]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_hs20.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Verify that home operator is preferred over roaming operator
[thirdparty/hostap.git] / tests / hwsim / test_ap_hs20.py
1 # Hotspot 2.0 tests
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 import time
8 import subprocess
9 import logging
10 logger = logging.getLogger()
11 import os.path
12 import subprocess
13
14 import hostapd
15 from wlantest import Wlantest
16
17 def hs20_ap_params(ssid="test-hs20"):
18 params = hostapd.wpa2_params(ssid=ssid)
19 params['wpa_key_mgmt'] = "WPA-EAP"
20 params['ieee80211w'] = "1"
21 params['ieee8021x'] = "1"
22 params['auth_server_addr'] = "127.0.0.1"
23 params['auth_server_port'] = "1812"
24 params['auth_server_shared_secret'] = "radius"
25 params['interworking'] = "1"
26 params['access_network_type'] = "14"
27 params['internet'] = "1"
28 params['asra'] = "0"
29 params['esr'] = "0"
30 params['uesa'] = "0"
31 params['venue_group'] = "7"
32 params['venue_type'] = "1"
33 params['venue_name'] = [ "eng:Example venue", "fin:Esimerkkipaikka" ]
34 params['roaming_consortium'] = [ "112233", "1020304050", "010203040506",
35 "fedcba" ]
36 params['domain_name'] = "example.com,another.example.com"
37 params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
38 "0,another.example.com" ]
39 params['hs20'] = "1"
40 params['hs20_wan_metrics'] = "01:8000:1000:80:240:3000"
41 params['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0" ]
42 params['hs20_operating_class'] = "5173"
43 params['anqp_3gpp_cell_net'] = "244,91"
44 return params
45
46 def interworking_select(dev, bssid, type=None, no_match=False, freq=None):
47 dev.dump_monitor()
48 freq_extra = " freq=" + freq if freq else ""
49 dev.request("INTERWORKING_SELECT" + freq_extra)
50 ev = dev.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
51 timeout=15)
52 if ev is None:
53 raise Exception("Network selection timed out");
54 if no_match:
55 if "INTERWORKING-NO-MATCH" not in ev:
56 raise Exception("Unexpected network match")
57 return
58 if "INTERWORKING-NO-MATCH" in ev:
59 raise Exception("Matching network not found")
60 if bssid and bssid not in ev:
61 raise Exception("Unexpected BSSID in match")
62 if type and "type=" + type not in ev:
63 raise Exception("Network type not recognized correctly")
64
65 def check_sp_type(dev, sp_type):
66 type = dev.get_status_field("sp_type")
67 if type is None:
68 raise Exception("sp_type not available")
69 if type != sp_type:
70 raise Exception("sp_type did not indicate home network")
71
72 def hlr_auc_gw_available():
73 if not os.path.exists("/tmp/hlr_auc_gw.sock"):
74 logger.info("No hlr_auc_gw available");
75 return False
76 if not os.path.exists("../../hostapd/hlr_auc_gw"):
77 logger.info("No hlr_auc_gw available");
78 return False
79 return True
80
81 def interworking_ext_sim_connect(dev, bssid, method):
82 dev.request("INTERWORKING_CONNECT " + bssid)
83 interworking_ext_sim_auth(dev, method)
84
85 def interworking_ext_sim_auth(dev, method):
86 ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=15)
87 if ev is None:
88 raise Exception("Network connected timed out")
89 if "(" + method + ")" not in ev:
90 raise Exception("Unexpected EAP method selection")
91
92 ev = dev.wait_event(["CTRL-REQ-SIM"], timeout=15)
93 if ev is None:
94 raise Exception("Wait for external SIM processing request timed out")
95 p = ev.split(':', 2)
96 if p[1] != "GSM-AUTH":
97 raise Exception("Unexpected CTRL-REQ-SIM type")
98 id = p[0].split('-')[3]
99 rand = p[2].split(' ')[0]
100
101 res = subprocess.check_output(["../../hostapd/hlr_auc_gw",
102 "-m",
103 "auth_serv/hlr_auc_gw.milenage_db",
104 "GSM-AUTH-REQ 232010000000000 " + rand])
105 if "GSM-AUTH-RESP" not in res:
106 raise Exception("Unexpected hlr_auc_gw response")
107 resp = res.split(' ')[2].rstrip()
108
109 dev.request("CTRL-RSP-SIM-" + id + ":GSM-AUTH:" + resp)
110 ev = dev.wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
111 if ev is None:
112 raise Exception("Connection timed out")
113
114 def interworking_connect(dev, bssid, method):
115 dev.request("INTERWORKING_CONNECT " + bssid)
116 interworking_auth(dev, method)
117
118 def interworking_auth(dev, method):
119 ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=15)
120 if ev is None:
121 raise Exception("Network connected timed out")
122 if "(" + method + ")" not in ev:
123 raise Exception("Unexpected EAP method selection")
124
125 ev = dev.wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
126 if ev is None:
127 raise Exception("Connection timed out")
128
129 def check_probe_resp(wt, bssid_unexpected, bssid_expected):
130 if bssid_unexpected:
131 count = wt.get_bss_counter("probe_response", bssid_unexpected)
132 if count > 0:
133 raise Exception("Unexpected Probe Response frame from AP")
134
135 if bssid_expected:
136 count = wt.get_bss_counter("probe_response", bssid_expected)
137 if count == 0:
138 raise Exception("No Probe Response frame from AP")
139
140 def test_ap_anqp_sharing(dev, apdev):
141 """ANQP sharing within ESS and explicit unshare"""
142 bssid = apdev[0]['bssid']
143 params = hs20_ap_params()
144 params['hessid'] = bssid
145 hostapd.add_ap(apdev[0]['ifname'], params)
146
147 bssid2 = apdev[1]['bssid']
148 params = hs20_ap_params()
149 params['hessid'] = bssid
150 params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ]
151 hostapd.add_ap(apdev[1]['ifname'], params)
152
153 dev[0].hs20_enable()
154 id = dev[0].add_cred_values({ 'realm': "example.com", 'username': "test",
155 'password': "secret",
156 'domain': "example.com" })
157 logger.info("Normal network selection with shared ANQP results")
158 interworking_select(dev[0], None, "home", freq="2412")
159 dev[0].dump_monitor()
160
161 res1 = dev[0].get_bss(bssid)
162 res2 = dev[0].get_bss(bssid2)
163 if res1['anqp_nai_realm'] != res2['anqp_nai_realm']:
164 raise Exception("ANQP results were not shared between BSSes")
165
166 logger.info("Explicit ANQP request to unshare ANQP results")
167 dev[0].request("ANQP_GET " + bssid + " 263")
168 ev = dev[0].wait_event(["RX-ANQP"], timeout=5)
169 if ev is None:
170 raise Exception("ANQP operation timed out")
171
172 dev[0].request("ANQP_GET " + bssid2 + " 263")
173 ev = dev[0].wait_event(["RX-ANQP"], timeout=5)
174 if ev is None:
175 raise Exception("ANQP operation timed out")
176
177 res1 = dev[0].get_bss(bssid)
178 res2 = dev[0].get_bss(bssid2)
179 if res1['anqp_nai_realm'] == res2['anqp_nai_realm']:
180 raise Exception("ANQP results were not unshared")
181
182 def test_ap_nai_home_realm_query(dev, apdev):
183 """NAI Home Realm Query"""
184 bssid = apdev[0]['bssid']
185 params = hs20_ap_params()
186 params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
187 "0,another.example.org" ]
188 hostapd.add_ap(apdev[0]['ifname'], params)
189
190 dev[0].scan(freq="2412")
191 dev[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid + " realm=example.com")
192 ev = dev[0].wait_event(["RX-ANQP"], timeout=5)
193 if ev is None:
194 raise Exception("ANQP operation timed out")
195 nai1 = dev[0].get_bss(bssid)['anqp_nai_realm']
196 dev[0].dump_monitor()
197
198 dev[0].request("ANQP_GET " + bssid + " 263")
199 ev = dev[0].wait_event(["RX-ANQP"], timeout=5)
200 if ev is None:
201 raise Exception("ANQP operation timed out")
202 nai2 = dev[0].get_bss(bssid)['anqp_nai_realm']
203
204 if len(nai1) >= len(nai2):
205 raise Exception("Unexpected NAI Realm list response lengths")
206 if "example.com".encode('hex') not in nai1:
207 raise Exception("Home realm not reported")
208 if "example.org".encode('hex') in nai1:
209 raise Exception("Non-home realm reported")
210 if "example.com".encode('hex') not in nai2:
211 raise Exception("Home realm not reported in wildcard query")
212 if "example.org".encode('hex') not in nai2:
213 raise Exception("Non-home realm not reported in wildcard query ")
214
215 def test_ap_interworking_scan_filtering(dev, apdev):
216 """Interworking scan filtering with HESSID and access network type"""
217 bssid = apdev[0]['bssid']
218 params = hs20_ap_params()
219 ssid = "test-hs20-ap1"
220 params['ssid'] = ssid
221 params['hessid'] = bssid
222 hostapd.add_ap(apdev[0]['ifname'], params)
223
224 bssid2 = apdev[1]['bssid']
225 params = hs20_ap_params()
226 ssid2 = "test-hs20-ap2"
227 params['ssid'] = ssid2
228 params['hessid'] = bssid2
229 params['access_network_type'] = "1"
230 del params['venue_group']
231 del params['venue_type']
232 hostapd.add_ap(apdev[1]['ifname'], params)
233
234 dev[0].hs20_enable()
235
236 wt = Wlantest()
237 wt.flush()
238
239 logger.info("Check probe request filtering based on HESSID")
240
241 dev[0].request("SET hessid " + bssid2)
242 dev[0].scan(freq="2412")
243 time.sleep(0.03)
244 check_probe_resp(wt, bssid, bssid2)
245
246 logger.info("Check probe request filtering based on access network type")
247
248 wt.clear_bss_counters(bssid)
249 wt.clear_bss_counters(bssid2)
250 dev[0].request("SET hessid 00:00:00:00:00:00")
251 dev[0].request("SET access_network_type 14")
252 dev[0].scan(freq="2412")
253 time.sleep(0.03)
254 check_probe_resp(wt, bssid2, bssid)
255
256 wt.clear_bss_counters(bssid)
257 wt.clear_bss_counters(bssid2)
258 dev[0].request("SET hessid 00:00:00:00:00:00")
259 dev[0].request("SET access_network_type 1")
260 dev[0].scan(freq="2412")
261 time.sleep(0.03)
262 check_probe_resp(wt, bssid, bssid2)
263
264 logger.info("Check probe request filtering based on HESSID and ANT")
265
266 wt.clear_bss_counters(bssid)
267 wt.clear_bss_counters(bssid2)
268 dev[0].request("SET hessid " + bssid)
269 dev[0].request("SET access_network_type 14")
270 dev[0].scan(freq="2412")
271 time.sleep(0.03)
272 check_probe_resp(wt, bssid2, bssid)
273
274 wt.clear_bss_counters(bssid)
275 wt.clear_bss_counters(bssid2)
276 dev[0].request("SET hessid " + bssid2)
277 dev[0].request("SET access_network_type 14")
278 dev[0].scan(freq="2412")
279 time.sleep(0.03)
280 check_probe_resp(wt, bssid, None)
281 check_probe_resp(wt, bssid2, None)
282
283 wt.clear_bss_counters(bssid)
284 wt.clear_bss_counters(bssid2)
285 dev[0].request("SET hessid " + bssid)
286 dev[0].request("SET access_network_type 1")
287 dev[0].scan(freq="2412")
288 time.sleep(0.03)
289 check_probe_resp(wt, bssid, None)
290 check_probe_resp(wt, bssid2, None)
291
292 def test_ap_hs20_select(dev, apdev):
293 """Hotspot 2.0 network selection"""
294 bssid = apdev[0]['bssid']
295 params = hs20_ap_params()
296 params['hessid'] = bssid
297 hostapd.add_ap(apdev[0]['ifname'], params)
298
299 dev[0].hs20_enable()
300 id = dev[0].add_cred_values({ 'realm': "example.com", 'username': "test",
301 'password': "secret",
302 'domain': "example.com" })
303 interworking_select(dev[0], bssid, "home")
304
305 dev[0].remove_cred(id)
306 id = dev[0].add_cred_values({ 'realm': "example.com", 'username': "test",
307 'password': "secret",
308 'domain': "no.match.example.com" })
309 interworking_select(dev[0], bssid, "roaming", freq="2412")
310
311 dev[0].set_cred_quoted(id, "realm", "no.match.example.com");
312 interworking_select(dev[0], bssid, no_match=True, freq="2412")
313
314 bssid2 = apdev[1]['bssid']
315 params = hs20_ap_params()
316 params['nai_realm'] = [ "0,example.org,21" ]
317 params['hessid'] = bssid2
318 params['domain_name'] = "example.org"
319 hostapd.add_ap(apdev[1]['ifname'], params)
320 dev[0].remove_cred(id)
321 id = dev[0].add_cred_values({ 'realm': "example.org", 'username': "test",
322 'password': "secret",
323 'domain': "example.org" })
324 interworking_select(dev[0], bssid2, "home", freq="2412")
325
326 def hs20_simulated_sim(dev, ap, method):
327 bssid = ap['bssid']
328 params = hs20_ap_params()
329 params['hessid'] = bssid
330 params['anqp_3gpp_cell_net'] = "555,444"
331 params['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
332 hostapd.add_ap(ap['ifname'], params)
333
334 dev.hs20_enable()
335 dev.add_cred_values({ 'imsi': "555444-333222111", 'eap': method,
336 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
337 interworking_select(dev, "home", freq="2412")
338 interworking_connect(dev, bssid, method)
339 check_sp_type(dev, "home")
340
341 def test_ap_hs20_sim(dev, apdev):
342 """Hotspot 2.0 with simulated SIM and EAP-SIM"""
343 if not hlr_auc_gw_available():
344 return "skip"
345 hs20_simulated_sim(dev[0], apdev[0], "SIM")
346
347 def test_ap_hs20_aka(dev, apdev):
348 """Hotspot 2.0 with simulated USIM and EAP-AKA"""
349 if not hlr_auc_gw_available():
350 return "skip"
351 hs20_simulated_sim(dev[0], apdev[0], "AKA")
352
353 def test_ap_hs20_aka_prime(dev, apdev):
354 """Hotspot 2.0 with simulated USIM and EAP-AKA'"""
355 if not hlr_auc_gw_available():
356 return "skip"
357 hs20_simulated_sim(dev[0], apdev[0], "AKA'")
358
359 def test_ap_hs20_ext_sim(dev, apdev):
360 """Hotspot 2.0 with external SIM processing"""
361 if not hlr_auc_gw_available():
362 return "skip"
363 bssid = apdev[0]['bssid']
364 params = hs20_ap_params()
365 params['hessid'] = bssid
366 params['anqp_3gpp_cell_net'] = "232,01"
367 params['domain_name'] = "wlan.mnc001.mcc232.3gppnetwork.org"
368 hostapd.add_ap(apdev[0]['ifname'], params)
369
370 dev[0].hs20_enable()
371 dev[0].request("SET external_sim 1")
372 dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
373 interworking_select(dev[0], "home", freq="2412")
374 interworking_ext_sim_connect(dev[0], bssid, "SIM")
375 check_sp_type(dev[0], "home")
376
377 def test_ap_hs20_ext_sim_roaming(dev, apdev):
378 """Hotspot 2.0 with external SIM processing in roaming network"""
379 if not hlr_auc_gw_available():
380 return "skip"
381 bssid = apdev[0]['bssid']
382 params = hs20_ap_params()
383 params['hessid'] = bssid
384 params['anqp_3gpp_cell_net'] = "244,91;310,026;232,01;234,56"
385 params['domain_name'] = "wlan.mnc091.mcc244.3gppnetwork.org"
386 hostapd.add_ap(apdev[0]['ifname'], params)
387
388 dev[0].hs20_enable()
389 dev[0].request("SET external_sim 1")
390 dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
391 interworking_select(dev[0], "roaming", freq="2412")
392 interworking_ext_sim_connect(dev[0], bssid, "SIM")
393 check_sp_type(dev[0], "roaming")
394
395 def test_ap_hs20_username(dev, apdev):
396 """Hotspot 2.0 connection in username/password credential"""
397 bssid = apdev[0]['bssid']
398 params = hs20_ap_params()
399 params['hessid'] = bssid
400 hostapd.add_ap(apdev[0]['ifname'], params)
401
402 dev[0].hs20_enable()
403 id = dev[0].add_cred_values({ 'realm': "example.com",
404 'username': "hs20-test",
405 'password': "password",
406 'ca_cert': "auth_serv/ca.pem",
407 'domain': "example.com",
408 'update_identifier': "1234" })
409 interworking_select(dev[0], bssid, "home", freq="2412")
410 interworking_connect(dev[0], bssid, "TTLS")
411 check_sp_type(dev[0], "home")
412 status = dev[0].get_status()
413 if status['pairwise_cipher'] != "CCMP":
414 raise Exception("Unexpected pairwise cipher")
415 if status['hs20'] != "2":
416 raise Exception("Unexpected HS 2.0 support indication")
417
418 dev[1].connect("test-hs20", key_mgmt="WPA-EAP", eap="TTLS",
419 identity="hs20-test", password="password",
420 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
421 scan_freq="2412")
422
423 def eap_test(dev, ap, eap_params, method, user):
424 bssid = ap['bssid']
425 params = hs20_ap_params()
426 params['nai_realm'] = [ "0,example.com," + eap_params ]
427 hostapd.add_ap(ap['ifname'], params)
428
429 dev.hs20_enable()
430 dev.add_cred_values({ 'realm': "example.com",
431 'username': user,
432 'password': "password" })
433 interworking_select(dev, bssid, freq="2412")
434 interworking_connect(dev, bssid, method)
435
436 def test_ap_hs20_eap_peap_mschapv2(dev, apdev):
437 """Hotspot 2.0 connection with PEAP/MSCHAPV2"""
438 eap_test(dev[0], apdev[0], "25[3:26]", "PEAP", "user")
439
440 def test_ap_hs20_eap_peap_gtc(dev, apdev):
441 """Hotspot 2.0 connection with PEAP/GTC"""
442 eap_test(dev[0], apdev[0], "25[3:6]", "PEAP", "user")
443
444 def test_ap_hs20_eap_ttls_chap(dev, apdev):
445 """Hotspot 2.0 connection with TTLS/CHAP"""
446 eap_test(dev[0], apdev[0], "21[2:2]", "TTLS", "chap user")
447
448 def test_ap_hs20_eap_ttls_mschap(dev, apdev):
449 """Hotspot 2.0 connection with TTLS/MSCHAP"""
450 eap_test(dev[0], apdev[0], "21[2:3]", "TTLS", "mschap user")
451
452 def test_ap_hs20_eap_ttls_eap_mschapv2(dev, apdev):
453 """Hotspot 2.0 connection with TTLS/EAP-MSCHAPv2"""
454 eap_test(dev[0], apdev[0], "21[3:26]", "TTLS", "user")
455
456 def test_ap_hs20_eap_fast_mschapv2(dev, apdev):
457 """Hotspot 2.0 connection with FAST/EAP-MSCHAPV2"""
458 eap_test(dev[0], apdev[0], "43[3:26]", "FAST", "user")
459
460 def test_ap_hs20_eap_fast_gtc(dev, apdev):
461 """Hotspot 2.0 connection with FAST/EAP-GTC"""
462 eap_test(dev[0], apdev[0], "43[3:6]", "FAST", "user")
463
464 def test_ap_hs20_eap_tls(dev, apdev):
465 """Hotspot 2.0 connection with EAP-TLS"""
466 bssid = apdev[0]['bssid']
467 params = hs20_ap_params()
468 params['nai_realm'] = [ "0,example.com,13[5:6]" ]
469 hostapd.add_ap(apdev[0]['ifname'], params)
470
471 dev[0].hs20_enable()
472 dev[0].add_cred_values({ 'realm': "example.com",
473 'username': "certificate-user",
474 'ca_cert': "auth_serv/ca.pem",
475 'client_cert': "auth_serv/user.pem",
476 'private_key': "auth_serv/user.key"})
477 interworking_select(dev[0], bssid, freq="2412")
478 interworking_connect(dev[0], bssid, "TLS")
479
480 def test_ap_hs20_nai_realms(dev, apdev):
481 """Hotspot 2.0 connection and multiple NAI realms and TTLS/PAP"""
482 bssid = apdev[0]['bssid']
483 params = hs20_ap_params()
484 params['hessid'] = bssid
485 params['nai_realm'] = [ "0,no.match.here;example.com;no.match.here.either,21[2:1][5:7]" ]
486 hostapd.add_ap(apdev[0]['ifname'], params)
487
488 dev[0].hs20_enable()
489 id = dev[0].add_cred_values({ 'realm': "example.com",
490 'username': "pap user",
491 'password': "password",
492 'domain': "example.com" })
493 interworking_select(dev[0], bssid, "home", freq="2412")
494 interworking_connect(dev[0], bssid, "TTLS")
495 check_sp_type(dev[0], "home")
496
497 def test_ap_hs20_roaming_consortium(dev, apdev):
498 """Hotspot 2.0 connection based on roaming consortium match"""
499 bssid = apdev[0]['bssid']
500 params = hs20_ap_params()
501 params['hessid'] = bssid
502 hostapd.add_ap(apdev[0]['ifname'], params)
503
504 dev[0].hs20_enable()
505 id = dev[0].add_cred_values({ 'realm': "example.com",
506 'username': "user",
507 'password': "password",
508 'domain': "example.com",
509 'roaming_consortium': "fedcba",
510 'eap': "PEAP" })
511 interworking_select(dev[0], bssid, "home", freq="2412")
512 interworking_connect(dev[0], bssid, "PEAP")
513 check_sp_type(dev[0], "home")
514
515 def test_ap_hs20_username_roaming(dev, apdev):
516 """Hotspot 2.0 connection in username/password credential (roaming)"""
517 bssid = apdev[0]['bssid']
518 params = hs20_ap_params()
519 params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
520 "0,roaming.example.com,21[2:4][5:7]",
521 "0,another.example.com" ]
522 params['domain_name'] = "another.example.com"
523 params['hessid'] = bssid
524 hostapd.add_ap(apdev[0]['ifname'], params)
525
526 dev[0].hs20_enable()
527 id = dev[0].add_cred_values({ 'realm': "roaming.example.com",
528 'username': "hs20-test",
529 'password': "password",
530 'domain': "example.com" })
531 interworking_select(dev[0], bssid, "roaming", freq="2412")
532 interworking_connect(dev[0], bssid, "TTLS")
533 check_sp_type(dev[0], "roaming")
534
535 def test_ap_hs20_username_unknown(dev, apdev):
536 """Hotspot 2.0 connection in username/password credential (no domain in cred)"""
537 bssid = apdev[0]['bssid']
538 params = hs20_ap_params()
539 params['hessid'] = bssid
540 hostapd.add_ap(apdev[0]['ifname'], params)
541
542 dev[0].hs20_enable()
543 id = dev[0].add_cred_values({ 'realm': "example.com",
544 'username': "hs20-test",
545 'password': "password" })
546 interworking_select(dev[0], bssid, "unknown", freq="2412")
547 interworking_connect(dev[0], bssid, "TTLS")
548 check_sp_type(dev[0], "unknown")
549
550 def test_ap_hs20_username_unknown2(dev, apdev):
551 """Hotspot 2.0 connection in username/password credential (no domain advertized)"""
552 bssid = apdev[0]['bssid']
553 params = hs20_ap_params()
554 params['hessid'] = bssid
555 del params['domain_name']
556 hostapd.add_ap(apdev[0]['ifname'], params)
557
558 dev[0].hs20_enable()
559 id = dev[0].add_cred_values({ 'realm': "example.com",
560 'username': "hs20-test",
561 'password': "password",
562 'domain': "example.com" })
563 interworking_select(dev[0], bssid, "unknown", freq="2412")
564 interworking_connect(dev[0], bssid, "TTLS")
565 check_sp_type(dev[0], "unknown")
566
567 def test_ap_hs20_gas_while_associated(dev, apdev):
568 """Hotspot 2.0 connection with GAS query while associated"""
569 bssid = apdev[0]['bssid']
570 params = hs20_ap_params()
571 params['hessid'] = bssid
572 hostapd.add_ap(apdev[0]['ifname'], params)
573
574 dev[0].hs20_enable()
575 id = dev[0].add_cred_values({ 'realm': "example.com",
576 'username': "hs20-test",
577 'password': "password",
578 'domain': "example.com" })
579 interworking_select(dev[0], bssid, "home", freq="2412")
580 interworking_connect(dev[0], bssid, "TTLS")
581
582 logger.info("Verifying GAS query while associated")
583 dev[0].request("FETCH_ANQP")
584 for i in range(0, 6):
585 ev = dev[0].wait_event(["RX-ANQP"], timeout=5)
586 if ev is None:
587 raise Exception("Operation timed out")
588
589 def test_ap_hs20_gas_while_associated_with_pmf(dev, apdev):
590 """Hotspot 2.0 connection with GAS query while associated and using PMF"""
591 bssid = apdev[0]['bssid']
592 params = hs20_ap_params()
593 params['hessid'] = bssid
594 hostapd.add_ap(apdev[0]['ifname'], params)
595
596 bssid2 = apdev[1]['bssid']
597 params = hs20_ap_params()
598 params['hessid'] = bssid2
599 params['nai_realm'] = [ "0,no-match.example.org,13[5:6],21[2:4][5:7]" ]
600 hostapd.add_ap(apdev[1]['ifname'], params)
601
602 dev[0].hs20_enable()
603 dev[0].request("SET pmf 2")
604 id = dev[0].add_cred_values({ 'realm': "example.com",
605 'username': "hs20-test",
606 'password': "password",
607 'domain': "example.com" })
608 interworking_select(dev[0], bssid, "home", freq="2412")
609 interworking_connect(dev[0], bssid, "TTLS")
610
611 logger.info("Verifying GAS query while associated")
612 dev[0].request("FETCH_ANQP")
613 for i in range(0, 2 * 6):
614 ev = dev[0].wait_event(["RX-ANQP"], timeout=5)
615 if ev is None:
616 raise Exception("Operation timed out")
617
618 def test_ap_hs20_gas_frag_while_associated(dev, apdev):
619 """Hotspot 2.0 connection with fragmented GAS query while associated"""
620 bssid = apdev[0]['bssid']
621 params = hs20_ap_params()
622 params['hessid'] = bssid
623 hostapd.add_ap(apdev[0]['ifname'], params)
624 hapd = hostapd.Hostapd(apdev[0]['ifname'])
625 hapd.set("gas_frag_limit", "50")
626
627 dev[0].hs20_enable()
628 id = dev[0].add_cred_values({ 'realm': "example.com",
629 'username': "hs20-test",
630 'password': "password",
631 'domain': "example.com" })
632 interworking_select(dev[0], bssid, "home", freq="2412")
633 interworking_connect(dev[0], bssid, "TTLS")
634
635 logger.info("Verifying GAS query while associated")
636 dev[0].request("FETCH_ANQP")
637 for i in range(0, 6):
638 ev = dev[0].wait_event(["RX-ANQP"], timeout=5)
639 if ev is None:
640 raise Exception("Operation timed out")
641
642 def test_ap_hs20_multiple_connects(dev, apdev):
643 """Hotspot 2.0 connection through multiple network selections"""
644 bssid = apdev[0]['bssid']
645 params = hs20_ap_params()
646 params['hessid'] = bssid
647 hostapd.add_ap(apdev[0]['ifname'], params)
648
649 dev[0].hs20_enable()
650 values = { 'realm': "example.com",
651 'username': "hs20-test",
652 'password': "password",
653 'domain': "example.com" }
654 id = dev[0].add_cred_values(values)
655
656 for i in range(0, 3):
657 logger.info("Starting Interworking network selection")
658 dev[0].request("INTERWORKING_SELECT auto freq=2412")
659 while True:
660 ev = dev[0].wait_event(["INTERWORKING-NO-MATCH",
661 "INTERWORKING-ALREADY-CONNECTED",
662 "CTRL-EVENT-CONNECTED"], timeout=15)
663 if ev is None:
664 raise Exception("Connection timed out")
665 if "INTERWORKING-NO-MATCH" in ev:
666 raise Exception("Matching AP not found")
667 if "CTRL-EVENT-CONNECTED" in ev:
668 break
669 if i == 2 and "INTERWORKING-ALREADY-CONNECTED" in ev:
670 break
671 if i == 0:
672 dev[0].request("DISCONNECT")
673 dev[0].dump_monitor()
674
675 networks = dev[0].list_networks()
676 if len(networks) > 1:
677 raise Exception("Duplicated network block detected")
678
679 def test_ap_hs20_disallow_aps(dev, apdev):
680 """Hotspot 2.0 connection and disallow_aps"""
681 bssid = apdev[0]['bssid']
682 params = hs20_ap_params()
683 params['hessid'] = bssid
684 hostapd.add_ap(apdev[0]['ifname'], params)
685
686 dev[0].hs20_enable()
687 values = { 'realm': "example.com",
688 'username': "hs20-test",
689 'password': "password",
690 'domain': "example.com" }
691 id = dev[0].add_cred_values(values)
692
693 logger.info("Verify disallow_aps bssid")
694 dev[0].request("SET disallow_aps bssid " + bssid.translate(None, ':'))
695 dev[0].request("INTERWORKING_SELECT auto")
696 ev = dev[0].wait_event(["INTERWORKING-NO-MATCH"], timeout=15)
697 if ev is None:
698 raise Exception("Network selection timed out")
699 dev[0].dump_monitor()
700
701 logger.info("Verify disallow_aps ssid")
702 dev[0].request("SET disallow_aps ssid 746573742d68733230")
703 dev[0].request("INTERWORKING_SELECT auto freq=2412")
704 ev = dev[0].wait_event(["INTERWORKING-NO-MATCH"], timeout=15)
705 if ev is None:
706 raise Exception("Network selection timed out")
707 dev[0].dump_monitor()
708
709 logger.info("Verify disallow_aps clear")
710 dev[0].request("SET disallow_aps ")
711 interworking_select(dev[0], bssid, "home", freq="2412")
712
713 dev[0].request("SET disallow_aps bssid " + bssid.translate(None, ':'))
714 ret = dev[0].request("INTERWORKING_CONNECT " + bssid)
715 if "FAIL" not in ret:
716 raise Exception("INTERWORKING_CONNECT to disallowed BSS not rejected")
717
718 def policy_test(dev, ap, values, only_one=True):
719 dev.dump_monitor()
720 if ap:
721 logger.info("Verify network selection to AP " + ap['ifname'])
722 bssid = ap['bssid']
723 else:
724 logger.info("Verify network selection")
725 bssid = None
726 dev.hs20_enable()
727 id = dev.add_cred_values(values)
728 dev.request("INTERWORKING_SELECT auto freq=2412")
729 events = []
730 while True:
731 ev = dev.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH",
732 "INTERWORKING-BLACKLISTED",
733 "INTERWORKING-SELECTED"], timeout=15)
734 if ev is None:
735 raise Exception("Network selection timed out")
736 events.append(ev)
737 if "INTERWORKING-NO-MATCH" in ev:
738 raise Exception("Matching AP not found")
739 if bssid and only_one and "INTERWORKING-AP" in ev and bssid not in ev:
740 raise Exception("Unexpected AP claimed acceptable")
741 if "INTERWORKING-SELECTED" in ev:
742 if bssid and bssid not in ev:
743 raise Exception("Selected incorrect BSS")
744 break
745
746 ev = dev.wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
747 if ev is None:
748 raise Exception("Connection timed out")
749 if bssid and bssid not in ev:
750 raise Exception("Connected to incorrect BSS")
751
752 conn_bssid = dev.get_status_field("bssid")
753 if bssid and conn_bssid != bssid:
754 raise Exception("bssid information points to incorrect BSS")
755
756 dev.remove_cred(id)
757 dev.dump_monitor()
758 return events
759
760 def default_cred():
761 return { 'realm': "example.com",
762 'username': "hs20-test",
763 'password': "password" }
764
765 def test_ap_hs20_prefer_home(dev, apdev):
766 """Hotspot 2.0 required roaming consortium"""
767 params = hs20_ap_params()
768 params['domain_name'] = "example.org"
769 hostapd.add_ap(apdev[0]['ifname'], params)
770
771 params = hs20_ap_params()
772 params['ssid'] = "test-hs20-other"
773 params['domain_name'] = "example.com"
774 hostapd.add_ap(apdev[1]['ifname'], params)
775
776 values = default_cred()
777 values['domain'] = "example.com"
778 policy_test(dev[0], apdev[1], values, only_one=False)
779 values['domain'] = "example.org"
780 policy_test(dev[0], apdev[0], values, only_one=False)
781
782 def test_ap_hs20_req_roaming_consortium(dev, apdev):
783 """Hotspot 2.0 required roaming consortium"""
784 params = hs20_ap_params()
785 hostapd.add_ap(apdev[0]['ifname'], params)
786
787 params = hs20_ap_params()
788 params['ssid'] = "test-hs20-other"
789 params['roaming_consortium'] = [ "223344" ]
790 hostapd.add_ap(apdev[1]['ifname'], params)
791
792 values = default_cred()
793 values['required_roaming_consortium'] = "223344"
794 policy_test(dev[0], apdev[1], values)
795 values['required_roaming_consortium'] = "112233"
796 policy_test(dev[0], apdev[0], values)
797
798 id = dev[0].add_cred()
799 dev[0].set_cred(id, "required_roaming_consortium", "112233")
800 dev[0].set_cred(id, "required_roaming_consortium", "112233445566778899aabbccddeeff")
801
802 for val in [ "", "1", "11", "1122", "1122334", "112233445566778899aabbccddeeff00" ]:
803 if "FAIL" not in dev[0].request('SET_CRED {} required_roaming_consortium {}'.format(id, val)):
804 raise Exception("Invalid roaming consortium value accepted: " + val)
805
806 def test_ap_hs20_excluded_ssid(dev, apdev):
807 """Hotspot 2.0 exclusion based on SSID"""
808 params = hs20_ap_params()
809 hostapd.add_ap(apdev[0]['ifname'], params)
810
811 params = hs20_ap_params()
812 params['ssid'] = "test-hs20-other"
813 params['roaming_consortium'] = [ "223344" ]
814 hostapd.add_ap(apdev[1]['ifname'], params)
815
816 values = default_cred()
817 values['excluded_ssid'] = "test-hs20"
818 events = policy_test(dev[0], apdev[1], values)
819 ev = [e for e in events if "INTERWORKING-BLACKLISTED " + apdev[0]['bssid'] in e]
820 if len(ev) != 1:
821 raise Exception("Excluded network not reported")
822 values['excluded_ssid'] = "test-hs20-other"
823 events = policy_test(dev[0], apdev[0], values)
824 ev = [e for e in events if "INTERWORKING-BLACKLISTED " + apdev[1]['bssid'] in e]
825 if len(ev) != 1:
826 raise Exception("Excluded network not reported")
827
828 def test_ap_hs20_roam_to_higher_prio(dev, apdev):
829 """Hotspot 2.0 and roaming from current to higher priority network"""
830 bssid = apdev[0]['bssid']
831 params = hs20_ap_params(ssid="test-hs20-visited")
832 params['domain_name'] = "visited.example.org"
833 hostapd.add_ap(apdev[0]['ifname'], params)
834
835 dev[0].hs20_enable()
836 id = dev[0].add_cred_values({ 'realm': "example.com",
837 'username': "hs20-test",
838 'password': "password",
839 'domain': "example.com" })
840 logger.info("Connect to the only network option")
841 interworking_select(dev[0], bssid, "roaming", freq="2412")
842 dev[0].dump_monitor()
843 interworking_connect(dev[0], bssid, "TTLS")
844
845 logger.info("Start another AP (home operator) and reconnect")
846 bssid2 = apdev[1]['bssid']
847 params = hs20_ap_params(ssid="test-hs20-home")
848 params['domain_name'] = "example.com"
849 hostapd.add_ap(apdev[1]['ifname'], params)
850
851 dev[0].request("INTERWORKING_SELECT auto freq=2412")
852 ev = dev[0].wait_event(["INTERWORKING-NO-MATCH",
853 "INTERWORKING-ALREADY-CONNECTED",
854 "CTRL-EVENT-CONNECTED"], timeout=15)
855 if ev is None:
856 raise Exception("Connection timed out")
857 if "INTERWORKING-NO-MATCH" in ev:
858 raise Exception("Matching AP not found")
859 if "INTERWORKING-ALREADY-CONNECTED" in ev:
860 raise Exception("Unexpected AP selected")
861 if bssid2 not in ev:
862 raise Exception("Unexpected BSSID after reconnection")
863
864 def test_ap_hs20_domain_suffix_match(dev, apdev):
865 """Hotspot 2.0 and domain_suffix_match"""
866 bssid = apdev[0]['bssid']
867 params = hs20_ap_params()
868 hostapd.add_ap(apdev[0]['ifname'], params)
869
870 dev[0].hs20_enable()
871 id = dev[0].add_cred_values({ 'realm': "example.com",
872 'username': "hs20-test",
873 'password': "password",
874 'domain': "example.com",
875 'domain_suffix_match': "w1.fi" })
876 interworking_select(dev[0], bssid, "home", freq="2412")
877 dev[0].dump_monitor()
878 interworking_connect(dev[0], bssid, "TTLS")
879 dev[0].request("REMOVE_NETWORK all")
880 dev[0].dump_monitor()
881
882 dev[0].set_cred_quoted(id, "domain_suffix_match", "no-match.example.com")
883 interworking_select(dev[0], bssid, "home", freq="2412")
884 dev[0].dump_monitor()
885 dev[0].request("INTERWORKING_CONNECT " + bssid)
886 ev = dev[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"])
887 if ev is None:
888 raise Exception("TLS certificate error not reported")
889 if "Domain suffix mismatch" not in ev:
890 raise Exception("Domain suffix mismatch not reported")
891
892 def test_ap_hs20_roaming_partner_preference(dev, apdev):
893 """Hotspot 2.0 and roaming partner preference"""
894 params = hs20_ap_params()
895 params['domain_name'] = "roaming.example.org"
896 hostapd.add_ap(apdev[0]['ifname'], params)
897
898 params = hs20_ap_params()
899 params['ssid'] = "test-hs20-other"
900 params['domain_name'] = "roaming.example.net"
901 hostapd.add_ap(apdev[1]['ifname'], params)
902
903 logger.info("Verify default vs. specified preference")
904 values = default_cred()
905 values['roaming_partner'] = "roaming.example.net,1,127,*"
906 policy_test(dev[0], apdev[1], values, only_one=False)
907 values['roaming_partner'] = "roaming.example.net,1,129,*"
908 policy_test(dev[0], apdev[0], values, only_one=False)
909
910 logger.info("Verify partial FQDN match")
911 values['roaming_partner'] = "example.net,0,0,*"
912 policy_test(dev[0], apdev[1], values, only_one=False)
913 values['roaming_partner'] = "example.net,0,255,*"
914 policy_test(dev[0], apdev[0], values, only_one=False)
915
916 def test_ap_hs20_max_bss_load(dev, apdev):
917 """Hotspot 2.0 and maximum BSS load"""
918 params = hs20_ap_params()
919 params['bss_load_test'] = "12:200:20000"
920 hostapd.add_ap(apdev[0]['ifname'], params)
921
922 params = hs20_ap_params()
923 params['ssid'] = "test-hs20-other"
924 params['bss_load_test'] = "5:20:10000"
925 hostapd.add_ap(apdev[1]['ifname'], params)
926
927 logger.info("Verify maximum BSS load constraint")
928 values = default_cred()
929 values['domain'] = "example.com"
930 values['max_bss_load'] = "100"
931 events = policy_test(dev[0], apdev[1], values, only_one=False)
932
933 ev = [e for e in events if "INTERWORKING-AP " + apdev[0]['bssid'] in e]
934 if len(ev) != 1 or "over_max_bss_load=1" not in ev[0]:
935 raise Exception("Maximum BSS Load case not noticed")
936 ev = [e for e in events if "INTERWORKING-AP " + apdev[1]['bssid'] in e]
937 if len(ev) != 1 or "over_max_bss_load=1" in ev[0]:
938 raise Exception("Maximum BSS Load case reported incorrectly")
939
940 logger.info("Verify maximum BSS load does not prevent connection")
941 values['max_bss_load'] = "1"
942 events = policy_test(dev[0], None, values)
943
944 ev = [e for e in events if "INTERWORKING-AP " + apdev[0]['bssid'] in e]
945 if len(ev) != 1 or "over_max_bss_load=1" not in ev[0]:
946 raise Exception("Maximum BSS Load case not noticed")
947 ev = [e for e in events if "INTERWORKING-AP " + apdev[1]['bssid'] in e]
948 if len(ev) != 1 or "over_max_bss_load=1" not in ev[0]:
949 raise Exception("Maximum BSS Load case not noticed")
950
951 def test_ap_hs20_max_bss_load2(dev, apdev):
952 """Hotspot 2.0 and maximum BSS load with one AP not advertising"""
953 params = hs20_ap_params()
954 params['bss_load_test'] = "12:200:20000"
955 hostapd.add_ap(apdev[0]['ifname'], params)
956
957 params = hs20_ap_params()
958 params['ssid'] = "test-hs20-other"
959 hostapd.add_ap(apdev[1]['ifname'], params)
960
961 logger.info("Verify maximum BSS load constraint with AP advertisement")
962 values = default_cred()
963 values['domain'] = "example.com"
964 values['max_bss_load'] = "100"
965 events = policy_test(dev[0], apdev[1], values, only_one=False)
966
967 ev = [e for e in events if "INTERWORKING-AP " + apdev[0]['bssid'] in e]
968 if len(ev) != 1 or "over_max_bss_load=1" not in ev[0]:
969 raise Exception("Maximum BSS Load case not noticed")
970 ev = [e for e in events if "INTERWORKING-AP " + apdev[1]['bssid'] in e]
971 if len(ev) != 1 or "over_max_bss_load=1" in ev[0]:
972 raise Exception("Maximum BSS Load case reported incorrectly")
973
974 def test_ap_hs20_multi_cred_sp_prio(dev, apdev):
975 """Hotspot 2.0 multi-cred sp_priority"""
976 if not hlr_auc_gw_available():
977 return "skip"
978 bssid = apdev[0]['bssid']
979 params = hs20_ap_params()
980 params['hessid'] = bssid
981 del params['domain_name']
982 params['anqp_3gpp_cell_net'] = "232,01"
983 hostapd.add_ap(apdev[0]['ifname'], params)
984
985 dev[0].hs20_enable()
986 dev[0].request("SET external_sim 1")
987 id1 = dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
988 'provisioning_sp': "example.com",
989 'sp_priority' :"1" })
990 id2 = dev[0].add_cred_values({ 'realm': "example.com",
991 'username': "hs20-test",
992 'password': "password",
993 'domain': "example.com",
994 'provisioning_sp': "example.com",
995 'sp_priority': "2" })
996 dev[0].dump_monitor()
997 dev[0].request("INTERWORKING_SELECT auto")
998 interworking_ext_sim_auth(dev[0], "SIM")
999 check_sp_type(dev[0], "unknown")
1000 dev[0].request("REMOVE_NETWORK all")
1001
1002 dev[0].set_cred(id1, "sp_priority", "2")
1003 dev[0].set_cred(id2, "sp_priority", "1")
1004 dev[0].dump_monitor()
1005 dev[0].request("INTERWORKING_SELECT auto")
1006 interworking_auth(dev[0], "TTLS")
1007 check_sp_type(dev[0], "unknown")
1008
1009 def test_ap_hs20_multi_cred_sp_prio2(dev, apdev):
1010 """Hotspot 2.0 multi-cred sp_priority with two BSSes"""
1011 if not hlr_auc_gw_available():
1012 return "skip"
1013 bssid = apdev[0]['bssid']
1014 params = hs20_ap_params()
1015 params['hessid'] = bssid
1016 del params['nai_realm']
1017 del params['domain_name']
1018 params['anqp_3gpp_cell_net'] = "232,01"
1019 hostapd.add_ap(apdev[0]['ifname'], params)
1020
1021 bssid2 = apdev[1]['bssid']
1022 params = hs20_ap_params()
1023 params['ssid'] = "test-hs20-other"
1024 params['hessid'] = bssid2
1025 del params['domain_name']
1026 del params['anqp_3gpp_cell_net']
1027 hostapd.add_ap(apdev[1]['ifname'], params)
1028
1029 dev[0].hs20_enable()
1030 dev[0].request("SET external_sim 1")
1031 id1 = dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1032 'provisioning_sp': "example.com",
1033 'sp_priority': "1" })
1034 id2 = dev[0].add_cred_values({ 'realm': "example.com",
1035 'username': "hs20-test",
1036 'password': "password",
1037 'domain': "example.com",
1038 'provisioning_sp': "example.com",
1039 'sp_priority': "2" })
1040 dev[0].dump_monitor()
1041 dev[0].request("INTERWORKING_SELECT auto")
1042 interworking_ext_sim_auth(dev[0], "SIM")
1043 check_sp_type(dev[0], "unknown")
1044 conn_bssid = dev[0].get_status_field("bssid")
1045 if conn_bssid != bssid:
1046 raise Exception("Connected to incorrect BSS")
1047 dev[0].request("REMOVE_NETWORK all")
1048
1049 dev[0].set_cred(id1, "sp_priority", "2")
1050 dev[0].set_cred(id2, "sp_priority", "1")
1051 dev[0].dump_monitor()
1052 dev[0].request("INTERWORKING_SELECT auto")
1053 interworking_auth(dev[0], "TTLS")
1054 check_sp_type(dev[0], "unknown")
1055 conn_bssid = dev[0].get_status_field("bssid")
1056 if conn_bssid != bssid2:
1057 raise Exception("Connected to incorrect BSS")
1058
1059 def test_ap_hs20_req_conn_capab(dev, apdev):
1060 """Hotspot 2.0 network selection with req_conn_capab"""
1061 bssid = apdev[0]['bssid']
1062 params = hs20_ap_params()
1063 hostapd.add_ap(apdev[0]['ifname'], params)
1064
1065 dev[0].hs20_enable()
1066 logger.info("Not used in home network")
1067 id = dev[0].add_cred_values({ 'realm': "example.com",
1068 'username': "hs20-test",
1069 'password': "password",
1070 'domain': "example.com",
1071 'req_conn_capab': "6:1234" })
1072 dev[0].request("INTERWORKING_SELECT freq=2412")
1073 ev = dev[0].wait_event(["INTERWORKING-AP"])
1074 if ev is None:
1075 raise Exception("Network selection timed out");
1076 if "type=home" not in ev:
1077 raise Exception("Unexpected network type")
1078 if "conn_capab_missing=1" in ev:
1079 raise Exception("req_conn_capab used in home network")
1080
1081 logger.info("Used in roaming network")
1082 dev[0].remove_cred(id)
1083 id = dev[0].add_cred_values({ 'realm': "example.com",
1084 'username': "hs20-test",
1085 'password': "password",
1086 'domain': "example.org",
1087 'req_conn_capab': "6:1234" })
1088 dev[0].request("INTERWORKING_SELECT freq=2412")
1089 ev = dev[0].wait_event(["INTERWORKING-AP"])
1090 if ev is None:
1091 raise Exception("Network selection timed out");
1092 if "type=roaming" not in ev:
1093 raise Exception("Unexpected network type")
1094 if "conn_capab_missing=1" not in ev:
1095 raise Exception("Missing conn_capab not reported")
1096
1097 logger.info("Verify that req_conn_capab does not prevent connection if no other network is available")
1098 dev[0].request("INTERWORKING_SELECT auto freq=2412")
1099 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
1100 if ev is None:
1101 raise Exception("Connection timed out")
1102
1103 def test_ap_hs20_deauth_req_ess(dev, apdev):
1104 """Hotspot 2.0 connection and deauthentication request for ESS"""
1105 dev[0].request("SET pmf 2")
1106 eap_test(dev[0], apdev[0], "21[3:26]", "TTLS", "user")
1107 dev[0].dump_monitor()
1108 addr = dev[0].p2p_interface_addr()
1109 hapd = hostapd.Hostapd(apdev[0]['ifname'])
1110 hapd.request("HS20_DEAUTH_REQ " + addr + " 1 120 http://example.com/")
1111 ev = dev[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1112 if ev is None:
1113 raise Exception("Timeout on deauth imminent notice")
1114 if "1 120 http://example.com/" not in ev:
1115 raise Exception("Unexpected deauth imminent notice: " + ev)
1116 hapd.request("DEAUTHENTICATE " + addr)
1117 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1118 if ev is None:
1119 raise Exception("Timeout on disconnection")
1120 ev = dev[0].wait_event(["SME: Trying to authenticate",
1121 "Trying to associate",
1122 "CTRL-EVENT-CONNECTED"], timeout=5)
1123 if ev is not None:
1124 raise Exception("Unexpected connection attempt")
1125
1126 def test_ap_hs20_deauth_req_bss(dev, apdev):
1127 """Hotspot 2.0 connection and deauthentication request for BSS"""
1128 dev[0].request("SET pmf 2")
1129 eap_test(dev[0], apdev[0], "21[3:26]", "TTLS", "user")
1130 dev[0].dump_monitor()
1131 addr = dev[0].p2p_interface_addr()
1132 hapd = hostapd.Hostapd(apdev[0]['ifname'])
1133 hapd.request("HS20_DEAUTH_REQ " + addr + " 0 120 http://example.com/")
1134 ev = dev[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1135 if ev is None:
1136 raise Exception("Timeout on deauth imminent notice")
1137 if "0 120 http://example.com/" not in ev:
1138 raise Exception("Unexpected deauth imminent notice: " + ev)
1139 hapd.request("DEAUTHENTICATE " + addr + " reason=4")
1140 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1141 if ev is None:
1142 raise Exception("Timeout on disconnection")
1143 if "reason=4" not in ev:
1144 raise Exception("Unexpected disconnection reason")
1145 ev = dev[0].wait_event(["SME: Trying to authenticate",
1146 "Trying to associate",
1147 "CTRL-EVENT-CONNECTED"], timeout=5)
1148 if ev is not None:
1149 raise Exception("Unexpected connection attempt")
1150
1151 def test_ap_hs20_osen(dev, apdev):
1152 """Hotspot 2.0 OSEN connection"""
1153 params = { 'ssid': "osen",
1154 'osen': "1",
1155 'auth_server_addr': "127.0.0.1",
1156 'auth_server_port': "1812",
1157 'auth_server_shared_secret': "radius" }
1158 hostapd.add_ap(apdev[0]['ifname'], params)
1159
1160 dev[0].connect("osen", proto="OSEN", key_mgmt="OSEN", pairwise="CCMP",
1161 group="GTK_NOT_USED",
1162 eap="WFA-UNAUTH-TLS", identity="osen@example.com",
1163 ca_cert="auth_serv/ca.pem",
1164 scan_freq="2412")
1165
1166 def test_ap_hs20_network_preference(dev, apdev):
1167 """Hotspot 2.0 network selection with preferred home network"""
1168 bssid = apdev[0]['bssid']
1169 params = hs20_ap_params()
1170 hostapd.add_ap(apdev[0]['ifname'], params)
1171
1172 dev[0].hs20_enable()
1173 values = { 'realm': "example.com",
1174 'username': "hs20-test",
1175 'password': "password",
1176 'domain': "example.com" }
1177 dev[0].add_cred_values(values)
1178
1179 id = dev[0].add_network()
1180 dev[0].set_network_quoted(id, "ssid", "home")
1181 dev[0].set_network_quoted(id, "psk", "12345678")
1182 dev[0].set_network(id, "priority", "1")
1183 dev[0].request("ENABLE_NETWORK %s no-connect" % id)
1184
1185 dev[0].request("INTERWORKING_SELECT auto freq=2412")
1186 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
1187 if ev is None:
1188 raise Exception("Connection timed out")
1189 if bssid not in ev:
1190 raise Exception("Unexpected network selected")
1191
1192 bssid2 = apdev[1]['bssid']
1193 params = hostapd.wpa2_params(ssid="home", passphrase="12345678")
1194 hostapd.add_ap(apdev[1]['ifname'], params)
1195
1196 dev[0].request("INTERWORKING_SELECT auto freq=2412")
1197 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED",
1198 "INTERWORKING-ALREADY-CONNECTED" ], timeout=15)
1199 if ev is None:
1200 raise Exception("Connection timed out")
1201 if "INTERWORKING-ALREADY-CONNECTED" in ev:
1202 raise Exception("No roam to higher priority network")
1203 if bssid2 not in ev:
1204 raise Exception("Unexpected network selected")
1205
1206 def test_ap_hs20_network_preference2(dev, apdev):
1207 """Hotspot 2.0 network selection with preferred credential"""
1208 bssid2 = apdev[1]['bssid']
1209 params = hostapd.wpa2_params(ssid="home", passphrase="12345678")
1210 hostapd.add_ap(apdev[1]['ifname'], params)
1211
1212 dev[0].hs20_enable()
1213 values = { 'realm': "example.com",
1214 'username': "hs20-test",
1215 'password': "password",
1216 'domain': "example.com",
1217 'priority': "1" }
1218 dev[0].add_cred_values(values)
1219
1220 id = dev[0].add_network()
1221 dev[0].set_network_quoted(id, "ssid", "home")
1222 dev[0].set_network_quoted(id, "psk", "12345678")
1223 dev[0].request("ENABLE_NETWORK %s no-connect" % id)
1224
1225 dev[0].request("INTERWORKING_SELECT auto freq=2412")
1226 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
1227 if ev is None:
1228 raise Exception("Connection timed out")
1229 if bssid2 not in ev:
1230 raise Exception("Unexpected network selected")
1231
1232 bssid = apdev[0]['bssid']
1233 params = hs20_ap_params()
1234 hostapd.add_ap(apdev[0]['ifname'], params)
1235
1236 dev[0].request("INTERWORKING_SELECT auto freq=2412")
1237 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED",
1238 "INTERWORKING-ALREADY-CONNECTED" ], timeout=15)
1239 if ev is None:
1240 raise Exception("Connection timed out")
1241 if "INTERWORKING-ALREADY-CONNECTED" in ev:
1242 raise Exception("No roam to higher priority network")
1243 if bssid not in ev:
1244 raise Exception("Unexpected network selected")
1245
1246 def test_ap_hs20_network_preference3(dev, apdev):
1247 """Hotspot 2.0 network selection with two credential (one preferred)"""
1248 bssid = apdev[0]['bssid']
1249 params = hs20_ap_params()
1250 hostapd.add_ap(apdev[0]['ifname'], params)
1251
1252 bssid2 = apdev[1]['bssid']
1253 params = hs20_ap_params(ssid="test-hs20b")
1254 params['nai_realm'] = "0,example.org,13[5:6],21[2:4][5:7]"
1255 hostapd.add_ap(apdev[1]['ifname'], params)
1256
1257 dev[0].hs20_enable()
1258 values = { 'realm': "example.com",
1259 'username': "hs20-test",
1260 'password': "password",
1261 'priority': "1" }
1262 dev[0].add_cred_values(values)
1263 values = { 'realm': "example.org",
1264 'username': "hs20-test",
1265 'password': "password" }
1266 id = dev[0].add_cred_values(values)
1267
1268 dev[0].request("INTERWORKING_SELECT auto freq=2412")
1269 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
1270 if ev is None:
1271 raise Exception("Connection timed out")
1272 if bssid not in ev:
1273 raise Exception("Unexpected network selected")
1274
1275 dev[0].set_cred(id, "priority", "2")
1276 dev[0].request("INTERWORKING_SELECT auto freq=2412")
1277 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED",
1278 "INTERWORKING-ALREADY-CONNECTED" ], timeout=15)
1279 if ev is None:
1280 raise Exception("Connection timed out")
1281 if "INTERWORKING-ALREADY-CONNECTED" in ev:
1282 raise Exception("No roam to higher priority network")
1283 if bssid2 not in ev:
1284 raise Exception("Unexpected network selected")
Unnamed repository; edit this file 'description' to name the repository.