]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_config.py
1 # hostapd configuration tests
2 # Copyright (c) 2014-2016, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
11 from remotehost
import remote_compatible
13 from utils
import alloc_fail
16 def test_ap_config_errors(dev
, apdev
):
17 """Various hostapd configuration errors"""
19 # IEEE 802.11d without country code
20 params
= { "ssid": "foo", "ieee80211d": "1" }
21 hapd
= hostapd
.add_ap(apdev
[0], params
, no_enable
=True)
22 if "FAIL" not in hapd
.request("ENABLE"):
23 raise Exception("Unexpected ENABLE success (ieee80211d without country_code)")
24 hostapd
.remove_bss(apdev
[0])
26 # IEEE 802.11h without IEEE 802.11d
27 params
= { "ssid": "foo", "ieee80211h": "1" }
28 hapd
= hostapd
.add_ap(apdev
[0], params
, no_enable
=True)
29 if "FAIL" not in hapd
.request("ENABLE"):
30 raise Exception("Unexpected ENABLE success (ieee80211h without ieee80211d")
31 hostapd
.remove_bss(apdev
[0])
33 # Power Constraint without IEEE 802.11d
34 params
= { "ssid": "foo", "local_pwr_constraint": "1" }
35 hapd
= hostapd
.add_ap(apdev
[0], params
, no_enable
=True)
36 if "FAIL" not in hapd
.request("ENABLE"):
37 raise Exception("Unexpected ENABLE success (local_pwr_constraint without ieee80211d)")
38 hostapd
.remove_bss(apdev
[0])
40 # Spectrum management without Power Constraint
41 params
= { "ssid": "foo", "spectrum_mgmt_required": "1" }
42 hapd
= hostapd
.add_ap(apdev
[0], params
, no_enable
=True)
43 if "FAIL" not in hapd
.request("ENABLE"):
44 raise Exception("Unexpected ENABLE success (spectrum_mgmt_required without local_pwr_constraint)")
45 hostapd
.remove_bss(apdev
[0])
47 # IEEE 802.1X without authentication server
48 params
= { "ssid": "foo", "ieee8021x": "1" }
49 hapd
= hostapd
.add_ap(apdev
[0], params
, no_enable
=True)
50 if "FAIL" not in hapd
.request("ENABLE"):
51 raise Exception("Unexpected ENABLE success (ieee8021x)")
52 hostapd
.remove_bss(apdev
[0])
54 # RADIUS-PSK without macaddr_acl=2
55 params
= hostapd
.wpa2_params(ssid
="foo", passphrase
="12345678")
56 params
["wpa_psk_radius"] = "1"
57 hapd
= hostapd
.add_ap(apdev
[0], params
, no_enable
=True)
58 if "FAIL" not in hapd
.request("ENABLE"):
59 raise Exception("Unexpected ENABLE success (wpa_psk_radius)")
60 hostapd
.remove_bss(apdev
[0])
62 # FT without NAS-Identifier
63 params
= { "wpa": "2",
64 "wpa_key_mgmt": "FT-PSK",
65 "rsn_pairwise": "CCMP",
66 "wpa_passphrase": "12345678" }
67 hapd
= hostapd
.add_ap(apdev
[0], params
, no_enable
=True)
68 if "FAIL" not in hapd
.request("ENABLE"):
69 raise Exception("Unexpected ENABLE success (FT without nas_identifier)")
70 hostapd
.remove_bss(apdev
[0])
72 # Hotspot 2.0 without WPA2/CCMP
73 params
= hostapd
.wpa2_params(ssid
="foo")
74 params
['wpa_key_mgmt'] = "WPA-EAP"
75 params
['ieee8021x'] = "1"
76 params
['auth_server_addr'] = "127.0.0.1"
77 params
['auth_server_port'] = "1812"
78 params
['auth_server_shared_secret'] = "radius"
79 params
['interworking'] = "1"
82 hapd
= hostapd
.add_ap(apdev
[0], params
, no_enable
=True)
83 if "FAIL" not in hapd
.request("ENABLE"):
84 raise Exception("Unexpected ENABLE success (HS 2.0 without WPA2/CCMP)")
85 hostapd
.remove_bss(apdev
[0])
87 def test_ap_config_reload(dev
, apdev
, params
):
88 """hostapd configuration reload"""
89 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "foo" })
90 hapd
.set("ssid", "foobar")
91 with
open(os
.path
.join(params
['logdir'], 'hostapd-test.pid'), "r") as f
:
93 os
.kill(pid
, signal
.SIGHUP
)
95 dev
[0].connect("foobar", key_mgmt
="NONE", scan_freq
="2412")
96 hapd
.set("ssid", "foo")
97 os
.kill(pid
, signal
.SIGHUP
)
98 dev
[0].wait_disconnected()
99 dev
[0].request("DISCONNECT")
101 def test_ap_config_reload_file(dev
, apdev
, params
):
102 """hostapd configuration reload from file"""
103 hapd
= hostapd
.add_iface(apdev
[0], "bss-1.conf")
105 hapd
.set("ssid", "foobar")
106 with
open(os
.path
.join(params
['logdir'], 'hostapd-test.pid'), "r") as f
:
108 os
.kill(pid
, signal
.SIGHUP
)
110 dev
[0].connect("foobar", key_mgmt
="NONE", scan_freq
="2412")
111 hapd
.set("ssid", "foo")
112 os
.kill(pid
, signal
.SIGHUP
)
113 dev
[0].wait_disconnected()
114 dev
[0].request("DISCONNECT")
116 def test_ap_config_reload_before_enable(dev
, apdev
, params
):
117 """hostapd configuration reload before enable"""
118 hapd
= hostapd
.add_iface(apdev
[0], "bss-1.conf")
119 with
open(os
.path
.join(params
['logdir'], 'hostapd-test.pid'), "r") as f
:
121 os
.kill(pid
, signal
.SIGHUP
)
124 def test_ap_config_sigusr1(dev
, apdev
, params
):
125 """hostapd SIGUSR1"""
126 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "foobar" })
127 with
open(os
.path
.join(params
['logdir'], 'hostapd-test.pid'), "r") as f
:
129 os
.kill(pid
, signal
.SIGUSR1
)
130 dev
[0].connect("foobar", key_mgmt
="NONE", scan_freq
="2412")
131 os
.kill(pid
, signal
.SIGUSR1
)
133 def test_ap_config_invalid_value(dev
, apdev
, params
):
134 """Ignoring invalid hostapd configuration parameter updates"""
135 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "test" }, no_enable
=True)
136 not_exist
= "/tmp/hostapd-test/does-not-exist"
137 tests
= [ ("driver", "foobar"),
139 ("macaddr_acl", "255"),
140 ("accept_mac_file", not_exist
),
141 ("deny_mac_file", not_exist
),
142 ("eapol_version", "255"),
143 ("eap_user_file", not_exist
),
144 ("wep_key_len_broadcast", "-1"),
145 ("wep_key_len_unicast", "-1"),
146 ("wep_rekey_period", "-1"),
147 ("eap_rekey_period", "-1"),
148 ("radius_client_addr", "foo"),
149 ("acs_chan_bias", "-1:0.8"),
150 ("acs_chan_bias", "1"),
151 ("acs_chan_bias", "1:p"),
152 ("acs_chan_bias", "1:-0.8"),
153 ("acs_chan_bias", "1:0.8p"),
154 ("dtim_period", "0"),
155 ("bss_load_update_period", "-1"),
156 ("send_probe_response", "255"),
157 ("beacon_rate", "ht:-1"),
158 ("beacon_rate", "ht:32"),
159 ("beacon_rate", "vht:-1"),
160 ("beacon_rate", "vht:10"),
161 ("beacon_rate", "9"),
162 ("beacon_rate", "10001"),
163 ("vlan_file", not_exist
),
166 ("extra_cred", not_exist
),
167 ("anqp_elem", "265"),
168 ("anqp_elem", "265"),
169 ("anqp_elem", "265:1"),
170 ("anqp_elem", "265:1q"),
171 ("fst_priority", ""),
172 ("fils_cache_id", "q"),
173 ("unknown-item", "foo") ]
174 for field
, val
in tests
:
175 if "FAIL" not in hapd
.request("SET %s %s" % (field
, val
)):
176 raise Exception("Invalid %s accepted" % field
)
178 dev
[0].connect("test", key_mgmt
="NONE", scan_freq
="2412")
180 def test_ap_config_eap_user_file_parsing(dev
, apdev
, params
):
181 """hostapd eap_user_file parsing"""
182 tmp
= os
.path
.join(params
['logdir'], 'ap_vlan_file_parsing.tmp')
183 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": "foobar" })
186 if "OK" not in hapd
.request("SET eap_user_file auth_serv/eap_user.conf"):
187 raise Exception("eap_user_file rejected")
189 tests
= [ "#\n\n*\tTLS\nradius_accept_attr=:",
194 "\"foo\" " + 10*"TLS," + "TLS \"\n",
195 "\"foo\" TLS \nfoo\n",
196 "\"foo\" PEAP hash:foo\n",
197 "\"foo\" PEAP hash:8846f7eaee8fb117ad06bdd830b7586q\n",
198 "\"foo\" PEAP 01020\n",
199 "\"foo\" PEAP 010q\n",
200 "\"foo\" TLS\nradius_accept_attr=123:x:012\n",
201 "\"foo\" TLS\nradius_accept_attr=123:x:012q\n",
202 "\"foo\" TLS\nradius_accept_attr=123:Q:01\n",
203 "\"foo\" TLS\nradius_accept_attr=123\nfoo\n" ]
205 with
open(tmp
, "w") as f
:
207 if "FAIL" not in hapd
.request("SET eap_user_file " + tmp
):
208 raise Exception("Invalid eap_user_file accepted")
210 tests
= [ ("\"foo\" TLS\n", 2, "hostapd_config_read_eap_user"),
211 ("\"foo\" PEAP \"foo\"\n", 3, "hostapd_config_read_eap_user"),
212 ("\"foo\" PEAP hash:8846f7eaee8fb117ad06bdd830b75861\n", 3,
213 "hostapd_config_read_eap_user"),
214 ("\"foo\" PEAP 0102\n", 3, "hostapd_config_read_eap_user"),
215 ("\"foo\" TLS\nradius_accept_attr=123\n", 1,
216 "=hostapd_parse_radius_attr"),
217 ("\"foo\" TLS\nradius_accept_attr=123\n", 1,
218 "wpabuf_alloc;hostapd_parse_radius_attr"),
219 ("\"foo\" TLS\nradius_accept_attr=123:s:foo\n", 2,
220 "hostapd_parse_radius_attr"),
221 ("\"foo\" TLS\nradius_accept_attr=123:x:0102\n", 2,
222 "hostapd_parse_radius_attr"),
223 ("\"foo\" TLS\nradius_accept_attr=123:d:1\n", 2,
224 "hostapd_parse_radius_attr"),
225 ("* TLS\n", 1, "hostapd_config_read_eap_user") ]
226 for t
, count
, func
in tests
:
227 with
alloc_fail(hapd
, count
, func
):
228 with
open(tmp
, "w") as f
:
230 if "FAIL" not in hapd
.request("SET eap_user_file " + tmp
):
231 raise Exception("eap_user_file accepted during OOM")