]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_hs20.py
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
12 logger
= logging
.getLogger()
20 from wlantest
import Wlantest
21 from wpasupplicant
import WpaSupplicant
23 def hs20_ap_params(ssid
="test-hs20"):
24 params
= hostapd
.wpa2_params(ssid
=ssid
)
25 params
['wpa_key_mgmt'] = "WPA-EAP"
26 params
['ieee80211w'] = "1"
27 params
['ieee8021x'] = "1"
28 params
['auth_server_addr'] = "127.0.0.1"
29 params
['auth_server_port'] = "1812"
30 params
['auth_server_shared_secret'] = "radius"
31 params
['interworking'] = "1"
32 params
['access_network_type'] = "14"
33 params
['internet'] = "1"
37 params
['venue_group'] = "7"
38 params
['venue_type'] = "1"
39 params
['venue_name'] = [ "eng:Example venue", "fin:Esimerkkipaikka" ]
40 params
['roaming_consortium'] = [ "112233", "1020304050", "010203040506",
42 params
['domain_name'] = "example.com,another.example.com"
43 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
44 "0,another.example.com" ]
46 params
['hs20_wan_metrics'] = "01:8000:1000:80:240:3000"
47 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0" ]
48 params
['hs20_operating_class'] = "5173"
49 params
['anqp_3gpp_cell_net'] = "244,91"
52 def check_auto_select(dev
, bssid
):
53 dev
.scan_for_bss(bssid
, freq
="2412")
54 dev
.request("INTERWORKING_SELECT auto freq=2412")
55 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
57 raise Exception("Connection timed out")
59 raise Exception("Connected to incorrect network")
60 dev
.request("REMOVE_NETWORK all")
62 def interworking_select(dev
, bssid
, type=None, no_match
=False, freq
=None):
64 if bssid
and freq
and not no_match
:
65 dev
.scan_for_bss(bssid
, freq
=freq
)
66 freq_extra
= " freq=" + freq
if freq
else ""
67 dev
.request("INTERWORKING_SELECT" + freq_extra
)
68 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
71 raise Exception("Network selection timed out");
73 if "INTERWORKING-NO-MATCH" not in ev
:
74 raise Exception("Unexpected network match")
76 if "INTERWORKING-NO-MATCH" in ev
:
77 logger
.info("Matching network not found - try again")
79 dev
.request("INTERWORKING_SELECT" + freq_extra
)
80 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
83 raise Exception("Network selection timed out");
84 if "INTERWORKING-NO-MATCH" in ev
:
85 raise Exception("Matching network not found")
86 if bssid
and bssid
not in ev
:
87 raise Exception("Unexpected BSSID in match")
88 if type and "type=" + type not in ev
:
89 raise Exception("Network type not recognized correctly")
91 def check_sp_type(dev
, sp_type
):
92 type = dev
.get_status_field("sp_type")
94 raise Exception("sp_type not available")
96 raise Exception("sp_type did not indicate home network")
98 def hlr_auc_gw_available():
99 if not os
.path
.exists("/tmp/hlr_auc_gw.sock"):
100 logger
.info("No hlr_auc_gw available");
102 if not os
.path
.exists("../../hostapd/hlr_auc_gw"):
103 logger
.info("No hlr_auc_gw available");
107 def interworking_ext_sim_connect(dev
, bssid
, method
):
108 dev
.request("INTERWORKING_CONNECT " + bssid
)
109 interworking_ext_sim_auth(dev
, method
)
111 def interworking_ext_sim_auth(dev
, method
):
112 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
114 raise Exception("Network connected timed out")
115 if "(" + method
+ ")" not in ev
:
116 raise Exception("Unexpected EAP method selection")
118 ev
= dev
.wait_event(["CTRL-REQ-SIM"], timeout
=15)
120 raise Exception("Wait for external SIM processing request timed out")
122 if p
[1] != "GSM-AUTH":
123 raise Exception("Unexpected CTRL-REQ-SIM type")
124 id = p
[0].split('-')[3]
125 rand
= p
[2].split(' ')[0]
127 res
= subprocess
.check_output(["../../hostapd/hlr_auc_gw",
129 "auth_serv/hlr_auc_gw.milenage_db",
130 "GSM-AUTH-REQ 232010000000000 " + rand
])
131 if "GSM-AUTH-RESP" not in res
:
132 raise Exception("Unexpected hlr_auc_gw response")
133 resp
= res
.split(' ')[2].rstrip()
135 dev
.request("CTRL-RSP-SIM-" + id + ":GSM-AUTH:" + resp
)
136 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
138 raise Exception("Connection timed out")
140 def interworking_connect(dev
, bssid
, method
):
141 dev
.request("INTERWORKING_CONNECT " + bssid
)
142 interworking_auth(dev
, method
)
144 def interworking_auth(dev
, method
):
145 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
147 raise Exception("Network connected timed out")
148 if "(" + method
+ ")" not in ev
:
149 raise Exception("Unexpected EAP method selection")
151 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
153 raise Exception("Connection timed out")
155 def check_probe_resp(wt
, bssid_unexpected
, bssid_expected
):
157 count
= wt
.get_bss_counter("probe_response", bssid_unexpected
)
159 raise Exception("Unexpected Probe Response frame from AP")
162 count
= wt
.get_bss_counter("probe_response", bssid_expected
)
164 raise Exception("No Probe Response frame from AP")
166 def test_ap_anqp_sharing(dev
, apdev
):
167 """ANQP sharing within ESS and explicit unshare"""
168 bssid
= apdev
[0]['bssid']
169 params
= hs20_ap_params()
170 params
['hessid'] = bssid
171 hostapd
.add_ap(apdev
[0]['ifname'], params
)
173 bssid2
= apdev
[1]['bssid']
174 params
= hs20_ap_params()
175 params
['hessid'] = bssid
176 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ]
177 hostapd
.add_ap(apdev
[1]['ifname'], params
)
180 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
181 'password': "secret",
182 'domain': "example.com" })
183 logger
.info("Normal network selection with shared ANQP results")
184 dev
[0].scan_for_bss(bssid
, freq
="2412")
185 dev
[0].scan_for_bss(bssid2
, freq
="2412")
186 interworking_select(dev
[0], None, "home", freq
="2412")
187 dev
[0].dump_monitor()
189 res1
= dev
[0].get_bss(bssid
)
190 res2
= dev
[0].get_bss(bssid2
)
191 if res1
['anqp_nai_realm'] != res2
['anqp_nai_realm']:
192 raise Exception("ANQP results were not shared between BSSes")
194 logger
.info("Explicit ANQP request to unshare ANQP results")
195 dev
[0].request("ANQP_GET " + bssid
+ " 263")
196 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
198 raise Exception("ANQP operation timed out")
200 dev
[0].request("ANQP_GET " + bssid2
+ " 263")
201 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
203 raise Exception("ANQP operation timed out")
205 res1
= dev
[0].get_bss(bssid
)
206 res2
= dev
[0].get_bss(bssid2
)
207 if res1
['anqp_nai_realm'] == res2
['anqp_nai_realm']:
208 raise Exception("ANQP results were not unshared")
210 def test_ap_nai_home_realm_query(dev
, apdev
):
211 """NAI Home Realm Query"""
212 bssid
= apdev
[0]['bssid']
213 params
= hs20_ap_params()
214 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
215 "0,another.example.org" ]
216 hostapd
.add_ap(apdev
[0]['ifname'], params
)
218 dev
[0].scan(freq
="2412")
219 dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
+ " realm=example.com")
220 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
222 raise Exception("ANQP operation timed out")
223 nai1
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
224 dev
[0].dump_monitor()
226 dev
[0].request("ANQP_GET " + bssid
+ " 263")
227 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
229 raise Exception("ANQP operation timed out")
230 nai2
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
232 if len(nai1
) >= len(nai2
):
233 raise Exception("Unexpected NAI Realm list response lengths")
234 if "example.com".encode('hex') not in nai1
:
235 raise Exception("Home realm not reported")
236 if "example.org".encode('hex') in nai1
:
237 raise Exception("Non-home realm reported")
238 if "example.com".encode('hex') not in nai2
:
239 raise Exception("Home realm not reported in wildcard query")
240 if "example.org".encode('hex') not in nai2
:
241 raise Exception("Non-home realm not reported in wildcard query ")
244 "00:11:22:33:44:55 123",
245 "00:11:22:33:44:55 qq" ]
247 if "FAIL" not in dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + cmd
):
248 raise Exception("Invalid HS20_GET_NAI_HOME_REALM_LIST accepted: " + cmd
)
250 dev
[0].dump_monitor()
251 if "OK" not in dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
):
252 raise Exception("HS20_GET_NAI_HOME_REALM_LIST failed")
253 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=10)
255 raise Exception("ANQP operation timed out")
256 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=0.1)
258 raise Exception("Unexpected ANQP response: " + ev
)
260 dev
[0].dump_monitor()
261 if "OK" not in dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
+ " 01000b6578616d706c652e636f6d"):
262 raise Exception("HS20_GET_NAI_HOME_REALM_LIST failed")
263 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=10)
265 raise Exception("No ANQP response")
266 if "NAI Realm list" not in ev
:
267 raise Exception("Missing NAI Realm list: " + ev
)
269 dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
270 'password': "secret",
271 'domain': "example.com" })
272 dev
[0].dump_monitor()
273 if "OK" not in dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
):
274 raise Exception("HS20_GET_NAI_HOME_REALM_LIST failed")
275 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=10)
277 raise Exception("No ANQP response")
278 if "NAI Realm list" not in ev
:
279 raise Exception("Missing NAI Realm list: " + ev
)
281 def test_ap_interworking_scan_filtering(dev
, apdev
):
282 """Interworking scan filtering with HESSID and access network type"""
284 return _test_ap_interworking_scan_filtering(dev
, apdev
)
286 dev
[0].request("SET hessid 00:00:00:00:00:00")
287 dev
[0].request("SET access_network_type 15")
289 def _test_ap_interworking_scan_filtering(dev
, apdev
):
290 bssid
= apdev
[0]['bssid']
291 params
= hs20_ap_params()
292 ssid
= "test-hs20-ap1"
293 params
['ssid'] = ssid
294 params
['hessid'] = bssid
295 hostapd
.add_ap(apdev
[0]['ifname'], params
)
297 bssid2
= apdev
[1]['bssid']
298 params
= hs20_ap_params()
299 ssid2
= "test-hs20-ap2"
300 params
['ssid'] = ssid2
301 params
['hessid'] = bssid2
302 params
['access_network_type'] = "1"
303 del params
['venue_group']
304 del params
['venue_type']
305 hostapd
.add_ap(apdev
[1]['ifname'], params
)
312 logger
.info("Check probe request filtering based on HESSID")
314 dev
[0].request("SET hessid " + bssid2
)
315 dev
[0].scan(freq
="2412")
317 check_probe_resp(wt
, bssid
, bssid2
)
319 logger
.info("Check probe request filtering based on access network type")
321 wt
.clear_bss_counters(bssid
)
322 wt
.clear_bss_counters(bssid2
)
323 dev
[0].request("SET hessid 00:00:00:00:00:00")
324 dev
[0].request("SET access_network_type 14")
325 dev
[0].scan(freq
="2412")
327 check_probe_resp(wt
, bssid2
, bssid
)
329 wt
.clear_bss_counters(bssid
)
330 wt
.clear_bss_counters(bssid2
)
331 dev
[0].request("SET hessid 00:00:00:00:00:00")
332 dev
[0].request("SET access_network_type 1")
333 dev
[0].scan(freq
="2412")
335 check_probe_resp(wt
, bssid
, bssid2
)
337 logger
.info("Check probe request filtering based on HESSID and ANT")
339 wt
.clear_bss_counters(bssid
)
340 wt
.clear_bss_counters(bssid2
)
341 dev
[0].request("SET hessid " + bssid
)
342 dev
[0].request("SET access_network_type 14")
343 dev
[0].scan(freq
="2412")
345 check_probe_resp(wt
, bssid2
, bssid
)
347 wt
.clear_bss_counters(bssid
)
348 wt
.clear_bss_counters(bssid2
)
349 dev
[0].request("SET hessid " + bssid2
)
350 dev
[0].request("SET access_network_type 14")
351 dev
[0].scan(freq
="2412")
353 check_probe_resp(wt
, bssid
, None)
354 check_probe_resp(wt
, bssid2
, None)
356 wt
.clear_bss_counters(bssid
)
357 wt
.clear_bss_counters(bssid2
)
358 dev
[0].request("SET hessid " + bssid
)
359 dev
[0].request("SET access_network_type 1")
360 dev
[0].scan(freq
="2412")
362 check_probe_resp(wt
, bssid
, None)
363 check_probe_resp(wt
, bssid2
, None)
365 def test_ap_hs20_select(dev
, apdev
):
366 """Hotspot 2.0 network selection"""
367 bssid
= apdev
[0]['bssid']
368 params
= hs20_ap_params()
369 params
['hessid'] = bssid
370 hostapd
.add_ap(apdev
[0]['ifname'], params
)
373 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
374 'password': "secret",
375 'domain': "example.com" })
376 interworking_select(dev
[0], bssid
, "home")
378 dev
[0].remove_cred(id)
379 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
380 'password': "secret",
381 'domain': "no.match.example.com" })
382 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
384 dev
[0].set_cred_quoted(id, "realm", "no.match.example.com");
385 interworking_select(dev
[0], bssid
, no_match
=True, freq
="2412")
387 res
= dev
[0].request("SCAN_RESULTS")
388 if "[HS20]" not in res
:
389 raise Exception("HS20 flag missing from scan results: " + res
)
391 bssid2
= apdev
[1]['bssid']
392 params
= hs20_ap_params()
393 params
['nai_realm'] = [ "0,example.org,21" ]
394 params
['hessid'] = bssid2
395 params
['domain_name'] = "example.org"
396 hostapd
.add_ap(apdev
[1]['ifname'], params
)
397 dev
[0].remove_cred(id)
398 id = dev
[0].add_cred_values({ 'realm': "example.org", 'username': "test",
399 'password': "secret",
400 'domain': "example.org" })
401 interworking_select(dev
[0], bssid2
, "home", freq
="2412")
403 def hs20_simulated_sim(dev
, ap
, method
):
405 params
= hs20_ap_params()
406 params
['hessid'] = bssid
407 params
['anqp_3gpp_cell_net'] = "555,444"
408 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
409 hostapd
.add_ap(ap
['ifname'], params
)
412 dev
.add_cred_values({ 'imsi': "555444-333222111", 'eap': method
,
413 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
414 interworking_select(dev
, "home", freq
="2412")
415 interworking_connect(dev
, bssid
, method
)
416 check_sp_type(dev
, "home")
418 def test_ap_hs20_sim(dev
, apdev
):
419 """Hotspot 2.0 with simulated SIM and EAP-SIM"""
420 if not hlr_auc_gw_available():
422 hs20_simulated_sim(dev
[0], apdev
[0], "SIM")
423 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
424 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
426 raise Exception("Timeout on already-connected event")
428 def test_ap_hs20_aka(dev
, apdev
):
429 """Hotspot 2.0 with simulated USIM and EAP-AKA"""
430 if not hlr_auc_gw_available():
432 hs20_simulated_sim(dev
[0], apdev
[0], "AKA")
434 def test_ap_hs20_aka_prime(dev
, apdev
):
435 """Hotspot 2.0 with simulated USIM and EAP-AKA'"""
436 if not hlr_auc_gw_available():
438 hs20_simulated_sim(dev
[0], apdev
[0], "AKA'")
440 def test_ap_hs20_ext_sim(dev
, apdev
):
441 """Hotspot 2.0 with external SIM processing"""
442 if not hlr_auc_gw_available():
444 bssid
= apdev
[0]['bssid']
445 params
= hs20_ap_params()
446 params
['hessid'] = bssid
447 params
['anqp_3gpp_cell_net'] = "232,01"
448 params
['domain_name'] = "wlan.mnc001.mcc232.3gppnetwork.org"
449 hostapd
.add_ap(apdev
[0]['ifname'], params
)
453 dev
[0].request("SET external_sim 1")
454 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
455 interworking_select(dev
[0], "home", freq
="2412")
456 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
457 check_sp_type(dev
[0], "home")
459 dev
[0].request("SET external_sim 0")
461 def test_ap_hs20_ext_sim_roaming(dev
, apdev
):
462 """Hotspot 2.0 with external SIM processing in roaming network"""
463 if not hlr_auc_gw_available():
465 bssid
= apdev
[0]['bssid']
466 params
= hs20_ap_params()
467 params
['hessid'] = bssid
468 params
['anqp_3gpp_cell_net'] = "244,91;310,026;232,01;234,56"
469 params
['domain_name'] = "wlan.mnc091.mcc244.3gppnetwork.org"
470 hostapd
.add_ap(apdev
[0]['ifname'], params
)
474 dev
[0].request("SET external_sim 1")
475 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
476 interworking_select(dev
[0], "roaming", freq
="2412")
477 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
478 check_sp_type(dev
[0], "roaming")
480 dev
[0].request("SET external_sim 0")
482 def test_ap_hs20_username(dev
, apdev
):
483 """Hotspot 2.0 connection in username/password credential"""
484 bssid
= apdev
[0]['bssid']
485 params
= hs20_ap_params()
486 params
['hessid'] = bssid
487 params
['disable_dgaf'] = '1'
488 hostapd
.add_ap(apdev
[0]['ifname'], params
)
491 id = dev
[0].add_cred_values({ 'realm': "example.com",
492 'username': "hs20-test",
493 'password': "password",
494 'ca_cert': "auth_serv/ca.pem",
495 'domain': "example.com",
496 'update_identifier': "1234" })
497 interworking_select(dev
[0], bssid
, "home", freq
="2412")
498 interworking_connect(dev
[0], bssid
, "TTLS")
499 check_sp_type(dev
[0], "home")
500 status
= dev
[0].get_status()
501 if status
['pairwise_cipher'] != "CCMP":
502 raise Exception("Unexpected pairwise cipher")
503 if status
['hs20'] != "2":
504 raise Exception("Unexpected HS 2.0 support indication")
506 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
507 identity
="hs20-test", password
="password",
508 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
511 def test_ap_hs20_connect_api(dev
, apdev
):
512 """Hotspot 2.0 connection with connect API"""
513 bssid
= apdev
[0]['bssid']
514 params
= hs20_ap_params()
515 params
['hessid'] = bssid
516 params
['disable_dgaf'] = '1'
517 hostapd
.add_ap(apdev
[0]['ifname'], params
)
519 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
520 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
522 wpas
.flush_scan_cache()
523 id = wpas
.add_cred_values({ 'realm': "example.com",
524 'username': "hs20-test",
525 'password': "password",
526 'ca_cert': "auth_serv/ca.pem",
527 'domain': "example.com",
528 'update_identifier': "1234" })
529 interworking_select(wpas
, bssid
, "home", freq
="2412")
530 interworking_connect(wpas
, bssid
, "TTLS")
531 check_sp_type(wpas
, "home")
532 status
= wpas
.get_status()
533 if status
['pairwise_cipher'] != "CCMP":
534 raise Exception("Unexpected pairwise cipher")
535 if status
['hs20'] != "2":
536 raise Exception("Unexpected HS 2.0 support indication")
538 def test_ap_hs20_auto_interworking(dev
, apdev
):
539 """Hotspot 2.0 connection with auto_interworking=1"""
540 bssid
= apdev
[0]['bssid']
541 params
= hs20_ap_params()
542 params
['hessid'] = bssid
543 params
['disable_dgaf'] = '1'
544 hostapd
.add_ap(apdev
[0]['ifname'], params
)
546 dev
[0].hs20_enable(auto_interworking
=True)
547 id = dev
[0].add_cred_values({ 'realm': "example.com",
548 'username': "hs20-test",
549 'password': "password",
550 'ca_cert': "auth_serv/ca.pem",
551 'domain': "example.com",
552 'update_identifier': "1234" })
553 dev
[0].request("REASSOCIATE")
554 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
556 raise Exception("Connection timed out")
557 check_sp_type(dev
[0], "home")
558 status
= dev
[0].get_status()
559 if status
['pairwise_cipher'] != "CCMP":
560 raise Exception("Unexpected pairwise cipher")
561 if status
['hs20'] != "2":
562 raise Exception("Unexpected HS 2.0 support indication")
564 def test_ap_hs20_auto_interworking_no_cred_match(dev
, apdev
):
565 """Hotspot 2.0 connection with auto_interworking=1 but no cred match"""
566 bssid
= apdev
[0]['bssid']
567 params
= { "ssid": "test" }
568 hostapd
.add_ap(apdev
[0]['ifname'], params
)
570 dev
[0].hs20_enable(auto_interworking
=True)
571 dev
[0].add_cred_values({ 'realm': "example.com",
572 'username': "hs20-test",
573 'password': "password",
574 'ca_cert': "auth_serv/ca.pem",
575 'domain': "example.com" })
577 id = dev
[0].connect("test", psk
="12345678", only_add_network
=True)
578 dev
[0].request("ENABLE_NETWORK %s" % id)
579 logger
.info("Verify that scanning continues when there is partial network block match")
580 for i
in range(0, 2):
581 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 10)
583 raise Exception("Scan timed out")
584 logger
.info("Scan completed")
586 def eap_test(dev
, ap
, eap_params
, method
, user
):
588 params
= hs20_ap_params()
589 params
['nai_realm'] = [ "0,example.com," + eap_params
]
590 hostapd
.add_ap(ap
['ifname'], params
)
593 dev
.add_cred_values({ 'realm': "example.com",
595 'password': "password" })
596 interworking_select(dev
, bssid
, freq
="2412")
597 interworking_connect(dev
, bssid
, method
)
599 def test_ap_hs20_eap_unknown(dev
, apdev
):
600 """Hotspot 2.0 connection with unknown EAP method"""
601 bssid
= apdev
[0]['bssid']
602 params
= hs20_ap_params()
603 params
['nai_realm'] = "0,example.com,99"
604 hostapd
.add_ap(apdev
[0]['ifname'], params
)
607 dev
[0].add_cred_values(default_cred())
608 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
610 def test_ap_hs20_eap_peap_mschapv2(dev
, apdev
):
611 """Hotspot 2.0 connection with PEAP/MSCHAPV2"""
612 eap_test(dev
[0], apdev
[0], "25[3:26]", "PEAP", "user")
614 def test_ap_hs20_eap_peap_default(dev
, apdev
):
615 """Hotspot 2.0 connection with PEAP/MSCHAPV2 (as default)"""
616 eap_test(dev
[0], apdev
[0], "25", "PEAP", "user")
618 def test_ap_hs20_eap_peap_gtc(dev
, apdev
):
619 """Hotspot 2.0 connection with PEAP/GTC"""
620 eap_test(dev
[0], apdev
[0], "25[3:6]", "PEAP", "user")
622 def test_ap_hs20_eap_peap_unknown(dev
, apdev
):
623 """Hotspot 2.0 connection with PEAP/unknown"""
624 bssid
= apdev
[0]['bssid']
625 params
= hs20_ap_params()
626 params
['nai_realm'] = "0,example.com,25[3:99]"
627 hostapd
.add_ap(apdev
[0]['ifname'], params
)
630 dev
[0].add_cred_values(default_cred())
631 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
633 def test_ap_hs20_eap_ttls_chap(dev
, apdev
):
634 """Hotspot 2.0 connection with TTLS/CHAP"""
635 eap_test(dev
[0], apdev
[0], "21[2:2]", "TTLS", "chap user")
637 def test_ap_hs20_eap_ttls_mschap(dev
, apdev
):
638 """Hotspot 2.0 connection with TTLS/MSCHAP"""
639 eap_test(dev
[0], apdev
[0], "21[2:3]", "TTLS", "mschap user")
641 def test_ap_hs20_eap_ttls_eap_mschapv2(dev
, apdev
):
642 """Hotspot 2.0 connection with TTLS/EAP-MSCHAPv2"""
643 eap_test(dev
[0], apdev
[0], "21[3:26][6:7][99:99]", "TTLS", "user")
645 def test_ap_hs20_eap_ttls_eap_unknown(dev
, apdev
):
646 """Hotspot 2.0 connection with TTLS/EAP-unknown"""
647 bssid
= apdev
[0]['bssid']
648 params
= hs20_ap_params()
649 params
['nai_realm'] = "0,example.com,21[3:99]"
650 hostapd
.add_ap(apdev
[0]['ifname'], params
)
653 dev
[0].add_cred_values(default_cred())
654 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
656 def test_ap_hs20_eap_ttls_eap_unsupported(dev
, apdev
):
657 """Hotspot 2.0 connection with TTLS/EAP-OTP(unsupported)"""
658 bssid
= apdev
[0]['bssid']
659 params
= hs20_ap_params()
660 params
['nai_realm'] = "0,example.com,21[3:5]"
661 hostapd
.add_ap(apdev
[0]['ifname'], params
)
664 dev
[0].add_cred_values(default_cred())
665 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
667 def test_ap_hs20_eap_ttls_unknown(dev
, apdev
):
668 """Hotspot 2.0 connection with TTLS/unknown"""
669 bssid
= apdev
[0]['bssid']
670 params
= hs20_ap_params()
671 params
['nai_realm'] = "0,example.com,21[2:5]"
672 hostapd
.add_ap(apdev
[0]['ifname'], params
)
675 dev
[0].add_cred_values(default_cred())
676 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
678 def test_ap_hs20_eap_fast_mschapv2(dev
, apdev
):
679 """Hotspot 2.0 connection with FAST/EAP-MSCHAPV2"""
680 eap_test(dev
[0], apdev
[0], "43[3:26]", "FAST", "user")
682 def test_ap_hs20_eap_fast_gtc(dev
, apdev
):
683 """Hotspot 2.0 connection with FAST/EAP-GTC"""
684 eap_test(dev
[0], apdev
[0], "43[3:6]", "FAST", "user")
686 def test_ap_hs20_eap_tls(dev
, apdev
):
687 """Hotspot 2.0 connection with EAP-TLS"""
688 bssid
= apdev
[0]['bssid']
689 params
= hs20_ap_params()
690 params
['nai_realm'] = [ "0,example.com,13[5:6]" ]
691 hostapd
.add_ap(apdev
[0]['ifname'], params
)
694 dev
[0].add_cred_values({ 'realm': "example.com",
695 'username': "certificate-user",
696 'ca_cert': "auth_serv/ca.pem",
697 'client_cert': "auth_serv/user.pem",
698 'private_key': "auth_serv/user.key"})
699 interworking_select(dev
[0], bssid
, freq
="2412")
700 interworking_connect(dev
[0], bssid
, "TLS")
702 def test_ap_hs20_eap_cert_unknown(dev
, apdev
):
703 """Hotspot 2.0 connection with certificate, but unknown EAP method"""
704 bssid
= apdev
[0]['bssid']
705 params
= hs20_ap_params()
706 params
['nai_realm'] = [ "0,example.com,99[5:6]" ]
707 hostapd
.add_ap(apdev
[0]['ifname'], params
)
710 dev
[0].add_cred_values({ 'realm': "example.com",
711 'username': "certificate-user",
712 'ca_cert': "auth_serv/ca.pem",
713 'client_cert': "auth_serv/user.pem",
714 'private_key': "auth_serv/user.key"})
715 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
717 def test_ap_hs20_eap_cert_unsupported(dev
, apdev
):
718 """Hotspot 2.0 connection with certificate, but unsupported TTLS"""
719 bssid
= apdev
[0]['bssid']
720 params
= hs20_ap_params()
721 params
['nai_realm'] = [ "0,example.com,21[5:6]" ]
722 hostapd
.add_ap(apdev
[0]['ifname'], params
)
725 dev
[0].add_cred_values({ 'realm': "example.com",
726 'username': "certificate-user",
727 'ca_cert': "auth_serv/ca.pem",
728 'client_cert': "auth_serv/user.pem",
729 'private_key': "auth_serv/user.key"})
730 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
732 def test_ap_hs20_eap_invalid_cred(dev
, apdev
):
733 """Hotspot 2.0 connection with invalid cred configuration"""
734 bssid
= apdev
[0]['bssid']
735 params
= hs20_ap_params()
736 hostapd
.add_ap(apdev
[0]['ifname'], params
)
739 dev
[0].add_cred_values({ 'realm': "example.com",
740 'username': "certificate-user",
741 'client_cert': "auth_serv/user.pem" })
742 interworking_select(dev
[0], None, no_match
=True, freq
="2412")
744 def test_ap_hs20_nai_realms(dev
, apdev
):
745 """Hotspot 2.0 connection and multiple NAI realms and TTLS/PAP"""
746 bssid
= apdev
[0]['bssid']
747 params
= hs20_ap_params()
748 params
['hessid'] = bssid
749 params
['nai_realm'] = [ "0,no.match.here;example.com;no.match.here.either,21[2:1][5:7]" ]
750 hostapd
.add_ap(apdev
[0]['ifname'], params
)
753 id = dev
[0].add_cred_values({ 'realm': "example.com",
754 'username': "pap user",
755 'password': "password",
756 'domain': "example.com" })
757 interworking_select(dev
[0], bssid
, "home", freq
="2412")
758 interworking_connect(dev
[0], bssid
, "TTLS")
759 check_sp_type(dev
[0], "home")
761 def test_ap_hs20_roaming_consortium(dev
, apdev
):
762 """Hotspot 2.0 connection based on roaming consortium match"""
763 bssid
= apdev
[0]['bssid']
764 params
= hs20_ap_params()
765 params
['hessid'] = bssid
766 hostapd
.add_ap(apdev
[0]['ifname'], params
)
769 for consortium
in [ "112233", "1020304050", "010203040506", "fedcba" ]:
770 id = dev
[0].add_cred_values({ 'username': "user",
771 'password': "password",
772 'domain': "example.com",
773 'roaming_consortium': consortium
,
775 interworking_select(dev
[0], bssid
, "home", freq
="2412")
776 interworking_connect(dev
[0], bssid
, "PEAP")
777 check_sp_type(dev
[0], "home")
778 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
779 ev
= dev
[0].wait_event(["INTERWORKING-ALREADY-CONNECTED"], timeout
=15)
781 raise Exception("Timeout on already-connected event")
782 dev
[0].remove_cred(id)
784 def test_ap_hs20_username_roaming(dev
, apdev
):
785 """Hotspot 2.0 connection in username/password credential (roaming)"""
786 bssid
= apdev
[0]['bssid']
787 params
= hs20_ap_params()
788 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
789 "0,roaming.example.com,21[2:4][5:7]",
790 "0,another.example.com" ]
791 params
['domain_name'] = "another.example.com"
792 params
['hessid'] = bssid
793 hostapd
.add_ap(apdev
[0]['ifname'], params
)
796 id = dev
[0].add_cred_values({ 'realm': "roaming.example.com",
797 'username': "hs20-test",
798 'password': "password",
799 'domain': "example.com" })
800 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
801 interworking_connect(dev
[0], bssid
, "TTLS")
802 check_sp_type(dev
[0], "roaming")
804 def test_ap_hs20_username_unknown(dev
, apdev
):
805 """Hotspot 2.0 connection in username/password credential (no domain in cred)"""
806 bssid
= apdev
[0]['bssid']
807 params
= hs20_ap_params()
808 params
['hessid'] = bssid
809 hostapd
.add_ap(apdev
[0]['ifname'], params
)
812 id = dev
[0].add_cred_values({ 'realm': "example.com",
813 'username': "hs20-test",
814 'password': "password" })
815 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
816 interworking_connect(dev
[0], bssid
, "TTLS")
817 check_sp_type(dev
[0], "unknown")
819 def test_ap_hs20_username_unknown2(dev
, apdev
):
820 """Hotspot 2.0 connection in username/password credential (no domain advertized)"""
821 bssid
= apdev
[0]['bssid']
822 params
= hs20_ap_params()
823 params
['hessid'] = bssid
824 del params
['domain_name']
825 hostapd
.add_ap(apdev
[0]['ifname'], params
)
828 id = dev
[0].add_cred_values({ 'realm': "example.com",
829 'username': "hs20-test",
830 'password': "password",
831 'domain': "example.com" })
832 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
833 interworking_connect(dev
[0], bssid
, "TTLS")
834 check_sp_type(dev
[0], "unknown")
836 def test_ap_hs20_gas_while_associated(dev
, apdev
):
837 """Hotspot 2.0 connection with GAS query while associated"""
838 bssid
= apdev
[0]['bssid']
839 params
= hs20_ap_params()
840 params
['hessid'] = bssid
841 hostapd
.add_ap(apdev
[0]['ifname'], params
)
844 id = dev
[0].add_cred_values({ 'realm': "example.com",
845 'username': "hs20-test",
846 'password': "password",
847 'domain': "example.com" })
848 interworking_select(dev
[0], bssid
, "home", freq
="2412")
849 interworking_connect(dev
[0], bssid
, "TTLS")
851 logger
.info("Verifying GAS query while associated")
852 dev
[0].request("FETCH_ANQP")
853 for i
in range(0, 6):
854 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
856 raise Exception("Operation timed out")
858 def test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
):
859 """Hotspot 2.0 connection with GAS query while associated and using PMF"""
861 _test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
)
863 dev
[0].request("SET pmf 0")
865 def _test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
):
866 bssid
= apdev
[0]['bssid']
867 params
= hs20_ap_params()
868 params
['hessid'] = bssid
869 hostapd
.add_ap(apdev
[0]['ifname'], params
)
871 bssid2
= apdev
[1]['bssid']
872 params
= hs20_ap_params()
873 params
['hessid'] = bssid2
874 params
['nai_realm'] = [ "0,no-match.example.org,13[5:6],21[2:4][5:7]" ]
875 hostapd
.add_ap(apdev
[1]['ifname'], params
)
878 dev
[0].request("SET pmf 2")
879 id = dev
[0].add_cred_values({ 'realm': "example.com",
880 'username': "hs20-test",
881 'password': "password",
882 'domain': "example.com" })
883 interworking_select(dev
[0], bssid
, "home", freq
="2412")
884 interworking_connect(dev
[0], bssid
, "TTLS")
886 logger
.info("Verifying GAS query while associated")
887 dev
[0].request("FETCH_ANQP")
888 for i
in range(0, 2 * 6):
889 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
891 raise Exception("Operation timed out")
893 def test_ap_hs20_gas_frag_while_associated(dev
, apdev
):
894 """Hotspot 2.0 connection with fragmented GAS query while associated"""
895 bssid
= apdev
[0]['bssid']
896 params
= hs20_ap_params()
897 params
['hessid'] = bssid
898 hostapd
.add_ap(apdev
[0]['ifname'], params
)
899 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
900 hapd
.set("gas_frag_limit", "50")
903 id = dev
[0].add_cred_values({ 'realm': "example.com",
904 'username': "hs20-test",
905 'password': "password",
906 'domain': "example.com" })
907 interworking_select(dev
[0], bssid
, "home", freq
="2412")
908 interworking_connect(dev
[0], bssid
, "TTLS")
910 logger
.info("Verifying GAS query while associated")
911 dev
[0].request("FETCH_ANQP")
912 for i
in range(0, 6):
913 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
915 raise Exception("Operation timed out")
917 def test_ap_hs20_multiple_connects(dev
, apdev
):
918 """Hotspot 2.0 connection through multiple network selections"""
919 bssid
= apdev
[0]['bssid']
920 params
= hs20_ap_params()
921 params
['hessid'] = bssid
922 hostapd
.add_ap(apdev
[0]['ifname'], params
)
925 values
= { 'realm': "example.com",
926 'username': "hs20-test",
927 'password': "password",
928 'domain': "example.com" }
929 id = dev
[0].add_cred_values(values
)
931 dev
[0].scan_for_bss(bssid
, freq
="2412")
933 for i
in range(0, 3):
934 logger
.info("Starting Interworking network selection")
935 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
937 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
938 "INTERWORKING-ALREADY-CONNECTED",
939 "CTRL-EVENT-CONNECTED"], timeout
=15)
941 raise Exception("Connection timed out")
942 if "INTERWORKING-NO-MATCH" in ev
:
943 raise Exception("Matching AP not found")
944 if "CTRL-EVENT-CONNECTED" in ev
:
946 if i
== 2 and "INTERWORKING-ALREADY-CONNECTED" in ev
:
949 dev
[0].request("DISCONNECT")
950 dev
[0].dump_monitor()
952 networks
= dev
[0].list_networks()
953 if len(networks
) > 1:
954 raise Exception("Duplicated network block detected")
956 def test_ap_hs20_disallow_aps(dev
, apdev
):
957 """Hotspot 2.0 connection and disallow_aps"""
958 bssid
= apdev
[0]['bssid']
959 params
= hs20_ap_params()
960 params
['hessid'] = bssid
961 hostapd
.add_ap(apdev
[0]['ifname'], params
)
964 values
= { 'realm': "example.com",
965 'username': "hs20-test",
966 'password': "password",
967 'domain': "example.com" }
968 id = dev
[0].add_cred_values(values
)
970 dev
[0].scan_for_bss(bssid
, freq
="2412")
972 logger
.info("Verify disallow_aps bssid")
973 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
974 dev
[0].request("INTERWORKING_SELECT auto")
975 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
977 raise Exception("Network selection timed out")
978 dev
[0].dump_monitor()
980 logger
.info("Verify disallow_aps ssid")
981 dev
[0].request("SET disallow_aps ssid 746573742d68733230")
982 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
983 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
985 raise Exception("Network selection timed out")
986 dev
[0].dump_monitor()
988 logger
.info("Verify disallow_aps clear")
989 dev
[0].request("SET disallow_aps ")
990 interworking_select(dev
[0], bssid
, "home", freq
="2412")
992 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
993 ret
= dev
[0].request("INTERWORKING_CONNECT " + bssid
)
994 if "FAIL" not in ret
:
995 raise Exception("INTERWORKING_CONNECT to disallowed BSS not rejected")
997 if "FAIL" not in dev
[0].request("INTERWORKING_CONNECT foo"):
998 raise Exception("Invalid INTERWORKING_CONNECT not rejected")
999 if "FAIL" not in dev
[0].request("INTERWORKING_CONNECT 00:11:22:33:44:55"):
1000 raise Exception("Invalid INTERWORKING_CONNECT not rejected")
1002 def policy_test(dev
, ap
, values
, only_one
=True):
1005 logger
.info("Verify network selection to AP " + ap
['ifname'])
1007 dev
.scan_for_bss(bssid
, freq
="2412")
1009 logger
.info("Verify network selection")
1012 id = dev
.add_cred_values(values
)
1013 dev
.request("INTERWORKING_SELECT auto freq=2412")
1016 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH",
1017 "INTERWORKING-BLACKLISTED",
1018 "INTERWORKING-SELECTED"], timeout
=15)
1020 raise Exception("Network selection timed out")
1022 if "INTERWORKING-NO-MATCH" in ev
:
1023 raise Exception("Matching AP not found")
1024 if bssid
and only_one
and "INTERWORKING-AP" in ev
and bssid
not in ev
:
1025 raise Exception("Unexpected AP claimed acceptable")
1026 if "INTERWORKING-SELECTED" in ev
:
1027 if bssid
and bssid
not in ev
:
1028 raise Exception("Selected incorrect BSS")
1031 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1033 raise Exception("Connection timed out")
1034 if bssid
and bssid
not in ev
:
1035 raise Exception("Connected to incorrect BSS")
1037 conn_bssid
= dev
.get_status_field("bssid")
1038 if bssid
and conn_bssid
!= bssid
:
1039 raise Exception("bssid information points to incorrect BSS")
1045 def default_cred(domain
=None):
1046 cred
= { 'realm': "example.com",
1047 'username': "hs20-test",
1048 'password': "password" }
1050 cred
['domain'] = domain
1053 def test_ap_hs20_prefer_home(dev
, apdev
):
1054 """Hotspot 2.0 required roaming consortium"""
1055 params
= hs20_ap_params()
1056 params
['domain_name'] = "example.org"
1057 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1059 params
= hs20_ap_params()
1060 params
['ssid'] = "test-hs20-other"
1061 params
['domain_name'] = "example.com"
1062 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1064 values
= default_cred()
1065 values
['domain'] = "example.com"
1066 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1067 values
['domain'] = "example.org"
1068 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1070 def test_ap_hs20_req_roaming_consortium(dev
, apdev
):
1071 """Hotspot 2.0 required roaming consortium"""
1072 params
= hs20_ap_params()
1073 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1075 params
= hs20_ap_params()
1076 params
['ssid'] = "test-hs20-other"
1077 params
['roaming_consortium'] = [ "223344" ]
1078 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1080 values
= default_cred()
1081 values
['required_roaming_consortium'] = "223344"
1082 policy_test(dev
[0], apdev
[1], values
)
1083 values
['required_roaming_consortium'] = "112233"
1084 policy_test(dev
[0], apdev
[0], values
)
1086 id = dev
[0].add_cred()
1087 dev
[0].set_cred(id, "required_roaming_consortium", "112233")
1088 dev
[0].set_cred(id, "required_roaming_consortium", "112233445566778899aabbccddeeff")
1090 for val
in [ "", "1", "11", "1122", "1122334", "112233445566778899aabbccddeeff00" ]:
1091 if "FAIL" not in dev
[0].request('SET_CRED {} required_roaming_consortium {}'.format(id, val
)):
1092 raise Exception("Invalid roaming consortium value accepted: " + val
)
1094 def test_ap_hs20_excluded_ssid(dev
, apdev
):
1095 """Hotspot 2.0 exclusion based on SSID"""
1096 params
= hs20_ap_params()
1097 params
['roaming_consortium'] = [ "223344" ]
1098 params
['anqp_3gpp_cell_net'] = "555,444"
1099 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1101 params
= hs20_ap_params()
1102 params
['ssid'] = "test-hs20-other"
1103 params
['roaming_consortium'] = [ "223344" ]
1104 params
['anqp_3gpp_cell_net'] = "555,444"
1105 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1107 values
= default_cred()
1108 values
['excluded_ssid'] = "test-hs20"
1109 events
= policy_test(dev
[0], apdev
[1], values
)
1110 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1112 raise Exception("Excluded network not reported")
1113 values
['excluded_ssid'] = "test-hs20-other"
1114 events
= policy_test(dev
[0], apdev
[0], values
)
1115 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[1]['bssid'] in e
]
1117 raise Exception("Excluded network not reported")
1119 values
= default_cred()
1120 values
['roaming_consortium'] = "223344"
1121 values
['eap'] = "TTLS"
1122 values
['phase2'] = "auth=MSCHAPV2"
1123 values
['excluded_ssid'] = "test-hs20"
1124 events
= policy_test(dev
[0], apdev
[1], values
)
1125 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1127 raise Exception("Excluded network not reported")
1129 values
= { 'imsi': "555444-333222111", 'eap': "SIM",
1130 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123",
1131 'excluded_ssid': "test-hs20" }
1132 events
= policy_test(dev
[0], apdev
[1], values
)
1133 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
1135 raise Exception("Excluded network not reported")
1137 def test_ap_hs20_roam_to_higher_prio(dev
, apdev
):
1138 """Hotspot 2.0 and roaming from current to higher priority network"""
1139 bssid
= apdev
[0]['bssid']
1140 params
= hs20_ap_params(ssid
="test-hs20-visited")
1141 params
['domain_name'] = "visited.example.org"
1142 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1144 dev
[0].hs20_enable()
1145 id = dev
[0].add_cred_values({ 'realm': "example.com",
1146 'username': "hs20-test",
1147 'password': "password",
1148 'domain': "example.com" })
1149 logger
.info("Connect to the only network option")
1150 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
1151 dev
[0].dump_monitor()
1152 interworking_connect(dev
[0], bssid
, "TTLS")
1154 logger
.info("Start another AP (home operator) and reconnect")
1155 bssid2
= apdev
[1]['bssid']
1156 params
= hs20_ap_params(ssid
="test-hs20-home")
1157 params
['domain_name'] = "example.com"
1158 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1160 dev
[0].scan_for_bss(bssid2
, freq
="2412", force_scan
=True)
1161 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1162 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
1163 "INTERWORKING-ALREADY-CONNECTED",
1164 "CTRL-EVENT-CONNECTED"], timeout
=15)
1166 raise Exception("Connection timed out")
1167 if "INTERWORKING-NO-MATCH" in ev
:
1168 raise Exception("Matching AP not found")
1169 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1170 raise Exception("Unexpected AP selected")
1171 if bssid2
not in ev
:
1172 raise Exception("Unexpected BSSID after reconnection")
1174 def test_ap_hs20_domain_suffix_match(dev
, apdev
):
1175 """Hotspot 2.0 and domain_suffix_match"""
1176 bssid
= apdev
[0]['bssid']
1177 params
= hs20_ap_params()
1178 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1180 dev
[0].hs20_enable()
1181 id = dev
[0].add_cred_values({ 'realm': "example.com",
1182 'username': "hs20-test",
1183 'password': "password",
1184 'domain': "example.com",
1185 'domain_suffix_match': "w1.fi" })
1186 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1187 dev
[0].dump_monitor()
1188 interworking_connect(dev
[0], bssid
, "TTLS")
1189 dev
[0].request("REMOVE_NETWORK all")
1190 dev
[0].dump_monitor()
1192 dev
[0].set_cred_quoted(id, "domain_suffix_match", "no-match.example.com")
1193 interworking_select(dev
[0], bssid
, "home", freq
="2412")
1194 dev
[0].dump_monitor()
1195 dev
[0].request("INTERWORKING_CONNECT " + bssid
)
1196 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"])
1198 raise Exception("TLS certificate error not reported")
1199 if "Domain suffix mismatch" not in ev
:
1200 raise Exception("Domain suffix mismatch not reported")
1202 def test_ap_hs20_roaming_partner_preference(dev
, apdev
):
1203 """Hotspot 2.0 and roaming partner preference"""
1204 params
= hs20_ap_params()
1205 params
['domain_name'] = "roaming.example.org"
1206 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1208 params
= hs20_ap_params()
1209 params
['ssid'] = "test-hs20-other"
1210 params
['domain_name'] = "roaming.example.net"
1211 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1213 logger
.info("Verify default vs. specified preference")
1214 values
= default_cred()
1215 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1216 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1217 values
['roaming_partner'] = "roaming.example.net,1,129,*"
1218 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1220 logger
.info("Verify partial FQDN match")
1221 values
['roaming_partner'] = "example.net,0,0,*"
1222 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1223 values
['roaming_partner'] = "example.net,0,255,*"
1224 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
1226 def test_ap_hs20_max_bss_load(dev
, apdev
):
1227 """Hotspot 2.0 and maximum BSS load"""
1228 params
= hs20_ap_params()
1229 params
['bss_load_test'] = "12:200:20000"
1230 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1232 params
= hs20_ap_params()
1233 params
['ssid'] = "test-hs20-other"
1234 params
['bss_load_test'] = "5:20:10000"
1235 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1237 logger
.info("Verify maximum BSS load constraint")
1238 values
= default_cred()
1239 values
['domain'] = "example.com"
1240 values
['max_bss_load'] = "100"
1241 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1243 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1244 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1245 raise Exception("Maximum BSS Load case not noticed")
1246 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1247 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1248 raise Exception("Maximum BSS Load case reported incorrectly")
1250 logger
.info("Verify maximum BSS load does not prevent connection")
1251 values
['max_bss_load'] = "1"
1252 events
= policy_test(dev
[0], None, values
)
1254 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1255 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1256 raise Exception("Maximum BSS Load case not noticed")
1257 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1258 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1259 raise Exception("Maximum BSS Load case not noticed")
1261 def test_ap_hs20_max_bss_load2(dev
, apdev
):
1262 """Hotspot 2.0 and maximum BSS load with one AP not advertising"""
1263 params
= hs20_ap_params()
1264 params
['bss_load_test'] = "12:200:20000"
1265 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1267 params
= hs20_ap_params()
1268 params
['ssid'] = "test-hs20-other"
1269 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1271 logger
.info("Verify maximum BSS load constraint with AP advertisement")
1272 values
= default_cred()
1273 values
['domain'] = "example.com"
1274 values
['max_bss_load'] = "100"
1275 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
1277 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
1278 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
1279 raise Exception("Maximum BSS Load case not noticed")
1280 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
1281 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
1282 raise Exception("Maximum BSS Load case reported incorrectly")
1284 def test_ap_hs20_multi_cred_sp_prio(dev
, apdev
):
1285 """Hotspot 2.0 multi-cred sp_priority"""
1287 return _test_ap_hs20_multi_cred_sp_prio(dev
, apdev
)
1289 dev
[0].request("SET external_sim 0")
1291 def _test_ap_hs20_multi_cred_sp_prio(dev
, apdev
):
1292 if not hlr_auc_gw_available():
1294 bssid
= apdev
[0]['bssid']
1295 params
= hs20_ap_params()
1296 params
['hessid'] = bssid
1297 del params
['domain_name']
1298 params
['anqp_3gpp_cell_net'] = "232,01"
1299 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1301 dev
[0].hs20_enable()
1302 dev
[0].scan_for_bss(bssid
, freq
="2412")
1303 dev
[0].request("SET external_sim 1")
1304 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1305 'provisioning_sp': "example.com",
1306 'sp_priority' :"1" })
1307 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1308 'username': "hs20-test",
1309 'password': "password",
1310 'domain': "example.com",
1311 'provisioning_sp': "example.com",
1312 'sp_priority': "2" })
1313 dev
[0].dump_monitor()
1314 dev
[0].scan_for_bss(bssid
, freq
="2412")
1315 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1316 interworking_ext_sim_auth(dev
[0], "SIM")
1317 check_sp_type(dev
[0], "unknown")
1318 dev
[0].request("REMOVE_NETWORK all")
1320 dev
[0].set_cred(id1
, "sp_priority", "2")
1321 dev
[0].set_cred(id2
, "sp_priority", "1")
1322 dev
[0].dump_monitor()
1323 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1324 interworking_auth(dev
[0], "TTLS")
1325 check_sp_type(dev
[0], "unknown")
1327 def test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
):
1328 """Hotspot 2.0 multi-cred sp_priority with two BSSes"""
1330 return _test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
)
1332 dev
[0].request("SET external_sim 0")
1334 def _test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
):
1335 if not hlr_auc_gw_available():
1337 bssid
= apdev
[0]['bssid']
1338 params
= hs20_ap_params()
1339 params
['hessid'] = bssid
1340 del params
['nai_realm']
1341 del params
['domain_name']
1342 params
['anqp_3gpp_cell_net'] = "232,01"
1343 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1345 bssid2
= apdev
[1]['bssid']
1346 params
= hs20_ap_params()
1347 params
['ssid'] = "test-hs20-other"
1348 params
['hessid'] = bssid2
1349 del params
['domain_name']
1350 del params
['anqp_3gpp_cell_net']
1351 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1353 dev
[0].hs20_enable()
1354 dev
[0].request("SET external_sim 1")
1355 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1356 'provisioning_sp': "example.com",
1357 'sp_priority': "1" })
1358 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1359 'username': "hs20-test",
1360 'password': "password",
1361 'domain': "example.com",
1362 'provisioning_sp': "example.com",
1363 'sp_priority': "2" })
1364 dev
[0].dump_monitor()
1365 dev
[0].scan_for_bss(bssid
, freq
="2412")
1366 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1367 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1368 interworking_ext_sim_auth(dev
[0], "SIM")
1369 check_sp_type(dev
[0], "unknown")
1370 conn_bssid
= dev
[0].get_status_field("bssid")
1371 if conn_bssid
!= bssid
:
1372 raise Exception("Connected to incorrect BSS")
1373 dev
[0].request("REMOVE_NETWORK all")
1375 dev
[0].set_cred(id1
, "sp_priority", "2")
1376 dev
[0].set_cred(id2
, "sp_priority", "1")
1377 dev
[0].dump_monitor()
1378 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1379 interworking_auth(dev
[0], "TTLS")
1380 check_sp_type(dev
[0], "unknown")
1381 conn_bssid
= dev
[0].get_status_field("bssid")
1382 if conn_bssid
!= bssid2
:
1383 raise Exception("Connected to incorrect BSS")
1385 def check_conn_capab_selection(dev
, type, missing
):
1386 dev
.request("INTERWORKING_SELECT freq=2412")
1387 ev
= dev
.wait_event(["INTERWORKING-AP"])
1389 raise Exception("Network selection timed out");
1390 if "type=" + type not in ev
:
1391 raise Exception("Unexpected network type")
1392 if missing
and "conn_capab_missing=1" not in ev
:
1393 raise Exception("conn_capab_missing not reported")
1394 if not missing
and "conn_capab_missing=1" in ev
:
1395 raise Exception("conn_capab_missing reported unexpectedly")
1397 def conn_capab_cred(domain
=None, req_conn_capab
=None):
1398 cred
= default_cred(domain
=domain
)
1400 cred
['req_conn_capab'] = req_conn_capab
1403 def test_ap_hs20_req_conn_capab(dev
, apdev
):
1404 """Hotspot 2.0 network selection with req_conn_capab"""
1405 bssid
= apdev
[0]['bssid']
1406 params
= hs20_ap_params()
1407 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1409 dev
[0].hs20_enable()
1410 dev
[0].scan_for_bss(bssid
, freq
="2412")
1411 logger
.info("Not used in home network")
1412 values
= conn_capab_cred(domain
="example.com", req_conn_capab
="6:1234")
1413 id = dev
[0].add_cred_values(values
)
1414 check_conn_capab_selection(dev
[0], "home", False)
1416 logger
.info("Used in roaming network")
1417 dev
[0].remove_cred(id)
1418 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="6:1234")
1419 id = dev
[0].add_cred_values(values
)
1420 check_conn_capab_selection(dev
[0], "roaming", True)
1422 logger
.info("Verify that req_conn_capab does not prevent connection if no other network is available")
1423 check_auto_select(dev
[0], bssid
)
1425 logger
.info("Additional req_conn_capab checks")
1427 dev
[0].remove_cred(id)
1428 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="1:0")
1429 id = dev
[0].add_cred_values(values
)
1430 check_conn_capab_selection(dev
[0], "roaming", True)
1432 dev
[0].remove_cred(id)
1433 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="17:5060")
1434 id = dev
[0].add_cred_values(values
)
1435 check_conn_capab_selection(dev
[0], "roaming", True)
1437 bssid2
= apdev
[1]['bssid']
1438 params
= hs20_ap_params(ssid
="test-hs20b")
1439 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1440 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1442 dev
[0].remove_cred(id)
1443 values
= conn_capab_cred(domain
="example.org", req_conn_capab
="50")
1444 id = dev
[0].add_cred_values(values
)
1445 dev
[0].set_cred(id, "req_conn_capab", "6:22")
1446 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1447 dev
[0].request("INTERWORKING_SELECT freq=2412")
1448 for i
in range(0, 2):
1449 ev
= dev
[0].wait_event(["INTERWORKING-AP"])
1451 raise Exception("Network selection timed out");
1452 if bssid
in ev
and "conn_capab_missing=1" not in ev
:
1453 raise Exception("Missing protocol connection capability not reported")
1454 if bssid2
in ev
and "conn_capab_missing=1" in ev
:
1455 raise Exception("Protocol connection capability not reported correctly")
1457 def test_ap_hs20_req_conn_capab_and_roaming_partner_preference(dev
, apdev
):
1458 """Hotspot 2.0 and req_conn_capab with roaming partner preference"""
1459 bssid
= apdev
[0]['bssid']
1460 params
= hs20_ap_params()
1461 params
['domain_name'] = "roaming.example.org"
1462 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0", "50:0:1" ]
1463 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1465 bssid2
= apdev
[1]['bssid']
1466 params
= hs20_ap_params(ssid
="test-hs20-b")
1467 params
['domain_name'] = "roaming.example.net"
1468 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1470 values
= default_cred()
1471 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1472 id = dev
[0].add_cred_values(values
)
1473 check_auto_select(dev
[0], bssid2
)
1475 dev
[0].set_cred(id, "req_conn_capab", "50")
1476 check_auto_select(dev
[0], bssid
)
1478 dev
[0].remove_cred(id)
1479 id = dev
[0].add_cred_values(values
)
1480 dev
[0].set_cred(id, "req_conn_capab", "51")
1481 check_auto_select(dev
[0], bssid2
)
1483 def check_bandwidth_selection(dev
, type, below
):
1484 dev
.request("INTERWORKING_SELECT freq=2412")
1485 ev
= dev
.wait_event(["INTERWORKING-AP"])
1487 raise Exception("Network selection timed out");
1488 if "type=" + type not in ev
:
1489 raise Exception("Unexpected network type")
1490 if below
and "below_min_backhaul=1" not in ev
:
1491 raise Exception("below_min_backhaul not reported")
1492 if not below
and "below_min_backhaul=1" in ev
:
1493 raise Exception("below_min_backhaul reported unexpectedly")
1495 def bw_cred(domain
=None, dl_home
=None, ul_home
=None, dl_roaming
=None, ul_roaming
=None):
1496 cred
= default_cred(domain
=domain
)
1498 cred
['min_dl_bandwidth_home'] = str(dl_home
)
1500 cred
['min_ul_bandwidth_home'] = str(ul_home
)
1502 cred
['min_dl_bandwidth_roaming'] = str(dl_roaming
)
1504 cred
['min_ul_bandwidth_roaming'] = str(ul_roaming
)
1507 def test_ap_hs20_min_bandwidth_home(dev
, apdev
):
1508 """Hotspot 2.0 network selection with min bandwidth (home)"""
1509 bssid
= apdev
[0]['bssid']
1510 params
= hs20_ap_params()
1511 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1513 dev
[0].hs20_enable()
1514 dev
[0].scan_for_bss(bssid
, freq
="2412")
1515 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=58)
1516 id = dev
[0].add_cred_values(values
)
1517 check_bandwidth_selection(dev
[0], "home", False)
1518 dev
[0].remove_cred(id)
1520 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=58)
1521 id = dev
[0].add_cred_values(values
)
1522 check_bandwidth_selection(dev
[0], "home", True)
1523 dev
[0].remove_cred(id)
1525 values
= bw_cred(domain
="example.com", dl_home
=5490, ul_home
=59)
1526 id = dev
[0].add_cred_values(values
)
1527 check_bandwidth_selection(dev
[0], "home", True)
1528 dev
[0].remove_cred(id)
1530 values
= bw_cred(domain
="example.com", dl_home
=5491, ul_home
=59)
1531 id = dev
[0].add_cred_values(values
)
1532 check_bandwidth_selection(dev
[0], "home", True)
1533 check_auto_select(dev
[0], bssid
)
1535 bssid2
= apdev
[1]['bssid']
1536 params
= hs20_ap_params(ssid
="test-hs20-b")
1537 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1538 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1540 check_auto_select(dev
[0], bssid2
)
1542 def test_ap_hs20_min_bandwidth_roaming(dev
, apdev
):
1543 """Hotspot 2.0 network selection with min bandwidth (roaming)"""
1544 bssid
= apdev
[0]['bssid']
1545 params
= hs20_ap_params()
1546 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1548 dev
[0].hs20_enable()
1549 dev
[0].scan_for_bss(bssid
, freq
="2412")
1550 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=58)
1551 id = dev
[0].add_cred_values(values
)
1552 check_bandwidth_selection(dev
[0], "roaming", False)
1553 dev
[0].remove_cred(id)
1555 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=58)
1556 id = dev
[0].add_cred_values(values
)
1557 check_bandwidth_selection(dev
[0], "roaming", True)
1558 dev
[0].remove_cred(id)
1560 values
= bw_cred(domain
="example.org", dl_roaming
=5490, ul_roaming
=59)
1561 id = dev
[0].add_cred_values(values
)
1562 check_bandwidth_selection(dev
[0], "roaming", True)
1563 dev
[0].remove_cred(id)
1565 values
= bw_cred(domain
="example.org", dl_roaming
=5491, ul_roaming
=59)
1566 id = dev
[0].add_cred_values(values
)
1567 check_bandwidth_selection(dev
[0], "roaming", True)
1568 check_auto_select(dev
[0], bssid
)
1570 bssid2
= apdev
[1]['bssid']
1571 params
= hs20_ap_params(ssid
="test-hs20-b")
1572 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1573 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1575 check_auto_select(dev
[0], bssid2
)
1577 def test_ap_hs20_min_bandwidth_and_roaming_partner_preference(dev
, apdev
):
1578 """Hotspot 2.0 and minimum bandwidth with roaming partner preference"""
1579 bssid
= apdev
[0]['bssid']
1580 params
= hs20_ap_params()
1581 params
['domain_name'] = "roaming.example.org"
1582 params
['hs20_wan_metrics'] = "01:8000:1000:1:1:3000"
1583 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1585 bssid2
= apdev
[1]['bssid']
1586 params
= hs20_ap_params(ssid
="test-hs20-b")
1587 params
['domain_name'] = "roaming.example.net"
1588 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1590 values
= default_cred()
1591 values
['roaming_partner'] = "roaming.example.net,1,127,*"
1592 id = dev
[0].add_cred_values(values
)
1593 check_auto_select(dev
[0], bssid2
)
1595 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "6000")
1596 check_auto_select(dev
[0], bssid
)
1598 dev
[0].set_cred(id, "min_dl_bandwidth_roaming", "10000")
1599 check_auto_select(dev
[0], bssid2
)
1601 def test_ap_hs20_min_bandwidth_no_wan_metrics(dev
, apdev
):
1602 """Hotspot 2.0 network selection with min bandwidth but no WAN Metrics"""
1603 bssid
= apdev
[0]['bssid']
1604 params
= hs20_ap_params()
1605 del params
['hs20_wan_metrics']
1606 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1608 dev
[0].hs20_enable()
1609 dev
[0].scan_for_bss(bssid
, freq
="2412")
1610 values
= bw_cred(domain
="example.com", dl_home
=10000, ul_home
=10000,
1611 dl_roaming
=10000, ul_roaming
=10000)
1612 dev
[0].add_cred_values(values
)
1613 check_bandwidth_selection(dev
[0], "home", False)
1615 def test_ap_hs20_deauth_req_ess(dev
, apdev
):
1616 """Hotspot 2.0 connection and deauthentication request for ESS"""
1618 _test_ap_hs20_deauth_req_ess(dev
, apdev
)
1620 dev
[0].request("SET pmf 0")
1622 def _test_ap_hs20_deauth_req_ess(dev
, apdev
):
1623 dev
[0].request("SET pmf 2")
1624 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1625 dev
[0].dump_monitor()
1626 addr
= dev
[0].p2p_interface_addr()
1627 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1628 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 1 120 http://example.com/")
1629 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1631 raise Exception("Timeout on deauth imminent notice")
1632 if "1 120 http://example.com/" not in ev
:
1633 raise Exception("Unexpected deauth imminent notice: " + ev
)
1634 hapd
.request("DEAUTHENTICATE " + addr
)
1635 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1637 raise Exception("Timeout on disconnection")
1638 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1639 raise Exception("Network not marked temporarily disabled")
1640 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1641 "Trying to associate",
1642 "CTRL-EVENT-CONNECTED"], timeout
=5)
1644 raise Exception("Unexpected connection attempt")
1646 def test_ap_hs20_deauth_req_bss(dev
, apdev
):
1647 """Hotspot 2.0 connection and deauthentication request for BSS"""
1649 _test_ap_hs20_deauth_req_bss(dev
, apdev
)
1651 dev
[0].request("SET pmf 0")
1653 def _test_ap_hs20_deauth_req_bss(dev
, apdev
):
1654 dev
[0].request("SET pmf 2")
1655 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1656 dev
[0].dump_monitor()
1657 addr
= dev
[0].p2p_interface_addr()
1658 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1659 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 0 120 http://example.com/")
1660 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1662 raise Exception("Timeout on deauth imminent notice")
1663 if "0 120 http://example.com/" not in ev
:
1664 raise Exception("Unexpected deauth imminent notice: " + ev
)
1665 hapd
.request("DEAUTHENTICATE " + addr
+ " reason=4")
1666 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1668 raise Exception("Timeout on disconnection")
1669 if "reason=4" not in ev
:
1670 raise Exception("Unexpected disconnection reason")
1671 if "[TEMP-DISABLED]" not in dev
[0].list_networks()[0]['flags']:
1672 raise Exception("Network not marked temporarily disabled")
1673 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1674 "Trying to associate",
1675 "CTRL-EVENT-CONNECTED"], timeout
=5)
1677 raise Exception("Unexpected connection attempt")
1679 def test_ap_hs20_deauth_req_from_radius(dev
, apdev
):
1680 """Hotspot 2.0 connection and deauthentication request from RADIUS"""
1682 _test_ap_hs20_deauth_req_from_radius(dev
, apdev
)
1684 dev
[0].request("SET pmf 0")
1686 def _test_ap_hs20_deauth_req_from_radius(dev
, apdev
):
1687 bssid
= apdev
[0]['bssid']
1688 params
= hs20_ap_params()
1689 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1690 params
['hs20_deauth_req_timeout'] = "2"
1691 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1693 dev
[0].request("SET pmf 2")
1694 dev
[0].hs20_enable()
1695 dev
[0].add_cred_values({ 'realm': "example.com",
1696 'username': "hs20-deauth-test",
1697 'password': "password" })
1698 interworking_select(dev
[0], bssid
, freq
="2412")
1699 interworking_connect(dev
[0], bssid
, "TTLS")
1700 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"], timeout
=5)
1702 raise Exception("Timeout on deauth imminent notice")
1703 if " 1 100" not in ev
:
1704 raise Exception("Unexpected deauth imminent contents")
1705 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout
=3)
1707 raise Exception("Timeout on disconnection")
1709 def test_ap_hs20_remediation_required(dev
, apdev
):
1710 """Hotspot 2.0 connection and remediation required from RADIUS"""
1712 _test_ap_hs20_remediation_required(dev
, apdev
)
1714 dev
[0].request("SET pmf 0")
1716 def _test_ap_hs20_remediation_required(dev
, apdev
):
1717 bssid
= apdev
[0]['bssid']
1718 params
= hs20_ap_params()
1719 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1720 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1722 dev
[0].request("SET pmf 1")
1723 dev
[0].hs20_enable()
1724 dev
[0].add_cred_values({ 'realm': "example.com",
1725 'username': "hs20-subrem-test",
1726 'password': "password" })
1727 interworking_select(dev
[0], bssid
, freq
="2412")
1728 interworking_connect(dev
[0], bssid
, "TTLS")
1729 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1731 raise Exception("Timeout on subscription remediation notice")
1732 if " 1 https://example.com/" not in ev
:
1733 raise Exception("Unexpected subscription remediation event contents")
1735 def test_ap_hs20_remediation_required_ctrl(dev
, apdev
):
1736 """Hotspot 2.0 connection and subrem from ctrl_iface"""
1738 _test_ap_hs20_remediation_required_ctrl(dev
, apdev
)
1740 dev
[0].request("SET pmf 0")
1742 def _test_ap_hs20_remediation_required_ctrl(dev
, apdev
):
1743 bssid
= apdev
[0]['bssid']
1744 addr
= dev
[0].p2p_dev_addr()
1745 params
= hs20_ap_params()
1746 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1747 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
1749 dev
[0].request("SET pmf 1")
1750 dev
[0].hs20_enable()
1751 dev
[0].add_cred_values(default_cred())
1752 interworking_select(dev
[0], bssid
, freq
="2412")
1753 interworking_connect(dev
[0], bssid
, "TTLS")
1755 hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://example.com/")
1756 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1758 raise Exception("Timeout on subscription remediation notice")
1759 if " 1 https://example.com/" not in ev
:
1760 raise Exception("Unexpected subscription remediation event contents")
1762 hapd
.request("HS20_WNM_NOTIF " + addr
)
1763 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
1765 raise Exception("Timeout on subscription remediation notice")
1766 if not ev
.endswith("HS20-SUBSCRIPTION-REMEDIATION "):
1767 raise Exception("Unexpected subscription remediation event contents: " + ev
)
1769 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF "):
1770 raise Exception("Unexpected HS20_WNM_NOTIF success")
1771 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF foo"):
1772 raise Exception("Unexpected HS20_WNM_NOTIF success")
1773 if "FAIL" not in hapd
.request("HS20_WNM_NOTIF " + addr
+ " https://12345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678923456789842345678456783456712345678927.very.long.example.com/"):
1774 raise Exception("Unexpected HS20_WNM_NOTIF success")
1776 def test_ap_hs20_session_info(dev
, apdev
):
1777 """Hotspot 2.0 connection and session information from RADIUS"""
1779 _test_ap_hs20_session_info(dev
, apdev
)
1781 dev
[0].request("SET pmf 0")
1783 def _test_ap_hs20_session_info(dev
, apdev
):
1784 bssid
= apdev
[0]['bssid']
1785 params
= hs20_ap_params()
1786 params
['nai_realm'] = [ "0,example.com,21[2:4]" ]
1787 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1789 dev
[0].request("SET pmf 1")
1790 dev
[0].hs20_enable()
1791 dev
[0].add_cred_values({ 'realm': "example.com",
1792 'username': "hs20-session-info-test",
1793 'password': "password" })
1794 interworking_select(dev
[0], bssid
, freq
="2412")
1795 interworking_connect(dev
[0], bssid
, "TTLS")
1796 ev
= dev
[0].wait_event(["ESS-DISASSOC-IMMINENT"], timeout
=10)
1798 raise Exception("Timeout on ESS disassociation imminent notice")
1799 if " 1 59904 https://example.com/" not in ev
:
1800 raise Exception("Unexpected ESS disassociation imminent event contents")
1801 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-STARTED"])
1803 raise Exception("Scan not started")
1804 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=30)
1806 raise Exception("Scan not completed")
1808 def test_ap_hs20_osen(dev
, apdev
):
1809 """Hotspot 2.0 OSEN connection"""
1810 params
= { 'ssid': "osen",
1812 'auth_server_addr': "127.0.0.1",
1813 'auth_server_port': "1812",
1814 'auth_server_shared_secret': "radius" }
1815 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1817 dev
[1].connect("osen", key_mgmt
="NONE", scan_freq
="2412",
1819 dev
[2].connect("osen", key_mgmt
="NONE", wep_key0
='"hello"',
1820 scan_freq
="2412", wait_connect
=False)
1821 dev
[0].connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1822 group
="GTK_NOT_USED",
1823 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1824 ca_cert
="auth_serv/ca.pem",
1827 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
1828 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
1829 wpas
.connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1830 group
="GTK_NOT_USED",
1831 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1832 ca_cert
="auth_serv/ca.pem",
1834 wpas
.request("DISCONNECT")
1836 def test_ap_hs20_network_preference(dev
, apdev
):
1837 """Hotspot 2.0 network selection with preferred home network"""
1838 bssid
= apdev
[0]['bssid']
1839 params
= hs20_ap_params()
1840 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1842 dev
[0].hs20_enable()
1843 values
= { 'realm': "example.com",
1844 'username': "hs20-test",
1845 'password': "password",
1846 'domain': "example.com" }
1847 dev
[0].add_cred_values(values
)
1849 id = dev
[0].add_network()
1850 dev
[0].set_network_quoted(id, "ssid", "home")
1851 dev
[0].set_network_quoted(id, "psk", "12345678")
1852 dev
[0].set_network(id, "priority", "1")
1853 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1855 dev
[0].scan_for_bss(bssid
, freq
="2412")
1856 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1857 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1859 raise Exception("Connection timed out")
1861 raise Exception("Unexpected network selected")
1863 bssid2
= apdev
[1]['bssid']
1864 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1865 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1867 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1868 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1869 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1870 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1872 raise Exception("Connection timed out")
1873 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1874 raise Exception("No roam to higher priority network")
1875 if bssid2
not in ev
:
1876 raise Exception("Unexpected network selected")
1878 def test_ap_hs20_network_preference2(dev
, apdev
):
1879 """Hotspot 2.0 network selection with preferred credential"""
1880 bssid2
= apdev
[1]['bssid']
1881 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1882 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1884 dev
[0].hs20_enable()
1885 values
= { 'realm': "example.com",
1886 'username': "hs20-test",
1887 'password': "password",
1888 'domain': "example.com",
1890 dev
[0].add_cred_values(values
)
1892 id = dev
[0].add_network()
1893 dev
[0].set_network_quoted(id, "ssid", "home")
1894 dev
[0].set_network_quoted(id, "psk", "12345678")
1895 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1897 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1898 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1899 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1901 raise Exception("Connection timed out")
1902 if bssid2
not in ev
:
1903 raise Exception("Unexpected network selected")
1905 bssid
= apdev
[0]['bssid']
1906 params
= hs20_ap_params()
1907 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1909 dev
[0].scan_for_bss(bssid
, freq
="2412")
1910 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1911 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1912 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1914 raise Exception("Connection timed out")
1915 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1916 raise Exception("No roam to higher priority network")
1918 raise Exception("Unexpected network selected")
1920 def test_ap_hs20_network_preference3(dev
, apdev
):
1921 """Hotspot 2.0 network selection with two credential (one preferred)"""
1922 bssid
= apdev
[0]['bssid']
1923 params
= hs20_ap_params()
1924 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1926 bssid2
= apdev
[1]['bssid']
1927 params
= hs20_ap_params(ssid
="test-hs20b")
1928 params
['nai_realm'] = "0,example.org,13[5:6],21[2:4][5:7]"
1929 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1931 dev
[0].hs20_enable()
1932 values
= { 'realm': "example.com",
1933 'username': "hs20-test",
1934 'password': "password",
1936 dev
[0].add_cred_values(values
)
1937 values
= { 'realm': "example.org",
1938 'username': "hs20-test",
1939 'password': "password" }
1940 id = dev
[0].add_cred_values(values
)
1942 dev
[0].scan_for_bss(bssid
, freq
="2412")
1943 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1944 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1945 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1947 raise Exception("Connection timed out")
1949 raise Exception("Unexpected network selected")
1951 dev
[0].set_cred(id, "priority", "2")
1952 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1953 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1954 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1956 raise Exception("Connection timed out")
1957 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1958 raise Exception("No roam to higher priority network")
1959 if bssid2
not in ev
:
1960 raise Exception("Unexpected network selected")
1962 def test_ap_hs20_network_preference4(dev
, apdev
):
1963 """Hotspot 2.0 network selection with username vs. SIM credential"""
1964 bssid
= apdev
[0]['bssid']
1965 params
= hs20_ap_params()
1966 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1968 bssid2
= apdev
[1]['bssid']
1969 params
= hs20_ap_params(ssid
="test-hs20b")
1970 params
['hessid'] = bssid2
1971 params
['anqp_3gpp_cell_net'] = "555,444"
1972 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
1973 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1975 dev
[0].hs20_enable()
1976 values
= { 'realm': "example.com",
1977 'username': "hs20-test",
1978 'password': "password",
1980 dev
[0].add_cred_values(values
)
1981 values
= { 'imsi': "555444-333222111",
1983 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123" }
1984 id = dev
[0].add_cred_values(values
)
1986 dev
[0].scan_for_bss(bssid
, freq
="2412")
1987 dev
[0].scan_for_bss(bssid2
, freq
="2412")
1988 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1989 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1991 raise Exception("Connection timed out")
1993 raise Exception("Unexpected network selected")
1995 dev
[0].set_cred(id, "priority", "2")
1996 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1997 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1998 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
2000 raise Exception("Connection timed out")
2001 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
2002 raise Exception("No roam to higher priority network")
2003 if bssid2
not in ev
:
2004 raise Exception("Unexpected network selected")
2006 def test_ap_hs20_fetch_osu(dev
, apdev
):
2007 """Hotspot 2.0 OSU provider and icon fetch"""
2008 bssid
= apdev
[0]['bssid']
2009 params
= hs20_ap_params()
2010 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
2011 params
['osu_ssid'] = '"HS 2.0 OSU open"'
2012 params
['osu_method_list'] = "1"
2013 params
['osu_friendly_name'] = [ "eng:Test OSU", "fin:Testi-OSU" ]
2014 params
['osu_icon'] = "w1fi_logo"
2015 params
['osu_service_desc'] = [ "eng:Example services", "fin:Esimerkkipalveluja" ]
2016 params
['osu_server_uri'] = "https://example.com/osu/"
2017 hostapd
.add_ap(apdev
[0]['ifname'], params
)
2019 bssid2
= apdev
[1]['bssid']
2020 params
= hs20_ap_params(ssid
="test-hs20b")
2021 params
['hessid'] = bssid2
2022 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
2023 params
['osu_ssid'] = '"HS 2.0 OSU OSEN"'
2024 params
['osu_method_list'] = "0"
2025 params
['osu_nai'] = "osen@example.com"
2026 params
['osu_friendly_name'] = [ "eng:Test2 OSU", "fin:Testi2-OSU" ]
2027 params
['osu_icon'] = "w1fi_logo"
2028 params
['osu_service_desc'] = [ "eng:Example services2", "fin:Esimerkkipalveluja2" ]
2029 params
['osu_server_uri'] = "https://example.org/osu/"
2030 hostapd
.add_ap(apdev
[1]['ifname'], params
)
2032 with
open("w1fi_logo.png", "r") as f
:
2033 orig_logo
= f
.read()
2034 dev
[0].hs20_enable()
2035 dir = "/tmp/osu-fetch"
2036 if os
.path
.isdir(dir):
2037 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
2039 os
.remove(dir + "/" + f
)
2046 dev
[1].scan_for_bss(bssid
, freq
="2412")
2047 dev
[0].request("SET osu_dir " + dir)
2048 dev
[0].request("FETCH_OSU")
2049 if "FAIL" not in dev
[1].request("HS20_ICON_REQUEST foo w1fi_logo"):
2050 raise Exception("Invalid HS20_ICON_REQUEST accepted")
2051 if "OK" not in dev
[1].request("HS20_ICON_REQUEST " + bssid
+ " w1fi_logo"):
2052 raise Exception("HS20_ICON_REQUEST failed")
2055 ev
= dev
[0].wait_event(["OSU provider fetch completed",
2056 "RX-HS20-ANQP-ICON"], timeout
=15)
2058 raise Exception("Timeout on OSU fetch")
2059 if "OSU provider fetch completed" in ev
:
2061 if "RX-HS20-ANQP-ICON" in ev
:
2062 with
open(ev
.split(' ')[1], "r") as f
:
2064 if logo
== orig_logo
:
2067 with
open(dir + "/osu-providers.txt", "r") as f
:
2069 if "OSU-PROVIDER " + bssid
not in prov
:
2070 raise Exception("Missing OSU_PROVIDER")
2071 if "OSU-PROVIDER " + bssid2
not in prov
:
2072 raise Exception("Missing OSU_PROVIDER")
2074 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
2076 os
.remove(dir + "/" + f
)
2080 raise Exception("Unexpected number of icons fetched")
2082 ev
= dev
[1].wait_event(["GAS-QUERY-START"], timeout
=5)
2084 raise Exception("Timeout on GAS-QUERY-DONE")
2085 ev
= dev
[1].wait_event(["GAS-QUERY-DONE"], timeout
=5)
2087 raise Exception("Timeout on GAS-QUERY-DONE")
2088 if "freq=2412 status_code=0 result=SUCCESS" not in ev
:
2089 raise Exception("Unexpected GAS-QUERY-DONE: " + ev
)
2090 ev
= dev
[1].wait_event(["RX-HS20-ANQP"], timeout
=15)
2092 raise Exception("Timeout on icon fetch")
2093 if "Icon Binary File" not in ev
:
2094 raise Exception("Unexpected ANQP element")
2096 def test_ap_hs20_fetch_osu_stop(dev
, apdev
):
2097 """Hotspot 2.0 OSU provider fetch stopped"""
2098 bssid
= apdev
[0]['bssid']
2099 params
= hs20_ap_params()
2100 params
['hs20_icon'] = "128:80:zxx:image/png:w1fi_logo:w1fi_logo.png"
2101 params
['osu_ssid'] = '"HS 2.0 OSU open"'
2102 params
['osu_method_list'] = "1"
2103 params
['osu_friendly_name'] = [ "eng:Test OSU", "fin:Testi-OSU" ]
2104 params
['osu_icon'] = "w1fi_logo"
2105 params
['osu_service_desc'] = [ "eng:Example services", "fin:Esimerkkipalveluja" ]
2106 params
['osu_server_uri'] = "https://example.com/osu/"
2107 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
2109 dev
[0].hs20_enable()
2110 dir = "/tmp/osu-fetch"
2111 if os
.path
.isdir(dir):
2112 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
2114 os
.remove(dir + "/" + f
)
2121 dev
[0].request("SET osu_dir " + dir)
2122 dev
[0].request("SCAN freq=2412-2462")
2123 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-STARTED"], timeout
=10)
2125 raise Exception("Scan did not start")
2126 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2127 raise Exception("FETCH_OSU accepted while scanning")
2128 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 10)
2130 raise Exception("Scan timed out")
2131 hapd
.set("ext_mgmt_frame_handling", "1")
2132 dev
[0].request("FETCH_ANQP")
2133 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2134 raise Exception("FETCH_OSU accepted while in FETCH_ANQP")
2135 dev
[0].request("STOP_FETCH_ANQP")
2136 dev
[0].wait_event(["GAS-QUERY-DONE"], timeout
=5)
2137 dev
[0].dump_monitor()
2139 dev
[0].request("INTERWORKING_SELECT freq=2412")
2141 msg
= hapd
.mgmt_rx()
2142 if msg
['subtype'] == 13:
2144 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2145 raise Exception("FETCH_OSU accepted while in INTERWORKING_SELECT")
2146 ev
= dev
[0].wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
2149 raise Exception("Network selection timed out");
2151 dev
[0].dump_monitor()
2152 if "OK" not in dev
[0].request("FETCH_OSU"):
2153 raise Exception("FETCH_OSU failed")
2154 dev
[0].request("CANCEL_FETCH_OSU")
2158 if dev
[0].get_driver_status_field("scan_state") == "SCAN_COMPLETED":
2161 dev
[0].dump_monitor()
2162 if "OK" not in dev
[0].request("FETCH_OSU"):
2163 raise Exception("FETCH_OSU failed")
2164 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2165 raise Exception("FETCH_OSU accepted while in FETCH_OSU")
2166 ev
= dev
[0].wait_event(["GAS-QUERY-START"], 10)
2168 raise Exception("GAS timed out")
2169 if "FAIL" not in dev
[0].request("FETCH_OSU"):
2170 raise Exception("FETCH_OSU accepted while in FETCH_OSU")
2171 dev
[0].request("CANCEL_FETCH_OSU")
2172 ev
= dev
[0].wait_event(["GAS-QUERY-DONE"], 10)
2174 raise Exception("GAS event timed out after CANCEL_FETCH_OSU")
2176 files
= [ f
for f
in os
.listdir(dir) if f
.startswith("osu-") ]
2178 os
.remove(dir + "/" + f
)
2181 def test_ap_hs20_ft(dev
, apdev
):
2182 """Hotspot 2.0 connection with FT"""
2183 bssid
= apdev
[0]['bssid']
2184 params
= hs20_ap_params()
2185 params
['wpa_key_mgmt'] = "FT-EAP"
2186 params
['nas_identifier'] = "nas1.w1.fi"
2187 params
['r1_key_holder'] = "000102030405"
2188 params
["mobility_domain"] = "a1b2"
2189 params
["reassociation_deadline"] = "1000"
2190 hostapd
.add_ap(apdev
[0]['ifname'], params
)
2192 dev
[0].hs20_enable()
2193 id = dev
[0].add_cred_values({ 'realm': "example.com",
2194 'username': "hs20-test",
2195 'password': "password",
2196 'ca_cert': "auth_serv/ca.pem",
2197 'domain': "example.com",
2198 'update_identifier': "1234" })
2199 interworking_select(dev
[0], bssid
, "home", freq
="2412")
2200 interworking_connect(dev
[0], bssid
, "TTLS")
2202 def test_ap_hs20_remediation_sql(dev
, apdev
, params
):
2203 """Hotspot 2.0 connection and remediation required using SQLite for user DB"""
2208 dbfile
= os
.path
.join(params
['logdir'], "eap-user.db")
2213 con
= sqlite3
.connect(dbfile
)
2216 cur
.execute("CREATE TABLE users(identity TEXT PRIMARY KEY, methods TEXT, password TEXT, remediation TEXT, phase2 INTEGER)")
2217 cur
.execute("CREATE TABLE wildcards(identity TEXT PRIMARY KEY, methods TEXT)")
2218 cur
.execute("INSERT INTO users(identity,methods,password,phase2,remediation) VALUES ('user-mschapv2','TTLS-MSCHAPV2','password',1,'user')")
2219 cur
.execute("INSERT INTO wildcards(identity,methods) VALUES ('','TTLS,TLS')")
2220 cur
.execute("CREATE TABLE authlog(timestamp TEXT, session TEXT, nas_ip TEXT, username TEXT, note TEXT)")
2223 params
= { "ssid": "as", "beacon_int": "2000",
2224 "radius_server_clients": "auth_serv/radius_clients.conf",
2225 "radius_server_auth_port": '18128',
2227 "eap_user_file": "sqlite:" + dbfile
,
2228 "ca_cert": "auth_serv/ca.pem",
2229 "server_cert": "auth_serv/server.pem",
2230 "private_key": "auth_serv/server.key",
2231 "subscr_remediation_url": "https://example.org/",
2232 "subscr_remediation_method": "1" }
2233 hostapd
.add_ap(apdev
[1]['ifname'], params
)
2235 bssid
= apdev
[0]['bssid']
2236 params
= hs20_ap_params()
2237 params
['auth_server_port'] = "18128"
2238 hostapd
.add_ap(apdev
[0]['ifname'], params
)
2240 dev
[0].request("SET pmf 1")
2241 dev
[0].hs20_enable()
2242 id = dev
[0].add_cred_values({ 'realm': "example.com",
2243 'username': "user-mschapv2",
2244 'password': "password",
2245 'ca_cert': "auth_serv/ca.pem" })
2246 interworking_select(dev
[0], bssid
, freq
="2412")
2247 interworking_connect(dev
[0], bssid
, "TTLS")
2248 ev
= dev
[0].wait_event(["HS20-SUBSCRIPTION-REMEDIATION"], timeout
=5)
2250 raise Exception("Timeout on subscription remediation notice")
2251 if " 1 https://example.org/" not in ev
:
2252 raise Exception("Unexpected subscription remediation event contents")
2256 cur
.execute("SELECT * from authlog")
2257 rows
= cur
.fetchall()
2259 raise Exception("No authlog entries")
2263 dev
[0].request("SET pmf 0")
2265 def test_ap_hs20_external_selection(dev
, apdev
):
2266 """Hotspot 2.0 connection using external network selection and creation"""
2267 bssid
= apdev
[0]['bssid']
2268 params
= hs20_ap_params()
2269 params
['hessid'] = bssid
2270 params
['disable_dgaf'] = '1'
2271 hostapd
.add_ap(apdev
[0]['ifname'], params
)
2273 dev
[0].hs20_enable()
2274 dev
[0].connect("test-hs20", proto
="RSN", key_mgmt
="WPA-EAP", eap
="TTLS",
2275 identity
="hs20-test", password
="password",
2276 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
2277 scan_freq
="2412", update_identifier
="54321")
2278 if dev
[0].get_status_field("hs20") != "2":
2279 raise Exception("Unexpected hs20 indication")
2281 def test_ap_hs20_random_mac_addr(dev
, apdev
):
2282 """Hotspot 2.0 connection with random MAC address"""
2283 bssid
= apdev
[0]['bssid']
2284 params
= hs20_ap_params()
2285 params
['hessid'] = bssid
2286 params
['disable_dgaf'] = '1'
2287 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
2289 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
2290 wpas
.interface_add("wlan5")
2291 addr
= wpas
.p2p_interface_addr()
2292 wpas
.request("SET mac_addr 1")
2293 wpas
.request("SET preassoc_mac_addr 1")
2294 wpas
.request("SET rand_addr_lifetime 60")
2296 wpas
.flush_scan_cache()
2297 id = wpas
.add_cred_values({ 'realm': "example.com",
2298 'username': "hs20-test",
2299 'password': "password",
2300 'ca_cert': "auth_serv/ca.pem",
2301 'domain': "example.com",
2302 'update_identifier': "1234" })
2303 interworking_select(wpas
, bssid
, "home", freq
="2412")
2304 interworking_connect(wpas
, bssid
, "TTLS")
2305 addr1
= wpas
.get_driver_status_field("addr")
2307 raise Exception("Did not use random MAC address")
2309 sta
= hapd
.get_sta(addr
)
2310 if sta
['addr'] != "FAIL":
2311 raise Exception("Unexpected STA association with permanent address")
2312 sta
= hapd
.get_sta(addr1
)
2313 if sta
['addr'] != addr1
:
2314 raise Exception("STA association with random address not found")
2316 def test_ap_hs20_multi_network_and_cred_removal(dev
, apdev
):
2317 """Multiple networks and cred removal"""
2318 bssid
= apdev
[0]['bssid']
2319 params
= hs20_ap_params()
2320 params
['nai_realm'] = [ "0,example.com,25[3:26]"]
2321 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
2323 dev
[0].add_network()
2324 dev
[0].hs20_enable()
2325 id = dev
[0].add_cred_values({ 'realm': "example.com",
2327 'password': "password" })
2328 interworking_select(dev
[0], bssid
, freq
="2412")
2329 interworking_connect(dev
[0], bssid
, "PEAP")
2330 dev
[0].add_network()
2332 dev
[0].request("DISCONNECT")
2333 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
2335 raise Exception("Timeout on disconnection")
2338 hapd
.set("ssid", "another ssid")
2341 interworking_select(dev
[0], bssid
, freq
="2412")
2342 interworking_connect(dev
[0], bssid
, "PEAP")
2343 dev
[0].add_network()
2344 if len(dev
[0].list_networks()) != 5:
2345 raise Exception("Unexpected number of networks prior to remove_crec")
2347 dev
[0].dump_monitor()
2348 dev
[0].remove_cred(id)
2349 if len(dev
[0].list_networks()) != 3:
2350 raise Exception("Unexpected number of networks after to remove_crec")
2351 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
2353 raise Exception("Timeout on disconnection")
2355 def _test_ap_hs20_proxyarp(dev
, apdev
):
2356 bssid
= apdev
[0]['bssid']
2357 params
= hs20_ap_params()
2358 params
['hessid'] = bssid
2359 params
['disable_dgaf'] = '0'
2360 params
['proxy_arp'] = '1'
2361 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
, no_enable
=True)
2362 if "OK" in hapd
.request("ENABLE"):
2363 raise Exception("Incomplete hostapd configuration was accepted")
2364 hapd
.set("ap_isolate", "1")
2365 if "OK" in hapd
.request("ENABLE"):
2366 raise Exception("Incomplete hostapd configuration was accepted")
2367 hapd
.set('bridge', 'ap-br0')
2372 # For now, do not report failures due to missing kernel support
2373 logger
.info("Could not start hostapd - assume proxyarp not supported in kernel version")
2375 ev
= hapd
.wait_event(["AP-ENABLED", "AP-DISABLED"], timeout
=10)
2377 raise Exception("AP startup timed out")
2378 if "AP-ENABLED" not in ev
:
2379 raise Exception("AP startup failed")
2381 dev
[0].hs20_enable()
2382 subprocess
.call(['brctl', 'setfd', 'ap-br0', '0'])
2383 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2385 id = dev
[0].add_cred_values({ 'realm': "example.com",
2386 'username': "hs20-test",
2387 'password': "password",
2388 'ca_cert': "auth_serv/ca.pem",
2389 'domain': "example.com",
2390 'update_identifier': "1234" })
2391 interworking_select(dev
[0], bssid
, "home", freq
="2412")
2392 interworking_connect(dev
[0], bssid
, "TTLS")
2394 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
2395 identity
="hs20-test", password
="password",
2396 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
2400 addr0
= dev
[0].p2p_interface_addr()
2401 addr1
= dev
[1].p2p_interface_addr()
2403 src_ll_opt0
= "\x01\x01" + binascii
.unhexlify(addr0
.replace(':',''))
2404 src_ll_opt1
= "\x01\x01" + binascii
.unhexlify(addr1
.replace(':',''))
2406 pkt
= build_ns(src_ll
=addr0
, ip_src
="aaaa:bbbb:cccc::2",
2407 ip_dst
="ff02::1:ff00:2", target
="aaaa:bbbb:cccc::2",
2409 if "OK" not in dev
[0].request("DATA_TEST_FRAME " + binascii
.hexlify(pkt
)):
2410 raise Exception("DATA_TEST_FRAME failed")
2412 pkt
= build_ns(src_ll
=addr1
, ip_src
="aaaa:bbbb:dddd::2",
2413 ip_dst
="ff02::1:ff00:2", target
="aaaa:bbbb:dddd::2",
2415 if "OK" not in dev
[1].request("DATA_TEST_FRAME " + binascii
.hexlify(pkt
)):
2416 raise Exception("DATA_TEST_FRAME failed")
2418 pkt
= build_ns(src_ll
=addr1
, ip_src
="aaaa:bbbb:eeee::2",
2419 ip_dst
="ff02::1:ff00:2", target
="aaaa:bbbb:eeee::2",
2421 if "OK" not in dev
[1].request("DATA_TEST_FRAME " + binascii
.hexlify(pkt
)):
2422 raise Exception("DATA_TEST_FRAME failed")
2424 matches
= get_permanent_neighbors("ap-br0")
2425 logger
.info("After connect: " + str(matches
))
2426 if len(matches
) != 3:
2427 raise Exception("Unexpected number of neighbor entries after connect")
2428 if 'aaaa:bbbb:cccc::2 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2429 raise Exception("dev0 addr missing")
2430 if 'aaaa:bbbb:dddd::2 dev ap-br0 lladdr 02:00:00:00:01:00 PERMANENT' not in matches
:
2431 raise Exception("dev1 addr(1) missing")
2432 if 'aaaa:bbbb:eeee::2 dev ap-br0 lladdr 02:00:00:00:01:00 PERMANENT' not in matches
:
2433 raise Exception("dev1 addr(2) missing")
2434 dev
[0].request("DISCONNECT")
2435 dev
[1].request("DISCONNECT")
2437 matches
= get_permanent_neighbors("ap-br0")
2438 logger
.info("After disconnect: " + str(matches
))
2439 if len(matches
) > 0:
2440 raise Exception("Unexpected neighbor entries after disconnect")
2442 def test_ap_hs20_proxyarp(dev
, apdev
):
2443 """Hotspot 2.0 and ProxyARP"""
2446 res
= _test_ap_hs20_proxyarp(dev
, apdev
)
2448 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2449 stderr
=open('/dev/null', 'w'))
2450 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
2451 stderr
=open('/dev/null', 'w'))
2455 def _test_ap_hs20_proxyarp_dgaf(dev
, apdev
, disabled
):
2456 bssid
= apdev
[0]['bssid']
2457 params
= hs20_ap_params()
2458 params
['hessid'] = bssid
2459 params
['disable_dgaf'] = '1' if disabled
else '0'
2460 params
['proxy_arp'] = '1'
2461 params
['ap_isolate'] = '1'
2462 params
['bridge'] = 'ap-br0'
2463 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
, no_enable
=True)
2467 # For now, do not report failures due to missing kernel support
2468 logger
.info("Could not start hostapd - assume proxyarp not supported in kernel version")
2470 ev
= hapd
.wait_event(["AP-ENABLED"], timeout
=10)
2472 raise Exception("AP startup timed out")
2474 dev
[0].hs20_enable()
2475 subprocess
.call(['brctl', 'setfd', 'ap-br0', '0'])
2476 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2478 id = dev
[0].add_cred_values({ 'realm': "example.com",
2479 'username': "hs20-test",
2480 'password': "password",
2481 'ca_cert': "auth_serv/ca.pem",
2482 'domain': "example.com",
2483 'update_identifier': "1234" })
2484 interworking_select(dev
[0], bssid
, "home", freq
="2412")
2485 interworking_connect(dev
[0], bssid
, "TTLS")
2487 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
2488 identity
="hs20-test", password
="password",
2489 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
2493 addr0
= dev
[0].p2p_interface_addr()
2495 src_ll_opt0
= "\x01\x01" + binascii
.unhexlify(addr0
.replace(':',''))
2497 pkt
= build_ns(src_ll
=addr0
, ip_src
="aaaa:bbbb:cccc::2",
2498 ip_dst
="ff02::1:ff00:2", target
="aaaa:bbbb:cccc::2",
2500 if "OK" not in dev
[0].request("DATA_TEST_FRAME " + binascii
.hexlify(pkt
)):
2501 raise Exception("DATA_TEST_FRAME failed")
2503 pkt
= build_ra(src_ll
=apdev
[0]['bssid'], ip_src
="aaaa:bbbb:cccc::33",
2505 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2506 raise Exception("DATA_TEST_FRAME failed")
2508 pkt
= build_na(src_ll
=apdev
[0]['bssid'], ip_src
="aaaa:bbbb:cccc::44",
2509 ip_dst
="ff01::1", target
="aaaa:bbbb:cccc::55")
2510 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2511 raise Exception("DATA_TEST_FRAME failed")
2513 pkt
= build_dhcp_ack(dst_ll
="ff:ff:ff:ff:ff:ff", src_ll
=bssid
,
2514 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2515 yiaddr
="192.168.1.123", chaddr
=addr0
)
2516 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2517 raise Exception("DATA_TEST_FRAME failed")
2518 # another copy for additional code coverage
2519 pkt
= build_dhcp_ack(dst_ll
=addr0
, src_ll
=bssid
,
2520 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2521 yiaddr
="192.168.1.123", chaddr
=addr0
)
2522 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2523 raise Exception("DATA_TEST_FRAME failed")
2525 matches
= get_permanent_neighbors("ap-br0")
2526 logger
.info("After connect: " + str(matches
))
2527 if len(matches
) != 2:
2528 raise Exception("Unexpected number of neighbor entries after connect")
2529 if 'aaaa:bbbb:cccc::2 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2530 raise Exception("dev0 addr missing")
2531 if '192.168.1.123 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2532 raise Exception("dev0 IPv4 addr missing")
2533 dev
[0].request("DISCONNECT")
2534 dev
[1].request("DISCONNECT")
2536 matches
= get_permanent_neighbors("ap-br0")
2537 logger
.info("After disconnect: " + str(matches
))
2538 if len(matches
) > 0:
2539 raise Exception("Unexpected neighbor entries after disconnect")
2541 def test_ap_hs20_proxyarp_disable_dgaf(dev
, apdev
):
2542 """Hotspot 2.0 and ProxyARP with DGAF disabled"""
2545 res
= _test_ap_hs20_proxyarp_dgaf(dev
, apdev
, True)
2547 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2548 stderr
=open('/dev/null', 'w'))
2549 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
2550 stderr
=open('/dev/null', 'w'))
2554 def test_ap_hs20_proxyarp_enable_dgaf(dev
, apdev
):
2555 """Hotspot 2.0 and ProxyARP with DGAF enabled"""
2558 res
= _test_ap_hs20_proxyarp_dgaf(dev
, apdev
, False)
2560 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
2561 stderr
=open('/dev/null', 'w'))
2562 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
2563 stderr
=open('/dev/null', 'w'))
2567 def ip_checksum(buf
):
2571 for i
in range(0, len(buf
), 2):
2572 val
, = struct
.unpack('H', buf
[i
:i
+2])
2575 sum = (sum & 0xffff) + (sum >> 16)
2576 return struct
.pack('H', ~
sum & 0xffff)
2578 def ipv6_solicited_node_mcaddr(target
):
2579 prefix
= socket
.inet_pton(socket
.AF_INET6
, "ff02::1:ff00:0")
2580 mask
= socket
.inet_pton(socket
.AF_INET6
, "::ff:ffff")
2581 _target
= socket
.inet_pton(socket
.AF_INET6
, target
)
2582 p
= struct
.unpack('4I', prefix
)
2583 m
= struct
.unpack('4I', mask
)
2584 t
= struct
.unpack('4I', _target
)
2585 res
= (p
[0] |
(t
[0] & m
[0]),
2586 p
[1] |
(t
[1] & m
[1]),
2587 p
[2] |
(t
[2] & m
[2]),
2588 p
[3] |
(t
[3] & m
[3]))
2589 return socket
.inet_ntop(socket
.AF_INET6
, struct
.pack('4I', *res
))
2591 def build_icmpv6(ipv6_addrs
, type, code
, payload
):
2592 start
= struct
.pack("BB", type, code
)
2594 icmp
= start
+ '\x00\x00' + end
2595 pseudo
= ipv6_addrs
+ struct
.pack(">LBBBB", len(icmp
), 0, 0, 0, 58)
2596 csum
= ip_checksum(pseudo
+ icmp
)
2597 return start
+ csum
+ end
2599 def build_ra(src_ll
, ip_src
, ip_dst
, cur_hop_limit
=0, router_lifetime
=0,
2600 reachable_time
=0, retrans_timer
=0, opt
=None):
2601 link_mc
= binascii
.unhexlify("3333ff000002")
2602 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2604 ehdr
= link_mc
+ _src_ll
+ proto
2605 _ip_src
= socket
.inet_pton(socket
.AF_INET6
, ip_src
)
2606 _ip_dst
= socket
.inet_pton(socket
.AF_INET6
, ip_dst
)
2608 adv
= struct
.pack('>BBHLL', cur_hop_limit
, 0, router_lifetime
,
2609 reachable_time
, retrans_timer
)
2614 icmp
= build_icmpv6(_ip_src
+ _ip_dst
, 134, 0, payload
)
2616 ipv6
= struct
.pack('>BBBBHBB', 0x60, 0, 0, 0, len(icmp
), 58, 255)
2617 ipv6
+= _ip_src
+ _ip_dst
2619 return ehdr
+ ipv6
+ icmp
2621 def build_ns(src_ll
, ip_src
, ip_dst
, target
, opt
=None):
2622 link_mc
= binascii
.unhexlify("3333ff000002")
2623 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2625 ehdr
= link_mc
+ _src_ll
+ proto
2626 _ip_src
= socket
.inet_pton(socket
.AF_INET6
, ip_src
)
2628 ip_dst
= ipv6_solicited_node_mcaddr(target
)
2629 _ip_dst
= socket
.inet_pton(socket
.AF_INET6
, ip_dst
)
2631 reserved
= '\x00\x00\x00\x00'
2632 _target
= socket
.inet_pton(socket
.AF_INET6
, target
)
2634 payload
= reserved
+ _target
+ opt
2636 payload
= reserved
+ _target
2637 icmp
= build_icmpv6(_ip_src
+ _ip_dst
, 135, 0, payload
)
2639 ipv6
= struct
.pack('>BBBBHBB', 0x60, 0, 0, 0, len(icmp
), 58, 255)
2640 ipv6
+= _ip_src
+ _ip_dst
2642 return ehdr
+ ipv6
+ icmp
2644 def send_ns(dev
, src_ll
=None, target
=None, ip_src
=None, ip_dst
=None, opt
=None,
2649 cmd
= "DATA_TEST_FRAME ifname=ap-br0 "
2652 src_ll
= dev
.p2p_interface_addr()
2653 cmd
= "DATA_TEST_FRAME "
2656 opt
= "\x01\x01" + binascii
.unhexlify(src_ll
.replace(':',''))
2658 pkt
= build_ns(src_ll
=src_ll
, ip_src
=ip_src
, ip_dst
=ip_dst
, target
=target
,
2660 if "OK" not in dev
.request(cmd
+ binascii
.hexlify(pkt
)):
2661 raise Exception("DATA_TEST_FRAME failed")
2663 def build_na(src_ll
, ip_src
, ip_dst
, target
, opt
=None):
2664 link_mc
= binascii
.unhexlify("3333ff000002")
2665 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2667 ehdr
= link_mc
+ _src_ll
+ proto
2668 _ip_src
= socket
.inet_pton(socket
.AF_INET6
, ip_src
)
2669 _ip_dst
= socket
.inet_pton(socket
.AF_INET6
, ip_dst
)
2671 reserved
= '\x00\x00\x00\x00'
2672 _target
= socket
.inet_pton(socket
.AF_INET6
, target
)
2674 payload
= reserved
+ _target
+ opt
2676 payload
= reserved
+ _target
2677 icmp
= build_icmpv6(_ip_src
+ _ip_dst
, 136, 0, payload
)
2679 ipv6
= struct
.pack('>BBBBHBB', 0x60, 0, 0, 0, len(icmp
), 58, 255)
2680 ipv6
+= _ip_src
+ _ip_dst
2682 return ehdr
+ ipv6
+ icmp
2684 def send_na(dev
, src_ll
=None, target
=None, ip_src
=None, ip_dst
=None, opt
=None,
2689 cmd
= "DATA_TEST_FRAME ifname=ap-br0 "
2692 src_ll
= dev
.p2p_interface_addr()
2693 cmd
= "DATA_TEST_FRAME "
2695 pkt
= build_na(src_ll
=src_ll
, ip_src
=ip_src
, ip_dst
=ip_dst
, target
=target
,
2697 if "OK" not in dev
.request(cmd
+ binascii
.hexlify(pkt
)):
2698 raise Exception("DATA_TEST_FRAME failed")
2700 def build_dhcp_ack(dst_ll
, src_ll
, ip_src
, ip_dst
, yiaddr
, chaddr
,
2701 subnet_mask
="255.255.255.0", truncated_opt
=False,
2702 wrong_magic
=False, force_tot_len
=None, no_dhcp
=False):
2703 _dst_ll
= binascii
.unhexlify(dst_ll
.replace(':',''))
2704 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2706 ehdr
= _dst_ll
+ _src_ll
+ proto
2707 _ip_src
= socket
.inet_pton(socket
.AF_INET
, ip_src
)
2708 _ip_dst
= socket
.inet_pton(socket
.AF_INET
, ip_dst
)
2709 _subnet_mask
= socket
.inet_pton(socket
.AF_INET
, subnet_mask
)
2711 _ciaddr
= '\x00\x00\x00\x00'
2712 _yiaddr
= socket
.inet_pton(socket
.AF_INET
, yiaddr
)
2713 _siaddr
= '\x00\x00\x00\x00'
2714 _giaddr
= '\x00\x00\x00\x00'
2715 _chaddr
= binascii
.unhexlify(chaddr
.replace(':','') + "00000000000000000000")
2716 payload
= struct
.pack('>BBBBL3BB', 2, 1, 6, 0, 12345, 0, 0, 0, 0)
2717 payload
+= _ciaddr
+ _yiaddr
+ _siaddr
+ _giaddr
+ _chaddr
+ 192*'\x00'
2720 payload
+= '\x63\x82\x53\x00'
2722 payload
+= '\x63\x82\x53\x63'
2724 payload
+= '\x22\xff\x00'
2725 # Option: DHCP Message Type = ACK
2726 payload
+= '\x35\x01\x05'
2729 # Option: Subnet Mask
2730 payload
+= '\x01\x04' + _subnet_mask
2731 # Option: Time Offset
2732 payload
+= struct
.pack('>BBL', 2, 4, 0)
2736 payload
+= '\x00\x00\x00\x00'
2739 payload
= struct
.pack('>BBBBL3BB', 2, 1, 6, 0, 12345, 0, 0, 0, 0)
2740 payload
+= _ciaddr
+ _yiaddr
+ _siaddr
+ _giaddr
+ _chaddr
+ 192*'\x00'
2742 udp
= struct
.pack('>HHHH', 67, 68, 8 + len(payload
), 0) + payload
2745 tot_len
= force_tot_len
2747 tot_len
= 20 + len(udp
)
2748 start
= struct
.pack('>BBHHBBBB', 0x45, 0, tot_len
, 0, 0, 0, 128, 17)
2749 ipv4
= start
+ '\x00\x00' + _ip_src
+ _ip_dst
2750 csum
= ip_checksum(ipv4
)
2751 ipv4
= start
+ csum
+ _ip_src
+ _ip_dst
2753 return ehdr
+ ipv4
+ udp
2755 def build_arp(dst_ll
, src_ll
, opcode
, sender_mac
, sender_ip
,
2756 target_mac
, target_ip
):
2757 _dst_ll
= binascii
.unhexlify(dst_ll
.replace(':',''))
2758 _src_ll
= binascii
.unhexlify(src_ll
.replace(':',''))
2760 ehdr
= _dst_ll
+ _src_ll
+ proto
2762 _sender_mac
= binascii
.unhexlify(sender_mac
.replace(':',''))
2763 _sender_ip
= socket
.inet_pton(socket
.AF_INET
, sender_ip
)
2764 _target_mac
= binascii
.unhexlify(target_mac
.replace(':',''))
2765 _target_ip
= socket
.inet_pton(socket
.AF_INET
, target_ip
)
2767 arp
= struct
.pack('>HHBBH', 1, 0x0800, 6, 4, opcode
)
2768 arp
+= _sender_mac
+ _sender_ip
2769 arp
+= _target_mac
+ _target_ip
2773 def send_arp(dev
, dst_ll
="ff:ff:ff:ff:ff:ff", src_ll
=None, opcode
=1,
2774 sender_mac
=None, sender_ip
="0.0.0.0",
2775 target_mac
="00:00:00:00:00:00", target_ip
="0.0.0.0",
2780 if sender_mac
is None:
2781 sender_mac
= hapd_bssid
2782 cmd
= "DATA_TEST_FRAME ifname=ap-br0 "
2785 src_ll
= dev
.p2p_interface_addr()
2786 if sender_mac
is None:
2787 sender_mac
= dev
.p2p_interface_addr()
2788 cmd
= "DATA_TEST_FRAME "
2790 pkt
= build_arp(dst_ll
=dst_ll
, src_ll
=src_ll
, opcode
=opcode
,
2791 sender_mac
=sender_mac
, sender_ip
=sender_ip
,
2792 target_mac
=target_mac
, target_ip
=target_ip
)
2793 if "OK" not in dev
.request(cmd
+ binascii
.hexlify(pkt
)):
2794 raise Exception("DATA_TEST_FRAME failed")
2796 def get_permanent_neighbors(ifname
):
2797 cmd
= subprocess
.Popen(['ip', 'nei'], stdout
=subprocess
.PIPE
)
2798 res
= cmd
.stdout
.read()
2800 return [ line
for line
in res
.splitlines() if "PERMANENT" in line
and ifname
in line
]
2802 def _test_proxyarp_open(dev
, apdev
, params
):
2803 cap_br
= os
.path
.join(params
['logdir'], "proxyarp_open.ap-br0.pcap")
2804 cap_dev0
= os
.path
.join(params
['logdir'], "proxyarp_open.%s.pcap" % dev
[0].ifname
)
2805 cap_dev1
= os
.path
.join(params
['logdir'], "proxyarp_open.%s.pcap" % dev
[1].ifname
)
2807 bssid
= apdev
[0]['bssid']
2808 params
= { 'ssid': 'open' }
2809 params
['proxy_arp'] = '1'
2810 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
, no_enable
=True)
2811 hapd
.set("ap_isolate", "1")
2812 hapd
.set('bridge', 'ap-br0')
2817 # For now, do not report failures due to missing kernel support
2818 logger
.info("Could not start hostapd - assume proxyarp not supported in kernel version")
2820 ev
= hapd
.wait_event(["AP-ENABLED", "AP-DISABLED"], timeout
=10)
2822 raise Exception("AP startup timed out")
2823 if "AP-ENABLED" not in ev
:
2824 raise Exception("AP startup failed")
2826 subprocess
.call(['brctl', 'setfd', 'ap-br0', '0'])
2827 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
2829 for chain
in [ 'FORWARD', 'OUTPUT' ]:
2830 subprocess
.call(['ebtables', '-A', chain
, '-p', 'ARP',
2831 '-d', 'Broadcast', '-o', apdev
[0]['ifname'],
2833 subprocess
.call(['ebtables', '-A', chain
, '-d', 'Multicast',
2834 '-p', 'IPv6', '--ip6-protocol', 'ipv6-icmp',
2835 '--ip6-icmp-type', 'neighbor-solicitation',
2836 '-o', apdev
[0]['ifname'], '-j', 'DROP'])
2837 subprocess
.call(['ebtables', '-A', chain
, '-d', 'Multicast',
2838 '-p', 'IPv6', '--ip6-protocol', 'ipv6-icmp',
2839 '--ip6-icmp-type', 'neighbor-advertisement',
2840 '-o', apdev
[0]['ifname'], '-j', 'DROP'])
2841 subprocess
.call(['ebtables', '-A', chain
,
2842 '-p', 'IPv6', '--ip6-protocol', 'ipv6-icmp',
2843 '--ip6-icmp-type', 'router-solicitation',
2844 '-o', apdev
[0]['ifname'], '-j', 'DROP'])
2845 # Multicast Listener Report Message
2846 subprocess
.call(['ebtables', '-A', chain
, '-d', 'Multicast',
2847 '-p', 'IPv6', '--ip6-protocol', 'ipv6-icmp',
2848 '--ip6-icmp-type', '143',
2849 '-o', apdev
[0]['ifname'], '-j', 'DROP'])
2852 cmd
[0] = subprocess
.Popen(['tcpdump', '-p', '-U', '-i', 'ap-br0',
2853 '-w', cap_br
, '-s', '2000'],
2854 stderr
=open('/dev/null', 'w'))
2855 cmd
[1] = subprocess
.Popen(['tcpdump', '-p', '-U', '-i', dev
[0].ifname
,
2856 '-w', cap_dev0
, '-s', '2000'],
2857 stderr
=open('/dev/null', 'w'))
2858 cmd
[2] = subprocess
.Popen(['tcpdump', '-p', '-U', '-i', dev
[1].ifname
,
2859 '-w', cap_dev1
, '-s', '2000'],
2860 stderr
=open('/dev/null', 'w'))
2862 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
2863 dev
[1].connect("open", key_mgmt
="NONE", scan_freq
="2412")
2866 addr0
= dev
[0].p2p_interface_addr()
2867 addr1
= dev
[1].p2p_interface_addr()
2869 src_ll_opt0
= "\x01\x01" + binascii
.unhexlify(addr0
.replace(':',''))
2870 src_ll_opt1
= "\x01\x01" + binascii
.unhexlify(addr1
.replace(':',''))
2873 send_ns(dev
[0], ip_src
="::", target
="aaaa:bbbb:cccc::2")
2875 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2")
2876 # test frame without source link-layer address option
2877 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2",
2879 # test frame with bogus option
2880 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2",
2881 opt
="\x70\x01\x01\x02\x03\x04\x05\x05")
2882 # test frame with truncated source link-layer address option
2883 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2",
2884 opt
="\x01\x01\x01\x02\x03\x04")
2885 # test frame with foreign source link-layer address option
2886 send_ns(dev
[0], ip_src
="aaaa:bbbb:cccc::2", target
="aaaa:bbbb:cccc::2",
2887 opt
="\x01\x01\x01\x02\x03\x04\x05\x06")
2889 send_ns(dev
[1], ip_src
="aaaa:bbbb:dddd::2", target
="aaaa:bbbb:dddd::2")
2891 send_ns(dev
[1], ip_src
="aaaa:bbbb:eeee::2", target
="aaaa:bbbb:eeee::2")
2892 # another copy for additional code coverage
2893 send_ns(dev
[1], ip_src
="aaaa:bbbb:eeee::2", target
="aaaa:bbbb:eeee::2")
2895 pkt
= build_dhcp_ack(dst_ll
="ff:ff:ff:ff:ff:ff", src_ll
=bssid
,
2896 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2897 yiaddr
="192.168.1.124", chaddr
=addr0
)
2898 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2899 raise Exception("DATA_TEST_FRAME failed")
2900 # Change address and verify unicast
2901 pkt
= build_dhcp_ack(dst_ll
=addr0
, src_ll
=bssid
,
2902 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2903 yiaddr
="192.168.1.123", chaddr
=addr0
)
2904 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2905 raise Exception("DATA_TEST_FRAME failed")
2907 # Not-associated client MAC address
2908 pkt
= build_dhcp_ack(dst_ll
="ff:ff:ff:ff:ff:ff", src_ll
=bssid
,
2909 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2910 yiaddr
="192.168.1.125", chaddr
="22:33:44:55:66:77")
2911 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2912 raise Exception("DATA_TEST_FRAME failed")
2915 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2916 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2917 yiaddr
="0.0.0.0", chaddr
=addr1
)
2918 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2919 raise Exception("DATA_TEST_FRAME failed")
2922 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2923 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2924 yiaddr
="192.168.1.126", chaddr
=addr1
,
2925 subnet_mask
="0.0.0.0")
2926 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2927 raise Exception("DATA_TEST_FRAME failed")
2930 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2931 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2932 yiaddr
="192.168.1.127", chaddr
=addr1
,
2934 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2935 raise Exception("DATA_TEST_FRAME failed")
2938 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2939 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2940 yiaddr
="192.168.1.128", chaddr
=addr1
,
2942 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2943 raise Exception("DATA_TEST_FRAME failed")
2945 # Wrong IPv4 total length
2946 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2947 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2948 yiaddr
="192.168.1.129", chaddr
=addr1
,
2950 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2951 raise Exception("DATA_TEST_FRAME failed")
2954 pkt
= build_dhcp_ack(dst_ll
=addr1
, src_ll
=bssid
,
2955 ip_src
="192.168.1.1", ip_dst
="255.255.255.255",
2956 yiaddr
="192.168.1.129", chaddr
=addr1
,
2958 if "OK" not in hapd
.request("DATA_TEST_FRAME ifname=ap-br0 " + binascii
.hexlify(pkt
)):
2959 raise Exception("DATA_TEST_FRAME failed")
2961 matches
= get_permanent_neighbors("ap-br0")
2962 logger
.info("After connect: " + str(matches
))
2963 if len(matches
) != 4:
2964 raise Exception("Unexpected number of neighbor entries after connect")
2965 if 'aaaa:bbbb:cccc::2 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2966 raise Exception("dev0 addr missing")
2967 if 'aaaa:bbbb:dddd::2 dev ap-br0 lladdr 02:00:00:00:01:00 PERMANENT' not in matches
:
2968 raise Exception("dev1 addr(1) missing")
2969 if 'aaaa:bbbb:eeee::2 dev ap-br0 lladdr 02:00:00:00:01:00 PERMANENT' not in matches
:
2970 raise Exception("dev1 addr(2) missing")
2971 if '192.168.1.123 dev ap-br0 lladdr 02:00:00:00:00:00 PERMANENT' not in matches
:
2972 raise Exception("dev0 IPv4 addr missing")
2974 targets
= [ "192.168.1.123", "192.168.1.124", "192.168.1.125",
2976 for target
in targets
:
2977 send_arp(dev
[1], sender_ip
="192.168.1.100", target_ip
=target
)
2979 for target
in targets
:
2980 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.101",
2983 # ARP Probe from wireless STA
2984 send_arp(dev
[1], target_ip
="192.168.1.127")
2985 # ARP Announcement from wireless STA
2986 send_arp(dev
[1], sender_ip
="192.168.1.127", target_ip
="192.168.1.127")
2987 send_arp(dev
[1], sender_ip
="192.168.1.127", target_ip
="192.168.1.127",
2990 matches
= get_permanent_neighbors("ap-br0")
2991 logger
.info("After ARP Probe + Announcement: " + str(matches
))
2993 # ARP Request for the newly introduced IP address from wireless STA
2994 send_arp(dev
[0], sender_ip
="192.168.1.123", target_ip
="192.168.1.127")
2996 # ARP Request for the newly introduced IP address from bridge
2997 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.102",
2998 target_ip
="192.168.1.127")
3000 # ARP Probe from bridge
3001 send_arp(hapd
, hapd_bssid
=bssid
, target_ip
="192.168.1.130")
3002 # ARP Announcement from bridge (not to be learned by AP for proxyarp)
3003 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.130",
3004 target_ip
="192.168.1.130")
3005 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.130",
3006 target_ip
="192.168.1.130", opcode
=2)
3008 matches
= get_permanent_neighbors("ap-br0")
3009 logger
.info("After ARP Probe + Announcement: " + str(matches
))
3011 # ARP Request for the newly introduced IP address from wireless STA
3012 send_arp(dev
[0], sender_ip
="192.168.1.123", target_ip
="192.168.1.130")
3013 # ARP Response from bridge (AP does not proxy for non-wireless devices)
3014 send_arp(hapd
, hapd_bssid
=bssid
, dst_ll
=addr0
, sender_ip
="192.168.1.130",
3015 target_ip
="192.168.1.123", opcode
=2)
3017 # ARP Request for the newly introduced IP address from bridge
3018 send_arp(hapd
, hapd_bssid
=bssid
, sender_ip
="192.168.1.102",
3019 target_ip
="192.168.1.130")
3021 # ARP Probe from wireless STA (duplicate address; learned through DHCP)
3022 send_arp(dev
[1], target_ip
="192.168.1.123")
3023 # ARP Probe from wireless STA (duplicate address; learned through ARP)
3024 send_arp(dev
[0], target_ip
="192.168.1.127")
3026 # Gratuitous ARP Reply for another STA's IP address
3027 send_arp(dev
[0], opcode
=2, sender_mac
=addr0
, sender_ip
="192.168.1.127",
3028 target_mac
=addr1
, target_ip
="192.168.1.127")
3029 send_arp(dev
[1], opcode
=2, sender_mac
=addr1
, sender_ip
="192.168.1.123",
3030 target_mac
=addr0
, target_ip
="192.168.1.123")
3031 # ARP Request to verify previous mapping
3032 send_arp(dev
[1], sender_ip
="192.168.1.127", target_ip
="192.168.1.123")
3033 send_arp(dev
[0], sender_ip
="192.168.1.123", target_ip
="192.168.1.127")
3037 send_ns(dev
[0], target
="aaaa:bbbb:dddd::2", ip_src
="aaaa:bbbb:cccc::2")
3039 send_ns(dev
[1], target
="aaaa:bbbb:cccc::2", ip_src
="aaaa:bbbb:dddd::2")
3041 send_ns(hapd
, hapd_bssid
=bssid
, target
="aaaa:bbbb:dddd::2",
3042 ip_src
="aaaa:bbbb:ffff::2")
3045 # Try to probe for an already assigned address
3046 send_ns(dev
[1], target
="aaaa:bbbb:cccc::2", ip_src
="::")
3048 send_ns(hapd
, hapd_bssid
=bssid
, target
="aaaa:bbbb:cccc::2", ip_src
="::")
3052 send_na(dev
[1], target
="aaaa:bbbb:cccc:aeae::3",
3053 ip_src
="aaaa:bbbb:cccc:aeae::3", ip_dst
="ff02::1")
3054 send_na(hapd
, hapd_bssid
=bssid
, target
="aaaa:bbbb:cccc:aeae::4",
3055 ip_src
="aaaa:bbbb:cccc:aeae::4", ip_dst
="ff02::1")
3057 hwsim_utils
.test_connectivity_iface(dev
[0], hapd
, "ap-br0")
3058 hwsim_utils
.test_connectivity_iface(dev
[1], hapd
, "ap-br0")
3059 hwsim_utils
.test_connectivity(dev
[0], dev
[1])
3061 dev
[0].request("DISCONNECT")
3062 dev
[1].request("DISCONNECT")
3066 matches
= get_permanent_neighbors("ap-br0")
3067 logger
.info("After disconnect: " + str(matches
))
3068 if len(matches
) > 0:
3069 raise Exception("Unexpected neighbor entries after disconnect")
3070 cmd
= subprocess
.Popen(['ebtables', '-L', '--Lc'], stdout
=subprocess
.PIPE
)
3071 res
= cmd
.stdout
.read()
3073 logger
.info("ebtables results:\n" + res
)
3075 def test_proxyarp_open(dev
, apdev
, params
):
3076 """ProxyARP with open network"""
3079 res
= _test_proxyarp_open(dev
, apdev
, params
)
3081 subprocess
.call(['ebtables', '-F', 'FORWARD'])
3082 subprocess
.call(['ebtables', '-F', 'OUTPUT'])
3083 subprocess
.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'],
3084 stderr
=open('/dev/null', 'w'))
3085 subprocess
.call(['brctl', 'delbr', 'ap-br0'],
3086 stderr
=open('/dev/null', 'w'))