]>
Commit | Line | Data |
---|---|---|
cd7f1b9a | 1 | # Fast BSS Transition tests |
ae14a2e2 | 2 | # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi> |
cd7f1b9a JM |
3 | # |
4 | # This software may be distributed under the terms of the BSD license. | |
5 | # See README for more details. | |
6 | ||
7 | import time | |
8 | import subprocess | |
9 | import logging | |
c9aa4308 | 10 | logger = logging.getLogger() |
cd7f1b9a JM |
11 | |
12 | import hwsim_utils | |
13 | import hostapd | |
14 | from wlantest import Wlantest | |
eaf3f9b1 | 15 | from test_ap_psk import check_mib |
cd7f1b9a JM |
16 | |
17 | def ft_base_rsn(): | |
18 | params = { "wpa": "2", | |
19 | "wpa_key_mgmt": "FT-PSK", | |
20 | "rsn_pairwise": "CCMP" } | |
21 | return params | |
22 | ||
23 | def ft_base_mixed(): | |
24 | params = { "wpa": "3", | |
25 | "wpa_key_mgmt": "WPA-PSK FT-PSK", | |
26 | "wpa_pairwise": "TKIP", | |
27 | "rsn_pairwise": "CCMP" } | |
28 | return params | |
29 | ||
30 | def ft_params(rsn=True, ssid=None, passphrase=None): | |
31 | if rsn: | |
32 | params = ft_base_rsn() | |
33 | else: | |
34 | params = ft_base_mixed() | |
35 | if ssid: | |
36 | params["ssid"] = ssid | |
37 | if passphrase: | |
38 | params["wpa_passphrase"] = passphrase | |
39 | ||
40 | params["mobility_domain"] = "a1b2" | |
41 | params["r0_key_lifetime"] = "10000" | |
42 | params["pmk_r1_push"] = "1" | |
43 | params["reassociation_deadline"] = "1000" | |
44 | return params | |
45 | ||
46 | def ft_params1(rsn=True, ssid=None, passphrase=None): | |
47 | params = ft_params(rsn, ssid, passphrase) | |
48 | params['nas_identifier'] = "nas1.w1.fi" | |
49 | params['r1_key_holder'] = "000102030405" | |
50 | params['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f", | |
51 | "02:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ] | |
52 | params['r1kh'] = "02:00:00:00:04:00 00:01:02:03:04:06 200102030405060708090a0b0c0d0e0f" | |
53 | return params | |
54 | ||
55 | def ft_params2(rsn=True, ssid=None, passphrase=None): | |
56 | params = ft_params(rsn, ssid, passphrase) | |
57 | params['nas_identifier'] = "nas2.w1.fi" | |
58 | params['r1_key_holder'] = "000102030406" | |
59 | params['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f", | |
60 | "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ] | |
61 | params['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0e0f" | |
62 | return params | |
63 | ||
3b808945 JM |
64 | def ft_params1_r0kh_mismatch(rsn=True, ssid=None, passphrase=None): |
65 | params = ft_params(rsn, ssid, passphrase) | |
66 | params['nas_identifier'] = "nas1.w1.fi" | |
67 | params['r1_key_holder'] = "000102030405" | |
68 | params['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f", | |
69 | "12:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ] | |
70 | params['r1kh'] = "12:00:00:00:04:00 10:01:02:03:04:06 200102030405060708090a0b0c0d0e0f" | |
71 | return params | |
72 | ||
73 | def ft_params2_incorrect_rrb_key(rsn=True, ssid=None, passphrase=None): | |
74 | params = ft_params(rsn, ssid, passphrase) | |
75 | params['nas_identifier'] = "nas2.w1.fi" | |
76 | params['r1_key_holder'] = "000102030406" | |
77 | params['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0ef1", | |
78 | "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0ef2" ] | |
79 | params['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0ef3" | |
80 | return params | |
81 | ||
82 | def ft_params2_r0kh_mismatch(rsn=True, ssid=None, passphrase=None): | |
83 | params = ft_params(rsn, ssid, passphrase) | |
84 | params['nas_identifier'] = "nas2.w1.fi" | |
85 | params['r1_key_holder'] = "000102030406" | |
86 | params['r0kh'] = [ "12:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f", | |
87 | "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ] | |
88 | params['r1kh'] = "12:00:00:00:03:00 10:01:02:03:04:05 300102030405060708090a0b0c0d0e0f" | |
89 | return params | |
90 | ||
a8375c94 | 91 | def run_roams(dev, apdev, hapd0, hapd1, ssid, passphrase, over_ds=False, sae=False, eap=False, fail_test=False, roams=1): |
cd7f1b9a | 92 | logger.info("Connect to first AP") |
6f62809b JM |
93 | if eap: |
94 | dev.connect(ssid, key_mgmt="FT-EAP", proto="WPA2", ieee80211w="1", | |
2f816c21 JM |
95 | eap="GPSK", identity="gpsk user", |
96 | password="abcdefghijklmnop0123456789abcdef", | |
97 | scan_freq="2412") | |
6e658cc4 | 98 | else: |
6f62809b JM |
99 | if sae: |
100 | key_mgmt="FT-SAE" | |
101 | else: | |
102 | key_mgmt="FT-PSK" | |
103 | dev.connect(ssid, psk=passphrase, key_mgmt=key_mgmt, proto="WPA2", | |
2f816c21 | 104 | ieee80211w="1", scan_freq="2412") |
cd7f1b9a JM |
105 | if dev.get_status_field('bssid') == apdev[0]['bssid']: |
106 | ap1 = apdev[0] | |
107 | ap2 = apdev[1] | |
a8375c94 JM |
108 | hapd1ap = hapd0 |
109 | hapd2ap = hapd1 | |
cd7f1b9a JM |
110 | else: |
111 | ap1 = apdev[1] | |
112 | ap2 = apdev[0] | |
a8375c94 JM |
113 | hapd1ap = hapd1 |
114 | hapd2ap = hapd0 | |
115 | hwsim_utils.test_connectivity(dev, hapd1ap) | |
cd7f1b9a | 116 | |
655bc8bf | 117 | dev.scan_for_bss(ap2['bssid'], freq="2412") |
40602101 JM |
118 | |
119 | for i in range(0, roams): | |
120 | logger.info("Roam to the second AP") | |
121 | if over_ds: | |
122 | dev.roam_over_ds(ap2['bssid'], fail_test=fail_test) | |
123 | else: | |
124 | dev.roam(ap2['bssid'], fail_test=fail_test) | |
125 | if fail_test: | |
126 | return | |
127 | if dev.get_status_field('bssid') != ap2['bssid']: | |
128 | raise Exception("Did not connect to correct AP") | |
129 | if i == 0 or i == roams - 1: | |
a8375c94 | 130 | hwsim_utils.test_connectivity(dev, hapd2ap) |
40602101 JM |
131 | |
132 | logger.info("Roam back to the first AP") | |
133 | if over_ds: | |
134 | dev.roam_over_ds(ap1['bssid']) | |
135 | else: | |
136 | dev.roam(ap1['bssid']) | |
137 | if dev.get_status_field('bssid') != ap1['bssid']: | |
138 | raise Exception("Did not connect to correct AP") | |
139 | if i == 0 or i == roams - 1: | |
a8375c94 | 140 | hwsim_utils.test_connectivity(dev, hapd1ap) |
cd7f1b9a JM |
141 | |
142 | def test_ap_ft(dev, apdev): | |
143 | """WPA2-PSK-FT AP""" | |
144 | ssid = "test-ft" | |
145 | passphrase="12345678" | |
146 | ||
147 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
a8375c94 | 148 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
cd7f1b9a | 149 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
a8375c94 | 150 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
cd7f1b9a | 151 | |
a8375c94 | 152 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase) |
91bc6c36 JM |
153 | if "[WPA2-FT/PSK-CCMP]" not in dev[0].request("SCAN_RESULTS"): |
154 | raise Exception("Scan results missing RSN element info") | |
cd7f1b9a | 155 | |
40602101 JM |
156 | def test_ap_ft_many(dev, apdev): |
157 | """WPA2-PSK-FT AP multiple times""" | |
158 | ssid = "test-ft" | |
159 | passphrase="12345678" | |
160 | ||
161 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
a8375c94 | 162 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
40602101 | 163 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
a8375c94 | 164 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
40602101 | 165 | |
a8375c94 | 166 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, roams=50) |
40602101 | 167 | |
cd7f1b9a JM |
168 | def test_ap_ft_mixed(dev, apdev): |
169 | """WPA2-PSK-FT mixed-mode AP""" | |
170 | ssid = "test-ft-mixed" | |
171 | passphrase="12345678" | |
172 | ||
173 | params = ft_params1(rsn=False, ssid=ssid, passphrase=passphrase) | |
65038313 JM |
174 | hapd = hostapd.add_ap(apdev[0]['ifname'], params) |
175 | key_mgmt = hapd.get_config()['key_mgmt'] | |
176 | vals = key_mgmt.split(' ') | |
177 | if vals[0] != "WPA-PSK" or vals[1] != "FT-PSK": | |
178 | raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt) | |
cd7f1b9a | 179 | params = ft_params2(rsn=False, ssid=ssid, passphrase=passphrase) |
a8375c94 | 180 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
cd7f1b9a | 181 | |
a8375c94 | 182 | run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase) |
cd7f1b9a JM |
183 | |
184 | def test_ap_ft_pmf(dev, apdev): | |
185 | """WPA2-PSK-FT AP with PMF""" | |
186 | ssid = "test-ft" | |
187 | passphrase="12345678" | |
188 | ||
189 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
190 | params["ieee80211w"] = "2"; | |
a8375c94 | 191 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
cd7f1b9a JM |
192 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
193 | params["ieee80211w"] = "2"; | |
a8375c94 | 194 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
cd7f1b9a | 195 | |
a8375c94 | 196 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase) |
b553eab1 JM |
197 | |
198 | def test_ap_ft_over_ds(dev, apdev): | |
199 | """WPA2-PSK-FT AP over DS""" | |
200 | ssid = "test-ft" | |
201 | passphrase="12345678" | |
202 | ||
203 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
a8375c94 | 204 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
b553eab1 | 205 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
a8375c94 | 206 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
b553eab1 | 207 | |
a8375c94 | 208 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True) |
eaf3f9b1 JM |
209 | check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-4"), |
210 | ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-4") ]) | |
b553eab1 | 211 | |
40602101 JM |
212 | def test_ap_ft_over_ds_many(dev, apdev): |
213 | """WPA2-PSK-FT AP over DS multiple times""" | |
214 | ssid = "test-ft" | |
215 | passphrase="12345678" | |
216 | ||
217 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
a8375c94 | 218 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
40602101 | 219 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
a8375c94 | 220 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
40602101 | 221 | |
a8375c94 JM |
222 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, |
223 | roams=50) | |
40602101 | 224 | |
c337d07a JM |
225 | def test_ap_ft_over_ds_unknown_target(dev, apdev): |
226 | """WPA2-PSK-FT AP""" | |
227 | ssid = "test-ft" | |
228 | passphrase="12345678" | |
229 | ||
230 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
231 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) | |
232 | ||
233 | dev[0].connect(ssid, psk=passphrase, key_mgmt="FT-PSK", proto="WPA2", | |
234 | scan_freq="2412") | |
235 | dev[0].roam_over_ds("02:11:22:33:44:55", fail_test=True) | |
236 | ||
b553eab1 JM |
237 | def test_ap_ft_pmf_over_ds(dev, apdev): |
238 | """WPA2-PSK-FT AP over DS with PMF""" | |
239 | ssid = "test-ft" | |
240 | passphrase="12345678" | |
241 | ||
242 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
243 | params["ieee80211w"] = "2"; | |
a8375c94 | 244 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
b553eab1 JM |
245 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
246 | params["ieee80211w"] = "2"; | |
a8375c94 | 247 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
b553eab1 | 248 | |
a8375c94 | 249 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True) |
6e658cc4 | 250 | |
aaba98d3 JM |
251 | def test_ap_ft_over_ds_pull(dev, apdev): |
252 | """WPA2-PSK-FT AP over DS (pull PMK)""" | |
253 | ssid = "test-ft" | |
254 | passphrase="12345678" | |
255 | ||
256 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
257 | params["pmk_r1_push"] = "0" | |
a8375c94 | 258 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
aaba98d3 JM |
259 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
260 | params["pmk_r1_push"] = "0" | |
a8375c94 | 261 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
aaba98d3 | 262 | |
a8375c94 | 263 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True) |
aaba98d3 | 264 | |
6e658cc4 JM |
265 | def test_ap_ft_sae(dev, apdev): |
266 | """WPA2-PSK-FT-SAE AP""" | |
267 | ssid = "test-ft" | |
268 | passphrase="12345678" | |
269 | ||
270 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
271 | params['wpa_key_mgmt'] = "FT-SAE" | |
a8375c94 | 272 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
6e658cc4 JM |
273 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
274 | params['wpa_key_mgmt'] = "FT-SAE" | |
65038313 JM |
275 | hapd = hostapd.add_ap(apdev[1]['ifname'], params) |
276 | key_mgmt = hapd.get_config()['key_mgmt'] | |
277 | if key_mgmt.split(' ')[0] != "FT-SAE": | |
278 | raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt) | |
6e658cc4 | 279 | |
17ffdf39 | 280 | dev[0].request("SET sae_groups ") |
a8375c94 | 281 | run_roams(dev[0], apdev, hapd0, hapd, ssid, passphrase, sae=True) |
6e658cc4 JM |
282 | |
283 | def test_ap_ft_sae_over_ds(dev, apdev): | |
284 | """WPA2-PSK-FT-SAE AP over DS""" | |
285 | ssid = "test-ft" | |
286 | passphrase="12345678" | |
287 | ||
288 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
289 | params['wpa_key_mgmt'] = "FT-SAE" | |
a8375c94 | 290 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
6e658cc4 JM |
291 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
292 | params['wpa_key_mgmt'] = "FT-SAE" | |
a8375c94 | 293 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
6e658cc4 | 294 | |
17ffdf39 | 295 | dev[0].request("SET sae_groups ") |
a8375c94 JM |
296 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, sae=True, |
297 | over_ds=True) | |
6f62809b JM |
298 | |
299 | def test_ap_ft_eap(dev, apdev): | |
300 | """WPA2-EAP-FT AP""" | |
301 | ssid = "test-ft" | |
302 | passphrase="12345678" | |
303 | ||
304 | radius = hostapd.radius_params() | |
305 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
306 | params['wpa_key_mgmt'] = "FT-EAP" | |
307 | params["ieee8021x"] = "1" | |
308 | params = dict(radius.items() + params.items()) | |
65038313 JM |
309 | hapd = hostapd.add_ap(apdev[0]['ifname'], params) |
310 | key_mgmt = hapd.get_config()['key_mgmt'] | |
311 | if key_mgmt.split(' ')[0] != "FT-EAP": | |
312 | raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt) | |
6f62809b JM |
313 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
314 | params['wpa_key_mgmt'] = "FT-EAP" | |
315 | params["ieee8021x"] = "1" | |
316 | params = dict(radius.items() + params.items()) | |
a8375c94 | 317 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
6f62809b | 318 | |
a8375c94 | 319 | run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase, eap=True) |
91bc6c36 JM |
320 | if "[WPA2-FT/EAP-CCMP]" not in dev[0].request("SCAN_RESULTS"): |
321 | raise Exception("Scan results missing RSN element info") | |
eaf3f9b1 JM |
322 | check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-3"), |
323 | ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-3") ]) | |
aaba98d3 JM |
324 | |
325 | def test_ap_ft_eap_pull(dev, apdev): | |
326 | """WPA2-EAP-FT AP (pull PMK)""" | |
327 | ssid = "test-ft" | |
328 | passphrase="12345678" | |
329 | ||
330 | radius = hostapd.radius_params() | |
331 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
332 | params['wpa_key_mgmt'] = "FT-EAP" | |
333 | params["ieee8021x"] = "1" | |
334 | params["pmk_r1_push"] = "0" | |
335 | params = dict(radius.items() + params.items()) | |
336 | hapd = hostapd.add_ap(apdev[0]['ifname'], params) | |
337 | key_mgmt = hapd.get_config()['key_mgmt'] | |
338 | if key_mgmt.split(' ')[0] != "FT-EAP": | |
339 | raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt) | |
340 | params = ft_params2(ssid=ssid, passphrase=passphrase) | |
341 | params['wpa_key_mgmt'] = "FT-EAP" | |
342 | params["ieee8021x"] = "1" | |
343 | params["pmk_r1_push"] = "0" | |
344 | params = dict(radius.items() + params.items()) | |
a8375c94 | 345 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
aaba98d3 | 346 | |
a8375c94 | 347 | run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase, eap=True) |
3b808945 JM |
348 | |
349 | def test_ap_ft_mismatching_rrb_key_push(dev, apdev): | |
350 | """WPA2-PSK-FT AP over DS with mismatching RRB key (push)""" | |
351 | ssid = "test-ft" | |
352 | passphrase="12345678" | |
353 | ||
354 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
355 | params["ieee80211w"] = "2"; | |
a8375c94 | 356 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
3b808945 JM |
357 | params = ft_params2_incorrect_rrb_key(ssid=ssid, passphrase=passphrase) |
358 | params["ieee80211w"] = "2"; | |
a8375c94 | 359 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
3b808945 | 360 | |
a8375c94 JM |
361 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, |
362 | fail_test=True) | |
3b808945 JM |
363 | |
364 | def test_ap_ft_mismatching_rrb_key_pull(dev, apdev): | |
365 | """WPA2-PSK-FT AP over DS with mismatching RRB key (pull)""" | |
366 | ssid = "test-ft" | |
367 | passphrase="12345678" | |
368 | ||
369 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
370 | params["pmk_r1_push"] = "0" | |
a8375c94 | 371 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
3b808945 JM |
372 | params = ft_params2_incorrect_rrb_key(ssid=ssid, passphrase=passphrase) |
373 | params["pmk_r1_push"] = "0" | |
a8375c94 | 374 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
3b808945 | 375 | |
a8375c94 JM |
376 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, |
377 | fail_test=True) | |
3b808945 | 378 | |
ae14a2e2 JM |
379 | def test_ap_ft_mismatching_r0kh_id_pull(dev, apdev): |
380 | """WPA2-PSK-FT AP over DS with mismatching R0KH-ID (pull)""" | |
381 | ssid = "test-ft" | |
382 | passphrase="12345678" | |
383 | ||
384 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
385 | params["pmk_r1_push"] = "0" | |
386 | params["nas_identifier"] = "nas0.w1.fi" | |
387 | hostapd.add_ap(apdev[0]['ifname'], params) | |
2f816c21 JM |
388 | dev[0].connect(ssid, psk=passphrase, key_mgmt="FT-PSK", proto="WPA2", |
389 | scan_freq="2412") | |
ae14a2e2 JM |
390 | |
391 | params = ft_params2(ssid=ssid, passphrase=passphrase) | |
392 | params["pmk_r1_push"] = "0" | |
393 | hostapd.add_ap(apdev[1]['ifname'], params) | |
394 | ||
395 | dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412") | |
396 | dev[0].roam_over_ds(apdev[1]['bssid'], fail_test=True) | |
397 | ||
3b808945 JM |
398 | def test_ap_ft_mismatching_rrb_r0kh_push(dev, apdev): |
399 | """WPA2-PSK-FT AP over DS with mismatching R0KH key (push)""" | |
400 | ssid = "test-ft" | |
401 | passphrase="12345678" | |
402 | ||
403 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
404 | params["ieee80211w"] = "2"; | |
a8375c94 | 405 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
3b808945 JM |
406 | params = ft_params2_r0kh_mismatch(ssid=ssid, passphrase=passphrase) |
407 | params["ieee80211w"] = "2"; | |
a8375c94 | 408 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
3b808945 | 409 | |
a8375c94 JM |
410 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, |
411 | fail_test=True) | |
3b808945 JM |
412 | |
413 | def test_ap_ft_mismatching_rrb_r0kh_pull(dev, apdev): | |
414 | """WPA2-PSK-FT AP over DS with mismatching R0KH key (pull)""" | |
415 | ssid = "test-ft" | |
416 | passphrase="12345678" | |
417 | ||
418 | params = ft_params1_r0kh_mismatch(ssid=ssid, passphrase=passphrase) | |
419 | params["pmk_r1_push"] = "0" | |
a8375c94 | 420 | hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) |
3b808945 JM |
421 | params = ft_params2(ssid=ssid, passphrase=passphrase) |
422 | params["pmk_r1_push"] = "0" | |
a8375c94 | 423 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
3b808945 | 424 | |
a8375c94 JM |
425 | run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, |
426 | fail_test=True) | |
c6b6e105 JM |
427 | |
428 | def test_ap_ft_gtk_rekey(dev, apdev): | |
429 | """WPA2-PSK-FT AP and GTK rekey""" | |
430 | ssid = "test-ft" | |
431 | passphrase="12345678" | |
432 | ||
433 | params = ft_params1(ssid=ssid, passphrase=passphrase) | |
434 | params['wpa_group_rekey'] = '1' | |
a8375c94 | 435 | hapd = hostapd.add_ap(apdev[0]['ifname'], params) |
c6b6e105 JM |
436 | |
437 | dev[0].connect(ssid, psk=passphrase, key_mgmt="FT-PSK", proto="WPA2", | |
2f816c21 | 438 | ieee80211w="1", scan_freq="2412") |
c6b6e105 JM |
439 | |
440 | ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2) | |
441 | if ev is None: | |
442 | raise Exception("GTK rekey timed out after initial association") | |
a8375c94 | 443 | hwsim_utils.test_connectivity(dev[0], hapd) |
c6b6e105 JM |
444 | |
445 | params = ft_params2(ssid=ssid, passphrase=passphrase) | |
446 | params['wpa_group_rekey'] = '1' | |
a8375c94 | 447 | hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) |
c6b6e105 JM |
448 | |
449 | dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412") | |
450 | dev[0].roam(apdev[1]['bssid']) | |
451 | if dev[0].get_status_field('bssid') != apdev[1]['bssid']: | |
452 | raise Exception("Did not connect to correct AP") | |
a8375c94 | 453 | hwsim_utils.test_connectivity(dev[0], hapd1) |
c6b6e105 JM |
454 | |
455 | ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2) | |
456 | if ev is None: | |
457 | raise Exception("GTK rekey timed out after FT protocol") | |
a8375c94 | 458 | hwsim_utils.test_connectivity(dev[0], hapd1) |