]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_hs20.py
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
10 logger
= logging
.getLogger()
16 from wlantest
import Wlantest
17 from wpasupplicant
import WpaSupplicant
19 def hs20_ap_params(ssid
="test-hs20"):
20 params
= hostapd
.wpa2_params(ssid
=ssid
)
21 params
['wpa_key_mgmt'] = "WPA-EAP"
22 params
['ieee80211w'] = "1"
23 params
['ieee8021x'] = "1"
24 params
['auth_server_addr'] = "127.0.0.1"
25 params
['auth_server_port'] = "1812"
26 params
['auth_server_shared_secret'] = "radius"
27 params
['interworking'] = "1"
28 params
['access_network_type'] = "14"
29 params
['internet'] = "1"
33 params
['venue_group'] = "7"
34 params
['venue_type'] = "1"
35 params
['venue_name'] = [ "eng:Example venue", "fin:Esimerkkipaikka" ]
36 params
['roaming_consortium'] = [ "112233", "1020304050", "010203040506",
38 params
['domain_name'] = "example.com,another.example.com"
39 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
40 "0,another.example.com" ]
42 params
['hs20_wan_metrics'] = "01:8000:1000:80:240:3000"
43 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0" ]
44 params
['hs20_operating_class'] = "5173"
45 params
['anqp_3gpp_cell_net'] = "244,91"
48 def check_auto_select(dev
, bssid
):
49 dev
.request("INTERWORKING_SELECT auto freq=2412")
50 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
52 raise Exception("Connection timed out")
54 raise Exception("Connected to incorrect network")
55 dev
.request("REMOVE_NETWORK all")
57 def interworking_select(dev
, bssid
, type=None, no_match
=False, freq
=None):
59 freq_extra
= " freq=" + freq
if freq
else ""
60 dev
.request("INTERWORKING_SELECT" + freq_extra
)
61 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
64 raise Exception("Network selection timed out");
66 if "INTERWORKING-NO-MATCH" not in ev
:
67 raise Exception("Unexpected network match")
69 if "INTERWORKING-NO-MATCH" in ev
:
70 logger
.info("Matching network not found - try again")
72 dev
.request("INTERWORKING_SELECT" + freq_extra
)
73 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
76 raise Exception("Network selection timed out");
77 if "INTERWORKING-NO-MATCH" in ev
:
78 raise Exception("Matching network not found")
79 if bssid
and bssid
not in ev
:
80 raise Exception("Unexpected BSSID in match")
81 if type and "type=" + type not in ev
:
82 raise Exception("Network type not recognized correctly")
84 def check_sp_type(dev
, sp_type
):
85 type = dev
.get_status_field("sp_type")
87 raise Exception("sp_type not available")
89 raise Exception("sp_type did not indicate home network")
91 def hlr_auc_gw_available():
92 if not os
.path
.exists("/tmp/hlr_auc_gw.sock"):
93 logger
.info("No hlr_auc_gw available");
95 if not os
.path
.exists("../../hostapd/hlr_auc_gw"):
96 logger
.info("No hlr_auc_gw available");
100 def interworking_ext_sim_connect(dev
, bssid
, method
):
101 dev
.request("INTERWORKING_CONNECT " + bssid
)
102 interworking_ext_sim_auth(dev
, method
)
104 def interworking_ext_sim_auth(dev
, method
):
105 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
107 raise Exception("Network connected timed out")
108 if "(" + method
+ ")" not in ev
:
109 raise Exception("Unexpected EAP method selection")
111 ev
= dev
.wait_event(["CTRL-REQ-SIM"], timeout
=15)
113 raise Exception("Wait for external SIM processing request timed out")
115 if p
[1] != "GSM-AUTH":
116 raise Exception("Unexpected CTRL-REQ-SIM type")
117 id = p
[0].split('-')[3]
118 rand
= p
[2].split(' ')[0]
120 res
= subprocess
.check_output(["../../hostapd/hlr_auc_gw",
122 "auth_serv/hlr_auc_gw.milenage_db",
123 "GSM-AUTH-REQ 232010000000000 " + rand
])
124 if "GSM-AUTH-RESP" not in res
:
125 raise Exception("Unexpected hlr_auc_gw response")
126 resp
= res
.split(' ')[2].rstrip()
128 dev
.request("CTRL-RSP-SIM-" + id + ":GSM-AUTH:" + resp
)
129 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
131 raise Exception("Connection timed out")
133 def interworking_connect(dev
, bssid
, method
):
134 dev
.request("INTERWORKING_CONNECT " + bssid
)
135 interworking_auth(dev
, method
)
137 def interworking_auth(dev
, method
):
138 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
140 raise Exception("Network connected timed out")
141 if "(" + method
+ ")" not in ev
:
142 raise Exception("Unexpected EAP method selection")
144 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
146 raise Exception("Connection timed out")
148 def check_probe_resp(wt
, bssid_unexpected
, bssid_expected
):
150 count
= wt
.get_bss_counter("probe_response", bssid_unexpected
)
152 raise Exception("Unexpected Probe Response frame from AP")
155 count
= wt
.get_bss_counter("probe_response", bssid_expected
)
157 raise Exception("No Probe Response frame from AP")
159 def test_ap_anqp_sharing(dev
, apdev
):
160 """ANQP sharing within ESS and explicit unshare"""
161 bssid
= apdev
[0]['bssid']
162 params
= hs20_ap_params()
163 params
['hessid'] = bssid
164 hostapd
.add_ap(apdev
[0]['ifname'], params
)
166 bssid2
= apdev
[1]['bssid']
167 params
= hs20_ap_params()
168 params
['hessid'] = bssid
169 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ]
170 hostapd
.add_ap(apdev
[1]['ifname'], params
)
173 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
174 'password': "secret",
175 'domain': "example.com" })
176 logger
.info("Normal network selection with shared ANQP results")
177 interworking_select(dev
[0], None, "home", freq
="2412")
178 dev
[0].dump_monitor()
180 res1
= dev
[0].get_bss(bssid
)
181 res2
= dev
[0].get_bss(bssid2
)
182 if res1
['anqp_nai_realm'] != res2
['anqp_nai_realm']:
183 raise Exception("ANQP results were not shared between BSSes")
185 logger
.info("Explicit ANQP request to unshare ANQP results")
186 dev
[0].request("ANQP_GET " + bssid
+ " 263")
187 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
189 raise Exception("ANQP operation timed out")
191 dev
[0].request("ANQP_GET " + bssid2
+ " 263")
192 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
194 raise Exception("ANQP operation timed out")
196 res1
= dev
[0].get_bss(bssid
)
197 res2
= dev
[0].get_bss(bssid2
)
198 if res1
['anqp_nai_realm'] == res2
['anqp_nai_realm']:
199 raise Exception("ANQP results were not unshared")
201 def test_ap_nai_home_realm_query(dev
, apdev
):
202 """NAI Home Realm Query"""
203 bssid
= apdev
[0]['bssid']
204 params
= hs20_ap_params()
205 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
206 "0,another.example.org" ]
207 hostapd
.add_ap(apdev
[0]['ifname'], params
)
209 dev
[0].scan(freq
="2412")
210 dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
+ " realm=example.com")
211 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
213 raise Exception("ANQP operation timed out")
214 nai1
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
215 dev
[0].dump_monitor()
217 dev
[0].request("ANQP_GET " + bssid
+ " 263")
218 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
220 raise Exception("ANQP operation timed out")
221 nai2
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
223 if len(nai1
) >= len(nai2
):
224 raise Exception("Unexpected NAI Realm list response lengths")
225 if "example.com".encode('hex') not in nai1
:
226 raise Exception("Home realm not reported")
227 if "example.org".encode('hex') in nai1
:
228 raise Exception("Non-home realm reported")
229 if "example.com".encode('hex') not in nai2
:
230 raise Exception("Home realm not reported in wildcard query")
231 if "example.org".encode('hex') not in nai2
:
232 raise Exception("Non-home realm not reported in wildcard query ")
234 def test_ap_interworking_scan_filtering(dev
, apdev
):
235 """Interworking scan filtering with HESSID and access network type"""
236 bssid
= apdev
[0]['bssid']
237 params
= hs20_ap_params()
238 ssid
= "test-hs20-ap1"
239 params
['ssid'] = ssid
240 params
['hessid'] = bssid
241 hostapd
.add_ap(apdev
[0]['ifname'], params
)
243 bssid2
= apdev
[1]['bssid']
244 params
= hs20_ap_params()
245 ssid2
= "test-hs20-ap2"
246 params
['ssid'] = ssid2
247 params
['hessid'] = bssid2
248 params
['access_network_type'] = "1"
249 del params
['venue_group']
250 del params
['venue_type']
251 hostapd
.add_ap(apdev
[1]['ifname'], params
)
258 logger
.info("Check probe request filtering based on HESSID")
260 dev
[0].request("SET hessid " + bssid2
)
261 dev
[0].scan(freq
="2412")
263 check_probe_resp(wt
, bssid
, bssid2
)
265 logger
.info("Check probe request filtering based on access network type")
267 wt
.clear_bss_counters(bssid
)
268 wt
.clear_bss_counters(bssid2
)
269 dev
[0].request("SET hessid 00:00:00:00:00:00")
270 dev
[0].request("SET access_network_type 14")
271 dev
[0].scan(freq
="2412")
273 check_probe_resp(wt
, bssid2
, bssid
)
275 wt
.clear_bss_counters(bssid
)
276 wt
.clear_bss_counters(bssid2
)
277 dev
[0].request("SET hessid 00:00:00:00:00:00")
278 dev
[0].request("SET access_network_type 1")
279 dev
[0].scan(freq
="2412")
281 check_probe_resp(wt
, bssid
, bssid2
)
283 logger
.info("Check probe request filtering based on HESSID and ANT")
285 wt
.clear_bss_counters(bssid
)
286 wt
.clear_bss_counters(bssid2
)
287 dev
[0].request("SET hessid " + bssid
)
288 dev
[0].request("SET access_network_type 14")
289 dev
[0].scan(freq
="2412")
291 check_probe_resp(wt
, bssid2
, bssid
)
293 wt
.clear_bss_counters(bssid
)
294 wt
.clear_bss_counters(bssid2
)
295 dev
[0].request("SET hessid " + bssid2
)
296 dev
[0].request("SET access_network_type 14")
297 dev
[0].scan(freq
="2412")
299 check_probe_resp(wt
, bssid
, None)
300 check_probe_resp(wt
, bssid2
, None)
302 wt
.clear_bss_counters(bssid
)
303 wt
.clear_bss_counters(bssid2
)
304 dev
[0].request("SET hessid " + bssid
)
305 dev
[0].request("SET access_network_type 1")
306 dev
[0].scan(freq
="2412")
308 check_probe_resp(wt
, bssid
, None)
309 check_probe_resp(wt
, bssid2
, None)
311 def test_ap_hs20_select(dev
, apdev
):
312 """Hotspot 2.0 network selection"""
313 bssid
= apdev
[0]['bssid']
314 params
= hs20_ap_params()
315 params
['hessid'] = bssid
316 hostapd
.add_ap(apdev
[0]['ifname'], params
)
319 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
320 'password': "secret",
321 'domain': "example.com" })
322 interworking_select(dev
[0], bssid
, "home")
324 dev
[0].remove_cred(id)
325 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
326 'password': "secret",
327 'domain': "no.match.example.com" })
328 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
330 dev
[0].set_cred_quoted(id, "realm", "no.match.example.com");
331 interworking_select(dev
[0], bssid
, no_match
=True, freq
="2412")
333 bssid2
= apdev
[1]['bssid']
334 params
= hs20_ap_params()
335 params
['nai_realm'] = [ "0,example.org,21" ]
336 params
['hessid'] = bssid2
337 params
['domain_name'] = "example.org"
338 hostapd
.add_ap(apdev
[1]['ifname'], params
)
339 dev
[0].remove_cred(id)
340 id = dev
[0].add_cred_values({ 'realm': "example.org", 'username': "test",
341 'password': "secret",
342 'domain': "example.org" })
343 interworking_select(dev
[0], bssid2
, "home", freq
="2412")
345 def hs20_simulated_sim(dev
, ap
, method
):
347 params
= hs20_ap_params()
348 params
['hessid'] = bssid
349 params
['anqp_3gpp_cell_net'] = "555,444"
350 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
351 hostapd
.add_ap(ap
['ifname'], params
)
354 dev
.add_cred_values({ 'imsi': "555444-333222111", 'eap': method
,
355 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
356 interworking_select(dev
, "home", freq
="2412")
357 interworking_connect(dev
, bssid
, method
)
358 check_sp_type(dev
, "home")
360 def test_ap_hs20_sim(dev
, apdev
):
361 """Hotspot 2.0 with simulated SIM and EAP-SIM"""
362 if not hlr_auc_gw_available():
364 hs20_simulated_sim(dev
[0], apdev
[0], "SIM")
365 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
366 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
368 raise Exception("Timeout on already-connected event")
370 def test_ap_hs20_aka(dev
, apdev
):
371 """Hotspot 2.0 with simulated USIM and EAP-AKA"""
372 if not hlr_auc_gw_available():
374 hs20_simulated_sim(dev
[0], apdev
[0], "AKA")
376 def test_ap_hs20_aka_prime(dev
, apdev
):
377 """Hotspot 2.0 with simulated USIM and EAP-AKA'"""
378 if not hlr_auc_gw_available():
380 hs20_simulated_sim(dev
[0], apdev
[0], "AKA'")
382 def test_ap_hs20_ext_sim(dev
, apdev
):
383 """Hotspot 2.0 with external SIM processing"""
384 if not hlr_auc_gw_available():
386 bssid
= apdev
[0]['bssid']
387 params
= hs20_ap_params()
388 params
['hessid'] = bssid
389 params
['anqp_3gpp_cell_net'] = "232,01"
390 params
['domain_name'] = "wlan.mnc001.mcc232.3gppnetwork.org"
391 hostapd
.add_ap(apdev
[0]['ifname'], params
)
394 dev
[0].request("SET external_sim 1")
395 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
396 interworking_select(dev
[0], "home", freq
="2412")
397 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
398 check_sp_type(dev
[0], "home")
400 def test_ap_hs20_ext_sim_roaming(dev
, apdev
):
401 """Hotspot 2.0 with external SIM processing in roaming network"""
402 if not hlr_auc_gw_available():
404 bssid
= apdev
[0]['bssid']
405 params
= hs20_ap_params()
406 params
['hessid'] = bssid
407 params
['anqp_3gpp_cell_net'] = "244,91;310,026;232,01;234,56"
408 params
['domain_name'] = "wlan.mnc091.mcc244.3gppnetwork.org"
409 hostapd
.add_ap(apdev
[0]['ifname'], params
)
412 dev
[0].request("SET external_sim 1")
413 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
414 interworking_select(dev
[0], "roaming", freq
="2412")
415 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
416 check_sp_type(dev
[0], "roaming")
418 def test_ap_hs20_username(dev
, apdev
):
419 """Hotspot 2.0 connection in username/password credential"""
420 bssid
= apdev
[0]['bssid']
421 params
= hs20_ap_params()
422 params
['hessid'] = bssid
423 params
['disable_dgaf'] = '1'
424 hostapd
.add_ap(apdev
[0]['ifname'], params
)
427 id = dev
[0].add_cred_values({ 'realm': "example.com",
428 'username': "hs20-test",
429 'password': "password",
430 'ca_cert': "auth_serv/ca.pem",
431 'domain': "example.com",
432 'update_identifier': "1234" })
433 interworking_select(dev
[0], bssid
, "home", freq
="2412")
434 interworking_connect(dev
[0], bssid
, "TTLS")
435 check_sp_type(dev
[0], "home")
436 status
= dev
[0].get_status()
437 if status
['pairwise_cipher'] != "CCMP":
438 raise Exception("Unexpected pairwise cipher")
439 if status
['hs20'] != "2":
440 raise Exception("Unexpected HS 2.0 support indication")
442 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
443 identity
="hs20-test", password
="password",
444 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
447 def test_ap_hs20_connect_api(dev
, apdev
):
448 """Hotspot 2.0 connection with connect API"""
449 bssid
= apdev
[0]['bssid']
450 params
= hs20_ap_params()
451 params
['hessid'] = bssid
452 params
['disable_dgaf'] = '1'
453 hostapd
.add_ap(apdev
[0]['ifname'], params
)
455 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
456 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
458 id = wpas
.add_cred_values({ 'realm': "example.com",
459 'username': "hs20-test",
460 'password': "password",
461 'ca_cert': "auth_serv/ca.pem",
462 'domain': "example.com",
463 'update_identifier': "1234" })
464 interworking_select(wpas
, bssid
, "home", freq
="2412")
465 interworking_connect(wpas
, bssid
, "TTLS")
466 check_sp_type(wpas
, "home")
467 status
= wpas
.get_status()
468 if status
['pairwise_cipher'] != "CCMP":
469 raise Exception("Unexpected pairwise cipher")
470 if status
['hs20'] != "2":
471 raise Exception("Unexpected HS 2.0 support indication")
473 def test_ap_hs20_auto_interworking(dev
, apdev
):
474 """Hotspot 2.0 connection with auto_interworking=1"""
475 bssid
= apdev
[0]['bssid']
476 params
= hs20_ap_params()
477 params
['hessid'] = bssid
478 params
['disable_dgaf'] = '1'
479 hostapd
.add_ap(apdev
[0]['ifname'], params
)
481 dev
[0].hs20_enable(auto_interworking
=True)
482 id = dev
[0].add_cred_values({ 'realm': "example.com",
483 'username': "hs20-test",
484 'password': "password",
485 'ca_cert': "auth_serv/ca.pem",
486 'domain': "example.com",
487 'update_identifier': "1234" })
488 dev
[0].request("REASSOCIATE")
489 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
491 raise Exception("Connection timed out")
492 check_sp_type(dev
[0], "home")
493 status
= dev
[0].get_status()
494 if status
['pairwise_cipher'] != "CCMP":
495 raise Exception("Unexpected pairwise cipher")
496 if status
['hs20'] != "2":
497 raise Exception("Unexpected HS 2.0 support indication")
499 def eap_test(dev
, ap
, eap_params
, method
, user
):
501 params
= hs20_ap_params()
502 params
['nai_realm'] = [ "0,example.com," + eap_params
]
503 hostapd
.add_ap(ap
['ifname'], params
)
506 dev
.add_cred_values({ 'realm': "example.com",
508 'password': "password" })
509 interworking_select(dev
, bssid
, freq
="2412")
510 interworking_connect(dev
, bssid
, method
)
512 def test_ap_hs20_eap_unknown(dev
, apdev
):
513 """Hotspot 2.0 connection with unknown EAP method"""
514 bssid
= apdev
[0]['bssid']
515 params
= hs20_ap_params()
516 params
['nai_realm'] = "0,example.com,99"
517 hostapd
.add_ap(apdev
[0]['ifname'], params
)
520 dev
[0].add_cred_values(default_cred())
521 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
523 def test_ap_hs20_eap_peap_mschapv2(dev
, apdev
):
524 """Hotspot 2.0 connection with PEAP/MSCHAPV2"""
525 eap_test(dev
[0], apdev
[0], "25[3:26]", "PEAP", "user")
527 def test_ap_hs20_eap_peap_default(dev
, apdev
):
528 """Hotspot 2.0 connection with PEAP/MSCHAPV2 (as default)"""
529 eap_test(dev
[0], apdev
[0], "25", "PEAP", "user")
531 def test_ap_hs20_eap_peap_gtc(dev
, apdev
):
532 """Hotspot 2.0 connection with PEAP/GTC"""
533 eap_test(dev
[0], apdev
[0], "25[3:6]", "PEAP", "user")
535 def test_ap_hs20_eap_peap_unknown(dev
, apdev
):
536 """Hotspot 2.0 connection with PEAP/unknown"""
537 bssid
= apdev
[0]['bssid']
538 params
= hs20_ap_params()
539 params
['nai_realm'] = "0,example.com,25[3:99]"
540 hostapd
.add_ap(apdev
[0]['ifname'], params
)
543 dev
[0].add_cred_values(default_cred())
544 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
546 def test_ap_hs20_eap_ttls_chap(dev
, apdev
):
547 """Hotspot 2.0 connection with TTLS/CHAP"""
548 eap_test(dev
[0], apdev
[0], "21[2:2]", "TTLS", "chap user")
550 def test_ap_hs20_eap_ttls_mschap(dev
, apdev
):
551 """Hotspot 2.0 connection with TTLS/MSCHAP"""
552 eap_test(dev
[0], apdev
[0], "21[2:3]", "TTLS", "mschap user")
554 def test_ap_hs20_eap_ttls_eap_mschapv2(dev
, apdev
):
555 """Hotspot 2.0 connection with TTLS/EAP-MSCHAPv2"""
556 eap_test(dev
[0], apdev
[0], "21[3:26][6:7][99:99]", "TTLS", "user")
558 def test_ap_hs20_eap_ttls_eap_unknown(dev
, apdev
):
559 """Hotspot 2.0 connection with TTLS/EAP-unknown"""
560 bssid
= apdev
[0]['bssid']
561 params
= hs20_ap_params()
562 params
['nai_realm'] = "0,example.com,21[3:99]"
563 hostapd
.add_ap(apdev
[0]['ifname'], params
)
566 dev
[0].add_cred_values(default_cred())
567 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
569 def test_ap_hs20_eap_ttls_eap_unsupported(dev
, apdev
):
570 """Hotspot 2.0 connection with TTLS/EAP-OTP(unsupported)"""
571 bssid
= apdev
[0]['bssid']
572 params
= hs20_ap_params()
573 params
['nai_realm'] = "0,example.com,21[3:5]"
574 hostapd
.add_ap(apdev
[0]['ifname'], params
)
577 dev
[0].add_cred_values(default_cred())
578 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
580 def test_ap_hs20_eap_ttls_unknown(dev
, apdev
):
581 """Hotspot 2.0 connection with TTLS/unknown"""
582 bssid
= apdev
[0]['bssid']
583 params
= hs20_ap_params()
584 params
['nai_realm'] = "0,example.com,21[2:5]"
585 hostapd
.add_ap(apdev
[0]['ifname'], params
)
588 dev
[0].add_cred_values(default_cred())
589 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
591 def test_ap_hs20_eap_fast_mschapv2(dev
, apdev
):
592 """Hotspot 2.0 connection with FAST/EAP-MSCHAPV2"""
593 eap_test(dev
[0], apdev
[0], "43[3:26]", "FAST", "user")
595 def test_ap_hs20_eap_fast_gtc(dev
, apdev
):
596 """Hotspot 2.0 connection with FAST/EAP-GTC"""
597 eap_test(dev
[0], apdev
[0], "43[3:6]", "FAST", "user")
599 def test_ap_hs20_eap_tls(dev
, apdev
):
600 """Hotspot 2.0 connection with EAP-TLS"""
601 bssid
= apdev
[0]['bssid']
602 params
= hs20_ap_params()
603 params
['nai_realm'] = [ "0,example.com,13[5:6]" ]
604 hostapd
.add_ap(apdev
[0]['ifname'], params
)
607 dev
[0].add_cred_values({ 'realm': "example.com",
608 'username': "certificate-user",
609 'ca_cert': "auth_serv/ca.pem",
610 'client_cert': "auth_serv/user.pem",
611 'private_key': "auth_serv/user.key"})
612 interworking_select(dev
[0], bssid
, freq
="2412")
613 interworking_connect(dev
[0], bssid
, "TLS")
615 def test_ap_hs20_eap_cert_unknown(dev
, apdev
):
616 """Hotspot 2.0 connection with certificate, but unknown EAP method"""
617 bssid
= apdev
[0]['bssid']
618 params
= hs20_ap_params()
619 params
['nai_realm'] = [ "0,example.com,99[5:6]" ]
620 hostapd
.add_ap(apdev
[0]['ifname'], params
)
623 dev
[0].add_cred_values({ 'realm': "example.com",
624 'username': "certificate-user",
625 'ca_cert': "auth_serv/ca.pem",
626 'client_cert': "auth_serv/user.pem",
627 'private_key': "auth_serv/user.key"})
628 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
630 def test_ap_hs20_eap_cert_unsupported(dev
, apdev
):
631 """Hotspot 2.0 connection with certificate, but unsupported TTLS"""
632 bssid
= apdev
[0]['bssid']
633 params
= hs20_ap_params()
634 params
['nai_realm'] = [ "0,example.com,21[5:6]" ]
635 hostapd
.add_ap(apdev
[0]['ifname'], params
)
638 dev
[0].add_cred_values({ 'realm': "example.com",
639 'username': "certificate-user",
640 'ca_cert': "auth_serv/ca.pem",
641 'client_cert': "auth_serv/user.pem",
642 'private_key': "auth_serv/user.key"})
643 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
645 def test_ap_hs20_eap_invalid_cred(dev
, apdev
):
646 """Hotspot 2.0 connection with invalid cred configuration"""
647 bssid
= apdev
[0]['bssid']
648 params
= hs20_ap_params()
649 hostapd
.add_ap(apdev
[0]['ifname'], params
)
652 dev
[0].add_cred_values({ 'realm': "example.com",
653 'username': "certificate-user",
654 'client_cert': "auth_serv/user.pem" })
655 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
657 def test_ap_hs20_nai_realms(dev
, apdev
):
658 """Hotspot 2.0 connection and multiple NAI realms and TTLS/PAP"""
659 bssid
= apdev
[0]['bssid']
660 params
= hs20_ap_params()
661 params
['hessid'] = bssid
662 params
['nai_realm'] = [ "0,no.match.here;example.com;no.match.here.either,21[2:1][5:7]" ]
663 hostapd
.add_ap(apdev
[0]['ifname'], params
)
666 id = dev
[0].add_cred_values({ 'realm': "example.com",
667 'username': "pap user",
668 'password': "password",
669 'domain': "example.com" })
670 interworking_select(dev
[0], bssid
, "home", freq
="2412")
671 interworking_connect(dev
[0], bssid
, "TTLS")
672 check_sp_type(dev
[0], "home")
674 def test_ap_hs20_roaming_consortium(dev
, apdev
):
675 """Hotspot 2.0 connection based on roaming consortium match"""
676 bssid
= apdev
[0]['bssid']
677 params
= hs20_ap_params()
678 params
['hessid'] = bssid
679 hostapd
.add_ap(apdev
[0]['ifname'], params
)
682 for consortium
in [ "112233", "1020304050", "010203040506", "fedcba" ]:
683 id = dev
[0].add_cred_values({ 'username': "user",
684 'password': "password",
685 'domain': "example.com",
686 'roaming_consortium': consortium
,
688 interworking_select(dev
[0], bssid
, "home", freq
="2412")
689 interworking_connect(dev
[0], bssid
, "PEAP")
690 check_sp_type(dev
[0], "home")
691 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
692 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
694 raise Exception("Timeout on already-connected event")
695 dev
[0].remove_cred(id)
697 def test_ap_hs20_username_roaming(dev
, apdev
):
698 """Hotspot 2.0 connection in username/password credential (roaming)"""
699 bssid
= apdev
[0]['bssid']
700 params
= hs20_ap_params()
701 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
702 "0,roaming.example.com,21[2:4][5:7]",
703 "0,another.example.com" ]
704 params
['domain_name'] = "another.example.com"
705 params
['hessid'] = bssid
706 hostapd
.add_ap(apdev
[0]['ifname'], params
)
709 id = dev
[0].add_cred_values({ 'realm': "roaming.example.com",
710 'username': "hs20-test",
711 'password': "password",
712 'domain': "example.com" })
713 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
714 interworking_connect(dev
[0], bssid
, "TTLS")
715 check_sp_type(dev
[0], "roaming")
717 def test_ap_hs20_username_unknown(dev
, apdev
):
718 """Hotspot 2.0 connection in username/password credential (no domain in cred)"""
719 bssid
= apdev
[0]['bssid']
720 params
= hs20_ap_params()
721 params
['hessid'] = bssid
722 hostapd
.add_ap(apdev
[0]['ifname'], params
)
725 id = dev
[0].add_cred_values({ 'realm': "example.com",
726 'username': "hs20-test",
727 'password': "password" })
728 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
729 interworking_connect(dev
[0], bssid
, "TTLS")
730 check_sp_type(dev
[0], "unknown")
732 def test_ap_hs20_username_unknown2(dev
, apdev
):
733 """Hotspot 2.0 connection in username/password credential (no domain advertized)"""
734 bssid
= apdev
[0]['bssid']
735 params
= hs20_ap_params()
736 params
['hessid'] = bssid
737 del params
['domain_name']
738 hostapd
.add_ap(apdev
[0]['ifname'], params
)
741 id = dev
[0].add_cred_values({ 'realm': "example.com",
742 'username': "hs20-test",
743 'password': "password",
744 'domain': "example.com" })
745 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
746 interworking_connect(dev
[0], bssid
, "TTLS")
747 check_sp_type(dev
[0], "unknown")
749 def test_ap_hs20_gas_while_associated(dev
, apdev
):
750 """Hotspot 2.0 connection with GAS query while associated"""
751 bssid
= apdev
[0]['bssid']
752 params
= hs20_ap_params()
753 params
['hessid'] = bssid
754 hostapd
.add_ap(apdev
[0]['ifname'], params
)
757 id = dev
[0].add_cred_values({ 'realm': "example.com",
758 'username': "hs20-test",
759 'password': "password",
760 'domain': "example.com" })
761 interworking_select(dev
[0], bssid
, "home", freq
="2412")
762 interworking_connect(dev
[0], bssid
, "TTLS")
764 logger
.info("Verifying GAS query while associated")
765 dev
[0].request("FETCH_ANQP")
766 for i
in range(0, 6):
767 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
769 raise Exception("Operation timed out")
771 def test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
):
772 """Hotspot 2.0 connection with GAS query while associated and using PMF"""
773 bssid
= apdev
[0]['bssid']
774 params
= hs20_ap_params()
775 params
['hessid'] = bssid
776 hostapd
.add_ap(apdev
[0]['ifname'], params
)
778 bssid2
= apdev
[1]['bssid']
779 params
= hs20_ap_params()
780 params
['hessid'] = bssid2
781 params
['nai_realm'] = [ "0,no-match.example.org,13[5:6],21[2:4][5:7]" ]
782 hostapd
.add_ap(apdev
[1]['ifname'], params
)
785 dev
[0].request("SET pmf 2")
786 id = dev
[0].add_cred_values({ 'realm': "example.com",
787 'username': "hs20-test",
788 'password': "password",
789 'domain': "example.com" })
790 interworking_select(dev
[0], bssid
, "home", freq
="2412")
791 interworking_connect(dev
[0], bssid
, "TTLS")
793 logger
.info("Verifying GAS query while associated")
794 dev
[0].request("FETCH_ANQP")
795 for i
in range(0, 2 * 6):
796 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
798 raise Exception("Operation timed out")
800 def test_ap_hs20_gas_frag_while_associated(dev
, apdev
):
801 """Hotspot 2.0 connection with fragmented GAS query while associated"""
802 bssid
= apdev
[0]['bssid']
803 params
= hs20_ap_params()
804 params
['hessid'] = bssid
805 hostapd
.add_ap(apdev
[0]['ifname'], params
)
806 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
807 hapd
.set("gas_frag_limit", "50")
810 id = dev
[0].add_cred_values({ 'realm': "example.com",
811 'username': "hs20-test",
812 'password': "password",
813 'domain': "example.com" })
814 interworking_select(dev
[0], bssid
, "home", freq
="2412")
815 interworking_connect(dev
[0], bssid
, "TTLS")
817 logger
.info("Verifying GAS query while associated")
818 dev
[0].request("FETCH_ANQP")
819 for i
in range(0, 6):
820 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
822 raise Exception("Operation timed out")
824 def test_ap_hs20_multiple_connects(dev
, apdev
):
825 """Hotspot 2.0 connection through multiple network selections"""
826 bssid
= apdev
[0]['bssid']
827 params
= hs20_ap_params()
828 params
['hessid'] = bssid
829 hostapd
.add_ap(apdev
[0]['ifname'], params
)
832 values
= { 'realm': "example.com",
833 'username': "hs20-test",
834 'password': "password",
835 'domain': "example.com" }
836 id = dev
[0].add_cred_values(values
)
838 for i
in range(0, 3):
839 logger
.info("Starting Interworking network selection")
840 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
842 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
843 "INTERWORKING-ALREADY-CONNECTED",
844 "CTRL-EVENT-CONNECTED"], timeout
=15)
846 raise Exception("Connection timed out")
847 if "INTERWORKING-NO-MATCH" in ev
:
848 raise Exception("Matching AP not found")
849 if "CTRL-EVENT-CONNECTED" in ev
:
851 if i
== 2 and "INTERWORKING-ALREADY-CONNECTED" in ev
:
854 dev
[0].request("DISCONNECT")
855 dev
[0].dump_monitor()
857 networks
= dev
[0].list_networks()
858 if len(networks
) > 1:
859 raise Exception("Duplicated network block detected")
861 def test_ap_hs20_disallow_aps(dev
, apdev
):
862 """Hotspot 2.0 connection and disallow_aps"""
863 bssid
= apdev
[0]['bssid']
864 params
= hs20_ap_params()
865 params
['hessid'] = bssid
866 hostapd
.add_ap(apdev
[0]['ifname'], params
)
869 values
= { 'realm': "example.com",
870 'username': "hs20-test",
871 'password': "password",
872 'domain': "example.com" }
873 id = dev
[0].add_cred_values(values
)
875 logger
.info("Verify disallow_aps bssid")
876 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
877 dev
[0].request("INTERWORKING_SELECT auto")
878 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
880 raise Exception("Network selection timed out")
881 dev
[0].dump_monitor()
883 logger
.info("Verify disallow_aps ssid")
884 dev
[0].request("SET disallow_aps ssid 746573742d68733230")
885 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
886 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
888 raise Exception("Network selection timed out")
889 dev
[0].dump_monitor()
891 logger
.info("Verify disallow_aps clear")
892 dev
[0].request("SET disallow_aps ")
893 interworking_select(dev
[0], bssid
, "home", freq
="2412")
895 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
896 ret
= dev
[0].request("INTERWORKING_CONNECT " + bssid
)
897 if "FAIL" not in ret
:
898 raise Exception("INTERWORKING_CONNECT to disallowed BSS not rejected")
900 def policy_test(dev
, ap
, values
, only_one
=True):
903 logger
.info("Verify network selection to AP " + ap
['ifname'])
906 logger
.info("Verify network selection")
909 id = dev
.add_cred_values(values
)
910 dev
.request("INTERWORKING_SELECT auto freq=2412")
913 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH",
914 "INTERWORKING-BLACKLISTED",
915 "INTERWORKING-SELECTED"], timeout
=15)
917 raise Exception("Network selection timed out")
919 if "INTERWORKING-NO-MATCH" in ev
:
920 raise Exception("Matching AP not found")
921 if bssid
and only_one
and "INTERWORKING-AP" in ev
and bssid
not in ev
:
922 raise Exception("Unexpected AP claimed acceptable")
923 if "INTERWORKING-SELECTED" in ev
:
924 if bssid
and bssid
not in ev
:
925 raise Exception("Selected incorrect BSS")
928 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
930 raise Exception("Connection timed out")
931 if bssid
and bssid
not in ev
:
932 raise Exception("Connected to incorrect BSS")
934 conn_bssid
= dev
.get_status_field("bssid")
935 if bssid
and conn_bssid
!= bssid
:
936 raise Exception("bssid information points to incorrect BSS")
942 def default_cred(domain
=None):
943 cred
= { 'realm': "example.com",
944 'username': "hs20-test",
945 'password': "password" }
947 cred
['domain'] = domain
950 def test_ap_hs20_prefer_home(dev
, apdev
):
951 """Hotspot 2.0 required roaming consortium"""
952 params
= hs20_ap_params()
953 params
['domain_name'] = "example.org"
954 hostapd
.add_ap(apdev
[0]['ifname'], params
)
956 params
= hs20_ap_params()
957 params
['ssid'] = "test-hs20-other"
958 params
['domain_name'] = "example.com"
959 hostapd
.add_ap(apdev
[1]['ifname'], params
)
961 values
= default_cred()
962 values
['domain'] = "example.com"
963 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
964 values
['domain'] = "example.org"
965 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
967 def test_ap_hs20_req_roaming_consortium(dev
, apdev
):
968 """Hotspot 2.0 required roaming consortium"""
969 params
= hs20_ap_params()
970 hostapd
.add_ap(apdev
[0]['ifname'], params
)
972 params
= hs20_ap_params()
973 params
['ssid'] = "test-hs20-other"
974 params
['roaming_consortium'] = [ "223344" ]
975 hostapd
.add_ap(apdev
[1]['ifname'], params
)
977 values
= default_cred()
978 values
['required_roaming_consortium'] = "223344"
979 policy_test(dev
[0], apdev
[1], values
)
980 values
['required_roaming_consortium'] = "112233"
981 policy_test(dev
[0], apdev
[0], values
)
983 id = dev
[0].add_cred()
984 dev
[0].set_cred(id, "required_roaming_consortium", "112233")
985 dev
[0].set_cred(id, "required_roaming_consortium", "112233445566778899aabbccddeeff")
987 for val
in [ "", "1", "11", "1122", "1122334", "112233445566778899aabbccddeeff00" ]:
988 if "FAIL" not in dev
[0].request('SET_CRED {} required_roaming_consortium {}'.format(id, val
)):
989 raise Exception("Invalid roaming consortium value accepted: " + val
)
991 def test_ap_hs20_excluded_ssid(dev
, apdev
):
992 """Hotspot 2.0 exclusion based on SSID"""
993 params
= hs20_ap_params()
994 params
['roaming_consortium'] = [ "223344" ]
995 params
['anqp_3gpp_cell_net'] = "555,444"
996 hostapd
.add_ap(apdev
[0]['ifname'], params
)
998 params
= hs20_ap_params()
999 params
['ssid'] = "test-hs20-other"
1000 params
['roaming_consortium'] = [ "223344" ]
1001 params
['anqp_3gpp_cell_net'] = "555,444"
1002 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1004 values
= default_cred()
1005 values
['excluded_ssid'] = "test-hs20"
1006 events
= policy_test(dev
[0], apdev
[1], values
)
1007 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1009 raise Exception("Excluded network not reported")
1010 values
['excluded_ssid'] = "test-hs20-other"
1011 events
= policy_test(dev
[0], apdev
[0], values
)
1012 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[1]['bssid'] in e
]
1014 raise Exception("Excluded network not reported")
1016 values
= default_cred()
1017 values
['roaming_consortium'] = "223344"
1018 values
['eap'] = "TTLS"
1019 values
['phase2'] = "auth=MSCHAPV2"
1020 values
['excluded_ssid'] = "test-hs20"
1021 events
= policy_test(dev
[0], apdev
[1], values
)
1022 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1024 raise Exception("Excluded network not reported")
1026 values
= { 'imsi': "555444-333222111", 'eap': "SIM",
1027 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123",
1028 'excluded_ssid': "test-hs20" }
1029 events
= policy_test(dev
[0], apdev
[1], values
)
1030 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1032 raise Exception("Excluded network not reported")
1034 def test_ap_hs20_roam_to_higher_prio(dev
, apdev
):
1035 """Hotspot 2.0 and roaming from current to higher priority network"""
1036 bssid
= apdev
[0]['bssid']
1037 params
= hs20_ap_params(ssid
="test-hs20-visited")
1038 params
['domain_name'] = "visited.example.org"
1039 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1041 dev
[0].hs20_enable()
1042 id = dev
[0].add_cred_values({ 'realm': "example.com",
1043 'username': "hs20-test",
1044 'password': "password",
1045 'domain': "example.com" })
1046 logger
.info("Connect to the only network option")
1047 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
1048 dev
[0].dump_monitor()
1049 interworking_connect(dev
[0], bssid
, "TTLS")
1051 logger
.info("Start another AP (home operator) and reconnect")
1052 bssid2
= apdev
[1]['bssid']
1053 params
= hs20_ap_params(ssid
="test-hs20-home")
1054 params
['domain_name'] = "example.com"
1055 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1057 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1058 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
1059 "INTERWORKING-ALREADY-CONNECTED",
1060 "CTRL-EVENT-CONNECTED"], timeout
=15)
1062 raise Exception("Connection timed out")
1063 if "INTERWORKING-NO-MATCH" in ev
:
1064 raise Exception("Matching AP not found")
1065 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1066 raise Exception("Unexpected AP selected")
1067 if bssid2
not in ev
:
1068 raise Exception("Unexpected BSSID after reconnection")
1070 def test_ap_hs20_domain_suffix_match(dev
, apdev
):
1071 """Hotspot 2.0 and domain_suffix_match"""
1072 bssid
= apdev
[0]['bssid']
1073 params
= hs20_ap_params()
1074 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1076 dev
[0].hs20_enable()
1077 id = dev
[0].add_cred_values({ 'realm': "example.com",
1078 'username': "hs20-test",
1079 'password': "password",
1080 'domain': "example.com",
1081 'domain_suffix_match': "w1.fi" })
1082 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1083 dev
[0].dump_monitor()
1084 interworking_connect(dev
[0], bssid
, "TTLS")
1085 dev
[0].request("REMOVE_NETWORK all")
1086 dev
[0].dump_monitor()
1088 dev
[0].set_cred_quoted(id, "domain_suffix_match", "no-match.example.com")
1089 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1090 dev
[0].dump_monitor()
1091 dev
[0].request("INTERWORKING_CONNECT " + bssid
)
1092 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"])
1094 raise Exception("TLS certificate error not reported")
1095 if "Domain suffix mismatch" not in ev
:
1096 raise Exception("Domain suffix mismatch not reported")
1098 def test_ap_hs20_roaming_partner_preference(dev
, apdev
):
1099 """Hotspot 2.0 and roaming partner preference"""
1100 params
= hs20_ap_params()
1101 params
['domain_name'] = "roaming.example.org"
1102 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1104 params
= hs20_ap_params()
1105 params
['ssid'] = "test-hs20-other"
1106 params
['domain_name'] = "roaming.example.net"
1107 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1109 logger
.info("Verify default vs. specified preference")
1110 values
= default_cred()
1111 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1112 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1113 values
['roaming_partner'] = "roaming.example.net,1,129,*"
1114 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1116 logger
.info("Verify partial FQDN match")
1117 values
['roaming_partner'] = "example.net,0,0,*"
1118 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1119 values
['roaming_partner'] = "example.net,0,255,*"
1120 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1122 def test_ap_hs20_max_bss_load(dev
, apdev
):
1123 """Hotspot 2.0 and maximum BSS load"""
1124 params
= hs20_ap_params()
1125 params
['bss_load_test'] = "12:200:20000"
1126 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1128 params
= hs20_ap_params()
1129 params
['ssid'] = "test-hs20-other"
1130 params
['bss_load_test'] = "5:20:10000"
1131 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1133 logger
.info("Verify maximum BSS load constraint")
1134 values
= default_cred()
1135 values
['domain'] = "example.com"
1136 values
['max_bss_load'] = "100"
1137 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1139 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1140 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1141 raise Exception("Maximum BSS Load case not noticed")
1142 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1143 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1144 raise Exception("Maximum BSS Load case reported incorrectly")
1146 logger
.info("Verify maximum BSS load does not prevent connection")
1147 values
['max_bss_load'] = "1"
1148 events
= policy_test(dev
[0], None, values
)
1150 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1151 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1152 raise Exception("Maximum BSS Load case not noticed")
1153 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1154 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1155 raise Exception("Maximum BSS Load case not noticed")
1157 def test_ap_hs20_max_bss_load2(dev
, apdev
):
1158 """Hotspot 2.0 and maximum BSS load with one AP not advertising"""
1159 params
= hs20_ap_params()
1160 params
['bss_load_test'] = "12:200:20000"
1161 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1163 params
= hs20_ap_params()
1164 params
['ssid'] = "test-hs20-other"
1165 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1167 logger
.info("Verify maximum BSS load constraint with AP advertisement")
1168 values
= default_cred()
1169 values
['domain'] = "example.com"
1170 values
['max_bss_load'] = "100"
1171 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1173 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1174 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1175 raise Exception("Maximum BSS Load case not noticed")
1176 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1177 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1178 raise Exception("Maximum BSS Load case reported incorrectly")
1180 def test_ap_hs20_multi_cred_sp_prio(dev
, apdev
):
1181 """Hotspot 2.0 multi-cred sp_priority"""
1182 if not hlr_auc_gw_available():
1184 bssid
= apdev
[0]['bssid']
1185 params
= hs20_ap_params()
1186 params
['hessid'] = bssid
1187 del params
['domain_name']
1188 params
['anqp_3gpp_cell_net'] = "232,01"
1189 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1191 dev
[0].hs20_enable()
1192 dev
[0].request("SET external_sim 1")
1193 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1194 'provisioning_sp': "example.com",
1195 'sp_priority' :"1" })
1196 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1197 'username': "hs20-test",
1198 'password': "password",
1199 'domain': "example.com",
1200 'provisioning_sp': "example.com",
1201 'sp_priority': "2" })
1202 dev
[0].dump_monitor()
1203 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1204 interworking_ext_sim_auth(dev
[0], "SIM")
1205 check_sp_type(dev
[0], "unknown")
1206 dev
[0].request("REMOVE_NETWORK all")
1208 dev
[0].set_cred(id1
, "sp_priority", "2")
1209 dev
[0].set_cred(id2
, "sp_priority", "1")
1210 dev
[0].dump_monitor()
1211 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1212 interworking_auth(dev
[0], "TTLS")
1213 check_sp_type(dev
[0], "unknown")
1215 def test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
):
1216 """Hotspot 2.0 multi-cred sp_priority with two BSSes"""
1217 if not hlr_auc_gw_available():
1219 bssid
= apdev
[0]['bssid']
1220 params
= hs20_ap_params()
1221 params
['hessid'] = bssid
1222 del params
['nai_realm']
1223 del params
['domain_name']
1224 params
['anqp_3gpp_cell_net'] = "232,01"
1225 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1227 bssid2
= apdev
[1]['bssid']
1228 params
= hs20_ap_params()
1229 params
['ssid'] = "test-hs20-other"
1230 params
['hessid'] = bssid2
1231 del params
['domain_name']
1232 del params
['anqp_3gpp_cell_net']
1233 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1235 dev
[0].hs20_enable()
1236 dev
[0].request("SET external_sim 1")
1237 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1238 'provisioning_sp': "example.com",
1239 'sp_priority': "1" })
1240 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1241 'username': "hs20-test",
1242 'password': "password",
1243 'domain': "example.com",
1244 'provisioning_sp': "example.com",
1245 'sp_priority': "2" })
1246 dev
[0].dump_monitor()
1247 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1248 interworking_ext_sim_auth(dev
[0], "SIM")
1249 check_sp_type(dev
[0], "unknown")
1250 conn_bssid
= dev
[0].get_status_field("bssid")
1251 if conn_bssid
!= bssid
:
1252 raise Exception("Connected to incorrect BSS")
1253 dev
[0].request("REMOVE_NETWORK all")
1255 dev
[0].set_cred(id1
, "sp_priority", "2")
1256 dev
[0].set_cred(id2
, "sp_priority", "1")
1257 dev
[0].dump_monitor()
1258 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1259 interworking_auth(dev
[0], "TTLS")
1260 check_sp_type(dev
[0], "unknown")
1261 conn_bssid
= dev
[0].get_status_field("bssid")
1262 if conn_bssid
!= bssid2
:
1263 raise Exception("Connected to incorrect BSS")
1265 def check_conn_capab_selection(dev
, type, missing
):
1266 dev
.request("INTERWORKING_SELECT freq=2412")
1267 ev
= dev
.wait_event(["INTERWORKING-AP"])
1269 raise Exception("Network selection timed out");
1270 if "type=" + type not in ev
:
1271 raise Exception("Unexpected network type")
1272 if missing
and "conn_capab_missing=1" not in ev
:
1273 raise Exception("conn_capab_missing not reported")
1274 if not missing
and "conn_capab_missing=1" in ev
:
1275 raise Exception("conn_capab_missing reported unexpectedly")
1277 def conn_capab_cred(domain
=None, req_conn_capab
=None):
1278 cred
= default_cred(domain
=domain
)
1280 cred
['req_conn_capab'] = req_conn_capab
1283 def test_ap_hs20_req_conn_capab(dev
, apdev
):
1284 """Hotspot 2.0 network selection with req_conn_capab"""
1285 bssid
= apdev
[0]['bssid']
1286 params
= hs20_ap_params()
1287 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1289 dev
[0].hs20_enable()
1290 logger
.info("Not used in home network")
1291 values
= conn_capab_cred(domain
="example.com", req_conn_capab
="6:1234")
1292 id = dev
[0].add_cred_values(values
)
1293 check_conn_capab_selection(dev
[0], "home", False)
1295 logger
.info("Used in roaming network")
1296 dev
[0].remove_cred(id)
1297 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="6:1234")
1298 id = dev
[0].add_cred_values(values
)
1299 check_conn_capab_selection(dev
[0], "roaming", True)
1301 logger
.info("Verify that req_conn_capab does not prevent connection if no other network is available")
1302 check_auto_select(dev
[0], bssid
)
1304 logger
.info("Additional req_conn_capab checks")
1306 dev
[0].remove_cred(id)
1307 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="1:0")
1308 id = dev
[0].add_cred_values(values
)
1309 check_conn_capab_selection(dev
[0], "roaming", True)
1311 dev
[0].remove_cred(id)
1312 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="17:5060")
1313 id = dev
[0].add_cred_values(values
)
1314 check_conn_capab_selection(dev
[0], "roaming", True)
1316 bssid2
= apdev
[1]['bssid']
1317 params
= hs20_ap_params(ssid
="test-hs20b")
1318 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1319 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1321 dev
[0].remove_cred(id)
1322 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="50")
1323 id = dev
[0].add_cred_values(values
)
1324 dev
[0].set_cred(id, "req_conn_capab", "6:22")
1325 dev
[0].request("INTERWORKING_SELECT freq=2412")
1326 for i
in range(0, 2):
1327 ev
= dev
[0].wait_event(["INTERWORKING-AP"])
1329 raise Exception("Network selection timed out");
1330 if bssid
in ev
and "conn_capab_missing=1" not in ev
:
1331 raise Exception("Missing protocol connection capability not reported")
1332 if bssid2
in ev
and "conn_capab_missing=1" in ev
:
1333 raise Exception("Protocol connection capability not reported correctly")
1335 def test_ap_hs20_req_conn_capab_and_roaming_partner_preference(dev
, apdev
):
1336 """Hotspot 2.0 and req_conn_capab with roaming partner preference"""
1337 bssid
= apdev
[0]['bssid']
1338 params
= hs20_ap_params()
1339 params
['domain_name'] = "roaming.example.org"
1340 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1341 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1343 bssid2
= apdev
[1]['bssid']
1344 params
= hs20_ap_params(ssid
="test-hs20-b")
1345 params
['domain_name'] = "roaming.example.net"
1346 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1348 values
= default_cred()
1349 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1350 id = dev
[0].add_cred_values(values
)
1351 check_auto_select(dev
[0], bssid2
)
1353 dev
[0].set_cred(id, "req_conn_capab", "50")
1354 check_auto_select(dev
[0], bssid
)
1356 dev
[0].remove_cred(id)
1357 id = dev
[0].add_cred_values(values
)
1358 dev
[0].set_cred(id, "req_conn_capab", "51")
1359 check_auto_select(dev
[0], bssid2
)
1361 def check_bandwidth_selection(dev
, type, below
):
1362 dev
.request("INTERWORKING_SELECT freq=2412")
1363 ev
= dev
.wait_event(["INTERWORKING-AP"])
1365 raise Exception("Network selection timed out");
1366 if "type=" + type not in ev
:
1367 raise Exception("Unexpected network type")
1368 if below
and "below_min_backhaul=1" not in ev
:
1369 raise Exception("below_min_backhaul not reported")
1370 if not below
and "below_min_backhaul=1" in ev
:
1371 raise Exception("below_min_backhaul reported unexpectedly")
1373 def bw_cred(domain
=None, dl_home
=None, ul_home
=None, dl_roaming
=None, ul_roaming
=None):
1374 cred
= default_cred(domain
=domain
)
1376 cred
['min_dl_bandwidth_home'] = str(dl_home
)
1378 cred
['min_ul_bandwidth_home'] = str(ul_home
)
1380 cred
['min_dl_bandwidth_roaming'] = str(dl_roaming
)
1382 cred
['min_ul_bandwidth_roaming'] = str(ul_roaming
)
1385 def test_ap_hs20_min_bandwidth_home(dev
, apdev
):
1386 """Hotspot 2.0 network selection with min bandwidth (home)"""
1387 bssid
= apdev
[0]['bssid']
1388 params
= hs20_ap_params()
1389 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1391 dev
[0].hs20_enable()
1392 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=58)
1393 id = dev
[0].add_cred_values(values
)
1394 check_bandwidth_selection(dev
[0], "home", False)
1395 dev
[0].remove_cred(id)
1397 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=58)
1398 id = dev
[0].add_cred_values(values
)
1399 check_bandwidth_selection(dev
[0], "home", True)
1400 dev
[0].remove_cred(id)
1402 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=59)
1403 id = dev
[0].add_cred_values(values
)
1404 check_bandwidth_selection(dev
[0], "home", True)
1405 dev
[0].remove_cred(id)
1407 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=59)
1408 id = dev
[0].add_cred_values(values
)
1409 check_bandwidth_selection(dev
[0], "home", True)
1410 check_auto_select(dev
[0], bssid
)
1412 bssid2
= apdev
[1]['bssid']
1413 params
= hs20_ap_params(ssid
="test-hs20-b")
1414 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1415 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1417 check_auto_select(dev
[0], bssid2
)
1419 def test_ap_hs20_min_bandwidth_roaming(dev
, apdev
):
1420 """Hotspot 2.0 network selection with min bandwidth (roaming)"""
1421 bssid
= apdev
[0]['bssid']
1422 params
= hs20_ap_params()
1423 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1425 dev
[0].hs20_enable()
1426 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=58)
1427 id = dev
[0].add_cred_values(values
)
1428 check_bandwidth_selection(dev
[0], "roaming", False)
1429 dev
[0].remove_cred(id)
1431 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=58)
1432 id = dev
[0].add_cred_values(values
)
1433 check_bandwidth_selection(dev
[0], "roaming", True)
1434 dev
[0].remove_cred(id)
1436 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=59)
1437 id = dev
[0].add_cred_values(values
)
1438 check_bandwidth_selection(dev
[0], "roaming", True)
1439 dev
[0].remove_cred(id)
1441 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=59)
1442 id = dev
[0].add_cred_values(values
)
1443 check_bandwidth_selection(dev
[0], "roaming", True)
1444 check_auto_select(dev
[0], bssid
)
1446 bssid2
= apdev
[1]['bssid']
1447 params
= hs20_ap_params(ssid
="test-hs20-b")
1448 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1449 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1451 check_auto_select(dev
[0], bssid2
)
1453 def test_ap_hs20_min_bandwidth_and_roaming_partner_preference(dev
, apdev
):
1454 """Hotspot 2.0 and minimum bandwidth with roaming partner preference"""
1455 bssid
= apdev
[0]['bssid']
1456 params
= hs20_ap_params()
1457 params
['domain_name'] = "roaming.example.org"
1458 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1459 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1461 bssid2
= apdev
[1]['bssid']
1462 params
= hs20_ap_params(ssid
="test-hs20-b")
1463 params
['domain_name'] = "roaming.example.net"
1464 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1466 values
= default_cred()
1467 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1468 id = dev
[0].add_cred_values(values
)
1469 check_auto_select(dev
[0], bssid2
)
1471 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "6000")
1472 check_auto_select(dev
[0], bssid
)
1474 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "10000")
1475 check_auto_select(dev
[0], bssid2
)
1477 def test_ap_hs20_min_bandwidth_no_wan_metrics(dev
, apdev
):
1478 """Hotspot 2.0 network selection with min bandwidth but no WAN Metrics"""
1479 bssid
= apdev
[0]['bssid']
1480 params
= hs20_ap_params()
1481 del params
['hs20_wan_metrics']
1482 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1484 dev
[0].hs20_enable()
1485 values
= bw_cred(domain
="example.com", dl_home
=10000, ul_home
=10000,
1486 dl_roaming
=10000, ul_roaming
=10000)
1487 dev
[0].add_cred_values(values
)
1488 check_bandwidth_selection(dev
[0], "home", False)
1490 def test_ap_hs20_deauth_req_ess(dev
, apdev
):
1491 """Hotspot 2.0 connection and deauthentication request for ESS"""
1492 dev
[0].request("SET pmf 2")
1493 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1494 dev
[0].dump_monitor()
1495 addr
= dev
[0].p2p_interface_addr()
1496 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1497 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 1 120 http://example.com/")
1498 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1500 raise Exception("Timeout on deauth imminent notice")
1501 if "1 120 http://example.com/" not in ev
:
1502 raise Exception("Unexpected deauth imminent notice: " + ev
)
1503 hapd
.request("DEAUTHENTICATE " + addr
)
1504 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1506 raise Exception("Timeout on disconnection")
1507 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1508 raise Exception("Network not marked temporarily disabled")
1509 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1510 "Trying to associate",
1511 "CTRL-EVENT-CONNECTED"], timeout
=5)
1513 raise Exception("Unexpected connection attempt")
1515 def test_ap_hs20_deauth_req_bss(dev
, apdev
):
1516 """Hotspot 2.0 connection and deauthentication request for BSS"""
1517 dev
[0].request("SET pmf 2")
1518 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1519 dev
[0].dump_monitor()
1520 addr
= dev
[0].p2p_interface_addr()
1521 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1522 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 0 120 http://example.com/")
1523 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1525 raise Exception("Timeout on deauth imminent notice")
1526 if "0 120 http://example.com/" not in ev
:
1527 raise Exception("Unexpected deauth imminent notice: " + ev
)
1528 hapd
.request("DEAUTHENTICATE " + addr
+ " reason=4")
1529 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1531 raise Exception("Timeout on disconnection")
1532 if "reason=4" not in ev
:
1533 raise Exception("Unexpected disconnection reason")
1534 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1535 raise Exception("Network not marked temporarily disabled")
1536 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1537 "Trying to associate",
1538 "CTRL-EVENT-CONNECTED"], timeout
=5)
1540 raise Exception("Unexpected connection attempt")
1542 def test_ap_hs20_deauth_req_from_radius(dev
, apdev
):
1543 """Hotspot 2.0 connection and deauthentication request from RADIUS"""
1544 bssid
= apdev
[0]['bssid']
1545 params
= hs20_ap_params()
1546 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1547 params
['hs20_deauth_req_timeout'] = "2"
1548 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1550 dev
[0].request("SET pmf 2")
1551 dev
[0].hs20_enable()
1552 dev
[0].add_cred_values({ 'realm': "example.com",
1553 'username': "hs20-deauth-test",
1554 'password': "password" })
1555 interworking_select(dev
[0], bssid
, freq
="2412")
1556 interworking_connect(dev
[0], bssid
, "TTLS")
1557 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"], timeout
=5)
1559 raise Exception("Timeout on deauth imminent notice")
1560 if " 1 100" not in ev
:
1561 raise Exception("Unexpected deauth imminent contents")
1562 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=3)
1564 raise Exception("Timeout on disconnection")
1566 def test_ap_hs20_remediation_required(dev
, apdev
):
1567 """Hotspot 2.0 connection and remediation required from RADIUS"""
1568 bssid
= apdev
[0]['bssid']
1569 params
= hs20_ap_params()
1570 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1571 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1573 dev
[0].request("SET pmf 1")
1574 dev
[0].hs20_enable()
1575 dev
[0].add_cred_values({ 'realm': "example.com",
1576 'username': "hs20-subrem-test",
1577 'password': "password" })
1578 interworking_select(dev
[0], bssid
, freq
="2412")
1579 interworking_connect(dev
[0], bssid
, "TTLS")
1580 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1582 raise Exception("Timeout on subscription remediation notice")
1583 if " 1 https://example.com/" not in ev
:
1584 raise Exception("Unexpected subscription remediation event contents")
1586 def test_ap_hs20_remediation_required_ctrl(dev
, apdev
):
1587 """Hotspot 2.0 connection and subrem from ctrl_iface"""
1588 bssid
= apdev
[0]['bssid']
1589 addr
= dev
[0].p2p_dev_addr()
1590 params
= hs20_ap_params()
1591 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1592 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
1594 dev
[0].request("SET pmf 1")
1595 dev
[0].hs20_enable()
1596 dev
[0].add_cred_values(default_cred())
1597 interworking_select(dev
[0], bssid
, freq
="2412")
1598 interworking_connect(dev
[0], bssid
, "TTLS")
1600 hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://example.com/")
1601 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1603 raise Exception("Timeout on subscription remediation notice")
1604 if " 1 https://example.com/" not in ev
:
1605 raise Exception("Unexpected subscription remediation event contents")
1607 hapd
.request("HS20_WNM_NOTIF " + addr
)
1608 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1610 raise Exception("Timeout on subscription remediation notice")
1611 if not ev
.endswith("HS20-SUBSCRIPTION-REMEDIATION "):
1612 raise Exception("Unexpected subscription remediation event contents: " + ev
)
1614 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF "):
1615 raise Exception("Unexpected HS20_WNM_NOTIF success")
1616 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF foo"):
1617 raise Exception("Unexpected HS20_WNM_NOTIF success")
1618 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://12345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678927.very.long.example.com/"):
1619 raise Exception("Unexpected HS20_WNM_NOTIF success")
1621 def test_ap_hs20_session_info(dev
, apdev
):
1622 """Hotspot 2.0 connection and session information from RADIUS"""
1623 bssid
= apdev
[0]['bssid']
1624 params
= hs20_ap_params()
1625 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1626 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1628 dev
[0].request("SET pmf 1")
1629 dev
[0].hs20_enable()
1630 dev
[0].add_cred_values({ 'realm': "example.com",
1631 'username': "hs20-session-info-test",
1632 'password': "password" })
1633 interworking_select(dev
[0], bssid
, freq
="2412")
1634 interworking_connect(dev
[0], bssid
, "TTLS")
1635 ev
= dev
[0].wait_event(["ESS-DISASSOC-IMMINENT"], timeout
=10)
1637 raise Exception("Timeout on ESS disassociation imminent notice")
1638 if " 1 59904 https://example.com/" not in ev
:
1639 raise Exception("Unexpected ESS disassociation imminent event contents")
1640 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-STARTED"])
1642 raise Exception("Scan not started")
1643 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
1645 raise Exception("Scan not completed")
1647 def test_ap_hs20_osen(dev
, apdev
):
1648 """Hotspot 2.0 OSEN connection"""
1649 params
= { 'ssid': "osen",
1651 'auth_server_addr': "127.0.0.1",
1652 'auth_server_port': "1812",
1653 'auth_server_shared_secret': "radius" }
1654 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1656 dev
[1].connect("osen", key_mgmt
="NONE", scan_freq
="2412",
1658 dev
[2].connect("osen", key_mgmt
="NONE", wep_key0
='"hello"',
1659 scan_freq
="2412", wait_connect
=False)
1660 dev
[0].connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1661 group
="GTK_NOT_USED",
1662 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1663 ca_cert
="auth_serv/ca.pem",
1666 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
1667 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
1668 wpas
.connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1669 group
="GTK_NOT_USED",
1670 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1671 ca_cert
="auth_serv/ca.pem",
1673 wpas
.request("DISCONNECT")
1675 def test_ap_hs20_network_preference(dev
, apdev
):
1676 """Hotspot 2.0 network selection with preferred home network"""
1677 bssid
= apdev
[0]['bssid']
1678 params
= hs20_ap_params()
1679 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1681 dev
[0].hs20_enable()
1682 values
= { 'realm': "example.com",
1683 'username': "hs20-test",
1684 'password': "password",
1685 'domain': "example.com" }
1686 dev
[0].add_cred_values(values
)
1688 id = dev
[0].add_network()
1689 dev
[0].set_network_quoted(id, "ssid", "home")
1690 dev
[0].set_network_quoted(id, "psk", "12345678")
1691 dev
[0].set_network(id, "priority", "1")
1692 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1694 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1695 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1697 raise Exception("Connection timed out")
1699 raise Exception("Unexpected network selected")
1701 bssid2
= apdev
[1]['bssid']
1702 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1703 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1705 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1706 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1707 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1709 raise Exception("Connection timed out")
1710 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1711 raise Exception("No roam to higher priority network")
1712 if bssid2
not in ev
:
1713 raise Exception("Unexpected network selected")
1715 def test_ap_hs20_network_preference2(dev
, apdev
):
1716 """Hotspot 2.0 network selection with preferred credential"""
1717 bssid2
= apdev
[1]['bssid']
1718 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1719 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1721 dev
[0].hs20_enable()
1722 values
= { 'realm': "example.com",
1723 'username': "hs20-test",
1724 'password': "password",
1725 'domain': "example.com",
1727 dev
[0].add_cred_values(values
)
1729 id = dev
[0].add_network()
1730 dev
[0].set_network_quoted(id, "ssid", "home")
1731 dev
[0].set_network_quoted(id, "psk", "12345678")
1732 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1734 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1735 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1737 raise Exception("Connection timed out")
1738 if bssid2
not in ev
:
1739 raise Exception("Unexpected network selected")
1741 bssid
= apdev
[0]['bssid']
1742 params
= hs20_ap_params()
1743 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1745 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1746 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1747 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1749 raise Exception("Connection timed out")
1750 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1751 raise Exception("No roam to higher priority network")
1753 raise Exception("Unexpected network selected")
1755 def test_ap_hs20_network_preference3(dev
, apdev
):
1756 """Hotspot 2.0 network selection with two credential (one preferred)"""
1757 bssid
= apdev
[0]['bssid']
1758 params
= hs20_ap_params()
1759 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1761 bssid2
= apdev
[1]['bssid']
1762 params
= hs20_ap_params(ssid
="test-hs20b")
1763 params
['nai_realm'] = "0,example.org,13[5:6],21[2:4][5:7]"
1764 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1766 dev
[0].hs20_enable()
1767 values
= { 'realm': "example.com",
1768 'username': "hs20-test",
1769 'password': "password",
1771 dev
[0].add_cred_values(values
)
1772 values
= { 'realm': "example.org",
1773 'username': "hs20-test",
1774 'password': "password" }
1775 id = dev
[0].add_cred_values(values
)
1777 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1778 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1780 raise Exception("Connection timed out")
1782 raise Exception("Unexpected network selected")
1784 dev
[0].set_cred(id, "priority", "2")
1785 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1786 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1787 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1789 raise Exception("Connection timed out")
1790 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1791 raise Exception("No roam to higher priority network")
1792 if bssid2
not in ev
:
1793 raise Exception("Unexpected network selected")
1795 def test_ap_hs20_network_preference4(dev
, apdev
):
1796 """Hotspot 2.0 network selection with username vs. SIM credential"""
1797 bssid
= apdev
[0]['bssid']
1798 params
= hs20_ap_params()
1799 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1801 bssid2
= apdev
[1]['bssid']
1802 params
= hs20_ap_params(ssid
="test-hs20b")
1803 params
['hessid'] = bssid2
1804 params
['anqp_3gpp_cell_net'] = "555,444"
1805 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
1806 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1808 dev
[0].hs20_enable()
1809 values
= { 'realm': "example.com",
1810 'username': "hs20-test",
1811 'password': "password",
1813 dev
[0].add_cred_values(values
)
1814 values
= { 'imsi': "555444-333222111",
1816 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123" }
1817 id = dev
[0].add_cred_values(values
)
1819 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1820 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1822 raise Exception("Connection timed out")
1824 raise Exception("Unexpected network selected")
1826 dev
[0].set_cred(id, "priority", "2")
1827 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1828 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1829 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1831 raise Exception("Connection timed out")
1832 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1833 raise Exception("No roam to higher priority network")
1834 if bssid2
not in ev
:
1835 raise Exception("Unexpected network selected")
1837 def test_ap_hs20_fetch_osu(dev
, apdev
):
1838 """Hotspot 2.0 OSU provider and icon fetch"""
1839 bssid
= apdev
[0]['bssid']
1840 params
= hs20_ap_params()
1841 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
1842 params
['osu_ssid'] = '"HS 2.0 OSU open"'
1843 params
['osu_method_list'] = "1"
1844 params
['osu_friendly_name'] = [ "eng:Test OSU", "fin:Testi-OSU" ]
1845 params
['osu_icon'] = "w1fi_logo"
1846 params
['osu_service_desc'] = [ "eng:Example services", "fin:Esimerkkipalveluja" ]
1847 params
['osu_server_uri'] = "https://example.com/osu/"
1848 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1850 bssid2
= apdev
[1]['bssid']
1851 params
= hs20_ap_params(ssid
="test-hs20b")
1852 params
['hessid'] = bssid2
1853 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
1854 params
['osu_ssid'] = '"HS 2.0 OSU OSEN"'
1855 params
['osu_method_list'] = "0"
1856 params
['osu_nai'] = "osen@example.com"
1857 params
['osu_friendly_name'] = [ "eng:Test2 OSU", "fin:Testi2-OSU" ]
1858 params
['osu_icon'] = "w1fi_logo"
1859 params
['osu_service_desc'] = [ "eng:Example services2", "fin:Esimerkkipalveluja2" ]
1860 params
['osu_server_uri'] = "https://example.org/osu/"
1861 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1863 with
open("w1fi_logo.png", "r") as f
:
1864 orig_logo
= f
.read()
1865 dev
[0].hs20_enable()
1866 dir = "/tmp/osu-fetch"
1867 if os
.path
.isdir(dir):
1868 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
1870 os
.remove(dir + "/" + f
)
1877 dev
[1].scan(freq
="2412")
1878 dev
[0].request("SET osu_dir " + dir)
1879 dev
[0].request("FETCH_OSU")
1880 if "OK" not in dev
[1].request("HS20_ICON_REQUEST " + bssid
+ " w1fi_logo"):
1881 raise Exception("HS20_ICON_REQUEST failed")
1884 ev
= dev
[0].wait_event(["OSU provider fetch completed",
1885 "RX-HS20-ANQP-ICON"], timeout
=15)
1887 raise Exception("Timeout on OSU fetch")
1888 if "OSU provider fetch completed" in ev
:
1890 if "RX-HS20-ANQP-ICON" in ev
:
1891 with
open(ev
.split(' ')[1], "r") as f
:
1893 if logo
== orig_logo
:
1896 with
open(dir + "/osu-providers.txt", "r") as f
:
1898 if "OSU-PROVIDER " + bssid
not in prov
:
1899 raise Exception("Missing OSU_PROVIDER")
1900 if "OSU-PROVIDER " + bssid2
not in prov
:
1901 raise Exception("Missing OSU_PROVIDER")
1903 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
1905 os
.remove(dir + "/" + f
)
1909 raise Exception("Unexpected number of icons fetched")
1911 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=5)
1913 raise Exception("Timeout on GAS-QUERY-DONE")
1914 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=5)
1916 raise Exception("Timeout on GAS-QUERY-DONE")
1917 if "freq=2412 status_code=0 result=SUCCESS" not in ev
:
1918 raise Exception("Unexpected GAS-QUERY-DONE: " + ev
)
1919 ev
= dev
[1].wait_event(["RX-HS20-ANQP"], timeout
=15)
1921 raise Exception("Timeout on icon fetch")
1922 if "Icon Binary File" not in ev
:
1923 raise Exception("Unexpected ANQP element")