]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_config.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: hostapd eap_user_file parsing
[thirdparty/hostap.git] / tests / hwsim / test_ap_config.py
1 # hostapd configuration tests
2 # Copyright (c) 2014-2016, Jouni Malinen <j@w1.fi>
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 import os
8 import signal
9 import time
10
11 from remotehost import remote_compatible
12 import hostapd
13 from utils import alloc_fail
14
15 @remote_compatible
16 def test_ap_config_errors(dev, apdev):
17 """Various hostapd configuration errors"""
18
19 # IEEE 802.11d without country code
20 params = { "ssid": "foo", "ieee80211d": "1" }
21 hapd = hostapd.add_ap(apdev[0], params, no_enable=True)
22 if "FAIL" not in hapd.request("ENABLE"):
23 raise Exception("Unexpected ENABLE success (ieee80211d without country_code)")
24 hostapd.remove_bss(apdev[0])
25
26 # IEEE 802.11h without IEEE 802.11d
27 params = { "ssid": "foo", "ieee80211h": "1" }
28 hapd = hostapd.add_ap(apdev[0], params, no_enable=True)
29 if "FAIL" not in hapd.request("ENABLE"):
30 raise Exception("Unexpected ENABLE success (ieee80211h without ieee80211d")
31 hostapd.remove_bss(apdev[0])
32
33 # Power Constraint without IEEE 802.11d
34 params = { "ssid": "foo", "local_pwr_constraint": "1" }
35 hapd = hostapd.add_ap(apdev[0], params, no_enable=True)
36 if "FAIL" not in hapd.request("ENABLE"):
37 raise Exception("Unexpected ENABLE success (local_pwr_constraint without ieee80211d)")
38 hostapd.remove_bss(apdev[0])
39
40 # Spectrum management without Power Constraint
41 params = { "ssid": "foo", "spectrum_mgmt_required": "1" }
42 hapd = hostapd.add_ap(apdev[0], params, no_enable=True)
43 if "FAIL" not in hapd.request("ENABLE"):
44 raise Exception("Unexpected ENABLE success (spectrum_mgmt_required without local_pwr_constraint)")
45 hostapd.remove_bss(apdev[0])
46
47 # IEEE 802.1X without authentication server
48 params = { "ssid": "foo", "ieee8021x": "1" }
49 hapd = hostapd.add_ap(apdev[0], params, no_enable=True)
50 if "FAIL" not in hapd.request("ENABLE"):
51 raise Exception("Unexpected ENABLE success (ieee8021x)")
52 hostapd.remove_bss(apdev[0])
53
54 # RADIUS-PSK without macaddr_acl=2
55 params = hostapd.wpa2_params(ssid="foo", passphrase="12345678")
56 params["wpa_psk_radius"] = "1"
57 hapd = hostapd.add_ap(apdev[0], params, no_enable=True)
58 if "FAIL" not in hapd.request("ENABLE"):
59 raise Exception("Unexpected ENABLE success (wpa_psk_radius)")
60 hostapd.remove_bss(apdev[0])
61
62 # FT without NAS-Identifier
63 params = { "wpa": "2",
64 "wpa_key_mgmt": "FT-PSK",
65 "rsn_pairwise": "CCMP",
66 "wpa_passphrase": "12345678" }
67 hapd = hostapd.add_ap(apdev[0], params, no_enable=True)
68 if "FAIL" not in hapd.request("ENABLE"):
69 raise Exception("Unexpected ENABLE success (FT without nas_identifier)")
70 hostapd.remove_bss(apdev[0])
71
72 # Hotspot 2.0 without WPA2/CCMP
73 params = hostapd.wpa2_params(ssid="foo")
74 params['wpa_key_mgmt'] = "WPA-EAP"
75 params['ieee8021x'] = "1"
76 params['auth_server_addr'] = "127.0.0.1"
77 params['auth_server_port'] = "1812"
78 params['auth_server_shared_secret'] = "radius"
79 params['interworking'] = "1"
80 params['hs20'] = "1"
81 params['wpa'] = "1"
82 hapd = hostapd.add_ap(apdev[0], params, no_enable=True)
83 if "FAIL" not in hapd.request("ENABLE"):
84 raise Exception("Unexpected ENABLE success (HS 2.0 without WPA2/CCMP)")
85 hostapd.remove_bss(apdev[0])
86
87 def test_ap_config_reload(dev, apdev, params):
88 """hostapd configuration reload"""
89 hapd = hostapd.add_ap(apdev[0], { "ssid": "foo" })
90 hapd.set("ssid", "foobar")
91 with open(os.path.join(params['logdir'], 'hostapd-test.pid'), "r") as f:
92 pid = int(f.read())
93 os.kill(pid, signal.SIGHUP)
94 time.sleep(0.1)
95 dev[0].connect("foobar", key_mgmt="NONE", scan_freq="2412")
96 hapd.set("ssid", "foo")
97 os.kill(pid, signal.SIGHUP)
98 dev[0].wait_disconnected()
99 dev[0].request("DISCONNECT")
100
101 def test_ap_config_reload_file(dev, apdev, params):
102 """hostapd configuration reload from file"""
103 hapd = hostapd.add_iface(apdev[0], "bss-1.conf")
104 hapd.enable()
105 hapd.set("ssid", "foobar")
106 with open(os.path.join(params['logdir'], 'hostapd-test.pid'), "r") as f:
107 pid = int(f.read())
108 os.kill(pid, signal.SIGHUP)
109 time.sleep(0.1)
110 dev[0].connect("foobar", key_mgmt="NONE", scan_freq="2412")
111 hapd.set("ssid", "foo")
112 os.kill(pid, signal.SIGHUP)
113 dev[0].wait_disconnected()
114 dev[0].request("DISCONNECT")
115
116 def test_ap_config_reload_before_enable(dev, apdev, params):
117 """hostapd configuration reload before enable"""
118 hapd = hostapd.add_iface(apdev[0], "bss-1.conf")
119 with open(os.path.join(params['logdir'], 'hostapd-test.pid'), "r") as f:
120 pid = int(f.read())
121 os.kill(pid, signal.SIGHUP)
122 hapd.ping()
123
124 def test_ap_config_sigusr1(dev, apdev, params):
125 """hostapd SIGUSR1"""
126 hapd = hostapd.add_ap(apdev[0], { "ssid": "foobar" })
127 with open(os.path.join(params['logdir'], 'hostapd-test.pid'), "r") as f:
128 pid = int(f.read())
129 os.kill(pid, signal.SIGUSR1)
130 dev[0].connect("foobar", key_mgmt="NONE", scan_freq="2412")
131 os.kill(pid, signal.SIGUSR1)
132
133 def test_ap_config_invalid_value(dev, apdev, params):
134 """Ignoring invalid hostapd configuration parameter updates"""
135 hapd = hostapd.add_ap(apdev[0], { "ssid": "test" }, no_enable=True)
136 not_exist = "/tmp/hostapd-test/does-not-exist"
137 tests = [ ("driver", "foobar"),
138 ("ssid2", "Q"),
139 ("macaddr_acl", "255"),
140 ("accept_mac_file", not_exist),
141 ("deny_mac_file", not_exist),
142 ("eapol_version", "255"),
143 ("eap_user_file", not_exist),
144 ("wep_key_len_broadcast", "-1"),
145 ("wep_key_len_unicast", "-1"),
146 ("wep_rekey_period", "-1"),
147 ("eap_rekey_period", "-1"),
148 ("radius_client_addr", "foo"),
149 ("acs_chan_bias", "-1:0.8"),
150 ("acs_chan_bias", "1"),
151 ("acs_chan_bias", "1:p"),
152 ("acs_chan_bias", "1:-0.8"),
153 ("acs_chan_bias", "1:0.8p"),
154 ("dtim_period", "0"),
155 ("bss_load_update_period", "-1"),
156 ("send_probe_response", "255"),
157 ("beacon_rate", "ht:-1"),
158 ("beacon_rate", "ht:32"),
159 ("beacon_rate", "vht:-1"),
160 ("beacon_rate", "vht:10"),
161 ("beacon_rate", "9"),
162 ("beacon_rate", "10001"),
163 ("vlan_file", not_exist),
164 ("bss", ""),
165 ("bssid", "foo"),
166 ("extra_cred", not_exist),
167 ("anqp_elem", "265"),
168 ("anqp_elem", "265"),
169 ("anqp_elem", "265:1"),
170 ("anqp_elem", "265:1q"),
171 ("fst_priority", ""),
172 ("fils_cache_id", "q"),
173 ("unknown-item", "foo") ]
174 for field, val in tests:
175 if "FAIL" not in hapd.request("SET %s %s" % (field, val)):
176 raise Exception("Invalid %s accepted" % field)
177 hapd.enable()
178 dev[0].connect("test", key_mgmt="NONE", scan_freq="2412")
179
180 def test_ap_config_eap_user_file_parsing(dev, apdev, params):
181 """hostapd eap_user_file parsing"""
182 tmp = os.path.join(params['logdir'], 'ap_vlan_file_parsing.tmp')
183 hapd = hostapd.add_ap(apdev[0], { "ssid": "foobar" })
184
185 for i in range(2):
186 if "OK" not in hapd.request("SET eap_user_file auth_serv/eap_user.conf"):
187 raise Exception("eap_user_file rejected")
188
189 tests = [ "#\n\n*\tTLS\nradius_accept_attr=:",
190 "foo\n",
191 "\"foo\n",
192 "\"foo\"\n",
193 "\"foo\" FOOBAR\n",
194 "\"foo\" " + 10*"TLS," + "TLS \"\n",
195 "\"foo\" TLS \nfoo\n",
196 "\"foo\" PEAP hash:foo\n",
197 "\"foo\" PEAP hash:8846f7eaee8fb117ad06bdd830b7586q\n",
198 "\"foo\" PEAP 01020\n",
199 "\"foo\" PEAP 010q\n",
200 "\"foo\" TLS\nradius_accept_attr=123:x:012\n",
201 "\"foo\" TLS\nradius_accept_attr=123:x:012q\n",
202 "\"foo\" TLS\nradius_accept_attr=123:Q:01\n",
203 "\"foo\" TLS\nradius_accept_attr=123\nfoo\n" ]
204 for t in tests:
205 with open(tmp, "w") as f:
206 f.write(t)
207 if "FAIL" not in hapd.request("SET eap_user_file " + tmp):
208 raise Exception("Invalid eap_user_file accepted")
209
210 tests = [ ("\"foo\" TLS\n", 2, "hostapd_config_read_eap_user"),
211 ("\"foo\" PEAP \"foo\"\n", 3, "hostapd_config_read_eap_user"),
212 ("\"foo\" PEAP hash:8846f7eaee8fb117ad06bdd830b75861\n", 3,
213 "hostapd_config_read_eap_user"),
214 ("\"foo\" PEAP 0102\n", 3, "hostapd_config_read_eap_user"),
215 ("\"foo\" TLS\nradius_accept_attr=123\n", 1,
216 "=hostapd_parse_radius_attr"),
217 ("\"foo\" TLS\nradius_accept_attr=123\n", 1,
218 "wpabuf_alloc;hostapd_parse_radius_attr"),
219 ("\"foo\" TLS\nradius_accept_attr=123:s:foo\n", 2,
220 "hostapd_parse_radius_attr"),
221 ("\"foo\" TLS\nradius_accept_attr=123:x:0102\n", 2,
222 "hostapd_parse_radius_attr"),
223 ("\"foo\" TLS\nradius_accept_attr=123:d:1\n", 2,
224 "hostapd_parse_radius_attr"),
225 ("* TLS\n", 1, "hostapd_config_read_eap_user") ]
226 for t, count, func in tests:
227 with alloc_fail(hapd, count, func):
228 with open(tmp, "w") as f:
229 f.write(t)
230 if "FAIL" not in hapd.request("SET eap_user_file " + tmp):
231 raise Exception("eap_user_file accepted during OOM")
Unnamed repository; edit this file 'description' to name the repository.