]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_hs20.py
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
10 logger
= logging
.getLogger()
15 from wlantest
import Wlantest
17 def hs20_ap_params(ssid
="test-hs20"):
18 params
= hostapd
.wpa2_params(ssid
=ssid
)
19 params
['wpa_key_mgmt'] = "WPA-EAP"
20 params
['ieee80211w'] = "1"
21 params
['ieee8021x'] = "1"
22 params
['auth_server_addr'] = "127.0.0.1"
23 params
['auth_server_port'] = "1812"
24 params
['auth_server_shared_secret'] = "radius"
25 params
['interworking'] = "1"
26 params
['access_network_type'] = "14"
27 params
['internet'] = "1"
31 params
['venue_group'] = "7"
32 params
['venue_type'] = "1"
33 params
['venue_name'] = [ "eng:Example venue", "fin:Esimerkkipaikka" ]
34 params
['roaming_consortium'] = [ "112233", "1020304050", "010203040506",
36 params
['domain_name'] = "example.com,another.example.com"
37 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
38 "0,another.example.com" ]
40 params
['hs20_wan_metrics'] = "01:8000:1000:80:240:3000"
41 params
['hs20_conn_capab'] = [ "1:0:2", "6:22:1", "17:5060:0" ]
42 params
['hs20_operating_class'] = "5173"
43 params
['anqp_3gpp_cell_net'] = "244,91"
46 def interworking_select(dev
, bssid
, type=None, no_match
=False, freq
=None):
48 freq_extra
= " freq=" + freq
if freq
else ""
49 dev
.request("INTERWORKING_SELECT" + freq_extra
)
50 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
53 raise Exception("Network selection timed out");
55 if "INTERWORKING-NO-MATCH" not in ev
:
56 raise Exception("Unexpected network match")
58 if "INTERWORKING-NO-MATCH" in ev
:
59 raise Exception("Matching network not found")
60 if bssid
and bssid
not in ev
:
61 raise Exception("Unexpected BSSID in match")
62 if type and "type=" + type not in ev
:
63 raise Exception("Network type not recognized correctly")
65 def check_sp_type(dev
, sp_type
):
66 type = dev
.get_status_field("sp_type")
68 raise Exception("sp_type not available")
70 raise Exception("sp_type did not indicate home network")
72 def hlr_auc_gw_available():
73 if not os
.path
.exists("/tmp/hlr_auc_gw.sock"):
74 logger
.info("No hlr_auc_gw available");
76 if not os
.path
.exists("../../hostapd/hlr_auc_gw"):
77 logger
.info("No hlr_auc_gw available");
81 def interworking_ext_sim_connect(dev
, bssid
, method
):
82 dev
.request("INTERWORKING_CONNECT " + bssid
)
83 interworking_ext_sim_auth(dev
, method
)
85 def interworking_ext_sim_auth(dev
, method
):
86 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
88 raise Exception("Network connected timed out")
89 if "(" + method
+ ")" not in ev
:
90 raise Exception("Unexpected EAP method selection")
92 ev
= dev
.wait_event(["CTRL-REQ-SIM"], timeout
=15)
94 raise Exception("Wait for external SIM processing request timed out")
96 if p
[1] != "GSM-AUTH":
97 raise Exception("Unexpected CTRL-REQ-SIM type")
98 id = p
[0].split('-')[3]
99 rand
= p
[2].split(' ')[0]
101 res
= subprocess
.check_output(["../../hostapd/hlr_auc_gw",
103 "auth_serv/hlr_auc_gw.milenage_db",
104 "GSM-AUTH-REQ 232010000000000 " + rand
])
105 if "GSM-AUTH-RESP" not in res
:
106 raise Exception("Unexpected hlr_auc_gw response")
107 resp
= res
.split(' ')[2].rstrip()
109 dev
.request("CTRL-RSP-SIM-" + id + ":GSM-AUTH:" + resp
)
110 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
112 raise Exception("Connection timed out")
114 def interworking_connect(dev
, bssid
, method
):
115 dev
.request("INTERWORKING_CONNECT " + bssid
)
116 interworking_auth(dev
, method
)
118 def interworking_auth(dev
, method
):
119 ev
= dev
.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
121 raise Exception("Network connected timed out")
122 if "(" + method
+ ")" not in ev
:
123 raise Exception("Unexpected EAP method selection")
125 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
127 raise Exception("Connection timed out")
129 def check_probe_resp(wt
, bssid_unexpected
, bssid_expected
):
131 count
= wt
.get_bss_counter("probe_response", bssid_unexpected
)
133 raise Exception("Unexpected Probe Response frame from AP")
136 count
= wt
.get_bss_counter("probe_response", bssid_expected
)
138 raise Exception("No Probe Response frame from AP")
140 def test_ap_anqp_sharing(dev
, apdev
):
141 """ANQP sharing within ESS and explicit unshare"""
142 bssid
= apdev
[0]['bssid']
143 params
= hs20_ap_params()
144 params
['hessid'] = bssid
145 hostapd
.add_ap(apdev
[0]['ifname'], params
)
147 bssid2
= apdev
[1]['bssid']
148 params
= hs20_ap_params()
149 params
['hessid'] = bssid
150 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ]
151 hostapd
.add_ap(apdev
[1]['ifname'], params
)
154 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
155 'password': "secret",
156 'domain': "example.com" })
157 logger
.info("Normal network selection with shared ANQP results")
158 interworking_select(dev
[0], None, "home", freq
="2412")
159 dev
[0].dump_monitor()
161 res1
= dev
[0].get_bss(bssid
)
162 res2
= dev
[0].get_bss(bssid2
)
163 if res1
['anqp_nai_realm'] != res2
['anqp_nai_realm']:
164 raise Exception("ANQP results were not shared between BSSes")
166 logger
.info("Explicit ANQP request to unshare ANQP results")
167 dev
[0].request("ANQP_GET " + bssid
+ " 263")
168 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
170 raise Exception("ANQP operation timed out")
172 dev
[0].request("ANQP_GET " + bssid2
+ " 263")
173 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
175 raise Exception("ANQP operation timed out")
177 res1
= dev
[0].get_bss(bssid
)
178 res2
= dev
[0].get_bss(bssid2
)
179 if res1
['anqp_nai_realm'] == res2
['anqp_nai_realm']:
180 raise Exception("ANQP results were not unshared")
182 def test_ap_nai_home_realm_query(dev
, apdev
):
183 """NAI Home Realm Query"""
184 bssid
= apdev
[0]['bssid']
185 params
= hs20_ap_params()
186 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
187 "0,another.example.org" ]
188 hostapd
.add_ap(apdev
[0]['ifname'], params
)
190 dev
[0].scan(freq
="2412")
191 dev
[0].request("HS20_GET_NAI_HOME_REALM_LIST " + bssid
+ " realm=example.com")
192 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
194 raise Exception("ANQP operation timed out")
195 nai1
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
196 dev
[0].dump_monitor()
198 dev
[0].request("ANQP_GET " + bssid
+ " 263")
199 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
201 raise Exception("ANQP operation timed out")
202 nai2
= dev
[0].get_bss(bssid
)['anqp_nai_realm']
204 if len(nai1
) >= len(nai2
):
205 raise Exception("Unexpected NAI Realm list response lengths")
206 if "example.com".encode('hex') not in nai1
:
207 raise Exception("Home realm not reported")
208 if "example.org".encode('hex') in nai1
:
209 raise Exception("Non-home realm reported")
210 if "example.com".encode('hex') not in nai2
:
211 raise Exception("Home realm not reported in wildcard query")
212 if "example.org".encode('hex') not in nai2
:
213 raise Exception("Non-home realm not reported in wildcard query ")
215 def test_ap_interworking_scan_filtering(dev
, apdev
):
216 """Interworking scan filtering with HESSID and access network type"""
217 bssid
= apdev
[0]['bssid']
218 params
= hs20_ap_params()
219 ssid
= "test-hs20-ap1"
220 params
['ssid'] = ssid
221 params
['hessid'] = bssid
222 hostapd
.add_ap(apdev
[0]['ifname'], params
)
224 bssid2
= apdev
[1]['bssid']
225 params
= hs20_ap_params()
226 ssid2
= "test-hs20-ap2"
227 params
['ssid'] = ssid2
228 params
['hessid'] = bssid2
229 params
['access_network_type'] = "1"
230 del params
['venue_group']
231 del params
['venue_type']
232 hostapd
.add_ap(apdev
[1]['ifname'], params
)
239 logger
.info("Check probe request filtering based on HESSID")
241 dev
[0].request("SET hessid " + bssid2
)
242 dev
[0].scan(freq
="2412")
244 check_probe_resp(wt
, bssid
, bssid2
)
246 logger
.info("Check probe request filtering based on access network type")
248 wt
.clear_bss_counters(bssid
)
249 wt
.clear_bss_counters(bssid2
)
250 dev
[0].request("SET hessid 00:00:00:00:00:00")
251 dev
[0].request("SET access_network_type 14")
252 dev
[0].scan(freq
="2412")
254 check_probe_resp(wt
, bssid2
, bssid
)
256 wt
.clear_bss_counters(bssid
)
257 wt
.clear_bss_counters(bssid2
)
258 dev
[0].request("SET hessid 00:00:00:00:00:00")
259 dev
[0].request("SET access_network_type 1")
260 dev
[0].scan(freq
="2412")
262 check_probe_resp(wt
, bssid
, bssid2
)
264 logger
.info("Check probe request filtering based on HESSID and ANT")
266 wt
.clear_bss_counters(bssid
)
267 wt
.clear_bss_counters(bssid2
)
268 dev
[0].request("SET hessid " + bssid
)
269 dev
[0].request("SET access_network_type 14")
270 dev
[0].scan(freq
="2412")
272 check_probe_resp(wt
, bssid2
, bssid
)
274 wt
.clear_bss_counters(bssid
)
275 wt
.clear_bss_counters(bssid2
)
276 dev
[0].request("SET hessid " + bssid2
)
277 dev
[0].request("SET access_network_type 14")
278 dev
[0].scan(freq
="2412")
280 check_probe_resp(wt
, bssid
, None)
281 check_probe_resp(wt
, bssid2
, None)
283 wt
.clear_bss_counters(bssid
)
284 wt
.clear_bss_counters(bssid2
)
285 dev
[0].request("SET hessid " + bssid
)
286 dev
[0].request("SET access_network_type 1")
287 dev
[0].scan(freq
="2412")
289 check_probe_resp(wt
, bssid
, None)
290 check_probe_resp(wt
, bssid2
, None)
292 def test_ap_hs20_select(dev
, apdev
):
293 """Hotspot 2.0 network selection"""
294 bssid
= apdev
[0]['bssid']
295 params
= hs20_ap_params()
296 params
['hessid'] = bssid
297 hostapd
.add_ap(apdev
[0]['ifname'], params
)
300 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
301 'password': "secret",
302 'domain': "example.com" })
303 interworking_select(dev
[0], bssid
, "home")
305 dev
[0].remove_cred(id)
306 id = dev
[0].add_cred_values({ 'realm': "example.com", 'username': "test",
307 'password': "secret",
308 'domain': "no.match.example.com" })
309 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
311 dev
[0].set_cred_quoted(id, "realm", "no.match.example.com");
312 interworking_select(dev
[0], bssid
, no_match
=True, freq
="2412")
314 bssid2
= apdev
[1]['bssid']
315 params
= hs20_ap_params()
316 params
['nai_realm'] = [ "0,example.org,21" ]
317 params
['hessid'] = bssid2
318 params
['domain_name'] = "example.org"
319 hostapd
.add_ap(apdev
[1]['ifname'], params
)
320 dev
[0].remove_cred(id)
321 id = dev
[0].add_cred_values({ 'realm': "example.org", 'username': "test",
322 'password': "secret",
323 'domain': "example.org" })
324 interworking_select(dev
[0], bssid2
, "home", freq
="2412")
326 def hs20_simulated_sim(dev
, ap
, method
):
328 params
= hs20_ap_params()
329 params
['hessid'] = bssid
330 params
['anqp_3gpp_cell_net'] = "555,444"
331 params
['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
332 hostapd
.add_ap(ap
['ifname'], params
)
335 dev
.add_cred_values({ 'imsi': "555444-333222111", 'eap': method
,
336 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
337 interworking_select(dev
, "home", freq
="2412")
338 interworking_connect(dev
, bssid
, method
)
339 check_sp_type(dev
, "home")
341 def test_ap_hs20_sim(dev
, apdev
):
342 """Hotspot 2.0 with simulated SIM and EAP-SIM"""
343 if not hlr_auc_gw_available():
345 hs20_simulated_sim(dev
[0], apdev
[0], "SIM")
347 def test_ap_hs20_aka(dev
, apdev
):
348 """Hotspot 2.0 with simulated USIM and EAP-AKA"""
349 if not hlr_auc_gw_available():
351 hs20_simulated_sim(dev
[0], apdev
[0], "AKA")
353 def test_ap_hs20_aka_prime(dev
, apdev
):
354 """Hotspot 2.0 with simulated USIM and EAP-AKA'"""
355 if not hlr_auc_gw_available():
357 hs20_simulated_sim(dev
[0], apdev
[0], "AKA'")
359 def test_ap_hs20_ext_sim(dev
, apdev
):
360 """Hotspot 2.0 with external SIM processing"""
361 if not hlr_auc_gw_available():
363 bssid
= apdev
[0]['bssid']
364 params
= hs20_ap_params()
365 params
['hessid'] = bssid
366 params
['anqp_3gpp_cell_net'] = "232,01"
367 params
['domain_name'] = "wlan.mnc001.mcc232.3gppnetwork.org"
368 hostapd
.add_ap(apdev
[0]['ifname'], params
)
371 dev
[0].request("SET external_sim 1")
372 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
373 interworking_select(dev
[0], "home", freq
="2412")
374 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
375 check_sp_type(dev
[0], "home")
377 def test_ap_hs20_ext_sim_roaming(dev
, apdev
):
378 """Hotspot 2.0 with external SIM processing in roaming network"""
379 if not hlr_auc_gw_available():
381 bssid
= apdev
[0]['bssid']
382 params
= hs20_ap_params()
383 params
['hessid'] = bssid
384 params
['anqp_3gpp_cell_net'] = "244,91;310,026;232,01;234,56"
385 params
['domain_name'] = "wlan.mnc091.mcc244.3gppnetwork.org"
386 hostapd
.add_ap(apdev
[0]['ifname'], params
)
389 dev
[0].request("SET external_sim 1")
390 dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
391 interworking_select(dev
[0], "roaming", freq
="2412")
392 interworking_ext_sim_connect(dev
[0], bssid
, "SIM")
393 check_sp_type(dev
[0], "roaming")
395 def test_ap_hs20_username(dev
, apdev
):
396 """Hotspot 2.0 connection in username/password credential"""
397 bssid
= apdev
[0]['bssid']
398 params
= hs20_ap_params()
399 params
['hessid'] = bssid
400 hostapd
.add_ap(apdev
[0]['ifname'], params
)
403 id = dev
[0].add_cred_values({ 'realm': "example.com",
404 'username': "hs20-test",
405 'password': "password",
406 'ca_cert': "auth_serv/ca.pem",
407 'domain': "example.com",
408 'update_identifier': "1234" })
409 interworking_select(dev
[0], bssid
, "home", freq
="2412")
410 interworking_connect(dev
[0], bssid
, "TTLS")
411 check_sp_type(dev
[0], "home")
412 status
= dev
[0].get_status()
413 if status
['pairwise_cipher'] != "CCMP":
414 raise Exception("Unexpected pairwise cipher")
415 if status
['hs20'] != "2":
416 raise Exception("Unexpected HS 2.0 support indication")
418 dev
[1].connect("test-hs20", key_mgmt
="WPA-EAP", eap
="TTLS",
419 identity
="hs20-test", password
="password",
420 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
423 def eap_test(dev
, ap
, eap_params
, method
, user
):
425 params
= hs20_ap_params()
426 params
['nai_realm'] = [ "0,example.com," + eap_params
]
427 hostapd
.add_ap(ap
['ifname'], params
)
430 dev
.add_cred_values({ 'realm': "example.com",
432 'password': "password" })
433 interworking_select(dev
, bssid
, freq
="2412")
434 interworking_connect(dev
, bssid
, method
)
436 def test_ap_hs20_eap_peap_mschapv2(dev
, apdev
):
437 """Hotspot 2.0 connection with PEAP/MSCHAPV2"""
438 eap_test(dev
[0], apdev
[0], "25[3:26]", "PEAP", "user")
440 def test_ap_hs20_eap_peap_gtc(dev
, apdev
):
441 """Hotspot 2.0 connection with PEAP/GTC"""
442 eap_test(dev
[0], apdev
[0], "25[3:6]", "PEAP", "user")
444 def test_ap_hs20_eap_ttls_chap(dev
, apdev
):
445 """Hotspot 2.0 connection with TTLS/CHAP"""
446 eap_test(dev
[0], apdev
[0], "21[2:2]", "TTLS", "chap user")
448 def test_ap_hs20_eap_ttls_mschap(dev
, apdev
):
449 """Hotspot 2.0 connection with TTLS/MSCHAP"""
450 eap_test(dev
[0], apdev
[0], "21[2:3]", "TTLS", "mschap user")
452 def test_ap_hs20_eap_ttls_eap_mschapv2(dev
, apdev
):
453 """Hotspot 2.0 connection with TTLS/EAP-MSCHAPv2"""
454 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
456 def test_ap_hs20_eap_fast_mschapv2(dev
, apdev
):
457 """Hotspot 2.0 connection with FAST/EAP-MSCHAPV2"""
458 eap_test(dev
[0], apdev
[0], "43[3:26]", "FAST", "user")
460 def test_ap_hs20_eap_fast_gtc(dev
, apdev
):
461 """Hotspot 2.0 connection with FAST/EAP-GTC"""
462 eap_test(dev
[0], apdev
[0], "43[3:6]", "FAST", "user")
464 def test_ap_hs20_eap_tls(dev
, apdev
):
465 """Hotspot 2.0 connection with EAP-TLS"""
466 bssid
= apdev
[0]['bssid']
467 params
= hs20_ap_params()
468 params
['nai_realm'] = [ "0,example.com,13[5:6]" ]
469 hostapd
.add_ap(apdev
[0]['ifname'], params
)
472 dev
[0].add_cred_values({ 'realm': "example.com",
473 'username': "certificate-user",
474 'ca_cert': "auth_serv/ca.pem",
475 'client_cert': "auth_serv/user.pem",
476 'private_key': "auth_serv/user.key"})
477 interworking_select(dev
[0], bssid
, freq
="2412")
478 interworking_connect(dev
[0], bssid
, "TLS")
480 def test_ap_hs20_nai_realms(dev
, apdev
):
481 """Hotspot 2.0 connection and multiple NAI realms and TTLS/PAP"""
482 bssid
= apdev
[0]['bssid']
483 params
= hs20_ap_params()
484 params
['hessid'] = bssid
485 params
['nai_realm'] = [ "0,no.match.here;example.com;no.match.here.either,21[2:1][5:7]" ]
486 hostapd
.add_ap(apdev
[0]['ifname'], params
)
489 id = dev
[0].add_cred_values({ 'realm': "example.com",
490 'username': "pap user",
491 'password': "password",
492 'domain': "example.com" })
493 interworking_select(dev
[0], bssid
, "home", freq
="2412")
494 interworking_connect(dev
[0], bssid
, "TTLS")
495 check_sp_type(dev
[0], "home")
497 def test_ap_hs20_roaming_consortium(dev
, apdev
):
498 """Hotspot 2.0 connection based on roaming consortium match"""
499 bssid
= apdev
[0]['bssid']
500 params
= hs20_ap_params()
501 params
['hessid'] = bssid
502 hostapd
.add_ap(apdev
[0]['ifname'], params
)
505 id = dev
[0].add_cred_values({ 'realm': "example.com",
507 'password': "password",
508 'domain': "example.com",
509 'roaming_consortium': "fedcba",
511 interworking_select(dev
[0], bssid
, "home", freq
="2412")
512 interworking_connect(dev
[0], bssid
, "PEAP")
513 check_sp_type(dev
[0], "home")
515 def test_ap_hs20_username_roaming(dev
, apdev
):
516 """Hotspot 2.0 connection in username/password credential (roaming)"""
517 bssid
= apdev
[0]['bssid']
518 params
= hs20_ap_params()
519 params
['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]",
520 "0,roaming.example.com,21[2:4][5:7]",
521 "0,another.example.com" ]
522 params
['domain_name'] = "another.example.com"
523 params
['hessid'] = bssid
524 hostapd
.add_ap(apdev
[0]['ifname'], params
)
527 id = dev
[0].add_cred_values({ 'realm': "roaming.example.com",
528 'username': "hs20-test",
529 'password': "password",
530 'domain': "example.com" })
531 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
532 interworking_connect(dev
[0], bssid
, "TTLS")
533 check_sp_type(dev
[0], "roaming")
535 def test_ap_hs20_username_unknown(dev
, apdev
):
536 """Hotspot 2.0 connection in username/password credential (no domain in cred)"""
537 bssid
= apdev
[0]['bssid']
538 params
= hs20_ap_params()
539 params
['hessid'] = bssid
540 hostapd
.add_ap(apdev
[0]['ifname'], params
)
543 id = dev
[0].add_cred_values({ 'realm': "example.com",
544 'username': "hs20-test",
545 'password': "password" })
546 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
547 interworking_connect(dev
[0], bssid
, "TTLS")
548 check_sp_type(dev
[0], "unknown")
550 def test_ap_hs20_username_unknown2(dev
, apdev
):
551 """Hotspot 2.0 connection in username/password credential (no domain advertized)"""
552 bssid
= apdev
[0]['bssid']
553 params
= hs20_ap_params()
554 params
['hessid'] = bssid
555 del params
['domain_name']
556 hostapd
.add_ap(apdev
[0]['ifname'], params
)
559 id = dev
[0].add_cred_values({ 'realm': "example.com",
560 'username': "hs20-test",
561 'password': "password",
562 'domain': "example.com" })
563 interworking_select(dev
[0], bssid
, "unknown", freq
="2412")
564 interworking_connect(dev
[0], bssid
, "TTLS")
565 check_sp_type(dev
[0], "unknown")
567 def test_ap_hs20_gas_while_associated(dev
, apdev
):
568 """Hotspot 2.0 connection with GAS query while associated"""
569 bssid
= apdev
[0]['bssid']
570 params
= hs20_ap_params()
571 params
['hessid'] = bssid
572 hostapd
.add_ap(apdev
[0]['ifname'], params
)
575 id = dev
[0].add_cred_values({ 'realm': "example.com",
576 'username': "hs20-test",
577 'password': "password",
578 'domain': "example.com" })
579 interworking_select(dev
[0], bssid
, "home", freq
="2412")
580 interworking_connect(dev
[0], bssid
, "TTLS")
582 logger
.info("Verifying GAS query while associated")
583 dev
[0].request("FETCH_ANQP")
584 for i
in range(0, 6):
585 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
587 raise Exception("Operation timed out")
589 def test_ap_hs20_gas_while_associated_with_pmf(dev
, apdev
):
590 """Hotspot 2.0 connection with GAS query while associated and using PMF"""
591 bssid
= apdev
[0]['bssid']
592 params
= hs20_ap_params()
593 params
['hessid'] = bssid
594 hostapd
.add_ap(apdev
[0]['ifname'], params
)
596 bssid2
= apdev
[1]['bssid']
597 params
= hs20_ap_params()
598 params
['hessid'] = bssid2
599 params
['nai_realm'] = [ "0,no-match.example.org,13[5:6],21[2:4][5:7]" ]
600 hostapd
.add_ap(apdev
[1]['ifname'], params
)
603 dev
[0].request("SET pmf 2")
604 id = dev
[0].add_cred_values({ 'realm': "example.com",
605 'username': "hs20-test",
606 'password': "password",
607 'domain': "example.com" })
608 interworking_select(dev
[0], bssid
, "home", freq
="2412")
609 interworking_connect(dev
[0], bssid
, "TTLS")
611 logger
.info("Verifying GAS query while associated")
612 dev
[0].request("FETCH_ANQP")
613 for i
in range(0, 2 * 6):
614 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
616 raise Exception("Operation timed out")
618 def test_ap_hs20_gas_frag_while_associated(dev
, apdev
):
619 """Hotspot 2.0 connection with fragmented GAS query while associated"""
620 bssid
= apdev
[0]['bssid']
621 params
= hs20_ap_params()
622 params
['hessid'] = bssid
623 hostapd
.add_ap(apdev
[0]['ifname'], params
)
624 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
625 hapd
.set("gas_frag_limit", "50")
628 id = dev
[0].add_cred_values({ 'realm': "example.com",
629 'username': "hs20-test",
630 'password': "password",
631 'domain': "example.com" })
632 interworking_select(dev
[0], bssid
, "home", freq
="2412")
633 interworking_connect(dev
[0], bssid
, "TTLS")
635 logger
.info("Verifying GAS query while associated")
636 dev
[0].request("FETCH_ANQP")
637 for i
in range(0, 6):
638 ev
= dev
[0].wait_event(["RX-ANQP"], timeout
=5)
640 raise Exception("Operation timed out")
642 def test_ap_hs20_multiple_connects(dev
, apdev
):
643 """Hotspot 2.0 connection through multiple network selections"""
644 bssid
= apdev
[0]['bssid']
645 params
= hs20_ap_params()
646 params
['hessid'] = bssid
647 hostapd
.add_ap(apdev
[0]['ifname'], params
)
650 values
= { 'realm': "example.com",
651 'username': "hs20-test",
652 'password': "password",
653 'domain': "example.com" }
654 id = dev
[0].add_cred_values(values
)
656 for i
in range(0, 3):
657 logger
.info("Starting Interworking network selection")
658 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
660 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
661 "INTERWORKING-ALREADY-CONNECTED",
662 "CTRL-EVENT-CONNECTED"], timeout
=15)
664 raise Exception("Connection timed out")
665 if "INTERWORKING-NO-MATCH" in ev
:
666 raise Exception("Matching AP not found")
667 if "CTRL-EVENT-CONNECTED" in ev
:
669 if i
== 2 and "INTERWORKING-ALREADY-CONNECTED" in ev
:
672 dev
[0].request("DISCONNECT")
673 dev
[0].dump_monitor()
675 networks
= dev
[0].list_networks()
676 if len(networks
) > 1:
677 raise Exception("Duplicated network block detected")
679 def test_ap_hs20_disallow_aps(dev
, apdev
):
680 """Hotspot 2.0 connection and disallow_aps"""
681 bssid
= apdev
[0]['bssid']
682 params
= hs20_ap_params()
683 params
['hessid'] = bssid
684 hostapd
.add_ap(apdev
[0]['ifname'], params
)
687 values
= { 'realm': "example.com",
688 'username': "hs20-test",
689 'password': "password",
690 'domain': "example.com" }
691 id = dev
[0].add_cred_values(values
)
693 logger
.info("Verify disallow_aps bssid")
694 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
695 dev
[0].request("INTERWORKING_SELECT auto")
696 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
698 raise Exception("Network selection timed out")
699 dev
[0].dump_monitor()
701 logger
.info("Verify disallow_aps ssid")
702 dev
[0].request("SET disallow_aps ssid 746573742d68733230")
703 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
704 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH"], timeout
=15)
706 raise Exception("Network selection timed out")
707 dev
[0].dump_monitor()
709 logger
.info("Verify disallow_aps clear")
710 dev
[0].request("SET disallow_aps ")
711 interworking_select(dev
[0], bssid
, "home", freq
="2412")
713 dev
[0].request("SET disallow_aps bssid " + bssid
.translate(None, ':'))
714 ret
= dev
[0].request("INTERWORKING_CONNECT " + bssid
)
715 if "FAIL" not in ret
:
716 raise Exception("INTERWORKING_CONNECT to disallowed BSS not rejected")
718 def policy_test(dev
, ap
, values
, only_one
=True):
721 logger
.info("Verify network selection to AP " + ap
['ifname'])
724 logger
.info("Verify network selection")
727 id = dev
.add_cred_values(values
)
728 dev
.request("INTERWORKING_SELECT auto freq=2412")
731 ev
= dev
.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH",
732 "INTERWORKING-BLACKLISTED",
733 "INTERWORKING-SELECTED"], timeout
=15)
735 raise Exception("Network selection timed out")
737 if "INTERWORKING-NO-MATCH" in ev
:
738 raise Exception("Matching AP not found")
739 if bssid
and only_one
and "INTERWORKING-AP" in ev
and bssid
not in ev
:
740 raise Exception("Unexpected AP claimed acceptable")
741 if "INTERWORKING-SELECTED" in ev
:
742 if bssid
and bssid
not in ev
:
743 raise Exception("Selected incorrect BSS")
746 ev
= dev
.wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
748 raise Exception("Connection timed out")
749 if bssid
and bssid
not in ev
:
750 raise Exception("Connected to incorrect BSS")
752 conn_bssid
= dev
.get_status_field("bssid")
753 if bssid
and conn_bssid
!= bssid
:
754 raise Exception("bssid information points to incorrect BSS")
761 return { 'realm': "example.com",
762 'username': "hs20-test",
763 'password': "password" }
765 def test_ap_hs20_prefer_home(dev
, apdev
):
766 """Hotspot 2.0 required roaming consortium"""
767 params
= hs20_ap_params()
768 params
['domain_name'] = "example.org"
769 hostapd
.add_ap(apdev
[0]['ifname'], params
)
771 params
= hs20_ap_params()
772 params
['ssid'] = "test-hs20-other"
773 params
['domain_name'] = "example.com"
774 hostapd
.add_ap(apdev
[1]['ifname'], params
)
776 values
= default_cred()
777 values
['domain'] = "example.com"
778 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
779 values
['domain'] = "example.org"
780 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
782 def test_ap_hs20_req_roaming_consortium(dev
, apdev
):
783 """Hotspot 2.0 required roaming consortium"""
784 params
= hs20_ap_params()
785 hostapd
.add_ap(apdev
[0]['ifname'], params
)
787 params
= hs20_ap_params()
788 params
['ssid'] = "test-hs20-other"
789 params
['roaming_consortium'] = [ "223344" ]
790 hostapd
.add_ap(apdev
[1]['ifname'], params
)
792 values
= default_cred()
793 values
['required_roaming_consortium'] = "223344"
794 policy_test(dev
[0], apdev
[1], values
)
795 values
['required_roaming_consortium'] = "112233"
796 policy_test(dev
[0], apdev
[0], values
)
798 id = dev
[0].add_cred()
799 dev
[0].set_cred(id, "required_roaming_consortium", "112233")
800 dev
[0].set_cred(id, "required_roaming_consortium", "112233445566778899aabbccddeeff")
802 for val
in [ "", "1", "11", "1122", "1122334", "112233445566778899aabbccddeeff00" ]:
803 if "FAIL" not in dev
[0].request('SET_CRED {} required_roaming_consortium {}'.format(id, val
)):
804 raise Exception("Invalid roaming consortium value accepted: " + val
)
806 def test_ap_hs20_excluded_ssid(dev
, apdev
):
807 """Hotspot 2.0 exclusion based on SSID"""
808 params
= hs20_ap_params()
809 hostapd
.add_ap(apdev
[0]['ifname'], params
)
811 params
= hs20_ap_params()
812 params
['ssid'] = "test-hs20-other"
813 params
['roaming_consortium'] = [ "223344" ]
814 hostapd
.add_ap(apdev
[1]['ifname'], params
)
816 values
= default_cred()
817 values
['excluded_ssid'] = "test-hs20"
818 events
= policy_test(dev
[0], apdev
[1], values
)
819 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[0]['bssid'] in e
]
821 raise Exception("Excluded network not reported")
822 values
['excluded_ssid'] = "test-hs20-other"
823 events
= policy_test(dev
[0], apdev
[0], values
)
824 ev
= [e
for e
in events
if "INTERWORKING-BLACKLISTED " + apdev
[1]['bssid'] in e
]
826 raise Exception("Excluded network not reported")
828 def test_ap_hs20_roam_to_higher_prio(dev
, apdev
):
829 """Hotspot 2.0 and roaming from current to higher priority network"""
830 bssid
= apdev
[0]['bssid']
831 params
= hs20_ap_params(ssid
="test-hs20-visited")
832 params
['domain_name'] = "visited.example.org"
833 hostapd
.add_ap(apdev
[0]['ifname'], params
)
836 id = dev
[0].add_cred_values({ 'realm': "example.com",
837 'username': "hs20-test",
838 'password': "password",
839 'domain': "example.com" })
840 logger
.info("Connect to the only network option")
841 interworking_select(dev
[0], bssid
, "roaming", freq
="2412")
842 dev
[0].dump_monitor()
843 interworking_connect(dev
[0], bssid
, "TTLS")
845 logger
.info("Start another AP (home operator) and reconnect")
846 bssid2
= apdev
[1]['bssid']
847 params
= hs20_ap_params(ssid
="test-hs20-home")
848 params
['domain_name'] = "example.com"
849 hostapd
.add_ap(apdev
[1]['ifname'], params
)
851 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
852 ev
= dev
[0].wait_event(["INTERWORKING-NO-MATCH",
853 "INTERWORKING-ALREADY-CONNECTED",
854 "CTRL-EVENT-CONNECTED"], timeout
=15)
856 raise Exception("Connection timed out")
857 if "INTERWORKING-NO-MATCH" in ev
:
858 raise Exception("Matching AP not found")
859 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
860 raise Exception("Unexpected AP selected")
862 raise Exception("Unexpected BSSID after reconnection")
864 def test_ap_hs20_domain_suffix_match(dev
, apdev
):
865 """Hotspot 2.0 and domain_suffix_match"""
866 bssid
= apdev
[0]['bssid']
867 params
= hs20_ap_params()
868 hostapd
.add_ap(apdev
[0]['ifname'], params
)
871 id = dev
[0].add_cred_values({ 'realm': "example.com",
872 'username': "hs20-test",
873 'password': "password",
874 'domain': "example.com",
875 'domain_suffix_match': "w1.fi" })
876 interworking_select(dev
[0], bssid
, "home", freq
="2412")
877 dev
[0].dump_monitor()
878 interworking_connect(dev
[0], bssid
, "TTLS")
879 dev
[0].request("REMOVE_NETWORK all")
880 dev
[0].dump_monitor()
882 dev
[0].set_cred_quoted(id, "domain_suffix_match", "no-match.example.com")
883 interworking_select(dev
[0], bssid
, "home", freq
="2412")
884 dev
[0].dump_monitor()
885 dev
[0].request("INTERWORKING_CONNECT " + bssid
)
886 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"])
888 raise Exception("TLS certificate error not reported")
889 if "Domain suffix mismatch" not in ev
:
890 raise Exception("Domain suffix mismatch not reported")
892 def test_ap_hs20_roaming_partner_preference(dev
, apdev
):
893 """Hotspot 2.0 and roaming partner preference"""
894 params
= hs20_ap_params()
895 params
['domain_name'] = "roaming.example.org"
896 hostapd
.add_ap(apdev
[0]['ifname'], params
)
898 params
= hs20_ap_params()
899 params
['ssid'] = "test-hs20-other"
900 params
['domain_name'] = "roaming.example.net"
901 hostapd
.add_ap(apdev
[1]['ifname'], params
)
903 logger
.info("Verify default vs. specified preference")
904 values
= default_cred()
905 values
['roaming_partner'] = "roaming.example.net,1,127,*"
906 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
907 values
['roaming_partner'] = "roaming.example.net,1,129,*"
908 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
910 logger
.info("Verify partial FQDN match")
911 values
['roaming_partner'] = "example.net,0,0,*"
912 policy_test(dev
[0], apdev
[1], values
, only_one
=False)
913 values
['roaming_partner'] = "example.net,0,255,*"
914 policy_test(dev
[0], apdev
[0], values
, only_one
=False)
916 def test_ap_hs20_max_bss_load(dev
, apdev
):
917 """Hotspot 2.0 and maximum BSS load"""
918 params
= hs20_ap_params()
919 params
['bss_load_test'] = "12:200:20000"
920 hostapd
.add_ap(apdev
[0]['ifname'], params
)
922 params
= hs20_ap_params()
923 params
['ssid'] = "test-hs20-other"
924 params
['bss_load_test'] = "5:20:10000"
925 hostapd
.add_ap(apdev
[1]['ifname'], params
)
927 logger
.info("Verify maximum BSS load constraint")
928 values
= default_cred()
929 values
['domain'] = "example.com"
930 values
['max_bss_load'] = "100"
931 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
933 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
934 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
935 raise Exception("Maximum BSS Load case not noticed")
936 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
937 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
938 raise Exception("Maximum BSS Load case reported incorrectly")
940 logger
.info("Verify maximum BSS load does not prevent connection")
941 values
['max_bss_load'] = "1"
942 events
= policy_test(dev
[0], None, values
)
944 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
945 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
946 raise Exception("Maximum BSS Load case not noticed")
947 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
948 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
949 raise Exception("Maximum BSS Load case not noticed")
951 def test_ap_hs20_max_bss_load2(dev
, apdev
):
952 """Hotspot 2.0 and maximum BSS load with one AP not advertising"""
953 params
= hs20_ap_params()
954 params
['bss_load_test'] = "12:200:20000"
955 hostapd
.add_ap(apdev
[0]['ifname'], params
)
957 params
= hs20_ap_params()
958 params
['ssid'] = "test-hs20-other"
959 hostapd
.add_ap(apdev
[1]['ifname'], params
)
961 logger
.info("Verify maximum BSS load constraint with AP advertisement")
962 values
= default_cred()
963 values
['domain'] = "example.com"
964 values
['max_bss_load'] = "100"
965 events
= policy_test(dev
[0], apdev
[1], values
, only_one
=False)
967 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[0]['bssid'] in e
]
968 if len(ev
) != 1 or "over_max_bss_load=1" not in ev
[0]:
969 raise Exception("Maximum BSS Load case not noticed")
970 ev
= [e
for e
in events
if "INTERWORKING-AP " + apdev
[1]['bssid'] in e
]
971 if len(ev
) != 1 or "over_max_bss_load=1" in ev
[0]:
972 raise Exception("Maximum BSS Load case reported incorrectly")
974 def test_ap_hs20_multi_cred_sp_prio(dev
, apdev
):
975 """Hotspot 2.0 multi-cred sp_priority"""
976 if not hlr_auc_gw_available():
978 bssid
= apdev
[0]['bssid']
979 params
= hs20_ap_params()
980 params
['hessid'] = bssid
981 del params
['domain_name']
982 params
['anqp_3gpp_cell_net'] = "232,01"
983 hostapd
.add_ap(apdev
[0]['ifname'], params
)
986 dev
[0].request("SET external_sim 1")
987 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
988 'provisioning_sp': "example.com",
989 'sp_priority' :"1" })
990 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
991 'username': "hs20-test",
992 'password': "password",
993 'domain': "example.com",
994 'provisioning_sp': "example.com",
995 'sp_priority': "2" })
996 dev
[0].dump_monitor()
997 dev
[0].request("INTERWORKING_SELECT auto")
998 interworking_ext_sim_auth(dev
[0], "SIM")
999 check_sp_type(dev
[0], "unknown")
1000 dev
[0].request("REMOVE_NETWORK all")
1002 dev
[0].set_cred(id1
, "sp_priority", "2")
1003 dev
[0].set_cred(id2
, "sp_priority", "1")
1004 dev
[0].dump_monitor()
1005 dev
[0].request("INTERWORKING_SELECT auto")
1006 interworking_auth(dev
[0], "TTLS")
1007 check_sp_type(dev
[0], "unknown")
1009 def test_ap_hs20_multi_cred_sp_prio2(dev
, apdev
):
1010 """Hotspot 2.0 multi-cred sp_priority with two BSSes"""
1011 if not hlr_auc_gw_available():
1013 bssid
= apdev
[0]['bssid']
1014 params
= hs20_ap_params()
1015 params
['hessid'] = bssid
1016 del params
['nai_realm']
1017 del params
['domain_name']
1018 params
['anqp_3gpp_cell_net'] = "232,01"
1019 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1021 bssid2
= apdev
[1]['bssid']
1022 params
= hs20_ap_params()
1023 params
['ssid'] = "test-hs20-other"
1024 params
['hessid'] = bssid2
1025 del params
['domain_name']
1026 del params
['anqp_3gpp_cell_net']
1027 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1029 dev
[0].hs20_enable()
1030 dev
[0].request("SET external_sim 1")
1031 id1
= dev
[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
1032 'provisioning_sp': "example.com",
1033 'sp_priority': "1" })
1034 id2
= dev
[0].add_cred_values({ 'realm': "example.com",
1035 'username': "hs20-test",
1036 'password': "password",
1037 'domain': "example.com",
1038 'provisioning_sp': "example.com",
1039 'sp_priority': "2" })
1040 dev
[0].dump_monitor()
1041 dev
[0].request("INTERWORKING_SELECT auto")
1042 interworking_ext_sim_auth(dev
[0], "SIM")
1043 check_sp_type(dev
[0], "unknown")
1044 conn_bssid
= dev
[0].get_status_field("bssid")
1045 if conn_bssid
!= bssid
:
1046 raise Exception("Connected to incorrect BSS")
1047 dev
[0].request("REMOVE_NETWORK all")
1049 dev
[0].set_cred(id1
, "sp_priority", "2")
1050 dev
[0].set_cred(id2
, "sp_priority", "1")
1051 dev
[0].dump_monitor()
1052 dev
[0].request("INTERWORKING_SELECT auto")
1053 interworking_auth(dev
[0], "TTLS")
1054 check_sp_type(dev
[0], "unknown")
1055 conn_bssid
= dev
[0].get_status_field("bssid")
1056 if conn_bssid
!= bssid2
:
1057 raise Exception("Connected to incorrect BSS")
1059 def test_ap_hs20_req_conn_capab(dev
, apdev
):
1060 """Hotspot 2.0 network selection with req_conn_capab"""
1061 bssid
= apdev
[0]['bssid']
1062 params
= hs20_ap_params()
1063 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1065 dev
[0].hs20_enable()
1066 logger
.info("Not used in home network")
1067 id = dev
[0].add_cred_values({ 'realm': "example.com",
1068 'username': "hs20-test",
1069 'password': "password",
1070 'domain': "example.com",
1071 'req_conn_capab': "6:1234" })
1072 dev
[0].request("INTERWORKING_SELECT freq=2412")
1073 ev
= dev
[0].wait_event(["INTERWORKING-AP"])
1075 raise Exception("Network selection timed out");
1076 if "type=home" not in ev
:
1077 raise Exception("Unexpected network type")
1078 if "conn_capab_missing=1" in ev
:
1079 raise Exception("req_conn_capab used in home network")
1081 logger
.info("Used in roaming network")
1082 dev
[0].remove_cred(id)
1083 id = dev
[0].add_cred_values({ 'realm': "example.com",
1084 'username': "hs20-test",
1085 'password': "password",
1086 'domain': "example.org",
1087 'req_conn_capab': "6:1234" })
1088 dev
[0].request("INTERWORKING_SELECT freq=2412")
1089 ev
= dev
[0].wait_event(["INTERWORKING-AP"])
1091 raise Exception("Network selection timed out");
1092 if "type=roaming" not in ev
:
1093 raise Exception("Unexpected network type")
1094 if "conn_capab_missing=1" not in ev
:
1095 raise Exception("Missing conn_capab not reported")
1097 logger
.info("Verify that req_conn_capab does not prevent connection if no other network is available")
1098 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1099 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1101 raise Exception("Connection timed out")
1103 def test_ap_hs20_deauth_req_ess(dev
, apdev
):
1104 """Hotspot 2.0 connection and deauthentication request for ESS"""
1105 dev
[0].request("SET pmf 2")
1106 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1107 dev
[0].dump_monitor()
1108 addr
= dev
[0].p2p_interface_addr()
1109 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1110 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 1 120 http://example.com/")
1111 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1113 raise Exception("Timeout on deauth imminent notice")
1114 if "1 120 http://example.com/" not in ev
:
1115 raise Exception("Unexpected deauth imminent notice: " + ev
)
1116 hapd
.request("DEAUTHENTICATE " + addr
)
1117 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1119 raise Exception("Timeout on disconnection")
1120 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1121 "Trying to associate",
1122 "CTRL-EVENT-CONNECTED"], timeout
=5)
1124 raise Exception("Unexpected connection attempt")
1126 def test_ap_hs20_deauth_req_bss(dev
, apdev
):
1127 """Hotspot 2.0 connection and deauthentication request for BSS"""
1128 dev
[0].request("SET pmf 2")
1129 eap_test(dev
[0], apdev
[0], "21[3:26]", "TTLS", "user")
1130 dev
[0].dump_monitor()
1131 addr
= dev
[0].p2p_interface_addr()
1132 hapd
= hostapd
.Hostapd(apdev
[0]['ifname'])
1133 hapd
.request("HS20_DEAUTH_REQ " + addr
+ " 0 120 http://example.com/")
1134 ev
= dev
[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"])
1136 raise Exception("Timeout on deauth imminent notice")
1137 if "0 120 http://example.com/" not in ev
:
1138 raise Exception("Unexpected deauth imminent notice: " + ev
)
1139 hapd
.request("DEAUTHENTICATE " + addr
+ " reason=4")
1140 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
1142 raise Exception("Timeout on disconnection")
1143 if "reason=4" not in ev
:
1144 raise Exception("Unexpected disconnection reason")
1145 ev
= dev
[0].wait_event(["SME: Trying to authenticate",
1146 "Trying to associate",
1147 "CTRL-EVENT-CONNECTED"], timeout
=5)
1149 raise Exception("Unexpected connection attempt")
1151 def test_ap_hs20_osen(dev
, apdev
):
1152 """Hotspot 2.0 OSEN connection"""
1153 params
= { 'ssid': "osen",
1155 'auth_server_addr': "127.0.0.1",
1156 'auth_server_port': "1812",
1157 'auth_server_shared_secret': "radius" }
1158 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1160 dev
[0].connect("osen", proto
="OSEN", key_mgmt
="OSEN", pairwise
="CCMP",
1161 group
="GTK_NOT_USED",
1162 eap
="WFA-UNAUTH-TLS", identity
="osen@example.com",
1163 ca_cert
="auth_serv/ca.pem",
1166 def test_ap_hs20_network_preference(dev
, apdev
):
1167 """Hotspot 2.0 network selection with preferred home network"""
1168 bssid
= apdev
[0]['bssid']
1169 params
= hs20_ap_params()
1170 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1172 dev
[0].hs20_enable()
1173 values
= { 'realm': "example.com",
1174 'username': "hs20-test",
1175 'password': "password",
1176 'domain': "example.com" }
1177 dev
[0].add_cred_values(values
)
1179 id = dev
[0].add_network()
1180 dev
[0].set_network_quoted(id, "ssid", "home")
1181 dev
[0].set_network_quoted(id, "psk", "12345678")
1182 dev
[0].set_network(id, "priority", "1")
1183 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1185 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1186 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1188 raise Exception("Connection timed out")
1190 raise Exception("Unexpected network selected")
1192 bssid2
= apdev
[1]['bssid']
1193 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1194 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1196 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1197 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1198 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1200 raise Exception("Connection timed out")
1201 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1202 raise Exception("No roam to higher priority network")
1203 if bssid2
not in ev
:
1204 raise Exception("Unexpected network selected")
1206 def test_ap_hs20_network_preference2(dev
, apdev
):
1207 """Hotspot 2.0 network selection with preferred credential"""
1208 bssid2
= apdev
[1]['bssid']
1209 params
= hostapd
.wpa2_params(ssid
="home", passphrase
="12345678")
1210 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1212 dev
[0].hs20_enable()
1213 values
= { 'realm': "example.com",
1214 'username': "hs20-test",
1215 'password': "password",
1216 'domain': "example.com",
1218 dev
[0].add_cred_values(values
)
1220 id = dev
[0].add_network()
1221 dev
[0].set_network_quoted(id, "ssid", "home")
1222 dev
[0].set_network_quoted(id, "psk", "12345678")
1223 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
1225 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1226 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1228 raise Exception("Connection timed out")
1229 if bssid2
not in ev
:
1230 raise Exception("Unexpected network selected")
1232 bssid
= apdev
[0]['bssid']
1233 params
= hs20_ap_params()
1234 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1236 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1237 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1238 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1240 raise Exception("Connection timed out")
1241 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1242 raise Exception("No roam to higher priority network")
1244 raise Exception("Unexpected network selected")
1246 def test_ap_hs20_network_preference3(dev
, apdev
):
1247 """Hotspot 2.0 network selection with two credential (one preferred)"""
1248 bssid
= apdev
[0]['bssid']
1249 params
= hs20_ap_params()
1250 hostapd
.add_ap(apdev
[0]['ifname'], params
)
1252 bssid2
= apdev
[1]['bssid']
1253 params
= hs20_ap_params(ssid
="test-hs20b")
1254 params
['nai_realm'] = "0,example.org,13[5:6],21[2:4][5:7]"
1255 hostapd
.add_ap(apdev
[1]['ifname'], params
)
1257 dev
[0].hs20_enable()
1258 values
= { 'realm': "example.com",
1259 'username': "hs20-test",
1260 'password': "password",
1262 dev
[0].add_cred_values(values
)
1263 values
= { 'realm': "example.org",
1264 'username': "hs20-test",
1265 'password': "password" }
1266 id = dev
[0].add_cred_values(values
)
1268 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1269 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout
=15)
1271 raise Exception("Connection timed out")
1273 raise Exception("Unexpected network selected")
1275 dev
[0].set_cred(id, "priority", "2")
1276 dev
[0].request("INTERWORKING_SELECT auto freq=2412")
1277 ev
= dev
[0].wait_event(["CTRL-EVENT-CONNECTED",
1278 "INTERWORKING-ALREADY-CONNECTED" ], timeout
=15)
1280 raise Exception("Connection timed out")
1281 if "INTERWORKING-ALREADY-CONNECTED" in ev
:
1282 raise Exception("No roam to higher priority network")
1283 if bssid2
not in ev
:
1284 raise Exception("Unexpected network selected")