tests: EAP-TTLS anonymous realm in Phase 1 with Hotspot 2.0

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>

diff --git a/tests/hwsim/auth_serv/eap_user.conf b/tests/hwsim/auth_serv/eap_user.conf
index f35a64f6711376ccdbc6cd671fc6ce3ebc52da8a..738a50f70f5677814ceb385cace60f96b6344d88 100644 (file)
--- a/tests/hwsim/auth_serv/eap_user.conf
+++ b/tests/hwsim/auth_serv/eap_user.conf
@@ -134,6 +134,7 @@ radius_accept_attr=56:x:32000011
 "DOMAIN\mschapv2 user" TTLS-MSCHAPV2   hash:8846f7eaee8fb117ad06bdd830b7586c   [2]
 "mschapv2 user@domain" TTLS-MSCHAPV2   hash:8846f7eaee8fb117ad06bdd830b7586c   [2]
 "hs20-test"    TTLS-MSCHAPV2   "password"      [2]
+"hs20-test@inner.com"  TTLS-MSCHAPV2   "password2"     [2]
 "hs20-test-with-domain@example.com"    TTLS-MSCHAPV2   "password"      [2]
 "utf8-user"    TTLS-MSCHAPV2   "secret-åäö-€-password"    [2]
 "utf8-user-hash"       TTLS-MSCHAPV2   hash:bd5844fad2489992da7fe8c5a01559cf   [2]

diff --git a/tests/hwsim/test_ap_hs20.py b/tests/hwsim/test_ap_hs20.py
index a866f15cbd1ab65d4df2074da56400ef2ea50c10..6cd2918b21b0d4fb7a512696d5c1ab71a3e8f19b 100644 (file)
--- a/tests/hwsim/test_ap_hs20.py
+++ b/tests/hwsim/test_ap_hs20.py
@@ -684,7 +684,7 @@ def test_ap_hs20_username(dev, apdev):
     params = hs20_ap_params()
     params['hessid'] = bssid
     params['disable_dgaf'] = '1'
-    hostapd.add_ap(apdev[0], params)
+    hapd = hostapd.add_ap(apdev[0], params)
 
     dev[0].hs20_enable()
     id = dev[0].add_cred_values({'realm': "example.com",
@@ -701,12 +701,39 @@ def test_ap_hs20_username(dev, apdev):
         raise Exception("Unexpected pairwise cipher")
     if status['hs20'] != "3":
         raise Exception("Unexpected HS 2.0 support indication")
+    hapd.wait_sta()
+    sta = hapd.get_sta(dev[0].own_addr())
+    if sta['dot1xAuthSessionUserName'] != "anonymous@example.com":
+        raise Exception("Unexpected anonymous identity: " + sta['dot1xAuthSessionUserName'])
 
     dev[1].connect("test-hs20", key_mgmt="WPA-EAP", eap="TTLS",
                    identity="hs20-test", password="password",
                    ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2",
                    scan_freq="2412")
 
+def test_ap_hs20_username_with_realm(dev, apdev):
+    """Hotspot 2.0 connection in username-with-realm/password credential"""
+    check_eap_capa(dev[0], "MSCHAPV2")
+    bssid = apdev[0]['bssid']
+    params = hs20_ap_params()
+    params['hessid'] = bssid
+    params['disable_dgaf'] = '1'
+    hapd = hostapd.add_ap(apdev[0], params)
+
+    dev[0].hs20_enable()
+    id = dev[0].add_cred_values({'realm': "example.com",
+                                 'username': "hs20-test@inner.com",
+                                 'password': "password2",
+                                 'ca_cert': "auth_serv/ca.pem",
+                                 'domain': "example.com"})
+    interworking_select(dev[0], bssid, "home", freq="2412")
+    interworking_connect(dev[0], bssid, "TTLS")
+    check_sp_type(dev[0], "home")
+    hapd.wait_sta()
+    sta = hapd.get_sta(dev[0].own_addr())
+    if sta['dot1xAuthSessionUserName'] != "anonymous@example.com":
+        raise Exception("Unexpected anonymous identity: " + sta['dot1xAuthSessionUserName'])
+
 def test_ap_hs20_connect_api(dev, apdev):
     """Hotspot 2.0 connection with connect API"""
     check_eap_capa(dev[0], "MSCHAPV2")