0, 2):
1293 ev
= dev
[0].wait_event(["INTERWORKING-AP"])
1295 raise Exception("Network selection timed out");
1296 if bssid
in ev
and "conn_capab_missing=1" not in ev
:
1297 raise Exception("Missing protocol connection capability not reported")
1298 if bssid2
in ev
and "conn_capab_missing=1" in ev
:
1299 raise Exception("Protocol connection capability not reported correctly")
1301 def test_ap_hs20_req_conn_capab_and_roaming_partner_preference(dev
, apdev
):
1302 """Hotspot 2.0 and req_conn_capab with roaming partner preference"""
1303 bssid
= apdev
[0]['bssid']
1304 params
= hs20_ap_params()
1305 params
['domain_name'] = "roaming.example.org"
1306 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1307 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1309 bssid2
= apdev
[1]['bssid']
1310 params
= hs20_ap_params(ssid
="test-hs20-b")
1311 params
['domain_name'] = "roaming.example.net"
1312 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1314 values
= default_cred()
1315 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1316 id = dev
[0].add_cred_values(values
)
1317 check_auto_select(dev
[0], bssid2
)
1319 dev
[0].set_cred(id, "req_conn_capab", "50")
1320 check_auto_select(dev
[0], bssid
)
1322 dev
[0].remove_cred(id)
1323 id = dev
[0].add_cred_values(values
)
1324 dev
[0].set_cred(id, "req_conn_capab", "51")
1325 check_auto_select(dev
[0], bssid2
)
1327 def check_bandwidth_selection(dev
, type, below
):
1328 dev
.request("INTERWORKING_SELECT freq=2412")
1329 ev
= dev
.wait_event(["INTERWORKING-AP"])
1331 raise Exception("Network selection timed out");
1332 if "type=" + type not in ev
:
1333 raise Exception("Unexpected network type")
1334 if below
and "below_min_backhaul=1" not in ev
:
1335 raise Exception("below_min_backhaul not reported")
1336 if not below
and "below_min_backhaul=1" in ev
:
1337 raise Exception("below_min_backhaul reported unexpectedly")
1339 def bw_cred(domain
=None, dl_home
=None, ul_home
=None, dl_roaming
=None, ul_roaming
=None):
1340 cred
= default_cred(domain
=domain
)
1342 cred
['min_dl_bandwidth_home'] = str(dl_home
)
1344 cred
['min_ul_bandwidth_home'] = str(ul_home
)
1346 cred
['min_dl_bandwidth_roaming'] = str(dl_roaming
)
1348 cred
['min_ul_bandwidth_roaming'] = str(ul_roaming
)
1351 def test_ap_hs20_min_bandwidth_home(dev
, apdev
):
1352 """Hotspot 2.0 network selection with min bandwidth (home)"""
1353 bssid
= apdev
[0]['bssid']
1354 params
= hs20_ap_params()
1355 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1357 dev
[0].hs20_enable()
1358 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=58)
1359 id = dev
[0].add_cred_values(values
)
1360 check_bandwidth_selection(dev
[0], "home", False)
1361 dev
[0].remove_cred(id)
1363 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=58)
1364 id = dev
[0].add_cred_values(values
)
1365 check_bandwidth_selection(dev
[0], "home", True)
1366 dev
[0].remove_cred(id)
1368 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=59)
1369 id = dev
[0].add_cred_values(values
)
1370 check_bandwidth_selection(dev
[0], "home", True)
1371 dev
[0].remove_cred(id)
1373 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=59)
1374 id = dev
[0].add_cred_values(values
)
1375 check_bandwidth_selection(dev
[0], "home", True)
1376 check_auto_select(dev
[0], bssid
)
1378 bssid2
= apdev
[1]['bssid']
1379 params
= hs20_ap_params(ssid
="test-hs20-b")
1380 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1381 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1383 check_auto_select(dev
[0], bssid2
)
1385 def test_ap_hs20_min_bandwidth_roaming(dev
, apdev
):
1386 """Hotspot 2.0 network selection with min bandwidth (roaming)"""
1387 bssid
= apdev
[0]['bssid']
1388 params
= hs20_ap_params()
1389 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1391 dev
[0].hs20_enable()
1392 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=58)
1393 id = dev
[0].add_cred_values(values
)
1394 check_bandwidth_selection(dev
[0], "roaming", False)
1395 dev
[0].remove_cred(id)
1397 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=58)
1398 id = dev
[0].add_cred_values(values
)
1399 check_bandwidth_selection(dev
[0], "roaming", True)
1400 dev
[0].remove_cred(id)
1402 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=59)
1403 id = dev
[0].add_cred_values(values
)
1404 check_bandwidth_selection(dev
[0], "roaming", True)
1405 dev
[0].remove_cred(id)
1407 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=59)
1408 id = dev
[0].add_cred_values(values
)
1409 check_bandwidth_selection(dev
[0], "roaming", True)
1410 check_auto_select(dev
[0], bssid
)
1412 bssid2
= apdev
[1]['bssid']
1413 params
= hs20_ap_params(ssid
="test-hs20-b")
1414 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1415 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1417 check_auto_select(dev
[0], bssid2
)
1419 def test_ap_hs20_min_bandwidth_and_roaming_partner_preference(dev
, apdev
):
1420 """Hotspot 2.0 and minimum bandwidth with roaming partner preference"""
1421 bssid
= apdev
[0]['bssid']
1422 params
= hs20_ap_params()
1423 params
['domain_name'] = "roaming.example.org"
1424 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1425 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1427 bssid2
= apdev
[1]['bssid']
1428 params
= hs20_ap_params(ssid
="test-hs20-b")
1429 params
['domain_name'] = "roaming.example.net"
1430 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1432 values
= default_cred()
1433 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1434 id = dev
[0].add_cred_values(values
)
1435 check_auto_select(dev
[0], bssid2
)
1437 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "6000")
1438 check_auto_select(dev
[0], bssid
)
1440 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "10000")
1441 check_auto_select(dev
[0], bssid2
)
1443 def test_ap_hs20_min_bandwidth_no_wan_metrics(dev
, apdev
):
1444 """Hotspot 2.0 network selection with min bandwidth but no WAN Metrics"""
1445 bssid
= apdev
[0]['bssid']
1446 params
= hs20_ap_params()
1447 del params
['hs20_wan_metrics']
1448 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1450 dev
[0].hs20_enable()
1451 values
= bw_cred(domain
="example.com", dl_home
=10000, ul_home
=10000,
1452 dl_roaming
=10000, ul_roaming
=10000)
1453 dev
[0].add_cred_values(values
)
1454 check_bandwidth_selection(dev
[0], "home", False)
1456 def test_ap_hs20_deauth_req_ess(dev
, apdev
):
1457 """Hotspot 2.0 connection and deauthentication request for ESS"""
1458 dev
[0].request("SET pmf 2")
1459 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1460 dev
[0].dump_monitor()
1461 addr
= dev
[0].p2p_interface_addr()
1462 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1463 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 1 120 http://example.com/")
1464 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1466 raise Exception("Timeout on deauth imminent notice")
1467 if "1 120 http://example.com/" not in ev
:
1468 raise Exception("Unexpected deauth imminent notice: " + ev
)
1469 hapd
.request("DEAUTHENTICATE " + addr
)
1470 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1472 raise Exception("Timeout on disconnection")
1473 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1474 raise Exception("Network not marked temporarily disabled")
1475 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1476 "Trying to associate",
1477 "CTRL-EVENT-CONNECTED"], timeout
=5)
1479 raise Exception("Unexpected connection attempt")
1481 def test_ap_hs20_deauth_req_bss(dev
, apdev
):
1482 """Hotspot 2.0 connection and deauthentication request for BSS"""
1483 dev
[0].request("SET pmf 2")
1484 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1485 dev
[0].dump_monitor()
1486 addr
= dev
[0].p2p_interface_addr()
1487 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1488 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 0 120 http://example.com/")
1489 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1491 raise Exception("Timeout on deauth imminent notice")
1492 if "0 120 http://example.com/" not in ev
:
1493 raise Exception("Unexpected deauth imminent notice: " + ev
)
1494 hapd
.request("DEAUTHENTICATE " + addr
+ " reason=4")
1495 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1497 raise Exception("Timeout on disconnection")
1498 if "reason=4" not in ev
:
1499 raise Exception("Unexpected disconnection reason")
1500 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1501 raise Exception("Network not marked temporarily disabled")
1502 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1503 "Trying to associate",
1504 "CTRL-EVENT-CONNECTED"], timeout
=5)
1506 raise Exception("Unexpected connection attempt")
1508 def test_ap_hs20_deauth_req_from_radius(dev
, apdev
):
1509 """Hotspot 2.0 connection and deauthentication request from RADIUS"""
1510 bssid
= apdev
[0]['bssid']
1511 params
= hs20_ap_params()
1512 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1513 params
['hs20_deauth_req_timeout'] = "2"
1514 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1516 dev
[0].request("SET pmf 2")
1517 dev
[0].hs20_enable()
1518 dev
[0].add_cred_values({ 'realm': "example.com",
1519 'username': "hs20-deauth-test",
1520 'password': "password" })
1521 interworking_select(dev
[0], bssid
, freq
="2412")
1522 interworking_connect(dev
[0], bssid
, "TTLS")
1523 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"], timeout
=5)
1525 raise Exception("Timeout on deauth imminent notice")
1526 if " 1 100" not in ev
:
1527 raise Exception("Unexpected deauth imminent contents")
1528 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=3)
1530 raise Exception("Timeout on disconnection")
1532 def test_ap_hs20_remediation_required(dev
, apdev
):
1533 """Hotspot 2.0 connection and remediation required from RADIUS"""
1534 bssid
= apdev
[0]['bssid']
1535 params
= hs20_ap_params()
1536 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1537 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1539 dev
[0].request("SET pmf 1")
1540 dev
[0].hs20_enable()
1541 dev
[0].add_cred_values({ 'realm': "example.com",
1542 'username': "hs20-subrem-test",
1543 'password': "password" })
1544 interworking_select(dev
[0], bssid
, freq
="2412")
1545 interworking_connect(dev
[0], bssid
, "TTLS")
1546 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1548 raise Exception("Timeout on subscription remediation notice")
1549 if " 1 https://example.com/" not in ev
:
1550 raise Exception("Unexpected subscription remediation event contents")
1552 def test_ap_hs20_remediation_required_ctrl(dev
, apdev
):
1553 """Hotspot 2.0 connection and subrem from ctrl_iface"""
1554 bssid
= apdev
[0]['bssid']
1555 addr
= dev
[0].p2p_dev_addr()
1556 params
= hs20_ap_params()
1557 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1558 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
1560 dev
[0].request("SET pmf 1")
1561 dev
[0].hs20_enable()
1562 dev
[0].add_cred_values(default_cred())
1563 interworking_select(dev
[0], bssid
, freq
="2412")
1564 interworking_connect(dev
[0], bssid
, "TTLS")
1566 hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://example.com/")
1567 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1569 raise Exception("Timeout on subscription remediation notice")
1570 if " 1 https://example.com/" not in ev
:
1571 raise Exception("Unexpected subscription remediation event contents")
1573 hapd
.request("HS20_WNM_NOTIF " + addr
)
1574 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1576 raise Exception("Timeout on subscription remediation notice")
1577 if not ev
.endswith("HS20-SUBSCRIPTION-REMEDIATION "):
1578 raise Exception("Unexpected subscription remediation event contents: " + ev
)
1580 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF "):
1581 raise Exception("Unexpected HS20_WNM_NOTIF success")
1582 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF foo"):
1583 raise Exception("Unexpected HS20_WNM_NOTIF success")
1584 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://12345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678927.very.long.example.com/"):
1585 raise Exception("Unexpected HS20_WNM_NOTIF success")
1587 def test_ap_hs20_session_info(dev
, apdev
):
1588 """Hotspot 2.0 connection and session information from RADIUS"""
1589 bssid
= apdev
[0]['bssid']
1590 params
= hs20_ap_params()
1591 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1592 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1594 dev
[0].request("SET pmf 1")
1595 dev
[0].hs20_enable()
1596 dev
[0].add_cred_values({ 'realm': "example.com",
1597 'username': "hs20-session-info-test",
1598 'password': "password" })
1599 interworking_select(dev
[0], bssid
, freq
="2412")
1600 interworking_connect(dev
[0], bssid
, "TTLS")
1601 ev
= dev
[0].wait_event(["ESS-DISASSOC-IMMINENT"], timeout
=10)
1603 raise Exception("Timeout on ESS disassociation imminent notice")
1604 if " 1 59904 https://example.com/" not in ev
:
1605 raise Exception("Unexpected ESS disassociation imminent event contents")
1606 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-STARTED"])
1608 raise Exception("Scan not started")
1609 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
1611 raise Exception("Scan not completed")
1613 def test_ap_hs20_osen(dev
, apdev
):
1614 """Hotspot 2.0 OSEN connection"""
1615 params
= { 'ssid': "osen",
1617 'auth_server_addr': "127.0.0.1",
1618 'auth_server_port': "1812",
1619 'auth_server_shared_secret': "radius" }
1620 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1622 dev
[1].connect("osen", key_mgmt
="NONE", scan_freq
="2412",
1624 dev
[2].connect("osen", key_mgmt
="NONE", wep_key0
='"hello"',
1625 scan_freq
="2412", wait_connect
=False)
1626 dev
[0].connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1627 group
="GTK_NOT_USED",
1628 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1629 ca_cert
="auth_serv/ca.pem",
1632 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
1633 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
1634 wpas
.connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1635 group
="GTK_NOT_USED",
1636 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1637 ca_cert
="auth_serv/ca.pem",
1639 wpas
.request("DISCONNECT")
1641 def test_ap_hs20_network_preference(dev
, apdev
):
1642 """Hotspot 2.0 network selection with preferred home network"""
1643 bssid
= apdev
[0]['bssid']
1644 params
= hs20_ap_params()
1645 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1647 dev
[0].hs20_enable()
1648 values
= { 'realm': "example.com",
1649 'username': "hs20-test",
1650 'password': "password",
1651 'domain': "example.com" }
1652 dev
[0].add_cred_values(values
)
1654 id = dev
[0].add_network()
1655 dev
[0].set_network_quoted(id, "ssid", "home")
1656 dev
[0].set_network_quoted(id, "psk", "12345678")
1657 dev
[0].set_network(id, "priority", "1")
1658 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1660 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1661 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1663 raise Exception("Connection timed out")
1665 raise Exception("Unexpected network selected")
1667 bssid2
= apdev
[1]['bssid']
1668 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1669 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1671 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1672 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1673 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1675 raise Exception("Connection timed out")
1676 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1677 raise Exception("No roam to higher priority network")
1678 if bssid2
not in ev
:
1679 raise Exception("Unexpected network selected")
1681 def test_ap_hs20_network_preference2(dev
, apdev
):
1682 """Hotspot 2.0 network selection with preferred credential"""
1683 bssid2
= apdev
[1]['bssid']
1684 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1685 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1687 dev
[0].hs20_enable()
1688 values
= { 'realm': "example.com",
1689 'username': "hs20-test",
1690 'password': "password",
1691 'domain': "example.com",
1693 dev
[0].add_cred_values(values
)
1695 id = dev
[0].add_network()
1696 dev
[0].set_network_quoted(id, "ssid", "home")
1697 dev
[0].set_network_quoted(id, "psk", "12345678")
1698 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1700 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1701 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1703 raise Exception("Connection timed out")
1704 if bssid2
not in ev
:
1705 raise Exception("Unexpected network selected")
1707 bssid
= apdev
[0]['bssid']
1708 params
= hs20_ap_params()
1709 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1711 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1712 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1713 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1715 raise Exception("Connection timed out")
1716 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1717 raise Exception("No roam to higher priority network")
1719 raise Exception("Unexpected network selected")
1721 def test_ap_hs20_network_preference3(dev
, apdev
):
1722 """Hotspot 2.0 network selection with two credential (one preferred)"""
1723 bssid
= apdev
[0]['bssid']
1724 params
= hs20_ap_params()
1725 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1727 bssid2
= apdev
[1]['bssid']
1728 params
= hs20_ap_params(ssid
="test-hs20b")
1729 params
['nai_realm'] = "0,example.org,13[5:6],21[2:4][5:7]"
1730 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1732 dev
[0].hs20_enable()
1733 values
= { 'realm': "example.com",
1734 'username': "hs20-test",
1735 'password': "password",
1737 dev
[0].add_cred_values(values
)
1738 values
= { 'realm': "example.org",
1739 'username': "hs20-test",
1740 'password': "password" }
1741 id = dev
[0].add_cred_values(values
)
1743 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1744 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1746 raise Exception("Connection timed out")
1748 raise Exception("Unexpected network selected")
1750 dev
[0].set_cred(id, "priority", "2")
1751 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1752 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1753 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1755 raise Exception("Connection timed out")
1756 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1757 raise Exception("No roam to higher priority network")
1758 if bssid2
not in ev
:
1759 raise Exception("Unexpected network selected")
1761 def test_ap_hs20_network_preference4(dev
, apdev
):
1762 """Hotspot 2.0 network selection with username vs. SIM credential"""
1763 bssid
= apdev
[0]['bssid']
1764 params
= hs20_ap_params()
1765 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1767 bssid2
= apdev
[1]['bssid']
1768 params
= hs20_ap_params(ssid
="test-hs20b")
1769 params
['hessid'] = bssid2
1770 params
['anqp_3gpp_cell_net'] = "555,444"
1771 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
1772 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1774 dev
[0].hs20_enable()
1775 values
= { 'realm': "example.com",
1776 'username': "hs20-test",
1777 'password': "password",
1779 dev
[0].add_cred_values(values
)
1780 values
= { 'imsi': "555444-333222111",
1782 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123" }
1783 id = dev
[0].add_cred_values(values
)
1785 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1786 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1788 raise Exception("Connection timed out")
1790 raise Exception("Unexpected network selected")
1792 dev
[0].set_cred(id, "priority", "2")
1793 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1794 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1795 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1797 raise Exception("Connection timed out")
1798 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1799 raise Exception("No roam to higher priority network")
1800 if bssid2
not in ev
:
1801 raise Exception("Unexpected network selected")
1803 def test_ap_hs20_fetch_osu(dev
, apdev
):
1804 """Hotspot 2.0 OSU provider and icon fetch"""
1805 bssid
= apdev
[0]['bssid']
1806 params
= hs20_ap_params()
1807 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
1808 params
['osu_ssid'] = '"HS 2.0 OSU open"'
1809 params
['osu_method_list'] = "1"
1810 params
['osu_friendly_name'] = [ "eng:Test OSU", "fin:Testi-OSU" ]
1811 params
['osu_icon'] = "w1fi_logo"
1812 params
['osu_service_desc'] = [ "eng:Example services", "fin:Esimerkkipalveluja" ]
1813 params
['osu_server_uri'] = "https://example.com/osu/"
1814 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1816 bssid2
= apdev
[1]['bssid']
1817 params
= hs20_ap_params(ssid
="test-hs20b")
1818 params
['hessid'] = bssid2
1819 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
1820 params
['osu_ssid'] = '"HS 2.0 OSU OSEN"'
1821 params
['osu_method_list'] = "0"
1822 params
['osu_nai'] = "osen@example.com"
1823 params
['osu_friendly_name'] = [ "eng:Test2 OSU", "fin:Testi2-OSU" ]
1824 params
['osu_icon'] = "w1fi_logo"
1825 params
['osu_service_desc'] = [ "eng:Example services2", "fin:Esimerkkipalveluja2" ]
1826 params
['osu_server_uri'] = "https://example.org/osu/"
1827 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1829 with
open("w1fi_logo.png", "r") as f
:
1830 orig_logo
= f
.read()
1831 dev
[0].hs20_enable()
1832 dir = "/tmp/osu-fetch"
1833 if os
.path
.isdir(dir):
1834 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
1836 os
.remove(dir + "/" + f
)
1843 dev
[1].scan(freq
="2412")
1844 dev
[0].request("SET osu_dir " + dir)
1845 dev
[0].request("FETCH_OSU")
1846 if "OK" not in dev
[1].request("HS20_ICON_REQUEST " + bssid
+ " w1fi_logo"):
1847 raise Exception("HS20_ICON_REQUEST failed")
1850 ev
= dev
[0].wait_event(["OSU provider fetch completed",
1851 "RX-HS20-ANQP-ICON"], timeout
=15)
1853 raise Exception("Timeout on OSU fetch")
1854 if "OSU provider fetch completed" in ev
:
1856 if "RX-HS20-ANQP-ICON" in ev
:
1857 with
open(ev
.split(' ')[1], "r") as f
:
1859 if logo
== orig_logo
:
1862 with
open(dir + "/osu-providers.txt", "r") as f
:
1864 if "OSU-PROVIDER " + bssid
not in prov
:
1865 raise Exception("Missing OSU_PROVIDER")
1866 if "OSU-PROVIDER " + bssid2
not in prov
:
1867 raise Exception("Missing OSU_PROVIDER")
1869 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
1871 os
.remove(dir + "/" + f
)
1875 raise Exception("Unexpected number of icons fetched")
1877 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=5)
1879 raise Exception("Timeout on GAS-QUERY-DONE")
1880 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=5)
1882 raise Exception("Timeout on GAS-QUERY-DONE")
1883 if "freq=2412 status_code=0 result=SUCCESS" not in ev
:
1884 raise Exception("Unexpected GAS-QUERY-DONE: " + ev
)
1885 ev
= dev
[1].wait_event(["RX-HS20-ANQP"], timeout
=15)
1887 raise Exception("Timeout on icon fetch")
1888 if "Icon Binary File" not in ev
:
1889 raise Exception("Unexpected ANQP element")