]>
Commit | Line | Data |
---|---|---|
93a06242 JM |
1 | #!/usr/bin/python |
2 | # | |
3 | # Hotspot 2.0 tests | |
4 | # Copyright (c) 2013, Jouni Malinen <j@w1.fi> | |
5 | # | |
6 | # This software may be distributed under the terms of the BSD license. | |
7 | # See README for more details. | |
8 | ||
9 | import time | |
10 | import subprocess | |
11 | import logging | |
c9aa4308 | 12 | logger = logging.getLogger() |
efd43d85 JM |
13 | import os.path |
14 | import subprocess | |
93a06242 JM |
15 | |
16 | import hostapd | |
715bf904 | 17 | from wlantest import Wlantest |
93a06242 JM |
18 | |
19 | def hs20_ap_params(): | |
20 | params = hostapd.wpa2_params(ssid="test-hs20") | |
21 | params['wpa_key_mgmt'] = "WPA-EAP" | |
22 | params['ieee80211w'] = "1" | |
23 | params['ieee8021x'] = "1" | |
24 | params['auth_server_addr'] = "127.0.0.1" | |
25 | params['auth_server_port'] = "1812" | |
26 | params['auth_server_shared_secret'] = "radius" | |
27 | params['interworking'] = "1" | |
28 | params['access_network_type'] = "14" | |
29 | params['internet'] = "1" | |
30 | params['asra'] = "0" | |
31 | params['esr'] = "0" | |
32 | params['uesa'] = "0" | |
33 | params['venue_group'] = "7" | |
34 | params['venue_type'] = "1" | |
35 | params['venue_name'] = [ "eng:Example venue", "fin:Esimerkkipaikka" ] | |
36 | params['roaming_consortium'] = [ "112233", "1020304050", "010203040506", | |
37 | "fedcba" ] | |
38 | params['domain_name'] = "example.com,another.example.com" | |
39 | params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]", | |
40 | "0,another.example.com" ] | |
41 | params['hs20'] = "1" | |
42 | params['hs20_wan_metrics'] = "01:8000:1000:80:240:3000" | |
43 | params['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0" ] | |
44 | params['hs20_operating_class'] = "5173" | |
45 | params['anqp_3gpp_cell_net'] = "244,91" | |
46 | return params | |
47 | ||
bbe86767 JM |
48 | def interworking_select(dev, bssid, type=None, no_match=False): |
49 | dev.dump_monitor() | |
50 | dev.request("INTERWORKING_SELECT") | |
51 | ev = dev.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"], | |
52 | timeout=15) | |
93a06242 JM |
53 | if ev is None: |
54 | raise Exception("Network selection timed out"); | |
bbe86767 JM |
55 | if no_match: |
56 | if "INTERWORKING-NO-MATCH" not in ev: | |
57 | raise Exception("Unexpected network match") | |
58 | return | |
93a06242 JM |
59 | if "INTERWORKING-NO-MATCH" in ev: |
60 | raise Exception("Matching network not found") | |
2cdd91d8 | 61 | if bssid and bssid not in ev: |
93a06242 | 62 | raise Exception("Unexpected BSSID in match") |
bbe86767 JM |
63 | if type and "type=" + type not in ev: |
64 | raise Exception("Network type not recognized correctly") | |
93a06242 | 65 | |
bbe86767 JM |
66 | def check_sp_type(dev, sp_type): |
67 | type = dev.get_status_field("sp_type") | |
68 | if type is None: | |
69 | raise Exception("sp_type not available") | |
70 | if type != sp_type: | |
71 | raise Exception("sp_type did not indicate home network") | |
efd43d85 | 72 | |
bbe86767 | 73 | def hlr_auc_gw_available(): |
efd43d85 JM |
74 | if not os.path.exists("/tmp/hlr_auc_gw.sock"): |
75 | logger.info("No hlr_auc_gw available"); | |
bbe86767 | 76 | return False |
efd43d85 JM |
77 | if not os.path.exists("../../hostapd/hlr_auc_gw"): |
78 | logger.info("No hlr_auc_gw available"); | |
bbe86767 JM |
79 | return False |
80 | return True | |
efd43d85 | 81 | |
bbe86767 JM |
82 | def interworking_ext_sim_connect(dev, bssid, method): |
83 | dev.request("INTERWORKING_CONNECT " + bssid) | |
efd43d85 | 84 | |
bbe86767 | 85 | ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=15) |
efd43d85 JM |
86 | if ev is None: |
87 | raise Exception("Network connected timed out") | |
bbe86767 | 88 | if "(" + method + ")" not in ev: |
efd43d85 JM |
89 | raise Exception("Unexpected EAP method selection") |
90 | ||
bbe86767 | 91 | ev = dev.wait_event(["CTRL-REQ-SIM"], timeout=15) |
efd43d85 JM |
92 | if ev is None: |
93 | raise Exception("Wait for external SIM processing request timed out") | |
94 | p = ev.split(':', 2) | |
95 | if p[1] != "GSM-AUTH": | |
96 | raise Exception("Unexpected CTRL-REQ-SIM type") | |
97 | id = p[0].split('-')[3] | |
98 | rand = p[2].split(' ')[0] | |
99 | ||
100 | res = subprocess.check_output(["../../hostapd/hlr_auc_gw", | |
101 | "-m", | |
102 | "auth_serv/hlr_auc_gw.milenage_db", | |
103 | "GSM-AUTH-REQ 232010000000000 " + rand]) | |
104 | if "GSM-AUTH-RESP" not in res: | |
105 | raise Exception("Unexpected hlr_auc_gw response") | |
106 | resp = res.split(' ')[2].rstrip() | |
107 | ||
bbe86767 JM |
108 | dev.request("CTRL-RSP-SIM-" + id + ":GSM-AUTH:" + resp) |
109 | ev = dev.wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
efd43d85 JM |
110 | if ev is None: |
111 | raise Exception("Connection timed out") | |
f4defd91 | 112 | |
8fba2e5d JM |
113 | def interworking_connect(dev, bssid, method): |
114 | dev.request("INTERWORKING_CONNECT " + bssid) | |
115 | ||
116 | ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=15) | |
117 | if ev is None: | |
118 | raise Exception("Network connected timed out") | |
119 | if "(" + method + ")" not in ev: | |
120 | raise Exception("Unexpected EAP method selection") | |
121 | ||
122 | ev = dev.wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
123 | if ev is None: | |
124 | raise Exception("Connection timed out") | |
125 | ||
715bf904 JM |
126 | def check_probe_resp(wt, bssid_unexpected, bssid_expected): |
127 | if bssid_unexpected: | |
128 | count = wt.get_bss_counter("probe_response", bssid_unexpected) | |
129 | if count > 0: | |
130 | raise Exception("Unexpected Probe Response frame from AP") | |
131 | ||
132 | if bssid_expected: | |
133 | count = wt.get_bss_counter("probe_response", bssid_expected) | |
134 | if count == 0: | |
135 | raise Exception("No Probe Response frame from AP") | |
136 | ||
2cdd91d8 JM |
137 | def test_ap_anqp_sharing(dev, apdev): |
138 | """ANQP sharing within ESS and explicit unshare""" | |
139 | bssid = apdev[0]['bssid'] | |
140 | params = hs20_ap_params() | |
141 | params['hessid'] = bssid | |
142 | hostapd.add_ap(apdev[0]['ifname'], params) | |
143 | ||
144 | bssid2 = apdev[1]['bssid'] | |
145 | params = hs20_ap_params() | |
146 | params['hessid'] = bssid | |
147 | params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ] | |
148 | hostapd.add_ap(apdev[1]['ifname'], params) | |
149 | ||
150 | dev[0].request("SET ignore_old_scan_res 1") | |
151 | dev[0].hs20_enable() | |
152 | id = dev[0].add_cred_values({ 'realm': "example.com", 'username': "test", | |
153 | 'password': "secret", | |
154 | 'domain': "example.com" }) | |
155 | logger.info("Normal network selection with shared ANQP results") | |
156 | interworking_select(dev[0], None, "home") | |
157 | dev[0].dump_monitor() | |
158 | ||
159 | res1 = dev[0].get_bss(bssid) | |
160 | res2 = dev[0].get_bss(bssid2) | |
161 | if res1['anqp_nai_realm'] != res2['anqp_nai_realm']: | |
162 | raise Exception("ANQP results were not shared between BSSes") | |
163 | ||
164 | logger.info("Explicit ANQP request to unshare ANQP results") | |
165 | dev[0].request("ANQP_GET " + bssid + " 263") | |
166 | ev = dev[0].wait_event(["RX-ANQP"], timeout=5) | |
167 | if ev is None: | |
168 | raise Exception("ANQP operation timed out") | |
169 | ||
170 | dev[0].request("ANQP_GET " + bssid2 + " 263") | |
171 | ev = dev[0].wait_event(["RX-ANQP"], timeout=5) | |
172 | if ev is None: | |
173 | raise Exception("ANQP operation timed out") | |
174 | ||
175 | res1 = dev[0].get_bss(bssid) | |
176 | res2 = dev[0].get_bss(bssid2) | |
177 | if res1['anqp_nai_realm'] == res2['anqp_nai_realm']: | |
178 | raise Exception("ANQP results were not unshared") | |
179 | ||
715bf904 JM |
180 | def test_ap_interworking_scan_filtering(dev, apdev): |
181 | """Interworking scan filtering with HESSID and access network type""" | |
182 | bssid = apdev[0]['bssid'] | |
183 | params = hs20_ap_params() | |
184 | ssid = "test-hs20-ap1" | |
185 | params['ssid'] = ssid | |
186 | params['hessid'] = bssid | |
187 | hostapd.add_ap(apdev[0]['ifname'], params) | |
188 | ||
189 | bssid2 = apdev[1]['bssid'] | |
190 | params = hs20_ap_params() | |
191 | ssid2 = "test-hs20-ap2" | |
192 | params['ssid'] = ssid2 | |
193 | params['hessid'] = bssid2 | |
194 | params['access_network_type'] = "1" | |
8175854e JM |
195 | del params['venue_group'] |
196 | del params['venue_type'] | |
715bf904 JM |
197 | hostapd.add_ap(apdev[1]['ifname'], params) |
198 | ||
199 | dev[0].request("SET ignore_old_scan_res 1") | |
200 | dev[0].hs20_enable() | |
201 | ||
202 | wt = Wlantest() | |
203 | wt.flush() | |
204 | ||
205 | logger.info("Check probe request filtering based on HESSID") | |
206 | ||
207 | dev[0].request("SET hessid " + bssid2) | |
0589f401 | 208 | dev[0].scan(freq="2412") |
715bf904 JM |
209 | check_probe_resp(wt, bssid, bssid2) |
210 | ||
211 | logger.info("Check probe request filtering based on access network type") | |
212 | ||
213 | wt.clear_bss_counters(bssid) | |
214 | wt.clear_bss_counters(bssid2) | |
215 | dev[0].request("SET hessid 00:00:00:00:00:00") | |
216 | dev[0].request("SET access_network_type 14") | |
0589f401 | 217 | dev[0].scan(freq="2412") |
715bf904 JM |
218 | check_probe_resp(wt, bssid2, bssid) |
219 | ||
220 | wt.clear_bss_counters(bssid) | |
221 | wt.clear_bss_counters(bssid2) | |
222 | dev[0].request("SET hessid 00:00:00:00:00:00") | |
223 | dev[0].request("SET access_network_type 1") | |
0589f401 | 224 | dev[0].scan(freq="2412") |
715bf904 JM |
225 | check_probe_resp(wt, bssid, bssid2) |
226 | ||
227 | logger.info("Check probe request filtering based on HESSID and ANT") | |
228 | ||
229 | wt.clear_bss_counters(bssid) | |
230 | wt.clear_bss_counters(bssid2) | |
231 | dev[0].request("SET hessid " + bssid) | |
232 | dev[0].request("SET access_network_type 14") | |
0589f401 | 233 | dev[0].scan(freq="2412") |
715bf904 JM |
234 | check_probe_resp(wt, bssid2, bssid) |
235 | ||
236 | wt.clear_bss_counters(bssid) | |
237 | wt.clear_bss_counters(bssid2) | |
238 | dev[0].request("SET hessid " + bssid2) | |
239 | dev[0].request("SET access_network_type 14") | |
0589f401 | 240 | dev[0].scan(freq="2412") |
715bf904 JM |
241 | check_probe_resp(wt, bssid, None) |
242 | check_probe_resp(wt, bssid2, None) | |
243 | ||
244 | wt.clear_bss_counters(bssid) | |
245 | wt.clear_bss_counters(bssid2) | |
246 | dev[0].request("SET hessid " + bssid) | |
247 | dev[0].request("SET access_network_type 1") | |
0589f401 | 248 | dev[0].scan(freq="2412") |
715bf904 JM |
249 | check_probe_resp(wt, bssid, None) |
250 | check_probe_resp(wt, bssid2, None) | |
251 | ||
bbe86767 JM |
252 | def test_ap_hs20_select(dev, apdev): |
253 | """Hotspot 2.0 network selection""" | |
254 | bssid = apdev[0]['bssid'] | |
255 | params = hs20_ap_params() | |
256 | params['hessid'] = bssid | |
257 | hostapd.add_ap(apdev[0]['ifname'], params) | |
258 | ||
469f5f3c | 259 | dev[0].request("SET ignore_old_scan_res 1") |
bbe86767 | 260 | dev[0].hs20_enable() |
2232edf8 JM |
261 | id = dev[0].add_cred_values({ 'realm': "example.com", 'username': "test", |
262 | 'password': "secret", | |
263 | 'domain': "example.com" }) | |
bbe86767 JM |
264 | interworking_select(dev[0], bssid, "home") |
265 | ||
266 | dev[0].remove_cred(id) | |
2232edf8 JM |
267 | id = dev[0].add_cred_values({ 'realm': "example.com", 'username': "test", |
268 | 'password': "secret", | |
269 | 'domain': "no.match.example.com" }) | |
bbe86767 JM |
270 | interworking_select(dev[0], bssid, "roaming") |
271 | ||
272 | dev[0].set_cred_quoted(id, "realm", "no.match.example.com"); | |
273 | interworking_select(dev[0], bssid, no_match=True) | |
274 | ||
459e96cd JM |
275 | def hs20_simulated_sim(dev, ap, method): |
276 | bssid = ap['bssid'] | |
277 | params = hs20_ap_params() | |
278 | params['hessid'] = bssid | |
279 | params['anqp_3gpp_cell_net'] = "555,444" | |
280 | params['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org" | |
281 | hostapd.add_ap(ap['ifname'], params) | |
282 | ||
283 | dev.request("SET ignore_old_scan_res 1") | |
284 | dev.hs20_enable() | |
285 | dev.add_cred_values({ 'imsi': "555444-333222111", 'eap': method, | |
286 | 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"}) | |
287 | interworking_select(dev, "home") | |
288 | interworking_connect(dev, bssid, method) | |
289 | check_sp_type(dev, "home") | |
290 | ||
291 | def test_ap_hs20_sim(dev, apdev): | |
292 | """Hotspot 2.0 with simulated SIM and EAP-SIM""" | |
293 | if not hlr_auc_gw_available(): | |
294 | return "skip" | |
295 | hs20_simulated_sim(dev[0], apdev[0], "SIM") | |
296 | ||
297 | def test_ap_hs20_aka(dev, apdev): | |
298 | """Hotspot 2.0 with simulated USIM and EAP-AKA""" | |
299 | if not hlr_auc_gw_available(): | |
300 | return "skip" | |
301 | hs20_simulated_sim(dev[0], apdev[0], "AKA") | |
302 | ||
303 | def test_ap_hs20_aka_prime(dev, apdev): | |
304 | """Hotspot 2.0 with simulated USIM and EAP-AKA'""" | |
305 | if not hlr_auc_gw_available(): | |
306 | return "skip" | |
307 | hs20_simulated_sim(dev[0], apdev[0], "AKA'") | |
308 | ||
bbe86767 JM |
309 | def test_ap_hs20_ext_sim(dev, apdev): |
310 | """Hotspot 2.0 with external SIM processing""" | |
311 | if not hlr_auc_gw_available(): | |
312 | return "skip" | |
313 | bssid = apdev[0]['bssid'] | |
314 | params = hs20_ap_params() | |
315 | params['hessid'] = bssid | |
316 | params['anqp_3gpp_cell_net'] = "232,01" | |
317 | params['domain_name'] = "wlan.mnc001.mcc232.3gppnetwork.org" | |
318 | hostapd.add_ap(apdev[0]['ifname'], params) | |
319 | ||
469f5f3c | 320 | dev[0].request("SET ignore_old_scan_res 1") |
bbe86767 JM |
321 | dev[0].hs20_enable() |
322 | dev[0].request("SET external_sim 1") | |
2232edf8 | 323 | dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" }) |
bbe86767 JM |
324 | interworking_select(dev[0], "home") |
325 | interworking_ext_sim_connect(dev[0], bssid, "SIM") | |
326 | check_sp_type(dev[0], "home") | |
59f8a3c6 JM |
327 | |
328 | def test_ap_hs20_ext_sim_roaming(dev, apdev): | |
329 | """Hotspot 2.0 with external SIM processing in roaming network""" | |
330 | if not hlr_auc_gw_available(): | |
331 | return "skip" | |
332 | bssid = apdev[0]['bssid'] | |
333 | params = hs20_ap_params() | |
334 | params['hessid'] = bssid | |
335 | params['anqp_3gpp_cell_net'] = "244,91;310,026;232,01;234,56" | |
336 | params['domain_name'] = "wlan.mnc091.mcc244.3gppnetwork.org" | |
337 | hostapd.add_ap(apdev[0]['ifname'], params) | |
338 | ||
469f5f3c | 339 | dev[0].request("SET ignore_old_scan_res 1") |
59f8a3c6 JM |
340 | dev[0].hs20_enable() |
341 | dev[0].request("SET external_sim 1") | |
2232edf8 | 342 | dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" }) |
59f8a3c6 JM |
343 | interworking_select(dev[0], "roaming") |
344 | interworking_ext_sim_connect(dev[0], bssid, "SIM") | |
345 | check_sp_type(dev[0], "roaming") | |
8fba2e5d JM |
346 | |
347 | def test_ap_hs20_username(dev, apdev): | |
348 | """Hotspot 2.0 connection in username/password credential""" | |
8fba2e5d JM |
349 | bssid = apdev[0]['bssid'] |
350 | params = hs20_ap_params() | |
351 | params['hessid'] = bssid | |
352 | hostapd.add_ap(apdev[0]['ifname'], params) | |
353 | ||
469f5f3c | 354 | dev[0].request("SET ignore_old_scan_res 1") |
8fba2e5d | 355 | dev[0].hs20_enable() |
2232edf8 JM |
356 | id = dev[0].add_cred_values({ 'realm': "example.com", |
357 | 'username': "hs20-test", | |
358 | 'password': "password", | |
359 | 'domain': "example.com" }) | |
8fba2e5d JM |
360 | interworking_select(dev[0], bssid, "home") |
361 | interworking_connect(dev[0], bssid, "TTLS") | |
362 | check_sp_type(dev[0], "home") | |
363 | ||
e209eb98 JM |
364 | def test_ap_hs20_roaming_consortium(dev, apdev): |
365 | """Hotspot 2.0 connection based on roaming consortium match""" | |
366 | bssid = apdev[0]['bssid'] | |
367 | params = hs20_ap_params() | |
368 | params['hessid'] = bssid | |
369 | hostapd.add_ap(apdev[0]['ifname'], params) | |
370 | ||
371 | dev[0].request("SET ignore_old_scan_res 1") | |
372 | dev[0].hs20_enable() | |
373 | id = dev[0].add_cred_values({ 'realm': "example.com", | |
374 | 'username': "user", | |
375 | 'password': "password", | |
376 | 'domain': "example.com", | |
377 | 'roaming_consortium': "fedcba", | |
378 | 'eap': "PEAP" }) | |
379 | interworking_select(dev[0], bssid, "home") | |
380 | interworking_connect(dev[0], bssid, "PEAP") | |
381 | check_sp_type(dev[0], "home") | |
382 | ||
8fba2e5d JM |
383 | def test_ap_hs20_username_roaming(dev, apdev): |
384 | """Hotspot 2.0 connection in username/password credential (roaming)""" | |
8fba2e5d JM |
385 | bssid = apdev[0]['bssid'] |
386 | params = hs20_ap_params() | |
387 | params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]", | |
388 | "0,roaming.example.com,21[2:4][5:7]", | |
389 | "0,another.example.com" ] | |
390 | params['domain_name'] = "another.example.com" | |
391 | params['hessid'] = bssid | |
392 | hostapd.add_ap(apdev[0]['ifname'], params) | |
393 | ||
469f5f3c | 394 | dev[0].request("SET ignore_old_scan_res 1") |
8fba2e5d | 395 | dev[0].hs20_enable() |
2232edf8 JM |
396 | id = dev[0].add_cred_values({ 'realm': "roaming.example.com", |
397 | 'username': "hs20-test", | |
398 | 'password': "password", | |
399 | 'domain': "example.com" }) | |
8fba2e5d JM |
400 | interworking_select(dev[0], bssid, "roaming") |
401 | interworking_connect(dev[0], bssid, "TTLS") | |
402 | check_sp_type(dev[0], "roaming") | |
403 | ||
404 | def test_ap_hs20_username_unknown(dev, apdev): | |
405 | """Hotspot 2.0 connection in username/password credential (no domain in cred)""" | |
8fba2e5d JM |
406 | bssid = apdev[0]['bssid'] |
407 | params = hs20_ap_params() | |
408 | params['hessid'] = bssid | |
409 | hostapd.add_ap(apdev[0]['ifname'], params) | |
410 | ||
469f5f3c | 411 | dev[0].request("SET ignore_old_scan_res 1") |
8fba2e5d | 412 | dev[0].hs20_enable() |
2232edf8 JM |
413 | id = dev[0].add_cred_values({ 'realm': "example.com", |
414 | 'username': "hs20-test", | |
415 | 'password': "password" }) | |
8fba2e5d JM |
416 | interworking_select(dev[0], bssid, "unknown") |
417 | interworking_connect(dev[0], bssid, "TTLS") | |
418 | check_sp_type(dev[0], "unknown") | |
419 | ||
420 | def test_ap_hs20_username_unknown2(dev, apdev): | |
421 | """Hotspot 2.0 connection in username/password credential (no domain advertized)""" | |
8fba2e5d JM |
422 | bssid = apdev[0]['bssid'] |
423 | params = hs20_ap_params() | |
424 | params['hessid'] = bssid | |
425 | del params['domain_name'] | |
426 | hostapd.add_ap(apdev[0]['ifname'], params) | |
427 | ||
469f5f3c | 428 | dev[0].request("SET ignore_old_scan_res 1") |
8fba2e5d | 429 | dev[0].hs20_enable() |
2232edf8 JM |
430 | id = dev[0].add_cred_values({ 'realm': "example.com", |
431 | 'username': "hs20-test", | |
432 | 'password': "password", | |
433 | 'domain': "example.com" }) | |
8fba2e5d JM |
434 | interworking_select(dev[0], bssid, "unknown") |
435 | interworking_connect(dev[0], bssid, "TTLS") | |
436 | check_sp_type(dev[0], "unknown") | |
d1ba402f | 437 | |
483691bd JM |
438 | def test_ap_hs20_gas_while_associated(dev, apdev): |
439 | """Hotspot 2.0 connection with GAS query while associated""" | |
440 | bssid = apdev[0]['bssid'] | |
441 | params = hs20_ap_params() | |
442 | params['hessid'] = bssid | |
443 | hostapd.add_ap(apdev[0]['ifname'], params) | |
444 | ||
445 | dev[0].request("SET ignore_old_scan_res 1") | |
446 | dev[0].hs20_enable() | |
447 | id = dev[0].add_cred_values({ 'realm': "example.com", | |
448 | 'username': "hs20-test", | |
449 | 'password': "password", | |
450 | 'domain': "example.com" }) | |
451 | interworking_select(dev[0], bssid, "home") | |
452 | interworking_connect(dev[0], bssid, "TTLS") | |
453 | ||
454 | logger.info("Verifying GAS query while associated") | |
455 | dev[0].request("FETCH_ANQP") | |
456 | for i in range(0, 6): | |
457 | ev = dev[0].wait_event(["RX-ANQP"], timeout=5) | |
458 | if ev is None: | |
459 | raise Exception("Operation timed out") | |
460 | ||
461 | def test_ap_hs20_gas_frag_while_associated(dev, apdev): | |
462 | """Hotspot 2.0 connection with fragmented GAS query while associated""" | |
463 | bssid = apdev[0]['bssid'] | |
464 | params = hs20_ap_params() | |
465 | params['hessid'] = bssid | |
466 | hostapd.add_ap(apdev[0]['ifname'], params) | |
467 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
468 | hapd.set("gas_frag_limit", "50") | |
469 | ||
470 | dev[0].request("SET ignore_old_scan_res 1") | |
471 | dev[0].hs20_enable() | |
472 | id = dev[0].add_cred_values({ 'realm': "example.com", | |
473 | 'username': "hs20-test", | |
474 | 'password': "password", | |
475 | 'domain': "example.com" }) | |
476 | interworking_select(dev[0], bssid, "home") | |
477 | interworking_connect(dev[0], bssid, "TTLS") | |
478 | ||
479 | logger.info("Verifying GAS query while associated") | |
480 | dev[0].request("FETCH_ANQP") | |
481 | for i in range(0, 6): | |
482 | ev = dev[0].wait_event(["RX-ANQP"], timeout=5) | |
483 | if ev is None: | |
484 | raise Exception("Operation timed out") | |
485 | ||
6a0b4002 JM |
486 | def test_ap_hs20_multiple_connects(dev, apdev): |
487 | """Hotspot 2.0 connection through multiple network selections""" | |
488 | bssid = apdev[0]['bssid'] | |
489 | params = hs20_ap_params() | |
490 | params['hessid'] = bssid | |
491 | hostapd.add_ap(apdev[0]['ifname'], params) | |
492 | ||
469f5f3c | 493 | dev[0].request("SET ignore_old_scan_res 1") |
6a0b4002 JM |
494 | dev[0].hs20_enable() |
495 | values = { 'realm': "example.com", | |
496 | 'username': "hs20-test", | |
497 | 'password': "password", | |
498 | 'domain': "example.com" } | |
499 | id = dev[0].add_cred_values(values) | |
500 | ||
501 | for i in range(0, 3): | |
502 | logger.info("Starting Interworking network selection") | |
503 | dev[0].request("INTERWORKING_SELECT auto") | |
504 | while True: | |
505 | ev = dev[0].wait_event(["INTERWORKING-NO-MATCH", | |
506 | "INTERWORKING-ALREADY-CONNECTED", | |
507 | "CTRL-EVENT-CONNECTED"], timeout=15) | |
508 | if ev is None: | |
509 | raise Exception("Connection timed out") | |
510 | if "INTERWORKING-NO-MATCH" in ev: | |
511 | raise Exception("Matching AP not found") | |
512 | if "CTRL-EVENT-CONNECTED" in ev: | |
513 | break | |
514 | if i == 2 and "INTERWORKING-ALREADY-CONNECTED" in ev: | |
515 | break | |
516 | if i == 0: | |
517 | dev[0].request("DISCONNECT") | |
518 | dev[0].dump_monitor() | |
519 | ||
520 | networks = dev[0].list_networks() | |
521 | if len(networks) > 1: | |
522 | raise Exception("Duplicated network block detected") | |
523 | ||
b4264f8f JM |
524 | def test_ap_hs20_disallow_aps(dev, apdev): |
525 | """Hotspot 2.0 connection and disallow_aps""" | |
526 | bssid = apdev[0]['bssid'] | |
527 | params = hs20_ap_params() | |
528 | params['hessid'] = bssid | |
529 | hostapd.add_ap(apdev[0]['ifname'], params) | |
530 | ||
469f5f3c | 531 | dev[0].request("SET ignore_old_scan_res 1") |
b4264f8f JM |
532 | dev[0].hs20_enable() |
533 | values = { 'realm': "example.com", | |
534 | 'username': "hs20-test", | |
535 | 'password': "password", | |
536 | 'domain': "example.com" } | |
537 | id = dev[0].add_cred_values(values) | |
538 | ||
539 | logger.info("Verify disallow_aps bssid") | |
540 | dev[0].request("SET disallow_aps bssid " + bssid.translate(None, ':')) | |
541 | dev[0].request("INTERWORKING_SELECT auto") | |
542 | ev = dev[0].wait_event(["INTERWORKING-NO-MATCH"], timeout=15) | |
543 | if ev is None: | |
544 | raise Exception("Network selection timed out") | |
545 | dev[0].dump_monitor() | |
546 | ||
547 | logger.info("Verify disallow_aps ssid") | |
548 | dev[0].request("SET disallow_aps ssid 746573742d68733230") | |
549 | dev[0].request("INTERWORKING_SELECT auto") | |
550 | ev = dev[0].wait_event(["INTERWORKING-NO-MATCH"], timeout=15) | |
551 | if ev is None: | |
552 | raise Exception("Network selection timed out") | |
553 | dev[0].dump_monitor() | |
554 | ||
555 | logger.info("Verify disallow_aps clear") | |
556 | dev[0].request("SET disallow_aps ") | |
557 | interworking_select(dev[0], bssid, "home") | |
558 | ||
559 | dev[0].request("SET disallow_aps bssid " + bssid.translate(None, ':')) | |
560 | ret = dev[0].request("INTERWORKING_CONNECT " + bssid) | |
561 | if "FAIL" not in ret: | |
562 | raise Exception("INTERWORKING_CONNECT to disallowed BSS not rejected") | |
563 | ||
d1ba402f JM |
564 | def policy_test(dev, ap, values, only_one=True): |
565 | dev.dump_monitor() | |
566 | logger.info("Verify network selection to AP " + ap['ifname']) | |
567 | bssid = ap['bssid'] | |
469f5f3c | 568 | dev.request("SET ignore_old_scan_res 1") |
d1ba402f JM |
569 | dev.hs20_enable() |
570 | id = dev.add_cred_values(values) | |
571 | dev.request("INTERWORKING_SELECT auto") | |
572 | while True: | |
573 | ev = dev.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH", | |
574 | "CTRL-EVENT-CONNECTED"], timeout=15) | |
575 | if ev is None: | |
576 | raise Exception("Connection timed out") | |
577 | if "INTERWORKING-NO-MATCH" in ev: | |
578 | raise Exception("Matching AP not found") | |
579 | if only_one and "INTERWORKING-AP" in ev and bssid not in ev: | |
580 | raise Exception("Unexpected AP claimed acceptable") | |
581 | if "CTRL-EVENT-CONNECTED" in ev: | |
582 | if bssid not in ev: | |
583 | raise Exception("Connected to incorrect BSS") | |
584 | break | |
585 | ||
586 | conn_bssid = dev.get_status_field("bssid") | |
587 | if conn_bssid != bssid: | |
588 | raise Exception("bssid information points to incorrect BSS") | |
589 | ||
590 | dev.remove_cred(id) | |
591 | dev.dump_monitor() | |
592 | ||
d355372c JM |
593 | def default_cred(): |
594 | return { 'realm': "example.com", | |
595 | 'username': "hs20-test", | |
596 | 'password': "password" } | |
597 | ||
d1ba402f JM |
598 | def test_ap_hs20_req_roaming_consortium(dev, apdev): |
599 | """Hotspot 2.0 required roaming consortium""" | |
600 | params = hs20_ap_params() | |
601 | hostapd.add_ap(apdev[0]['ifname'], params) | |
602 | ||
603 | params = hs20_ap_params() | |
604 | params['ssid'] = "test-hs20-other" | |
605 | params['roaming_consortium'] = [ "223344" ] | |
606 | hostapd.add_ap(apdev[1]['ifname'], params) | |
607 | ||
d355372c JM |
608 | values = default_cred() |
609 | values['required_roaming_consortium'] = "223344" | |
d1ba402f JM |
610 | policy_test(dev[0], apdev[1], values) |
611 | values['required_roaming_consortium'] = "112233" | |
612 | policy_test(dev[0], apdev[0], values) | |
d355372c JM |
613 | |
614 | def test_ap_hs20_excluded_ssid(dev, apdev): | |
615 | """Hotspot 2.0 exclusion based on SSID""" | |
616 | params = hs20_ap_params() | |
617 | hostapd.add_ap(apdev[0]['ifname'], params) | |
618 | ||
619 | params = hs20_ap_params() | |
620 | params['ssid'] = "test-hs20-other" | |
621 | params['roaming_consortium'] = [ "223344" ] | |
622 | hostapd.add_ap(apdev[1]['ifname'], params) | |
623 | ||
624 | values = default_cred() | |
625 | values['excluded_ssid'] = "test-hs20" | |
626 | policy_test(dev[0], apdev[1], values) | |
627 | values['excluded_ssid'] = "test-hs20-other" | |
628 | policy_test(dev[0], apdev[0], values) |